POPULARITY
Three Buddy Problem - Episode 18: This week's show covers the White House's new Traffic Light Protocol (TLP) guidance, Reuters expose of Appin as a hack-for-hire mercenary company, Fortinet zero-day exploitation and missing CSRB investigations, major cryptocurrency heists, Apple opening Private Cloud Compute to public inspection, Russians removed from Linux kernel maintenance and China's Antiy beefing with Sentinel One over APT reporting. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).
Sudhakar Ramakrishna became CEO of SolarWinds at a very pivotal moment in the company's history, just as it became the target of a cyberattack that affected not just SolarWinds but its large base of enterprise and government customers. Since then, Sudhakar and the people at SolarWinds have led a remarkable turnaround. We are going to learn about how they did that. Before coming to SolarWinds, Sudhakar's journey has taken him from engineering and product leadership as well as GM, President and CEO roles at companies such as 3Com, Motorola, Polycom, Citrix, Pulse Secure. We cover many important topics in this episode: * Leading in a crisis * Gaining back the trust and confidence of customers * Balancing paradoxes in product management * Aligning purpose, portfolio, priorities, value * Transitioning from perpetual to subscription business model * Value model and business model * Evolving from best of breed point products to Suites to Platform * PLG in IT infrastructure * Designing Time to Value Connect with Sudhakar Ramakrishna at: https://www.linkedin.com/in/sudhakar-ramakrishna-a58223/ Connect with Rahul Abhyankar at: https://www.linkedin.com/in/rahulabhyankar/
In this week's Security Sprint, Dave and Andy covered the following topics. ISAC Exciting Announcements! Tribal-ISAC joins National Council of ISACS for cyber security, information sharing Japanese Auto-ISAC and Auto-ISAC Formalize Agreement to Enhance Vehicle Cybersecurity Severe Weather Awareness Iowa Caucus Impacts Texas "Freeze" Buffalo Bills great stadium dig-out Main Topics School Data Base Leak. https://www.wired.com/story/us-school-shooter-emergency-plans-leak/ SEC X Compromise. SEC account hack renews spotlight on X's security concerns US SEC says breach of its X account did not lead to breach of broader SEC systems A Hacker's Perspective: Social Media Account Takeover Prevention Guide Scams. https://news.trendmicro.com/2024/01/12/fake-apple-and-capital-one-notifications-top-scams-of-the-week/ Physical Threats. Malicious Actors Threaten U.S. Synagogues, Schools, Hospitals, and Other Institutions With Bomb Threats, 12 Jan. “Since 8 December 2023, the FBI has opened investigations on more than 100 separate threats targeting more than 1,000 institutions in 42 states and the District of Columbia." New FB-ISAO Newsletter! FB-ISAO Newsletter, v6, Issue 1. US, UK launch retaliatory strikes against Houthis in Yemen Protests erupt outside Yemen Mission in NYC to condemn US attacks on Houthi rebels — some protesters attacking couple holding Israeli flag: ‘Long live Hamas, you piece of s–t!' Joint Statement from the Governments of Australia, Bahrain, Canada, Denmark, Germany, Netherlands, New Zealand, Republic of Korea, United Kingdom, and the United States Statement from President Joe Biden on Coalition Strikes in Houthi-Controlled Areas in Yemen Statement by Secretary of Defense Lloyd J. Austin III on Coalition Strikes in Houthi-Controlled Areas of Yemen Background Press Call by Senior Administration Officials and Senior Military Official on Developments in the Middle East Houthi rebels say US will pay a ‘heavy price' for strikes that killed 5, injured Lulzsec Hacktivists Leak American Bank Logins in Protest Against Yemen Airstrikes Moscow Blasts U.S.-British Strikes in Yemen Who Are the Houthis and Why Did the US and UK Launch Strikes on Them? Quick Hits FBI arrests Florida man accused of threatening ‘mass casualty event' American intel officials warn of risk of Hezbollah attacking U.S. Ivanti Vulnerabilities. Ivanti Blog Post: Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN CISA Adds Two Known Exploited Vulnerabilities to Catalog CERT-NZ: Vulnerabilities in Ivanti Connect gateways actively exploited Canadian Centre for Cyber Security Ivanti security advisory (AV24-020) Ivanti warns of Connect Secure zero-days exploited in attacks Ivanti customers urged to patch vulnerabilities allegedly exploited by Chinese state hackers Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation. Canadian Centre for Cyber Security Ivanti Connect Secure and Ivanti Policy Secure gateways zero-day vulnerabilities Risky Biz News: Chinese APT exploits two Pulse Secure zero-days Ivanti Zero-Day Vulnerabilities (CVE-2023-46805 and CVE-2024-21887) State-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yet Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns The vulnerability forecast for 2024 WEF: Global Cybersecurity Outlook 2024 Joint Report on the Implementation of the Cybersecurity Information Sharing Act of 2015
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast click here.
A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast click here.
We're excited to welcome back to the podcast Sudhakar Ramakrishna, CEO at SolarWinds. When we first caught up with Sudhakar it was several months into his tenure at the company managing through the Sunburst attack. We were so impressed with how he was helping navigate the company through this time we wanted to check in with him more than a year later for an update on how things are going. He shares insights on the company's Secure by Design initiative, radical transparency, the power of public/private partnerships and an information sharing collaborative, CISA and creating a community of research, the opportunity for a national cyber guard, protection for whistleblowers, and the criticality of doing basic things right consistently. You won't want to miss this exciting episode! Sudhakar Ramakrishna, President and CEO, SolarWinds Sudhakar Ramakrishna joined SolarWinds as President and Chief Executive Officer in January 2021. He is a global technology leader with nearly 25 years of experience across cloud, mobility, networking, security and collaboration markets. He most recently served as the CEO of Pulse Secure®, a leading provider of secure and zero trust access solutions for Hybrid IT environments, where he was responsible for all aspects of business strategy and execution. Prior to Pulse Secure, Mr. Ramakrishna served as the Senior Vice President and General Manager for the Enterprise and Service Provider Division at Citrix®, where he had responsibility for Citrix's portfolio of virtualization, cloud networking, mobile platforms and cloud services solutions. Mr. Ramakrishna also has held senior leadership roles at Polycom, Motorola and 3Com. Mr. Ramakrishna is an experienced public and private company board member. Mr. Ramakrishna is a partner at Benhamou Global Ventures, a leading venture capital firm investing in emerging startups in the fields of security, analytics and applications. Mr. Ramakrishna earned a master's degree in computer science from Kansas State University and a master's of management degree from Northwestern University's Kellogg School of Management. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e246
0:00 -- Intro.1:35 -- Start of interview.2:15 -- Bethany's "origin story".3:35 -- Her experience working at Lockheed Martin.5:55-- Her transition to Apple Computer, Cisco, startups in networking technologies and Blue Coat.8:17 -- Her time at HP, where ended running the Networking division.8:55 -- Her role as CEO of Ixia (later sold to Keysight Technologies for $1.6bn in 2017)10:17 -- On her board journey. Her first public company experience with Ixia, under the mentorship of Chairman Errol Ginsberg.11:07 -- Her experience serving on the board of Sempra Energy and as an Executive Advisor with Siris Capital (a PE firm). Her board positions with Box, Marvell Semiconductor and Lam Research.13:38 -- On her decision to complete a Masters Program in Cybersecurity Risk and Strategy from NYU: "to be a good board member in this area [in addition to technical issues] you need to understand issues related to technology, law, regulation and governance."17:09 -- The current cybersecurity landscape from the board's perspective. "Over the last ~10+ years, the incidence, frequency, sophistication and damage of cybersecurity breaches has continued to significantly escalate." "For companies, it has been very costly (examples: Equifax, Target, Home Depot, Colonial Pipelines, Solar Winds, etc.)" "The attacks will continue and they are getting easier to do, ie. ransonware as-service-attack." "This is only going to get worse." "Nation states are also involved, and it's very hard to keep up."21:15 -- Where does cybersecurity fit in board committees? Audit committees vs special cybersecurity committees and full board discussions.25:05 -- On cybersecurity experts on boards. "It's important to have someone on your board who has a reasonable technical understanding of what the CISO and/or CIO is talking about re cybersecurity (ability to translate technical discussion to board level discussion.)" It's different to raw technology expertise. "Why wouldn't you have someone in the room with cybersecurity expertise (when the cybersecurity risk is so high)?"28:39 -- On cybersecurity challenges going forward. 1) Nation-state risks (ie Russia, China, North Korea, Iran), 2) AI risks (ie. using certain automated AI-based coding could insert malicious code into software source-code).34:30 -- On staying updated on the latest cybersecurity threats. Recommended experts: Bob Zukis from the Digital Directors Network (he was guest speaker on my E81 of the Boardroom Governance Podcast) and Ed Amoroso with Tag Cyber / NYU. You should also pay attention to the Cybersecurity & Infrastructure Security Agency (CISA). *Other sources:The Cipher BriefCyber Initiatives GroupHarvard Business Review ("a lot of good articles on cyber governance")The Cyberwire37:41 -- On the enhanced duties of directors in the market downcycle. "Innovation will continue despite the economic crisis." "The pendulum swings back and forth, and there will be a recovery."42:28 -- On the increasing geopolitical risks with China and how boards should approach this "decoupling" or "de-risking". "As a board member, this is a risk issue and it has to be managed and mitigated."47:56 -- The books that have greatly influenced her life: A Tree Grows in Brooklyn, by Betty Smith (1943)Let My People Go Surfing, by Yvon Chouinard (2006)The Outsiders, by William N. Thorndike Jr. (2012)51:04 -- Her mentors, and what she learned from them. Her FatherJudy Estrin (a networking technology pioneer and Silicon Valley leader)54:55 -- Quotes she thinks of often or lives his life by: "The best way out is always through." (Robert Frost)56:20 -- An unusual habit or an absurd thing that she loves: Bird watching (influenced by her husband).58:14 -- The person she most admires: Ruth Bader Ginsburg.Bethany Mayer is a Silicon Valley-based corporate director with 30 years of experience in general management, marketing, product development and operations. She previously held executive roles at HP, Cisco, Blue Coat, Apple, and start-ups. Bethany has served on several public and private company boards, including at Ixia, Pulse Secure and Marvell Semiconductor. She currently serves as the Chair of the Board of Box, and is a director at Sempra Energy, Ambri and Lam Research.__ You can follow Evan on social media at:Twitter: @evanepsteinLinkedIn: https://www.linkedin.com/in/epsteinevan/ Substack: https://evanepstein.substack.com/__Music/Soundtrack (found via Free Music Archive): Seeing The Future by Dexter Britain is licensed under a Attribution-Noncommercial-Share Alike 3.0 United States License
In this interview, Mike Smart of Egress Solutions interviews Phil Montgomery, General Manager for Security Product Marketing GTM at Microsoft, discussing his vision for the future of technology and how the principles of go-to-market will change as the market evolves. Montgomery emphasizes the importance of innovation and collaboration in driving progress between various departments in order to secure the success of an organization. He also discusses the growing importance of security and privacy in the tech industry, noting that Microsoft is investing heavily in these areas to ensure that its products and services are secure and trustworthy. Throughout the interview, Montgomery demonstrates his deep knowledge of the tech industry and his passion for driving positive change, underscoring his position as a leading voice in the field. Phil's bio: Phil Montgomery joined Microsoft as General Manager of Security Go-To-Market in June 2021, bringing more than 25 years of technology marketing experience across security, enterprise software, services, hardware, Internet of Things and other segments. He has launched over 20 products and services for both startups and large companies. Prior to joining Microsoft, Phil served as SVP of Product Marketing for FireEye/Mandiant. Phil also held senior product positions at Pulse Secure, identiv, VMware, Blue Coat, and Citrix Systems. Phil is based in Silicon Valley, and originally from Australia. He is a graduate of the University of Southern Queensland with a bachelor of business degree and spent seven years in the Australian Army departing with the rank of Captain. ----------- Guest: Phil Montgomery | Microsoft Host: Mike Smart | www.EgressSolutions.net ----------- This is a Mr. Thrive Media production. Learn more at www.MrThrive.com
On this episode of The Shape of Work podcast, we speak with Nimisha Kunnath Chatterjee, a Human Resources professional, author and mentor.Nimisha has always been passionate about relationships and the human connection, along with an interest in psychology and human behaviour. Working across various HR functions with organizations such as Pulse Secure, AAyuja Inc and PVR Limited, Nimisha has plenty of expertise to share in this conversation.EPISODE HIGHLIGHTS:The employee experience: Culture, engagement, and beyondOne-up your 1-on-1s with trust and compassionIs remote work a roadblock in defining organizational culture?Proximity bias in a hybrid workplaceFun, engaging and seamless virtual on-boarding The Employee ExperienceThe term ‘employee engagement and experience' has received its due recognition during the pandemic. Earlier, the management was only concerned about increasing the commitment and productivity of employees at work. Now, the perspective is transitioning towards how to keep the employees happy so they can perform better at their jobs. Nimisha defines that these practices create an organization where we willingly show up for work rather than think before showing up for work constitute ‘employee experience'.One-up your 1-on-1s with trust and compassionTechnology is playing an important role in ensuring a smooth workflow at the workplace. However, it is also creating a gap between the team members in their capacities. There are a few strategies that Nimisha suggests to bridge this gap:Strengthen the atmosphere of trust because we need to embrace flexibility. The more the team is involved in any decision making, the more the employees will feel valued and respected as individuals.The managers can also try to bring compassion to possible situations. To not only ask an employee about their wellbeing, but to also understand the struggles they might be facing. Encouraging the teammates to check in on each other and develop collaboration among themselves enforces values and culture and bridges the one-on-one interaction among employees. Recognizing and acknowledging an individual's work within the team creates an everlasting relationship between the team members and employees and the organization.Is remote work a roadblock in defining organizational culture?The Hybrid model of work is what is suits everyone's needs at present time. For many people, collaboration and working with their families has helped in improving their performance during work from home, but it has also affected a large number of people due to the absence of working facilities and a supportive work environment. Proximity bias in a hybrid workplaceAs human beings, we all suffer from proximity bias. It is a natural inclination towards those who are closer to us. We unconsciously tend to favour people whom we physically meet every day over those who don't. To combat this, Nimisha talks about a few skills that the managers need:They should build awareness towards such biased actions and strive to create an inclusive environment to reduce this effect. For instance, scheduling meetings or sharing information in an inclusive manner such that everyone can participate.The organization should establish a culture of psychological safety. Managers should address such biases through performance evaluation or one-on-one interaction with employees. An individual's trust in the organization is built and strengthened during such practice.Follow Nimisha on LinkedInProduced by: Priya BhattPodcast host: Rohan Mankad
Nimisha has been passionate about relationships and human connections, as well as psychology and human behaviour. She is a Global HR professional / leader with 12 + years of experience working in various industries - Retail, Healthcare BPO, IT . She has been associated with TATA Group, PVR Group, Pulse Secure. As a global HR Professional, she loves to collaborate with people to create a learning organization, and drive a culture of collaboration through employee experience moments in various HR segments. HR is her passion. She has also authored her first book in Jan 2021 titled “My Journey to Love & Peace - Small Gestures Go A Long Way”, available in amazon and Notionpress. NIMISHA's Tips: NIMISHA'S CAREER JOURNEY How HR has evolved? Business function, vs Business partner vs. Strategic Partner What changes can we expect in future in HR? Role of HR in Employee experience What are great examples of companies that are good at employee experience? About her book – My Journey to Love & PEACE Witty answers to rapid-fire questions 1 piece of advice to those aspiring to make BIG in their careers and LIVES Trivia about Mini Game on Chrome Browser Enjoy the episode! Connect with NIMISHA on LinkedIn: https://www.linkedin.com/in/nimisha-kunnath-chatterjee/ To purchase Nimisha's book: https://www.amazon.in/My-Journey-Love-Peace-Gestures/dp/1638061696/ref=sr_1_1?dchild=1&keywords=nimisha+kunnath+chatterjee&qid=1628752744&sr=8-1 Dear #TGV Audience…Here is a chance to broadcast yourself
「Pulse Secure Connect」を侵害するマウルウェアレポート5件を公開 - 米政府 7月の個人情報関連の事務処理ミス44件を公表 - 横浜市 ほか
This month we look at new blogs from Tenable's security response team, including on a year of Zerologon, vulnerabilities in Microsoft Exchange Servers and Pulse Secure, and a widely spread flaw in wifi routers which could affect thousands of users globally.Show ReferencesOne Year Later: What Can We Learn from Zerologon? Microsoft's August 2021 Patch Tuesday Addresses 44 CVEs Remote Code Execution Patch Bypass in Pulse Connect Secure ProxyShell: Attackers Actively Scanning for Vulnerable Microsoft Exchange Servers Bypassing Authentication on Arcadyan Routers with CVE-2021–20090 and rooting some Buffalo Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium
Microsoft disrupts a major BEC campaign. The scope of cyberespionage undertaken via exploitation of vulnerable Pulse Secure instances seems wider than previously believed. Secureworks offers an account of Hades ransomware, and differs with others on attribution. Final notes during the run-up to tomorrow's US-Russia summit, where cyber will figure prominently. Helping employees stay secure. Carole Theriault wonders if the internet of things is becoming the internet of everything. Ben Yelin weighs in on the Supreme Court's ruling affecting the Computer Fraud and Abuse Act. And Reality Winner has been released to a halfway house. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/114
As 2021 goes on, the attack on critical infrastructure continues at a rapid pace. - www.zdnet.com: FBI attributes JBS ransomware attack to REvil - www.bleepingcomputer.com: FBI: REvil cybergang behind the JBS ransomware attack - www.cyberscoop.com: Meat chain JBS says US production is returning after ransomware attack - www.bleepingcomputer.com: Chinese threat actors hacked NYC MTA using Pulse Secure zero-day - www.bleepingcomputer.com: Swedish Health Agency shuts down SmiNet after hacking attempts - www.cyberscoop.com: Sensitive medical, financial data exposed in extortion of Massachusetts hospital - www.theverge.com: How to opt out of (or into) Amazon's Sidewalk network Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support
NYC transportation authority hacked using Pulse Secure zero-day Cybercriminals hold contest to find new cryptocurrency exploits FBI confirms REvil as JBS ransomware attacker Thanks to our episode sponsor, ReversingLabs Recent supply chain attacks and executive orders have left 1000's scrambling for guidance. Join ReversingLabs as they take their exclusive supply chain roadshow to your local region virtually. Hear from app sec specialists and security execs, as they discuss lessons learned, and innovative approaches, that will move your supply chain security and compliance program forward. For more information, visit reversinglabs.com. For the stories behind the headlines, head to CISOseries.com
Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 373. It is Friday June 4th 2021. I am your host Scott Gombar and Pulse Secure Vulnerability used to Hack NYC MTA. Cisco Releases Security Updates for Multiple Products Google PPC Ads Used to Deliver Infostealers Exchange Servers Targeted by ‘Epsilon Red' Malware US Supreme Court restricts broad scope of CFAA law UF Health Florida hospitals back to pen and paper after cyberattack WordPress force installs Jetpack security update on 5 million sites Google Chrome now warns you of extensions from untrusted devs Massachusetts' largest ferry service hit by ransomware attack Chinese threat actors hacked NYC MTA using Pulse Secure zero-day 147,000 Patients Affected by Scripps Health Ransomware Attack
Today's podcast outlines good news/bad news on Windows support scams, new Nobelium attacks detected and another warning to Pulse Secure VPN users
A phishing campaign this week appears to be the work of Russia’s SVR. Chinese government threat actors continue to exploit unpatched Pulse Secure instances. FBI renews warnings about unpatched Fortinet appliances. Healthcare organizations still work to recover from ransomware. Rick Howard speaks with author Andy Greenberg on his book Sandworm. Ben Yelin weighs in on questions Senator Wyden has for the Pentagon. And a look at the criminal ransomware market, including the consultants who serve the extortionists. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/103
独立行政法人情報処理推進機構(IPA)および一般社団法人JPCERT コーディネーションセンター(JPCERT/CC)は5月26日、Pulse Secure 製 Pulse Connect Secure のバッファオーバーフローの脆弱性について「Japan Vulnerability Notes(JVN)」で発表した。
Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 367. It is Wednesday May 26th 2021. I am your host Scott Gombar and Another Pulse Secure Vulnerability... Google Chrome 91 released with new features, security improvements VMware warns of critical bug affecting all vCenter Server installs Walmart apologizes for offensive, racist registration emails Iranian hacking group targets Israel with wiper disguised as ransomware Pulse Secure VPNs Get Quick Fix for Critical RCE
Flycast Buzz: Technology And Process Briefs For IT Professionals
Rich Longo and Bobby McCullough talk about vulnerabilities with Dell Laptops spanning back to 2009.
Zero Days got you down? There sure has been a lot of high impact zero days impacting edge appliances in 2021, from Microsoft Exchange, Pulse Secure, and SonicWall. In this episode, we're joined by Josh Fleischer, the Managed Defense investigator who uncovered three zero days in SonicWall Email Security, to discuss detection and investigation of a zero day, as well as what vendors and customers can do to better to prepare for zero day attacks.
Flycast Buzz: Technology And Process Briefs For IT Professionals
Bobby McCullough explains the three factors that are driving digital transformation.
Amerika'nın Siber Güvenlik Ajansı CISA, yayımladığı bildiride federal kurumları #Pulse Secure VPN'de bulunan güvenlik açıklarına karşı iki gün içerisinde önlem alınması konusunda uyarıyor. Diğer yandan, Qualcomm'da bulunan güvenlik açığı ise Türkiye'deki telefonların yaklaşık %40'ını etkiliyor. Peki bu zafiyetler nelere yol açıyor? Görüntülü yayına youtube.com/siberingunlugu adresi üzerinden ulaşabilirsiniz. Keyifli dinlemeler! #siberingunlugu
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the fix for a vulnerability with Pulse Secure VPN, 21 vulnerabilities in open source mail server Exim, the effects of Colonial Pipeline being hit by ransomware and how Signal is trying to take out Instagram ads. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:20 - Today's 3 topics 0:40 - Topic 1: Pulse Secure VPN Fix 6:20 - Topic 2: 21 Nails in Exim 8:29 - Topic 3: Colonial Pipeline Ransomware 12:40 - Topic 4: Signal vs. Instagram Ads 17:48 - Closing remarks Links: > SA44784 - 2021-04: Out-of-Cycle Advisory: Multiple Vulnerabilities Resolved in Pulse Connect Secure 9.1R11.4 > 21 Nails in Exim Mail > US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day > Find out what percentage of your employees are Phish-prone > Download a copy of the Social Media Red Flags PDF > Find out which of your users take the bait and reply to a spoofed email > Find out how vulnerable your network is against Ransomware and cryptomining attacks > Find out which of your users are vulnerable to a social media phishing attack > Learn more about the Red Flags of URLS > The Instagram Ads You Will Never See --- Send in a voice message: https://anchor.fm/optrics-insider/message
Flycast Buzz: Technology And Process Briefs For IT Professionals
Bobby McCullough and Rich Longo talking about the ever-expanding role of the CIO in company culture and customer satisfaction.
Watch this week as Heff and Forrest discuss the recent Ivanti breach, Apple ransomware, SonicWall's 3 zero days, and more.Listen to learn more about additional stories:92% of businesses that pay ransomware never get their data backRecent security additions to Apple's recent software updatePassing of Dan KaminskyHosted by Matthew Heffelfinger (Director of SIEM Operations, GSTRT, CyRP (Pepperdine), GRCP, SSAP, ITIL4-F, GISF, PECB) and Forrest Barth (SOC Analyst, CISSP, CMNO, Security+).
ShadowTalk hosts Alec, Ivan, Sean, and Digital Shadows CISO, Rick, bring you the latest in threat intelligence. This week they cover: - Sean discusses Pulse Secure VPN vulnerabilities - what are the latest updates and who is being targeted? - The team talks about supply chain compromise - what is it? - Sean takes us through the DDoS attack on Belnet - Babuk is hanging up their hat - Ivan brings us the latest - Ryuk gets ahold of bio research through a student Get this week’s intelligence summary at: https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-07-may ***Resources from this week’s podcast*** Pulse Secure: https://www.bleepingcomputer.com/news/security/pulse-secure-fixes-vpn-zero-day-used-to-hack-high-value-targets/ Belnet: https://www.zdnet.com/article/this-massive-ddos-attack-took-large-sections-of-a-countrys-internet-offline/ Babuk: https://threatpost.com/babuk-ransomware-gang-mulls-retirement/165742/ Ryuk: https://www.zdnet.com/article/ryuk-ransomware-finds-foothold-in-bio-research-institute-through-a-student-who-wouldnt-pay-for-software/#ftag=RSSbaffb68 The Technology Adoption Lifecycle Of Genesis Market Blog: https://www.digitalshadows.com/blog-and-research/the-technology-adoption-lifecycle-of-genesis-market/ The Top 5 Dark Web Monitoring Use Cases Blog: https://www.digitalshadows.com/blog-and-research/the-top-5-dark-web-monitoring-use-cases/ Password Day Blog: https://www.digitalshadows.com/blog-and-research/creating-security-aware-passwords/ Also, don’t forget to reach out to - shadowtalk@digitalshadows.com
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: GitHub weighs banning exploits Ransomware galore Belgian government crippled in DDoS attack Intrusion Truth Twitter account suspended More Pulsesecure victims identified Much, much more This week’s show is brought to you by ExtraHop networks, and they’ll pop along in this week’s sponsor interview to float a really, really good idea. The Biden administration EO on cybersecurity will mandate software is shipped with a so-called software bill of materials so customers will actually know what’s in their supply chain. Ben Higgins and Ted Driggs from Extrahop will join us today to argue they should also supply a bill of behaviours; data in a standardised form that will tell you things like what domains and IPs the software will connect to. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Belgium's government network goes down after massive DDoS attack | The Record by Recorded Future Exclusive: Hackers Break Into Glovo, Europe’s $2 Billion Amazon Rival 'Phishing' Sites Buying Workplace Login Details Linked to Well-Funded Startup GitHub to review its exploit-hosting policy in light of recent scandal | The Record by Recorded Future More US agencies potentially hacked, this time with Pulse Secure exploits | Ars Technica Twilio discloses impact from Codecov supply-chain attack Twitter restricts account of Intrusion Truth, which doxxes suspected Chinese hackers Suspected Chinese hackers are breaking into nearby military targets NSA warns defense contractors to double check connections in light of Russian hacking Hackers disrupt networks at San Diego medical provider, Kansas organ transplant facilitator Swiss Cloud becomes the latest web hosting provider to suffer a ransomware attack | The Record by Recorded Future DOJ hiring new liaison prosecutor to hunt cybercriminals in Eastern Europe | The Record by Recorded Future Babuk gang says it will stop ransomware attacks after DC Police incident | The Record by Recorded Future Ransomware gang leaks court and prisoner files from Illinois Attorney General Office | The Record by Recorded Future QNAP warns of AgeLocker ransomware attacks against NAS devices | The Record by Recorded Future Ransomware gang targets Microsoft SharePoint servers for the first time | The Record by Recorded Future Feds Arrest an Alleged $336M Bitcoin-Laundering Kingpin | WIRED An Ambitious Plan to Tackle Ransomware Faces Long Odds | WIRED Task Force Seeks to Disrupt Ransomware Payments – Krebs on Security The IRS Wants Help Hacking Cryptocurrency Hardware Wallets Experian API Exposed Credit Scores of Most Americans – Krebs on Security Magecart scammers aim at restaurants' online delivery systems They Told Their Therapists Everything. Hackers Leaked It All | WIRED XSS in the wild: JavaScript-stuffed orders used to compromise Japanese e-commerce sites | The Daily Swig Microsoft discloses 'BadAlloc' bugs affecting smart devices, industrial gear | The Record by Recorded Future Watch A Tesla Have Its Doors Hacked Open By A Drone Time to update DNS servers to defend against brace of serious BIND vulnerabilities | The Daily Swig Google Android’s implementation of privacy-preserving contact tracing ‘flawed’ | The Daily Swig Dell patches 12-year-old driver vulnerability impacting millions of PCs | The Record by Recorded Future Microsoft will permanently remove Flash from Windows PCs by July 2021 | The Record by Recorded Future 21Nails vulnerabilities impact 60% of the internet's email servers | The Record by Recorded Future Qualys researchers uncover 21 bugs in Exim mail servers - CyberScoop New Spectre attack once again sends Intel and AMD scrambling for a fix | Ars Technica Hall of Fame: Mark Dowd - YouTube Florida homecoming queen faces up to 16 years after alleged scheme to hack high school contest
It was reported last week that at least two groups of hackers linked to China have spent months taking advantage of a flaw in Ivanti's Pulse Connect Secure VPN suite to break into what was defined as a ‘very limited number' of customers' systems — but which included at least five federal civilian agencies and financial institutions in the U.S. and beyond. Hackers were able to break into the devices as they were being used. More from Reuters. Hackers suspected to be linked to China have exploited vulnerabilities in Ivanti's Pulse Connect Secure VPN products targeting multiple government agencies, defense companies, and financial institutions in the U.S. and Europe. Cybersecurity company FireEye, (who also discovered and reported the recent SolarWinds hack) reported tracking 12 malware families associated with the exploitation of Pulse Connect Secure VPN devices. All of this malware was related to circumvention and backdoor access and circumvention to the VPN devices. China-linked Hackers use Pulse Connect Secure VPN Flaw to Target US Defense Industry Researchers FireEye's Mandiant reported on April 20th that they believe multiple threat actors are involved in the attack, and that these intrusions targeted government, defense, and financial institutions globally. Each instance of hacker activity was ultimately traced back to the Pulse Connect Secure VPN devices. It's probably also important to note here that Pulse Connect's parent, Ivanti, has contracts with the Nuclear Regulatory Commission, the Pentagon, the Bureau of Fiscal Service, and the Coast Guard. Check Vulnerability and Patch Your Pulse Connect Secure VPN Devices In acknowledging this attack, CISA issued an advisory on April 20, 2021, advising that Ivanti has developed a checker tool or an ‘Integrity Tool' that can be used by any agency using the Pulse Connect products to check their vulnerability and strongly encourages all Pulse Secure customers to use the took to check for malicious activity. While the initial press around this hack has worked to minimize damage, CISA has identified 24 federal civilian agencies that use Ivanti's Pulse Secure Connect VPN devices and issued a directive last week that every agency using these devices figure out how many VPN devices they have and also that they run Ivanti's ‘integrity tool' to determine whether or not they are at risk, and report back to the agency. It was announced today that Ivanti has released a security update for the Pulse Connect Secure, addressing a new authentication bypass. Ivanti urges customers using Pulse Connect Secure 9.0RX and 9.1RX to immediately upgrade to Pulse Connect Secure 9.1R11.4, which fixes the vulnerability.
Pulse Secure patches its VPN, and CISA for one thinks you ought to apply those fixes. Apple has also patched two zero-days in its Webkit engine. Scripps Health recovers from what’s said to be a ransomware attack. Researchers describe Genesis, a criminal market for digital fingerprints. Ben Yelin described a grand jury subpoena for Signal user data. Our guest is Ryan Weeks from Datto on the need for cyber resilience in the MSP community. And Japan works on cybersecurity for this summer’s upcoming Olympic Games. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/85
Thanks for downloading Podcast 1111 - May 1, 2021. Uber and Lyft have both sold their self-driving car divisions. Washington DC Police are in a lot of trouble due to Ransomware. The latest trend in Cloud Computing is hazardous. How to tell if your laptop is sick and how to fix it. Costs of Ransomware have doubled in 12 months. Why I think China is threatening Taiwan. Finally, Emotet has been taken down. SpaceX is winning the Satellite-Internet war. For more tech tips, news, and updates, visit - CraigPeterson.com. Articles for this week: An ambitious plan to tackle ransomware faces long odds Tile bashes Apple’s new AirTag as unfair competition More US agencies potentially hacked, this time with Pulse Secure exploits The saga of McDonald’s ice cream machines and why they’re out of order all the time - Right-to-Repair Apple agrees to let Parler back on the App Store, citing improved moderation Hacker hacks the Police hacking tool - and leaves a “bomb” in place How to Secure Employees' Home Wi-Fi Networks The Google Offices of the Future Has Privacy Robots, Meeting Tents, and Your Very Own Balloon Wall --- Automated Machine-Generated Transcript: Podcast 1111 - May 01, 2021 Craig Peterson: Self-driving cars have been all the rage. Well, at least talking about them for what are the last four or five years. Well, Lyft and Uber both had big projects when it came to self-driving cars, and both of them have changed their minds. We're going to talk about that. [00:00:21] Good afternoon, everybody. Craig Peterson, here I've been out for the last couple of weeks. Sorry. I've been here on the weekend, and I'm here again today. We're going to talk about a lot of very interesting stuff that's going on. Hopefully, I can explain to you a little bit about the why that helps you understand the how of what's going on. It's just become so crazy complex. [00:00:48]That also gets into Lyft, this whole self-driving car thing. Uber, you've got every major player kind of in the world getting into this whole game, including, of course, Apple and Google. They both have big projects going on. GM, Ford, and every major manufacturer, Fiat, has an electric car, and of course, they've got aspirations. Hey, by the way, if you really want to cause some problems with Fiat-Chrysler's finances, buy one of their little electric cars, a little E 500. I don't know if you've seen these little Fiats driving around. They're cool little cars, the type of thing you'd expect in a big city or maybe in Europe somewhere. Just these tiny things. Like the smart cars only slightly bigger. Fiat loses $20,000 for every one of these $33,000 little cars you buy. Electric cars. It only goes 87 miles on a charge. That's the killer, right? 87 miles. Are you kidding me? [00:01:52] We'll talk more about this later on because there's some study information out now that talks about people that bought electric cars. How many went back to gas engines, and why? It's interesting when you get into the numbers, the people that are switching back, by the way. Tend to be women more than men, but anyway, so we'll get into that in a few minutes here. [00:02:16] Lyft and Uber, both saw themselves as companies that should be in the self-driving car business. I have learned over the years that you have to focus your business on your business. So what is it? Make your business very narrow don't run after every little opportunity that comes up, don't take every potential customer that comes your way because you probably can't deal with it. It requires a focus, a real focus, in order to be very successful. Otherwise, you can't make your business grow. So because of every customer's different, if everything about the customer's different, you're going to have true experts. [00:03:01] That's the problem I've had over the years because I've always enjoyed a little bit of a change, a little bit of a difference. So, we've helped all kinds of companies from multinationals with their cybersecurity all the way on, down through little guys. [00:03:15] Now, when you think about that, I've been crazy. For all of these years, to quote Paul Simon and my craziness has to do with the fact that they're entirely different beasts. [00:03:26]So, now we're putting together some standardized packages based on what we've been using and selling for more than 20 years now, just to make my life a little bit simpler so, we can handle more clients cause there's more and more them that need it. [00:03:40] So, when we're looking at Uber and Lyft, how does it fit? What is Uber doing? What is Lyft doing? Really? What's the bottom line here. They're getting you from point A to point B. It's really that simple. Isn't it? You want to get to a place. Now, they've added some of these other features like the Uber eats, where you can get Uber to go to a restaurant, pick up a meal, deliver the meal for you. Then you're off and running. That's not bad, but it's still effectively the same business. [00:04:15] When we're talking about autonomous vehicles, it's a completely different business. You're talking about major software development. Lyft looks like it's been spending about a hundred million dollars a year in order to try and develop self-driving cars. [00:04:35] That's expensive. It sure is a lot different than managing people coming from point A to point B. I was out of state. I was down in Florida. Down in Florida, it's difficult to find a Lyft or an Uber driver because so many people are staying home. Why would I bother working when I'm making so much money on unemployment right now? Why would they? [00:05:00]I'm not sure I could particularly blame them for not wanting to work. So Uber and Lyft are now saying, wait a minute. I got go find drivers. I'm going to have people that are going to deliver food that is going to take passengers from point A to point B. That's what they should be focusing on. Isn't it. Making sure the drivers safe. Making sure the passenger safe. I'm not talking about these lockdown-type restrictions. I'm talking about physically safe because we've seen people attacked before. What happens if they're in a car accident? Do we have contact information for the passenger? Do we know they're in a car accident? Can we reasonably get an ambulance there, get treatment, get the police, whatever needs to happen. There's a lot of things you have to worry about—background checks for the drivers. Maybe background checks for the passengers. You've got to collect the money. Maybe you want to put in an override system where people who refer another Lyft driver are going to be able to get a bit of an override on them, make a few extra bucks, make it worth their while to refer driver. [00:06:04]Then you've got all of the streets, the street maps in every city, in every town. How far should you be going as a business like Uber or Lyft? Is your business mapping. Is your business autonomous vehicles? No, of course not. So I think they're smart in getting out of this business, but I want to mention a couple of things about why I think they got in the business in the first place. [00:06:31] GM and Ford probably Chryslers have said that they are thinking the vehicle of the future isn't going to be something you buy. You're not going to go out and buy a car because they're looking at it and saying, let me see, what do you want? I want to get to the train station in the morning, or I want to get to work in the morning, or I might want to have some food delivered to me, or I might want to run to the grocery store. First of all, grocery stores and food delivery can both be done by Uber or Lyft, but getting you from A to B. [00:07:08] They're looking and saying we make the cars, we make the autonomous systems. Why don't we provide vehicles when people need them? So it can take your kid to school in the morning. It can go in five different directions. Cause you're going to have five different cars. Maybe you need five cars this morning cause you've got four kids, and you and your wife and you're all going different places. Here come the cars. They're all scheduled the day before, the week before. However you do it. On Tuesday, all of the cars show up. They take you to where you want to go. That's the business model that the major car manufacturers are looking at. I think it makes a lot of sense. [00:07:51] You don't necessarily need a pickup truck all the time, but I sure need one when I gotta get those sheets of plywood and go here, go there, do things. Frankly, Home Depot and Lowe's are both looking at it, saying we have rental trucks. Maybe they will have some of these in their fleet. Maybe autonomous, maybe not autonomous, but that's how they're looking at it. They don't think you're going to buy a car. [00:08:15] I don't know if you saw the test Cadillac did down in New York City, of course, this was before the lockdown as well. Cadillac had put together this plan, where for now, what was it? $1,500 a month. I think give or take. You could drive a brand new Cadillac, and you'd have that Cadillac for a month. You could, of course keep it for longer, or you could just pay them more. But the idea was why Cadillac buy? Why even go through all of the trouble leasing. Effectively, what you're doing is renting it like you might rent a car from Hertz. [00:08:51]In the future, they don't even think you're going to do that. It's Hey, I want a black car to pick me up from one, two, three wall street and take me to park Avenue, that I think makes a lot of sense. [00:09:03] So Uber and Lyft are both looking at this plan and saying, Whoa, Wait a minute here. What's going to happen when GM and Ford both decide that they are actually in the getting people from point A to point B business. Now, they are stepping on Lyft and Uber's toes in a very big way. I think that's why they decided to get into the autonomous vehicle business. Both of them have gotten. Out of it now. [00:09:37] Lyft sold as a self-driving division to a subsidiary of Toyota called Woven Planet for half a billion dollars. Part of the reason for that, I'm sure, is it takes a lot of money to compete in the self-driving area. [00:09:53]Frankly, if Uber and Lyft can really focus on their core business, not mess around with all this other stuff. They might be able to beat GM Ford, Chrysler, et cetera at this game. [00:10:07] Uber, who was Lyft's main competitor, sold its self-driving business to a startup called Aurora back in December last year. Both of them had been working on these projects for four or five, six years; obviously things are going to change. [00:10:28] The self-driving vehicles are going to be on the roads starting next year. Ish. Ford's made some announcements, so has GM. We'll see ultimately what happens. Waymo, which is Google, of course, alphabet has a small taxi service in the Phoenix area. Nobody else is operating full driverless taxi services in the US yet. [00:10:54]Congratulations to Lyft and Uber for getting out of the self-driving business that not their business. [00:11:01] We see that more and more ransomware, not only is it way up but some police departments have gotten hit with it. [00:11:09] So, we'll tell you what's happening there. You're listening to Craig Peterson. It has been going up and up and hurting more and more people. In this case, we're going to talk about a police department. There's a briefing that the Boston field office of the FBI's giving on ransomware. If you are an infra guard member, FBI Infragard, I ran their training for a couple of years. [00:11:34] They've got another training. Coming up on ransomware and what's been happening out of the Boston field office, which covers all of New England. And I discovered and disclosed a huge hack. And it was the biggest one that the Boston field office said that they'd seen it. It was just absolutely incredible. [00:11:57] What had happened and businesses are just not. Paying attention. They're not paying attention; it isn't just businesses. It's also municipalities. It's counties, its state government, and it's the federal government of all of those. I got to say the federal government is trying the hardest, I think, to pay attention to the problem besides cybersecurity; of course, they take more money from us. [00:12:22] So they and Lee should have a better budget to do it with right. But there's a great little article this week in the newsletter. We usually get that on hold on Sunday morning, but this is by Dan Gordon. Over at ARS Technica. They will always have some great stuff, but some ransomware, bad guys have sand What they're calling stunning ultimatum to Washington. [00:12:50] DC's Metro Politan police department. The police department that handled the massive insurrection on January 6th. He said with his tongue firmly in his cheek, the guys that really know what they're doing down there, Washington DC. Ah, boy. So here's the ultimatum. Pay these ransomware guys $50 million, or they'll leak the identities of confidential informants to street gangs though, this group is called Bulk Locker, at least that's what they call themselves. [00:13:29] And they said on Monday that it had obtained 250 gigabytes worth of sensitive data after hacking. The metropolitan police department. Yeah, Washington DCS, metropolitan police department network. And this Babych site over on the dark web. When you go, there has dozens of images of what appeared to be legitimate, sensitive MPD. [00:13:58] Documents now these have been slightly blocked out so that people don't know what's going on. Exactly. So they've been It's anonymized. Let me put it that way, but it looks like these legit. I'm looking at some of them right now on the ARS Technica site. One screenshot shows a windows directory called disciplinary files. [00:14:24] Each of the 28 files shown lists a name and a check of four of the name shows. They all belong to Washington DC, metropolitan police department, officer's disciplinary actions, and looking at the dates on these files, they are from, they've all been modified anyways, within less well about the last year. [00:14:50] Give or take a little bit less. So that was just the first page of them, by the way. It looks like kids, the officers whose names start with a through E and a few apps, other images that are on, again, this Babych ransomware group's website on the dark web seemed to show persons of interests, names, and photos. [00:15:16] So they, these bad guys put up a screenshot of a folder named gang database, another chief's report lists of arrest and a document listing the name and address of at least one confidential informant. So it's got the date. It was entered, closed. The persons name, position, sex raised. Date of birth, social security number, mailing address, email phone number. [00:15:46] Yeah, the informant. Okay. So they said we advise now there's spelling errors in this. There are grammatical errors in this, which is expected. We advise you to contact us as soon as possible to prevent leakage. This is again on their dark web website. Quote, if no response is received within three days, we will start to contact gangs in order to drain the informant. [00:16:16] In other words, still let the gangs know who the squealers are. Her the informant within the gangs. Now this is classic. This next one. Just absolutely classic Washington. DC's. Public. This is again, metropolitan police departments, public information. Officer Hugh Carreyrou wrote in an email. We are aware of unauthorized access on our server while we determine the full impact and continue to review activity. [00:16:51] We have engaged the FBI to fully investigate this matter. So he didn't answer specific questions about what details, but here's the classic part of this. I bet you dollars per four donuts that they don't have the proper security in place. If you are a city or a County, you have rules which are called CJIS, which is the criminal justice. [00:17:18] I think information system rules for your securing. Of data and it has to do with the networks, how were they cannot be connected and can only be connected in certain ways and what you have to do. And you have to included in all of this log, everything. What do you want to bet they didn't log everything. [00:17:40] So they're calling in the FBI and we've done that too. We've done that when, again, we're not mandated reporters. If we see something suspicious, we call up the client, whether it's a city, a County, a state, a business, a DOD contractor or dentist's office. And we say, we found an indication or multiple usually indications of compromise, which means. [00:18:04] These things make it look like someone got into your systems. We then say this is not what we do here. This is a law enforcement issue, and we think that you should bring in the FBI and then they can talk to the FBI. We can work with the FBI to really figure things out. So the FBI can do the forensic work and make sure they capture everything needed to capture and how needed to be captured, et cetera, et cetera. [00:18:31]It's amazing. What's happening. But they are looking into this. I'm sure the FBI is involved most recently when we've had. Reports where we brought in law enforcement. We worked directly with the FBI, with their data security information, security team, James, and it's just amazing. People were not maintaining good cyber hygiene in this case, Washington DC, metropolitan police department. [00:19:03] Almost certainly. Was hacked by these hackers. They admit the MPD that they, something happened. I bet you, they don't know what happened. They probably broke these CJIS rules that every city, state and town and County has to comply with. It's absolutely amazing. And of course you remember now they've got this dual revenue model when it comes to ransomware. [00:19:32] Pay up now or pay up later, we will extort money from you either way. It's a, it's amazing. Amazing. Apparently this is a Russian group who knows who exactly it is. It's sponsored by the Russian government or not. We really don't know. [00:19:50]Cloud is a sensitive topic with me and it always has been it's hold, it holds a lot. Of promise. And the biggest promise to most businesses was, Hey, use cloud services, it'll save you money. And of course they have used cloud services and in some cases it's saved the money, frankly. [00:20:14] It's rare that it saves them money. It really depends on a lot of things, but if you using a service like Amazon's cloud services, and I'm speaking in generalities here, but it's probably going to cost you more than running your own server. Why do a lot of companies use cloud services? When it comes to general computing. [00:20:35] Now I understand. Why would you use Microsoft's? What does calls Microsoft three 60? It's because Microsoft is going to maintain it. They're going to patch it. I don't have to run a server. I don't have to worry about any of that stuff. Okay. I get that one. How about salesforce.com? I don't use Salesforce. [00:20:54] I use an alternative, but I can see why you'd want to use that. Unfortunately. In both cases, those services have been hacked and the company's data has been stolen. And you got to remember too, that you still bear responsibility for that lost or stolen data, even though you didn't lose or steal it. So keep that in mind, if you are a business now, when you are moving on to what are called containers, the whole world shifts. [00:21:25] Here's what's happening and been happening in computers over the last few years. There's something called containers. When I first heard about containers. I was thinking about these data centers that they put into shipping containers. And so you get a 20 foot or 40 foot shipping container, and all you do is plug in power and internet, and it's often running. [00:21:50] It has racks of computers inside that has all the cooling systems, all the power regulation systems, like while UPS's et cetera, it's got that fans in there to keep the air moving. It's got the tape drives to do the backups, all of this stuff. It's right there. So I that's how I always thought of containers. [00:22:11] That's not the case so much anymore. Those containers still exist. Some of them are used by Microsoft and Amazon still they'll throw containers into different areas, depending on usage. For instance, with the Olympics coming up, you can bet that there will be shipping containers. With huge data centers in them in order to record all of the video and move it around the world, broadcast it, et cetera, that's going to happen. [00:22:41] There's another type of container. And this container has changed the way a lot of businesses do computing. It is just absolutely an amazing technology for someone that's been in this business. Now, since the mid seventies, I got to tell you, this is something that just really came to me out of a little bit out of the left. [00:23:05] Field, because I'd been working with virtual machines since the seventies IBM has had VMs for what, 50 years now that it's not new that concept, but there's something called Kubernetes that is used in the container world. In the idea here. Is rather than having a big machine and that machine has its own operating system. [00:23:30] And on top of that, you're running multiple programs. We've moved into more of a virtual world. So now even Microsoft has gotten into this game instead of having a Microsoft. Server and people trying to run everything on that one server, which Microsoft advises you not to do. If you have an active directory server, it should only be running active directory. [00:23:55] Nothing else. If you have an exchange server, it should only. Be running exchange and nothing else. And the same, thing's true for the other major Microsoft servers. But what a lot of companies have done is they have one piece of hardware. And on that, they've got the one Microsoft server operating system. [00:24:16] And inside that the running exchange and active directory and who knows what else? A whole bunch of other stuff, right? People put QuickBooks on these things, et cetera. Now, nowadays you can get. A virtual machine infrastructure. And this is what we've been using with our clients for 20 years now, more maybe, and there, of course it's advanced over the years. [00:24:42] Now we use a virtual machine infrastructure called VMware. That's absolutely fantastic. Believe me. We've used them. All, and this is what we've settled on for our client, but the idea here is, okay, you buy one piece of hardware and that piece of hardware has a lot of memory, a lot of disc IO available. And you put on the very bottom of this, right on the machine, you run a virtual machine controller, basically. [00:25:10] So something like VMware and then that VMware can run multiple operating systems simultaneously. So on that one piece of hardware, you could be running an exchange server, a whole thing. So you've got Microsoft server running and then on top of that, you've got exchange and then you have another. [00:25:29] Microsoft server running. And on top of that, you have active directory and then you have another Microsoft server and you have something else around top of that one. And maybe you have a Linux server with something else on it. And another Linux server was something else on it. And with VMware, you can also set up virtual networks inside this machine. [00:25:47] It's just absolutely incredible. So that's something I think most people understand. And if you're an it professional, you've probably worked with that before. Coobernetti's. Brings it to an entirely different level. And what's happening here. Is that again, we're using a virtual machine infrastructure, but the idea is each one of these machines, instead of running this huge Microsoft server software. [00:26:17] So you got server version, whatever. And that server is software from Microsoft is using up a ton of resources because it's Microsoft and it's not very efficient. And might be causing you some headaches and some problems. There's all kinds of things we could talk about here, but the incentive doing all of that, maybe what you want is a web server. [00:26:40] And maybe you want to tie the web server into some sort of a database. And that database is taking information from your front-end ordering system, which could be, who knows what, again, it could be a API to salesforce.com. It could be something else that you're using. You, again, name it. There's so many business management systems that could be tied into a lot of ERP stuff, et cetera. [00:27:06] So instead of having running a big pig line, Microsoft exchange or Microsoft server, and then exchange on top of it or heaven forbid, you're running a Microsoft, a web server, which is in incredibly I would never do that personally. But you want to run a patch, et cetera. What you do is you use Kubernetes and it creates a small machine that does one thing and does one thing. [00:27:34]And it's well tuned to do that one thing. And then you can tie these together. So on one machine, you can even do this on a workstation on that one workstation, you could have 20, 30, 40 machines, right? Each one of which is dedicated to one task. So one might be doing the web service and another one might be handling your database. [00:27:57] Another one might be handling the API calls and it's all pushing data back and forth whole new world. Unfortunately there are security problems. So if you are using this stuff, make sure you spend some time considering the security, because Kubernetes is entirely API driven, which means application programming interface. [00:28:19]I keep an eye open for that. Use a virtual private cloud instead of on the open internet. [00:28:24]If you have a laptop and you've probably noticed a few things, first of all, that battery life. [00:28:31] Okay. It's not like it was when it was new, his head, somehow those batteries do wear down. It's much better than it used to be. The nightcap ads and the nickel metal hydride ads. And now we've got various types of lithium batteries based on a few different technologies. There's going to be more stuff coming out. [00:28:53] And I had a laptop, it was an Apple laptop, a Mac book pro. And on the bottom of it, it had four little legs, just little ones, a little rubber things. So it's a standoff. And one day I noticed that my laptop was teetering. Balanced in the middle. And I had a bit of a closer look and I could tell, wait a minute, and how this laptop is swollen in the middle. [00:29:17] Now I knew exactly what had happened that battery inside had gone bad. So number one, I've got a one you guys with a lithium ion battery, if it starts to swell, and this is true for most batteries, but it's. Particularly nasty with lithium ion. If that battery begins to swell, what can end up happening is it will short itself out internally. [00:29:48] Have you ever had that happen? You might be working on a car and you're right there and buy the battery and you put a wrench across the terminal somehow or between the starter. Hot side on the cars engine and the block, and, off it goes, there's a lot of power in that car battery, and there is a lot of power in these lithium-ion batteries. [00:30:11] They make these hacks now that you can use to jumpstart cars, even small trucks with a little lithium-ion pack. So what happens is. As the swell up in your laptop or your phone, et cetera, we've seen this problem with every manufacturer of cell phones. As they start to swell up, they can and do short out. [00:30:36] So think about how much power is in that battery, even an older battery, because it can provide your laptop with as much power as it needs. Four hours. And if you're lucky enough to have a brand new laptop with one of these great Apple chips in them that uses very little power, man, you can go better than a day on one charge easily. [00:31:02] Unless you're like doing heavy graphics, et cetera, et cetera, but that's always been true. So I took my Mac book in and they replaced the battery, no charge. It was still under AppleCare, which I suggest people get. It's just makes life easy. You can always get the support you need and they'll fix things, replace them. [00:31:23]That's the first step I had to mention that right out of the shoot, because it is very common with laptops to have that happen. I even had it happen with my little what's it called a little, my fi device, which hooks up. To the cell phone data network and then provides wifi to my laptop or other devices. [00:31:46] And I noticed the battery pack compartment cover was swollen. So I took it off and sure enough, the battery was swollen. I just ordered a new one and. Properly disposed of the old lithium-ion battery. Cause again, it can cause fires right now. I think there's a recall out on some of those mi-fi devices because of the battery. [00:32:09] So that's a serious problem. You can start your laptop on fire or you phone could start on fire with any of these newer devices. If it starts to swell, if it warps the case warps, then it's not because you're sitting on it. You can indeed cause of fire so we can have, and if you are sitting on it, you might cause of fire because if you bend that battery in the wrong place, you're in trouble. [00:32:32] There was an episode of MythBusters where they took a lithium-ion battery. And they put it in a trash truck. Now they made this a worst case scenario. They actually built a wedge into the back of the trash truck that compresses all of the trash. It's got that big hydraulic Jack and pulls it and compresses it. [00:32:53] So they put the battery with this wedge right in the center of the battery so that when the truck compressed it. The battery would get bent. So they bent that battery. Fair enough. The whole trash truck caught on fire, and we've seen that happen in the real world, too, where the whole trash talk truck catches on fire and it can be caused by lithium-ion battery. [00:33:16] So be very careful with them and be careful of how you dispose of them. So let's get into some. Other things that you probably want to pay some attention to. First of all, there are a couple of programs you might want to have. Look at first off is Microsoft safety scanner, and they've got a. Page online, you can find it out@docs.microsoft.com. [00:33:45] As in documents, docs.microsoft.com. It's called Microsoft safety scan, or they have a 32 bit version on a 64 bit version, depending on which version of windows you have, what you're running, but it goes all the way back to windows seven. It handles the windows servers versions, and all you have to do is download it and open it. [00:34:09] Tell it, what kind of scan you want to have run and it will go. It has just the one executable file that you can delete if you want to. It writes out its own little log file that you can look at. So that's the things you might want to look at. Microsoft safety. Scanner. And you can find that a docs doc s.microsoft.com. [00:34:32] The next thing you might want to look at, either on a Mac or on a PC windows is Malwarebytes. And I've used this many times. Neither one of these by the way, is a panacea. Neither one of these is going to find everything or fix any everything. But malware bikes is. Quite good. And it's something you should consider. [00:34:56] Now we have packages of software. We do not include Malwarebytes because we have some better stuff, but it's a very quick and easy way to do a light scan. Very fast and you can do a few things. So that's the first thing you might, I want to look at. If your computer is sluggish and unresponsive, it's slowing down, it doesn't necessarily mean it's old. [00:35:22] It might mean you have too much software that you've installed on it. So check your system. To see what is running on it and see if the stuff in the background, see if the stuff that you might want to remove, but it could also be a sign that a hacker has broken into your machine. And they're doing things like mining for crypto currency or using your machine as a launch pad for attacks against other people. [00:35:51] Okay. So start with a thorough malware scan again on windows. They do have a pretty good little program that you can use that comes with windows, but first off, open the task manager. So you get that by clicking. Right down in the bottom left and the task bar and just type task manager, run it. See what happens, Mac Oh, S you're going to search for it with spotlight and it's called the activity monitor and you'll see all of these active programs next up. [00:36:23] Persistent error messages. And this is something you can find over at popular science, this little article, obviously I'm adding my own little tips as we go through, but you might find it interesting in you'll also find it in this week's newsletter. That'll come out tomorrow. So make sure in order to get the newsletter, you sign up at Craig peterson.com/subscribe. [00:36:45] So you'll get a link to this article that goes through all of these things. Computers, they often get error messages. Some of them are really hard to figure out. Many of them are just related to one program and the that's usually pretty easy just remove or uninstalled that program. And re-install it again. [00:37:07] Some of these error messages are hard to figure out you can go and search for them. Now, I do not recommend Google for most searches, but and I use duck go, but what you might want to do here is use Google type in the exact error message that you're getting and see if they've got a result now. [00:37:30] Macko Wes. Aye. Aye. Aye, man. It's so rare that you have to re-install Mac last, but you might have to, but windows, the default is Hey or back up and re-install okay. That should fix most of the error messages right there. Cause windows is a mess. If you've got pop-ups on your screen asking, let's say to make changes to settings, make changes for things. [00:37:57] Be careful. These different types of infections can disable features. They might change your homepage on your browser reset your default search engine. I got an email from a listener this week, talking about that, and it just keeps to keep getting reset back to Google. Tumbled check your extensions in your browser. [00:38:18] It might just be the browser itself can also be viruses can also be a hack, but roll back the changes, any changes that you've made, puts your browsers homepage back to the original one. Make sure you run again. The built-in tools. They're on windows. Web pop-ups same type of thing. Find a list of browser extensions you've installed. [00:38:45] So if you're using Chrome, they sit under the more tools entry, have a look at those. See if there's any that it re recommends that you remove and then do it, or just go ahead and remove them all and see if your pop-up problem goes away. There's also the problem of strange noises. And this can be a problem that only the owner of the computer really notices because you're used to what the computer should sound like. [00:39:16] If you start getting strange noises, have a checked out right away because those noises could be a fan and that fan could be keeping your central processing unit. Cool. And if that CPU fan. Goes, you could have a very expensive repair on your hand. So keep an eye out. It could be your hard desk. It could be a fan. [00:39:40] There's a few different moving components in, but keep an ear out for those types of sounds that you're not used to hearing from your computer. [00:39:51]Ransomware has been a huge problem for years now. [00:39:56] And of course now we've got the whole double whammy where if you don't pay the ransom, then they come after you threatening to release your data. Just like what happened with that police department? I was talking about in the last hour. We've seen according to some statistics I've been reading, including some FBI stuff about a 300% increase in ransomware in just the last year. [00:40:24] And we have. Also seen a doubling of how much it costs. If you do get hit with ransomware. Now, this is a pretty big deal. And of course these are big numbers and the doubling in cost has nothing to do with inflation. Okay, guys, this is not the sign of inflation. But it is driving up. The value of Bitcoin is people are fleeing to it concerned about the dollar and other currencies. [00:40:53] We now have a tripling of ransomware payments and ransomware payments are almost always made in Bitcoin. What does it do when you have a scarce, commodity and money chasing it while the value, the price of something goes up. And so just like it, wasn't near the beginning. Ransomware has really been driving the price of Bitcoin. [00:41:19] I'm not going to say value just because I'm not sure it's value that we're really talking about here, but certainly the price. According to Sofos the. Average total cost to recover from a ransomware attack has more than doubled. Now this is what we're talking about here, businesses. So over the last year, it was on average, about $760,000 for a business to recover from ransomware. [00:41:48] Now, Nancy, if you could afford the $760,000 loss and we'll get into what. Numbers compose. You add them all up to get that $760,000. But if you are a small enough business that's not something you can even consider doing, odds are good. You will be out of business within months and most smaller businesses just close their door within a week of getting ransomware. [00:42:19] It's really that bad because there's a lot involved. So last year, about a year ago, it was $761,106 on average. Okay. So now the average cost total for recovering from a ransomware attack is about $1.85 million. Now we're talking about the total cost of recovery. We're not talking about the ransom paid right now on average is about $170,000. [00:42:56] Again. Can you afford a $170,000 payout? I would say of the small businesses in the world, basically under 20 employees. The answer to that is probably not, but wait, there's more. All right. This is from, Sofo says new survey, the state of ransom 2021, apparently only 8% of organizations managed to get back all of their data. [00:43:28] After paying a ransom 8%, about five years ago, it was about 50% of organizations that got ransomware. Got, got it back. But now. 8%, only 8% managed to get all the data back. Now that's going to cover not just businesses, but that's going to cover you as an individual as well. If you're a small dentist office, this is going to nail you. [00:43:52] And I got to say, just having a backup. Most cases is not good enough because of the double whammy, but also because of the fact that most businesses are not doing backups properly. And we could talk about that. I'm going to include that in one of the courses coming up about backups, a three, two, one method, and the best ways to make sure you do have a good backup. [00:44:18] So 8% got all of their data back after paying the ransom and 29% received no more than half of their data. So it has gotten a lot worse. So these were 5,400. It. Decision makers in the information technology, business mid-size organizations, hence the amount of money involved or right. All the way across Europe, the America is everywhere really worldwide. [00:44:50] And it found also that the number of organizations that experienced a ransomware attack fell. Now that was interesting at one from 51% of organizations that had knitted in 2020 that they had a ransomware attack. And I added the word admitted in there, right? That wasn't in the original survey results, but admitted because I know most businesses don't admit it and they say it fell from 51% of these organizations had a ransomware attack in 20, 20 and 37% in 2021. [00:45:28] And few organizations suffered data encryption because of a significant attack. Now that's interesting because interesting when we're talking about significant attacks versus non-significant attacks, do you draw the line? But this Sofo study was focused on the moment, significant attack. [00:45:49] These various organizations had. So folks researchers are saying that the impact of a ransomware attack is now more damaging and costly, even though there is a decline in overall attacks. We've talked about that before here on the show where we mentioned quite clearly that the ransomware guys are getting more laser focused on their targets. [00:46:17] They're going after mostly targets with money. Now, there's still those ransomware people out there that are just opportunist. So you made the mistake of downloading some software of installing something and they just took advantage of you. So that's still going to be happening, but. When we're talking about bigger organizations, when we're talking about government agencies, County offices, city offices, and look at what's happened to Atlanta. [00:46:43] What three times now, I think they've been knocked off the air with ransomware, Washington DC. In the last hour, we were just talking about their metropolitan police department. They're attacking these organizations that can't afford to pay, and they know that they can pay. And if they don't, then they hold it over their heads. [00:47:05] So I've got this article in this week's newsletter comes out Sunday morning, usually. And it depends on when Karen and I can get it all together. So apologize for the last couple of weeks. Cause I was off at a retreat and just really couldn't handle any of that stuff. But. It really is an increase in these complex targeted attacks much higher. [00:47:31] And you'll find this article as well as all of the others. Of course, in my newsletter. If you don't get the newsletter right now, make sure you just take a minute and sign up because there's information for you as an employee in a business for you as a business owner, there's information in there for. [00:47:49] Home users as well, because almost everything we talk about when it comes to businesses also applies to home users. Now I'm going to be doing something different in the weeks to come. I'm hoping to start this next week. We'll see how the week kind of fleshes out. But the idea for this next week is I am going to start doing real releasing soon, but putting together the short training segments. [00:48:18] And each one of them is going to be on a very narrow topic because most people, they want five to seven minutes worth of content. So I'm going to get very narrow. So for instance, if we're talking about backups, I'm going to get really narrow on one part of backups and I'm going to post them everywhere because we've got to get more people following the podcast. [00:48:42] I am also, you might've noticed. Putting the podcast together as a one hour, we'll access closer to about 80 minutes podcast every week. And it is going up on my YouTube channel. So you'll find it on YouTube. You'll find it on my Facebook page. I have a Craig Peterson group over there on Facebook. I'm also putting up on LinkedIn. [00:49:04] It's going in my Craig Peters on Twitter channel. It's going up all over the place. And the idea here is to help you guys understand things better. This is for everyone and everyone, then I'm going to start doing something else as well. And that is all of these little. Classes, I guess you might call them that I've been holding. [00:49:28] And really, I haven't done anything since March of last year for some of these classes. I've done courses, trainings, but these classes, what I want to do for you guys is if you're online email list, I'll tell you what the next class is about. So for instance, backups, I'd say, and then if you give me a great question, something. [00:49:51] That you want to learn about backups, then I'm going to give you access to that class for absolutely nothing. All right. So I'll use your questions to help put it together. So I'm coming from the right angle. I will then record it. I'm going to put it up on my navigating cybersecurity website for you guys. [00:50:12] I'll send you a link to it and you can, at that time, Point watch it, which is really cool. So you'll have access to that class for a few weeks, couple of weeks. I'm not sure how we're going to work that out yet, but yeah. [00:50:26]One of the big pieces of news that's been out there lately has been the migration away from Intel. We've seen. Our friends at Microsoft move away from Intel with some of their surface tablets. And for years they've been having various versions of windows that run on non-Intel hardware. I helped to way back in the day. [00:50:51] Get windows running on a DEC alpha chip. You might, if you're a total geek, you might remember that. And I was in the team that was working on some of the kernel stuff for it. And what we ended up with is a 64 bit very fast chip that deck had created. And I think. That Oracle ended up with some of that technology and then they also bought sun for some of their hard work technology. [00:51:20] But anyhow, it was an incredibly fast chip. I have one, if you look closely on, in my background on the videos, you might see it sitting on when one of the little cubbies behind me, one of these little outfit, chips, they were just absolutely amazing. Great job. Anyhow, DEC digital equipment corporation is no more. [00:51:42] However, some of the technology that I worked on back then, some of these, what we call risk architectures, where I worked on the kernel, various types of Unix kernels back then. B, this is before Linux. Even these chip sets were designed to be inexpensive, to manufacture and very fast and very easy to use and integrate as well from a hardware standpoint. [00:52:09] And when Apple came out with its iPhone, they of course used a non-Intel chip for the main processor. And it's a, an Apple chip quote, unquote, based on one of these more or less generic designed. So Apple licensed the core design of the chip and was able to take it and continually improve it. Apple has now released various devices. [00:52:38] There's an iMac, which they, these things are so cool that you can't buy the latest ones. You all, you might be able to about time you're listening, but they're all different colors. It's a flash back to the old days before Johnny Ives took over in some of the hardware designs, but they've got the new IMAX. [00:52:57] They've got the Mac box. They have a Mac mini like I have right in front of me right here. It is based on apples am one chip and it is a screamer. It is very fast. And it's, I think it was about 100 bucks, maybe a little bit less then the Intel box. So you can get a Mac mini Intel for a hundred and change dollars more than an Apple based chip set. [00:53:29] And it's faster, which is just amazing. So it has the main chorusy beause. It has also of course, a GPU's that are built into it. It's very neat. Apparently this Japanese publication called the Nikkei claims that the next generation of Apple's custom designed silicone chips for Mac that are dubbed the M two. [00:53:53] Entered production this month and how that is fast. They barely released the . So what that might suggest is the new max could be announced at Apple's developer conference on. June seven, at least that's when that conference start. And the sources are saying that this new chip will eventually be used in other Macs and Apple products, besides the Mac books, that M one is also destined to end up in various types of eye pads, et cetera. [00:54:26] And it's bringing more and more rumors to the front. Then the, I F our iOS apps will run natively on all of these Macs and vice versa. You can run Mac software on the iPad. You can't do all of this yet. Okay. But some of it is almost certainly going to be coming. Now, I had a conversation. With an Intel exec. [00:54:54] This was a number of years ago and I was teasing her because she worked for Intel. And she was all puffing up about how great Intel was. And I pointed out, Hey, I remember the early days in Intel, Intel was a memory company. And if it hadn't been for IBM looking for cheap, not particularly good processor, Intel probably wouldn't be where they are. [00:55:19] Today. Oh, certainly they wouldn't be. And I also pointed out how Intel was now AMD compatible MD of course, advanced micro devices and historically AMD and other chip makers made sure their chips were completely compatible with the Intel chip sets. But what we ha, what we ended up with is Intel lagging behind on 64 bit technology. [00:55:48] And because of that AMD one up them AMD came up with some really great 64 bit extensions to this Intel instruction set and. Intel came out with AMT compatible instructions. I thought that was just hilarious. And she was pretty happy about it, but she admitted. Yeah, you're right. Now we've got a very interesting problem. [00:56:16] We've had China growing its presence in the South China sea, the South China sea is not part of China. There are various countries, the border that are in it, et cetera. And China has been building islands in the South China sea. So they can then claim up 200 mile territorial limit around those islands as well. [00:56:43] They want control of it, but I can tell you what they're really after. And this is what's very scary. And there have been a lot of military analysis, people who have been looking at this and trying to decide what to do, and that is Taiwan. Taiwan is according to mainland China. And of course the communist party of China, which is more fascist than communists, socialist party in China it is a part of China. [00:57:12] And it's just one of these, you have a state that kind of rebels. And so they're going to pull them back in and they've been flying over. China has been flying over time when these air space to make their point. Unfortunately, I don't know how this government's going to respond, that the current administration has been challenged, left, and center by some of these more major powers around the world. And the president Trump was hardly challenged at all. And I think that says something, but here's why they really want Taiwan. It's the technology. And China's had a very hard time with trying to get their chip fabs. In other words, these fabrication plants that make the silicone that make the chips that we use in our devices. [00:58:05] We have some ability to do it still here in the U S but not much. And the goal then. W, what do you want to call it? The centerpiece the prize of right now of all manufacturing is five nanometre design. You might have heard of that before Intel is having troubles with some of this, but it's incredible. [00:58:27] And Apple's doing a good job with it. While Taiwan semiconductor manufacturing provides. This five nanometre design technology for making chips to Apple and many others. So if China can get its hands on Taiwan, which are really wants, they are going to be able to manufacture. Chips that we don't want them to have and have a real leg up. [00:58:56] So man, we may get into a Kinnetic war over Taiwan. And now, you know why, Hey, if you're not on my email list, make sure you get on that newsletter right away. [00:59:08]Emotet is a huge problem. At least. It was a huge problem. It turns out that this bot was able to harvest 4.3 million email addresses. Now that's not a ton of email addresses in today's language because there are billions of email addresses floating around there in the dark web. [00:59:34] But Emotet was used. As a basis for ransomware and spreading ransomware. And it was really nasty stuff. AML tech would get onto your machine. And once it was on the machine, it would start trying to brute force, crack your passwords on your machine. It would try and spread to other machines on your network. [00:59:57] So in a. Business, of course, that means all of the other machines in the business might well get attacked by maybe even compromised by a motet. Same thing is true in your home and the machines that you had at home you're using for the office while they could get cross infected from your kid's machine and all your kid had to do, or you had to do is open a piece of email because amyloid pet also distributed the ransomware via. [01:00:27] Email fishing. It was sending malware field spam to all of the email addresses. They could get their hands on. This is what your all Paul said was the world most dangerous bot met and been plaguing. The internet, as I mentioned is 2014. A bot net is where someone typically a bad guy has taken control of a number of computers. [01:00:57] So they took control of your your home computer, right? Some windows, computer, whatever it might be. And now they installed a command and control system on it so that they could command your computer to do things for them. Nowadays, you might see botnets being used to mine cryptocurrency. So your machine gets really slow. [01:01:21] Like I mentioned, in the first time or today about problems you might be having with your laptop, much the same applies guys to your mobile devices, to your smartphones as well. And particularly the Android has been hit very hard by some of this stuff. Again, Apple's able to keep up on it and we've discussed this enough times in the past. [01:01:41] But what's happened here now is they have been able to stop it. Yeah. In January, this year, law enforcement in the Netherlands was able to take control of key domains. Again, ammo tat is a bot net among other things. And as a bot net, it had command and control. So it has servers. So it needed to contact the servers to see what to do. [01:02:12] Hey, do you want me to send email? Who do you want me to send it to? Oh, here's this stuff that I've discovered on this machine. And it sends it all to those servers. So the Netherlands were able to get them. And Germany's federal police agency, the BK, a did some very clever reverse engineering. They looked at the emo type software. [01:02:35] And they found some interesting things. One of them by the way, was that there was an uninstaller routine built right into AMETEK, which kind of surprised me and many other people, but the German please went through and looked at it thoroughly. If a machine had ammo tat on it, how could we get rid of it now that we have control of the command and control servers? [01:03:05] So they found this remove routine and that this command that was built into it. And they also found that. Ammo Ted software could self update. I wish most programs would do a self update. Nowadays you see some of the Microsoft software or we'll go ahead and update itself. Firefox does that Google opera? [01:03:30] Most of the, all of the chromium based browsers will say update, but this is malware that would self update. Okay. They found that since they had control of the command and control servers, and because Emotet could self update, they made a version of Emotet that would be pushed out to any infected machine, any machine that called home. [01:03:58] And once it called home, they would send this version out. Now they, of course they muted it to you might a virus for a vaccine, but they muted that AMETEK virus. And it was no longer sending out the phishing attacks, et cetera, but it was still setting on everyone's machines because the thinking was, we want to get rid of this Trojan software everywhere at once. [01:04:25] Just. Bam all at once. And so they put a date into the code that they pushed out saying on this day, at this time course, UTC. Go ahead and remove yourself from the machines. That is incredible. They were able to figure this out or what was happening get emo tap from its base, which is to conduct brute force attacks on accounts, trying to crack passwords, gain access to secure data, send all of that information. [01:05:01] Out use it as a botnet to also attack other machines and send emails. It just incredible as well, of course has encrypt files and demand ransoms to something that just last week removed itself from any machines, it was on. Absolutely amazing. The FBI collected the email addresses from these AMETEK servers, following this takedown in January, where again, the Netherlands had control of the servers and it's just absolutely amazing here because they were able to take it down worldwide. [01:05:44] Very dangerous botnet, but once they had those email addresses, they gave them to our friend Troy hunt. Do you remember him? We've talked about him before and it's something I emphasize in most of my courses because Troy hunt has a website called have I been poned. And they gave these email addresses the 4.3 million that they got from Emma and to Troy hunt. [01:06:14] And he has included them in. Have I been poned now, if you were part of this breach by Emotet and do you registered on, have I been poned.com you now should have already received an email from Troy. So it's important that you do a couple of things. One, make sure you check your email addresses at, have I been poned.com? [01:06:42] Poned dispelled P w N E D. It's. P O w N E D I, he might actually have it both ways. Let me just have a quick look as we're talking. How have I being, if I say P O w N E d.com, will it no. Okay. There is no such thing which makes sense. It's have I been poned as in P w N E d.com. Check your. Email addresses. [01:07:10] See if they're there and register for this service. This is a free service. There are a lot of companies that are using it. Mozilla uses it with Firefox to see if your passwords might have been compromised. They've got 11 billion poned accounts. There at, have I been poned this guy knows the stuff. Okay. [01:07:31] And it's been, this particular one has been tagged sensitive. You can find out more about that@havebeenponedbot.com, but make sure you do that right now, as you're sitting here listening to me because it's very. Very sensitive information important for you to know. And if you have been powned and it's a business email address, make sure you let your it people know. [01:07:58]I was fascinated to chat with this guy from Ireland. He had course of pretty heavy accent. He's been living in San Francisco for years, but about the only word that he said that was Americanized was for, he didn't say it like you'd expect someone with a heavy Irish accent to say it quite that way. Then, I am really into accents and placing them. [01:08:24] And I've pretty much gotten rid of my accent. Some people still pick up a little bit of it, but I was educated in French schools up in Quebec. So there's bound to be a little bit of it left. So I like to listen for those things. And in talking to him, he said that Ireland changed because of wifi. And I had to think about that. [01:08:48] And he said, yeah, my, my parents, because of what they're just always on the news. And they're just totally freaked out about everything all of the time. And they're always were talking about how horrific Donald Trump was, because that's what CNN was telling them. And these other sites that they were going to. [01:09:09] And of course, we've talked many times about. The literal censorship that is happening in much of our media. And these all are arcs out in Silicon Valley and how they're controlling the discussions. But that's not what I want to talk about. He was referring to wifi. He was saying, why is what's changed Ireland, wifi? [01:09:31] And I'm trying to figure out what does he mean? And then I remembered another friend of mine. Who's from Ireland, his name's Dez. And. There's also was continually talking about wifi. And then I finally put two and two together, sometimes a little dense, and tuned to equaled wifi as the internet. So when he was talking about why fi he wasn't really talking about wifi, when I'm thinking about wifi, I'm thinking about why five, five wifi, six, the older protocols, right? G a, some of them, man, it goes way back a, B, G. Anyhow. That's what I think of. I think of the literal in the air, why that choosing radio waves in order to connect right. Beacons and everything else. And maybe that comes from my, having a ham radio background, having an advanced class ham radio license. [01:10:26] I don't know at any rate, why fine is the intranet, at least in his mind. And also apparently the minds of his parents. I sat all of that because I want to talk about space X space. X has already won a battle. You may not even be aware of. You and I, when we have internet, where are we getting it? Most of us get it from the cable company or from the phone company, almost everybody with five G we're hoping mom, maybe the cost will go down and the speeds are going up and we'll be able to get our internet from the phone company. [01:11:12] Just like we have cell service. And that is going to happen in some areas, some communities, but how about all of our rural communities and in Maine, New Hampshire, Vermont, North Dakota, South Dakota, Wyoming, Montana, Idaho. And then all the way down South. Yeah. There is a lot of territory that is not covered well by 5g. [01:11:38] Yeah. Yeah. You see the maps from T-Mobile and from Verizon, but remember maybe you don't know. So I'm like I say, remember, but you have to know that those maps are just based on a mathematical formula. So just because an area is red does not mean that you have coverage there, 5g or otherwise. And you've probably found that before, too. [01:12:04] I know I did. I looked at a coverage map and sure enough, bam right there in the middle of all of that red was my house. And yet I had no cell signal really upset me and the FCC was trying to fix that out. Pitt who the head of the FCC he had he was appointed by president Trump and he had put some rules in place that made those maps are a lot more reasonable. [01:12:36] But we're still talking about the majority of the landmass of the United States, vast majority, not being able to get good 5g signals. So my good, in any, in many cases, so space X has been going after those people. I announced it months ago when it was first available, this beta test they were doing for. [01:13:01] What they call their startling satellite service. Now this is a satellite service, unlike any you've seen before. It isn't putting up a dish for your television and you got to make sure it's aimed in the right direction. And hopefully it's not raining or snowing heavily. Cause you're going to lose your television. [01:13:22]You guys had those types of problems before they happen. All of the time. And then of course you have summer summertime with the green attenuators, those leaves on the trees and other green things that are absorbed some of those radio frequencies. So your satellite dish works better in the winter than it does a summer. [01:13:41]That's why you probably have some leaves or other greenery that's in the way space X has already launched a small, pretty large, frankly a whole set of satellites, broadband satellites, and they call these constellations when you have a whole bunch of them together. And then in 2018 space X got FCC approval to launch. [01:14:06] 4,400 satellites and that permission and that license specifies. Okay. You have to be so far from the earth. It was about 1100 kilometers to 1300 kilometers above the earth. And then the FCC gave space X permission to use a lower altitude for more than 50. 1800 of those satellites. Now the idea behind this is the closer the satellites can be to the ground. [01:14:37] The last distance, the signal has to travel. So some of the problems people have been having not enough bandwidth, maybe although the majority of them are reporting a hundred megabits down, which is just incredible and also the delay. And that gets to be a problem. When you're speaking to someone, you got a hundred milliseconds up a hundred milliseconds down that is noticeable when you're in the middle of a conversation. [01:15:06] So the space X guys went ahead and petition the FCC again, and they got an order that granted space X is additional license change requests. So the altitude for all 3000 ish of the satellites. Can now drop their orbit basically in half in about the 550 kilometer range that is going to be. Huge. [01:15:37] Absolutely huge. And obviously opposition from all of their the companies competing against them via S sat, Hughes, dish network, one web, and Amazon has another one called and they are all saying you can't do that. It's just not fair. But this is fantastic here because it corner the FCC statement. [01:16:01] They said, based on our review, we agree with space X, that the modification will improve the experience for users of the space X service, including in often underserved polar regions. We conclude that the lower elevation angle of its earth station antennas and lower altitude of its satellites enables a better user experience by improving speeds. [01:16:26] And latency not, I don't want to go into a whole lot of detail, but man, Oh man, this is huge. Now you may not be aware of it, but part of your telephone bill, some of those fees and taxes that are in that bill have been going into a pot. As though the federal government ever actually saves money, it's a lockbox that doesn't really exist. And there are about, I think it was 16. Billion dollars sitting there in this lockbox. So space X has gone after that money as well. And they've received the majority of that money. I can't
Jesse Trucks is the Minister of Magic at Splunk, where he consults on security and compliance program designs and develops Splunk architectures for security use cases, among other things. He brings more than 20 years of experience in tech to this role, having previously worked as director of security and compliance at Peak Hosting, a staff member at freenode, a cybersecurity engineer at Oak Ridge National Laboratory, and a systems engineer at D.E. Shaw Research, among several other positions. Of course, Jesse is also the host of Meanwhile in Security, the podcast about better cloud security you're about to listen to.Show Notes:Links:Information Security Compliance: Which regulations relate to me: https://www.tcdi.com/information-security-compliance-which-regulations/ TranscriptJesse: Welcome to Meanwhile in Security where I, your host Jesse Trucks, guides you to better security in the cloud.Announcer: If your mean time to WTF for a security alert is more than a minute, it's time to look at Lacework. Lacework will help you get your security act together for everything from compliance service configurations to container app relationships, all without the need for PhDs in AWS to write the rules. If you're building a secure business on AWS with compliance requirements, you don't really have time to choose between antivirus or firewall companies to help you secure your stack. That's why Lacework is built from the ground up for the cloud: Low effort, high visibility, and detection. To learn more, visit lacework.com.Jesse: Compliance requirements are everywhere. I've been on both sides of the table for dozens of audits, and I've even worked on commercial building fire code compliance for data centers and even a school. Whatever your industry, there are compliance requirements lurking somewhere in your buildings, your data center, and your clouds. You should know what legal compliance mandates you must meet as well as industry standards or certifications you should meet. You don't have to learn all the intricate details of any of these compliance laws or frameworks, however, you should at least know what the requirements you have and what frameworks you should use.You need to understand more than what your organization does at a high level. You also should know what general activities your organization performs, such as selling things, providing services to a public, or quasi-public entity, or government agencies, or schools, or managing investments or banking. Then go find out your compliance needs. An article called Information Security Compliance: Which regulations relate to me? By TCDI—which appears to be a consulting firm that I neither endorse nor know anything about at all—is a short primer on some common compliance programs that really should prove useful to you.Meanwhile, in the news, SANS cloud security curriculum gaining altitude. Become a SANS cloud ace. SANS and GIAC have the best security training and certifications, and now they've expanded their cloud courses, including some more foundational options non-security people should find valuable. The training is detailed, challenging, and rewarding, and will teach you far more than most other programs including hands-on exercises that are key to learning tech.Introduction to the NIST cybersecurity framework. I like the cybersecurity guidelines and frameworks NIST creates because they are useful and understandable tools for non-security and security people I like. I like this introductory primer to better understand structured security frameworks and to start learning how auditors think. Essentials to consider when choosing a cloud security posture management solution; whether your primary job is security or not, I always advocate for a centralized, simplified automation and standardization of security controls wherever possible. For multi-cloud environments, you can outsource to a cloud security posture management—or CSPM—provider, and this quick read has tips I like on some basics to consider for how to choose your solution.SOC 2 attestation tips for SaaS companies. Everyone should understand the basics of service organization control type two, more commonly known as SOC 2, as it is fundamental to doing business in the cloud. SOC 2 is especially important for SaaS providers because it shows there are certain safeguards for data confidentiality, integrity, and availability, among other things.Enterprises need to change passwords following ClickStudios' Passwordstate attack. Tangentially related to cloud, password managers are great tools as long as they are secure, but if you use this one you need to know two things. First, you have to change all your passwords, and second, you need to search for indicators of compromise—or IOCs—for possible nasty things in your environment.Five objectives for establishing an API-first security strategy. With cloud-native services APIs become an easy target, so you need to know how to design their use securely. I would use these tips in designing a SaaS offering, so you should too. Hackers are exploiting a Pulse Secure Zero-Day to breach orgs around the world. You need to trust your zero trust solution, and if you use Pulse Secure, you need to know what to do about this right now. If you don't use Pulse Secure, you should still understand what happened so you can be prepared for when this happens to you.Announcer: This episode is sponsored by ExtraHop. ExtraHop provides threat detection and response for the Enterprise (not the starship). On-prem security doesn't translate well to cloud or multi-cloud environments, and that's not even counting IoT. ExtraHop automatically discovers everything inside the perimeter, including your cloud workloads and IoT devices, detects these threats up to 35 percent faster, and helps you act immediately. Ask for a free trial of detection and response for AWS today at extrahop.com/trial. That's extrahop.com/trial.Jesse: Man charged with planning to blow up Amazon Web Services data center in Virginia. You should always have your critical services and all of your data in multiple availability zones, and as much as possible spread across multiple regions. Someday, one of these nutters will succeed in disrupting AWS just enough to give you a bad day. Also, it's easy to forget that most people don't know how ‘the cloud' and ‘the internet' actually work. Heck, we barely know how these things work and we're supposed to know this stuff.SalusCare, a health services provider, sues AWS over security response. Sure, anyone can sue anyone for anything, but you need to be careful with your data and even more careful with your customers' data. Does your service agreement and licensing protect and indemnify you from things like this? Even a nuisance lawsuit is costly, so be informed.Risk, the misunderstood discipline. Security and finance people talk about risk constantly and some of us evaluate risk in our daily lives. Yep, I do every day at work and home. You need to understand some fundamentals of risk to know how to make decisions. What are the different roles within cybersecurity? Just like IT is balkanized and specialized, security is just as splintered and confusing. It helps to understand some basic differences in security roles, even if you don't want those jobs for yourself.Review last access information to identify unused ECT, IAM, and Lambda permissions and tighten access to your IAM roles. While the title is a mouthful, it is critical that you routinely and frequently audit your AWS environment to tighten permissions down to only what an account or service must access to do its job. Open permissions you think something needs, then use these methods to see what it doesn't use, and close those down to the minimum required to function.And now for the tip of the week. Always assign permissions to AWS IAM user groups. Never assign permissions to individual users. If a user needs a combination of permissions none of your user groups have in IAM, then create a new group with that combination of permissions, or use multiple existing groups to assign the user the exact set of permissions needed. This is critical for two reasons.First, using groups scales for easier management for when you have more users needing the same permissions; you can quickly end up with lots of users floating about with one-off custom permissions that's more complicated and time-consuming to track and audit. Second, when a project dies or morphs, you can delete or alter the related group permissions to change all the related users at once. In addition, this allows you to work more closely with project teams to roll out security with the new projects. And that's a wrap for the week, folks securely yours, Jesse Trucks.Jesse: Thanks for listening. Please subscribe and rate us on Apple and Google Podcast, Spotify, or wherever you listen to podcasts.Announcer: This has been a HumblePod production. Stay humble.
On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: USA imposes sanctions over SolarWinds campaign Enterprise border devices being attacked everywhere by all and sundry Malvertising is coming back Ultra professional criminal attackers are ascendant All the latest ransomware, supply chain and other infosec news This week’s sponsor interview is with Brian Dye, CEO of Corelight. We speak to him about what he’s calling “Open NDR”. A lot of the big SOCs have settled on their preferred ways of sharing threat information, and Brian drops by to talk all about those trends. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes White House formally blames Russian intelligence service SVR for SolarWinds hack | The Record by Recorded Future CISA, FBI, NSA reveal five enterprise bugs exploited by Russia's APT29 group | The Record by Recorded Future Hackers go after SonicWall email appliances with three zero-days | The Record by Recorded Future Hackers are exploiting a Pulse Secure 0-day to breach orgs around the world | Ars Technica New Cring ransomware deployed via unpatched Fortinet VPNs | The Record by Recorded Future US says APTs are using Fortinet bugs to gain initial access for future attacks | The Record by Recorded Future Nightmare week for security vendors: Now a Trend Micro bug is being exploited in the wild | The Record by Recorded Future Password manager Passwordstate hacked to deploy malware on customer systems | The Record by Recorded Future Codecov discloses 2.5-month-long supply chain attack | The Record by Recorded Future Vulnerability in time-syncing software puts a ton of corporate networks at risk | The Record by Recorded Future NSA says it found new critical vulnerabilities in Microsoft Exchange Server Justice Department announces court-authorized effort to disrupt exploitation of Microsoft Exchange Server vulnerabilities | USAO-SDTX | Department of Justice Ransom Gangs Emailing Victim Customers for Leverage – Krebs on Security Ransomware gang tries to extort Apple hours ahead of Spring Loaded event | The Record by Recorded Future UnitingCare Queensland hit by cyber attack - Security - iTnews Ransomware gang threatens to expose police informants if ransom is not paid | The Record by Recorded Future Ransomware gang wants to short the stock price of their victims | The Record by Recorded Future How the Kremlin provides a safe harbor for ransomware Malvertisers hacked 120 ad servers to load malicious ads | The Record by Recorded Future Security researcher drops Chrome and Edge exploit on Twitter | The Record by Recorded Future Recent Chromium bug used to attack Chinese WeChat users | The Record by Recorded Future SAP systems usually come under attack 72 hours after a patch | The Record by Recorded Future European cops collected data from encrypted chat service for weeks prior to cocaine bust Colombia’s cartels target Europe with cocaine, corruption and torture | Drugs trade | The Guardian Australian firm Azimuth unlocked the San Bernardino shooter’s iPhone for the FBI - The Washington Post Signal >> Blog >> Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective Lawyer Asks For New Trial After Cellebrite Vulnerability Discovery Cellebrite Pushes Update After Signal Owner Hacks Device Signal Adds a Payments Feature—With a Privacy-Focused Cryptocurrency | WIRED WhatsApp Spying Site Blames WhatsApp for Letting It Spy Phone numbers for 533 million Facebook users leaked on hacking forum | The Record by Recorded Future Facebook Wants to 'Normalize' the Mass Scraping of Personal Data Palestinian Hackers Tricked Victims Into Installing iOS Spyware | WIRED The UK Is Trying to Stop Facebook's End-to-End Encryption | WIRED Hackers move $760 million from the 2016 Bitfinex hack | The Record by Recorded Future 'Fourth Amendment Is Not For Sale Act' Would Ban Clearview and Warrantless Location Data Purchases Ill-advised research on Linux kernel lands computer scientists in hot water | The Daily Swig Researchers trick Duo 2FA into sending authentication request to attacker-controlled device | The Daily Swig NAME:WRECK vulnerabilities impact millions of smart and industrial devices | The Record by Recorded Future Google's Project Zero updates vulnerability disclosure rules to add patch cushion | The Record by Recorded Future Suspected North Korean hackers set up fake company to target researchers, Google says - CyberScoop National security: Five Eyes split demands Australia reset with New Zealand Dan Kaminsky: Tributes pour in for security researcher who died after short illness | The Daily Swig
The Cybersecurity and Infrastructure Security Agency required agencies to take action against a major problem with the virtual private network software from Pulse Secure.
KRP tiedotti että Vastaamoon kohdistetun tietomurron ja asiakkaiden kiristämiseen liittyvä tutkinta eteneehttps://www.is.fi/digitoday/tietoturva/art-2000007932944.htmlValtoriin kohdistunut vakava kyberhyökkäyshttps://valtori.fi/-/valtionhallinnossa-mahdollinen-etakayttopalvelun-haavoittuvuuden-hyvaksikayttohttps://www.tivi.fi/uutiset/vakava-tietomurto-valtion-palvelimilla-rikosilmoitus-tehty-jo/bc5371d1-14f5-4dac-897e-0042cbf25e03https://threatpost.com/pulse-secure-critical-zero-day-active-exploit/165523/Kuinka haavoittuvuus korjataan?https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784 Tilausmaksuihin perustuvat huijauksethttps://www.theverge.com/2021/4/21/22385859/apple-app-store-scams-fraud-review-enforcement-top-grossing-kosta-eleftheriouSignal uhkaa käyttää Cellebrite-forensiikkatyökalun haavoittuvuksia hyväkseenhttps://signal.org/blog/cellebrite-vulnerabilities/Minnesotan yliopisto ei saa enää tuottaa Linux Kerneliin päivityksiähttps://www.zdnet.com/article/greg-kroah-hartman-bans-university-of-minnesota-from-linux-development-for-deliberately-buggy-patches/Amerikkalaismedia varoitti Suomen poliisia kiistanalaisen kasvojentunnistusohjelman käytöstä – KRP kompuroi vastauksessaanhttps://yle.fi/uutiset/3-11898702New York Timesin uutisointi Clearview.ai:stahttps://www.nytimes.com/interactive/2021/03/18/magazine/facial-recognition-clearview-ai.htmlBuzzfeedin tiedot Poliisien Clearview käytöstähttps://www.buzzfeednews.com/article/ryanmac/clearview-ai-local-police-facial-recognitionClickstudios-salasanamangerin toimitusketjuhyökkäyshttps://www.csis.dk/newsroom-blog-overview/2021/moserpass-supply-chain/https://www.clickstudios.com.au/advisories/Incident_Management_Advisory-01-20210424.pdf
- www.fireeye.com: Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day - www.darkreading.com: University Suspends Project After Researchers Submitted Vulnerable Linux Patches - www.bleepingcomputer.com: REvil gang tries to extort Apple, threatens to sell stolen blueprints - www.cyberscoop.com: Codecov dev tool hit in another supply chain hack - thehackernews.com: Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems - www.cyberscoop.com: FIN7 'technical guru' sentenced to 10 years in prison3 Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https://streamelements.com/professorcyberrisk/tip --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/professor-cyber-risk/message Support this podcast: https://anchor.fm/professor-cyber-risk/support
On this week’s Cyber Security Brief, Alan Neville joins Brigid O Gorman and Dick O’Brien to discuss the recent discovery of a zero-day vulnerability in popular VPN product Pulse Secure. We also discuss some recent developments in the SolarWinds and Microsoft Exchange Server stories. Finally, we discuss a recent potential data breach at software testing company Codecov, and look at why UK authorities are warning government employees about potential approaches from foreign spies on social media.
Alexander (@ErDetEnTing), Melvin (@Flangvik), Vetle (@bordplate) og Eirik (@0xSV1) snakker om innbruddsverktøy, FBI som hacker bedrifter, Valve som ikke patcher vulns på over 2 år, nye Exchange-sårbarheter og dårlig sertifikathåndtering hos Pulse Secure.
Nuke and pave the lost supply chain, Pulse Secure and Codecov used to compromise their clients, OEM hardware manufacturer Quanta breached by REvil, more Sonicwall zero-days. Eric TaylorTwitter: barricadecyberwww.barricadecyber.comShiva MaharajTwitter: kontinuummspwww.kontinuum.com Articles referenced;Multiple agencies breached by hackers using Pulse Secure vulnerabilities | TheHillHundreds of networks reportedly hacked in Codecov supply-chain attack (bleepingcomputer.com)REvil ransomware gang claims it stole top-secret tech designs – including Apple lappies – from Quanta Computer • The Register3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances (thehackernews.com)Buy Eric a Coffee Eric Taylor is Educating folks around cyber securityBuy Shiva a Coffee IT support that's actually supportive.FASTMAIL Your data is for you, no one else. That includes your email, calendars, contacts, notes, and files! --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app Support this podcast: https://anchor.fm/amplifiedandintensified/support
SonicWall zero-days are under active exploitation; mitigations are available. Pulse Secure VPN is also undergoing exploitation, probably by China, and mitigations are available here, too. The US begins work on shoring up power grid cybersecurity. Cyber ops rise with Russo-Ukrainian tension. The help desk at ISIS tells jihadists to stay away from Bitcoin. Joe Carrigan looks at cryptocurrency anonymity. Our guest is Bert Kashyap from SecureW2 on what needs to be done before devices used for learning from home return to schools. And is your password inspired by cinema? For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/76
In today's podcast we cover four crucial cyber and technology topics, including: 1. 1.3 Million Clubhouse user' data exposed 2. Pulse Secure VPN not working for Windows users 3. IcedID tricks users into requesting email to evade security filters 4. Ransomware creates grocery shortages for European giant Albert Heijn I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
For years, information security vendors and experts have been touting the importance of securing the perimeter, with strategies like defence-in-depth as one of several approaches to take as organisations embrace a connected economy.Over the years, technologies and approaches have come up to the challenge of securing the enterprise. The variety of choice and technologies have left some stupefied. Welcome to PodChats for FutureCIO. In this episode, we speak to Joe Signorelli, Vice President, Asia Pacific Japan, for Pulse Secure.
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
New Win 10 malware can evade detection What we know so far about the FireEye breach GE's radiology device passwords leave hospital networks exposed Steve Wozniak's new business: Efforce Lightspin, a new cloud security startup Facebook ids Vietnamese IT firm as linked to malware on Anroid app store Are Mac certificate checks a privacy issue? Oblivious DNS: Cloudflare, Apple and others want to bring more privacy to the Internet Bryan Embrey, Sr. Product Marketing Manager at Pulse Secure talks about how hybrid cloud is changing remote access. Hosts: Louis Maresca, Curt Franklin, and Brian McHenry Guest: Bryan Embrey Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Sponsors: expressvpn.com/enterprise LastPass.com/twit Melissa.com/twit
I recently read how a phishing scam was discovered in Google Cloud Services, the latest sign of hackers quickly evolving to attack these environments. To fully protect themselves from the growing threat, organizations need to adopt a Zero Trust policy that can be enforced across the cloud. Pulse Secure also announced Pulse Zero Trust Access (PZTA), a cloud-based, multi-tenant secure access solution that enables organizations to provide anywhere access to multi-cloud and data center applications with Zero Trust assurance. I invited Scott Gordon back on to the podcast to learn more about how organizations can scale Zero Trust protections to their entire infrastructure, including cloud or multi-cloud environments. Scott Gordon is the Chief Marketing Officer at Pulse Secure, responsible for global marketing strategy, communications, operations, channel, and sales enablement. He possesses over 20 years of experience contributing to security management, network, endpoint, data security, and risk assessment technologies at innovative startups and large organizations across SaaS, hardware, and enterprise software platforms. Previously, Scott was CMO at RiskIQ and ForeScout (FSCT). He has also held executive and management roles at AccelOps (acq by Fortinet), Protego (acq by Cisco), Axent (acq by Symantec), and McAfee. Pulse Secure suites uniquely integrate cloud, mobile, application, and network access to enable hybrid IT in a Zero Trust world. Today, more than 80% of the Fortune 500 and over 20,000 enterprises (and 18M end-points) and service providers across every vertical entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance.
Pulse Secure provides easy, comprehensive software-driven Secure Access solutions that provide visibility and seamless, protected connectivity between users, devices, things, and services. Our suites uniquely integrate cloud, mobile, application, and network access to enable hybrid IT in a Zero Trust world. Today, more than 80% of the Fortune 500 and over 20,000 enterprises (and 18M […]
Pulse Secure provides easy, comprehensive software-driven Secure Access solutions that provide visibility and seamless, protected connectivity between users, devices, things, and services. Our suites uniquely integrate cloud, mobile, application, and network access to enable hybrid IT in a Zero Trust world. Today, more than 80% of the Fortune 500 and over 20,000 enterprises (and 18M […] The post Joyeta Samanta with Pulse Secure appeared first on Business RadioX ®.
Join our guest Jason Incorvaia, Senior Vice President Worldwide Operations, Pulse Secure, as he shares his valuable insights on the business systems and frameworks that enable their GTM strategy and what are the changes in their GTM strategy due to the pandemic. Reimagine Enterprise Sales System is a series of video podcasts where Protik Mukhopadhyay - Entrepreneur, Author, and podcast host, will deconstruct strategies and tactics and bring you actionable insights from B2B Leaders driving Transformation in their organizations. To know more, visit www.protikm.com
In this week’s episode, Viktoria is joined by Kim, Dylan and Demelza to discuss: - Ransomware negotiations between CWT and cyberattackers - Impact and severity of passwords leaked for 900+ pulse secure enterprise servers to criminal forum - The Ghostwriter/disinformation campaign overview: series of disinformation campaigns, aligned to Russian security interests - activity and attribution - EU issues first sanctions against Russian and Chinese cyber actors: Impact, effectiveness and reasoning behind this Get this week’s intelligence summary at https://resources.digitalshadows.com/digitalshadows/weekly-intelligence-summary-07-august-2020 ***Resources from this week’s podcast*** CWT: https://uk.reuters.com/article/uk-cyber-cwt-ransom/payment-sent-travel-giant-cwt-pays-4-5-million-ransom-to-cyber-criminals-idUKKCN24W26P Pulse Secure VPN: https://www.zdnet.com/article/hacker-leaks-passwords-for-900-enterprise-vpn-servers/#ftag=RSSbaffb68 EU Sanctions: https://www.gov.uk/government/news/foreign-secretary-welcomes-first-eu-sanctions-against-malicious-cyber-actors https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32020D1127&from=EN
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-secure-access/) What is the Holy Grail of secure access? There are many options, all of which are being strained by our new work from home model. Are we currently at the max? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our sponsored guest is Rohini Kasturi, chief product officer, Pulse Secure. Thanks to this week’s podcast sponsor, Pulse Secure. Pulse Secure offers easy, comprehensive solutions that provide visibility and seamless, protected connectivity for hybrid IT in a Zero Trust world. Over 24,000 enterprises entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance. On this episode of Defense in Depth, you’ll learn: Multiple technologies, such as VPN, split-tunnel VPN, VDI, SASE, EDR, and secure management, are used in attempts to insure secure access. But given that secure access isn't just about managing endpoints, but users, you also have to look at IAM. We look to conditional access to provide more support than just full VPN access. Argument that we are moving away from endpoints to identity as that's the new perimeter. SASE solution blocks by default, instead of allows by default, and requires permission for access. User is secured dynamically based on a combination of identity and device. Would be great if secure access solutions were universal, but they vary country by country based on costs, availability, and regulations. Secure access models must be user experience first. One possible play that works in this way is IAM + SASE + EDR + secure management. Another factor that prevents the one-size fits all model for secure access is the complexity of stacks.
IT Multinational Corporation Cognizant hit with Ransomware, Scams round up in April, Pulse VPN Patch is not patchy enough, and over 700 developer libraries contains malicious code We have some interesting stuff to cover, so let's login. Show Notes: https://exploitbrokers.com/podcasts/hn08 #hacker #hackingnews #exploitbrokers #exploitbrokerspodcast #CyberSec #ethicalhacking #ethicalhacker #RansomwareNews #Ruby #MaliciousCode
In today's podcast we cover four crucial cyber and technology topics, including: 1. 400,000 payment cards related to U.S. and South Korea for sale on DarkWeb 2. SeaChange video provider hit with Sodinokibi ransomware 3. Criminals spoofing U.S. Federal Reserve to target consumers 4. 160,000 plus Nintendo accounts hacked via legacy Nintendo Network IDI'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
In today's podcast we cover four crucial cyber and technology topics, including: 1. Proposed COVID-19 application for Netherlands leaking data2. Maze ransomware used in attack against IT firm Cognizant 3. Homeland Security urges Pulse Secure VPN users to reset their passwords 4. Two cryptocurrency firms attacked, netting criminals 25 million USD I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
Podcast: Defense in DepthEpisode: Internet of ThingsPub date: 2020-04-02Notes from @BEERISAC: CPS/ICS Security Podcast Playlist:Anton Shipulin: "Kudos to Rob Verseijden (@elborro) for the tip on the episode"All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth:-internet-of-things/) When Internet of Things or IoT devices first came onto the market, security wasn't even a thought, let alone an afterthought. Now we're flooded with devices with no security and their openness and connectivity are being used to launch malicious attacks. What are methods to secure environments today and how should these IoT devices being secured in the future? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest is Josh Corman (@joshcorman), founder of I Am The Cavalry. Thanks to this week’s podcast sponsor, Pulse Secure. Pulse Secure offers easy, comprehensive solutions that provide visibility and seamless, protected connectivity for hybrid IT in a Zero Trust world. Over 20,000 enterprises entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance. On this episode of Defense in Depth, you’ll learn: For years, manufacturers didn't consider device security. As a result, attackers have used insecure devices like connected webcams to gain entry into a corporate network. If you're manufacturing devices, then make security and patches a top concern even after end of life support. Big gap between public trust and the reality. Almost all people trust manufacturers to secure their devices. The reality is most manufacturers aren't securing their devices. While we've seen webcams used to launch distributed denial of service (DDoS) attacks, the greatest concern is of a similar style attack being launched against industrial IoT. The discussion of IoT security goes beyond security of devices. We know there are devices with zero security connected to our network. This is where a larger discussion of zero trust and defense in depth style security programming comes into play. We have a growing number of unmanaged devices. Devices that are just always on and connected to the Internet providing simple functions like reading their environment. How much responsibility do manufacturers have for the security of their devices after they've been purchased and shipped? They can create updates and patches, but they can't enforce them. The podcast and artwork embedded on this page are from Allan Alford and David Spark, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth:-internet-of-things/) When Internet of Things or IoT devices first came onto the market, security wasn't even a thought, let alone an afterthought. Now we're flooded with devices with no security and their openness and connectivity are being used to launch malicious attacks. What are methods to secure environments today and how should these IoT devices being secured in the future? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest is Josh Corman (@joshcorman), founder of I Am The Cavalry. Thanks to this week’s podcast sponsor, Pulse Secure. Pulse Secure offers easy, comprehensive solutions that provide visibility and seamless, protected connectivity for hybrid IT in a Zero Trust world. Over 20,000 enterprises entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance. On this episode of Defense in Depth, you’ll learn: For years, manufacturers didn't consider device security. As a result, attackers have used insecure devices like connected webcams to gain entry into a corporate network. If you're manufacturing devices, then make security and patches a top concern even after end of life support. Big gap between public trust and the reality. Almost all people trust manufacturers to secure their devices. The reality is most manufacturers aren't securing their devices. While we've seen webcams used to launch distributed denial of service (DDoS) attacks, the greatest concern is of a similar style attack being launched against industrial IoT. The discussion of IoT security goes beyond security of devices. We know there are devices with zero security connected to our network. This is where a larger discussion of zero trust and defense in depth style security programming comes into play. We have a growing number of unmanaged devices. Devices that are just always on and connected to the Internet providing simple functions like reading their environment. How much responsibility do manufacturers have for the security of their devices after they've been purchased and shipped? They can create updates and patches, but they can't enforce them.
Welcome! We are going to hit a number of topics today from the world of Technology. Primaries and Caucuses are underway and with that always comes the topic of technology and security and it is no different this year. Apps are being developed and brought to market without being fully tested. Extensions are being created that have ulterior purposes and are being downloaded by thousands and even more, on Tech Talk With Craig Peterson today on WGAN. It is a busy show -- so stay tuned. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Four States Use A Flaw Filled Mobile Voting App Iranian Hackers Exploit VPNs Worldwide IT Disaster Recovery/Business Continuity Exacerbated by Coronavirus Be Careful of Extensions on Chrome - Many found to Upload Your Private Data. Sharp Increase in Exposed Records by Third-Party Applications Automotive Apps originally designed for Personal Owners cause headaches for rental agencies. 1.77 Billion - That is how much Businesses lost last year to Business Email Compromises Encrypted Communications for the Masses --- Automated Machine Generated Transcript: Hey, welcome, everybody. Craig Peterson here on WGAN. And we're live on Facebook. And we, of course, can be found over my website as well Craig Peterson, calm. We got a lot of topics for today's show. But we're going to start with the one that is really on everybody's minds right now is we see more of these primary elections beginning to come up, and we see problems. Well, I don't know, or are they problems or features? I guess they are problems with some of the election technology that has been used over in Iowa. New Hampshire's technology was rather straightforward as the Secretary of State in New Hampshire says, and it's hard to hack a pencil, although they're not using pencils. In New Hampshire. They are using felt pens, which are hard to hack as well. And these cards can like the cardboard that you would have in the back of a shirt when you purchase it. It's that type of cardboard that is not shiny or glossy, and then it goes through an optical reader that scans the ballot and places it in the bottom of that machine. An election official stands there to make sure that the balance legitimate. That you are not trying to stuff the ballot box, and that machine counts your vote. Now the unfortunate thing is those machines are kind of old in most states, some of them, I think maybe all of them are still running Windows XP, but there's no easy way to get it the operating system. It's never connected to a network. Even though some of these machines that have been examined and have patch levels zero or in other words, no patches of Windows XP, which is quite surprising when you get down to it. That is a big problem in many many cases. In New Hampshire, the primary went pretty well. Of course this weekend, the next one coming up, which is in Nevada. The Nevada caucuses. I don't know what to believe anymore because I've heard both sides of this. One that voting in Nevada is using the same technology that was used over in Iowa, which to me would be just a shocker and a whole big dismayed because it was just so terrible. As I've said on the radio before, in fact, this week when I was on with Ken and Matt, I think it was, might have been with Jim, I'm trying to remember who it was, which show. I pointed out how in when we're looking at some of this technology, we all well, not all of us, but some of us love the latest greatest technology. I'm one of those guys that like to stick with something that I know works and explore current technologies and newer things. But so many times we get just bamboozled as taxpayers because the people that are in control of the purse strings, they like the latest coolest stuff. They buy equipment from people they know hence the app and iOS. Former Hillary Clinton staffers ran the company chosen for use in Iowa, and I don't know how much vetting they did. We do know that the code wasn't checked. Homeland Security had offered. We also had offers coming in from Federal Investigation Bureaus and from several security companies saying, Hey, listen, we'd be glad to have a look at this. It was all closed source. It wasn't open-source where you can have a look at that software and say, yes, indeed, everything's legit. That is excellent software. People can find bugs in it. If they find a bug, they can report it, and it can get fixed, right? There are so many different things that they could have done when we're talking about trying to make this secure. I see Mary just joined us here on the Facebook Live and which is cool. She and I have worked several elections in the pas,t and we've been monitoring them. I have a son that's been one of these election officials. You know, part-time people that get pulled in to watch the voter checklist and things in New Hampshire, you have to have an ID to vote, which is weird, you know. I liked the way we did it here, Maine's doing the same thing. Most New England states are in fact as northern New England are doing the same thing where we have a felt pen, we have a piece of paper, we mark it down on that piece of paper, and we can then count it later on. If there's a problem, right? You can just go to that paper that sits in the closet, pull out the stack, bring it with you. And once you've done that, you can have a bunch of people sit around and think about Florida 20 years ago and what happened there with the hanging chads. They at least had a physical card they could look at although you know pregnant chats, hanging chads got to be quite the mess. So now we're getting concerned because of this new voting app that's out there. It's called Votz. V-O-T-Z is how they spell it. It's not the same one that was used the caucuses in Iowa. The app that the Democratic Party was using was trying to take the tabulations that were made by the people who were at all of these different precincts and figure out what the vote tallies were and then supposedly put it into the app and it gets sent up. This vote app that we're talking about right now goes a few steps beyond that. They want military personnel, and people are overseas to use it when they can't necessarily vote when they want to vote. It's, you know, panacea, maybe it's something we can get to in someday, but four states are going to use it this year. It has not undergone the trials that really should have gone down. And it's using a buzzword that I think got people's attention. And they're saying, Oh yeah, this is going to be safe because it's using this buzzword called blockchain technology. Blockchain technology is what used behind various cryptocurrencies, like Bitcoin and some of the others, to help secure the transaction. So the whole log is it signed each record inside the register is signed. Just because it has blockchain doesn't mean it's secure and doesn't make it properly designed. I've got a quote here in this article from MIT, is computer science artificial intelligence lab saying the whole thing is sloppy. It looks sloppy. It's in Georgetown Law. It's awe-inspiring. They were able to find such a pervasive set of vulnerabilities, said Matt Blaze and election security expert and computer science professor at Georgetown Law School. But we should also remember it's ultimately unsurprising that they would be able to do so because of every expert has warned against Internet voting as being vulnerable to flaws exactly like this goes on. The University of Michigan here Alex Halderman, saying that it makes vote seemed like a sham. So it is a sham. I think I think it's a real problem. But we're going to do it anyways and four states, including West Virginia, this year is going to be a mass. We've already seen what happened in Iowa. We saw excellent voting happen in New Hampshire. We're not sure what's happening this weekend in Nevada, then Super Tuesday is right on the heels. Some of these states are using these voting apps. Some of them are using the apps used in caucuses. I think thank goodness there aren't very many caucuses in the country. And we'll see, but one thing is guaranteed, and that is it will be quite the debacle. It is going to end up being a problem for everybody involved because they didn't vet this technology. Now, I reported on this a couple of weeks ago, this $10 million grant set aside by the Department of Defense grant, ultimately, and it was to design a voting machine that would be secure. A voting machine that we could trust. I think that's just wonderful. It hasn't really been tested yet. They brought it last year to one of these conferences like Black Hat and Defcon. They brought it out there. Every year there is a voting machine village where they have all kinds of voting machines there. They are asking people to go ahead and try and hack into the voting machines. We had a 15-year old that was able to hack a voting machine right there, and they compromised every voting machine except for the device under development on this $10 million contract. Now, that might seem impressive, and that might be kind of encouraging to some of us. I think it kind of is in some ways. However, the reason they did not hack it was it didn't work. They were not able to get it online and did not get it online until Sunday, which was the last day of the conference. And so no one got to test it out. But that was last year. Let's get them a little real a little bit under their belt, a little water under that bridge sometime, and they will be able to do it. And you know, I think they'll be able to do it ultimately, but I still will be the biggest proponent of a pencil and a piece of paper or a felt tip pen. The software, By the way, those votes VOATz software is being used in Denver, parts of Oregon, Utah and Washington State, we'll see what happens. West Virginia, as I said, is going to use it. But for disabled voters, the federal government requires all states to have electronic voting machines that can be used by disabled voters. I know here where I live in New Hampshire, we have a thing I don't know they might have passed. Now they're kind of getting old. Twins, twin women, and one of them was pretty much deaf, and the other one was pretty much blind. So they were able to help each other out in a massive way, which is kind of cool and get right down to it. But what they did is they kind of both helped each other to vote, but we all have in every precinct people who are there who can help people with disabilities. I don't like this requirement to have electronic voting machines. But the MIT researchers, these other researchers all agree with me. I'm very concerned about the Android phone and Android as a platform for people to use. I don't know if you are if you're using Android, you know, I'm always saying use iPhones much, much more secure. But I also am not looking at an iOS as being the problem. Cure-all for some of the voting machines. Anyhow, we are live on Facebook, as I'm putting the show together and shout out to everybody who is on there and asking questions. I appreciate it. And I will go back in and answer questions for anybody a little bit later on who has them, and I want you to stick around. I will be back here after the commercial break. We're going to be talking more about the latest in technology. We're going to be getting into these Iranian hackers that have been hacking VPN. If you think your VPN is safe. We've got another thing coming. So we're going to shut this one down. And we will be right back. Thanks for joining us, of course, Craig Peterson dot com. Hello, everybody. Welcome back. Craig Peterson here on WGAN and affiliates. You'll find me online at Craig peterson.com. And, of course, online at Facebook. I'm doing this Live on Facebook, and also out at YouTube. And we're going to talk right now about VPN. So hopefully, you have some understanding of them. But some exciting statistics came up this week from our friends in government. The FBI has been warning us a lot lately about what's been happening over in Iran what they've been doing, and we don't have kinetic war. In other words, we're not shooting at each other, which is a good thing, right? But Iranian hackers have been right at the forefront of trying to hack into our systems, and they've been relatively successful. I have a few clients that are in the defense industry, because we do, of course, the higher security stuff, right. And they have been under constant attack from Iran for about six, eight weeks now ever since the last little tussle with Iran might have been longer than that. And we're seeing sustained efforts to hack into them. Well, now we're getting a report from our friends over at ZD net here about Iranian hackers targeting these VPN services. So I thought I'd start by kind of explaining to everybody a little bit more about VPN services, what they are, what they offer. And because I'm hearing ads about this all the time, and frankly, it's driving me crazy, because the ads are telling me that Yeah, Craig you need a VPN because it's the only way you're going to be safe. It's the only way you're going to be secure in your day. You've got companies out there that used to be known for anti-virus, which of course nowadays we know antivirus software is zero percent effective against the latest hacks that are out there. So antivirus software companies are trying to figure out what's another way that we can make some money because people are starting to realize that this is a scam. And it's been a scam for a lot of years. You know, antivirus worked pretty well 15 years ago. It doesn't work at all today, as I just mentioned for the latest now malware nastiness that's out there. So some of these companies one that comes to mind. It was purchased not too long ago by another anti-malware company is running a lot of ads. They're saying this we need our VPN you need our credit watch. They've tied in, with one of these companies that watch your credit looking for transactions, it might be a bad guy, and I'm a little concerned because here's what usually is going on in the VPN industry. Running a good VPN is expensive. When you are using a VPN, all of your data, depending on what type of a VPN, how it's employed is encrypted from point to point. We're talking about the right ones and not those that you hear the ads for when you're using those types of VPNs. Your data is transmitted up to the VPN service provider. Then once it gets there, it is sent out to the internet. So let's say you're trying to go to my site, Craig Peterson, dot com. If you're using a VPN, your web browser is going to ask the VPN server Hey, can I get the Craig Peterson dot com? What's the best way to do it? How can I get there, and the VPN server will say Hold on a second. I'll get that page for you. Then the VPN server goes out to Craig Peterson dot com gets the page and sends it back to you. Now, that would be a caching or proxy VPN server. And some of them will just pass packets through. But the big concern I have is twofold. One of them is this whole Iran thing, and we'll get into that in just a minute. Because it isn't only Iran. But the other one remembers if something is free, or if it's inexpensive, who's the product? You the product! And since you're the product, what do you think they're making money off of selling your personal information, that's how they make their money. And that is a big problem as far as I'm concerned. So what some of these VPN services are doing is they are tracking you online. Some of them go the next step, and they're actually acting as full proxies, and they are sometimes acting as a man in the middle attacks. They're injecting things into your data stream that you weren't expecting. So where you think you're getting the VPN to have some security, and to have some privacy. Some of these VPN services are the exact opposite. They are reducing your privacy because what they're doing now is taking your data and selling it to the highest bidder that's out there, right. So I think that's a problem. And if you think it's a problem, maybe you shouldn't use some of these cheap VPN services. And I haven't gotten any I actually like, okay, I've heard advertisements on these radio stations, my shows airing on and I've checked them out, and I'm not comfortable with any of them. And the only VPNs I use or VPNs that I run, but remember, your data still has to hit the internet at some point. Remember, you're using one of these VPN services. versus your data is going to the VPN service provider. And at that point, it hits the internet. So it's now out on the internet. Well, if you're trying to make sure your data doesn't get on the internet, and people aren't hacking you, you've lost because your information does have to get to the internet. How are Internet Service Providers supposed to get to your bank? How are they supposed to get to my website? How did they suppose to get to Facebook or Google or YouTube? They have to go over the whole internet as well. If you're using one of these services, and they're going out to the internet. What do you think is a bigger target you at home, using the internet via your cable company or your telco or maybe your smart device. Is that one device a big target, or do you think that perhaps its the VPN service providers that are the bigger target, right? I'm not sure I need an answer because it's kind of a rhetorical question. The most significant marks out there when it comes to VPNs are these VPN service providers. And we're seeing warnings out there right now that Iranian hackers have targeted pulse secure, which has VPN software that they sell to businesses, shown to be insecure. Pulse Secure for the net. Another example of one of these security companies, right that has a VPN service, Palo Alto Networks, a company I have never used and never recommended either. I haven't recommended any of these companies to anybody ever. We've gone up against Palo Alto Networks in some proposals and contracts and, and they won them because of all the whiz-bang, not because they were the best of the safest, and so So there you go, Paul secure Fortinet, Palo Alto, and Citrix VPN are now being used to provide a back door into larger companies. So if you're a business person, I'm going to put these right now into this channel so that you can look it up for you or business and seeing and write this in as a comment over here in the Facebook Live that you can find online. Yes, go to Craig Peterson, calm slash Facebook. It'll take you to my Facebook channel. But there's the list of them. It is from an article that's out there on ZDnet. I think they have been publishing some great information lately. I've been using them in a number of my alerts that I send out as part of my Saturday morning emails. But some of these attacks have happened according to this firm called clear sky that Iranian hackers have targeted companies. From the IT telecommunications, oil, gas, aviation government and security sectors, why because that's where all the real money is. The particular report is dispelling frankly, the notion that it's their Russian and Chinese hackers or maybe North Korean because the Iranian hackers don't know what they're doing right. I've heard that before all Iran, don't worry about it. They know what they're doing. When in fact, yes, within hours of being disclosed, the Iranian hackers were right in there. It's terrifying. So keep an eye out. I look. Again, online at Craig Peterson, calm you'll find this article, and a whole lot more. Make sure you ask your IT department if you're using any of these VPN services or software. And by the way, in most of these cases, you can get patches to fix it. When we come back. We're going to be talking about Coronavirus and the new challenges right here on WGAN. Hey, welcome back Craig Peterson here WGAN and online at Craig Peterson dot com, of course, on Facebook as well. I am live on Facebook, and you can ask questions there you can watch this whole show as it unfurls, and you will find me there. You can ask questions almost anytime. We try and keep you up to date on what is happening out there in the world of technology. Well, you might not have thought of coronavirus as anything more than just a piece of nastiness, right. The virus I know some people are saying well you know we haven't had as many deaths from the Coronavirus, also known as covin-19. I was trying to remember the name little earlier. We haven't had as many deaths from that as we have from our regular flu virus every year. Right now is the peak of flu season in the northeast and Anyways, and in many parts of the country, and what is there to worry about, right? Is it going to hit us? It seems to be slowing down. We don't have a whole lot of information from our socialist friends in China. Like most socialist governments, they play things very close to the chest. They don't want people to know what's happening, including their citizens. But we have some new fears now, and this is a great little article that I have found over on dark reading. It's pointing out some of the security challenges that we're facing, because of the whole Coronavirus thing. Everybody's heard about it, everybody's scared of it. And when you get right down to it, you're watching me right now listening to me talking about the Coronavirus because it is an exciting thing to understand. The CDC has not only maps of where the Coronaviruses hitting right now, but the CDC also has information about general flu viruses this time of year. There are outbreaks of different diseases, what's happening where CDC.gov now I've seen some fake stuff like CDC, dash gov.org, just all kinds of fake sites. With phishing, we've got to make sure that all of our employees, family, friends, know not to click on any of those links. Don't click on them. However, people do and when you click on them, who knows what's going to happen, you might be downloading malware, you might just be confirming this is a valid email address for more and future spamming, right there might be a lot of different things that it can do to you. Don't do that. The next one I think that that's very interesting is something most businesses have not addressed. What would happen if maybe covid-19, or something else, actually becomes a pandemic? What if it is not even a pandemic. What if you have an office with five or ten people in it and everybody comes down with the flu or cold? At the same time? Have you prepared for a business continuity challenge? And it isn't just what might happen if you're sick. It might also be a little bit further than that. What might happen if the business burns down? Or there's flooding, or no one can get into the office for a day or two because of some natural disaster? Maybe, it's just a really nasty ice storm like we had here? What a decade ago, where there were portions of New England that had no power for six weeks, in the middle of winter. That's a very, very big deal. What would your business do? Most people will haven't had a good hard look at business continuity, just in general, although we really should. And when we've got the cyber attackers coming after us, it also brings to mind what would happen if they got through, and let's say it was a version of ransomware that encrypted all of your data or deleted all of your data and demanded a ransom. Are you going to be able to handle that? Right? It's a big question. Will you be able to continue with your IT people, whether they're outsourced or in-house? How about your security operations people? It could be a huge problem. Let's move it up-scale because I know we've got a lot of people listening, who have more substantial companies. Maybe a 200 person company, perhaps something more prominent and it would be interesting to know you can just drop it in the channel like to know a little bit. But if you've got to hundred people working in one building and it's a contagious virus that's getting spread, the odds are pretty darn good, that 10 to 15% of your workforce is going to get nailed with that bug. Okay. Here's an example from the article. If it's by the way, if it's something that might be pandemic, there's an excellent chance the government's going to quarantine everybody anyways, whether the people get sick or not. Okay, and what's that going to do to your business? It is a consultant over Accenture working in Mexico City during the h1 in one virus spread ten years ago. They were saying that the current quarantine protocols are 14 days. So think about that. What happens if your business if your employees are out for 14 days if you've got a large outsource facility. Your security management, any facility, with a large number of people and you probably don't want to bring 100 people together and put them in a small room unless you-yourself have evidence that none of them have been affected. The second part of the challenges they may not be able to get there even want to get there. Now, this is the business continuity side. Can your business continue if there is a spread of these types of diseases, this could be huge? Some Indian companies have reported, according to dark reading, they've reported disruptions because of stoppages and shipments from China. They've got 45,000 Plus Now I don't know what the number is confirmed infections over 1000 deaths. So if you part of your supply chain now is affected, in this case with the Covid-19. Of course, most businesses are worried about the supply chain from China. There's supply chain manufacturing the low-cost components from China to Indonesia and all kinds of places in Southeast Asia what happens if that goes away too? If you have parts being made anywhere in the world, keep in mind that businesses are starting to move if they haven't already. Then with all of the phishing that's going on, It can get to be a very big problem. Proof point and Cisco Talos have reported messages purporting to provide tips for virus protection. They appeared to be sent not only by official government organizations but by the own businesses itself, upper management. So there's an example of spearfishing going after a specific company, and the messages get used to stealing credentials drop malware like mo tap, and in lures specifically targeting manufacturing and shipping industries. The nano core remote access software, these are back doors, like the kind I've talked about on the show that we have found in business and that is before backdoors get put in there by China or that Iran now has become a big player in all of this. So very, very big problems. Hey, if you have joined me on Facebook for the Facebook Live Welcome, welcome. I appreciate the comments, like seeing the thumbs up, so please do give that to me. Otherwise, you can find me online at Craig Peterson dot com. I post all of everything we talked about every week, right there Craig Peterson dot com and I started sharing videos and, and other things as well on YouTube and a little bit more on Facebook. When we come back after the break, we've got more to discuss. Next up. We're going to talk about these 500 Chrome extensions that have been secretly uploading people's information. How's that for a scary thing? So stick around because we'll be right back. If you are on Facebook Live. We're going to end this Facebook Live and start another one with our new topic in about five minutes on the radio. We'll be back even quicker than that. So stick around. Hold on one sec. Here we go, everybody. Welcome. Welcome Craig Peterson here on WGAN and elsewhere. Of course, also on Facebook, Facebook live is where you'll find me there. Just go to Craig Peterson dot com slash Facebook. You can sign up for my weekly newsletter, where I make sure you have all of the latest news, everything that you need to know. And right now we're going to talk about everybody's favorite browser while except for mine. One of the companies that we use goes by the name of Duo and what they have recently found out about our friends over at Google and Chrome. If you are a big follower of mine, and you've attended some of my pop-up training, I do quite a few of them. Those are always free and, and I have some tutorials as well. I talk a lot about extensions because there are quite several extensions that can be fantastic. And I use them all of the time. If I were to bring up my browser here, you would see a whole bunch of extensions that I use continually. I use them to block certain advertising types, and I use them to prevent various kinds of malware. I have some extensions that use artificial intelligence to figure out what is this page trying to do? Because we've got things like pop-unders, where it opened something up, and it has little timer was saved for an hour, and then it pops up to this big scary message that you need to update windows or update something now Because it's out of date, and there are hackers out there that are trying to get you. And that's called, by the way, scareware. But it comes through your browser, and you have no idea. So some of these extensions that I use are specifically designed to look at the source code on the page, look at not just the HTML, obviously, but look at the JavaScript or so much stuff is hidden. So it pulls in all these pieces of JavaScript. Usually, they're removed in from multiple sites and assembles them has a look at them, and will even change them based on what it finds. Now, those are beneficial extensions. Then on the other side, there are these toolbar extensions. I don't know if you've used these before, man, these used to be all of the rages, and I still see them installed in people's computers. And these toolbar extensions give you a little bit of extra something sooner, just a call right in These extensions going to track you when you're online and shopping and tell you where the best deal is? Well, yeah, it's following you, right? It knows that you're on a shopping site because you give that extension access to all of your browsing history. Then it knows what you're looking at up the site and knows what you are searching. Because so many of these extensions come with their little search bar up top right. Yahoo was one of the big guys out there in this browser bar extension business. And every last one of them at the very least, despite you. Now, that's bad, right that it's bad enough. But now we're looking at this same mo wait a minute here. We have now uncovered 500 Chrome extensions that have been secretly uploading the private data from millions of users. Huge deal. An article in Ars Technica, if you are over on the Facebook Live, you'll see the article, right there has a direct link to it. But this is very bad. It was just discovered on Thursday here. It's been just about just over a week. And we found out from these guys, that what had happened is that these website extensions had more than 1.7 million installations. It was an independent researcher who worked with Cisco's own Duo Security. And they found all of these things. They then reported it privately to Google and the researchers and found 71. Google looked at what the researchers had seen, and how those extensions were coded up and how they we're behaving. Then Google found an additional 430 extensions. And Google has removed all known extensions that were doing this. So that's the right side of it. But that's the known extensions. Those are the extensions that we're doing something that looks suspicious that Google and the security researchers could identify. In this case, reported here, the Chrome extension creators and specifically made extensions that obfuscated the underlying advertising functionality from users. Now it did say advertising in this quote because here's another thing that they do. If you visit a website, and you have an extension installed, that has access to the websites that you're visiting, here's what they've been doing. They look for ads from their customers, so you've got a bad guy, Inc. Okay. And then what better guy he does is he goes out and says, Hey, listen, I can get you 1000 collects of thousand new views of your page, just pay me up. Then what they'll do is they will play some ads for you. These are pay-per-click ads. Every time someone clicks on an ad, they have to pay, right, and some of these ads are cheap at five cents. You don't see that too much anymore. Some of them are $500 for a single click. That money then goes to Google, who then shares it with whoever had the website where the click originated. Okay, so it's a pretty lucrative business if you as a bad guy that could guarantee clicks on these expensive websites That is what they're doing with some of these extensions. They are watching the pages you're visiting to look for an ad from one of these sites that they get some money fro, but now they can have your browser click on the ad unbeknownst to you. Your browser now clicks on that ad. They make some money because they have the fake ads that are up so all kinds of nastiness. The other side of this is let's say the bad guys want their competitors to stop advertising online. Let's say they make cups, and I make this glass. Other companies out there that make a blue glass kind of like this. They find out what are the ads this other blue glass company is running. They have their little extensions out there. They hire these people that only extension to then clicks on the competitor's ads automatically for them. The competitor might have a five hundred dollar a day limit with Facebook ads, and all of a sudden now that five hundred whatever it is they're spending where they've put a cap on it, right? So whatever it is they're spending is being 100% wasted, because you don't even see the ad. There are so many ways that the bad guys are using these extensions. It is a maze of redirects, malware, and more. Some of these plugins will do Bitcoin mining or other types of blockchain cryptocurrency mining out there. Man, there's just all kinds of them hardcoded control servers, which by the way, I've got another tutorial coming out telling you how to stop your computer from going on to some of these command and control servers. And that's going to be phenomenal for you. So keep an eye out for that coming up in a couple of weeks. Many the redirections because they're using redirections, as well as part of this, go to ads for products or Macy's, Dell, Best Buy large volume of ad content, as many as 30 redirects, the deliberate concealment of most ads from end-users and the use of the ad redirect streams to send infected browsers to malware and phishing sites. It goes on the bottom line, beware of extensions, but I also want you to be aware of apps, right? What are the apps that you are using? What are those apps providing you with? Now I'm talking about apps that are on your smartphone or on your tablet, maybe some programs that are on your computers. Okay, they're out there? What are those apps Are those apps something that you need? Many of them spy on you, which is another dangerous thing. They're stealing your data. They're taking the information they're sending to the bad guys. Right? It just goes on and on. So make sure you don't do that it is dangerous stuff. All right, I am doing this radio show on Facebook Live. If you want to follow me on Facebook, it's easy enough to do Craig Peterson comm slash Facebook. And if you are not a Facebook fan, and there are a lot of reasons not to be a Facebook fan, then you can also see a lot of these videos up on YouTube. I do YouTube lives, as well. You'll find that at Craig Peterson comm slash YouTube. And of course, you're listening on the radio, and you're going to find me on pretty much every streaming service that's out there. So I want to quickly ask a question - which browser do you use? If I say create a poll? What's going to happen here? Oh, there it is. I'm going to publish it right now. I see. Okay. All right. So far it's showing up. I should have clicked this a little bit earlier. So Facebook Live, you have a poll. Do you prefer Google Chrome, Firefox, Microsoft Edge, or Opera? And I personally use Firefox and Opera, Google Chrome and edge I don't trust particular Google Chrome, however, There are times when you have to use one of those two browsers, because your company might be using a website that's specifically programmed to only work with that particular browser. There. There might be other reasons, but let me know. Click on it there. If you are not watching me on facebook right now Facebook Live, go ahead and answer that poll. I'd really like to know or just drop me an email me at Craig Peterson calm. Let me know what your favorite browser is and why. And make sure that you delete every extension you don't need. Every app you don't use and don't need. We've got to cut back because it just presents such a broad attack surface to the bad guys. All right. Okay, so let's see end of this segment. When we come back, we of course, have a whole lot more to talk about. We're going to talk about third party breaches, what's been happening. It's increased sharply in 2019. If you are a business person, this is for you. Your listening to Craig Peterson WGAN and online at Craig Peterson dot com hello everybody welcome back Craig Peterson here on WGAN or also on Facebook Live if you have any questions, by all means drop them right here into the channel can always ask me a question to online anytime. Just email me and he had Craig Peterson calm more than happy to respond. You might have to have a little bit of patients I do try and get back ASAP. But if someone or my staff is not noticing or final notice Don't feel bad. It's not as though we hate you. But we do try and answer every question that comes our way just me at Craig peterson.com. We're going to talk right now about third party risks whether you are a small business or a little large business, this is a huge deal. very huge deal. And it's also a huge deal if you are an individual, because you are dealing with everything from Cloud services through a milk delivery company. All of these are third party services provided by third party companies. And many of them have information about us. And I've heard from so many businesses lately, that are now required under the new federal standards, the CMC standards, that they don't think that they really apply to them because they're not a primary government contractor. It's they don't have a whole lot or any personally identifiable information. You know, why? Why would you come after me? I just don't matter in the whole big scheme of things. So it's not something that I should have to worry about. When the law is clear, they do have to worry about it, but they're still not worried about it. And I think the biggest reason is because people just don't understand the risks involved. You're using Google spreadsheets, for instance, Google docs for me, you know, Microsoft Word replacement. And, and Google also has kind of a PowerPoint thing called Google Sheets, I think it is, or slides, Google Slides that you can use in order to put the presentation together. And even to show a presentation. It's, it's really rather cool stuff all the way around. But this is an example of a third party vendor. We already know that Google is looking at all of those documents and trying to figure out what a can use from that and in order to sell us stuff, right or do seller information to third parties. And in that's obviously a bit of an issue. But when we're talking about these smaller businesses that might be selling to Another government contractor that might be selling to Raytheon who's selling to the Department of Defense, just as an example. They wonder, why does it matter? That I'm really secure, because I'm making something that's completely passive. It's not as though I'm making the software that controls a missile in flight. Right? It is not doing any of those sort of things. So why should it matter? And I think that it's a good question, but here's why it matters. There were some huge hacks of the Department of Defense last year, and those hacks a good 50% of them came from their vendors. We're talking about a third party risk. That third party that vendor you're using, whether it's Google Docs and Dr. Mike, you might be using a version of Dropbox as Just a regular end user version might be using an unsecured or improperly secured as your instance or Amazon Web Services instance. You could be using any of those types of things. And guess what's going to happen if you're using those. All of those people who have your data could be used as a way into your computer's think for a minute. We spoke earlier today about these 500 plus Google Chrome extensions that were leaking your data there, the data is actually being stolen by third parties because of those. If you have software installed that's being used to manage your supply chain, and that supply chain software is tied into this third party vendor. Your network is is is exposed Now you may have tried to tighten it down, I might be as tight as could possibly be. And there's no problem here. But if you're like an average business, none of that is true. None of that is true at all. All of your data is potentially accessible by the third party. So some interesting stats that came out. And I again, I have this up on my website. I will post let me post this right now here in the Facebook Live channel. Okay. It's in there now to you can see that right at the end of my comment. They're showing that there were about 43% of businesses this last year 44% were, in fact, attacked and hacked via third party breaches. So in other words, the bad guys did not come in directly This wasn't a phishing attack attack necessarily directly against them. This wasn't a ransomware attack directly against them. It was against a third party. So it was a vendor who might have had all of their customer information they might have had to how to manufacture certain things. It could be all kinds of different types of information. And that information was then used against them. That's a very big deal. Think about billing. Think about your, your employees and their paychecks, their w 210 99. Since you send out all of these things to target so we talked earlier about these VPN services that are right now huge, they're huge attack vector. Now this number is up by the way 35% over the last two years. The number of records exposed in the breaches skyrocketed. Almost 300% last year, the cost of the breaches have gone up substantially as well. And you're going to find all of this up on my website, Craig peterson.com. But that's huge. So 44% of all firms that were surveyed had experienced a significant data breach caused by third party vendor. And remember, these are firms that know that they were breached. So let's look at an IBM study. This IBM study says it takes an average of 197 days for a company to identify that they have had a data breach almost 200 days to even identify even know that they had a breach and another 69 days to contain it. Fat is inexcusable. In excuse inexcusable, it really is. You know, so many people have fallen through victim to vendors that say, hey, we've got the solution for you Don't worry about it. This is this is going to be so easy, not a big deal. We'll take care of it for you and they don't that's the only explanation I can come up with here. For what 265 ish days, from the time a breach occurs to the time that they've contained it. 265 days, that's two thirds of a year. Now I believe me I'm this is not I'm not trying to sell you our services here. Okay. If you want to buy him great. I just want to let you guys know 250 days on average to contain it with what we do on average. It is this from this. From the time it happens to the time is discovered to the time it's contain. So from the very beginning of a breach to the time it's contained. With us, it's typically six hours. That's why I say this is in excusable, if you're a company with 200 employees with 1000 employees, and you're not using the right stuff. Whose fault is it? And I gotta tell you another number that I've seen before when when I was one of the FBI infragard programs that I ran, I had an expert on, and he was talking about breaches, and you know how many months it takes to discover and then to try and close the hole. If you take less than 30 days to stop the breach, on average, you save $1 million, a million dollars. So think about that when you're thinking about the cost of security. If you are slightly bigger company, you have a few hundred employees up into thousands of employees. And you can shave that whole massive number of 250 days, down to 30 days or less, you've saved yourselves a million bucks. So the million dollars that you might spend on security and by the way, it takes you quite a bit to spend a million dollars to even to get the kind of security I was just talking about, with the six hour to recovery stuff. A million bucks goes a long way now and that's plus, by the way, you know, all of your other costs, the loss of reputation that you get, so you're going to lose clients, you're not going to pick them up, you're not gonna be able to charge as much as you could before. People aren't going to trust you. All this is happening because of these third party breaches. So keep that in mind next time. You are auditing your business, right? You've got auditors and think about all of the people downstream from you who maybe you should be paying some attention to, because they have data that you might find to be sensitive. They might be used as a conduit to break into your systems as well as have their systems breached. Okay. So I know many companies now that are, are auditing their providers, their upstream downstream partners, for very, very good reason. So if you want to find out more, let me know just email me at Craig peterson.com. Be glad to punch in the right direction. You can find this particular order article over and dark reading and it's written by Jay v. JOHN, and you can find it as well at Craig Peterson calm Of course I post all of that stuff online. And if you have my newsletter, you get that Every Saturday morning, links to it there too. So stick around. We'll be right back. We got a lot more to talk about here. In this last hour of the show. We're going to talk about a rental car risk you might not be aware of. So stick around. Hey, welcome back. Craig Peterson here WGAN and and elsewhere. We are live on Facebook Live as well. out on YouTube. You can find me and Craig Peterson calm. And of course, listen to my podcasts on pretty much any platform out there. podcast platforms from one platform. I just been doing this for too long. I guess this is the problem. They've all found me. Oh no. So this is a great little article from our friends over at Ars Technica. I don't know if you're familiar with it. It's one of those websites that I follow fairly closely because they have so many great things out there. But this one is talking about the rental cars and I want you to think about cars for a moment because well, I like cars. Hopefully you do too. But what are the problems that we're seeing today that are actually caused by this latest, newest, most wonderful technology? And there are a lot of them frankly. And some of them have to do shoes me with our phones, right? We plug our phones into the cars, the cars will automatically say, Okay, I want the contacts, people will just blindly say okay, go ahead and upload the contacts. And all of your contacts are uploaded, and now the car has them and the next driver comes in I love doing this comes into the car and scrolls through all of the phones and sees all of the contacts people have their home addresses in their status home. So you just look up home on the on the cars GPS and and just some poor fool who uploaded all of his contacts into the car, right use seen that before a music downloads, just all kinds of stuff. So I'm always careful, I never let the car upload my contacts you were probably kind of conscious about that as well. If you're not making sure that that doesn't happen right to the car doesn't have your contacts. You You might also do what I do, which is after I'm done with the car, I go into the Bluetooth settings and disconnect my phone or with Apple Car Play. I make sure my phone is disconnected. Excuse me. So those are all things I think that most people would know about and think about. Well, here's the problem that we're starting to see today. These cars are getting smarter and smarter and have more and more features on them, don't they? So there there's been some research here. Ars Technica did a little dive into it as well. And this Dan Goodin ended up writing an article about This where he found that the previous driver to his car could start and stop the engine lock and unlock the doors and track the location of the vehicle because you remember again these cars are designed by my guys right and gals obviously but by guys who are not thinking about all of the use cases for the car you know man I had such a fight of one of my my eldest sons who works with me he's he's one of the employees and works with a company that is fire jumpers certified for not fire jumper as in the fire department, although he does have a firefighting certificate including tight spaces on ships, but he's a fire jumper for security when something bad happens. Or please, please have us design the network before something bad happens. He gets some old us all of those. Well. We have all of Our clients emails run through a set of high end filters provided by Cisco. So all of the emails coming in our filters, look at it, and they are phenomenal. They have cut my email, I was 5000 emails a day. And now I'm down to about 100 hundred and 50 emails a day just by the Cisco filters. So and by the way, I have, I think, in the last year had maybe one false positive, maybe one it's just these things are so smart the way they work, right? They're not just looking for keywords or other things are really looking at behavior. Because Cisco sees so much of the internet, right? Cisco runs the internet backbone, but then they see so much of that traffic plus they see so much of the email traffic they can, they can just be phenomenal. So we have all of our customers emails running through our data center and it's properly secure. Of course, and running through these special Cisco email filters. And then we take those emails and we forward them on to our customers mail servers. Well, one of the services that is used by quite a few of our customers, because it's inexpensive, relatively speaking, is the Microsoft Office 365. Now, there's a lot of levels of old 3065. It's their cloud services, right? But that's cloud is in the cloud, right? And we're not going to get into that right now. But they have a whole bunch of services. And Microsoft had an internal grey list against our Cisco email host that was doing all of the filtering. And Microsoft, you know, they said, Well, you know, we can figure it out. It took us 24 hours to escalate it to people who knew what they were even talking about. We showed them their own tech article on this problem. them inside Microsoft with Office 365. And said, Here's your problem. You guys know about it, you have defined it, here it is. And yet, you know, they they start you with the people that say is a computer powered on type, right? Just so, so, so frustrating to me. Well, the problem here is that the Microsoft software did not consider all their software designers did not consider all of the uses usage cases. In this case, the Microsoft software people thought, Well, people using Office 365 they're just going to be real small businesses and they are going to have you know, dozen through 1000 email accounts maybe. And so the usage patterns are going to be consistent, etc, etc. That's not true in a case like us, where all of the emails coming in from all over the internet. To to us for all of our customers, including their deal D contractor customers, right? The people, the customers that have it are compliant, have PCI that have legal compliance issues, accounting compliance issues, right. So they all come to us where they are heavily heavily filtered. And then therefore it on to Microsoft. Well, that's not a usage case they thought of when they design the software. So we were fighting with them. We had thousands of messages queued up So the good news is, we didn't lose any of the email. We kept it our systems noticed right away that Microsoft was misbehaving, which they do frequently. And and then we got on the horn with Microsoft, we went the level two right away and then level three No, I'm air quoting levels two and three, because they're not real levels two and three, not by our standards. By the time you get to level three or somebody like me that or Steve, the fire jumper, somebody that really knows What's going on? Right? That's not the case of Microsoft. Anyhow, the problem in Ars Technica is found here is that these cars are designed with the idea that there is a single owner. Now there might be multiple drivers to the vehicle, but there's a single owner, right? She owns the Mustang. She drives it, but you know, the old man drives every once in a while the kids might drive it once in a while as well. Well, in this case, they looked at a Ford Explorer. And October last year, they put an article in about a guy that was able to remotely start, stop, lock, unlock and track a Ford Explorer that he had rented and returned five months earlier. And they're saying now something almost identical has happened again to the same enterprise rental car customers. customer. Four days after returning a Ford Mustang, the Ford pass app installed on the phone continues to give them control of the car. So here we have a usage case where the car is being rented, it was not part of the original design considerations. And the rental car company, in this case enterprise, and maybe it's just one unit of enterprise, I don't know. But enterprise is not properly clearing or resetting, whatever they have to do to that car after somebody has rented it. So it's a real problem. And it's something we need to be cautious of. Because it's, it's not even something we can necessarily do anything about. But personally, I would go into the menu on the console on the control system, you know, the entertainment system, and I wipe out every phone that's in there, just so that something like this can happen to me, right? But that's what I would do and that's what I advise you to do as well. Okay, stick around. When we get back. We're going to talk about a new FBI report that's talking about what happened to this $1.7 billion right here. Stick around. Craig Peterson and WGAN and live on Facebook. Hey, welcome back everybody, Craig Peterson here WGAN and and elsewhere. Hopefully you're able to join me on facebook live this week and we spend some time talking about the articles and answering questions for everybody. And of course you'll find that online right now kind of all over the place, make sure you get my weekly newsletter. It'll keep you up to date on all the latest security topics and some of the cooler new technology out there that I think is or maybe isn't ready for prime time. Going to have a cool guests next week too. I I used to do a lot of guests. I had like a dozen a show back when I had a three hour show. But next week we're gonna talk with a buddy of mine Mine, who is actually fairly well known, he's written a book about sugar. And you probably know if you've been listening to me for a while, not all that long. But a while you know that I have been very conscious about my health and doing the intermittent fasting thing and stuff. And so we'll talk to him about what he has found. You might remember I did the Atkins thing some years ago, but we'll be talking with him a little bit about that, too. I'm sure next week, so Barry Friedman will be my guest. And I will probably be next week. We've got to figure out the calendars first. No, I hate it when that happens. Sorry about that little bit of a coughing fit. Okay, so let's get into the article right now. And this has to do with email compromise. Now we all have email accounts, right? You got them. I got them, whether they're on Google Shame on you, or if they are Microsoft Office 365. Okay, depends on which level you have. Or if you host them yourself, which is what we've been doing for decades now for ourselves and our clients. I like that because they have more control. I don't have the problems like we had with Microsoft this week with Office 365 for some of our clients. But when you have email, there's a certain type of exposure that you have. We talked earlier about this whole problem with the coven 19 with the corona virus, and how they're using it right now to get you to click on links and phishing attacks. click on links in SMS. Those are called smishing. To get you to do something that ultimately you shouldn't do because they're using it to download nastiness. And it can be nastiness in the form of ransomware he'd be nastiness in the form of software that being installed on your computer to use your computer's resources, maybe as part of a denial of service attack, maybe to attack other people and other computers that are out there, right? It's all pretty darn evil. Well, the FBI put together some numbers because there's this thing called a business email compromise. That's only part of the problem. Because it isn't just business email, that can be a problem here. It's also our personal emails. So we're finding on the personal side that people are getting emails that are again from bad guys, but what they're trying to do is get you to go a little bit further. So a lot of them for instance, are based around dating sites. So people looking for companionship, they might be out on one of these websites and and they meet somebody.g more coughing meet somebody and as they've met that person, they kind of go back and forth and how are you? Oh my we have so much in common and they're trying to scam you. That is a very, very big and prevalent thing right now. Because so many people are just trying to find somebody that they can love someone they can spend some time with. And enjoy company and you know how I get that pardon my French but this is a real tough time in the world. There's so many people that are so ostracize that are blocked off from other people that are just looking for something anything right? Doesn't have to be love. As I said it can just be companionship. So the FBI has been warning about that. And then we've got these business email attacks, that what's happening here is oftentimes it's spearfishing. They're going After the owner of a company, and and frankly some of these dating things are spearfishing, too, because they know that somebody who's a little bit older might have some money that they can get out. Yeah. And they'll ask you Hey listen, I my uncle cousin has this medical bill and and we really need the money can I get $10,000 from you and people, people are sending it in the business email account account. It's a little bit different. So here's another article from our friends over dark reading this up on my website as well. But it's same back in 2013 scams often started with the spoofing of a CEO or CFO his email account, fraudsters send emails appearing to come from these execs to convince employees to send wire transfers to fake accounts. Now we know that within the last six months, this has gone to the next level. We're there we are using computers to imitate the bosses voice and they've been able to take millions anyhow the article goes on. Since then business email compromise has evolved to include the compromise a personal and vendor emails, spoofed lawyer email account and request for W two data. Of course, taxis and everybody. This is a big one w two right now the IRS is warning about that. Attackers often target the real estate sector and or make requests for expensive gift cards. In 2019. The Internet crime center saw an increase in business email compromised complaints related to the diversion of payroll money. So the attackers send a fake email to human resources or payroll department requesting an update to a specific employees direct deposit information. This is really really big and you look at these numbers. We're talking about 1.7 billion in losses. That's absolutely huge amounts of money. The in 2019, they had a half a million complaints come in costing organizations three and a half billion dollars overall. That's up almost $3 billion from 2018. absolutely huge. So we have to be very, very careful. There are some reports out there email fraud and entity deception trends that are out there about the attackers what they're doing rise in hybrid attacks, which a victim receives an email making a request, and simultaneously receives a text message from a spoof number designed to seem to seem like the same person saying they just sent an email. It is highly targeted and also highly effective. So you got to be careful of all of this. We have to be careful of all of this and for business people, we have to be particularly careful about all of this government, government agencies. Did you see what happened with in Atlanta in the last year, how they got nailed multiple times. And it was ransomware. Getting in some of it was some business email compromises. We've had cities all over the country who have fallen victim to the business email compromise, and they have wire money to vendors that just don't exist, etc, etc. We have to be very careful. So how do you avoid this? First of all, don't send money to people that you really don't know. You know, you I'm thinking about those of us that are looking for companionship, friendship, maybe for a new lover, somebody that we can spend the rest of our lives with. Don't send them money really don't no matter how bad that sob story is. And then if we're business people be doubly careful. Verify everything via the phone. So the boss tells you that they need to move some money into another account. Call the boss you have their number, don't call the number in the email. If you are getting contact in HR from an employee's saying, hey, I want you to start direct deposited into my new account, here's the account number. Call back and verify it. Right That's always the case. You know, a police officer pulls you over the side of the road. You have a good chance that it's really police officer because they're an unmarked car. They have the blue lights going. They have a police officers uniform on. You just don't know even in that case. So be extra-extra cautious out there. Man. When we come back, we've got one more article for the day again, believe that it's gone so fast. We're going to talk about the most secure messaging app out there. Hi You can get it how you can use it. So stick around. You're listening to Craig Peterson and wg AN. And of course, Facebook Live in YouTube Live. Man, we're going overboard this week. Stick around because we'll be right back. Hey, welcome back, Craig Peters, Melanie or w g. N. and online Of course, we're doing a Facebook Live even as we speak, having a little fun there as the chuckles we're all about. Hey, I appreciate you guys joining me and I know that your time is valuable, and I don't want to waste one minute of it. So I'd love to get your feedback. What do you think of this show? What are the good parts, the bad parts? What do you want to see more of? What do you want to see less of let me know just email me and eat at Craig Peters. on.com. I'd really appreciate it and make sure that you are on my email list so that you get every week the latest in technology news. With a course in emphasis, as always from me on security, and what you can and should be doing for security in your home, and in your business, you know, I really focusing on business, because that's what I've been doing for so many years. You know, most businesses aren't in the cyber security business. And so they're trying to make their widgets provide their service, etc. And they're just left hanging when it comes to the security side cyber security. And I know that's true of you guys, too, who are in smaller businesses, even larger businesses and home users. But the answers the solutions are always the same, although you don't have as much money to spend so you're not going to be as well protected. Right? Do you also, hopefully don't have as many assets at risk. I know a lot of people who are high net worth individuals who come to me in order to get things secured, but as as a whole Most of the time is business Zilla. So I kind of aim at that. And then every month is well, we have a list of the top security vulnerabilities that there are patches out for telling you, hey, you need to update this software or that software. There's various vulnerabilities that you have to take care of immediately. Another coughing fit, man, hope this isn't assigned to something coming down with something. Here's the vulnerabilities you have to t
Today, more than 80% of the Fortune 500 and over 20,000 enterprises (and 18M end-points) and service providers across every vertical entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and Cloud while ensuring business compliance. Sudhakur Ramakrishna is CEO of Pulse Secure and joins me on Tech Talks Daly to talk about a variety of security trends that will be impacting the tech industry in 2020. We discuss the impact that the Bring Your Own Device (BYOD) trend is having on security in the enterprise and What Zero Trust is going to mean to the enterprise in 2020. We also talk about the evolution of security, SaaS, and Cloud before tackling Hybrid IT and the expanded attack surface too. Meanwhile, I learn more about how Pulse Secure provides software-driven Secure Access solutions that provide visibility and seamless, protected connectivity between users, devices, things, and services. Sudhakar Ramakrishna is CEO of Pulse Secure, where he oversees all aspects of business strategy and execution. With nearly 25 years of experience across the Cloud, mobility, networking, security, and collaboration markets, Sudhakar joined Pulse Secure from Citrix. At Citrix, Sudhakar served as the senior vice president and general manager for the Enterprise and Service Provider Division, where he had profit and loss responsibility for approximately a $2.5 billion portfolio of virtualization, cloud networking, mobile platforms, and cloud services solutions. Before Citrix, he was at Polycom and was president of products and services. Sudhakar has also held senior leadership roles at Motorola, 3COM, and US Robotics and brings significant experience in strategic planning and execution, organization development, and incubating and scaling new businesses to Pulse Secure. Sudhakar earned his master’s degree in Computer Science from Kansas State and an MBA from Northwestern University’s Kellogg School of Management. Sudhakar is a member of the board of directors at Health iPass. He has significant experience as a board member and advisor of Public and Private companies.
This week in the Enterprise News segment, Paul Asadoorian, John Strand and Matt Alderman cover the following news stories: Pulse Secure and SecureWave Partnership, BigID raised $50 million to accelerate global sales, channel and product expansion, Tapplock introduced new enterprise fingerprint scanning padlock accessories, Cloudflare for Teams, CORRECTING and REPLACING: NetScout Wins Victory Against Patent Assertion Entity, and acquisitions including Broadcom, Symantec Enterprise Acquiring Cybersecurity Analytics Firm, Mimecast acquiring Segasec, Cloudflare acquiring stealthy startup S2 Systems. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode167
This week, we talk Enterprise News, to talk about Tapplock introducing new enterprise fingerprint scanning padlock accessories, Protecting corporations without sacrificing performance with Cloudflare, as well as their acquisition of S2 Systems, Pulse Secure, and SecureWave enter a partnership, Mimecast acquires Segasec, and more! In our second segment, we discuss Docker Container Security - Vulnerable Upon Inception! In our final segment, we welcome back Britta Glade, Director of Content and Curation for RSAC, and Linda Gray, Senior Director and General Manager for RSAC, to discuss what to expect at the world's largest cybersecurity conference in San Francisco! Show Notes: https://wiki.securityweekly.com/ESWEpisode167 To register for RSAC 2020 using our discount code or to book an interview with Security Weekly on-site at RSA Conference visit: https://securityweekly.com/rsac2020 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly
This week, we talk Enterprise News, to talk about Tapplock introducing new enterprise fingerprint scanning padlock accessories, Protecting corporations without sacrificing performance with Cloudflare, as well as their acquisition of S2 Systems, Pulse Secure, and SecureWave enter a partnership, Mimecast acquires Segasec, and more! In our second segment, we discuss Docker Container Security - Vulnerable Upon Inception! In our final segment, we welcome back Britta Glade, Director of Content and Curation for RSAC, and Linda Gray, Senior Director and General Manager for RSAC, to discuss what to expect at the world's largest cybersecurity conference in San Francisco! Show Notes: https://wiki.securityweekly.com/ESWEpisode167 To register for RSAC 2020 using our discount code or to book an interview with Security Weekly on-site at RSA Conference visit: https://securityweekly.com/rsac2020 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly
Links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-building-a-fully-remote-security-team/) Could you be successful with a fully virtual InfoSec team? Many say it can't be done, while some have actually done it and been successful. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest is Kathy Wang, former CISO, GitLab. Thanks to this week’s podcast sponsor, Pulse Secure. Pulse Secure offers easy, comprehensive solutions that provide visibility and seamless, protected connectivity for hybrid IT in a Zero Trust world. Over 20,000 enterprises entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance. On this episode of Defense in Depth, you’ll learn: A fully remote team is possible. Our guest was formerly the CISO of GitHub which is a fully remote organization so the concept of remote work was built into the company's DNA. Two of the most important factors to great remote success are each individual's willingness to over communicate and never be afraid to escalate an issue. Not surprisingly, remote work requires top-down support and it starts at the point of hiring. Trust is a two-way street in remote work. Under the umbrella of "over communicating" is documenting everything. Huge benefit of having a remote team is you are no longer competing with location-based hiring. There are talented people all over the world. With your staff living all over the world, you in effect create a 24/7 office network with everyone operating in different time zones. A fully virtual company is perfect for cloud native companies. It can be very costly to place a person physically on site. Saving money is a great side effect of remote staffing. Make sure to have in-person team building events. Kathy does one to two a year and tries to make sure one of them coincides with a big security event like DEFCON, RSA, or Black Hat. One unforeseen benefit of remote work is that you're always able to start meetings on time. Problem with in-person meetings is you're often waiting for another meeting to finish in a room so you can start your meeting.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Citrix ADC Update https://isc.sans.edu/forums/diary/A+Quick+Update+on+Scanning+for+CVE201919781+Citrix+ADC+Gateway+Vulnerability/25686/ Pulse Secure SSLVPN Exploited https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ https://www.darkreading.com/attacks-breaches/widely-known-flaw-in-pulse-secure-vpn-being-used-in-ransomware-attacks/d/d-id/1336729 Google Project Zero Changing Disclosure Policy https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html Google Updates Android https://source.android.com/security/bulletin/2020-01-01
This week in the Enterprise News segment, Paul Asadoorian, John Strand and Matt Alderman cover the following news stories: Pulse Secure and SecureWave Partnership, BigID raised $50 million to accelerate global sales, channel and product expansion, Tapplock introduced new enterprise fingerprint scanning padlock accessories, Cloudflare for Teams, CORRECTING and REPLACING: NetScout Wins Victory Against Patent Assertion Entity, and acquisitions including Broadcom, Symantec Enterprise Acquiring Cybersecurity Analytics Firm, Mimecast acquiring Segasec, Cloudflare acquiring stealthy startup S2 Systems. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode167
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Citrix ADC Update https://isc.sans.edu/forums/diary/A+Quick+Update+on+Scanning+for+CVE201919781+Citrix+ADC+Gateway+Vulnerability/25686/ Pulse Secure SSLVPN Exploited https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ https://www.darkreading.com/attacks-breaches/widely-known-flaw-in-pulse-secure-vpn-being-used-in-ransomware-attacks/d/d-id/1336729 Google Project Zero Changing Disclosure Policy https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html Google Updates Android https://source.android.com/security/bulletin/2020-01-01
Noticias semanales Monográfico: El Coste de los ciberataques Entrevista: Rafael Cuenca, de PULSE SECURE Concurso: Patrocinado por INGECOM, regalo de Antivirus de TRENDMICRO Con: Rafa Tortajada, Manu Cantonero, Sergio Lillo y Maribel Poyato Dirige: Carlos Lillo email: info@clickradiotv.es WhatsApp: +34 669180278
Om Shownotes ser konstiga ut så finns de på webben här också: https://www.enlitenpoddomit.se/e/en-liten-podd-om-it-avsnitt-228 Avsnitt 228 spelades in den 25:e Augusti och eftersom katter kan vara allergiska mot människor och inte bara tvärt om så handlar dagens avsnitt om: FEEDBACK OCH BACKLOG * Vi har pratat Deepfakes förut, nu med Bill Hader * BONUSLÄNK 1: https://www.redsharknews.com/post/item/6454-how-to-make-an-impressively-deepfake-tom-cruise * BONUSLÄNK 2: länken som johan pratade om * Till vår egna lilla utvecklare; Github och Azure actions * Se till att patcha er Fortigate eller Pulse Secure MICROSOFT * Credge Beta är nu ute * Men VEM vill vara i skåne?? (tydligen Azure) * Darkmode i OneNote!!!111oneone * General availability för Python i Azure Functions APPLE * iOS är nu öppet för jailbrake-ing * Björn vill kanske flytta till USA. Apple card släpps * Lite läckor om Pro Iphone, Ny iPad och 16-tum MacBook Pro GOOGLE * Google Photos får OCR funktion * Nytt namn på Android. Det ska inte var Q längre... * BONUSLÄNK: Google deserts desserts: Android 10 is the official name for Android Q * BONUSLÄNK: Fredrik backman beskriver förätar-mackan Här ska vi skriva en rubrik om NYHET 4: * Parental control i Familyplan på spotify Och jag orkar inte komma på en till rubrik om NYHET 5: * OG vann The International, en bra dag på jobbet så knatar man hem med nästan 150 miljoner kronor i ryggsäcken... Nu får ni ge er... En till NYHET 6: * Disney plus har kommit ut lite med priser och liknande... WTF! Jag har inte tillräckligt bra betalt för det här... NYHET 7: * Bokförläggare är arba på Audible och en AI.. SHUT UP AND TAKE MY MONEY: * David: https://www.webhallen.com/se/product/290641-GoPro-HERO7-Silver * Mats: https://beta.rodastjarnan.com/airsoft/xcortech-x3300w-mk2-advance-bb-control-system-tan-40883 * Björn: behöver hitta en klocka till äldsta sonen. * Johan: https://www.thurrott.com/smart-home/212812/google-updates-smart-clock-with-photos-conversations EGNA LÄNKAR * En Liten Podd Om IT på webben * En Liten Podd Om IT på Facebook LÄNKAR TILL VART MAN HITTAR PODDEN FÖR ATT LYSSNA: * Apple Podcaster (iTunes) * Overcast * Acast * Spotify * Stitcher LÄNK TILL DISCORD DÄR MAN HITTAR LIVE STREAM + CHATT https://discord.gg/gfKnEGQ
For many B2B companies, the effort to continually maintain and improve their products has become too demanding. Evolving economic factors affecting these companies have pressured many to make the shift from being a product company to a platform company. Sudhakar Ramakrishna, CEO of Pulse Secure, joins us in this segment to discuss changing your mindset to successfully make the transformation from product to platform.
InfoSec'19 Security Series | Pulse Secure: Zero Trust Secure Access by Arrow Bandwidth
MONEY FM 89.3 - Prime Time with Howie Lim, Bernard Lim & Finance Presenter JP Ong
The changing landscape of Asian businesses in the age of 5G, demands businesses in Singapore adopt a zero-trust model and software defined perimeter (SDP) architectures to address the resulting security challenges. Sudhakar Ramakrishna, CEO of Pulse Secure, which aims to deliver easy, protected and available access to the data center and cloud.
Listen in as I chat with Scott Gordon, Marketing Officer at Pulse Secure. Scott and I have a great exchange about how to break through in the crowded PR landscape, how to measure outcomes, hold agencies to account and much much more. Scott has some great tips on “Organizing for coverage” which you won’t want to miss. And yes, we make Scott chose between the “Boss” the “Piano Man”. Scott has built and managed global marketing, product marketing, product management, and inside sales / sales development organizations at security and infrastructure startups and mid size orgs including Forescout, AccelOps (acq by Fortinet), Protego (acq by Cisco), Axent (acq by Symantec) and McAfee to name a few. When Scott isn’t driving demand you might find him hiking, drinking California wine and listening to east coast rock and roll, maybe all at the same time! Resources mentioned on this podcast CISSP All In One Exam Guide Ed Amoroso CISO Podcast You can keep up with the latest on Pulse at Pulsesecure.net and connect with Scott on LinkedIn at https://www.linkedin.com/in/scogor1 Learn more about your ad choices. Visit megaphone.fm/adchoices
In this segment, we will discuss some security product launches & announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, and Synopsys! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit http://securityweekly.com/esw for all the latest episodes!
In this segment, we will discuss some security product launches & announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, and Synopsys! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit http://securityweekly.com/esw for all the latest episodes!
This week, Paul is joined by Matt Alderman to discuss some mergers, acquisitions, and partnerships, such as TokenEx partnering with SureCloud, Check Point acquires ForceNock, Zix agrees to acquire AppRiver for $275 million, and more! In this second segment, they discuss some security product launches and announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, Synopsys, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul is joined by Matt Alderman to discuss some mergers, acquisitions, and partnerships, such as TokenEx partnering with SureCloud, Check Point acquires ForceNock, Zix agrees to acquire AppRiver for $275 million, and more! In this second segment, they discuss some security product launches and announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, Synopsys, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
On the Security Series this week we're joined by a guest from Pulse Secure. David Fearne and Richard Holmes sit down with Graham Duthie, a System Engineer at Pulse Secure. The team discuss Network Access Control with some really interesting examples of how their systems have helped businesses in the world of WiFi, where every device can be connected.