Podcasts about Typosquatting

* Fake Stars Inflate Popularity of Malicious GitHub Repositories* Cybercriminals Exploit Chrome Web Store to Infect Millions of Users* Malicious Packages Found on Python Package Index and VSCode Marketplace* One Third of Adults Don't Know How to Erase Their Data from an Old Device* New Clickjacking Technique "DoubleClickjacking" Bypasses Security MeasuresFake Stars Inflate Popularity of Malicious GitHub Repositorieshttps://arxiv.org/pdf/2412.13459A new study reveals a significant problem with inauthentic "stars" being used to artificially inflate the popularity of scam and malware distribution repositories on GitHub. These fake stars mislead users into trusting malicious projects and potentially downloading malware.How Fake Stars Work* GitHub users can "star" repositories similar to liking them on social media platforms.* The number of stars is a key factor in how GitHub ranks repositories and recommends them to users.* Malicious actors create fake accounts or compromise existing ones to star malicious repositories, making them appear more popular and trustworthy.Impact of Fake Stars* Increased Reach for Malicious Projects: Fake stars help malicious repositories reach more unsuspecting users who may be tricked into downloading malware.* Eroded Trust in GitHub: The widespread use of fake stars undermines the overall trust and credibility of the GitHub platform.Researchers developed a tool called StarScout to analyze user activity and identify patterns indicative of fake stars. StarScout looks for signs of low user activity, bot-like behavior, and coordinated starring activity across multiple accounts.The study identified 4.5 million suspected fake stars across GitHub. These fake stars were associated with over 15,800 repositories and 278,000 user accounts. Recommendations for Users* Don't rely solely on the number of stars to judge a repository's legitimacy.* Carefully evaluate the repository's activity, documentation, code quality, and user contributions.* Be cautious when downloading software from GitHub, especially from repositories with few contributions or suspicious activity.This study highlights the importance of staying vigilant when using GitHub. By being aware of fake stars and other deceptive tactics, users can help protect themselves from malware and other online threats.Cybercriminals Exploit Chrome Web Store to Infect Millions of Usershttps://www.cyberhaven.com/blog/cyberhavens-chrome-extension-security-incident-and-what-were-doing-about-itA sophisticated cyberattack has compromised at least 35 Chrome browser extensions, potentially exposing over 2.6 million users to data theft and credential stealing.The campaign began with a phishing attack targeting a Cyberhaven employee, granting attackers access to their Chrome Web Store account. This allowed them to inject malicious code into the Cyberhaven extension, which was subsequently downloaded by numerous users.Further investigation revealed that this was not an isolated incident. Multiple other extensions, including popular tools for AI assistance, VPNs, and video recording, were also compromised, likely through similar phishing attacks.These malicious extensions collected user data, including cookies, access tokens, and potentially even sensitive financial information. Some extensions even contained code designed to steal Facebook login credentials.Attack like these highlights the growing threat of compromised browser extensions. As these extensions often have broad access to user data and browsing activity, they can be a significant entry point for cybercriminals.Users are advised to exercise caution when installing browser extensions, carefully vetting their source and checking for any suspicious activity. Developers are also urged to implement strong security measures to protect their accounts and prevent unauthorised access.This ongoing campaign underscores the importance of vigilant security practices in the ever-evolving threat landscape of online activity.Malicious Packages Found on Python Package Index and VSCode Marketplacehttps://www.fortinet.com/blog/threat-research/analyzing-malicious-intent-in-python-codeCybersecurity researchers have discovered malicious packages uploaded to the Python Package Index (PyPI) and the Visual Studio Code Marketplace. These packages, disguised as legitimate tools for cryptocurrency development and productivity, were designed to steal sensitive information from developers' systems.The malicious PyPI packages, named "zebo" and "cometlogger," were downloaded hundreds of times before being removed. These packages contained code to steal keystrokes, capture screenshots, and exfiltrate sensitive data, including credentials from popular platforms like Discord, Steam, and Instagram.Similarly, researchers identified malicious VSCode extensions that targeted cryptocurrency developers and Zoom users. These extensions, often with names resembling legitimate tools, downloaded and executed malicious payloads.Typosquatting and Fake ReviewsAttackers employed typosquatting techniques, creating packages with names that closely resembled legitimate ones, such as "@typescript_eslinter/eslint" instead of "typescript-eslint." They also inflated download numbers and used fake reviews to make these malicious packages appear more trustworthy.Impact and Recommendations:This incident highlights the growing threat of supply chain attacks targeting software development ecosystems. Developers are urged to exercise extreme caution when downloading and installing packages from online repositories.Key recommendations include:* Thoroughly vetting all packages before installation.* Checking the source and reputation of the developer.* Regularly auditing development environments for potential threats.This incident serves as a stark reminder of the importance of maintaining a strong security posture throughout the entire software development lifecycle.One Third of Adults Don't Know How to Erase Their Data from an Old Devicehttps://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2024/12/14-million-people-don-t-know-how-to-erase-their-data-from-an-old-device/A new survey from the UK's Information Commissioner's Office (ICO) reveals that nearly a third of adults in the UK don't know how to properly wipe their old electronic devices before discarding them. This lack of awareness poses a significant risk to personal data security.The survey found that while 71% of respondents agree that wiping data from old devices is important, 24% find the process too difficult. Worryingly, 21% of young people (aged 18-34) believe wiping data is unnecessary, compared to just 4% of those over 55. This suggests a concerning lack of awareness among younger generations about the importance of data security.The ICO emphasizes the importance of securely erasing personal information before disposing of old devices to prevent data breaches and fraud. Simple methods like factory resets can effectively erase most personal data from mobile phones.With the holiday season approaching and many people expected to purchase new devices, the ICO urges individuals to prioritize data security and properly dispose of their old electronics.New Clickjacking Technique "DoubleClickjacking" Bypasses Security Measureshttps://www.paulosyibelo.com/2024/12/doubleclickjacking-what.htmlA new cyberattack technique dubbed "DoubleClickjacking" has been discovered, exploiting the timing between double-clicks to bypass existing clickjacking protections. This allows attackers to trick users into unknowingly granting permissions or performing actions on websites, potentially leading to account takeovers and data theft.DoubleClickjacking leverages the brief window between two mouse clicks to seamlessly redirect users to malicious pages while they interact with seemingly innocuous elements. This method can bypass common security measures like X-Frame-Options and SameSite cookies, which are designed to prevent clickjacking attacks.While this technique builds upon existing clickjacking methods, it introduces a new layer of complexity that requires a re-evaluation of current security measures. Researchers suggest that browser vendors should consider implementing new standards to specifically address this vulnerability.This disclosure follows the discovery of another clickjacking variant earlier this year, highlighting the ongoing evolution of cyberattack techniques and the need for continuous vigilance in online security. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com

This week, in the Application Security News, we spend a lot of time on some recent vulnerabilities. We take this opportunity to talk about how to determine whether or not a vulnerability is worth a critical response. Can AI fully automate DevSecOps Governance? Adrian has his reservations, but JLK is bullish. Is it bad that 70% of DevSecOps professionals don't know if code is AI generated or not? All that and more on this week's news segment. Show Notes: https://securityweekly.com/asw-307

This week, in the Application Security News, we spend a lot of time on some recent vulnerabilities. We take this opportunity to talk about how to determine whether or not a vulnerability is worth a critical response. Can AI fully automate DevSecOps Governance? Adrian has his reservations, but JLK is bullish. Is it bad that 70% of DevSecOps professionals don't know if code is AI generated or not? All that and more on this week's news segment. Show Notes: https://securityweekly.com/asw-307

Mai menü:Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to AttackersWatch the Typo: Our PoC Exploit for Typosquatting in GitHub ActionsApple Patches Major Security Flaws With iOS 18 RefreshStealing your files using YoutubeApple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence ExposureHow the FBI Dismantled Raptor Train, a Major China State-Sponsored Botnet  Elérhetőségeink:TelegramTwitterInstagramFacebookMail: info@hackeslangos.show

Un nouveau cas de typosquatting menace les internautes français : un domaine en .qouv.fr, très similaire aux sites officiels en .gouv.fr, a été enregistré, en remplaçant le « g » par un « q » minuscule, rendant les deux presque identiques.Ce domaine pourrait être utilisé pour des attaques de phishing, dirigeant les utilisateurs vers de faux sites pour voler leurs informations personnelles. Bien que pour l'instant le domaine ne soit pas encore actif, l'AFNIC surveille la situation de près. Les internautes sont appelés à la vigilance.Bonne écoute ! -----------♥️ Soutenez Monde Numérique : https://donorbox.org/monde-numerique

In today's episode, we discuss the NHS's urgent appeal for O-type blood donations following a ransomware attack on Synnovis, the security risks uncovered in the Visual Studio Code Marketplace with malicious extensions such as the fake 'Darcula' theme, and Microsoft's decision to make its controversial Windows Recall feature opt-in by default. Learn about the cyber-attack's impact on London hospitals, the widespread vulnerabilities in VSCode extensions, and the privacy concerns surrounding Windows Recall. Stay updated with the latest developments in cybersecurity and how organizations and individuals are responding to these challenges. Article URLs: https://www.theguardian.com/society/article/2024/jun/10/nhs-appeals-for-o-type-blood-donations-after-cyber-attack-delays-transfusions https://www.bleepingcomputer.com/news/security/malicious-vscode-extensions-with-millions-of-installs-discovered/ https://www.helpnetsecurity.com/2024/06/07/windows-recall-changes/ 00:00 Introduction 01:07 Deep Dive into Windows Recall Feature 03:57 Impact of Ransomware on Healthcare 06:01 Israeli Researchers' Findings on Malicious Extensions Tags: Ransomware, London hospitals, NHS, O-type blood, Israeli researchers, typosquatting, VSCode extension, Visual Studio Code Marketplace, Microsoft, AI-powered, Security, Screenshots, Windows Recall, cyber-attack, O-positive, O-negative Search Phrases: Ransomware attack on London hospitals, NHS blood donation cyber-attack, O-type blood donations needed in London, impact of ransomware on NHS, Israeli researchers typosquatting VSCode, malicious VSCode extensions uncovered, Visual Studio Code Marketplace security, Microsoft AI screenshot concerns, Windows Recall feature controversy, how to protect against malicious VSCode extensions Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ NHS appeals for O-type blood donations after cyber-attack delays transfusion https://www.theguardian.com/society/article/2024/jun/10/nhs-appeals-for-o-type-blood-donations-after-cyber-attack-delays-transfusions ---`Flash Briefing: NHS Appeals for O-type Blood Donations After Cyber-attack Critical Incident Declared: Several major London hospitals declared a critical incident following a ransomware attack on the pathology firm Synnovis. Operations and tests were canceled, and hospitals struggled to carry out blood transfusions. Appeal for O-type Blood Donations: NHS Blood and Transplant urgently calls for O-positive and O-negative blood donors across England. O-type blood is universally safe for all patients, crucial for maintaining transfusion services during the crisis. Ransomware Attack Details: The cyber-attack, attributed to the Russian cybercriminal group Qilin, disrupted the ability to match patients' blood types at normal speeds. Importance of O-negative Blood: O-negative blood, known as the universal blood type, can be given to anyone and is vital in emergencies. Only 8% of the population has O-negative blood, yet it constitutes about 15% of hospital orders. O-positive Blood Insights: O-positive blood is the most common type, with 35% of donors having it. This blood type can be given to anyone with a positive blood type, covering 76% of the population. National Blood Week and Appointment Availability: During National Blood Week, it was highlighted that hospitals need three blood donations every minute. There are 13,000 available appointments in NHS blood donor centers nationwide, including 3,400 in London. Call to Action: Dr. Gail Miflin and Prof. Stephen Powis emphasize the urgent need for O-type donors to book appointments to support critical surgeries and patient care. New donors are also welcomed, as they might have one of these essential blood types. Sources: PA Media, "NHS appeals for O-type blood donations after cyber-attack delays transfusions," The Guardian, June 10, 2024.` Malicious VSCode extensions with millions of installs discovered https://www.bleepingcomputer.com/news/security/malicious-vscode-extensions-with-millions-of-installs-discovered/ ---`- Malicious VSCode Extensions: Israeli researchers discovered thousands of malicious Visual Studio Code (VSCode) extensions on Microsoft's marketplace, impacting over 100 organizations. Actionable Insight: Regularly audit and monitor installed VSCode extensions for suspicious activity. Trojanized Dracula Theme: The researchers created a typosquatted version of the popular 'Dracula Official' theme, named 'Darcula', which included risky code. Actionable Insight: Verify the authenticity of extensions by checking the publisher and source before installation. Data Collection via Extensions: The 'Darcula' extension collected system information and sent it to a remote server, evading detection by traditional endpoint security tools. Actionable Insight: Use network traffic monitoring tools to detect unusual outbound connections from development environments. High-Value Targets Affected: The malicious 'Darcula' extension was mistakenly installed by high-value targets, including a major publicly listed company and national security companies. Critical Implication: Organizations must educate developers on the risks of installing unverified extensions. VSCode Marketplace Vulnerabilities: Researchers identified 1,283 extensions with known malicious code, 8,161 communicating with hardcoded IP addresses, 1,452 running unknown executables, and 2,304 using another publisher's GitHub repository. Actionable Insight: Develop a policy for the controlled use of third-party extensions and perform regular security reviews. Lack of Marketplace Controls: Microsoft's lenient controls over the VSCode Marketplace facilitate abuse, with many discovered malicious extensions still available for download. Critical Implication: Microsoft needs to enhance its security measures and review processes on the VSCode Marketplace. ExtensionTotal Tool: Researchers will release a free tool named 'ExtensionTotal' next week to help developers scan and identify potentially harmful extensions. Actionable Insight: Utilize the 'ExtensionTotal' tool once released to audit your VSCode environment for security threats. Call for Community Attention: The researchers emphasize the need for the security community to focus on the risks posed by malicious VSCode extensions. Engagement Suggestion: Discuss with your team the importance of extension security and share experiences of suspicious activities related to extensions. Awaiting Microsoft's Response: BleepingComputer reached out to Microsoft regarding plans to enhance marketplace security, but no response has been received yet. Engagement Suggestion: Encourage listeners to follow up on this issue by checking for updates from Microsoft and share any new developments. Feedback Question for Listeners: Have you ever encountered a suspicious or malicious VSCode extension? How do you ensure the extensions you use are safe? Share your strategies and experiences with us!` Windows Recall will be opt-in and the data more secure, Microsoft says https://www.helpnetsecurity.com/2024/06/07/windows-recall-changes/ --- Windows Recall Feature Update: Microsoft announced significant changes to the Windows Recall feature, which captures screenshots every few seconds. Opt-In Default: The feature is now optional and off by default. Users must proactively enable it. Source: Microsoft's corporate VP of Windows + Devices, Pavan Davuluri Enhanced Security Measures: The search index database storing screenshot content will be encrypted. Users must authenticate via Windows Hello Enhanced Sign-in Security (biometrics or PIN) to view or search the timeline. Source: Microsoft Announcement User Control and Privacy: Users can control what is saved, pause snapshot saving, filter specific apps/websites, and delete snapshots anytime. Private browsing activities on major browsers will not be saved. Source: Microsoft Announcement Enterprise Management: IT administrators can disable Recall on managed work devices but cannot enable it. This ensures Recall remains a user-controlled feature. Source: Microsoft Announcement Criticism and Response: Security experts criticized the initial lack of security and privacy safeguards. Microsoft responded by emphasizing user control and enhanced security measures. Source: Security Researcher Kevin Beaumont Commitment to Security: Microsoft faced backlash for recent security mishaps and pledged to prioritize security over new features. This aligns with their Secure Future Initiative, focusing on robust security practices. Source: Microsoft CEO Satya Nadella

We've spoken previously about security and software supply chains and we are back at it this episode. We're diving in again with Charles Coggins. Charles works at a software supply chain company and is on to give us the insiders and defender's perspective on how to keep our Python apps and infrastructure safe. Episode sponsors Sentry Error Monitoring, Code TALKPYTHON Mailtrap Talk Python Courses Links from the show Pick a Python Lockfile and Improve Security: blog.phylum.io Bad Beat Poetry: blog.phylum.io PEP 665 – A file format to list Python dependencies for reproducibility of an application: peps.python.org PEP 517 – A build-system independent format for source trees: peps.python.org PEP 518 – Specifying Minimum Build System Requirements for Python Projects: peps.python.org Lockfiles should be committed on all projects: classic.yarnpkg.com An Overview of Software Supply Chain Security: tldrsec.com Typosquatting: docs.phylum.io Common Attack Pattern Enumeration and Classification: capec.mitre.org Dependency Confusion: docs.phylum.io Expired Author Domains: docs.phylum.io Unverifiable Dependency: docs.phylum.io Repo Jacking: Hidden Danger in Broken Links: blog.phylum.io Software Libraries Are Terrifying: medium.com phylum 0.43.0: pypi.org linguist: github.com rich-codex ⚡️

Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast PEBCAK - Acronym of “problem exists between chair and keyboard.”   Submit the Stigma non-profit: https://www.submitthestigma.org/ Steven's book: https://a.co/d/8nHiswO   ALPHV exit scams after Change Healthcare hack https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-1st-2024-healthcare-under-siege/ https://arstechnica.com/security/2024/03/alphv-ransomware-site-claims-it-was-seized-by-fbi-researchers-suspect-22m-scam/   Arrests in $400 million FTX heist https://krebsonsecurity.com/2024/02/arrests-in-400m-sim-swap-tied-to-heist-at-ftx/   Typosquatting as a Service https://www.bleepingcomputer.com/news/technology/registrars-can-now-block-all-domains-that-resemble-brand-names/   Things that have gotten too expensive https://nypost.com/2024/03/07/us-news/out-of-control-five-guys-prices-ignites-social-media-furor-after-24-receipt-for-just-burger-fries-small-drink-goes-viral/ https://nypost.com/2023/07/19/mcdonalds-branch-slammed-for-charging-18-for-a-big-mac-meal/ https://nypost.com/2024/02/28/business/panera-bread-exempt-from-california-wage-law-after-newsom-donation/   Dad Joke of the Week (DJOW)   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Steven - https://www.linkedin.com/in/stevenzhajny/

ChatGPT goes off-script with Shakespearean flair, and cybersecurity becomes the beacon in guarding our maritime and water utility infrastructures. We unravel the complexities of software supply chain threats with a focus on the Python Package Index, and spotlight the latest vulnerabilities in ConnectWise's ScreenConnect. It's a journey through the cyber squalls and the efforts to anchor down our digital defenses. Featured Stories: ChatGPT's Shakespearean Spiral - Delving into the reasons behind ChatGPT's unexpected dive into nonsensical outputs. Read more on Ars Technica and Reddit. Bolstering Maritime Cybersecurity - How the Biden administration is strengthening America's maritime defenses against cyber threats. Cybersecurity at Sea: Strengthening America's Maritime Defenses. Protecting Water Utilities from Cyber Threats - A look into the new wave of cybersecurity measures for water utilities by CISA, the FBI, and the Environmental Protection Agency. The Stealthy Expansion of Software Supply Chain Threats - Unpacking a sophisticated cyber-attack via the Python Package Index. Discover more at ReversingLabs. Patch and Protect: ConnectWise ScreenConnect Update - Addressing the vulnerabilities reported in ScreenConnect and the steps for remediation. ConnectWise Security Bulletins. Join us as we dissect these pivotal moments in digital security and AI quirks, ensuring you stay informed and ahead of the curve in the ever-evolving world of technology. Only on Spotify. For the best listening experience, follow us on Spotify and dive into the digital depths with our insightful episodes on technology, cybersecurity, and the unexpected turns of AI. Transcript: Feb 22 [00:00:00] All right. Good morning listeners. And welcome back to the daily decrypt. Huge shout out to Jared Jones for his brand new release song played under the. Super sophisticated AI announcer. If you're looking for some music, if you're working hard all day in front of the computer and you're looking for some [00:01:00] music that doesn't have words and isn't too distracting, highly recommend looking up Jared Jones. J E R E D. You're going to find lots of sick bangers like that one. All right. But let's get into the news today. We're going to dive into a digital pandemonium as chat GPT, seemingly takes a Shakespearian swerve. Leaving user's puzzled with it's nonsensical Jabber. Meanwhile, the us government makes waves in cybersecurity. Anchoring down on maritime defenses against the rising tide of cyber threats, proving that when it comes to securing our ports, It's not just about the web. It's about the water. Speaking of water. We are also going to explore how America's water utilities are fortifying, their cyber defenses. Ensuring that the only things flowing through our pipes, our water and wifi. In the realm of software and vulnerabilities, we're gonna be talking about the Python package index or PI as I call it. And how it becomes a Trojan horse for cyber attackers highlighting the stealthy expansion of [00:02:00] threats within our digital supply chains. And lastly, if you stick around this long, we're going to just touch base on connect Wise's screen connect vulnerabilities. All right. So yesterday, Users on Reddit started reporting that chat GPT. What's going absolutely insane. The responses from techy, PT would start out pretty normal and then quickly devolve into what I would describe as someone with a dementia or Verna keys, aphasia. Thanks to all the Reddit users who posted their chats. They're very fun to read through. Various journalists have reached out to open AI, the makers of chatty Beatty. For comment and we're met just with direction to their status page. So no comment at this time has been released. But I have an example here of what ChatGPT was spitting out. And you can see by looking at the. Output. It's just [00:03:00] going through how it formulates its responses. It's creating noise and then refining that noise. So here. Is. An example of what it was doing yesterday. "The high, the high or the heart where the hair. The his, or the Howell hones, a hill, a heel or a hand where all the Astor and any, and all, or an ACE or a story or a strain at grok stands for, of you a visit or the verb there site. Is a stand, a state or a story the in or the in wit makes a must a may or a most." Part of that sounded kind of like the monologue from V for vendetta, which I'm not going to even try. To repeat, but if you haven't seen me for vendetta, highly recommended, Given the help the chat should. The T made composing this episode, it seems to be back to normal. But. It is a reminder at how. These quote, artificial intelligent. Chat bots are not perfect [00:04:00] and they can quickly devolve. So did, do you know that. Our planet is made up of mostly water. And so our, our bodies. Though these facts may seem startling. They're starting. To get the attention of government officials such as the Biden administration who yesterday released an executive order aimed at bolstering cybersecurity measures across the United States port facilities. This is sparked by increasing concerns over cyber threats, particularly from nation state actors like China. Who could cripple a lot of our infrastructure. By just taking down a few maritime ports. In an era where cybersecurity incidents can ripple through the global supply chain with devastating effect, the executive order represents a significant pivot towards enhancing the resilience of [00:05:00] maritime infrastructure. The us coast guard is now endowed with explicit authority to counter malicious cyber activities. Targeting the nation's Marine transportation system. This includes a mandate for the immediate reporting of any cyber threats or incidents that could compromise vessels, harbors, ports, or waterfront facilities. Part of the executive order involved reallocating over $20 billion towards port infrastructure over the next five years. And this is an aim to repatriate crane manufacturing, eh, which is a sector currently dominated by China, which manufacturers approximately 80% of the cranes used in us ports. So if you're wondering why focus on ports? Well, consider this America's ports are not just points of entry for goods. They're bustling hubs that can support 31 million American jobs and contribute $5.4 trillion to the economy. They're smooth operation is pivotal to our national security and economic prosperity. The threat of cyber attacks, particularly those that could be orchestrated by foreign adversaries. So as it [00:06:00] turns out, network ports, aren't the only ports cybercriminals are sneaking into. In the world of port. Cybersecurity, it looks like we're moving from pirate, infested waters. To cyber secure harbors. Ari a feeling safe yet. Speaking of water and making waves in the world of cybersecurity. The FBI SISA and the EPA. Released tips targeted specifically to water plants and water managing agencies. At an age where hackers seem to have the thirst for infiltrating our critical infrastructures. The spotlight has turned to our water utilities. This isn't just about keeping the water flowing. It's about ensuring that the only thing going down the drain is well water. And not our security. In recent years, several water treatment companies have been the target of ransomware attacks, which has led to significant disruptions. Such events compromise the safety and availability of drinking water, which is a serious risk to public health and [00:07:00] safety. These agencies. Are aiming to prevent such outcomes by helping utilities, bolster their defenses against malicious cyber activity. The article in our show notes, outlines eight top notch strategies to keep cyber threats at bay. From hiding key assets to changing passwords, as often as we're supposed to change our water filters. It seems like water utilities are being prepped for a stormy season in cyberspace. So what kind of attacks are they trying to prevent? Often hackers exploit vulnerabilities in the software and hardware that control water treatment processes. And by gaining unauthorized access, they can disrupt operations, demand, ransom, or even tamper with water quality. The guidance provided by SISA the EPA and FBI emphasizes the importance of regular updates and patches to address these vulnerabilities. Alongside training for staff to recognize and respond to cyber threats. Well, no system can be made completely invulnerable. The adoption of these recommended practices significantly reduces the risks [00:08:00] of successful cyber attacks, which is what we're going for. It is a lofty goal to completely eliminate cyber risk, but. The goal is to just do what we can. To make ourselves more secure. Alrighty, we're going to turn this a little bit more technical and talk about some recent vulnerabilities that have been discovered. Reversing labs. Released an article that discusses. A sophisticated cyber attack that leverages the Python package index or PI as I like to call it. To distribute malicious software through a technique known as DLL sideloading. In January of 2024. Carlos janky, a reverse engineer at reversing labs discovered two suspicious packages on PI. Named helper and NP six helper HTTP or. These packages were found to exploit DLL sideloading, which is a method where attackers execute malicious code on a computer without being detected by security [00:09:00] software. This technique was used to target legitimate pie packages, revealing a concerning trend in the misuse of open source platforms for cyber attacks. DLL sideloading typically involves replacement or of a dynamic link library or DLL with a malicious one. The attacker's goal is to trick the application into loading this malicious DLL. Thereby executing the harmful code. It contains. In this case, the malicious packages were designed to mimic legitimate ones, very closely, which fooled developers into incorporating them into their projects. So, this is pretty significant. It affects not just individual developers, but potentially the entire supply chain. As compromised packages could be integrated into a wide array of applications. The attackers utilized Typosquatting, which is a tactic where malicious packages are named similarly to legitimate ones. In an effort to deceive users into downloading them. Reversing labs investigation further revealed that these malicious packages downloaded additional payloads, including a legitimate [00:10:00] file from king soft core. And a malicious DLL designed to execute a second stage payload. For those interested in diving deeper into the specifics of this breach, including the technical details and indicators of compromise. We encourage you to check out the full article in our show notes for a comprehensive understanding of the attack, vectors and protective measures. And before we finish up for the day. We're just going to quickly circle back to the recent ConnectWise ScreenConnect vulnerabilities that were reported on February 13th. If you're running ScreenConnect on premises, you're going to need to update your servers to version 23.9 0.8 immediately. If you're in the cloud, there are no actions needed at this time. And ConnectWise is saying that there's no evidence that these vulnerabilities have been exploited in the wild, but immediate action must be taken by on-premise partners to address these identified security risks. All right. That's all we've got for today. I hope you enjoyed Water puns as well as the new music by [00:11:00] Jared Jones. Today was probably my favorite episode I've done so far. So if you have any feedback Uh, please shoot me a message on Instagram. Shoot us a tweet on Twitter. Uh, We'd love to hear from you. We understand your feedback is an honor. And so we'd be honored to receive And I believe we were taking tomorrow off. So we will talk to you more next week. [00:12:00] [00:13:00]

Did you accidentally type a typo in the URL? Here's why that could be a costly mistake.

EvilProxy phishes for executives. Typosquatting to deliver a rootkit. Stream-jacking on YouTube. A global look at risk management. Assistance from a diverse set of international partners. In our Solution Spotlight segment, Simone Petrella speaks with Diane Janosek, Executive Director of Capitol Technology University's Center for Women in Cyber, about paths to cybersecurity and ways to address cybersecurity workforce intelligence through education. Dave Bittner previews the 3rd annual SOC Analyst Appreciation Day with Kayla Williams of Devo. And some guidelines for hacktivists engaged in hybrid war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/190 Selected reading. EvilProxy Phishing Attack Strikes Indeed (Menlo Security) Typosquatting campaign delivers r77 rootkit via npm (ReversingLabs) A Deep Dive into Stream-Jacking Attacks on YouTube and Why They're So Popular (Bitdefender Labs)  The C-suite playbook: Putting security at the epicenter of innovation (PwC) European Peace Foundation (EPF) opens cyber classroom for Ukrainian Armed Forces - EU NEIGHBOURS east (EU NEIGHBOURS east)  Rethinking Security When So Many Threats Are Invisible (New York Times) 8 rules for “civilian hackers” during war, and 4 obligations for states to restrain them (EJIL: Talk!) Learn more about your ad choices. Visit megaphone.fm/adchoices

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Abhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB. In this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability management, the industry's over-pivoting on SBOMs, regulations and liability for software vendors, and the long road ahead for securing software supply chains.

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) GitHub security chief Mike Hanley joins the show to discuss merging the CSO and SVP/Engineering roles, securing data and code in an organization under constant attack, the thrilling promise of AI to the future of secure code, the dangers of equating SBOMs to supply chain security, and new SEC reporting rules for CISOs.

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) New General Manager of the Open Source Security Foundation (OpenSSF) Omkhar Arasaratnam joins Ryan for a candid conversation on the challenges surrounding open-source software security, lessons from the Log4j crisis, the value of SBOMs, and the U.S. government efforts at securing America's software supply chains.

The EU fines Meta for transatlantic data transfers. FIN7 returns, bearing Cl0p ransomware. Python Package Index temporarily suspends new registrations due to a spike in malicious activity. Typosquatting and TurkoRAT. UNC3944 uses SIM swapping to gain access to Azure admin accounts. A Turla retrospective. Rick Howard tackles workforce development. Our guest is Andrew Peterson of Fastly to discuss the intricate challenges of secure software development. And the FBI was found overstepping its surveillance authorities. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/98 Selected reading. Meta Fined $1.3 Billion Over Data Transfers to U.S. (Wall Street Journal) Meta fined record $1.3 billion and ordered to stop sending European user data to US (AP News) Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks (The Hacker News) Researchers tie FIN7 cybercrime family to Clop ransomware (The Record) Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware (Security Affairs) PyPI new user and new project registrations temporarily suspended. (Python) PyPI repository restored after temporarily suspending new activity (Computing) RATs found hiding in the NPM attic (ReversingLabs) Legitimate looking npm packages found hosting TurkoRat infostealer (CSO Online) SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part of a Well Balanced Attack (Mandiant) Mozilla Explains: SIM swapping (Mozilla) The Underground History of Russia's Most Ingenious Hacker Group (WIRED) Justice Department Announces Court-Authorized Disruption of Snake Malware Network Controlled by Russia's Federal Security Service (US Department of Justice) Hunting Russian Intelligence “Snake” Malware (CISA) FBI misused intelligence database in 278,000 searches, court says (Reuters) FBI misused controversial surveillance tool to investigate Jan. 6 protesters (The Record) FBI broke rules in scouring foreign intelligence on Jan. 6 riot, racial justice protests, court says (AP News)

Snow happens and disrupts everything except Eric's shiny new Rocket League Old Farts Season 8 Championship title. Scammy authenticator apps. AI generated voices breaking into banks. Typosquatting on PyPi. Electricity thieves for Crypto. Eric discovers Tatooine could exist and Jon speculates on how smart ChatGPT actually is...

Hai, netz… teruntuk kalian yang sering typo saat mengetik tapi masa bodoh ketika terlanjur kirim atau enter, hati-hati! Mungkin kalian berpikir typo atau salah ketik bisa saja diralat, tapi kalau typo saat ketik url website bisa bahaya lho! Kesalahan ketik tersebut bisa dimanfaatkan oleh penjahat siber untuk melancarkan serangannya. Jebakan semacam ini dikenal dengan typosquatting. Penasaran? Simak penjelasannya di episode S3E1 #sayaNETizenCerdas! #JagaRuangSiber #LenteraSiber #SecurityAwareness

In today's podcast we cover four crucial cyber and technology topics, including: 1.        Spanish authorities shut down 12 million Euro fraud ring 2.        Fortinet flaw abused by initial access brokers 3.        China-linked actors focus on Philippines with USB devices 4.        Australia increases fines for companies violating data privacy I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Welcome to Mastering Cyber with Host Alissa (Dr Jay) Abdullah, PhD, SVP & Deputy CSO at Mastercard, and former White House technology executive. Listen to this weekly one-minute podcast to help you maneuver cybersecurity industry tips, terms, and topics. Buckle up, your 60 seconds of cyber starts now! Sponsored by Mastercard. https://mastercard.us/en-us.html

InfoSec; the language of security. What is Typosquatting and How Do Scammers Use it? Typosquatting, as an attack, uses modified or misspelled domain names to trick users into visiting fraudulent websites; the heart of this attack is domain name registration. Typosquatting is deployed by scammers to defraud unaware users. Attackers will attempt to: mimic login pages, redirect traffic, download malware, and extort users. Past Known Typosquatting Attacks. Several Malicious Typosquatted Python Libraries Found On PyPI Repository Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository Security advisory: malicious crate rustdecimal This Week in Malware-Malicious Rust crate, 'colors' Typosquats Solutions to Typosquatting. How to stop typosquatting attacks What Is a Checksum (and Why Should You Care)? PiHole Ubuntu font family DNS monitoring services. Link to dnstwister: https://dnstwister.report/ Link to whois: https://www.whois.com/whois Password Managers. Link to bitwarden: https://bitwarden.com/ Link to keepassxc: https://keepassxc.org/ Two-factor and Multifactor Authentication. First, authentication. This is the process of verifying the validity of something; in our case, user credentials/identity. The most common way to authenticate is: USERNAME and PASSWORD. This is just a single layer (single-factor authentication) and isn’t enough to discourage attackers. Second, 2FA (Two-factor Authentication). 2FA increases the difficulty for attackers by providing users an additional layer of security to accomplish authentication. Common 2FA methods are: TOTP/OTP (the One Time Password), Authenticator Applications (Bitwarden, KeePassXC,...), and Security Keys (Yubikey). This works similar to ATMs; to authenticate the user must provide both knowledge (account PIN) and a physical object (bank card). Last, but not least, MFA (Multifactor Authentication). Similar to 2FA, MFA offers users security with the addition of biometrics (fingerprint scan, retina scan, facial recognition, and voice recognition). Attackers must overcome the knowledge factor, Possession factor, Inherence/Biometric factor, Time factor, and sometimes Location factor. MORE helpful security information. FIDO Alliance Specifications. Field Guide to Two-Step Login. 2FA/MFA Known Attacks. Bots That Steal Your 2FA Codes. hackers are cracking two-factor authentication

This week Dr. Doug postulates: Fibonacci lasers, Mark of the Web, typosquatting, malvertising, death to 486, AI Coding, CISA, Apple, along with the Expert Commentary of Jason Wood on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn250

This week Dr. Doug postulates: Fibonacci lasers, Mark of the Web, typosquatting, malvertising, death to 486, AI Coding, CISA, Apple, along with the Expert Commentary of Jason Wood on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn250

This week Dr. Doug postulates: Fibonacci lasers, Mark of the Web, typosquatting, malvertising, death to 486, AI Coding, CISA, Apple, along with the Expert Commentary of Jason Wood on the Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn250

Episode sponsors: Binarly (https://binarly.io/) and FwHunt (https://fwhunt.run/) - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence. Dan Lorenc and a team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government's efforts will speed up technology innovation.

In today's podcast we cover four crucial cyber and technology topics, including: 1.Criminals trick users with fake Queen phish 2.Criminals mimic Sniffies dating app to push malware 3.Researchers find new Linux tool used by Chinese-linked actors 4.Ransomware crew Lorenz exploiting flaw in MiVoice setups I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

A mai adásban több témát érintünk. Szó lesz url-hijackingről, ECMAScript 2022 specifikációról, és miről másról, mint IT cégekről.  Résztvevők: Pisti Róka Újdonságok DevTools Chrome 103-ban: https://developer.chrome.com/blog/new-in-devtools-103/#color PyPi Package: https://www.bleepingcomputer.com/news/security/pypi-package-keep-mistakenly-included-a-password-stealer/ ECMAScript2022 https://dev.to/jasmin/whats-new-in-es2022-1de6 https://tc39.es/ecma262/ Legjobb IT cégek https://www.computerworld.com/article/3665091/now-open-for-entries-best-places-to-work-in-it-2022.html Tech cégek lassítanak https://www.bloomberg.com/news/articles/2022-07-12/google-ceo-says-company-plans-to-slow-hiring-for-rest-of-year Hallgasd kedvenc lejátszódban, ne csak a legfrissebb részt! Google Podcasts - https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuaXZvb3guY29tL2VuL2RldnRhbGVzLXBvZGNhc3RfZmdfZjE1OTg1OTdfZmlsdHJvXzEueG1s Apple Podcasts - https://podcasts.apple.com/hu/podcast/devtales-podcast/id1386667284?mt=2 CastBox - https://castbox.fm/channel/DevTales-Podcast-id1295470 Pocket Casts - https://pca.st/podcast/5a10e180-5077-0136-fa7c-0fe84b59566dSpotify - https://open.spotify.com/show/4fS3YtJknqn1gSKa4HqKAt YouTube - https://www.youtube.com/channel/UC5nbDGKvuSK9NwOIJOiiwnARSS - https://devtales.shiwaforce.com/feed/podcast Facebook - https://www.facebook.com/groups/devtales Twitter - https://twitter.com/_devtales Slack - https://devtalespodcast.slack.com Email - devtales@shiwaforce.com fotó forrás: https://javascript.plainenglish.io/

[Referências do Episódio] - Symbiote - https:---blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat - Aoqin Dragon - https:---www.sentinelone.com/labs/aoqin-dragon-newly-discovered-chinese-linked-apt-has-been-quietly-spying-on-organizations-for-10-years/ - Instagram credentials Stealers - https:---www.mcafee.com/blogs/other-blogs/mcafee-labs/instagram-credentials-stealers-free-followers-or-free-likes/ - Mais uma quadrilha explorando a CVE-2022-26134 - https:---blog.checkpoint.com/2022/06/09/crypto-miners-leveraging-atlassian-zero-day-vulnerability/ - Typosquatting em pacotes PyPi - https://www.bleepingcomputer.com/news/security/pypi-package-keep-mistakenly-included-a-password-stealer/ [Ficha técnica] Roteiro e apresentação: Carlos Cabral Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

This week in the AppSec News: Typosquatting spreads to Rust, curl fixes flaws in mishandling dots and slashes, OpenSSF invests in a mobilization plan for open source, interesting appsec from Black Hat Asia.    Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw197

This week in the AppSec News: Typosquatting spreads to Rust, curl fixes flaws in mishandling dots and slashes, OpenSSF invests in a mobilization plan for open source, interesting appsec from Black Hat Asia.   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw197

An upswing in malware deployed against targets in Eastern Europe. Cozy Bear is typosquatting. CuckooBees swarm around intellectual property. Tracking the DPRK's hackers. Quiet persistence in corporate networks. CISA issues an ICS advisory. Caleb Barlow on backup communications for your business during this period of "shields up." Duncan Jones from Cambridge Quantum sits down with Dave to discuss the NIST algorithm finalist Rainbow vulnerability. And, hey, officer, honest, it was just a Squirtle…. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/86 Selected reading. Update on cyber activity in Eastern Europe (Google)  Multiple government hacking groups stay busy targeting Ukraine and the region, Google researchers say (CyberScoop) Google: Nation-state phishing campaigns expanding to target Eastern Europe orgs (The Record by Recorded Future) SolarWinds hackers set up phony media outlets to trick targets (CyberScoop)  SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse (Recorded Future)  Experts discover a Chinese-APT cyber espionage operation targeting US organizations (VentureBeat) Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation (Cybereason Nocturnus)  Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques (Cybereason)  Chinese hackers cast wide net for trade secrets in US, Europe and Asia, researchers say (CNN)  Researchers tie ransomware families to North Korean cyber-army (The Record by Recorded Future) The Hermit Kingdom's Ransomware Play (Trellix) New espionage group is targeting corporate M&A (TechCrunch)  Cyberespionage Group Targeting M&A, Corporate Transactions Personnel (SecurityWeek)  UNC3524: Eye Spy on Your Email (Mandiant)  Yokogawa CENTUM and ProSafe-RS (CISA)  Cops ignored call to nearby robbery, preferring to hunt Pokémon (Graham Cluley)

In this episode of Cyber Intel, Jonathan Zhang, CEO at WhoIsXML API, and Alexandre Francois, Head of Marketing & Threat Researcher at WhoIsXML API, join host Hillarie McClure to discuss typosquatting domains and typosquatting groups. Cyber Intel is a Cybercrime Magazine podcast series brought to you by WhoisXML API, a global cyber threat intelligence provider delivering some of the world's most comprehensive sources of domain, IP, and DNS data since 2010. You can find out more about our sponsor, WhoisXML API, at https://whoisxmlapi.com/

One of the true superpowers of Python is the libraries over at the Python Package Index. They are all just a "pip install" away. Yet, like all code that you run on your system, it is done with some degree of trust. How do we know that all of those useful packages are trustworthy? That's the topic of this episode. Bentz Tozer and John Speed Meyers are here to share their research into typosquatting on PyPI and other sneaky deeds. But we also discuss some potential solutions and fixes. Links from the show Overview topics SolarWinds: csoonline.com XCodeGhost: macrumors.com Python Package Index nukes 3,653 malicious libraries uploaded: theregister.com Dependency confusion: medium.com Typosquatting Is About More Than Typos: iqt.org Approaches to Protecting the Software Supply Chain: iqt.org A Quant's View of Software Supply Chain Securityz: usenix.org Organizations Open Source Security Foundation (OpenSSF): openssf.org Python Security Response Team: python.org Proposed solutions and tools pypi-scan: github.com AuraBorealis App: github.com Project Aura: aura.sourcecode.ai Aura source code: github.com Reduce Typosquatting Harm via Social Distancing for Top PyPI Packages: github.com Have I Been Pwned: haveibeenpwned.com Snyk Package Advisor: snyk.io Backstabbers-Knife-Collection: dasfreak.github.io NetworkML Package: github.com Misc Google as a Visionary Sponsor: pyfound.blogspot.com Episode transcripts: talkpython.fm Sponsors Square Talk Python Training AssemblyAI

Back again with another episode of the HackableYou Podcast. This time it's just Ed and Alex while Will is away. In our Cyber News we talk about the recent Law Enforcement involvement in taking down the Emotet Botnet, the Washington State Audit Office data breach leaking 1.6million records of employment claims and a recent update to Agent Tesla RAT including new evasion techiques. Topic of The Weeks looks at HoneyPots, HoneyNets and Deception Technology and the role they play acorss a security fuction. Go and have a look at Canary Tokens and the Honeynet Project. In our exclusive segment Secrets from The SOC we dive into the topic of Typosquatting and associated threats behind a simple milseplt domain name. We really hope you enjoy the Podcast and we would love to hear from you! Get in touch at info@hackableyou.com ---- Timestamps ---- CyberNews: 01:29 Topic of The Week: 15:46 SFTS: 24:49

As cybersecurity technologies become stronger, so do the adversaries. Over the last decade, we have seen the rise of ransomware, petya and, most recently, typosquatting. Despite our best efforts to be meticulous when reading URLs, there is always a margin of error that could compromise the security and economy of your business.  Joining us to tell us more is Jeremy Hendy; CEO at Skurio. In this podcast, he details the risks that typosquatting poses and the key to protecting your data. 

Sponsored by: www.whoisxmlapi.com/ For more on cybersecurity, visit us at cybersecurityventures.com/ For all of our podcasts, visit us at cybersecurityventures.com/podcasts/ Follow Cybersecurity Ventures / Cybercrime Magazine here: LinkedIn: linkedin.com/company/cybercrime-magazine/ Twitter: twitter.com/CybersecuritySF

Jon Paints and Eric Hikes. Calories anyone? Typosquatting followup, zerologon is multiplatform, and who doesn't like SPACE! Four! Point! Oh! Please Vote, and were you aware IAM is difficult? For fun we have Venice barriers, punk Astley, Twinkie Fungi, Nobel Prizes, and gene splicing. Please leave us a review! 0:00 - Intro 1:39 - Painting 6:15 - Elk Mountain 13:37 - Olive Garden 16:14 - Typosquatting Packages 19:37 - Something Phishy 19:52 - Samba Zerologon 23:31 - Space 4.0 (part 1) 27:25 - Space 4.0 (part 2) 30:54 - VOTE! 32:43 - Enter the Vault 45:48 - Venice Barriers 49:39 - Punk Astley 50:31 - Twinkies Are(n't) Forever 52:40 - Nobel Prizes 55:43 - Bring Me A Gene 57:51 - Link To Review

Please check the tech blog for full show notes. They are longer than space permits in these notations. I hope you all enjoy the program as much as I have bringing it to you. We'll be back to Wednesday next week.

Welcome to podcast 351 of the podcast. Some people can't stand the changes in regards to one telephone system and what they did. Shaun Everiss and I team up and I created a page for it. Jaws had an update and I covered all but two. Here is the blog post on that as well. Finally, Typosquatting is discussed in preparation for the next Security Box. All this, and final thoughts and contact info on this edition of the podcast.

Welcome to podcast 7 of the Security Box. This week, let's peruse some topics, I'll link to some articles, and you can comment as usual. News, Notes, and much more. Thanks for listening! Election officials have been warned about Typosquatting domains and how they can be used to bring trouble to their particular candidate. Typosquatting is a big problem, and in a future podcast, we'll look in to what this is. In an article entitled Feds warn election officials of potentially malicious ‘typosquatting’ websites you'll learn what is the danger in the election scheme of things. I think its time to really bring out a topic. How many people heard of the dark web? 11.6 billion records have been breached and are on the dark web since 2005 according to this article by Lastpass. Is this something we should be concerned with as a whole, or do you think it isn't a big deal? This can only get worse, and the box wants to hear what you think of this. Each year, more companies are breached than ever before and it is definitely a problem I think. There is a way you can scan the dark web for any type of data like an Email address, but is this enough? Lastpass has the capability of doing this for you. The article What are dark web scans? goes in to more details on how this is done. News: Looks like Experian can't keep their mouth shut. According to a Cyberscoop article, 24 million South Africans are now at risk because someone potentially opened their mouth. They said the employee was tricked in to disclosing information on a unknown number of people, but the number seems to be a whopping 24 million. No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans is the article and boy if Equifax and Experian haven't learned anything from their prior U.S. things, when will they ever learn? The U.S. stuff were hacking attempts but still ... human intervention is the weakest link in this whole ordeal. This week in Security News from August 21st covers another article on the 24 million from South Africa and even some other stuff that might be of interest. The tech blog will also highlight things from this article that might be of interest. Michael in Tennessee went ahead and gave me a heads up on this one. Turns out that a former CSO was charged in the Uber breach from 2016. U.S. prosecutors have charged the former Chief Security Officer at Uber with allegedly covering up a data breach at the ride-hailing company that exposed information tied to roughly 57 million people. Joe Sullivan was charged Thursday in the U.S. District Court in San Francisco with failing to disclose details of the security incident. to the proper authorities. Sullivan, who now works as the chief information security officer at Cloudflare, allegedly committed two felonies by not informing investigators about the hack while they probed the circumstances surrounding a prior data breach. This is great news, and one in which I want to cover in passing. Former Uber CSO criminally charged with covering up 2016 data breach has the full details from Cyberscoop.

Welcome! Craig discusses the Hack that could cost you your business. For more tech tips, news, and updates visit - CraigPeterson.com --- Read More: How to find Stalkerware on your smartphone This Simple Hack Could Tank Your Business 7 VPN services left data of millions of users exposed online Universities Brand ‘Drama Therapy’ And ‘Journalism’ as STEM Majors to Circumvent Immigration Policy DoJ suggested OANN should call FBI about NPR’s tipline, emails show Google reportedly peeks into Android data to gain edge over third-party apps Russia’s GRU hackers hit US government and energy targets Your next smartphone will be a lot harder to scratch --- Automated Machine-Generated Transcript: [00:00:00] Hey, have you been paying attention? And I know you have, 'cause you're the best and brightest, you know about phishing and not to click on links you don't know about. there's another one, and this next one is taking advantage of your knowledge about phishing. Hey  Craig, Peterson here. Thanks for joining me. Let's talk a little bit about it. Yes, we've man, we've beaten. I think the phishing horse to death bottom line because phishing has been such a problem for so long, but for those that aren't really up-on it, you've heard the term, a little bit about, don't click on things, phishing. It has been very effective lately. We have a lot of people working from home. That's going to continue for months and years to come, frankly, a very high percentage of us. It'll just be at home, in a bedroom or in the living room on the couch. [00:01:00] That's been happening a lot. those of us who are sitting at home. Are probably not as aware as we should be to all of the problems that are going on out there. Now we have some training for employees. A lot of places have stuff. I really love what we have and we have training for if you're in HIPAA. if you are CMMC I tar D FARs, right? All of these different regulations that are out there, even PCI training that walks people through and gives them questions and reminds them about the training. If your business does not have this sort of training. Get it right? Whether you get it from me or you get it from someone else, please get that training so that you can keep up on all of these techniques. The bad guys are using phishing is where they are sending out messages, trying to get you to do [00:02:00] something right. Trying to get you to react. what kind of reaction are we talking about here? They can be just a link that you click on. The email looks legit, right? I've been getting every week email, supposedly from Amazon telling me that my. Amazon Prime membership has expired. it hasn't the card did. And now because my credit card on file has been expired. So has my Amazon membership, right? no, none of that's true, but some of these emails you take a second glance. You say, Whoa, wait a minute then. Okay. That looks legit. It's got Amazon's logo. It's worded like Amazon might word it. And then if you click on it, it's going to take you to a site that pretends to be Amazon and asks you for your credit card update. So you're going to give a credit card number you're going to give. an expiration date, right? You're going to put all of this stuff [00:03:00] in, cause you don't want to lose your Amazon prime membership. Now I'm just using Amazon prime as an example, this is happening all the way across the board with tons of. Banks credit unions. Financial institutions are a really great target. I've seen them from supposedly, right? E-bay I've seen them from the IRS law enforcement. All right. All the way across the board, it is a serious problem. So how do we deal with that problem while we care, but what we're clicking on, but I want to talk about a simple hack may not have heard about before that can just destroy your business and what it is done? What these guys are doing is called Typosquatting papal, squatting, and typos squatting is where you think you're going to google.com, but maybe you ended [00:04:00] up@googl.com. You forgot the E or maybe it's Google with three O's. Instead of google.com or if you have one of these home routers, even if you're a business and you're not using at least pro or hardware, like the Cisco go hardware. Then you've got an additional problem because what the bad guys have been doing is taking over control of your router. So many of them have never been patched via Rob, have you ever updated your rudder? Have you ever. They did the firmware new router, right? Most people don't and most rodders don't do it automatically, and they only will do it for me, maybe a couple of years, even if they do it automatically, I just had a client. We were helping out. We were grading them to the prosumer, the Cisco go hardware. And. She said, yeah, I have been, I check every week. That's how diligent she was. So [00:05:00] she went to the vendor's website, checked what the latest release of firmware was, and then checked her machine to see what release of more she had. Guess what it was the same release. But it had been two years since the manufacturer had issued any updates to the firmware. So her modem was completely vulnerable. So make sure you do have a modem that is not only up to date, but really, even for home users, you've got to get the prosumer stuff. I recommend the Cisco stuff. You don't have to get it from me. But Cisco goes something you might want to look at. You can get it online. I think it's even available on Amazon. I've seen it over there before, and it's not that much more expensive if you just buy it and do it yourself. If you want me to do it, obviously we're going to get involved to help configure it and help you install it and everything. So there are additional charges, but let's get back to typesquatting. That's [00:06:00] different than the pad guys taking over your router. And when you type in the correct google.com, you're going to two of them. Okay. Okay. Many of these types of domains. Are either purchased for resale. They redirect you to a real offer and it a shady way. Many times what they're doing is they'll use a coupon if you will code that gives them credit for the sale. So you're, you are actually going to the real Amazon. And what happens is there's a referral. Bounty, if you will, that they are paid by sending you to Amazon, even though they didn't really send you to Amazon. So there's a lot of stuff that they're doing. And so forth labs found that roughly 2.7% of 15,000 domain names that they looked at. Two and a half, 2.7% were associated with some form of [00:07:00] cybercrime, including hacking phishing online fraud or spamming. If you think that 2.7% is a small number, remember there's at least 360 million registered domain. So let's do a little bit of mathematics here. If we say (360) 100-0000. Times 0.027. So that's 2.7%. So that is nine, almost 10 million websites. If those numbers, if you can really just interpolate it across all registered domains. So there's a lot of easy examples of type typo. Squatting. Security research has found a perfect. Replica of reddit.com, Tom, which is one of the five most visited websites online under [00:08:00] reddit.co. Which is.co is Columbia's domain by the way. So they had even acquired an SSL certificate for reddit.co. So the majority of the web browsers wouldn't even tell you that there might be a problem. So we gotta be very careful. We've seen campaigns in the past for Netflix dot O M again, a typo, right? You meant to type.com Citibank dot O M. Which is, by the way, Oman's, domain suffix. Now that doesn't mean that Columbia or Oman are actively involved in this, or even that the people that did this are from Columbia or Amman. It just means it was the domain was registered there. Registrars are what it's called. Cameroon's other popular one.cm, Hulu, Netflix, 12 million visits over a three month period. That's pretty amazing here. So anyway, let's not do that. Be careful with typos [00:09:00] squatting, pay close attention. When you're typing in the URLs. I have seen based on my website, just X, a lot of people use Google. Instead of typing in the direct URL. So pay attention to that. All right. Stick around. When we come back, we've got a mortar cocktail. We're going to get into the whole VPN story this week. I've got a big I told you so pink is the bottom line here and make sure you're on my email list. You can sign up at Craig peterson.com/subscribe. Stick around because we'll be right back. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

+ Tecnologías limpias para nuestra demanda de energía, aparecen las primeras hojas artificiales. + ¿Cómo buscar información? OSINT for dummies + Nosotros chateamos, ellos miran. Cómo los usuarios internacionales sin darse cuenta construye el aparato de censura china de WeChat + Los nuevos chips de seguridad T2 de apple son los nuevos rey midas de la basura. Toda la laptop que los traiga, si envejece se convierte en basura. + ¿Qué es el TypoSquatting y cómo aprovechan nuestras debilidades cerebrales para estafarnos? + Un servidor expuesto en internet sin contraseña de la NSO expone su vigilancia por contacto.

Siempre que le digo a un cliente que haga una fuerte inversión en la compra de dominios me tuercen la boca los financieros porque creen que con un dominio ya basta. El primer cliente al que convencí de la importancia de pagar más de un dominio fue a Harmon Hall porque la gente se refería hacia ellos despectivamente como JarmonJol con jota por molestar, pero el año pasado estuve en la conferencia de YK Hong, un hacker que nos mostró, a la gente de innovación de BANAMEX y a mí cómo era posible comprar su dominio con algunas modificaciones de alfabetos en idiomas raros y la gente no se percató de una modificación en una letra y podrían clonarles sus datos bancarios

Apple/Google Contact Tracing, Best VPNs to protect you.Apple/Google Contact Tracing UpdateiOS 0-Day Alert! Update Apple MailBest VPNs to protect you from the Five EyesTypoSquatting attacksVitamin D linked to COVID-19 mortalityResource Public Key InfrastructureHow BGP can break the InternetWe invite you to read our show notes at https://www.grc.com/sn/SN-764-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Wasabi.com offer code SECURITYNOW expressvpn.com/securitynow

Apple/Google Contact Tracing, Best VPNs to protect you.Apple/Google Contact Tracing UpdateiOS 0-Day Alert! Update Apple MailBest VPNs to protect you from the Five EyesTypoSquatting attacksVitamin D linked to COVID-19 mortalityResource Public Key InfrastructureHow BGP can break the InternetWe invite you to read our show notes at https://www.grc.com/sn/SN-764-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Wasabi.com offer code SECURITYNOW expressvpn.com/securitynow

Apple/Google Contact Tracing, Best VPNs to protect you.Apple/Google Contact Tracing UpdateiOS 0-Day Alert! Update Apple MailBest VPNs to protect you from the Five EyesTypoSquatting attacksVitamin D linked to COVID-19 mortalityResource Public Key InfrastructureHow BGP can break the InternetWe invite you to read our show notes at https://www.grc.com/sn/SN-764-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Wasabi.com offer code SECURITYNOW expressvpn.com/securitynow

Apple/Google Contact Tracing, Best VPNs to protect you.Apple/Google Contact Tracing UpdateiOS 0-Day Alert! Update Apple MailBest VPNs to protect you from the Five EyesTypoSquatting attacksVitamin D linked to COVID-19 mortalityResource Public Key InfrastructureHow BGP can break the InternetWe invite you to read our show notes at https://www.grc.com/sn/SN-764-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Wasabi.com offer code SECURITYNOW expressvpn.com/securitynow

Welcome! Good morning, everybody. I was on with Mr. Jim Polito this morning and we discussed a new technology fraud that you need to be aware of and also some other dangers that you may find yourself exposed to this holiday season. So, here we go with Mr. Polito. For more tech tips, news, and updates visit - CraigPeterson.com ---  Related articles: Hand in Hand On Black Friday --- Shopping and Privacy Imposter Retailers Outnumber Legitimate Ones ---  Automated Machine Generated Transcript: Craig Peterson Good morning, everybody. Craig Peterson here. I had a lot of fun this morning with Mr. Polito. It's nice having somebody who's quick on the draw on the other side and get to figure out why. Or I know why there's a delay sometimes between me speaking and him speaking. But their equipment isn't compatible with my equipment. And so we're going to figure that out. So we've got a note with the engineers over the radio stations to after the first of the year to see if we can't figure out a better way to get me chatting with, Jim but you are going to like it. We had a lot of fun anyway, and we talked about the fake retailer sites. I'm going into quite a bit of detail with them, too. I had a little walk along this morning with Mr. Jim Polito. Hey, Happy Thanksgiving to everybody. Hope you are going to have a great time we've as always we invite a friend over who doesn't have local family and maybe if you are a friend like that, you will be able to enjoy it with another family or with your own or Even by yourself but you know, my heart goes out to everybody. Take care of everybody and here we go with Jim Polito Jim Polito Here he is the man the myth, the legend. I'm talking about our good friend and thanksgiving Tech Talk Guru, Craig Peterson let me be the first sir to say I want to wish you a Happy Thanksgiving Jim Polito Happy late Thanksgiving, I appreciate that sir. I Craig Peterson  I thought you were gonna say Jim you missed the Canadian Thanksgiving or you know you did you said Happy Thanksgiving that that Jim Polito When is the Canadain Thanksgiving? I always forget. Craig Peterson It's about a month earlier. You know, because in Canada, we live in Igloos. So it is in October, you know. Jim Polito  I love that. But Thanksgiving in Canada is more of a is a recognition of the harvest and not a historical event, right? Craig Peterson That's absolutely true. It has nothing to do with the Commonwealth and people starving to death. And then that celebration, celebration of the harvest, like so many of them are worldwide. Well, as you mentioned earlier on your show, a lot of cultures have things and that's what it is in Canada as well. Jim Polito  Yeah. And you know, the thing is, it's more likely that the Thanksgiving in Plymouth, the first which as we know it was Plymouth, not Jamestown, because Plymouth we actually have a document to prove it was the first but it was likely how late September early October also, just like the Canadian would be right about now you wouldn't be having any harvest festival down in Plymouth. Craig Peterson  No, no, you probably wouldn't. Yeah, it's harvest time for sure. I got all the honey from my bees. I got about 100 pounds of honey this year. That's all done. They were really productive. Jim Polito  Yeah, pretty earthy-crunchy for a for a guy who's a tech talk guru. Craig Peterson  Yeah, exactly. It is. You know, I've got chickens and we still have horses, cats, and dogs. We've got rescue Great Dane here. Wow. Jim Polito  I love Great Danes. Oh, they're so nice. And they keep the revenuers away. Craig Peterson They do.  Jim Polito  You and Burt Ward you know, Robin from the old Batman series and his wife. They do Great Dane rescue because people get a Great Dane and then realize, Hey, this is like having a pony. Craig Peterson  We've had those small horses too and they are actually horses not ponies. We've had for four Dane rescues and it's kind of a shame. But you're right, a lot of people can handle them. But it is not the kind of dog that you can't train. You have to train them. There is no option. But to train them. Jim Polito  Yeah, you have to train because they can do whatever they want, but they are very gentle and loving dogs. Craig Peterson You know, our Great Dane, well she identifies as a Chihuahua. Jim Polito  That means jumping up in Craig's lap. Craig Peterson  Yeah. She stands there with these sad eyes. You know, her eyes say there's room on that couch and I could fit just because it's made for three people and there are three people on it already doesn't mean a little Chihuahua. Like me can fit. Jim Polito They're just so big. They are just so powerful. That's right. Well, there we go. This Thanksgiving we've had our animal rescue pitch. Now, let's get into this. We need to talk about Black Friday scams from a tech perspective because that's what folks are looking forward and thinking about right now. Craig Peterson  Oh, and this year is worse than most well, almost any other one prior, frankly. We've had I think it's first off I think the first point is something called typosquatting domains. Now, do you know what typo-squatting is? We all make typing errors especially on our smart devices, right? Make them all the time. Yes, a typing mistake or you know, you're thinking about something else while you're typing until you typed in something else. My wife was trying to go to a Microsoft Office site the other day and she kept typing orifice. You know, sticking in an "R" in there. And you know, we do this all the time. So Wow, Right now a company called the Venafi went and they grabbed the names of the biggest retailers that they could find online. And basically, they found them all. But, here's what they found their statistics, they found that there were almost 25,000 authentic retail sites online. At least think about that number for a minute. You compare that to five or 10 years ago. 20,000 authentic retail sites online. Yeah. But they found 110 thousand fake sites that looked like the retail site. So you know, 20,000 to 110,000, over four times as many fake sites that look legitimate retail sites, legitimate retail sites that are out there, and they also found 15,000 paid pal certificates issued in 20. 17 first I choose for fishing. So we've gone from about, you know, 15,000 in 2017 of the PayPal ones to now 110,000. So rule number one while you're shopping, this whole holiday season is all about certificates. Now, you have to be good to figure this out. And maybe what I should do is put together a little paper and I'll send it out to everybody that wants it. That explains it. But if you go on if you're sitting in front of your computer right now, Jim, I know you are Yep. And you go to the URL bar, that's the bar word has the website address. And on the left side, it usually has a little lock icon. And if you hover over that, it says View site information. Yeah, click on that. Yeah. It will come up and say the connection is secure. That Is test number one. Yeah, that's not the ultimate test. Okay. In a little bit, you'll see it says the certificate is valid. Jim Polito I'm on Facebook and it says certificate says valid. Craig Peterson All right, and it'll tell you if you click on down below where it says View certificate. If you click on that, it'll tell you who the issuer is. Jim Polito certificate information. Details Wait a minute. The certificate is intended for the following purposes. issued to Facebook com. It is issued in California. Craig Peterson They are one of the biggest and most legitimate and the fact it says it was issued to facebook.com. Okay. That's what you want to look for Jim, right. And what that tells you is they, they went to the trouble to verify that this really was Facebook. So these more expensive certificates like all of these retail sites likely to have these more expensive certificates, they go to the trouble to verify. So they check with the state to make sure that the company's properly registered, who the appropriate people are within the company to can make these decisions and buying the company. And then they'll issue their certificate. So what you're looking at is a legitimate certificate for Facebook. Jim Polito  Got it? Interesting. So yeah, like if you go to amazon.com, you know, yeah, you know, or Amazon, whatever, you missed it, and then they have a site that mimics the other side. That makes sense. You got to go over there and make sure all this isn't now, just sites like that. Get certificates. Can it can a site if I put up Amazon, Amazon com? And then I have a site that looks an awful lot like Amazon, can I get a certificate? Or will they say not a chance, buddy? Craig Peterson You can. There is the technology out there. I sometimes use these guys to do it. And the whole idea is to make it so that all of the data on the internet is encrypted. There's a site or certificate issued by Let's Encrypt. So if you go to my website, for instance, so if you were to go right now to Craig peterson.com. Yep, you'll see I'm Craig peterson.com. On the left, it's got the little lock, and you can click on that lock and it's going to come up with a connection is secure. If you look at the certificate, You'll see that it's issued by Let's Encrypt. Yeah. Okay. It doesn't have much information about me. It doesn't have the company name who would tissue to or anything else. So in this case, I could get a certificate for amazom.com. Let's encrypt the letters. So this is where it starts getting really confusing to people. Okay? You notice the details on my site are different than they were on Facebook. My site hasn't been authenticated. Is it really Craig Peterson or someone else. All they've done now is it made it so that if you're browsing on my website, it is encrypted. So people can't spy on you when you're on my website. This is a technology problem that we're actually working on for the internet right now. And we've got a few potential solutions impact. It's funny you brought it up because this week, finally Microsoft said, that they may, eventually, absolutely are going to next week, or by 2030.  They sre going to start to use those very solid, very good newer standards that are out there. But this is one of the big weaknesses of the internet. And unfortunately, Black Friday, you're going to hit this one. So what to do here, let's really correct it only, we only got like a minute left here. And all of this stuff is up on my website. Craig Peterson dot com.  If any website is insisting that you download their application run away! Everybody has an app and frankly, most apps can be a little dangerous, okay? If they keep pressuring you for the app, forget about it. If the website has a lot of advertising on it, especially if it's not for their stuff, be leery. If you're on a website, you went to Amazon. And it was not just advertising Amazon stuff, but was advertising a whole bunch of other stuff. That's a really big giveaway. As always, if the price is too good to be true, it's a true bait and switch a very big thing this time of year. And be careful with you're going to one of these sites to rent a house for the holidays. Yeah, careful of bait and switch. There are some studies out there and Airbnb has been trying to crack down. But studies showing the better than 20% on some of these sites of the listings are fake. So you sign up for a house and what will happen is like the day before, you'll get an email from the owner of the house or the just a room even saying we had a flood we had a pipe break and toilet breaks, etc. I'm going to move you to another house. It's just as nice you're going along.  Jim Polito Okay. This is all good stuff. Now, if people text My name to this number Craig Peterson 855-385-2553. That's 855-385-5553 standard Jim Polito Standard data and tax rates apply and Craig Peterson will provide you with this information. He'll provide you weekly with this information and won't bother you and you will be ahead of the curve. Craig, I can't thank you enough. Happy belated Canadian Thanksgiving. Happy American Thanksgiving. And we look forward to talking with you next week. Craig Peterson 14:42 All right, and we can discuss when Canadian Christmas is on the same day.   Jim Polito  Festivous is the 23rd. Thanks, Craig. Bye-bye. All right, we're gonna let Billy get on board with whoo socks.  Craig Peterson Hey again. My friends, Happy Thanksgiving and I'll be on tomorrow. I expect I'll be on WGAN and up in Maine tomorrow too. So I'll be back then. Take care. Bye-bye. Transcribed by https://otter.ai ---  More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson  

Welcome! Good morning, everybody. Thanksgiving week. of course, you know. Man, I went to the grocery store over the weekend and I have never seen a quite that busy before. Well, I think I have actually, I think about it. It was Thanksgiving last year. Everybody's out shopping everybody saying, "Hey, I shop all the time on the weekend and there's never this busy." So some of us are lying. Right? At least that's what I said to myself. Then I realized, you know what, yeah, I kind of shop all week long give or take. Anyhow, I was on this morning with Jack Heath and we were talking about some of the scams out there. Do you know about typosquatting? Well, that's what we talked about this morning. Here we go with Mr. Jack Heath. These and more tech tips, news, and updates visit - CraigPeterson.com ---  Related articles: Hand in Hand On Black Friday --- Shopping and Privacy  Imposter Retailers Outnumber Legitimate Ones ---  Automated Machine Transcript: Craig Peterson  Good morning, everybody. Thanksgiving week. of course, you know. Man, I went to the grocery store over the weekend and I have never seen a quite that busy before. Well, I think I have actually, I think about it. It was Thanksgiving last year. Everybody's out shopping everybody saying, "Hey, I shop all the time on the weekend and there's never this busy." So some of us are lying. Right? At least that's what I said to myself. Then I realized, you know what, yeah, I kind of shop all week long give or take. Anyhow, I was on this morning with Jack Heath and we were talking about some of the scams out there. Do you know about typosquatting? Well, that's what we talked about this morning. Here we go with Mr. Jack Heath. Jack Heath Craig Peterson with a tech talk update. And hopefully speaking of technology, Craig, people on Thursday, just in some commentary will put down these handheld devices that actually communicate with others in person if they're around family and And turn this thing off all day. Unless you're listening to I Heart Radio the app. Good morning, Craig. Craig Peterson Or they could be wondering why would they do that they're going to be shopping. There is a whole lot of stores now that are going to be selling this week, some at some of the lowest prices of the year. So it's not just Black Friday and Cyber Monday, but we're going to be seen and we already are now quite a few different vendors online that you're going to have to be kind of careful of by the way while you're shopping this week, and I learned something new this year to the best deals for airline flights out of the year are expected this not tomorrow, but a week from tomorrow, the Tuesday after Cyber Monday. So if you're planning on flying, particularly after the first of the year, you will see the lowest prices ever come a week from tomorrow. Also the Tuesday after Cyber Monday. But we have a new statistic out right now that was conducted by a company looking at all of these online websites that we shop at. And they found that there are four times more fake retailer sites than real ones out there. What this means is, these fake sites are pretending they are the real big-box retailer. And when you go there, bottom line, you could be in trouble they use them for fishing, etc. And they're using something jack called typos squatting, they found 50,000 websites out there, that if you mistype the name of the retailer, you are going to end up on a site that is frankly trying to steal your information. Check Honey, Jack Heath You know what that looks and feels like the one and then you go to order by you know, go to the cart and how do you know it's not it's a bogus site. Craig Peterson Well, the best thing to do is to be very careful while you're typing. But the real retailers will have not only a secure site HTTPs. And you can tell that by going up into your menu bar, there usually be a little lock over on the left-hand side that says something like your site information. And it will say the connection is secure. But you want to double-check the certificate and I know who wants to become a computer security expert, right? But look at that certificate, all you have to do is click on it, it'll tell you who issued it, and who it is who is really out there. So a legitimate merchant is going to have a website with a secure certificate, and it is going to be signed by a major significant company. Bottom line jack, where we got to fix this system because it's far too complicated to make sure it is who you really think it is. There is work underway right now to replace what's called the DNS system that we've had for quite a number of years that solves another problem, but created this problem. Jack Heath Well, the other thing is, you don't know what you're getting sometimes. In other words, the other thing I've noticed, Craig, which is not exactly what you're describing, but similar, is, you know, how they micro-target us. So like, Oh, just hypothetically, if you're a watch person, and you look at watches, like men's watches, well, that when you go to your news sites on is you'll have all these offerings on the right, or if you're looking for a new winter coat, all of a sudden, you're bombarded with different coats that different companies, so sometimes they'll put a nice looking coat that was a little bit like what you were looking at, and they'll say, you know, today only 40 45% off and you go to that site. And I don't know why I'm not gonna say the name, but it might be you know, might be some kind of like, a tactical advantage is the name of the business. So then you go to tactical advantage and the company, there's nothing about it. There's just a marketing term, there's nothing there but they have the coats the site how to order. And it might just be a marketing kind of thing where you will get a coat in the mail but you have no information about the business. It's not like LL Bean, for example where we've heard of it. You can go online, you get a catalog, you go online, you know, it's LL Bean. It's like some name, like, you know, great adventure and outdoor wear. And it's got a lot of neat, well, good pictures, good prices on outdoor wear. But the check you never heard of the company go to, like, look at it, and it's not there. Craig Peterson Yeah, you have to that. It is a really good way to do it. You have to do a little bit of research here. And when we're talking about bait and switch right now, one of the biggest debates in the tech world has to do with you're going to a new location, you're visiting family, you need a place to stay. Many of us have been using sites like Airbnb and there's a number of them out there and there has been a lot of bait and switching going on.  So be very careful that too, what they'll often do is you book a, you know, a house or maybe even just a room on one of these sites. It looks great. It sounds great values pretty good. You know, it's not like the best in the world, which is, by the way, a big giveaway if it's too good to be true, right? And you end up getting them a message from them the day before or they're about saying, Oh, no, the toilet broke, a water line broke, etc, etc. So I'm going to have to move you to this other house, but it's just as nice and you show up and the place is just horrific.  Jack Heath That's what happened to Justin, Justin was looking for a place on Long Island for Thanksgiving. That's what happened to him. They just told them that the place he was gonna go to was flooded. So the place that you're gonna like it, it's basically a houseboat. He doesn't know what he's getting into.  Craig Peterson  Wow, be careful Jack Heath Even though they've already had Thanksgiving in your native Canada you have a great Thanksgiving. All right, thanks jack. Take care guys. Craig Peterson with some tech talk. His show airs Saturday afternoons and of course great tech information and tips. Especially if you are an online buyer like when you go to get something like I don't know, an iPad or something? Justin McIssac Oh hell yeah. Transcribed by https://otter.ai ---  More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Message Input: Message #techtalk Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

Phishing E-Mail Spoofing SPF Protected Domain https://isc.sans.edu/forums/diary/Phishing+email+spoofing+SPFenabled+domain/25426/ Purchased Domain Arrives with Paypal Accounts Linked to it https://www.theregister.co.uk/2019/10/17/paypal_account_domain/ Typosquatting Attacks Affect 2020 Presidential Election https://www.digitalshadows.com/blog-and-research/typosquatting-and-the-2020-u-s-presidential-election/ STI Student: Christopher Hurless Exploring Osquery, Fleet, and Elastic Stack as an Open-source solution to Endpoint Detection and Response https://www.sans.org/reading-room/whitepapers/detection/paper/39165

Fall is upon us! Kacey, Charles, Harrison, and Alex kick off this week’s episode talking about our Fall Dallas team event (an amateur version of Chopped). We’re now all professional chefs. Then the team dives into this week’s hot topics: - Typosquatting and the 2020 Elections: https://www.digitalshadows.com/blog-and-research/typosquatting-and-the-2020-u-s-presidential-election/ - Honeypots: https://www.digitalshadows.com/blog-and-research/honeypots-tracking-attacks-against-misconfigured-or-exposed-services/ - The Sudo Vulnerability: https://threatpost.com/sudo-bug-root-access-linux/149169/ - Security Bsides Workshop Talk: http://www.securitybsides.com/w/page/134870340/DFW_2019 - Orca: https://github.com/digitalshadows/orca
https://twitter.com/maxdose_/status/1184429401338982401?s=12 Finally with the Chopped event on our minds, we round off the episode with our favorite dishes we want to learn to cook. Thanks for listening and don’t forget to rate us on iTunes and let us know how we’re doing.

Phishing E-Mail Spoofing SPF Protected Domain https://isc.sans.edu/forums/diary/Phishing+email+spoofing+SPFenabled+domain/25426/ Purchased Domain Arrives with Paypal Accounts Linked to it https://www.theregister.co.uk/2019/10/17/paypal_account_domain/ Typosquatting Attacks Affect 2020 Presidential Election https://www.digitalshadows.com/blog-and-research/typosquatting-and-the-2020-u-s-presidential-election/ STI Student: Christopher Hurless Exploring Osquery, Fleet, and Elastic Stack as an Open-source solution to Endpoint Detection and Response https://www.sans.org/reading-room/whitepapers/detection/paper/39165

The US may have retaliated in cyberspace for Iran’s strikes against Saudi oil fields. China’s new C919 airliner seems to have benefited greatly from industrial espionage. An old botnet learns new tricks. Typosquatting as an election influence trick. A look at price lists in the Criminal-to-Criminal marketplace. Recovering from ransomware. And when it comes to reputation management, there’s not so much a right to be forgotten as there is a right to fuggeddaboutit, if your get what we mean. Justin Harvey from Accenture on ESports gaining popularity in cyber security.  Guest is Aashka, a high school junior who helped plan the Raytheon Girl Scouts National Cyber Challenge. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/October/CyberWire_2019_10_16.html  Support our show

We discuss a new macOS Keychain vulnerability, which raises the question of why Apple still doesn't have a Mac bug bounty program. We also discuss shortcomings of two-factor authentication, the removal of the Do Not Track feature from Safari, whether or not Google Chrome's lookalike URL warnings are actually a good thing, and more (including why Apple still hadn't fixed the Group FaceTime spying bug; they finally did after we recorded the episode). Apple Patches Group FaceTime, Shortcuts Vulnerabilities Apple's bug bounty program, launched in 2016 (https://securosis.com/blog/thoughts-on-apples-bug-bounty-program) Apple might pay teenager who found Group FaceTime surveillance bug (https://appleinsider.com/articles/19/02/04/apple-might-pay-teenager-who-found-group-facetime-surveillance-bug) Apple to Remove “Do Not Track” Feature from Safari Google Chrome to get warnings for 'lookalike URLs' (https://www.zdnet.com/article/google-chrome-to-get-warnings-for-lookalike-urls/) Typosquatting (Wikipedia) (https://en.wikipedia.org/wiki/Typosquatting) Josh's tweet from 2012 about AdBlock Plus Chrome Canary (https://www.google.com/chrome/canary/) Security researcher demos macOS exploit to access Keychain passwords, but won’t share details with Apple out of protest (https://9to5mac.com/2019/02/06/mac-keychain-exploit/) Mr. Steal Yo Keychain (Patrick Wardle's keychain discovery of 2017) (https://www.patreon.com/posts/mr-steal-yo-14556409) Market for zero-day exploits (Wikipedia) (https://en.wikipedia.org/wiki/Market_for_zero-day_exploits) Two-Factor Authentication Might Not Keep You Safe (https://www.nytimes.com/2019/01/27/opinion/2fa-cyberattacks-security.html) Two-Factor Authorization Apps for iOS Kevin Mitnick (Wikipedia) (https://en.wikipedia.org/wiki/Kevin_Mitnick) Get 50% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

In today's podcast, we hear that Facebook has disclosed a cyberattack that affected fifty million users. A botnet is brute-forcing credentials. Cybercriminals show signs of ramping up spoofed retail domains in preparation for holiday shopping. The US Secret Service warns of ATM wiretapping. The Port of San Diego struggles with ransomware. The US SEC fines a company for cyber deficiencies. Mr. Assange goes offline. And some guy says he'll live-stream his annihilation of a prominent Facebook page. Jonathan Katz from University of MD on Bluetooth pairing protocol vulnerabilities. Guest is Andrea Little Limbago from Endgame on the internet’s effect on global conflict. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/September/CyberWire_2018_09_28.html Extended interview with Endgame's Andrea Little Limbago: https://www.patreon.com/posts/21704947 Support our show

Peter Wooley joins Jon to talk javascript while Eric cannot prevent it. NPM gains package signing capabilities; a casino is hacked courtesy of their fish tank; and once DeepFake matures, how do we tell what's real? Peter recommends playing Celeste on the Switch, Jon should have read a couple more books about bees, and clicky keyboards are awesome. Links: Peter Wooley on Twitter - https://twitter.com/peterwooley Javascript won! - https://hackernoon.com/javascript-has-already-won-235b29ed126b NPM signed packages - http://blog.npmjs.org/post/172999548390/new-pgp-machinery Typosquatting packages - http://incolumitas.com/2016/06/08/typosquatting-package-managers/ Fish Tank Thermometer - https://thehackernews.com/2018/04/iot-hacking-thermometer.html Pi-hole - https://pi-hole.net/ WiFi Grill - https://greenmountaingrills.com/ DeepFake Videos - https://www.buzzfeed.com/craigsilverman/obama-jordan-peele-deepfake-video-debunk-buzzfeed Celeste - https://en.wikipedia.org/wiki/Celeste_(video_game) More Bees! - https://en.wikipedia.org/wiki/Nuc Clicky keyboard - https://www.engadget.com/products/razer/blackwidow/chroma/

Jon chats about his car and beekeeping. Cloudflare's Privacy Focused DNS and an ARM v Intel post. Will Apple use its own chips in it Macs? And poor, poor Panera... Eric tries hiking Multnomah Falls and ends up hiking somewhere else. Jon gets a kick out of colors. Links: If you have an iPhone, use Overcast - https://overcast.fm Cloudflare's Privacy Focused DNS - https://1.1.1.1/ Dot-cm Typosquatting sites visited 12M times - https://krebsonsecurity.com/2018/04/dot-cm-typosquatting-sites-visited-12m-times-so-far-in-2018/ Beyond XSS: Edge Side Include Injection - http://gosecure.net/2018/04/03/beyond-xss-edge-side-include-injection/ Apple Plans to Use Its Own Chips in Macs From 2020, Replacing Intel - https://www.bloomberg.com/news/articles/2018-04-02/apple-is-said-to-plan-move-from-intel-to-own-mac-chips-from-2020 Intel v ARM power reqs - Killowatt - https://twitter.com/eastdakota/status/976560820611031040  ARM Takes Wing: Qualcomm vs Intel CPU comparison - https://blog.cloudflare.com/arm-takes-wing/ Panera doesn't take Security Seriously - https://medium.com/@djhoulihan/no-panera-bread-doesnt-take-security-seriously-bf078027f815 Eric (tries) hiking in the Gorge - https://www.fs.usda.gov/recarea/crgnsa/recarea/?recid=30026 Jon likes Color (courtesy of xkcd) - https://blog.xkcd.com/2010/05/03/color-survey-results/ 

Wherein we discuss typosquatting and other security matters with Adam Baldwin, of Lift security and the Node Security Platform. We cover what kind of exploits people are trying, speculate about how blockchains may well be the answer, and unsuccessfully attempt to start a turf war between various package managers. Special Guest: Adam Baldwin.

Since January of 2015, all 50 of the United States have reported an increase in business email compromise (BEC) attacks—a 1,300 percent increase, to be exact. Even worse, organizations have reported a loss of nearly one billion dollars. With everyone now being a potential target, it’s been noted that reconnaissance, social media, and social engineering has played a crucial role, as cyber thieves monitor and learn an organization’s “system.”   In this podcast, LBMC Information Security’s Bill Dean addresses BEC attacks and offers a few solutions for how to combat business email attackers.   Listen in and you’ll learn about:   BEC in the news (modern-day Nigerian money scams) Defining BEC The impact of BEC A brief overview of BEC Protections against BEC

In today's podcast, we hear how Cozy Bear slips through with domain fronting. Shamoon's infection methods are revealed. The crypto wars flare over not-so-lone wolves, but there are some genuine lone wolves out there as well. Medical and dental practices warned against attacks on FTP servers. A networked sterilizer is, well, digitally unhygienic. Docs dot com search functionality temporarily disabled. Remember, if you want to reach the G-men, it's FBI dot GOV, not dot com. The UMD Center for Health and Homeland Security's Ben Yelin examines a case where a defendant's expertise is being held against him. Brian Brunetti from Route1 warns about VPN insecurity. Scareware hits iOS users. And a Brooklyn prosecutor gets bad advice from the old heart.

Here is the recording of the March 7, 2012 webinar on “Trademarks and Domain Names.” In this webinar, we cover: – Trademark Overview – Domain Name Overview – Domain Name Formats – Domain Names as Trademarks – Domain Names Including Trademarks – UDRP – ACPA – Cybersquatting and Typosquatting – Hypotheticals View on YouTube The...

We talk to the lawyer who wants ad and search giant Google to pay out one thousand dollars a time for typosquatting sites that display its ads