Podcasts about gnosticplayers

Did you download a game made by Zynga?  If so be sure to change your password. They were the victim of a big hack and lost 218 million users personal information to a Pakistani Hacker who goes by the name, Gnostic-players.  For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Popular Game Breaches Personally Identifiable Information of 218 Million People --- Automated Machine-Generated Transcript: Craig 0:04 Hey, welcome back, everybody, CraigPeterson here on WGAN and online at Craig Peterson dot com. Hey, if you're listening to this as a podcast, I would love to get a five star review from you. That's what helps other people find my podcasts and also course will helps with the dissemination and everything else. It makes it easy for you to be able to listen to it automatically every week, whether or not you have iOS go to Greg Peterson comm slash iTunes would absolutely love to have you give me a five star review over there, even if you don't end up subscribing. So back to Words with Friends. Man, this is an allegation here there is some proof that maybe this guy did it. Zynga did release a statement and saying that Words with Friends did have data compromised, apparently as well as another title called draw something. Quote, we recently discovered that certain player account information may have been illegally accessed by outside hackers, while the investigation is ongoing and we do not believe any financial information was accessed. So what do you think's going to happen here? How many of these people are going to end up going into jail? How how much of a find you think think is going to have? How much you find you think you are? I would have it is absolutely nuts. So this guy, this gnostic players guy told ZD net, by the way, that he hoped to put the data of 1 billion internet users up for sale. And by April of this year, so what about six months ago, he had reportedly stolen about 932 million user records from 44 companies. So it looks like he's actually making some headway here on his threats. And, and that's not a good thing, frankly. So this goes back to the whole password thing. Now I have a password specific special report that you might want to pay some attention to. Because if you have played Words with Friends, or again, the sister software to that called draw something, you need to change your password now, but I want you to understand how to change it, what you should do when it comes to changing your password. Because there are password managers out there, some of this stuff is free. And there are some very good free password managers. There are password managers you shouldn't ever use. And there's some that are really great with teams and pros and cons. So again, here now I've got another free guide for you. Now the Quick Start does lead you through a little bit of the password stuff. But it's only one page out of 32. The special report on passwords is I think it's six pages long. And it's specifically about passwords about using password managers what the best ones are and it'll let you click through to sign up on those password managers if you're interested in them. And I don't make any affiliates on any of that stuff commissions although if I did, it would be pennies. But he because these things are so cheap. So here's how you get that right now now this is going to change I'm sure but right now if you go to Craig peterson.com slash subscribe, Craig Peterson comm slash subscribe, you will get a new subscribe there you will get a my special report on passwords and password management, I think it's very important to do. Because again, you got to change your password. But one of the things that people seem to forget all the time when it comes to passwords is you should never ever use the same username and or password on more than one site. Because here's what can happen. Let's say the guy got your account information from Jenga, because you played Words with Friends. And in that in that account information, let's say there is your email address that you use to sign in. And on top of that, now there is a password that you use to sign in. Now some people will sign in using your Facebook ID or maybe your Google ID. I never ever ever ever do that. I don't use Facebook login. I don't use Google login, for few reasons. But one of them is. In both cases, the main reason they're doing that is they want to track you when you're off of their website. So they know you just logged into Words with Friends, for instance. And in some cases, they get even more information than that, that you may or may not want them to have, frankly. So I never use those. I always use email and passwords. Now here's a trick you might not be aware of. Most email accounts allow you to use a plus sign in your email address. So for instance, with me my my email is me at Craig Peterson calm me at Craig Peterson calm, right people send me email there all the time all day long. But if I want to sign up for a service, I will sign up as me and then the plus sign. And then in this case, I might do Zynga because that's who it is who who I'm signing up with Zynga which is NYNGA or ZYNGA depending on how far north you live. So I would say me plus Zynga at Craig Peterson calm. So what will happen is that email will still get to me and Google does support this I'm quite sure at least I used to. and many others do as well. I think Microsoft Office 365 supports that. I think you have to turn it on. And so what happens is email comes in. So I know for instance, at Zynga sold my email address to somebody or maybe it was stolen from Zynga because I only ever use that email address for Zynga. And yet I'm only I only have the one account. It all goes into my me email box at Craig Peterson calm. So I have made plus single add Craig people on.com I have me plus Cisco, Craig peterson.com, etc, etc. You see the pattern here. And I can also now use filters on my email so that I can set up mailboxes. So anything coming from Zynga gets I don't care to see it right away. So anything that goes to Craig plus Zynga Craig Peter song com or me pluses and got Craig Peter song com goes directly into the Zynga box, or maybe it goes to spam or however I want to handle it right. And then I'm I'm not even worried about the from address because I know that the address I signed up with is unique. So now I have a unique email address for that website. And then I use a unique password every time it's unique. And I use one password personally. And you'll see a description of one password in my password special report that you can get. And you even if you're already signed up for my email list, if you go to Craig peterson.com slash subscribe, you can get this again. Okay, you can sign up again and you'll get the special report on passwords. So I use one password and I have it generate for random words typically. So it'll give me a password that is this dash that that something dash else just as an example here. But for words that make it almost impossible for someone to break. Now some websites are still using the old standards that are proven to be not effective, where they'll require you to use special characters, upper lowercase digits and things. And in those cases, I will use those and one password will generate those for me as well. You can just you can mess with the formula. So I really love it. But the reason I just use plain text words is they're easier to type, especially if you have to type them in on a mobile device. That was one password. It's installed on my workstation, my laptop, my iPhone, my iPad, so I never actually have to remember it. It's all encrypted. It's all saved on iCloud encrypted as well. So if I create a new account on this machine is going to show up over the it's just fantastic so make sure you get this it's very important I think that you do have it because it is going to help you so to get this password special report Hey, it's special report day isn't it? Just go to Craig Peterson comm slash subscribe. That'll get you on my weekly newsletter let you know about the free classes and it will also get you my I think it's six page special report on passwords and password managers. You're listening to Craig Peters on right here on WGAN. Stick around because I'll be right back. Transcribed by https://otter.ai   --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

Zynga the maker of a very popular game called Words with Friends had their database hacked by a Pakistani Hacker who goes by the name, Gnostic-players. He got personally identifiable information on 218 million users... Wow! For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Popular Game Breaches Personally Identifiable Information of 218 Million People --- Automated Machine-Generated Transcript: Craig 0:08 Hey, welcome back, Greg Peterson here WGAN. And online at Craig Peterson dot com. I have a ton of stuff up there over 3000 articles all searchable, all about the latest in technology and security, the things you need to know about. So I hope you visited online again, Craig Peterson calm. Now we have been talking as we often do a lot about some of the security issues that we're seeing out there. I tend to emphasize small business stuff because man, I empathize. I'm a small business guy always have been, I have had lifestyle businesses, hopefully, at some point, I will not have the lifestyle business. I have right now. Well, pretty much a family business. And I really enjoy working with my family members. And then we have other people that work for us that are not family members. And I, again, I really enjoy working with everybody and all of our clients. Now, I said that because I want to make one thing clear. Now don't you always know when someone says that I want to make one thing perfectly clear, it usually means that they're lying. Right? I just heard that on the news this week to heard one of the presidential candidates saying those exact words it reminded me of President Nixon back in the day, anyhow, I have something I have never given away before. That is of incredible value to any small business out there. And it's also a great value to any home users that are out there. And it is a 32 page, quick start guide for your cyber security. It goes through just a ton of things that you need to know need to be aware of. I give a couple of examples of clients that I've picked up recently that have been having problems, we've got the key points for every small business, that about what you should be doing. We've got the stepping stones that you should be taking as you go through this process. We talked about the whole path to security. Some things you probably never even heard of before, like some automated ways to keep some of your software and applications up to date, anti malware how to do patching, which by the way can be automated, even for other types of devices, then your Windows machine securing endpoint, virtual private network, do you need one? When would you use one different types of firewalls and point firewalls of firewall for your network, whether it's a home or small business network, as isn't the case here, a password pass codes, password managers, we give some recommendations in here, we've got bonus tips to stop future infections that go through 19 different bonus tips that are in here. 21, excuse me, 21 goes all the way through what to do if you already have been hacked, when you should be asking for professional help. Software availability, and we go through windows Max, what you can do what it is that we do to help as well. And you can get all of this by just going right now, as I said this, this has always been part of a paid program. We had never given this away before. It is so valuable. And I don't know I've had a couple people say Craig, don't give it away sell it. But I want it in your hands. Okay. And I know some people aren't going to bother getting it. And that's just fine. Somebody people are going to say, Oh, Craig, I don't want to get it and sign up for your mailing list. Believe me, I am not going to be nailing you. I'm, in some ways one of the worst marketers in the world. Well, obviously, I'm not the worst, right? marketers in the world, I'm not going to be hammering you and pounding you and you can always unsubscribe. But I want to warn people to if you do unsubscribe from my list, this is really important. And I'm going to start putting this little footnote in my emails. If you unsubscribe after subscribing, I will never, ever even if you try and re subscribe. Never ever, ever send you anything ever again. So today, you might get this quick start guide by going to Craig peterson.com slash Quick Start all one word Quick Start. And you might hear me in two months offering another guide for free. Maybe one that I've never offered for free before that's just for my paid client. If you unsubscribe from my list, and then you try and re subscribe, it's going to look like you re subscribed but I can now never send it to you again. And that's so I can comply with GDPR. It's I noticed it this week with somebody who had subscribed to my texting list. So they they sent a question and they asked to be subscribed or in this case with you guys, you probably just want to send the word WGAN to me, just text WGN 2855385 5553 but that is my phone number. And you can always send me questions, any questions you want to to that phone number. And great, I'll go ahead and add you to my list. And so now you'll get those emergency messages like your to the climax and last time around, right. Or you can email you can text me with the email address if you want me to add you to a list, etc, etc. So that actually goes to me. But if you tell me to stop, and I don't send out more than one text a week, and most weeks, it's not even one text. So if you reply with stop, at some point, I will stop sending you things. And when I say stop sending you things I mean for ever. You can never ever get something from me again, because again, under the GDPR rules that I'm complying with, right, because I'm a security guy, I'm complying with all the security regulations. If you even if you try and re subscribe, I will ignore my software is going to automatically ignore you because you told me to stop sending you stuff. So I will stop sending you stuff you will be on a blacklist. So it's great if you sign up because you're going to get all of this free stuff. And I give away a lot of free stuff more than anybody else I've ever seen. And my wife isn't too fun to that, but I want to help, okay, and and if you're interested in buying something from me, great, okay. But I really, really do want to help. But if you ever unsubscribe, you are unsubscribe forever. It's that simple. So keep that in mind as well. Because I know some people they think it's pretty smart. They go and they subscribe and they get the free download and then they unsubscribe, well, I have a lot of these free downloads, and you're not going to find out about them ever again. Because most of them you'll only find out about in my newsletter. And then even if you try and re subscribe, you won't be able to reach subscribe. So I saw a guy who had subscribed to my text notification service. And so he he had sent me a thing he had said, Please subscribe me, I want to know about the alerts when they happen. And when you're live on the radio. And so I went ahead and sent it to him and great. So he's on and then he responded with stop, which is how you unsubscribe. But in SMS, most of the time works for me works for most places, if you ever subscribed to you know, send send this to this Texas to this phone number, you can always just send stop to that phone number. And based on the regulations, they have to stop sending new stuff. So I put him on the blacklist. And then he sent another message and I tried to respond to him. And I couldn't because he was on the blacklist. Okay, so keep that in mind. Some people don't do it this way. I do. I take it seriously. If you tell me to unsubscribe you you are unsubscribed. And you'll never hear from me again. Okay, so don't don't try and play games with this because it'll cost you in this case, it would cost you good and valuable information. Now we are hearing every week about another hack, right. And I understand everybody out there that is just totally discouraged. With all of this. You know, I understand it because it is discouraging. I was I was on the radio on an interview. And I said basically I've I've given up right, it's it. It is very, very discouraging, especially if you've been hacked, especially if you're a small business guy like I am, where you have been trying to build this business for your whole life. This is your retirement, right? This money isn't just some faceless bureaucracy somewhere, it is you it is your wife, it is your retirement. So I get it. And I understand those people that have been trying to do something the same way for a long time. And, you know, you just don't want to change, I get that as well. And it is scary. It's difficult. But guys and gals, you have to do it. Because whereas echo facts can survive losing pretty much every person in the country is personal information. And more or less, nobody gets fired. And there's no real find. That's not true for you as a small business person, because within six months, you're out of business. And that's what this quick start guide is all about that you can pick up at Craig Peterson. com slash Quick Start. And as I said, it's up for free right now I guarantee you it will be coming down. So make sure you get that. But Words with Friends is from a huge game company. These guys, Zynga make all kinds of games. If you've ever played games on Facebook, some of the games on your Android or iOS device guaranteed. Some of them have come from Zynga very, very big. So there is a report that came out from Hacker News. And it's saying that this Pakistani hacker, who goes by the alias of gnostic players told Gizmodo Hacker News and I'm reading a report from Gizmodo, but told Hacker News that on some bout September 2, he was able to access the data belonging to all the players who installed the game on iOS and Android, which would apparently amount to about 218 million users. That's pretty impressive, isn't it? You start hearing numbers like that. So I gotta go right now got a hard break. We gotta go to when we get back. I'm going to finish this up and we're going to talk about some some new features. Let's, let's look at the happier side of things. With the Alexa. You're listening to Craig Peterson here on WGAN and online at Craig peterson.com. Stick around because we'll be right back. Transcribed by https://otter.ai   --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

A daily look at the relevant information security news from overnight.Episode 164 - 01 October 2019Ba-Zynga - https://www.scmagazine.com/home/security-news/data-breach/the-word-is-out-zynga-was-breached/ODT piggyback - https://www.bleepingcomputer.com/news/security/under-detected-odt-files-deliver-common-remote-access-trojans/Locking Linux - https://www.zdnet.com/article/linux-to-get-kernel-lockdown-feature/One biiiillion ads - https://www.bleepingcomputer.com/news/security/egobbler-malvertiser-uses-webkit-exploit-to-infect-over-1-billion-ads/PDF’ed up - https://www.zdnet.com/article/new-pdfex-attack-can-exfiltrate-data-from-encrypted-pdf-files/

Rheinmetall and DCC have disclosed sustaining cyber attacks. The US Government is looking at airliner cyber vulnerabilities. SimJacker is real, but recent phones seem unaffected. RCMP data misappropriation case update. German police raid a bulletproof host. Gnosticplayers may be back. And someone is sending phishing snail mail that claims the British Crown needs your help to ease the economic fallout of Brexit--a Bitcoin wallet is helpfully made available. Malek Ben Salem from Accenture labs with an overview of five threat factors influencing the cyber security landscape. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_30.html  Support our show

Alex Guirakhoo and newcomer to the pod Travis Randall (@puppyozone) join HVR this week to discuss updates to the JasperLoader malware loader, APT28’s newly observed link shortening technique, Gnosticplayers allegedly stole information from an Australian graphics design companies, and APT10 malware loaders. After that, Richard Gold (@drshellface) and Simon Hall (@5ecur1tySi) discuss the Remote Desktop Protocol vulnerability that everyone has been hyped up about in the last couple of weeks. Be sure to download the full intelligence summary at resources.digitalshadows.com. In more news, Photon Research Team has published a new report! The overall main finding of the paper is that Photon found there were 2.3 billion files currently being exposed online via file shares like SMB or Amazon S3 buckets. We are going to do a deep dive episode about that for next week’s episode. (Report) Too Much Information: The Sequel: https://info.digitalshadows.com/TooMuchInfoTheSequel-podcast.html (Blog) 2.3 billion files exposed across online file storage technologies: https://www.digitalshadows.com/blog-and-research/2-billion-files-exposed-across-online-file-storage-technologies/

Harrison chats with Jamie and Alex this week on an attack on Norwegian aluminum and renewable-energy company Norsk Hydro ASA. The team also looks at threat group “APT-C-27” exploiting a flaw in WinRAR software, a fourth batch of breached data offered for sale on the dark web by “Gnosticplayers”, and a spam campaign exploiting the recent events surrounding the grounding of multiple Boeing 737 aircraft. Download the full intelligence summary here: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-14-mar-21-mar-2019

In today’s podcast we hear about content moderation in the aftermath of the New Zealand mosque shootings. A shift in Huawei’s strategy in the face of Five Eye--and especially US--sanctions: the US doesn’t like us because we’re a threat to their ability to conduct untrammeled surveillance. Corruption, neglect, and replacement of experts by politically reliable operators seem to have caused Venezuela’s blackouts. Gnosticplayers are back, with more commodity data. And AI has no monopoly on evil--natural intelligence has that market cornered. Joe Carrigan from JHU ISI on the recently announced DARPA funded effort to develop and open-source voting system. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/March/CyberWire_2019_03_18.html  Support our show

This week, Phil and Alex join Harrison to discuss a new malware delivery technique using the Outlook preview panel. Also, threat actor Gnosticplayers was offering large data sets for sale on Dream Market, the Blind Eagle APT group swooped into the news, and Gandcrab is back trying to pinch its victims in new ways. Finally, the guys try to find a new nickname for Alex. Full Intelligence Summary here: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-14-feb-21-feb-2019