Podcasts about first american financial corp

Odeta Kushi, deputy chief economist at First American Financial Corp., says she expects the housing market to remain sluggish for as mortgage rates remain above 6 percent; while she expects the Federal Reserve to cut rates during the second half of the year, she's not expecting conditions to change much. That said, she noted that First American's Housing Recession Indicator — based on the trends of eight economic variables — is not flashing red, largely because new home sales have remained strong enough to overcome the other headwinds that home builders are facing. David Trainer, founder and president, New Constructs, puts electric-vehicle maker Rivian back in the Danger Zone; the stock first appeared there as an IPO and is way down since, but Trainer questions whether there is any way to hit the brakes on what he sees as a slide that ends near zero. Lester Jones, chief economist for the National Beer Wholesalers Association, discusses the latest Beer Purchasers' Index, which is an economic buzzkill as it shows continued contraction as buyers are increasingly pessimistic about prospects for the summer and fall. Plus Chuck responds to two listeners concerned with the show's balance and — by revisiting one of last week's guests — provides a reminder that politics and portfolio strategies don't mix well.

Mark Fleming, chief economist at First American Financial Corp., says the big news on Wednesday was not that the Federal Reserve started a rate-cutting cycle, but that it appears that there could be additional, aggressive rate cuts that could take an additional 1.5 percentage points off rates over the next 15 months. That rate cutting, Fleming says, reduces the risk  of a deep recession, and the strength of the labor market also limits the possibility of a big decline. As a result, a year from now he expects to see a "lower mortgage rate, lower cost-of-credit rate environment -- with a relatively healthy economy, if not running at trend -- and low inflation," which he says would be a return to "normal." Todd Rosenbluth, head of research at VettaFi, looks at a fund saddled with keywords -- the WisdomTree International Hedged Quality Dividend Growth Fund -- and tells us which of those traits are so important now that the fund deserves to be ETF of the Week. Plus, in the Market Call, Dave Sekera, chief U.S. market strategist at Morningstar, talks fair-value investing and gives his take on how stocks will respond to the rate-cut environment.

We've got more data breaches and leaks to talk about. From an attack that targeted Microsoft corporate customers to one affecting three billion accounts, we look at how hackers and poor data security practices put people and their information at risk.See omnystudio.com/listener for privacy information.

On today's episode of Power House, we're bringing you a special feature in honor of International Women's Day, which was last Friday, March 8th, and Women's Month, which is the whole month of March. This special feature spotlights two industry powerhouses. HousingWire editor-in-chief Sarah Wheeler leads a conversation with First American Financial Corp. Deputy Chief Economist Odeta Kushi. During their conversation, Sarah and Odeta talk about home ownership among single, female heads of households, other demographic trends, and what's in store for the spring housing market. Here's a glimpse of what you'll learn: Single women home ownership has been on the rise, driven by higher educational attainment and earning power. The pandemic had a disproportionate impact on women's employment, but single women have shown resilience and financial growth. The spring home buying market is expected to be more moderate due to the lack of significant decline in mortgage rates. Inventory levels remain low, but even a slight increase can provide more options for potential buyers. Timing the housing market is challenging, and buyers need to focus on their own needs and affordability. Related to this episode: Connect with Odeta on LinkedIn First American The Gathering HousingWire on YouTube Enjoy the episode! The Power House podcast is a show about leadership, markets and entrepreneurship in the housing industry. Each Thursday, Clayton Collins speaks with CEOs and founders from the mortgage and real estate sector to reveal how housing executives think about business growth, operational strategy, and leadership. The Power House podcast reveals the full picture through the stories of the industry's most impactful leaders. Clayton Collins is the CEO of HousingWire, and the Power House podcast is produced by HousingWire's Content Studio. Initially launched in 2019 as the Housing News podcast, the show was relaunched as Power House in 2024. Learn more about your ad choices. Visit megaphone.fm/adchoices

On today's episode, Editor in Chief Sarah Wheeler talks with Odeta Kushi, deputy chief economist for First American Financial Corp., about homeownership among single, female-headed households, as well as what's in store for this spring market. Related to this episode: Connect with Odeta on LinkedIn First American The Gathering HousingWire's YouTube Channel Enjoy the episode! The HousingWire Daily podcast examines the most compelling articles reported across HW Media. Each morning, we provide our listeners with a deeper look into the stories coming across our newsrooms that are helping Move Markets Forward. Hosted and produced by the HW Media team. Learn more about your ad choices. Visit megaphone.fm/adchoices

Craig Callahan, chief executive officer at ICON Advisers, says that the stock market is close to its fair value right now, but that 'the expensive industries the way we measure value are leading and the bargains are lagging and very sluggish,' a situation that is unsustainable and that will lead to volatile, choppy, sideways markets for the next few months. Callahan says he is holding more cash than normal but he expects to be fully invested by the fall of 2023, when he expects the market to be 5 to 7 percent higher than it is today. Also on the show, Odeta Kushi, deputy chief economist at First American Financial Corp., discusses the 'golden handcuffs' that the rapid increase in mortgage rates have put on many long-time homeowners, locking them into their properties and altering the housing market's prospects in ways typically overlooked by buyers and sellers, Mark Hamrick, senior economic analyst at BankRate.com discusses the site's recent survey showing that a majority of Americans are considering job changes despite of or because of current economic uncertainties, and Chuck answers a listener question on how the government's debt-ceiling problems could affect investors in ultra-safe money-market funds.

David Trainer, president of New Constructs, says that while Robinhood Markets is down about 80 percent from its 52-week high and that it has room to go a lot lower, having burned through $3.5 billion in cash in the last 12 months, with just more than that amount left in cash on the books. Trainer put the company back into The Danger Zone, saying "We're really not sure what is going to prop this zombie stock up much longer ... '' even as "it is priced as if it is going to go to the moon." Also on the show, Mark Fleming, chief economist at First American Financial Corp., discusses the state of the housing market, noting that homeowners with fixed-rate mortgages aren't feeling the pinch of inflation, while homebuyers are being squeezed hard by it and home-sellers are watching markets change rapidly. Fleming thinks mortgage rates have "mostly found their new normal," noting that current levels of between 5 and 6 percent are in line with historic norms even if they are dramatically higher than consumers have been used to for the last decade or more. Chuck answers a listener's question about what to do with some cash now, and portfolio manager Jeff Muhlenkamp of the Muhlenkamp Fund makes his debut on the show, talking stocks in the Market Call.  

Jeffrey Hirsch, editor of the Stock trader's Almanac, says that history has shown that markets struggle in mid-term election years, particularly when the president is a first-term Democrat, and that coupled with rising inflation and interest rates, it should make for a market that struggles this year to achieve modest single-digit gains. Lawrence McMillan, president of McMillan Analysis says that the next move of the Standard and Poor's 500 -- whether it tops 4,800 or declines below 4,500 -- will go a long way to determine what the market is capable of this year; Mark Fleming, chief economist at First American Financial Corp. talks about the wild conditions of the housing market, but dispels much of the concern that rising mortgage rates will change them dramatically, and Alex Condrell of Cliffwater discusses how investments in middle-market corporate credit should overcome current conditions to generate something close to historic return levels of 9 percent.

Zach Jonson, chief investment officer at Stack Financial Management, says that the market is reaching all-time highs with 'weaker and weaker breadth and more narrow selectivity,' and that this dichotomy indicates that the risk of a correction is rising. Jonson says that investors who are significantly overweight in equities due to the market's hot run over the last year might want to pull back now to avoid a potential crunch as they watch this skirmish between the market's fundamentals and technicals play out. Also on the show, Nicholas Marshi, editor at BDCReporter.com, discusses the current earnings season and why he sees a 'golden age' ahead for business development companies, Odeta Kushi, deputy chief economist at First American Financial Corp. talks about the changing dynamics of the housing and real estate market, and Michael Robinson, chief technology strategist for Money Map Press, talks tech stocks in the Market Call.

Mark Fleming, chief economist at First American Financial Corp,, says that the increase in home prices is being fueled by low interest rates -- which increases purchasing power -- a lack of supply of homes and a generational shift of young families striving to get a home, all fundamental reasons for higher prices without actually inflating a bubble. Fleming also discusses why rising delinquencies aren't about to create a foreclosure boom, and much more in the Big Interview. Also on the show, Tom Lydon of ETFTrends.com makes a commodity fund his ETF of the Week, Randy Frederick of the  Schwab Center for Financial Research talks about a recent survey of traders and just how bullish shorter-term investors are, and Mike Liss of American Century Value fund discusses relative value investing  in the Market Call.

Mark Fleming, chief economist for First American Financial Corp., says that the real estate market will not be returning to 'normal' when the pandemic is done because it has been fundamentally changed by the way lives have been affected by work-from-home and other trends. Those issues led to a particularly strong year in 2020 and will contribute to another big year ahead, especially with the millennials aggressively moving into their home-ownership phases at a time when there is a low supply of available homes. Also on the show, Janice Quek of Left Brain Investment Research discusses Datadog, a stock that isn't part of the firm's recent cyber-security theme but which has similar growth characteristics and potential, JP Lee of Van Eck Vectors ETFs talks about the gaming and e-sports industries and Matt Schulz of CompareCards.com discusses where consumers went right and wrong with their savings and spending last year.

Pamela Woo, head of U.S. equities at BNP Paribas Asset Management, says that investors need to trust their allocations and plans while also looking for stocks that will come through the current recession positioned for a strong future. She expects to see a recovery that gets off to a hot start as the economy reawakens, but that won't recapture previous levels for e foreseeable future when the pandemic has ended. Also on the show, Matt Freund of the Calamos Long-Short Equity and Dynamic Income Fund on rebounding from the recent bottoms, Dan Zanger of ChartPattern.com talks about the value of technical analysis in unprecedented market times, and Mark Fleming, chief economist at First American Financial Corp., compares the way the real estate market is responding to conditions created by the coronavirus pandemic and the voluntary economic slowdown with the way it reacted to the 2008 financial crisis, which was triggered by problems in the housing and real estate sectors.

This year has had a number of data breaches much like every other year. But the biggest one so far this year has been the breach at the First American Financial Corp. A record of 885 million records were exposed online by the end May this year. The data was eventually taken offline that same day, but peoples bank account details, social security digits, wire transactions, and mortgage data were all easily accessible on the servers of this company. The upside to this is that this information was simply available on the First American’s Web site. Meaning that it was hard to tell if fraudsters were even aware of this. Indeed this particular breach of data wasn’t exactly an attack. Ben Shoval, a real-estate developer, was looking at the site and noticed the files were all available. He notified security reporter Brian Krebs who later contacted First American Corporation about the breach. He was notified that the exposure to data was likely due to a design defect from one of their production applications. Because it was something internal, the chances that data was leveraged is much lower. Regardless, even if no real damages stemmed from this, there is still much to learn. If you ever notice something unusual, make a point of bringing it up. Especially if it's something to do with your own bank. While banks certainly put an effort to have the tightest security around, mishaps happen.

This year has had a number of data breaches much like every other year. But the biggest one so far this year has been the breach at the First American Financial Corp. A record of 885 million records were exposed online by the end May this year. The data was eventually taken offline that same day, but peoples bank account details, social security digits, wire transactions, and mortgage data were all easily accessible on the servers of this company. The upside to this is that this information was simply available on the First American’s Web site. Meaning that it was hard to tell if fraudsters were even aware of this. Indeed this particular breach of data wasn’t exactly an attack. Ben Shoval, a real-estate developer, was looking at the site and noticed the files were all available. He notified security reporter Brian Krebs who later contacted First American Corporation about the breach. He was notified that the exposure to data was likely due to a design defect from one of their production applications. Because it was something internal, the chances that data was leveraged is much lower. Regardless, even if no real damages stemmed from this, there is still much to learn. If you ever notice something unusual, make a point of bringing it up. Especially if it's something to do with your own bank. While banks certainly put an effort to have the tightest security around, mishaps happen.

Harrison is back! Alex and Christian join this week to discuss how Black Hat and DEFCON went last week, analyze the irregularities of the dark web criminal market, Nightmare, and explore the story reported by Krebs on the SEC investigation into the data leak at First American Financial Corp. Shout-out to all of our new listeners - thanks for your interest and let us know what we can do to continue improving the podcast! Check out the blog on Nightmare Market at https://www.digitalshadows.com/blog-and-research/fresh-blow-for-dark-web-markets-nightmare-market-in-disarray/ KrebsonSecurity article: https://krebsonsecurity.com/tag/first-american-financial-corp/ Find the full intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-08-aug-15-aug-2019

I am planning a Security Summer for my listeners.  I will have some free courses.  I will also introduce you to some of the software that I use for my clients and how you can use it too.  So watch out for announcements on those. Is our society changing? What part is social media playing? Listen in today for more on this. What can Open Source do for you? Why Open Source may change your life. More on this today. Are we really ready for Autonomous Cars? or Is the technology expected to perform faster than it is actually ready?  Interesting questions we will be discussing today. What is going on with Google?  G-Suite and Titan are both having issues. Microsoft has another problem and it is a big one. More on this. Do you have a Mortgage?  You need to hear this! For more tech tips, news, and updates visit - CraigPeterson.com --- Transcript:  Below is a rush transcript of this segment; it might contain errors. Airing date: 06/01/2019 Cyberbullying, Security summer free courses, First American Hack, Google Bluetooth titan hijacking ---- Hello, everybody, Craig Peterson here. We have ignition and boy do we have a show for today and then some. You know a little bit about cyberbullying, I am sure. Well, I'm going to tell you about something that I experienced this weekend, something that your kids may be experiencing in a much more critical way. You know, we mentioned last week about the suicides and tied into this Netflix show. Well, we'll get into this a little bit more. For those of you who are wondering how software is getting developed, nowadays and what you might want to do for your business for software development. We'll talk a little bit about GitHub and this whole open source revolution and how It has come into the mainstream, now. We have some security warnings from our friends at Google. A massive hack. I don't think I saw this anywhere. Frankly, we'll talk about what Krebs on security had to say about this. Tesla. Got to throw this in because what's a week without talking about Elon Musk. Consumer Reports is calling the automatic lane change feature on Tesla's navigate on autopilot, far less competent than a human driver. So, it kind of makes you wonder, should we be messing with this? Is this the right thing to do? Frankly, I think it's an excellent question. Well, I commented last weekend in one of the articles up on the website, and as you know, I post articles every week. It's usually just a real quick synopsis of like the first couple of sentences from the article, and then I'll give you a link to it. However, this last week, really, for the first time in a couple of years, we sat down and wrote some articles. We had mentioned something because again, I select the pieces that I am going to cover.  I go through what the strategy is with my team and talk about the salient and essential points, and then they go off and write the article. So, this particular one was about anonymous, and it's still up on the website. And we take those articles, and we tweet them, we put them up on the social media sites as well.  Well, the guy that we had mentioned in the web article claimed to be part of the hacking group Anonymous. He spent time in prison because of some of his activities, and he was a little miffed with me. So I got a little bit of a whiff of him not being pleased about me and what I said in that article. I thought that it was rather interesting because this is the first real hater I've had in quite a while, frankly.  Well, I've got to tell you, this feeling I had in my gut was, you know, people describe this, this feeling of butterflies and things and here, I was wondering, what did I do? What did I do to hurt this guy's feelings? Or, what, right.  I can only describe it as a Wow thing. Well, in reading a little bit further into what he had said was that the that he remembers, I think it was in his warrant, it mentioned the FBI infragard program. And I'm an infragard member. He probably looked me up, and I'm easy to find after seeing the article, which was perhaps triggered by a Google search or maybe a Twitter search or something. And that made me feel a little bit better. But man, brought back all the feelings of the first time there was an attack on my systems.  And that was again, you might remember in the early 90s. And I had these questions running through my mind, what should I do? How do I do it? How do I respond? What? What's going on? I remember when I discovered the hack, who do I call, right? What do I do? And what's going to happen, Right? In my case, it's what's going to happen to everything that I have built, right? Here I am sitting there with a company that I had founded years before, and remember it's the early 90s and I was still a relatively young guy. But I'd been working on this company for over a decade by that point in time. And that feeling I had could only be described as horrendous. It was quite something, and it reminded me of this by having this guy from anonymous, you know, going after me kind of the cyberbullying thing, right? Hey, they're not sitting there trying to wait around for any logic or reasoning or anything else. It is a type what you feel without thinking reaction. Think about people that you've had to deal with probably yourself before. So what do you do? Well, that made me do a little bit of re-evaluation, you guys know, if you listen to the show, for a long time that I do a lot of training, I offer a lot of free training for people on cybersecurity. And just thinking back again, made me remember helped me and let me just put it that in perspective. Remember, that feeling I had in my gut when my first hack attack occurred.  When I realized someone had violated my trust, someone had broken in. Someone was potentially going to take my entire business away from me. How helpless I felt, and I had no idea what to do. Questions like: What should I do?, How can I do it?,  Who do I call?, What's going to happen to my business?, What's going to happen with my clients?. Of course, that was almost 30 years ago now. But this brought all those feelings back. So here's what I'm going to do for everybody out there. Because I know I'm not alone. Some of you are maybe 30-40 years behind me on this journey. I admit I was a pioneer out there. I got arrows in my back, right? I was out there on the Internet early, getting people online, when it was first legal to do so. I was one of the very first people. You weren't, Okay, I understand. You were running a business, and maybe you were not even born yet, okay. But I am committing now to build what I'm calling a security summer. And the idea is that throughout the summer, and I'm probably not going to be able to start this until late June, early July. But throughout the summer, I'm going to offer a course. So you know you know what to do, and you'll know how to protect yourself, right? Because you have to start at the beginning, before the bad guys get in, how to detect it, once they are in what to do about it, the forensic analysis that you're going to have to do after the fact, to clean this thing up, right? I don't want you to have that feeling in your gut that I had before. Thirty years ago, when my first hack happened. I've had a couple of times since and not nearly as dramatic, okay. Because I had dealt with it before and I knew what to do. I had moved into a position where I was pretty much at the forefront at the time in security. But then I went on to run my business. But I don't want you to have that feeling your gut. Right? What do you do? I am sure some of you have had it before. I know you've come into the office in the morning, the computers aren't working. And your first reaction is there in your gut.  Your first thought is -- Oh my gosh, what do I do now? Then that turns into anger. It's anger towards your vendors. Right? Well, I have Norton. I bought that Sonic wall. How did this happen? I should be all set, right. And so now you get on the phone, and you start yelling at vendors, you start yelling at your people who are supposed to be taking care of the IT side. I don't want you to feel that way. We're going to have some free pieces of training this summer. If you're interested, send me an email, and let me know what security subject you're particularly interested in having me cover. That I can make sure we have some free training for you on that during the summer. I want to make it a summer of security. It's our security summer. Brought to you by Craig Peterson, my team and I am getting to work on it, as we speak. My wife is going to put her heart and soul into this effort.  I think I know what you need, and I think I know what you want, but it is essential to hear from you so that I can give you what you feel you need. So, email me at Craigpeterson.com Craig Peterson. com. We're also going to be talking about it on this radio show on these podcasts and on YouTube side, etc., etc. I got my first real hater this week in a long time. And it brought back memories and made me more determined to help you guys out. So, What was one of the first things I did.  I shut down my website and made sure everything was patched up, right? Because I didn't want him to try and hack into my site. After all, anonymous is a hacktivist group, and that's what they do. So, that's what I'm going to do for you guys. We're going to have a security summer this year. Okay, so let's get into a couple more of these articles before I run out of time. This one, I thought it was just totally appropriate. I got a couple of articles that are appropriate for this week, and you'll see those up on my website, and one or two of these articles were written up with my team.  My wife does a lot of this stuff too. So, kudos to her. You will find these up on craigpeterson.com, This is from an article that initially appeared in Pro Publica, and I found it on Ars Technica myself.  It is a fascinating article and written by a couple of people here, Renee Dudley and Jeff Cow. It's talking about the some of these companies here in the US that you can hire to help you out of ransomware, tight spot. Think about some of these we have read about, lately, The city of Atlanta, Georgia,  Newark, New Jersey, the Port of San Diego, Hollywood Presbyterian Medical Center in LA. Atlanta, online water service requests and billing systems were down for over a month. Colorado Department of Transportation, they called in the National Guard, all because of cyber attacks. Apparently what has happened here is that the companies and in these cases, government institutions and hospitals, went to professionals and said, hey, what should we do now? The response from the FBI from the government, in general, is don't pay ransoms. Well, guess what happened here? The FBI said that the criminal actors were out of the reach of US law enforcement. But they were not apparently and out of the reach of this American company called Proven Data Recovery out of Elmsford, New York. It appears that these guys regularly made ransom payments to Sam Sam ransomware hackers over more than a year, according to Jonathan Storfer, who is a former employee who dealt with these ransom payments. Now, Bitcoin transactions are somewhat anonymous and difficult to track. But I know in talking with some secret service agents that they have tracked people through public records and got convictions because of being able to track down some of these Bitcoin coin payments. Pro Publica was able to trace four of these payments, and this article goes on and on. Another US company, Florida based company, Monster Cloud also professes to use their data recovery method, but turns out they were paying ransoms sometimes without informing law enforcement or the victims, this is bad. Again, from Pro Publica, both of these companies charge their victim's substantial fees on top of the ransom amount, and they offer other services such as sealing breaches to protect against future attacks. Well, that's what I do for a living, Right? I don't try and do the recovery and no do I pay any ransom. There are many pieces of free recovery software out there that work in most cases. But, sometimes if you don't have a good backup, you're just out of luck. So, keep that in mind. Going to one of these companies, if you have ransomware on your computer is not going to solve the problem of ransomware. Because, some of these account companies, at least two of them in this case, according to Pro Publica, are making deals with the ransomware criminals, which is, in my opinion, not right. So, we talked a couple of weeks ago about our friends over at Equifax and how they took a huge hit here. It cost them over a billion dollars, probably I would guess close to one and a half billion, but I don't know for sure. They haven't disclosed all of the numbers. This week, they did reveal that they had to do a bit of a write off of about a little more than half a billion dollars. But there's another one out there, and It is crazy. It is the one, I mentioned, from Krebs on security, concerning the website for First American Financial Corp, a Fortune 500 real estate, title insurance giant.  I mean giant, billions of dollars in annual revenue. First, America Corp leaked hundreds of millions of documents related to mortgages going back to 2003. Krebs on security found this leak, and they went ahead, and they fixed it.  Isn't that nice of them, after the horses got out of the barn. So, these are digitized records that included bank account numbers, bank statements, mortgage statements, tax records, social security numbers, wire transaction receipts, driver's license images, were all available without authentication to anyone with a web browser. I find that incredibly unbelievable that a company that employs 18,000 people, you'd think they'd have some security people on staff. And they brought in more than 5.7 billion. There you go. That's the number from Krebs article. Now Krebs found out a bit about it because of a real estate developer, out in Washington state, who said he'd had little luck getting a response from them. It just goes on and on, just like last week with what happened with Intel. And the reports of their colossal security problem. And they, it sounds like, literally tried to buy off the people who reported this massive bug in the Intel chips. It's just amazing. So it goes on and on the earliest document number available on the site wasn't document number 75. The dates and documents get closer to real-time each forward increment in the record number. I have the article up on my website, we've got a link to it if you want to see it.  It's it is just stunning. So, who knows what happened has happened here, again, we have an example of a company that did not keep track of the security problems. And what do you want to bet they did not keep track of data x filtration, and what the criminals stole? Big deal. Big problem. Now Google's got a couple of warnings out this week too. Is this getting old to anybody? I hope you're learning from this, and I hope you can apply it in your own life and your businesses. Take time to learn from these things. But, Google exposed that their G Suite, which is the Google suite where you as a business, you can pay for Google Docs, Google Sheets, etc. If you're a business and you're trying to use it, they want you to pay for it. That's what the city of Atlanta found out when they got hacked. All of their email accounts were down, and they couldn't do spreadsheets, they couldn't do anything. So, they all signed up for Gsuite accounts. Google promptly shut them down two weeks ago for doing that, because they're supposed to pay. Then Google worked out a deal with them. However, it turns out they were storing plain text passwords on its servers for the last 14 years. It is a very, very big deal. So Google is saying that they have fixed the issue and that they've seen no other improper access or misuse of the affected passwords. They've got reasons why they did it. No, everybody makes mistakes in security, okay. I'm giving you that. But these two cases are for companies that should know better, they have big enough department, and they are going to lawsuits. And like Equifax, it's probably going to cost our friends over at First American Financial Corp over a billion dollars. It is something that they can maybe afford to pay a billion dollars in fines and fees. But how about you as a small business. So we've talked about two-factor authentication many times on my show. And we always set up two-factor authentication when it comes to our clients to keep their data safe. You know, some of them have to have to fall under the rules that are in place for federal military contractors, federal contractors, HIPAA records, etc., etc. So you have to have the right kind of two-factor authentication in place, you have to have the correct type of training, the right kind of databases, etc. And the people are getting ripped off right, left and center, these companies that are selling some of these things, they don't care. They are just trying to sell you something another point product and other point security, that is not going to help you out. Can you tell I am getting a little pissed today? Excuse, My French. But here's what's happening. Google has something they call Titan, and we've talked about it on the show before. It is a security key.  It was leading edge, and I'm glad they did it. They've been using it internally for all of their logons. So, it's something you have along with something, you know. Now, you know. I have been promoting Yubikeys. I don't have an investment in any of these companies. We do use them when we are trying to get a company secured. The idea behind the Yubikey and Titan security keys is that it's a little USB fob, you plug it into your computer, you type in your password, you're off and running. Okay? Well, Google's warning that for the Bluetooth Low Energy version of the Titan security keys it sells for two-factor authentication are vulnerable to hijacking by nearby attackers. Google says if you have them, contact them. And they'll give you a free replacement device that fixes the vulnerability. It has to do with Bluetooth pairing protocols, and that means that anybody within 30 feet can carry out an attack, against you. These are $50, which is about the same cost as a Yubikey. I, personally, would go with the Yubikey. But there now you know about the Google Titan. There is nothing particularly wrong with it, except that it's one version is susceptible to hack. If you check the back of your Titan key, if you pull it out right now, it's probably on your key ring, it's a nice, small thing looks like your USB thumb drive, almost. If it starts with a T1 or T2, it is susceptible to attack and eligible for a free replacement. We're not going to have time to get into the rest of these things. So let's get into cyberbullying. I think this is an important one. And I want to talk about internet mobs because that's kind of what happened this week to me. And because I was reported on some security stuff, right, and they, they use almost anything they can against you. And recently we've seen real problems with cyberbullying against kids. According to a survey and a completed study,  It reported online bullying affected 43% of kids. One in four has said that happened more than once. 70% of students reported seeing frequent bullying online. Over 80% of teens use a cell phone regularly. I think these numbers are probably higher than what this study showed, in 2014, I bet you they come close to 100%. Now, most of the teens ignore it. You know I talked about that terrible Netflix show "13 Reasons Why" where a teenage girl committed suicide and left behind 13 cassette tapes explaining her 13 reasons for killing herself. It has led to a 30% increase in teen suicides in the 30 days after that show came out. So there, there's been a correlation drawn on that it did not, by the way, affect adults, it was mainly the 10 to 18-year-olds that it touched. But, we have kids that are thinking about suicide and committing suicide because of cyberbullying. There have been well-publicized criminal cases about this. Now, how about an internet mob? How about if one of these groups decides to come after you, and the group is just the cheerleaders at school? There's a great story that CNN shared this week about a young lady, named Dominique Mora. She's from Southern California and went to school in St. Paul, Minnesota. She is 23 years old and was attending on a softball scholarship. So she thought it would be great to take a job at Chipotle to help make ends meet. Well, she was working at the store, and a group of teenagers came in ordered food, went to pay for it, and their debit card didn't work. That group of teenagers ran out of the restaurant with the food. They stole it, right. The manager gave them a little coaching and told them here's what they should do. What happened next was another day a group of teenagers came in, and she recognized two of them as being part of the group who had ordered food with the bad debit card before running off with the food. They never paid for it. They called the police and explained that these two teenagers were there and they did not want to serve them. We want them evicted from our store.  Here is this young woman, 23 years old, and she asked them to pay first. They pulled up a cell phone, and she didn't realize they were videotaping her and started accusing her of racism because she was a white person caught in the act of doing something labeled racist. Which obviously, there's no racism involved in this at all, they had stolen food from this store, and it was on video, there's surveillance video, it had these two guys on it, according to what CNN is reporting. They dumped this video of her as a racist "B" online. The video of her November confrontation was watched at least 7 million times retweeted at least 30,000 times within two days, and media covered it. Chipotle fired her after it went viral. Now here she is, having done nothing wrong, the police not responding in a reasonable amount of time. It sounds like they never really did respond. It is a case of confirmation bias, these black guys were calling her a racist and the video they presented made it look like she may have been. It is now being used to paint her falsely as a racist. She lost her job and now is worried about what will happen, what she could or should do, and what she should not do.  Those are the same questions I opened the show with today that went through my mind 30 years ago and ran through my mind again this week. Very, very, big deal.  I think w have got to spend some time with our kids talking about this.  Helping them understand the whole act of bullying, what cyberbullying is. That they should report it to the authorities at school, report it to your teacher, report it to the principal, I guess the vice principal is the one who's usually dealing with these types of things. The most common places where it's happening, and this is from stopbullying.gov, they have a lot of great information. Social media like Facebook, Instagram, Snapchat, Twitter, SMS, you know, your text messages, instant messaging, which includes email provider, app services, social media, and of course, email at self. We've got to be careful because the content that we share online, you can get these internet mobs, this mob mentality where everyone jumps on board and starts attacking people. It can drive not just our teens, but almost anyone to suicide, and we don't want that to happen. Sit and talk with them. You know, I was severely bullied as a kid as well. But you know, I could leave it alone. It was happening on the way to school, at school, on the way back from school. At least there were brackets or definitions surrounding it. But nowadays, there aren't. All right, I want to send you to my website Craigpeterson.com, because you will find more information about all of these topics today. A very, interesting one on hackers. About anonymity that was once critical and how that's now changing. I might try and get into that next week. A little bit more here on the show. Also, the Consumer Reports thing about Tesla. Don't count on their autopilot people. Be very careful. The automatic lane change feature is reported to be far less competent than a human driver. So, don't use it. Be concerned about cyberbullying. I'm working here this summer. I'm going to make this a security summer. I'm going to be doing some free courses. We're going to help you guys out with lots of free information. I give these little webinars. They're not I'm not trying to upsell you or anything else. I'm trying to inform you so make sure you attend. Let me know if you're interested and what topics you think I should cover. So if you are interested,  email me. me@craigpeterson.com That is P-E-T-E-R-S-O-N Peterson with an O. Until next week, everybody. Take care. Have a great week. Bye-bye ---  Related articles: Our New Society: Social Media Results In Judgement By Mobs Open Source Is Changing The Way We Approach Everything Autonomous Cars — Are they ready for Prime Time? Why Are We Still Trusting Google? Running Windows? Be Sure You Patch! You Need Two-Factor Authentication Even If Google Screwed It Up Got a Mortgage? Your Information Might Be Included In Massive Hack ---  More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

The Deepfakes thing is already starting to have an impact, and it didn't even involve actual Deepfake (GAN ML) technology. A video was spread of Nancy Pelosi speaking very slowly and seeming to stumble over her words, which made her look quite bad. The video was virally shared throughout social media on the right. Problem is, it was intentionally slowed down to make her look old/stupid/crazy. What this shows us is that it's not the machine learning that makes Deepfakes dangerous; it's the willingness of a massive percentage of the US population to believe total garbage without an ounce of scrutiny. It doesn't matter if Deepfakes can be shown to be fake because people are matching evidence to their emotions, not the other way around. The vulnerability is our ignorance and cynicism, not a spoofing technology. And as I wrote about a couple of years ago, this will be used as a weapon against us. More Essay A real estate insurance website for First American Financial Corp was vulnerable to a simple IDOR (where you change the account number in the URL to get another account), and it evidently resulted in the exposure of hundreds of millions of insurance records that included extremely sensitive information. IDOR is still one of the most common and dangerous vulns a web app can have, and for companies like this they can be devastating. More The US Military is trying to learn how popular movements form and evolve, and to do so they're studying 350 billion social media messages. But it's a Bloomberg article, so maybe they're actually studying bullfrogs for clues about hypertension. More Moody's has downgraded Equifax's rating in some significant part due to its 2017 cyber breach. This is noteworthy because until now, breaches have largely been spackled over in terms of the major financial perspective and at the 6-24 month timescale. This is a positive indication that companies could actually start taking cybersecurity more seriously, and not just at the CISO and IT level, but from the boardroom down. More Advisories: TP-Link Routers

This will be our last episode until the fall, but once we are back you can catch the DAY[0] podcast on Twitch every Monday afternoon at 12:00pm PST (3:00pm EST) -- https://www.twitch.tv/dayzerosec [00:00:50] This will be our last episode until the fall. [00:02:50] Thoughts on the Advanced Web Attacks and Exploitation (AWAE) Course, and the Offensive Security Web Expert (OSWE) certification [00:32:05] r/AskNetsec - New windows LPE from non-admin :) - From SandboxEscaper [00:45:20] First American Financial Corp. compromise [00:53:48] Google admits storing G Suite user passwords in plain text for 14 years [01:02:27] Safety vs. Security: Attacking Avionic Systems with Humans in the Loop [01:17:30] Malware Guard Extension: Using SGX to Conceal Cache Attacks [01:25:04] Biometric Backdoors: A Poisoning Attack Against Unsupervised Template Updates [01:36:45] MemoryRanger Prevents Hijacking FILE_OBJECT Structures in Windows [01:46:59] Hey Google, What Exactly Do Your Security Patches Tell Us?A Large-Scale Empirical Study on Android Patched Vulnerabilities [02:03:35] MAC OSX Gatekeeper Bypass [02:10:47] RCE Without Native Code: Exploitation of a Write-What-Where in Internet Explorer

First American Financial Corp. v. Edwards | 11/28/11 | Docket #: 10-708

A case which the Court dismissed, regarding whether or not a private purchaser of real estate services has standing to sue when a kickback does not affect the value or quality of the service.