Podcasts about Twilio

As companies grow through acquisitions mistakes will be made. When those mistakes happen both current and new team members should have the opportunity to see leadership shine.   That's a belief of Michael Bratsafolis, Senior Director, Strategy and Operations & Head of M&A Integration at Twilio, and one that he shared with host Sagi Eliyahu on this episode of Modern Business Operations. Indeed, Michael goes so far as to make his errors visible so that new team members feel safe making mistakes and see that leadership doesn't try to hide them.   Michael and Sagi also discuss:   - the importance of building extensibility as the company grows    - how to create an environment of inclusivity of thought   - How culture evolves in fast-growth situations   When Michael joined Twilio they had 300 people and now they are coming up on 8,000 so he's had to learn everything he's sharing through experience. Enjoy!   This episode is brought to you by Tonkean   Tonkean is the operating system for business operations and is the enterprise standard for process orchestration. It provides businesses with the building blocks to orchestrate any process, with no code or change management required. Contact us at tonkean.com to learn how you can build complex business processes. Fast.

Wonder how one of the world's leading investor accelerator looks at investing in startups business that helps entrepreneurs succeed. David Cohen, Co-founder & Chairman of the world's largest business accelerator, Techstars, tells Dylan Ratigan what he looks at before investing in a company.Techstars provides access to capital, one-on-one mentorship, a worldwide network, and customized programming for early-stage entrepreneurs. Their accelerator portfolio includes more than 1000 startups with a market cap of $8.1BDavid has been an entrepreneur and investor for his entire life. He has only had one job interview in his career, successfully got that job but then quit shortly thereafter to start his first company. Since then, he has founded several companies and has invested in hundreds of startups such as Uber, Twilio, SendGrid, Pillpack, Classpass, and FullContact among others. In total, these investments have gone on to create more than $100B in value.Learn More About Techstars

Wonder how one of the world's leading investor accelerator looks at investing in startups business that helps entrepreneurs succeed. David Cohen, Co-founder & Chairman of the world's largest business accelerator, Techstars, tells Dylan Ratigan what he looks at before investing in a company.Techstars provides access to capital, one-on-one mentorship, a worldwide network, and customized programming for early-stage entrepreneurs. Their accelerator portfolio includes more than 1000 startups with a market cap of $8.1BDavid has been an entrepreneur and investor for his entire life. He has only had one job interview in his career, successfully got that job but then quit shortly thereafter to start his first company. Since then, he has founded several companies and has invested in hundreds of startups such as Uber, Twilio, SendGrid, Pillpack, Classpass, and FullContact among others. In total, these investments have gone on to create more than $100B in value.Learn More About Techstars

The Australian Investors Podcast, Australia's top investing podcast for professionals and private investors, is back for "2 sense", hosted by investment analyst Owen Rask and financial planner Drew Meredith, CFP. Welcome to “2 sense” In these laid-back investing discussions we'll attempt to answer all of your investing questions, including on ASX and global stocks, managed funds, ETFs, LICs or portfolio construction. That said, Drew and I will also any questions you want to throw at us: Direct stock ideas Macro forecasts Whether it's pronounced “finn ants” or “fine arts” Funds management Something business but completely unrelated Financial planning Whether curly moustaches make you a better investor Portfolio construction for retirement Drew and Owen's private company investing You name it! Take Owen's brand new Value Investor Program, which gives you all the tools and knowledge you need to invest successfully in companies, including valuation spreadsheets, investing checklists and ASX company case studies. Alternatively, why not take Owen's FREE investor bootcamp: bit.ly/rask-analyst Join The Intelligent Investor & save This podcast is brought to you by The Intelligent Investor, Australia's premier investment research membership service. Use the code "RASK", to get $100 off your annual membership or get a free 15-day trial (no credit card details required):

Hacks are increasing but the hackers are not necessarily getting more sophisticated. What do Twitter, Twilio, and Uber all have in common? They were all hacked by, in part, a conversation. In all three cases, the hack was helped along by social engineering. Someone contacted an employee of the company and tricked them into giving up the keys to the company. It doesn't matter how fancy your 2FA system is if an employee is just gonna give up their SMS codes to some rando on the phone.But worry not. There are ways to protect yourself and your company against such attacks. With me today to work through it all is Rachel Tobac. Tobac is a hacker and the CEO of SocialProof Security, a company that aims to get your organization politely paranoid.She also, coincidentally, just published a really amazing video that dramatizes a lot about what we're going to talk about today. You can find it on Twitter @racheltobac.Stories discussed in this episode:The Uber Hack Shows Push Notification 2FA Has a Downside: It's Too AnnoyingHow a Third-Party SMS Service Was Used to Take Over Signal AccountsHackers Convinced Twitter Employee to Help Them Hijack AccountsWe're recording CYBER live on Twitch. Watch live during the week. Follow us there to get alerts when we go live. We take questions from the audience and yours might just end up on the show. Subscribe to CYBER on Apple Podcasts or wherever you listen to your podcasts.Sign up for Motherboard's daily newsletter for a regular dose of our original reporting, plus behind-the-scenes content about our biggest stories. Hosted on Acast. See acast.com/privacy for more information.

Hacks are increasing but the hackers are not necessarily getting more sophisticated. What do Twitter, Twilio, and Uber all have in common? They were all hacked by, in part, a conversation. In all three cases, the hack was helped along by social engineering. Someone contacted an employee of the company and tricked them into giving up the keys to the company. It doesn't matter how fancy your 2FA system is if an employee is just gonna give up their SMS codes to some rando on the phone.But worry not. There are ways to protect yourself and your company against such attacks. With me today to work through it all is Rachel Tobac. Tobac is a hacker and the CEO of SocialProof Security, a company that aims to get your organization politely paranoid.She also, coincidentally, just published a really amazing video that dramatizes a lot about what we're going to talk about today. You can find it on Twitter @racheltobac.Stories discussed in this episode:The Uber Hack Shows Push Notification 2FA Has a Downside: It's Too AnnoyingHow a Third-Party SMS Service Was Used to Take Over Signal AccountsHackers Convinced Twitter Employee to Help Them Hijack AccountsWe're recording CYBER live on Twitch. Watch live during the week. Follow us there to get alerts when we go live. We take questions from the audience and yours might just end up on the show. Subscribe to CYBER on Apple Podcasts or wherever you listen to your podcasts.Sign up for Motherboard's daily newsletter for a regular dose of our original reporting, plus behind-the-scenes content about our biggest stories. Hosted on Acast. See acast.com/privacy for more information.

September 15, 2022 Patreon lays off 17% of Staff https://news.ycombinator.com/item?id=32826610 Twilio to lay off 11% of workforce https://news.ycombinator.com/item?id=32837802 Don't be spooky https://news.ycombinator.com/item?id=32863175 Increase https://news.ycombinator.com/item?id=32828669 Show HN: I may have created a new type of puzzle https://news.ycombinator.com/item?id=32884467 Uber investigating breach of its computer systems https://news.ycombinator.com/item?id=32860728 Ask HN: How do you find the weird parts of the web? https://news.ycombinator.com/item?id=32804832 Gen Z never learned to read cursive https://news.ycombinator.com/item?id=32884213 Dark Sky shutting down: https://news.ycombinator.com/item?id=32817555

Ronie Berggren och Björn Norström om det senaste i USA: New York City, senaste exemplet på misslyckade liberala städer; Biden förvirrad i FN; Sunny Hostin från ABC anser att latinamerikaner som röstar på Republikanerna inte vet sitt eget bästa; Republikanernas minoritetsledare Kevin McCarthy ger partiets framtidsvision inför mellanårsvalet; Våldtäktsman i New York City sätts inte i häkte och attackerar fler personer; Politiskt mord i North Dakota; Anne Linde säger att världen är oroade över Sverigedemokraterna; SD-EU-parlamentarikern Charlie Weimers på Fox News om svenska valresultatet; CNN ställer in intervju med Irans president; Rashida Talib kräver att USA:s banker ska vägra ge lån till dem som använder fossila bränslen; Biden svag i synen på gränspolitik och media förstår inte vilket ansvar en regering främst har; Ron DeSantis bussar immigranter till Joe Bidens sommarstuga; Man svingar yxa på McDonalds i New York City; Federal domstol beslutar att sociala medier inte får censurera grupper som de vill; Los Angeles demokratiska borgmästarkandidat Karen Bass känner sig otrygg efter att ha blivit utsatt för brott; Inga på Martha's Vineyard vill prata om invandringen; The Atlantic ifrågasätter könssegregerad idrott; Twilio kör woke-policy. ------- STÖD AMERIKANSKA NYHETSANALYSER: http://usapol.blogspot.com/p/stod-oss-support-us.html

Would you, COULD you, work 2, 3, even 4 full-time jobs? Is it is ethical? Does it matter? We dive into Reddit's Overemployment (OE) thread with more than 80,000 posts. Then Twilio and Patagonia CEO's take active stances on racial, social and environmental justice. Can big business meet systemic and social change? Only time will tell.

SF-based Twilio lays off 11% of its workforce but will be doing it through an "anti-racist/anti-oppression lens", and the Morning Show with Nikki Medoro asks how you do this?  If corporations want diversity in their employees, how do they hire and fire without discrimination?See omnystudio.com/listener for privacy information.

Robin Andruss has spent her career working in and thinking about privacy and compliance. She's previously held privacy roles at Google, Yahoo!, and Twilio, where she served as the Global Director for Privacy and Data Protection. She's currently the Chief Privacy Officer for Skyflow. In this episode, she discusses her background, how she got interested in privacy, privacy engineering, the responsibilities of a Chief Privacy Officer, and what every company needs to be thinking about when it comes to the ever changing privacy landscape. Topics: What are the responsibilities of a chief privacy officer? How did you end up with an interest in working in the data privacy space? And what's your work history in this space? What is privacy engineering? What is the typical background of someone that ends up working as a privacy engineer? Where does privacy engineering typically sit in an organization How does an engineering team typically work with the privacy function within an organization? People tend to lump security and privacy together, what's the difference? If you were advising a startup today, what advice would you give them about how to navigate the ever changing privacy landscape? What should every company be thinking about when it comes to data privacy? Does every company need to hire a privacy specialist? If not, at what point does that make sense? What are the big gaps in data privacy today? What future technology or development are you excited about? Where should someone looking to learn more about the data privacy space begin? Resources: Effective Privacy is Always Proactive NIST Framework CMU Privacy Engineering Programming Data Protocol Privacy Engineering Certificate Program IAPP Privacy. Security. Risk. 2022  

SF-based Twilio lays off 11% of its workforce but will be doing it through an "anti-racist/anti-oppression lens", and the Morning Show with Nikki Medoro asks how you do this?  If corporations want diversity in their employees, how do they hire and fire without discrimination?See omnystudio.com/listener for privacy information.

Jason and Molly kick the week off by breaking down the team's favorite new social media app, BeReal, and its plans to add paid features (15:16). Then, they cover how platforms found fake accounts suspected of being run by the US military (31:12). After, they continue with more tech news, including Apple's iPhone 14 Pro bug (42:25) and Twilio's plans to make "anti-racist" layoffs (49:29). They end the show with a We Live in the Future segment, highlighting the startup TransPod (1:03:06). 0:00) J+M tee up today's segments! (2:45) The hosts recap the weekend (14:01) LinkedIn Jobs - Post your first job for free at https://linkedin.com/twist (15:16) BeReal's plans to add paid features (29:46) Notion - Sign up for free at https://notion.com/twist (31:12) Platforms found fake accounts suspected of being run by the US military (40:59) Odoo - Get your first app free and a $1000 credit at https://odoo.com/twist (42:25) The iPhone 14 Pro camera has a camera bug (49:29) Twilio's plans to make "anti-racist" layoffs (1:03:06) WLITF: TransPod's affordable ultra-high-speed transportation FOLLOW Jason: https://linktr.ee/calacanis FOLLOW Molly: https://twitter.com/mollywood

American Invents Act Has Destroyed Innovation - Cops want to keep mass surveillance app secret; privacy advocates refused - Hackers Hide Malware in Stunning Images Taken by James Webb Space Telescope - TikShock: Don't get caught out by these 5 TikTok scams - Ukrainian Police Bust Crypto Fraud Call Centers Well, the birds are coming home to roost. Well, not the chickens in this case, but this is called the death warrant for American ingenuity. We'll start by talking through this great article from this week's newsletter. [Automated transcript follows.] Well, I hate to say this, but in reality, we are looking at some very, very bad times for inventors, and I've had some of these problems myself before, but last September, there were scores of patent holders who demonstrated in six cities across the US. [00:00:34] They had on these black t-shirts that said homo sapiens, inventor. Endangered species. They were protesting America's decade of stolen dreams. Great article here in the American thinker. It was in my newsletter this year, or excuse me this week, but, uh, but here here's weirdly what happened here. Back in 2011, president Obama pushed through Congress and signed into law. [00:01:04] What they called the America invents act. Now just like the inflation reduction act is going to increase inflation, right? It's all double speak. Isn't it? The American invents act turned over the patent process basically to the biggest Democrat party donors. Big business billionaires, right? Because that's who really is funding them, the Hollywood millionaires, these massive billionaires, Zuckerbergs and, and others. [00:01:35] And what happened here? Is they changed the whole patent law and the basis for it. They flipped the table here, basically. Here's the idea behind the patent law that we've had in place in the United States for well, over a century and patents that are guaranteed in the cons. It used to be that you, if you were first to invent something, if you could show that you were first to invent something, you could file a patent and gain that patent. [00:02:14] Well, what happened is because of all of the donations that went into the Democrats in 2011, from these big, big companies that were lobbying. A, and this is part of the reason I have a huge problem with all this money going to Washington DC, frankly, because it just attracts rodents like these big companies that want to use the law to control you, to gain profit for them. [00:02:39] And really in this case, squash. Potential patent holders. You see there have been piracy for years in the patent field. And this happened to me. I spent a year of my life designing some software, writing some software that emulated an older computer system and allowed you to take. Any of that software and run it on the new system. [00:03:05] And it would run exactly the same way. And a lease on the new hardware was cheaper than just a maintenance contract on the old stuff. Plus it was faster, used less electricity, had more options, et cetera. Right. It was, it was really something, frankly, and I was invited to their headquarters to show them a little bit about. [00:03:27] Did, and, and I was so excited because they wanted to start selling it, right. So they need to understand a little bit better. So I went to the headquarters and met with them, you know, of course paid my own way. Flew down there, stayed in the hotel, rented a car, you know, all the stuff that you have to do. [00:03:43] And then nothing happened afterwards. Wouldn't return phone calls. It just, all of a sudden went silent. And then about a year and a half later Tata, they had an alternative product out on the. . Yeah, and they tried to emulate what I had done, but they did a very, very poor job at it. That's patent theft, that's piracy in this particular case, uh, if you are an inventor, you've probably experienced that sort of thing before, you know, you can put employees all of the non-disclosure agreements you want to have in place, but in reality, good luck enforcing those, especially against a big company. [00:04:25] Well, piracy went on steroids because of president Obama's America and events act. They, as part of that established something, they called the patent trial and appeal board. And it's just gone downhill ever since. So a professor that has more than 40 patents, I'm gonna read a little quote of his, this includes some inventions used in the space shuttles, by the way, which by the way, my invention was used with the space shuttle. [00:04:57] Um, so Dan brown invented something called the bionic wrench. I have one of those. I bought one of those some years back, this is a one size fits all wrench that does not strip bolt corners like it does if you're trying to use vice scripts or some pair of pliers, right. Because you're just too lazy to go and get the right socket size or box wrench or whatever it is. [00:05:22] That's the right size. It very, very. And professor brown says that Sears stole his idea for this bionic wrench right down to the marketing pitch. And then Sears, according to him, went out and hired a Chinese company to make it. And all of a sudden now, what kind of invention does he have? How's he gonna battle somebody like that? [00:05:49] I know a guy who is, uh, completely unethical. You know, I've done many shows from the consumer electronic show and it's really kind of cool, cuz I would get in depth with the inventors and, and explain what they were doing on the air. It was really neat all the way around. It was just a whole lot of fun. [00:06:08] And I met a guy there who was going to the consumer electronic show to find cool new consumer electronics. He thought might be popular. And then he'd go and talk to the people who were exhibiting that wonderful new electronics and say, Hey, I'm interested in, in selling your stuff. I have, you know, retail space and, uh, you know, kiosks in the mall. [00:06:33] What can, uh, what kind of deal can we work out here? Well, you know, first I, can I, let me get a, I, I need a copy of, uh, of your device here. I want a copy of it so I can mess with it and see, see if we really wanna follow through on. Oh, and I, I don't want to carry it around the floor of the consumer electronic show. [00:06:51] So I need you to ship it to me. So they'd ship 'em off. They might be a little speaker. They might be a charger. They might be who knows what? And consumer electronics is pretty broad. And if he liked it, he wouldn't buy it from them. He sent them over to his contacts in China. And had them reverse engineered and make the same thing with his brand label on it. [00:07:16] And he'd sell it in the stores. Now, when it comes to software and a lot of consumer electronics patents, aren't really a big deal because things. Changed so quickly. Right? And if you're a small guy, it's very hard to file a patent. And that's how president Obama sold this American Bens act to us. I remember this very, very clearly where he said, Hey, listen, this is gonna make the patent process way more streamlined, way easier for the small guys to be able to get patents, uh, not only applied for, but actually get them out to market. [00:07:52] And it's just gonna be an absolutely wonderful. It, it isn't because what happens now? Is big companies are not investing in research and development. That is true across the board. Now you might say, Hey Craig, well, how about big companies? How about Tesla? That's R and D. How about SpaceX? That's R and D. [00:08:14] Yes, but they are R and D companies. They're not big companies out there like Facebook, does Facebook try and come up with this or that new invention? Well, yeah, they kind of do from time to time, but most of the time what's been happening is corporate America looks for a winner. And then tries to buy the winner. [00:08:35] Microsoft has been doing that forever. Microsoft in court has lost cases because of what they did to inventors. And now it's been codified in law for over 10 years. So our American ingenuity, which is what we rely on in order to grow our economy, the ingenuity, the, the brain skills, the science, the true science that we have gives us a major competitive advantage because that particular, uh, type of intellectual property has a much higher profit margin than something like manufacturing a widget. [00:09:14] When you get right down to it, that's where the real money is. so a very interesting article and I would suggest you take a little bit of time to read it. If you've ever thought about patenting something, if you had a great idea, it used to be, you know, this is kind of the, the, uh, old wives tale. If you will, if you've got a great idea, you think you might wanna patent it, write it all out, take all of your notes, do it in a, a, a workbook that you can. [00:09:43] Alter right. You can't tear out pages or things. Uh, mail it to yourself in a Manila envelope and make sure you put stamps on it. And then the post office is going to date, stamp it for you or send it to your attorney even better. Right. And your attorney's gonna go ahead and keep that on file. And then when it's time to file the patents, you can say, Hey, look, it here's the proof. [00:10:06] I invented this in April of 2019. It doesn't matter because if some other company sees what you're doing or comes up with a similar or the same idea, and that company has the money to have the lawyers that know patent law inside out and backwards and can go ahead and file that patent claim. You've lost it. [00:10:31] you know, as early as the constitutional convention of 18 or 1787, our founding fathers recognize the need to promote innovation and we have to be promoting it. We've gotta get rid of this Obama era law. Absolutely. We've gotta go from first to file, which is what it has been for a decade. The first person to file you. [00:10:54] And move back to the way it was intended, the way it worked for well over a hundred years where it is a first to invent, it's very, very important for all of us, for economy, et cetera. The, the third law of Congress was a patent act of 1790. It it's just man, have we come a long way, stick around. We'll be right back online. [00:11:19] Craig peterson.com. [00:11:22] You know, we've had firewalls in our cars for a very long time for a very good reason. Right? You wanna keep the engine stuff out of the passenger compartment? The same thing is true. When we're talking about our networks, we're using firewalls to keep things out. [00:11:39] Firewalls are there to keep things out. And we have firewalls in our homes. [00:11:44] If you've got an internet service provider, you've probably got a firewall right there. Something that you don't even think about, right. It's just, there's gonna protect. You, it might, it's providing some services. You might be familiar with them. It's obviously doing a network address translation for you in this day and age. [00:12:06] Pretty much everything is especially with the internet transition that's been going on for years now from, um, IP four to IP six, but, uh, the firewall. is critical for every person and every business out there. But when we get into the configurations of firewalls, frankly, they are really a touchy subject. [00:12:29] You know, every network security professional has their own preferred hardware and software, uh, use Cisco. As a rule, Cisco has some great stuff. What I like the best about the Cisco equipment that we use in software and install at our clients is it is one pane of glass. It's a single vendor that covers everything from endpoint security. [00:12:54] In other words, security on your desktop, through the network itself, the switches, the firewalls, the email filters Absolut. Everything is there and is taken care of by all of the Cisco gear. It it's really quite something to look. I saw, in fact, a survey just last week at businesses who are trying to consolidate, there's just too many vendors in there selling this piece of endpoint, that piece of endpoint. [00:13:25] And, you know, that's part of the problem that I see happen pretty frequently, which is people look at Gartner report. Gartner, of course, a research company. They've got a lot of great research out there that I've used before. I've had Gartner on the radio show before, as well as some of their competitors talking about trends. [00:13:44] Well, There is something known as the upper right quadrant in those Gartner reports where they are rating various vendors for various pieces of software. So there might be for instance, a report on firewalls and the upper right hand cor quadrant is kind of what you want, cuz it's new, it's innovative. It, it innovative. [00:14:06] It's uh, really cool and wonderful. And it's the best. Since life spread. So they go out and they buy that cuz it's upper, right. Gartner quadrant. And then man, they find out, uh, okay, so now we need desk desktop, desktop. Okay. So they find the or buy actually the Gartner report for five to 10 grand. That's like a page long is crazy how expensive these things are. [00:14:32] They then look at that and say, okay, so the best desktop is vendor Y so let me see, we got X for the firewall. We've got Y for the endpoint and then, oh, they need switches. So let's go to the Gartner report. Who's in the upper right quadrant here for switches. Oh, it's uh, vendor Z. Okay. So we got Z. So now all of a sudden. [00:14:51] You end up with all of these different pieces of hardware, different pieces of software that have limited offerability at best interoperability at best. Right? So the, this day and age, when we're talking about cybersecurity, There are so many legitimate attacks every day. I mean, thousands of attacks going on even against a single business. [00:15:18] And there are hundreds potentially of false alarms every day. So how do you deal with that? That that's a good question. So, uh, a lot of businesses turn to companies like mine now, you know, full disclosure, I've been doing internet security work for businesses since, uh, early 1990s. So whew, 30 years now. [00:15:40] And I've been doing internet work for even longer than that, helping to develop it. So they'll go and they'll say, Hey, we need a managed security services provider. Uh, there's a big problem with that. And I, I was watching, uh, Yellowstone that TV show and I, it was a great little example of what we're seeing in the world today. [00:16:05] And Frank, frankly, we've seen forever obviously. And that is if there's a demand for something, all of a sudden, a lot of people will be hanging up shingles. and if they know, if that vendor knows more than you do, or is able to kind of turn, twist your ear and convince you to buy from them, you'll buy from them. [00:16:26] We saw that man around the year, 2000, all of the people who were trying to sell web services that had no idea what they're doing now, we're seeing all kinds of people trying to sell network services, security services that have little idea of what they're doing. We support. These companies that call themselves manage security services providers, where we actually go in, we design the system, we build the system and we implement the system. [00:16:53] We run the system and the third party here builds the client. Right. Cuz it's their client. And you know, that's all fine. It's so well and good, but what should you be looking. Particularly if you are a business, if you want to have a managed firewall, which is, I think important again, it's kind of a long tail thing to have a firewall vendor and, uh, this vendor and a managed vendor, and now it can get to be a headache pretty quickly. [00:17:23] But if you're going to focus on one thing, It's probably the firewall and your end points. Right? So maybe it's two things. So here's what a managed firewall service provider should be able to offer you. First of all, firewall system health and alerting. Software life cycle management, which means your updates, your patches, service, and incident management. [00:17:48] Whenever there's an alarm, they should know about it and they should be handling it. Security policy implementation your reporting, your analysis, your remediation, some of that is required by these various regulations and laws that are out there. You. To do it, uh, you know, without getting in a lot of detail right now, um, network monitoring, uh, the traffic monitoring, you know, the idea here behind any kind of managed service is to bring in a true expert rather than just completely outsourcing. [00:18:24] So you're partnering with someone. One of the things I've, I've bated my head against the wall for, for decades now, is that the it department. Thinks that they're up to snuff to be able to do something, or maybe they just want to do it because it's gonna be wonderful for them on the resume for the next job. [00:18:45] Right. Uh, man, I've seen that a lot of times when, when you are looking at all of this stuff and you've got an it department, maybe you're better off bringing in a very narrow expert to support your it department rather than fight against your it depart. good questions here. Uh, bottom line, they should have better expertise than what you have. [00:19:11] And you've got to read between the lines between your it staff that are currently doing it and the other vendors reducing the burden on your staff. So that maybe what they can do is. Focus more on things that are, uh, revenue generating that are more important to your business. You'll get faster incident response with any luck here. [00:19:33] With service level agreement, proactive security from the managed security services providers, or just regular service providers. Your burden on updates is going to be lower, improved manufacturer support. Because a lot of times, like we do my company mainstream, we have direct connections to the manufacturer. [00:19:56] Our case is usually Cisco because of the volume or services that we have and the equipment that we buy from them, uh, easier to scale there. There's a whole bunch of things, right. Uh, But be careful. One of the things you gotta watch out for too is where are their service people, their support people physically located, and are they us citizens? [00:20:20] A lot of the regulations. In fact, pretty much everyone. I can't think of an exception require us persons to be the ones in control of your network and data. So lots to consider. But keep that all in mind. I think it's an important thing to understand. Stick around. We'll be right back. And in the meantime, visit me online. [00:20:42] Craig peterson.com and sign up for my free newsletter. [00:20:49] The best way to secure a system is something, you know, and something you have, well, many systems have been securing themselves with your phone, right? They send you a text message, but it turns out that that isn't working well. [00:21:05] Having an SMS message sent to you in order to authenticate who you are, has turned out to be well, a problem we've seen over the last few years, people who have things like cryptocurrency who have a cryptocurrency wallet who are keeping their money, if you will, in this wallet and are using. [00:21:30] SMS to verify who they are. So here's how that works. You log into a website using a username or perhaps an email address. Again, it should not be asking for an email address for a login because you probably use the same email address or maybe two or three. And. Have for what? 50, a hundred different sites, maybe a thousand, I've got 3000 records, uh, logins on my one password account. [00:22:02] Okay. So there's a lot of them. They really should be letting you set up your own username so that it can be unique. For every single website that you go to. So, but anyway, that aside, you've got your username, which may be your email address. You've got a password and we've talked about passwords before. [00:22:21] Hopefully you're following the current guidelines, which are, don't worry about random characters, make sure it is long. And that means. A past phrase. So you string three or four words together. You put some digits, some special characters in between the words, maybe, you know, one word is all upper case. You, you play with it a little bit, but it's easy to remember. [00:22:48] So if someone then gets your email address and they get your password, they can potentially log into a website. Correct. And that website might be your bank account. It might be your work account. We've had a lot of problems lately. The FBI is saying that about every 12 hours, they're filing a new report of a company that got their intellectual property stolen. [00:23:22] one of the ways the bad guys steal it is they'll log to your RDP server, your Microsoft remote desktop server, using your credentials that you used at another website. It's that easy. It really is. They might be trying to log in via a VPN again, the same thing. So how do you secure this? How do you secure this? [00:23:47] Well, how to secure this properly? That's where the something you have comes into play. We all have a smartphone of some sort, even if it's not considered a smartphone, it can still receive text messages. So what a lot of these companies did is they asked their underpaid it people to set it up so that when you enter in your username and your password, it then sends you a text message. [00:24:16] Usually with a six digit text message and you then have to type that into the website as well. Seems pretty good. Doesn't it? Well, and, and in 30 it is pretty good. There are however, a few problems. Those people I mentioned who have cryptocurrency accounts and have been using this SMS methodology, which is SMS, of course, text messages have found that sometimes their phones have been hijack. [00:24:48] easy enough to do. And if they know you have a fair amount of cryptocurrency, it's probably worth their effort to spend a few hours to try and get into your account. And they have been getting into your account and people notice, Hey, wait a minute, I'm a kid. They do phone calls or text messages. What's what's with that. [00:25:07] And you found out that they have dismissed you, they have stolen your. Your, uh, SIM card, basically, even though they don't have to physically have hold of it. And there's a number of ways that they do that there's a new scam or newer scam that's out right now that the fishers are using. And that is they're sending out these SSMS, these text messages that are trying to get people to respond. [00:25:34] So how do they get people to respond? Well, In this case, they're primarily going after this company called Octo Octo post. And, uh, there's a number of different types of Octos out there, but anyways, they are trying to get you to. Do something you shouldn't do let me just put it that way. Right. So what they're trying to do is get you to, uh, enter in your username and your password. [00:26:04] Okay. Well, that's been around for a long time. Craig, you're telling me we've had fake bank account, uh, bank website. So they'll send you an email and in it, they'll say, Hey, I need you to go right now. to our bank page and, uh, authorize this $2,000 transaction that wasn't you. And so now you're freaking out, you click on the link, you go to the bank, you try and log in and the login doesn't work well. [00:26:31] That can be because what the fishers did is a made a webpage that looked like the bank's web page. And when you went there and entered in your username and password, you just gave it to the crooks. That's happened a lot. Well, there's a company called Octa O K T a. That is an authentication company. And what the bad guys have done is they have registered domains similar to a company. [00:26:59] So for instance, they went after CloudFlare, which is a huge, um, company they're number one, I think they have like 80% of all of the protection for denial of service and caching a business on the internet. It's just amazing. Cloudflare's huge. And I've used them and continue to use them for some customer. [00:27:19] So, what they did is they found a whole bunch of people that worked for CloudFlare sent them a message. And, and here's what it said. It said alert, your CloudFlare schedule has been updated. Please tap cloudflare-okta.com to view. The changes. So you go there, it looks like a regular Okta login page and they go ahead and ask user name and password, but CloudFlare is smart. [00:27:47] They're using Okta. So they're sending an SMS message to the user to make sure it's really, them turns out what was really happening is yeah, it was sending that guy a text message and it was using telegram. To relay that his response back to the hackers. So now the hackers have your username, they have your password and they have your six digit login key. [00:28:15] That's supposedly unique that supposedly went to you. And in this case, they didn't even have to bother a hijacking your SIM card. In this case, they just sent you that text message. So it's been causing some serious problems. They've been going after all kinds of different companies out there, uh, food service company, DoorDash you've heard of them. [00:28:37] Right? August 25th, they said that there was a sophisticated fishing attack on a third party vendor that allowed a attackers to gain access to some, a door dashes internal company. Tools DoorDash said, intruders stole information on a small percentage of users that have since been notified, big deal, or what a tech crunch, by the way, reported that the incident was linked to the same fishing campaign that targeted Twilio. [00:29:07] That also, as we just mentioned, targeted cloud. So we have to be careful with this. We cannot be using SMS text messages to authenticate ourselves. Some banks now allow you to use one time passwords from things like one password or others. However, some banks don't turn off the SMS, the text messages for authentication, which they really should be doing. [00:29:36] And the other thing I wanna let you know is I like UBI. Y U B ico.com. Yubico check them out. I'm not making a dime off of this, but they have a physical token. That you either have to plug in or the connects via Bluetooth. That is something you have that authenticates you to all major popular websites out there, and many of the tools. [00:30:03] So if you have any questions, just email me, me@craigpeterson.com gimme a few days, but I'll get back to you. [00:30:12] Have you heard about fog reveal? They it's almost invisible when you search for it online, but it's something that police departments have started using. And they're trying to keep all of this secret. So we're gonna tell you what's happening there and got a few others too. [00:30:29] Great little article that was in the newsletter this week. [00:30:32] Hopefully you got my free newsletter, but it is about fog reveal. This is an ours Technica. Often some of these ours Technica stories are carried in multiple places online. It's kind of interesting because we know to some degree what the federal government's doing to collect information on people, they go to open source. [00:30:57] Sources of information. In other words, things that are put out there publicly online, so they might search you your Facebook information or what you've been saying on Twitter, uh, or more, they go to data brokers that anybody can go to. And those data brokers have more information. They probably. Bought records from the states and they know from each individual state what property you own. [00:31:25] If you have a car, if there's liens on it, any mortgages that you might have, right. Putting all of the stuff together. It's kind of an interesting problem, frankly, but that's a, again, they say it's legitimate. Now the federal government is not allowed to collect this information. So they just go to third party data aggregators. [00:31:45] And remember again, If you have apps on your phone, if you have an Android phone, this does not apply to iPhones. Generally it does apply to iPhone apps. However, but, and this is part of the reason I say never, ever, ever use Android. Okay guys, I, I just. Blows my mind. I, I was talking to an old friend of mine. [00:32:09] Uh, he was the, the CTO in fact for the state of New Hampshire. And he was telling me that, uh, you know, we were talking and telling me, yeah, yeah, I got an Android phone. He says, don't you just love Android? And he knows that I do cybersecurity. He knows I've been in it. He hired my company to do a bunch of different tasks for the state, right over the years, we still do business with the state and he's using Android. [00:32:41] He's probably listening right now. BU get a little note from him, but, uh, it, it, it's a problem to use Android any. Those free apps that you're using, that Google maps app that you're using. And of course you can use that on iOS as well is tracking you. They know where you live because they know where your smartphone stays at night. [00:33:04] They know all of this stuff. How do you think the FBI is able to seize a smartphone at a Hardee's drive through. they know where you are. Well, they have some more access to information as it turns out. Uh, one Marilyn based Sergeant, according to the article wrote in a department, email TDY, the benefit of quote, no court paperwork and quote before purchasing the software. [00:33:37] And the Sergeant said the success lies in secre. interesting. So the electronic frontier foundation, FF, who I have supported over the years and the associated press got together. Now, the associated press won a Pulitzer center for crisis reporting, uh, award, I think. But anyways, the Pulitzer center for crisis reporting also got involved here. [00:34:05] So she had these three different organizations trying to figure out. what could, or what would be considered local places best kept secret. So they went online. They started doing some searching, trying to figure this out. And according to ours, Technica, the reporting revealed the potentially extreme extent of data surveillance of ordinary people being tracked and made vulnerable just for moving about. [00:34:38] Small town America. So it isn't just the big cities where you're tracked anymore. Reports showed how police nearly two dozen agencies. One record shows the total figure could possibly be up to 60. Use Google maps, like technology called frog reveal. now this is licensed by fog. I, I keep saying frog it's fog licensed by fog data science, and it gives state and local police a power to surveil. [00:35:10] Hundreds of billions of records from 250 million mobile devices. And if that doesn't scare you, I don't know what does now FF, the electronic frontier foundation found that fog reveal gets its data from veal. That's the same data source the feds use. neither companies disclosing the nature of their business relationship. [00:35:33] Okay. They fog, reveal. Didn't say what Tel is providing and vice versa, right? Yeah. But it really appears that fog reveal is getting data location services to local police at its steep discount. So it's making it more affordable for smaller police departments and private security companies to access major amounts of data and trace devices across months or even years. [00:36:03] isn't that something. So typically FF found that police agencies license the software annually for costs as low as six grand to nine grand. Some agencies spend even more on this tech to track people as they are moving and exactly where they are. Again, think being in a Hardee's drive through having the FBI show up. [00:36:27] Knowing you're there. Uh, ours reviewed one annual contract in Anaheim, California. That was for more than $40,000. So it took months for these three organizations that are used to digging into this sort of stuff, uh, to figure this out, took more than a hundred public records requests to gather thousands of pages of evidence to trying to compile a picture of how local law enforcement. [00:36:55] Is using and mining the location data. Now, to me, this is scary because we look at abuses of power. Through the years and I it's happened again and again and again, we are smelling more and more like Venezuela than we are free us. It's frankly scary, scary to me, but I'm talking about it cuz I think it's important. [00:37:21] That I bring this to light to everybody else out there. Okay. Now fog data science, managing partner, Matthew Brodrick told the associated press that fog reveal has been critical to police to save time and money on investigations, suggesting police who are under-resourced and investigation suffered from reliance on outdated. [00:37:44] Outdated tech now that's true. Isn't it? But isn't it also true that, uh, that's why we have some of these policies and procedures in place. That's why the Supreme court Miranda decision has some policies and procedures. That's why a warrant, a search warrant is supposed to be specific in what they're looking for and where it is located. [00:38:11] We don't allow these broad warrants that the king used to issue, but we are doing that nowadays. It seems against political enemies and that's where it starts really, really scaring me. It isn't that I think that the, the current administration it, or even the next administration in Washington, DC, is going to be rounding up its enemies and putting them up against a. [00:38:38] But when would it happen? Well, it would happen if everything were in place for it to happen. What's one of the most important things for fastest regime. It's to have a citizenry where they know everything about everyone. It, it reminds me of the Soviet era. Show me the man. I'll show you the crime. There's a great book out there right now. [00:39:04] I think it's called, um, three felonies. a day, I think is what the name of it is. But the, it points out how every last one of the people that call ourselves Americans in the United States of America, every one of us commits at least three felonies a day. Now a lot of these things are just absolutely crazy. [00:39:26] You know, there's been a lot of jokes about, oh, did you chair the label off of that pillow? Well, you can cuz you're the consumer, right? It's. The people that are selling it that are in distribution chain that cannot tear that off by law. Okay. But in reality, there is a lot of stuff that could be used against you. [00:39:46] So it it's like when they say, uh, you know, give me this, or why don't you answer that question? It's none of their business. You have a right to be secure in your papers right now, if they have a warrant that's specific, then you need to surrender it. But hopefully the warrant's actually issued by real court. [00:40:08] Some of these agencies now, uh, like the IRS have their own courts that are paid for by the agency. The judges are working for the agency. So you really think they're gonna be fair. I wonder, I wonder. Okay. Couple more things. Next up these pictures taken by the James web space telescope. Have you seen these? [00:40:35] It is amazing. I've seen them side by side with our latest or, you know, our previous high tech pictures. And we're seeing what maybe galaxies that we never could see before. It's just absolutely crazy. Well, guess what bad guys have seen them as. And they are embedding malware inside of some of these amazing images taken by the James web space telescope. [00:41:05] If you can believe this, by the way, they're writing them in go. Uh, so the Phish and emails, they've got a Microsoft office attachment. That's the entry point for the attack chain when you open it, it retrieves and obfuscated, VBA, macro, which in. Auto executed. all of a sudden there is a macro that is de obfuscated and run on your computer. [00:41:34] So be careful careful with that again. And good news. Microsoft is now turning off the execution of macros by default. Double check your machine, making sure that macros are blocked by default. So, yay. Okay. So they are, by the way, changing campaigns to rogue link and ISO files because of the blocked macros. [00:41:56] But, uh, it's good that Microsoft is doing that. Thank goodness. And you Ukraine, the police busted a crypto fraud call center. In fact, more than. And they're also shattering two more Russian bot farms. So we shouldn't be getting as many of those, uh, phone messages from the, uh, the bad guys scammers as we used to get. [00:42:20] Thank you, Ukraine. All right. Online Craig peterson.com. Get that newsletter and stay on top. [00:42:29] Well, we got some election news here from our friends at Google and at Twitter, they are taking opposite directions about exactly how they're gonna handle news postings about the elections. This is an interesting thing. [00:42:46] The federal election commission is the branch of the us government that monitors elections. [00:42:53] It does things like impose fines for misuse of funds. It sets some of the standards for funds and for their use. And. and one of the things it looks at is what are called in kind contributions. This is where someone might, uh, for instance, run a whole bunch of ads on behalf of a candidate. And those ads are coordinated with the campaign and that is illegal. [00:43:24] You're not supposed to do that. And because it's illegal, you know, they try and stop it. But most of the time they end up finding after the fact. And that's part of the reason they want campaigns to be filing their financial reports fairly frequently so they can catch it quite quickly. Well, There have been many complaints from the G O P about what has happened with some of the campaign finance stuff, where you have someone like Facebook or Twitter or Google, who seems to be meddling with the election. [00:44:02] They are running ads for your competition. They are really screening the results from people's searches. And from that those results they're, they're benefiting. There was a study down in orange county here a few years back where they looked at. Google results that were related to the elections going on in orange county and found that the Google results were tainted in such a way that it dramatically favored the Democrats that were running in those districts in orange county, California. [00:44:39] Pretty interesting when you get right down to it. So the GLP says, wait a minute, now that sort of thing is worth millions, tens of millions of dollars, because if they were going to run TV ads, for instance, to get as many eyeballs, to get as much attention to convince people that this is the way they should vote, that would cost them tens of millions of dollars. [00:45:02] So how much is it worth? Where do you go to really straighten things out in order to ultimately make fairness work and well, you know, that's kind of what the federal election commission's supposed to do. Well, here's, what's happening with the next elections. The federal elections commission has decided that Google. [00:45:28] Getting rid of their anti spam measures for. Candidates does not violate a ban on contributions on inkind contributions. So this is an interesting approach because Google's saying, Hey, listen, we want to allow pretty much any political message to come right through to Google Gmail users, inboxes, and not filter those. [00:45:59] Which I frankly think is a smart move on their part. Now some of these campaigns get pretty crazy. They're sending money requests all of the time. It it's been crazy to watch both sides do this and both sides complain about the other side, doing it. But at least by getting rid of these spam rules for the politicians, their messages are gonna get through. [00:46:24] I think that's ultimately a very good thing. So what kind of messages are gonna get through how and why? Well, ultimately they're saying we're gonna let all of them through. and what that means for you. If you already get some of these messages from the politicians, it means your mailbox. At least if it's a Google Gmail box, you are going to be seen even more during elections. [00:46:51] And I think this is gonna go on for very long time. Because Google doesn't want to get caught in the middle. When we're talking about these in kind contributions. If this were to be done for the Republicans or were to be done just for the Democrat, can you imagine the noise that would be made? By both sides and in kind contributions where the Republicans tens of millions of dollars Googled get dull tied up in some of these, uh, you know, lawsuits that would really be inevitable. [00:47:23] Bottom line. Well, Republicans have accused. Google of giving Democrats an advantage in its algorithms. And, and as I said, there have been studies on that that have proved that they have. The big question is why. And there's an article in ours, Technica talking about a meeting that happened in may 20. 22 between Senate Republicans and Google's chief legal officer. [00:47:52] And he said that the most forceful rebuke came from Senator Marco Rubio from Florida who claimed that not a single email from one of his addresses was reaching inboxes. And the Washington post, which of course is a mouthpiece for the Democrat party reported in late July. That the reason it was getting blocked was that a vendor had not enabled an authentication tool that keeps messages from being marked to spam. [00:48:21] Now, if that's true, The Washington post accidentally reported the truth here. And it might be true. I had a company call me up this week. They had their Google ads account banned, and they were trying to figure out the details of why and what happened. And I went in and we solved that problem, and I noticed that they had. [00:48:44] Properly configured their email. There's there's gets technical here. I have a paper we've put together on this, a special report talking about what's called D K I M. These, uh, SPF records DMAR records and how they should all be set up and why I need to use them. So this company was doing marketing. [00:49:04] Obviously they had a Google, Google ad account. They were sending out emails, but because they had not properly and fully configured their email. They were not getting delivered at the rate that they could get delivered. Now that's kind of a very, very big deal when you get right down to it. And the Washington post is saying, well, that's what happened to center to Rubio. [00:49:26] Now there's other things that might happen too. There are. Keywords that are used. There's software called spam assassin. That's very, very common. I have used it since it came out decades ago. I can't even remember how long spam Assassin's been out there, but it looks for certain things in the emails. , it looks for a lot of graphical content, a lot of HTML, even a lot of links and it kind of, it gauges, you know, this is likely spam on this scale. [00:49:56] And typically if the, the score is higher than five or eight, or in some cases, some people said as high as 15, that email is bounced. Well, one of the real big checks as to whether or not this is legitimate email is to check and see. Who is the domain? Does that domain have these special keys that tell us? [00:50:19] Yes, indeed. This did come from us. In other words, in this case did come from Marco Rubio or in the case of my client, it came from their company.com. And is it signed encrypted so that we know that nobody's kind of playing a man in the middle thing, trying to mess things up on us. And they say, okay, well that's a really good score. [00:50:40] So we will, we'll lower that spam score. And, and that's how that game is played. So what by Google doing what it. Talking about doing it's really gonna help out because I have of every company I've checked for email, email deliveries, we've got a, a new customer that is a startup and you know, what do they know? [00:51:02] They they're very narrow. Right? They understand their. Basic technology and their email again, was set up kind of like apparently Senator Rubio's email was set up and, and didn't have these things. And just like this company that I helped this week, they didn't have it set up properly. And, uh, they had experts who supposed experts who had set it up, but both cases, right. [00:51:26] It was outsourced. Yeah. You know how that goes. Now, some Gmail users submitted comments to the federal elections commission and they were criticizing Google's plan cuz they did not want to get more spam. Okay. And there were more than 2,500 comments. You can find them by the way, online, all of the stuff is a matter. [00:51:48] Public record and they call it the docket. And so there's a page out for this particular docket and the commissions through Republicans and Democrat commissioner voted for the order appro Google's plan. I think this is a very, very good deal. And it's really kind of the opposite of what Twitter is planning on doing Twitter has. [00:52:12] essentially announced that it's going to. In the elections. Yeah. So you got Google on the one side saying our hands are clean. We're staying away from this. We don't want anything to do with this. Thank you very much. We love you, but, uh, forget about it. We're just gonna let all the emails. Through, Twitter's saying that it's going to have its wonderful sensors who have been proven right. [00:52:39] Every time he said with his tongue firmly planted in his cheek, and they're gonna have those wonderful sensors that, you know, they're sitting in the basement and, and eating pizza and drinking Coke or red bull. I, I still kinda understand why somebody that's 30, whatever years old needs, energy drinks, you know, come on, come on. [00:53:00] Uh, but anyways, They're they're saying that they, Twitter is going to be the determiner as to whether or not something that is posted on Twitter is correct. Or if it should be censored or if it should be blocked entirely. And they're admitting that they're gonna shadow ban conservative content, they don't like isn't that. [00:53:25] So. Yeah. Uh, that's from the gateway pundit good article. And you'll find it in this week's newsletter. Uh, I think it went out Monday this week and you can follow the link through to these articles on Google and Twitter and the elections or any of the others that we have out there. So stick around, we'll be right back and make sure you sign up. [00:53:46] If you didn't already get that newsletter. Absolutely free. Craig, Peter son.com/subscribe. [00:53:59] I'm not sure a week goes by where I don't hear from a listener saying that somehow Facebook is tracking what they're talking about because all of a sudden ad starts showing up. And they're related to things that they've been talking about. [00:54:16] Meta is the owner of Facebook and Instagram and, and some other things like WhatsApp, which is part of the reason I don't trust WhatsApp, but we've had, I don't know how many complaints from people saying that Facebook is listening in to what they're talking. [00:54:36] And people are kind of wondering, well, wait a minute. Is it listening in on my phone calls? Is it listening when and how? It's a very, very good question. Now Facebook says in a statement that Facebook does not use your phone's microphone to inform ads or to change what in the newsfeed. Some recent articles have suggested that we must be listening to people's conversations in order to show them. [00:55:06] Ads. This is not true. We show ads based on people's interests and other profiled information, not what you're talking out loud about. We only access your microphone if you've given our app permission. And if you are actively using a specific feature that requires audio, this might include recording a video or using in an optional feature. [00:55:30] We introduced two years ago to include music. Or other audio in your status updates. So there it is. There's the official word from our friends over at Facebook. But do you notice there's a little bit of an out in there, right? Facebook does not use your phone microphone to inform ads or change what you see in your news. [00:55:55] Doesn't use your microphone. So there's a study out right now. That is from an X Google engineer. And this article is in the guardian and they are talking about what he found. So, let me explain the background on some of this technology. First, if you are an app developer, if, if you're a developer of any software of any kind you use libraries and these libraries do things like search for a specific set of characters called a string or in search. [00:56:31] Them or move things around or open a connection to another machine. So rather than having implement the whole T C P I P stack and ethernet underneath it and, and all of the operating system work that you'd have to do with all of the interrupts and the buffer fills and reading, toggling. As switches in the hardware, doing all of that sort of stuff. [00:56:52] You just make one library call and say, listen, and you give the port and TA anybody who tries to connect you. It just comes right through. It's all taken care of for you, right? That's what libraries are all about. And they've become much more complex, more recently libraries nowadays can do things like provide you with a full web browser. [00:57:16] Many of the applications that we use on a daily basis, these apps in our phones, particularly, but it's also true with some of the apps on our computers are actually. Just web browsers. They're web browsers that talk to a server out on the internet and yeah, there might be wrapped in various things, but oftentimes if you're trying to pay within an app, it'll go to a third party site. [00:57:44] And part of the beauty of that is. Becomes a, a service to them. They don't have to worry about coding it all up. Right. They don't have to worry about taking your money, keeping everything safe. Am I using really good algorithms here to encrypt it can bad guys hack in? No, no, no. There's, they're just calling this routine that spins up a little web browser. [00:58:07] Inside the application and uses a secure connection to talk to the web server somewhere who cares? Not mine. I'm just the app developer, right? I'm letting you play your farming game or whatever it might be. That makes sense to you guys. So it makes their life much, much easier. Why bother if you've got a website that does everything, why bother coding it all up from scratch in an app? [00:58:34] They don't people don't. Why would. Well, we've seen that again. And again, for instance, look at Microsoft's latest browser out there, edge, not the original edge, but the latest edge, you know how Microsoft is, right. They call it the same thing, even though it's entirely different. Uh, yeah. How many versions of windows where they're like 20 at one point, right? [00:58:56] Different ones or different architectures and just crazy. But now the edge browser is. Built on chromium, which is Google Chrome, which is built on Apple's libraries to manipulate, draw things, et cetera. So you're running your edge browser on your Microsoft windows, computer. You're actually running code libraries. [00:59:21] If you will, from Google and from apple. And that way, if you're developing a browser like edge, you don't have to worry about every little nit bitty thing. That's all taken care of by other programmers who are making a smaller piece of code. Now that's been the whole Unix philosophy forever, by the way. [00:59:42] Instead of having these monolithic applications. That could be just full of bugs and security problems. You just have nice small, easy to maintain, easy to research applications and let other people worry about the little pieces, which is really kind of cool. It's great. Many browsers in fact are based right there on chromium and they modify it around a little bit. [01:00:07] Microsoft added all kinds of spyware to it. Well, it turns out. According to this research from an ex Google engineer that both Facebook and Instagram apps have been taking advantage of this in-app browser technology. And what they're doing is users who click on links inside the Facebook app or inside the Instagram at gram act are actually taken to the webpages. [01:00:39] Using an in-app browser controlled by Facebook or Instagram rather than sending you to your default browser. So if you are using iOS, your default browser might be safari, which is a rather safe. Browser and good for privacy, or you might have decided you wanna use the Chrome browser on iOS or maybe Firefox or brave, or one of dozens of different browsers that are out there. [01:01:10] No, no, it's not gonna use those. It's not gonna use your default browser. It's going to use the in-app browser. And what it's doing with that in-app browser now is here's a quote from him. The Felix Crouse, he's a privacy researcher founded an app development tool that was acquired by Google in 2017. He says, quote, the Instagram app injects their tracking code into. [01:01:37] Website shown, including when clicking on AB ads, enabling them to monitor all user interactions. Like every button that you press, every link you taped, every piece of text that you select or highlight any screenshot you take, any forms, you fill out any user forms, things like passwords addresses, credit card numbers. [01:02:06] Are all seen by the Instagram app? Yes, indeed. So in the statement, of course, uh, medicated that injecting a tracking code, obeyed users preferences on whether or not they allowed apps to follow them. And there was only used to aggregate data before being applied for targeted advertis. Now, this is interesting because according to Crouse, this code injection, uh, was tracked and he was able to look at doing, doing it right for normal browsers. [01:02:42] His test code detected no changes, but for Facebook and Instagram, it finds up to 18 lines of code added by. App into the webpage. So there you go. JavaScript injection and more from our friends at Facebook and Instagram. So they are tracking you, but apparently. They're not listening to your microphone, but they're watching you as you cruise around the web thinking you're using your browser, but no, no. [01:03:18] You're using theirs. Hey, stick around Craig peterson.com. [01:03:24] Cell phone security is something I've talked about for a long time. And you guys know my basics here. If you've been a listener for really any length of time, when it comes to smartphones, we're gonna get into this in more detail, particularly after this raid. [01:03:41] Well, of course everyone's heard, I'm sure about the rate on Trump's property, Mar Lago. [01:03:48] There was something else that happened right. About the same time. And that was representative. Perry Scott Perry was traveling with his in-laws, uh, who are described as elderly. They were on vacation. He's a Republican representative in the house of Congress from Pennsylvania. And he told the Fox news people that three FBI agents approached him, issued him a warrant and demanded he hand over his. [01:04:24] He said they made no attempt to contact my lawyer, who would've made arrangements for them to have my phone, if that was what they wanted. He says I'm outraged. Although not surprised that the FBI. Under the direction of Merrick Garland's DOJ would seize the phone of a sitting member of Congress. My, my phone contains info about my legislative and political activities, personal private discussions with my wife, family constituents, and friends. [01:04:53] None of this is the government's business. Now that's really an interesting point. And, and it brings up the discussion about our smart devices, you know, what should we be doing with our phones and, and what is it frankly, that our phones have in them. Now, just think about that for a minute. Scott Perry rec he, he not recommended. [01:05:21] He mentioned that he had all kinds of records. That were in that phone. You do too. You've got your contacts. Of course. The phone contains information about who you called, where you went, cuz it's got a GPS tracker, but even if GPS is turned off, it's still tracking which cell towers you've connected to. [01:05:43] Uh, we've got all kinds of email in our phones, which are gonna contain business documents, private documents, attorney, client, privilege documents, all kinds of stuff there. And we have the fourth amendment, which protects the right of privacy against unreasonable searches and seizures by the go. Now, in this case, obviously the government got a warrant we could argue about, you know, how legitimate is the warrant and should they have issued it, et cetera. [01:06:16] Right. That that's not what I'm talking about. This is not a political show. In reality. What we're talking about here is the technology. The technology we're using to store this information, this personal information, what should we be using? What shouldn't we be using? How should we use it? Right. All of that sort of stuff. [01:06:38] Well, okay, so we've established that there was not apparently a fourth amendment violation here. There, there might have been, we don't know. We may never know. It doesn't really matter, but if someone gets a hold of your smartphone or your tablet or your computer, what information does it have on there? [01:07:01] And we also have a right under the fifth amendment. against self-incrimination. So if someone's thumbing through our phone, what are they gonna find? People plead the fifth amendment all of the time, because they don't want to get trapped in one of these traps where maybe you don't remember the date. [01:07:24] Right. And all of a sudden you're in a perjury trap because you said something that wasn't true. Well, you know, our, our memories aren't the best, particularly when we're on vacation, we've been drinking a little bit, right. if someone finds your phone, opens it up, someone steals your phone and opens it up. [01:07:44] Someone gets a warrant for your phone and opens it up. What's in there. Now some people have in the past said, okay, what I'll do is I'll just go ahead and I'll wipe my phone remotely and they've done it. Right? The police have had the phone in evidence and in evidence locker and somebody remotely went ahead and wiped their phone. [01:08:04] The police are onto. And what the police have been doing more recently is they put it into a special bag that blocks any sort of signals coming in or out as well as the room. Right. It's kind of a fair date cage anyways, and that way, bad guys, good guys who, if the phones are stolen, they can't remotely wipe them, which is a good thing here, frankly. [01:08:30] But what are we ultimately trying to protect from? That's the question, right? It it's, who's gonna have your phone and what are you trying to protect it from personally? I'm not someone who truly trusts the government. I'm a firm believer in our constitution and our bill of right. Ultimately governments become corrupt. [01:08:52] It happens every time. And even if the whole government isn't corrupt, there's guaranteed to be people within the government, within their bureaucracy, the deep state, if you will, who are out there to get you right. makes sense to you. Makes sense to me. I don't know, but our phones, our smartphones, our computers have a lot of stuff in them. [01:09:14] I've talked on the show before how you should not be taking them to China. If you go to China, because of the evil made. T where they are grabbing your phones. They are duplicating them. Same thing with Russian travelers. Not as much as has been happening in China, but it's happened in Russia, probably a lot now with the whole war thing. [01:09:36] Right. But you shouldn't be taking them because they can be duplicated just like rep Scott. But Scott Perry's phone was duplicated. Now the, the FBI apparently said, well, we're not gonna look through well, why you're duplicating it then. And you know, maybe it's just to preserve evidence. I really don't know, but the bad guys can get at your phone employers if they own your phone can get at your phone and they can get a lot of data out of that. [01:10:06] What do you do? Well, bottom line, if you are traveling internationally, you're gonna wanna make sure to wipe your phone and just bring along maybe a, a basic little flip phone. Uh, cetera. Now there is software that we use. For instance, we use one password and duo in order to keep track of all of our stuff, right. [01:10:31] Our personal information. And. That's the two factor authentication stuff that we use, and we can tell it, Hey, we're traveling out of the country and we will only need these passwords. And it goes ahead and wipes out the password database so that we're not carrying a whole bunch of stuff with us that might be compromised by, uh, a government agency right within what is it? [01:10:54] The USS 50 miles of the border. They can confiscate and examine anything that you have, even if you're not trying to cross the border. and they'll do that at airports. They'll do that at a whole bunch of places. And then you've got the employer side and then you've got the bad guy side. Look at what happened to Khai with the Saudis right here. [01:11:16] He was, uh, you know, a journalist. We could argue that I suppose, but he's a journalist. He is abducted and he is murdered by the Saudis. They get their hands on the phone and they decrypt the. this has happened and it'll happen again. So Apple's done something here that I think is a good step in the right direction. [01:11:40] Apple, of course I've recommended for a long time. Never, ever, ever, ever, ever use Android. Okay. Don't. Use it, Google's using it to track you. You're losing your privacy and the security. Isn't very good. Particularly if your phone's more than three years old, apple has come up with this new lockdown mode on their phones and the lockdown mode is meant for. [01:12:09] People who are really under thumb, you know, people living in Russia or Ukraine, or you name it, Iran, all of these countries that are really out to get their citizens and it it's coming out in iOS. You'll see it there. You probably don't want to use it as a regular person, cuz it does block some of the things you can do, but it also locks it down against these Israeli based companies that have been selling software and hardware to break into cell phones. [01:12:44] So consider iPhones. And if you are one of these people, who's at a high risk consider lockdown mode. [01:12:51] I warned last week about using the ring camera as well as Google's camera. We've got some more news about that today. I was right. A major breakthrough in nuclear fusion and a new toolkit released. Talk about it all now. [01:13:08] Well, quite, quite a time, you know, I, I remember when I first started doing the radio show, uh, 22 years ago, now it started right there year 2000 Y two K and I, I was, uh, wondering, you know, am I gonna have enough stuff to talk about? [01:13:27] and my wife, who was just the most amazing person had been helping me and we subscribed to a bunch of newspapers. Yeah. There used to be newspapers back then. And she went through and was clipping articles that we thought might be good, that people might want to, uh, to hear about. And so she had all. Files. [01:13:49] And we, we subscribe to like four or five different newspapers, including the trashy ones like USA today, just so we knew what was going on out there. We had the financial times and the London times and New York times, and we got just files and files worth of stuff. And didn't take us long to realize, Hey, wait a minute. [01:14:14] There is so much tech news out there and stuff to talk about, uh, that weren't, we don't have to worry about that. So we canceled our subscriptions to all of these different things. I, I have actually a subscription to the New York times still, cuz they gave me a buck a week, which is not a bad deal for the online version because the old gray lady still does have some good text stories. [01:14:39] Some of the other stuff obviously is a problem, but, uh, yeah, tech stories anyways. Now we do a lot of this stuff online, the research, and I put it together and send it out in my newsletter every week. And man, did we have a lot of you guys reading it on Monday was the most, most, uh, red newsletter of mine. [01:15:01] The insider show notes newsletter. Of any of them ever. It was really great. It was like I had a, almost a 50% open rate there within the first day. So that's cool. Thank you guys. And obviously you really value it or you would not have opened that newsletter and click through you. See what I do? Is, uh, you probably know, I appear on radio stations all over the place and I I'm also of course have my own radio show here and elsewhere, and my podcasts, which are on every major podcast platform out there. [01:15:40] And I've been doing this for so long this week. What am I at here? Show? Number, I think it's like 1700. I'm trying to remember weeks. Okay. That's weeks of shows and, uh, we, we have never hit the same stuff twice, which is really rather cool. One of the things I brought up and this was in, uh, a recent show is about. [01:16:09] These ring cameras. And I warned everyone not to use ring and went through the whys. So if you have my newsletter from. A few weeks back, you can just probably search your email box

@AviNMash @AnthonyOhayon @JoeySolitro are back getting into some heated debates around Inflation, FedEx earnings, TikTok impact on Meta, and why Tony thinks Twilio to $0! Get 100% Deposit Bonus on Jock MKT: Use promo code: POUND OR THIS LINK: https://codes.jockmkt.com/?utm_campaign=POUND&utm_source=sendfox&utm_medium=email Checked out Stocktwits - With over 6 million members in the community, hear from your favorite investors and traders, and get a real-time pulse of the markets. Securities transactions are conducted through their broker/dealer, ST Invest. All thoughts and opinions on this podcast are for entertainment purposes only and should not be construed as financial advice. Hosts may hold some of the assets mentioned on shows, always seek a registered financial advisor for any advice.

Another rough week for the stock market coincides with Amazon's exclusive start to Thursday Night Football. (0:30) Emily Flippen and Ron Gross discuss: - FedEx shares having a historically bad day amid talk of a recession - Adobe spending $20 billion for a start-up software design firm - Optimism around Starbucks after an impressive (and detailed) investor day - Twilio laying off 11% of employees - Two business leaders and their legacies (19:45) John Ourand from the Sports Business Journal discusses Amazon's investments in NFL programming, Disney's thinking about ESPN, college football playoff expansion, and story lines for the MLB playoffs. (35:30) Ron and Emily share two stocks on their radar: Union Pacific and Costco. Stocks discussed on the show: FDX, ADBE, SBUX, TWLO, AMZN, DIS, AAPL, UNP, COST Host: Chris Hill Guests: Emily Flippen, Ron Gross, John Ourand Engineer: Dan BoydGenetically edited humans are already here. Gene editing has massive implications for treating chronic illnesses and even the food we eat. So what does this mean for your investments and, y'know, possibly humanity? Ricky Mulvey talks with Motley Fool Advisor Karl Thiel about: - How CRISPR works - Some of the possibilities for CRISPR, from sickle cell cures to drought-resistant crops - How investors can approach investing in gene therapies - Biotech metrics to watch. Companies mentioned: BLUE, CRSP, GILD, EDIT, VRTX, NTLA Host: Ricky Mulvey Guest: Karl Theil Engineers: Tim Sparks, Dan Boyd

“You could have it all but not all at the same time; you have to take a step back and take care of yourself.” - Alice Katwan This Real Talk is packed with beautiful life lessons on what work-life balance can look like, how leadership hinges on authenticity and empathy, and how you can be satisfied with enough. It was a joy chatting with Alice Katwan on this episode. Alice has been a high-powered career go-getter the last 24 years. She speaks about how meaningful accomplishments feel, especially after initial feedback from people insisting that it was an impossible thing to do. One of her core pieces of advice is to stand firm on who we want to be, what we want to do and how we're going to do it. It's when this passion is nurtured that we find true fulfillment. She takes us through her journey of being a career-mom: her experience with mommy guilt and overcoming it, her biggest “Aha!” moment of discovering her own limitations and knowing when to draw the line, and how leadership was a product of her desire to see other people succeed. “You naturally attract people based on how you treat them,” Alice observes in our chat. It's a compelling reminder that soft skills such as empathy and understanding go a long way in our career paths and success. If you are career-oriented and find it challenging to juggle between work, family and personal life, you're going to gain a lot of value from this Real Talk! Enjoy, and share this with someone who you think will benefit! With so much love & gratitude, Grace

Drew Hernandez fills in for Jack Posobiec! The FBI is on a roll as it seized My Pillow CEO Mike Lindell's phone, that controls his hearing aids, while he was in a Hardee's drive-thru; don't worry about the actual domestic terrorists. It gets worse for Twitter as whistleblower Peiter Zatko testified that he found an agent of the Chinese Communist Party's intelligence agency (MMS) on Twitter's payroll, endangering private user data. The woke Twilio CEO Jeff Lawson is set to layoff 11% of the company's workforce, but don't sweat; since Twilio is committed to being an “anti-racist, anti-opressive” company, the layoffs will probably favor the marginalized communities - watch out white, straight, cis-men. Senator Manchin blasted Vice President Kamala Harris for claiming the southern border is “secure”; Drew reads the baffling statistics of immigrant got-aways and apprehensions and argues that there is no southern border anymore. Here's your Daily dose of Human Events with @JackPosobiec Save up to 65% on MyPillow products by going to MyPillow.com/POSO and use code POSO To get $500 of free silver on a qualifying purchase go to https://allegiancegold.com/POSO/ with code POSO  Try Scoremaster for free by going to www.scoremaster.com/poso and use code POSO

Hear the latest news in the Digital Health and HIT industry.

Apple plans for new ad placements in its App Store, AT&T's new mid-band 5G network will only be available for new phones, and Twilio makes cuts to its staff. 

Today on the show, Andrew Petiprin and I talk about Queen Elizabeth II before embarking on a misinformation segment about racially-motivated layoffs (yikes), blaming September 11 on the rage of white men, and the Department of Treasury auditing tax-delinquent IRS agents.  Then we break down Ed Feser's recent piece, “Perfect World Disorder,” before leaving you with our recommendations for the week.  Andrew's piece on the Queen: https://www.catholicworldreport.com/2022/09/14/the-death-of-queen-elizabeth-ii-and-the-growing-cult-of-disenchantment/ Misinformation:  Twilio: https://www.twilio.com/blog/a-message-from-twilio-ceo-jeff-lawson  The Atlantic: https://www.youtube.com/watch?v=dQw4w9WgXcQ&ab_channel=RickAstley  Audits: https://www.dailywire.com/news/watchdog-to-probe-irs-after-hundreds-of-employees-failed-to-pay-taxes Close Read: https://postliberalorder.substack.com/p/perfect-world-disorder Recommendations: Optimal Work: https://www.optimalwork.com/  The Long Night of the Soul: https://www.theringer.com/2021/5/20/22444532/long-night-of-the-soul  Does My Son Know You: https://www.theringer.com/2022/3/3/22956353/fatherhood-cancer-jonathan-tjarks

In der heutigen Folge „Alles auf Aktien“ sprechen die Finanzjournalisten Nando Sommerfeldt und Holger Zschäpitz über Selbstbewusstsein bei Starbucks, Teslas Umdenken in Sachen Grünheide und China-Fantasie bei Moderna. Außerdem geht es um Uniper, Inditex, Danaher, Nvidia, Zoom, Roku, UiPath, Draftkings, Twilio, TuSimple, Ginkgo Bioworks, Verve Therapeutics, Butterfly, Signify Health, CATL, BYD, SAIC, Volkswagen. Wir freuen uns an Feedback über aaa@welt.de. Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören. Impressum: https://www.welt.de/services/article7893735/Impressum.html Datenschutz: https://www.welt.de/services/article157550705/Datenschutzerklaerung-WELT-DIGITAL.html

0:32 – Passing of Queen Elizabeth II 7:35 – Kim Kardashian's new private equity play 9:16 – Collapse in price of crude oil 13:12 – Market and inflation outlook 15:32 – Twilio 21:19 – Whitehaven Coal 24:37 – Update on VC Fund deals 32:02 – Summary and wrap-up

Q2 earnings season has delivered many surprises on the one hand and continuations of trends on the other hand. For SaaS companies, that has meant continued drifting. Last week, Okta, MDB, and Veeva reported, and we break down each of those companies on this week's the Razor's Edge (you can also read Akram's take here). We get into the challenges each of those companies face, but also the broader difference between "legacy" SaaS companies like Salesforce and the newer all cloud products like Okta. Topics Covered 2:30 minute mark - Okta's earnings – what went wrong and what differentiates the Oktas from the Salesforces 10:00 – The value of “the suits” and the challenge of building a microservice-based business model 23:00 – The presumption that software is a great model 28:00 – MDB's earnings 40:00 – Cutting to profitability amidst the tech recession 52:00 – The consolidation calvary is not about to arrive, and what else to watch 58:00 – Notes on Veeva 1:04:00 – Docusign preview

Subscribe: Apple Podcasts | Spotify | Stitcher | Overcast Support the Show. Get the AudioBook! AudioBook: Audible| Kobo| Authors Direct | Google Play | Apple Summary Hey everyone. Stay tuned to the end of the interview where I'll give you some actionable insights that I learned from my guest. These insights are also in the show notes. As always, thanks for listening. Now on to my guest for today, Troy Bannister, founder of Particle Health, an API platform that collects and integrates health data.  Troy's interest in entrepreneurship was sparked when he was growing up on an island near Seattle, where he made money cleaning boats. He saw firsthand the opportunity entrepreneurship provided, with income possibilities and time flexibility, as opposed to most other jobs his friends had. His interest in medicine led him to first becoming an EMT in college, where, he says, he learned a lot. He went to medical school but dropped out, leaving with a master's degree. He moved to New York City, where he did research at hospitals, then moved to working with a venture capital firm that focused on health care companies. Troy started to ask questions about the use of data in the healthcare industry, where fax machines are still used to share patient files. Using Stripe, Plaid, and Twilio as models, he founded Particle Health four and a half years ago. Troy's timing for founding Particle Health was strategic. He knew that health care was in need of better data access for providers as well as consumers, and that legislation was passing to make this more of a possibility. While companies are supposed to share data when it is legally requested, they often don't. New legislation now mandates fines for companies who don't comply. Much of the future success of Particle Health will rest on how the legislation will be enforced and how companies choose to comply. Meanwhile, Troy and Particle Health are offering data integration solutions to health care companies that understand the importance of being able to collect patient data in order to better serve them. Eventually, Troy sees Particle Health also offering consumers the opportunity to collect and keep their data in ways where it can be used more effectively, in order to give them more choice and power in their own health care.  Now, let's get better together. Actionable Insights Troy says when he saw the legislation coming through, he knew he had to act. "It's better to be early than late," he says.  Troy discusses the importance of aligning incentives. He doesn't think it will be the fines so much that will change institutional behavior, but the fear of looking bad. The legislation, he believes, will go a long way to incentivizing hospitals to share data. Consumers are starting to want more flexibility, and being able to easily access their data from various providers will enable more freedom of choice. Learn the various sides of the industry. Though his experiences in working in the medical field, then in working with startups in the venture capital firm, Troy has fairly quickly gained significant insight into being an entrepreneur in this industry.   Links to Explore Further Particle Health Troy Bannister on LinkedIn Particle Health on YouTube Particle Health on Twitter Keep In Touch Book or Blog or Twitter or LinkedIn or JSYPR Learn more about your ad choices. Visit podcastchoices.com/adchoices

In this week's episode, the cybersecurity experts Bryan Hornung, Reginald Andre, Randy Bryan, and Ryan O'Hara discuss what happened to the targeted attacks on Twilio and Cloudflare employees that resulted in over 130 organizations compromised. Also, the crew talks about a related data breach with DoorDash and why the same Twilio attackers are targeting business clients of Okta. Next, the experts will discuss what the Chilian government is saying about their systems being breached and what they think is happening here. Following, the crew talks about the Baker & Taylor's systems that remained offline a week after a ransomware attack and why? At the end of the show, the experts will go over a ransomware group that is considered to be a threat to the U.S. Health sector and what the Department of Health and Human Services is saying. Tune in to find out more information! Articles featured in the show: https://threatpost.com/0ktapus-victimize-130-firms/180487/ https://www.cpomagazine.com/cyber-security/food-delivery-company-doordash-latest-name-added-to-data-breach-spree-conducted-by-twilio-hackers/ https://www.infosecurity-magazine.com/news/chile-and-montenegro-floored-by/ https://www.infosecurity-magazine.com/news/baker-taylors-offline-ransomware/ https://www.scmagazine.com/analysis/ransomware/ransomware-group-blurs-lines-between-crime-state-sponsored-activities-hhs-alert-warns

This week I explain how a recent client became exposed via temporary "burner" numbers and email, revisit VoIP solutions with a fresh look, offer a scripted way to directly access your Twilio calls, messages, and account details, and present an OSINT tip to passively collect content URLs within a site. Big show. Direct support for this podcast comes from our privacy services, online training, and new books for 2022: Extreme Privacy (4th Edition) and  Open Source Intelligence Techniques (9th Edition). More details can be found at IntelTechniques.com. Thank you for keeping this show ad-free and sponsor-free. Listen to PAST episodes at https://inteltechniques.com/podcast.html SHOW NOTES: INTRO: Alfred Hitchcock Hour NEWS & UPDATES: https://inteltechniques.com/tools/Domain.html BURNER BACKFIRES: https://inteltechniques.com/blog/2022/09/01/when-burners-backfire/ VOIP UPDATES: https://inteltechniques.com/voip.twilio.cli.html https://inteltechniques.com/voip.suite.html Free Guides: https://inteltechniques.com/links.html Affiliate Links: Extreme Privacy (4th): https://amzn.to/3D6aiXp Proton Mail: https://go.getproton.me/aff_c?offer_id=7&aff_id=1519 Proton VPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=277

In the Enterprise Security News This week: more layoff announcements than funding announcements! Krit acquired by GreyNoise, Incident Response in AWS is different, Awesome open source projects for SecOps folks, Tyler Shields can't wait to talk about Product Led Growth, Forcing open source maintainers to use MFA, Twilio - the breach that keeps on pwning, The US Governments earmarks $15.6 BILLION for cybersecurity and we hear vendors salivating already, & more!   Security training isn't just about anti-phishing and security awareness for employees. When reading through breach details, a similar picture often emerges: the people were there, the tools were in place, but the people didn't know how to use the tools effectively. Every day, security tools catch attacks, but it doesn't matter if a human doesn't notice and tools are in 'monitor only' modes. This segment is sponsored by RangeForce. Visit https://securityweekly.com/rangeforce to learn more about them!   From its origins a decade ago, the grassroots movement to enshrine in law the right to repair our stuff (read: cell phones, laptops, home appliances, cars, machinery) has morphed into a potent, global movement. Today, much of the debate over right to repair laws has focused on issues like concentrations of market power by large corporations and anti-competitive behavior with regard to service and repair of "smart," connected products. However, there is a less-discussed but equally potent argument in favor of repair: cybersecurity and data privacy. In this conversation, Paul Roberts, the founder of SecuRepairs.org (pron: Secure Repairs), talks about the dire state of device security on the Internet of Things and how efforts by manufacturers to limit access to software updates, diagnostic tools and parts exacerbates IoT cyber risk, even as it burdens consumers and the environment. Segment Resources: Securepairs.org: https://securepairs.org Fight to Repair Newsletter: https://figh   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw287

In the Enterprise Security News This week: more layoff announcements than funding announcements! Krit acquired by GreyNoise, Incident Response in AWS is different, Awesome open source projects for SecOps folks, Tyler Shields can't wait to talk about Product Led Growth, Forcing open source maintainers to use MFA, Twilio - the breach that keeps on pwning, The US Governments earmarks $15.6 BILLION for cybersecurity and we hear vendors salivating already, & more!   Security training isn't just about anti-phishing and security awareness for employees. When reading through breach details, a similar picture often emerges: the people were there, the tools were in place, but the people didn't know how to use the tools effectively. Every day, security tools catch attacks, but it doesn't matter if a human doesn't notice and tools are in 'monitor only' modes. This segment is sponsored by RangeForce. Visit https://securityweekly.com/rangeforce to learn more about them!   From its origins a decade ago, the grassroots movement to enshrine in law the right to repair our stuff (read: cell phones, laptops, home appliances, cars, machinery) has morphed into a potent, global movement. Today, much of the debate over right to repair laws has focused on issues like concentrations of market power by large corporations and anti-competitive behavior with regard to service and repair of "smart," connected products. However, there is a less-discussed but equally potent argument in favor of repair: cybersecurity and data privacy. In this conversation, Paul Roberts, the founder of SecuRepairs.org (pron: Secure Repairs), talks about the dire state of device security on the Internet of Things and how efforts by manufacturers to limit access to software updates, diagnostic tools and parts exacerbates IoT cyber risk, even as it burdens consumers and the environment. Segment Resources: Securepairs.org: https://securepairs.org Fight to Repair Newsletter: https://figh   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw287

We continue to see the impact of the Twilio breach, and the Technado team shared the latest on who is affected and how. In other news, they discussed Slack's free plan changes, 25 gig Internet service in Chatanooga, AMD's Zen4 updates, and Hyundai shipping cars with example encryption keys. Finally, Don shared how the Plex breach affected his weekend.

We continue to see the impact of the Twilio breach, and the Technado team shared the latest on who is affected and how. In other news, they discussed Slack's free plan changes, 25 gig Internet service in Chatanooga, AMD's Zen4 updates, and Hyundai shipping cars with example encryption keys. Finally, Don shared how the Plex breach affected his weekend.

In the Enterprise Security News This week: more layoff announcements than funding announcements! Krit acquired by GreyNoise, Incident Response in AWS is different, Awesome open source projects for SecOps folks, Tyler Shields can't wait to talk about Product Led Growth, Forcing open source maintainers to use MFA, Twilio - the breach that keeps on pwning, The US Governments earmarks $15.6 BILLION for cybersecurity and we hear vendors salivating already, & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw287

Episode 188 of the Unsecurity Podcast is now live! This week, Oscar and Brad are joined by Michael Kennedy, Founder of Ostra Cybersecurity to discuss Ostra, working with FRSecure, industry news, and more.LastPass Security Incident:https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/Okta one-time MFA passcodes exposed in Twilio cyberattackhttps://www.bleepingcomputer.com/news/security/okta-one-time-mfa-passcodes-exposed-in-twilio-cyberattack/Ostra Cybersecurityhttps://www.ostra.net/Give episode 188 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: The Twilio breach was actually a big deal How a Belarusian Cyber Partisans hack burned a GRU illegal Who wants 25m hashed passwords from Russia? An NFT we can get behind How attackers are using game anti-cheat drivers to defeat EDR Much, much more This week's sponsor interview is with Mike Benjamin, the VP of security research at Fastly. He pops in to argue that your red team needs to actually consider how your apps will cope with bot-driven attacks. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Why the Twilio Breach Cuts So Deep | WIRED Phishers who hit Twilio and Cloudflare stole 10k credentials from 136 others | Ars Technica The number of companies caught up in recent hacks keeps growing | Ars Technica How 1-Time Passcodes Became a Corporate Liability – Krebs on Security (1) Christo Grozev on Twitter: "We first noticed her thanks to a super useful database shared with us by @cpartisans: the border crossing records of Belarus. We knew the passport ranges of GRU and FSB spies, so we decided to search in that data-set by partial matches, leaving the last 3 digits out as wildcards." / Twitter (1) Belarusian Cyber-Partisans on Twitter: "

The phishing attack on the SMS giant exposes the dangers of B2B companies to the entire tech ecosystem.

Cyberespionage around the South China Sea. Oktapus and the Twilio compromise. Montenegro works to recover from a Russian cyber offensive. A big Russian streaming platform sustains a data leak. Ann Johnson of the Afternoon Cyber Tea podcast speaks with Dave DeWalt of NightDragon and Jay Leek of both Syn Ventures and Clear Sky Security about cyber capital investment. Mr. Security Answer Person John Pescatore examines the allure of the healthcare industry for ransomware operators. And the LockBit gang looks beyond double extortion. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/167 Selected reading. Rising Tide: Chasing the Currents of Espionage in the South China Sea (Proofpoint)  Why the Twilio Breach Cuts So Deep (WIRED) Tentacles of ‘0ktapus' Threat Group Victimize 130 Firms (Threatpost) Hackers used Twilio breach to intercept Okta onetime passwords (SiliconANGLE) Okta Impersonation Technique Could be Utilized by Attackers (SecurityWeek) Ukraine launches counter-offensive to retake Kherson from Russia (The Telegraph) Russia-Ukraine war: Kremlin insists invasion going to plan despite counterattacks; first grain ship docks in Africa – live (the Guardian) Montenegro says Russian cyberattacks threaten key state functions (BleepingComputer) Montenegro struggles to recover from cyberattack that officials blame on Russia (The Record by Recorded Future) Leading Russian streaming platform suffers data leak allegedly impacting 44 million users (The Record by Recorded Future)  LockBit ransomware mulls triple extortion following DDoS attack (SC Media)

This week Dr. Doug talks: PS5, Twilio, Quantum, Bug Bounties galore, a date bomb, backups, Sephora, as well as the Expert Commentary of Jason Wood on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn236

This week, Matt Mosley and Kash Izadseta cover News of the week and more! Links mentioned in this episode: https://www.bleepingcomputer.com/news/security/twilio-breach-let-hackers-see-oktas-one-time-mfa-passwords/ https://www.zdnet.com/article/lastpass-hacked/ https://www.malwarebytes.com/blog/news/2022/08/reset-your-password-now-plex-suffers-data-breach http://tevoratalks.com Instagram, Twitter, Facebook: @TevoraTalks

Logan Bartlett is a Managing Director @ Redpoint, a firm with a portfolio including the likes of Stripe, Nubank, Twilio, Netflix, Snowflake and many more incredible names. As for Logan, at Redpoint he has led investments in the likes of Ramp, Monte Carlo, Cribl, Crossbeam and Acuity MD to name a few. Before joining Redpoint, Logan spent over 5 years with the team at Battery where he made investments in Pendo, Amplitude, Dataiku, Braze and Kustomer. In Today's Episode with Logan Bartlett We Discuss: 1.) Entry into Venture: How Logan made his way into the world of venture joining Battery Ventures? What are 1-2 of Logan's biggest takeaways from his time with Battery? What does Logan know now that he wishes he had known when he started in venture? 2.) The Venture Landscape Today: Is now really the best time to be investing? How does Logan compare today to prior vintages? How does this differ when comparing consumer to B2B? How does Logan analyze the state of the growth market? Is anyone really doing deals today? If so, what is the discount on price vs last year? How do the public markets impact the later stage financings which have disappeared in the last 3 months? How do the later stage financings impact the early stage? Does Logan agree that "venture has never been less collaborative as it is today"? 3.) The Role of the Venture Investor: Why does Logan believe that VCs have gotten lazy over the last 2 years? Does Logan believe we will see even more GPs at the top retire in the downturn? How does Logan analyse his role as a board member today? How has his style changed over time? What is the single best board Logan is on? Why that one? Who is the best board member Logan works with? What makes this board member so good? How does Logan assess the importance of personal brand in venture today? Why does Logan believe no company should hire PR firms from the early days? 4.) Investing Style and Lessons: What has been Logan's single biggest hit as an investor? How did seeing that impact his mindset? What has been Logan's biggest miss? How did not doing the investment change how he thinks about making new investments today? How does Logan assess his own relationship to price? How has it changed over time? As a growth investor today, how important is ownership? How does this change with stage? Items Mentioned in Today's Episode: Logan's Favourite Book: Team of Rivals: The Political Genius of Abraham Lincoln Logan's Most Recent Investment: AcuityMD

This week's episode features Stevie Case. Stevie got her start as a quake pro gamer and now finds herself as the Chief Revenue Officer of Vanta whose mission is to protect consumer data and restore trust in internet businesses. Prior to Vanta, Stevie was at Twilio for nearly six years where she was most recently responsible for Twilio's Mid Market Sales Team in North America. You can connect with Stevie at https://www.linkedin.com/in/steviecase/ Please join us at SaaStr Annual, and get 30% off your pass by using "poya" -> https://www.saastrannual.com/buy-tickets?promo=poya --- Support this podcast: https://anchor.fm/uncharted1/support

Twilio hack, Raspberry Pi DYI router, low-code/no-code with OutSystems, and more Twilio hackers scarf 10K Okta credentials in sprawling supply chain attack This 6-inch board turns a Raspberry Pi module into a DIY router  Thousands of organizations remain at risk from critical zero-click IP camera bug 'Debt and no degree': Biden cancels as much as $20K in student loan debt Facing the new security challenges that come with cloud OutSystems CTO Patrick Patrick Jean (PJ) on low-code/no-code development Hosts: Curt Franklin and Brian Chee Guest: Patrick Jean Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit canary.tools/twit - use code: TWIT IRL Podcast

 Okta hack, Raspberry Pi DYI router, low-code/no-code with OutSystems, and more Twilio hackers scarf 10K Okta credentials in sprawling supply chain attack This 6-inch board turns a Raspberry Pi module into a DIY router  Thousands of organizations remain at risk from critical zero-click IP camera bug 'Debt and no degree': Biden cancels as much as $20K in student loan debt Facing the new security challenges that come with cloud OutSystems CTO Patrick Patrick Jean (PJ) on low-code/no-code development Hosts: Curt Franklin and Brian Chee Guest: Patrick Jean Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit canary.tools/twit - use code: TWIT IRL Podcast

 Okta hack, Raspberry Pi DYI router, low-code/no-code with OutSystems, and more Twilio hackers scarf 10K Okta credentials in sprawling supply chain attack This 6-inch board turns a Raspberry Pi module into a DIY router  Thousands of organizations remain at risk from critical zero-click IP camera bug 'Debt and no degree': Biden cancels as much as $20K in student loan debt Facing the new security challenges that come with cloud OutSystems CTO Patrick Patrick Jean (PJ) on low-code/no-code development Hosts: Curt Franklin and Brian Chee Guest: Patrick Jean Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit canary.tools/twit - use code: TWIT IRL Podcast

Prices for high-end GPUs are dropping below MSRP!? Patrick Norton explains. And we breakdown Twilio's recent data-breach.Starring Tom Merritt, Sarah Lane, Patrick Norton, Len Peralta, Roger Chang, Joe.Link to the Show Notes. Our GDPR privacy policy was updated on August 8, 2022. Visit acast.com/privacy for more information. Become a member at https://plus.acast.com/s/dtns.

Palo Alto describes the Black Basta ransomware-as-a-service operation. Okta on Scatter Swine, the threat actor that compromised Twilio. Microsoft describes Nobelium's new approach to establishing persistence. Russia's war against Ukraine has induced stresses in the cyber underworld. LastPass discloses a security incident. Josh Ray from Accenture on cyber crime and the cost-of-living crisis. Our own Dave Bittner sits down with Chris Handman from TerraTrue to discuss how he works to transform legal teams into advocates and collaborators that can ensure privacy is baked in every step of the way. And CISA adds ten entries to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/165 Selected reading. Threat Assessment: Black Basta Ransomware (Palo Alto Networks Unit 42) MagicWeb: NOBELIUM's post-compromise trick to authenticate as anyone (Microsoft Threat Intelligence Center) Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers (The Hacker News) Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass (ZDNET) Detecting Scatter Swine: Insights into a relentless phishing campaign (Okta Security) Twilio hackers hit over 130 orgs in massive Okta phishing attack (BleepingComputer) Twilio says breach also compromised Authy two-factor app users (TechCrunch) How the war in Ukraine is reshaping the dark web (New Statesman) Notice of Recent Security Incident (The LastPass Blog) LastPass Says Source Code Stolen in Data Breach (SecurityWeek) LastPass developer systems hacked to steal source code (BleepingComputer)

Prices for high-end GPUs are dropping below MSRP!? Patrick Norton explains. And we breakdown Twilio’s recent data-breach. Starring Tom Merritt, Sarah Lane, Patrick Norton, Len Peralta, Roger Chang, Joe MP3 Download Using a Screen Reader? Click here Multiple versions (ogg, video etc.) from Archive.org Follow us on Twitter Instgram YouTube and Twitch Please SUBSCRIBE HERE. Subscribe through Apple Podcasts. A special thanks to all our supporters–without you, none of this would be possible. If you are willing to support the show or to give as little as 10 cents a day on Patreon, Thank you! Become a Patron! Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme! Big thanks to Mustafa A. from thepolarcat.com for the logo! Thanks to our mods Jack_Shid and KAPT_Kipper on the subreddit Send to email to feedback@dailytechnewsshow.com Show Notes To read the show notes in a separate page click here!