Apple Zero Day Sold To Government (Transcript)

00:00:00,000 –> 00:00:05,640
All right, folks, you’ve hit the download button on Security Assessment Podcast, brought

00:00:05,640 –> 00:00:08,560
to you by our company, Lipani Security.

00:00:08,560 –> 00:00:12,640
If you’re interested, go to the link in the show notes below and check out all of our

00:00:12,640 –> 00:00:19,800
services software that we offer, as well as our blogs about security in all our past podcast

00:00:19,800 –> 00:00:20,800

00:00:20,800 –> 00:00:34,280
I want to thank you all for listening and let the show begin.

00:00:34,280 –> 00:00:39,680
And welcome to another edition of the Security Assessment Podcast.

00:00:39,680 –> 00:00:44,120
I am your host, Brandon, as always.

00:00:44,120 –> 00:00:50,520
I want to, first of all, folks, apologize for my voice today and the way I sound.

00:00:50,520 –> 00:00:54,560
He caught my daughter’s cold and I’m kind of getting over it, so my throat’s a little

00:00:54,560 –> 00:00:55,760

00:00:55,760 –> 00:00:58,560
So I do want to apologize for the…

00:00:58,560 –> 00:01:00,520
It’s not the audio, it’s my voice.

00:01:00,520 –> 00:01:05,440
So I do apologize for that today.

00:01:05,440 –> 00:01:08,040
Some big… couple of things I wanted to talk about.

00:01:08,040 –> 00:01:11,800
Real quickly, some big news as far as I’m concerned.

00:01:11,800 –> 00:01:18,640
Microsoft releases, officially releases, Copilot this week for Windows.

00:01:18,640 –> 00:01:23,440
And you can get it for… they have the free version you could use or you can get the paid

00:01:23,440 –> 00:01:24,440

00:01:24,440 –> 00:01:30,080
$20 a month for personal, $30 if you want their pro version.

00:01:30,080 –> 00:01:36,040
And obviously if you’re in business, you have a $20 a month or $30 a month program as well.

00:01:36,040 –> 00:01:39,720
Microsoft really hoping… they sent in their earnings report call that this is going to

00:01:39,720 –> 00:01:44,560
be kind of a thing where they’re going to try to… they’ve kind of saturated the market

00:01:44,560 –> 00:01:50,000
with Office, but they’re hoping this is going to help them sell per seat.

00:01:50,000 –> 00:01:52,680
They’re hoping this is going to up the amount of money that people are spending.

00:01:52,680 –> 00:01:55,880
So Microsoft Copilot, pretty big thing.

00:01:55,880 –> 00:01:57,680
I have been messing with it.

00:01:57,680 –> 00:02:01,240
I know controversy has always surrounded it on GitHub.

00:02:01,240 –> 00:02:08,920
I really like it as a programmer, being able to have it as a copilot and really using it

00:02:08,920 –> 00:02:17,840
as, like I said, as a kind of a coding… something extra when I’m coding as a tool

00:02:17,840 –> 00:02:21,440
to help you if you get stuck or to help you if you have to do repetitive code over and

00:02:21,440 –> 00:02:25,800
over again or if you’re like me, not a great typist, just to have it.

00:02:25,800 –> 00:02:27,280
And it really does help.

00:02:27,280 –> 00:02:32,520
I know there has been some controversy about it because it did learn on all of GitHub’s

00:02:32,520 –> 00:02:38,280
code and some people saying, well, that code is… there’s been controversy about the licensing,

00:02:38,280 –> 00:02:41,880
how the copilot uses the code and some of that.

00:02:41,880 –> 00:02:47,520
But I do think it actually is going to be a big thing for people.

00:02:47,520 –> 00:02:52,360
And I’m sure it’s going to be integrated into many different security products if it isn’t

00:02:52,360 –> 00:02:53,360

00:02:53,360 –> 00:02:56,680
And there’s just so many things that it can do.

00:02:56,680 –> 00:02:58,680
And like I said, I’ve seen it the other day.

00:02:58,680 –> 00:03:01,720
I was messing with it in Excel, all these kinds of things.

00:03:01,720 –> 00:03:09,240
So I do think it is something that is definitely going to be a tool that we’re all going to

00:03:09,240 –> 00:03:13,040
use as time progresses, going to get more and more popular.

00:03:13,040 –> 00:03:16,680
And just like I said, I’m just really excited to see where it goes.

00:03:16,680 –> 00:03:17,680
I actually…

00:03:17,680 –> 00:03:19,000
I’m not sure if I’m going to stay paying for…

00:03:19,000 –> 00:03:23,920
I will stay with paying $10 a month for GitHub, but I’m not sure if I’m going to…

00:03:23,920 –> 00:03:27,920
Well, I’ve been paying for the GitHub copilot for a while, but I’m not sure if I’m going

00:03:27,920 –> 00:03:28,920
to actually stay with it with…

00:03:28,920 –> 00:03:35,440
I don’t know if I use Excel and Word enough to justify $20 a month, but like I said, I

00:03:35,440 –> 00:03:37,520
might pay for chat GPT and just use that.

00:03:37,520 –> 00:03:39,120
I’m not sure yet.

00:03:39,120 –> 00:03:40,720
I’m still deciding what I’m going to do.

00:03:40,720 –> 00:03:45,500
But like I said, really big news as far as I’m concerned, because I think that’s going

00:03:45,500 –> 00:03:50,960
to be really huge going forward, especially with the search market and all that kind of

00:03:50,960 –> 00:03:51,960

00:03:51,960 –> 00:03:52,960
So we’ll have to see.

00:03:52,960 –> 00:03:54,640
Also, two big news this week.

00:03:54,640 –> 00:03:59,880
I think Blue Sky opened up to everybody.

00:03:59,880 –> 00:04:03,240
Blue Sky is supposed to be like Twitter, but it’s decentralized.

00:04:03,240 –> 00:04:08,480
So I think it’s going to be like Mastodon to a certain degree and like Twitter to a

00:04:08,480 –> 00:04:09,480
certain degree as well.

00:04:09,480 –> 00:04:15,000
So I’ve messed with it a little bit, not a huge fan of it, but I thought that was pretty

00:04:15,000 –> 00:04:17,520
interesting that they opened up this week as well.

00:04:17,520 –> 00:04:22,000
Decked Dorsey saying his goal with this is that it’s going to be like Twitter, but decentralized.

00:04:22,000 –> 00:04:25,800
I think Mastodon is kind of onto that, but they have a little way to go yet.

00:04:25,800 –> 00:04:31,760
So we have to remain and see what happens with that going forward.

00:04:31,760 –> 00:04:37,240
Speaking of Check Dorsey, Square had a large outage the other day.

00:04:37,240 –> 00:04:42,000
They haven’t announced why it went down yet, but Square had a big outage.

00:04:42,000 –> 00:04:43,400
Didn’t affect us too much here.

00:04:43,400 –> 00:04:47,960
We’re very fortunate, but I know a lot of places were upset that Square was down.

00:04:47,960 –> 00:04:50,040
They couldn’t take credit card payments and stuff like that.

00:04:50,040 –> 00:04:53,720
So that is actually quite big news.

00:04:53,720 –> 00:04:55,400
And like I said, they got it back up.

00:04:55,400 –> 00:04:59,000
They’ve had outages before, but especially with credit card processing, the money they’re

00:04:59,000 –> 00:05:04,320
losing as well as the people that can’t take credit cards, it’s quite a big deal.

00:05:04,320 –> 00:05:07,160
So that was something that happened this week as well.

00:05:07,160 –> 00:05:11,360
I thought that was pretty important news.

00:05:11,360 –> 00:05:16,380
Also too, since we’re kind of going into the news already, that’s fine.

00:05:16,380 –> 00:05:18,740
Also news I thought was relevant.

00:05:18,740 –> 00:05:24,380
Disney has announced that they’re going to be cracking down on the password sharing.

00:05:24,380 –> 00:05:26,740
They’re doing this because they’re trying to do what Netflix is doing.

00:05:26,740 –> 00:05:28,580
They want to make sure people aren’t sharing passwords.

00:05:28,580 –> 00:05:29,840
That’s revenue loss.

00:05:29,840 –> 00:05:32,860
So they’re going to go ahead and start fighting that.

00:05:32,860 –> 00:05:37,980
I can’t stress enough to everybody that listens how important it is not to share your password

00:05:37,980 –> 00:05:39,340
to anything.

00:05:39,340 –> 00:05:40,660
I’ve said this a million times.

00:05:40,660 –> 00:05:43,720
People say all the time, “Well, I’m just sharing my password with them.”

00:05:43,720 –> 00:05:48,660
No, you should not share your password because the odds are a chance that password is going

00:05:48,660 –> 00:05:52,500
to be something that you’re using for something else.

00:05:52,500 –> 00:05:57,220
Now that person knows one of your passwords and it doesn’t take much for them to go ahead

00:05:57,220 –> 00:06:00,840
and try to get into other systems using that one password.

00:06:00,840 –> 00:06:06,260
The other problem is if that person should get compromised, now somebody has your password

00:06:06,260 –> 00:06:08,500
since you gave it to a friend.

00:06:08,500 –> 00:06:10,140
So I can’t stress it enough.

00:06:10,140 –> 00:06:14,220
I understand people are sharing passwords and logins should help somebody save some

00:06:14,220 –> 00:06:15,380

00:06:15,380 –> 00:06:18,940
It’s great and it’s wonderful that you’re helping your friends.

00:06:18,940 –> 00:06:21,660
If you’re going to keep doing that, which you shouldn’t, but if you’re going to keep

00:06:21,660 –> 00:06:25,620
doing that, I strongly recommend you make it a weird generic password that you don’t

00:06:25,620 –> 00:06:26,620
use anywhere else.

00:06:26,620 –> 00:06:30,380
So at least if that does get compromised, you at least are safe.

00:06:30,380 –> 00:06:36,020
That person, if somebody does get that password, it’s like I said, a different password than

00:06:36,020 –> 00:06:37,480
you use for everything else.

00:06:37,480 –> 00:06:38,800
So very important.

00:06:38,800 –> 00:06:41,380
Make sure you, like I said, change your password.

00:06:41,380 –> 00:06:46,180
The other thing you could do if you do want to share password information for a service,

00:06:46,180 –> 00:06:52,500
you also, if you have to use a different email even, so that this way at least if the email

00:06:52,500 –> 00:06:57,540
gets compromised and the password gets compromised, it’s not your same username and password or

00:06:57,540 –> 00:07:01,200
your username and email or email and password combination.

00:07:01,200 –> 00:07:02,940
So it’s much, much safer.

00:07:02,940 –> 00:07:04,140
I strongly recommend that.

00:07:04,140 –> 00:07:07,580
Again, if you want to keep sharing your password information, that’s fine, but you should really

00:07:07,580 –> 00:07:12,640
at least be using a different password and even more so a different email address.

00:07:12,640 –> 00:07:14,580
So very, very important.

00:07:14,580 –> 00:07:18,540
Also too, I want to point out too, Apple did release an update today for iOS.

00:07:18,540 –> 00:07:19,980
A couple people had asked me about it.

00:07:19,980 –> 00:07:21,100
I just want to point that out.

00:07:21,100 –> 00:07:23,940
It is not actually a security update.

00:07:23,940 –> 00:07:27,460
It is actually a bug fix for a text prompt.

00:07:27,460 –> 00:07:30,000
So if you don’t get it, it’s not a big deal.

00:07:30,000 –> 00:07:31,120
It’s just a bug fix.

00:07:31,120 –> 00:07:32,620
It’s not a security update.

00:07:32,620 –> 00:07:34,900
So very important to know that.

00:07:34,900 –> 00:07:40,620
Another thing I wanted to point out is the security through obscurity.

00:07:40,620 –> 00:07:47,660
And the reason why I’m saying that is a very large bank in China called ICBC was hit by

00:07:47,660 –> 00:07:51,220
a ransomware attack the other day.

00:07:51,220 –> 00:08:00,540
And what surprised me in 2024, they are still using a novel network server.

00:08:00,540 –> 00:08:07,660
And this just astounded me because a novel network has long been not used in business.

00:08:07,660 –> 00:08:11,420
It’s still supported by a third party company as you can run it.

00:08:11,420 –> 00:08:14,020
It’s not like it’s completely obsolete yet.

00:08:14,020 –> 00:08:20,100
But what’s funny was this ransomware got loose in their system and when it got to one of

00:08:20,100 –> 00:08:23,980
their critical systems, the ransomware didn’t actually know what to do.

00:08:23,980 –> 00:08:26,420
It didn’t know how to affect the system because it was network.

00:08:26,420 –> 00:08:29,620
So I thought that was a little funny.

00:08:29,620 –> 00:08:34,860
Like I said, to me it was just funny that it’s kind of the old saying of security through

00:08:34,860 –> 00:08:35,860

00:08:35,860 –> 00:08:38,260
But like I said, it was pretty funny.

00:08:38,260 –> 00:08:42,780
Like I said, it nailed a lot of the workstations that were part of their system.

00:08:42,780 –> 00:08:47,860
But like I said, when it got to this, it had no idea what to do with the network server.

00:08:47,860 –> 00:08:54,460
So as much as I pick on them for running NetWare, it may have actually saved their systems because

00:08:54,460 –> 00:08:59,000
they weren’t able to get into their critical systems because they were still running NetWare.

00:08:59,000 –> 00:09:01,160
So I thought that was pretty funny.

00:09:01,160 –> 00:09:06,420
And anybody that’s listening right now that is a network guy, I’m sure you’re laughing

00:09:06,420 –> 00:09:11,860
because I was too when I read this, I was like, wait a minute, like NetWare in 2024?

00:09:11,860 –> 00:09:13,340
I can’t believe it.

00:09:13,340 –> 00:09:14,940
But for them, talk about luck.

00:09:14,940 –> 00:09:17,400
Like I said, that really saved them.

00:09:17,400 –> 00:09:20,620
So maybe that was the, maybe somebody had planned that.

00:09:20,620 –> 00:09:22,540
I’m sure somebody’s going to take credit for planning.

00:09:22,540 –> 00:09:25,180
If it wasn’t planned, I’m sure somebody’s going to take the credit for it.

00:09:25,180 –> 00:09:29,880
So I thought that was a pretty funny, pretty funny story.

00:09:29,880 –> 00:09:31,640
And like I said, it made me laugh.

00:09:31,640 –> 00:09:34,780
So I thought we’d go ahead and share that.

00:09:34,780 –> 00:09:39,440
Also big, I think the biggest news security news of the week was an article that was released

00:09:39,440 –> 00:09:40,920
from Slashdot here.

00:09:40,920 –> 00:09:46,780
A Chinese state sponsored hacking group known as Volt Typhoon has been living in the networks

00:09:46,780 –> 00:09:50,760
of some critical industries for at least five years.

00:09:50,760 –> 00:09:57,900
According to joint cybersecurity advisory issued by the US and its allies on Wednesday.

00:09:57,900 –> 00:10:02,660
The compromised environments are continents, are in the continents of the United States

00:10:02,660 –> 00:10:07,120
and elsewhere, including Guam and others.

00:10:07,120 –> 00:10:11,960
It was published in the US agencies that their security counterparts, Australia, Canada,

00:10:11,960 –> 00:10:13,740
the UK and New Zealand.

00:10:13,740 –> 00:10:18,740
The report comes weeks after the US officially announced that the operation to disrupt Volt

00:10:18,740 –> 00:10:24,180
Typhoon by deleting malware from thousands of internet connected devices across the country.

00:10:24,180 –> 00:10:27,960
Apparently they have been in systems for quite a while.

00:10:27,960 –> 00:10:32,480
The company, the hacker group has been targeting sectors like communication, energy, transportation

00:10:32,480 –> 00:10:34,500
and water systems.

00:10:34,500 –> 00:10:38,100
So which are, I mean, we all know critical parts of the economy.

00:10:38,100 –> 00:10:39,940
So I wanted to point that out.

00:10:39,940 –> 00:10:41,100
I got a lot of press.

00:10:41,100 –> 00:10:43,060
It definitely deserved it.

00:10:43,060 –> 00:10:45,860
State sponsored hacking is quite a big deal.

00:10:45,860 –> 00:10:48,860
And with everything, we’ve had some issues with China and some of that over the years.

00:10:48,860 –> 00:10:51,900
And it’s been five years, so it’s quite a while now.

00:10:51,900 –> 00:10:55,700
But I thought that was, I mean, in my opinion, that was the biggest news of the week.

00:10:55,700 –> 00:11:00,020
The other big story of the week, I really believe is that critical vulnerability that’s

00:11:00,020 –> 00:11:02,500
affecting most Linux distros.

00:11:02,500 –> 00:11:05,620
You know, that, I mean, it’s basically allowing for bot kits to get in.

00:11:05,620 –> 00:11:12,800
Linux developers are in the process of patching high severity vulnerability in certain cases

00:11:12,800 –> 00:11:18,260
that allows the installation of malware that runs at the firmware level.

00:11:18,260 –> 00:11:20,860
So they are in the process of working on that.

00:11:20,860 –> 00:11:27,200
The vulnerability did get tracked at CVE-2023-40547.

00:11:27,200 –> 00:11:31,260
You know, this is, it’s basically a buffer overflow attack is what it is, but it’s a

00:11:31,260 –> 00:11:35,260
coning bug that allows attackers to execute code of their choice.

00:11:35,260 –> 00:11:38,920
And like I said, when they affect it, it will actually be able to get into the bootkit.

00:11:38,920 –> 00:11:40,800
So they are working on this.

00:11:40,800 –> 00:11:46,500
I think the vulnerability resides kind of like I said, in the boot process to a certain

00:11:46,500 –> 00:11:47,500

00:11:47,500 –> 00:11:49,740
So it is pretty important.

00:11:49,740 –> 00:11:55,300
So I mean, and the scary part about this is even if you’re using secure boot, it could

00:11:55,300 –> 00:11:56,940
still be a problem.

00:11:56,940 –> 00:12:02,060
So secure boot, obviously the protection that’s built in the most modern computing devices,

00:12:02,060 –> 00:12:05,180
Windows, Linux, and Mac, obviously.

00:12:05,180 –> 00:12:10,340
You know, it’s a verified process, but apparently this thing is, you know, this is an exploit

00:12:10,340 –> 00:12:14,720
of that vulnerability attacks, you know, and actually lets you get, you know, right into

00:12:14,720 –> 00:12:16,580
that secure boot firmware.

00:12:16,580 –> 00:12:19,520
And that’s actually quite concerning.

00:12:19,520 –> 00:12:21,260
So like I said, they are working on that.

00:12:21,260 –> 00:12:25,800
Like I said, the, you have a CVE for it.

00:12:25,800 –> 00:12:27,440
And like I said, they are working on it.

00:12:27,440 –> 00:12:30,940
I would imagine the patch is coming, it’s going to be out soon.

00:12:30,940 –> 00:12:37,220
Looks like it’s tracked as 2023, even though it was, I mean, it was discovered fairly recently.

00:12:37,220 –> 00:12:40,100
So, but I guess it’s really being exploited now.

00:12:40,100 –> 00:12:43,020
So very important with that.

00:12:43,020 –> 00:12:44,020
Same thing with Log4j.

00:12:44,020 –> 00:12:46,940
I just saw an article this week, I don’t have it in the show notes, but I wanted to point

00:12:46,940 –> 00:12:53,940
that out that Log4j is still an issue because so many, I mean, you’re looking at, you know,

00:12:53,940 –> 00:12:57,460
you have, especially with Google was talking about that you have repositories that are

00:12:57,460 –> 00:13:00,780
six, seven levels down that still have not been patched for Log4j.

00:13:00,780 –> 00:13:05,620
So it’s very important when you’re using open source software that, you know, even though

00:13:05,620 –> 00:13:08,660
it is open source and stuff like that, but you got to make sure if you’re using these

00:13:08,660 –> 00:13:14,980
abandoned projects, you know, you definitely could, could have a serious issue, you know,

00:13:14,980 –> 00:13:19,680
with these unpatched vulnerabilities, especially something like Log4j and this too now.

00:13:19,680 –> 00:13:24,060
This shouldn’t be as bad because it’s not so many levels down, but if you’re using,

00:13:24,060 –> 00:13:30,380
you know, a fork of a fork of a fork, you know, you’re going to have to make sure that

00:13:30,380 –> 00:13:31,380
it’s patched.

00:13:31,380 –> 00:13:32,900
So very important.

00:13:32,900 –> 00:13:36,860
And I think those were the two real big news stories.

00:13:36,860 –> 00:13:41,960
But the other one that I felt was really big was the one that was released by TechCrunch

00:13:41,960 –> 00:13:43,580
and everybody picked it up.

00:13:43,580 –> 00:13:47,220
Government hackers targeting iPhone owners with zero day vulnerability.

00:13:47,220 –> 00:13:52,000
Apparently Google says that there are three unknown vulnerabilities in Apple’s iPhone

00:13:52,000 –> 00:13:56,220
offices that have not been patched and that Apple doesn’t know about them.

00:13:56,220 –> 00:14:01,520
And apparently there’s a European startup that’s working with the government just to

00:14:01,520 –> 00:14:07,180
help them exploit iPhones that they want to get into using these vulnerabilities.

00:14:07,180 –> 00:14:13,240
Like I said, according to Google, the government hackers took advantage of the three iPhone

00:14:13,240 –> 00:14:19,040
zero days, which are vulnerable to no, which are vulnerabilities not known to Apple.

00:14:19,040 –> 00:14:20,600
So that means that they weren’t reported.

00:14:20,600 –> 00:14:23,380
So Apple has not yet patched them.

00:14:23,380 –> 00:14:28,200
So this is why this is such kind of a big deal because as long as they keep making sure

00:14:28,200 –> 00:14:32,260
they’re not reported to Apple, they still have this exploit that they can use to get

00:14:32,260 –> 00:14:33,500
into the phones.

00:14:33,500 –> 00:14:35,420
So that’s why this is a big deal.

00:14:35,420 –> 00:14:39,120
Like I said, I don’t know if it was the biggest deal because they’re only doing it to phones

00:14:39,120 –> 00:14:41,940
they want, but if you’re one of the phones they want, it is a big deal.

00:14:41,940 –> 00:14:46,260
So but like I said, this is not the first time.

00:14:46,260 –> 00:14:48,740
This startup apparently has done stuff like this before.

00:14:48,740 –> 00:14:52,300
It was reported in 2002 and 2003.

00:14:52,300 –> 00:14:55,780
So like I said, this isn’t the first time they’ve done this, but it is kind of big news.

00:14:55,780 –> 00:15:01,760
Like I said, I have a serious problem when startups do this because I think it’s the

00:15:01,760 –> 00:15:03,320
security companies.

00:15:03,320 –> 00:15:06,720
I understand they’re providing a security service to the government by showing them

00:15:06,720 –> 00:15:11,200
how to get into these phones using, finding these zero days and then kind of saying, “Hey,

00:15:11,200 –> 00:15:12,200
we have this.

00:15:12,200 –> 00:15:13,200
We can help you.”

00:15:13,200 –> 00:15:14,200
I get it.

00:15:14,200 –> 00:15:18,600
I understand it, but I don’t particularly agree with the business model.

00:15:18,600 –> 00:15:19,880
I just don’t agree with it.

00:15:19,880 –> 00:15:26,860
I mean, Apple pays very, very well for security vulnerabilities.

00:15:26,860 –> 00:15:33,180
And what this is is probably the government is paying them a lot more than Apple is.

00:15:33,180 –> 00:15:38,460
And like I said, I really think I have a serious ethical issue with this, but I know this is

00:15:38,460 –> 00:15:43,100
what companies are doing now and I really don’t agree with it.

00:15:43,100 –> 00:15:47,180
But I thought that was another thing that I wanted to bring up that I did have it in

00:15:47,180 –> 00:15:48,180
my notes.

00:15:48,180 –> 00:15:51,360
I mean, it is a big deal just because the…

00:15:51,360 –> 00:15:55,800
To me, it’s a big deal because Apple doesn’t know about them and these companies, they

00:15:55,800 –> 00:15:59,000
have security features to define these holes and then they use these holes until they’re

00:15:59,000 –> 00:16:00,000

00:16:00,000 –> 00:16:02,840
And like I said, I don’t particularly agree with this.

00:16:02,840 –> 00:16:08,320
I know their businesses are doing this now, but to my opinion, it is borderline.

00:16:08,320 –> 00:16:09,960
Well, not borderline.

00:16:09,960 –> 00:16:12,500
It is unethical.

00:16:12,500 –> 00:16:16,100
It is, in my opinion, the government using loopholes.

00:16:16,100 –> 00:16:26,740
If any of us did this to people to steal data, we would be charged and we would be in so

00:16:26,740 –> 00:16:27,740
much trouble.

00:16:27,740 –> 00:16:31,480
But because the government’s doing it, it’s okay.

00:16:31,480 –> 00:16:36,220
And because this company is working with the government, they’re okay.

00:16:36,220 –> 00:16:40,220
I just think I have a serious problem with this because it does not put everybody in

00:16:40,220 –> 00:16:42,000
the same playing field.

00:16:42,000 –> 00:16:47,340
It would be like our company finding a security vulnerability and then trying to sell it to

00:16:47,340 –> 00:16:50,060
other businesses because they’re selling it to the government.

00:16:50,060 –> 00:16:51,060
It’s fine.

00:16:51,060 –> 00:16:57,680
I just have an issue, an ethical issue with this.

00:16:57,680 –> 00:16:59,240
I don’t agree with it.

00:16:59,240 –> 00:17:04,880
It disgusts me and maybe that’s why I was hesitant to bring it up on the podcast, but

00:17:04,880 –> 00:17:10,280
I just don’t agree with this.

00:17:10,280 –> 00:17:11,960
It gives hackers a bad name.

00:17:11,960 –> 00:17:20,340
It gives a lot of people just a bad name because the way they’re using this, I don’t like it.

00:17:20,340 –> 00:17:24,500
I find it very disturbing to me.

00:17:24,500 –> 00:17:26,060
I don’t agree with it.

00:17:26,060 –> 00:17:28,020
And our company would never do something like this.

00:17:28,020 –> 00:17:31,900
If we found a bug like this, we would immediately report it to Apple.

00:17:31,900 –> 00:17:34,100
We would not be reselling it.

00:17:34,100 –> 00:17:36,140
And I can’t just blame this company.

00:17:36,140 –> 00:17:38,700
There are other companies out there that do it as well.

00:17:38,700 –> 00:17:44,760
And I just have serious issues with it ethically, morally and everything else.

00:17:44,760 –> 00:17:48,000
And like I said, I don’t agree with it.

00:17:48,000 –> 00:17:52,840
And I apologize for getting a little upset here on the podcast, but I just definitely

00:17:52,840 –> 00:17:55,700
this really disturbs me as a security professional.

00:17:55,700 –> 00:18:02,600
So Verizon Wireless had a, and it got hit with a hack the other day that kind of the

00:18:02,600 –> 00:18:09,900
old saying, you know, the dangers within Verizon apparently had an internal employee that managed

00:18:09,900 –> 00:18:12,660
to breach their system.

00:18:12,660 –> 00:18:17,980
They actually, it was in an office in the main area.

00:18:17,980 –> 00:18:22,120
And the reason why, I mean, they didn’t announce it, but it is the main attorney general.

00:18:22,120 –> 00:18:24,780
So it has to be in Maine, at least I think.

00:18:24,780 –> 00:18:29,320
And Verizon discovered the breach December 12th of 2023.

00:18:29,320 –> 00:18:33,060
Nearly three months later, they determined it.

00:18:33,060 –> 00:18:38,700
Apparently they got names, physical addresses, social security numbers, gender, union affiliates,

00:18:38,700 –> 00:18:41,900
birth dates and compensation benefits.

00:18:41,900 –> 00:18:45,780
This seems to be actually Verizon’s employees information.

00:18:45,780 –> 00:18:46,900
And I’m not mistaken.

00:18:46,900 –> 00:18:51,900
It was actually, it doesn’t say it here, but another article I read had said that they

00:18:51,900 –> 00:18:56,160
were speculating that, here we go.

00:18:56,160 –> 00:19:03,420
An employee gained unauthorized access to a file containing sensitive employee information

00:19:03,420 –> 00:19:09,740
on September 21st, but they didn’t discover it until December 12th.

00:19:09,740 –> 00:19:13,580
So they had three months to get all that data together and get it out.

00:19:13,580 –> 00:19:19,900
But apparently, like I said, they have, I believe they have intent.

00:19:19,900 –> 00:19:22,860
I believe they have not referred, who is it?

00:19:22,860 –> 00:19:27,440
They haven’t released who it is yet, but they are on it.

00:19:27,440 –> 00:19:28,900
And like I said, but it’s been three months.

00:19:28,900 –> 00:19:30,000
That’s pretty bad.

00:19:30,000 –> 00:19:33,020
But like I said, it was an internal employee.

00:19:33,020 –> 00:19:36,920
And that’s why I brought this up because sometimes you have to be, sometimes, you know, we’re

00:19:36,920 –> 00:19:40,940
always trying to, as security professionals, we’re always trying to keep people from outside

00:19:40,940 –> 00:19:45,040
to coming in, but sometimes it’s the people inside we’ve got to worry about too.

00:19:45,040 –> 00:19:47,260
And that sometimes is a tough thing as a security professional.

00:19:47,260 –> 00:19:50,000
We’re always worried about what’s coming in from the internet, what’s coming in from the

00:19:50,000 –> 00:19:51,000

00:19:51,000 –> 00:19:54,120
Sometimes it’s the people that are already in your network that are the issue.

00:19:54,120 –> 00:19:57,560
And that was the case here.

00:19:57,560 –> 00:20:04,760
Also too, another thing I wanted to bring up only because JetBrains actually warned

00:20:04,760 –> 00:20:11,380
about this, and I do use JetBrains once in a while for some of my programming, but they

00:20:11,380 –> 00:20:17,380
are warning of a new TeamCity authority bypass vulnerability.

00:20:17,380 –> 00:20:22,180
JetBrains urged customers today to patch their TeamCity on-prem servers.

00:20:22,180 –> 00:20:26,900
Okay, so it’s an on-prem server issue, especially servers against a critical authentication

00:20:26,900 –> 00:20:32,380
bypass vulnerability that can let attackers take over vulnerable instances with admin

00:20:32,380 –> 00:20:33,380

00:20:33,380 –> 00:20:37,940
It’s CVE 2024-23917.

00:20:37,940 –> 00:20:43,260
So if you do use, this is probably going to be most, probably most people are going to

00:20:43,260 –> 00:20:44,260
be developers.

00:20:44,260 –> 00:20:49,960
I know there’s a lot of people using this, it’s more of a developer-based kind of thing.

00:20:49,960 –> 00:20:54,700
But if you are using it, I strongly recommend that you patch immediately.

00:20:54,700 –> 00:21:00,060
So some news that I really wanted to bring up, just because it is relevant and important.

00:21:00,060 –> 00:21:08,140
Apple has released Apple Music, Apple TV, and then a third app, which is going to be

00:21:08,140 –> 00:21:12,340
their iPhone sync app for your computer.

00:21:12,340 –> 00:21:15,100
This is for Windows, obviously not for Mac.

00:21:15,100 –> 00:21:19,140
But the reason why I bring this up is Apple has announced that these are going to be the

00:21:19,140 –> 00:21:23,740
apps they’re going to use, and that they are going to be, they haven’t announced when,

00:21:23,740 –> 00:21:27,340
but they will be deprecating iTunes on the Windows PC.

00:21:27,340 –> 00:21:35,060
So this will eventually be, you know, will replace iTunes, which we’ve all been using

00:21:35,060 –> 00:21:37,100
on Windows for a while now.

00:21:37,100 –> 00:21:41,300
I don’t have, I mean, I’ve used it in the past, I haven’t used it in a while, but pretty

00:21:41,300 –> 00:21:42,300

00:21:42,300 –> 00:21:44,840
So, there’s something to keep an eye on.

00:21:44,840 –> 00:21:48,900
If you get these new apps, you can go ahead and uninstall iTunes.

00:21:48,900 –> 00:21:52,440
And like I said, the reason why I’m bringing that up is because as iTunes gets deprecated,

00:21:52,440 –> 00:21:54,280
they won’t be patching it.

00:21:54,280 –> 00:21:58,820
And you know, they will, I mean, it’s deprecated, it’s not officially gone yet.

00:21:58,820 –> 00:22:02,740
But like I said, you know, it says right here, after you download the Apple Music app, Apple

00:22:02,740 –> 00:22:06,700
TV app, and the Apple Devices app, which is the one I’m talking about that you use for

00:22:06,700 –> 00:22:13,980
syncing and all that on your phone, you won’t see your music or video content in iTunes.

00:22:13,980 –> 00:22:21,140
So this is pretty big, and you can’t use iTunes to mainly sync or manage your phone or iPad

00:22:21,140 –> 00:22:22,140

00:22:22,140 –> 00:22:24,740
It must go through the Apple Devices app.

00:22:24,740 –> 00:22:30,660
However, you can use iTunes to access only your podcasts and audiobooks.

00:22:30,660 –> 00:22:35,900
So I think eventually they’re going to release an audiobook app, and then iTunes will be

00:22:35,900 –> 00:22:38,860
completely deprecated eventually.

00:22:38,860 –> 00:22:43,820
But as of right now, once you install those three apps, iTunes will only do your podcasts

00:22:43,820 –> 00:22:45,060
and your audiobooks.

00:22:45,060 –> 00:22:50,460
My feeling is that they will eventually release an audiobooks app for iTunes, and probably

00:22:50,460 –> 00:22:54,700
eventually the Apple Podcasts app will go ahead and come to Windows.

00:22:54,700 –> 00:23:02,380
I don’t know a ton of people that are using those services on Windows, but Apple is in

00:23:02,380 –> 00:23:06,180
the services business, and they do need to go where customers are, and Microsoft does

00:23:06,180 –> 00:23:11,760
have over two billion people on Windows, so they have to accommodate that.

00:23:11,760 –> 00:23:19,840
But very important to keep an eye on this, because this will mean that eventually iTunes

00:23:19,840 –> 00:23:26,700
won’t be patched, and you could have a piece of software on your device that is vulnerable.

00:23:26,700 –> 00:23:30,940
So very, very important just to know that.

00:23:30,940 –> 00:23:36,700
And I also think it’s cool too that years ago, if you remember, Apple refused to put

00:23:36,700 –> 00:23:41,620
iTunes on Windows, and then eventually somebody talked to Steve Jobs and said, “Listen, if

00:23:41,620 –> 00:23:49,100
we want the iPod to take off, we have to put it on Windows,” because Windows at that time

00:23:49,100 –> 00:23:52,620
was the biggest, and it still is the biggest desktop platform by far.

00:23:52,620 –> 00:24:00,060
Apple only has, I think they said about 125, 150 million PCs out there compared to Microsoft’s

00:24:00,060 –> 00:24:02,700
two, I think over two billion.

00:24:02,700 –> 00:24:05,340
So plus Microsoft too also has the Xbox and stuff like that.

00:24:05,340 –> 00:24:10,260
So it is very important to understand that Microsoft does have a much bigger computing

00:24:10,260 –> 00:24:16,340
platform, but again, they also have people that work.

00:24:16,340 –> 00:24:20,920
They also have the people that work, the people that have at home, and it’s a little bit different.

00:24:20,920 –> 00:24:27,460
But like I said, it’s nice to see Apple saying, “Hey, even though these people aren’t using

00:24:27,460 –> 00:24:32,500
Macs, they’re using Windows machines, we still should really cater to our customers who want

00:24:32,500 –> 00:24:33,500
to use our services.”

00:24:33,500 –> 00:24:38,140
So definitely a different Apple than it was under the Jobs era.

00:24:38,140 –> 00:24:43,700
But like I said, as far as security-wise goes, it is important to be careful as the, like

00:24:43,700 –> 00:24:46,420
I said, and that goes for any app.

00:24:46,420 –> 00:24:51,900
I see people all the time that have outdated software on their computer, like Java and

00:24:51,900 –> 00:24:54,180
stuff, and that is how people get hacked.

00:24:54,180 –> 00:24:57,780
So very important.

00:24:57,780 –> 00:25:02,180
One of the things, the other thing I do want to bring up, a couple of, this is kind of

00:25:02,180 –> 00:25:03,180

00:25:03,180 –> 00:25:08,460
Earlier in the week, Apple had an issue with the Vision Pro, their new product that we

00:25:08,460 –> 00:25:10,860
just talked about that they released last week.

00:25:10,860 –> 00:25:17,020
And if you’ve got your password, you had to actually go to the Apple store to get it fixed.

00:25:17,020 –> 00:25:21,780
Apparently Apple has fixed this issue now, and you can reset your password on the Vision

00:25:21,780 –> 00:25:22,780

00:25:22,780 –> 00:25:27,020
This was a story that was earlier than we, I think it was Monday or Tuesday came out

00:25:27,020 –> 00:25:30,500
that you couldn’t reset your password, and now you can.

00:25:30,500 –> 00:25:35,600
They fixed it, like I said, I think it was Wednesday or Thursday, they released an update.

00:25:35,600 –> 00:25:42,180
So it was a story that I had in the show notes, kind of fixed at this point, but it was pretty

00:25:42,180 –> 00:25:43,180

00:25:43,180 –> 00:25:48,160
People were like very upset that they could not reset their password on Vision Pro.

00:25:48,160 –> 00:25:50,860
And we’ll have to see what happens with the Vision Pro security-wise.

00:25:50,860 –> 00:25:56,300
And the reason why I say that, is you remember Apple, the iPhone started with the Touch ID,

00:25:56,300 –> 00:25:59,340
then obviously with the iPhone X, we went to Face ID.

00:25:59,340 –> 00:26:05,300
And now with the, you know, with their new headset, they actually now have Retina ID.

00:26:05,300 –> 00:26:12,340
I would be very curious to see if Apple will eventually move to Retina ID on other devices.

00:26:12,340 –> 00:26:15,660
I don’t know if they will or if they won’t.

00:26:15,660 –> 00:26:19,720
We still do not have Face ID on the new Macs.

00:26:19,720 –> 00:26:24,580
I thought for sure that would be something by now, but we’re still using Touch ID.

00:26:24,580 –> 00:26:28,780
Again, we’re going to have to see what Apple does with this, because this is where they

00:26:28,780 –> 00:26:34,900
were in a very interesting phase here, because I really thought that by this point Face ID

00:26:34,900 –> 00:26:38,580
would be on the Macs.

00:26:38,580 –> 00:26:41,920
We have Windows Hello, but we don’t have Face ID on the Mac.

00:26:41,920 –> 00:26:43,060
So I thought that was weird.

00:26:43,060 –> 00:26:47,340
But again, I do think it’s very important to point out to everybody, and I say this

00:26:47,340 –> 00:26:52,320
all the time, and I mean no disrespect to anybody that’s on a Mac, because I’m a Mac

00:26:52,320 –> 00:26:59,280
user myself, but you have to understand they have 100,000, 125,000, 150,000, I’m sorry,

00:26:59,280 –> 00:27:03,880
125 million, 150 million Macs out in the world.

00:27:03,880 –> 00:27:07,160
Apple has over a billion iPhones in the world.

00:27:07,160 –> 00:27:14,260
So what Apple has in phones, Microsoft has in desktops.

00:27:14,260 –> 00:27:18,980
You know, Microsoft will always favor the desktop market because they have so many users

00:27:18,980 –> 00:27:19,980
on it.

00:27:19,980 –> 00:27:21,180
Same thing goes, like I said, with Apple.

00:27:21,180 –> 00:27:27,060
They are always going to favor their iPhones and iPads over their Macs just because they

00:27:27,060 –> 00:27:29,980
have so many more people on them.

00:27:29,980 –> 00:27:37,420
Apple is still, whether they will limit it or not, is still really the iPhone company.

00:27:37,420 –> 00:27:39,700
Just because, I mean, don’t get me wrong, they care about their Macs.

00:27:39,700 –> 00:27:43,280
It’s a couple billion dollar a quarter business.

00:27:43,280 –> 00:27:51,300
But when you look at Mac sales versus iPhone and iPad sales, they definitely are still

00:27:51,300 –> 00:27:53,100
the iPhone company.

00:27:53,100 –> 00:27:55,620
And I don’t take anything away from them.

00:27:55,620 –> 00:27:56,800
The same thing with Microsoft.

00:27:56,800 –> 00:27:59,680
They are still the Windows and Microsoft Office company.

00:27:59,680 –> 00:28:04,500
Even though they have Xbox, they have other things, those two are still their cash cows.

00:28:04,500 –> 00:28:05,740
And the same thing goes for Apple.

00:28:05,740 –> 00:28:12,900
So Apple is very slow to adopt these things from their phones to their computers because

00:28:12,900 –> 00:28:17,140
it’s just one of those things like, okay, we want to do this, but it’s going to affect

00:28:17,140 –> 00:28:20,220
such a small amount of our user base compared to doing something on the iPhone.

00:28:20,220 –> 00:28:25,340
So it’s just one of those things, unfortunately, where you just go where the majority of your

00:28:25,340 –> 00:28:26,340
customers are.

00:28:26,340 –> 00:28:36,700
And by far, by double, triple, quadruple, it’s 10 times almost what the iPhone has user

00:28:36,700 –> 00:28:38,420
base compared to the Macs.

00:28:38,420 –> 00:28:40,180
It’s just the way it is.

00:28:40,180 –> 00:28:41,180
Not taking it away from Apple.

00:28:41,180 –> 00:28:46,420
They make great computers, but I’m just saying they are just going to favor their cash cow

00:28:46,420 –> 00:28:49,740
markets versus their other markets.

00:28:49,740 –> 00:28:51,740
That’s just the way it is.

00:28:51,740 –> 00:28:56,180
Some other interesting news that I also found, by the way, I wanted to bring this up.

00:28:56,180 –> 00:29:00,380
Mozilla announced today that they are getting a new CEO.

00:29:00,380 –> 00:29:05,620
Somebody from their current CEO who’s been with the company for 25 years is stepping

00:29:05,620 –> 00:29:09,100
down and somebody else from the board is taking over.

00:29:09,100 –> 00:29:13,140
Not really going to affect probably Mozilla too much, but let’s just wait and see.

00:29:13,140 –> 00:29:15,020
But I thought that was interesting news.

00:29:15,020 –> 00:29:16,820
Mozilla, I really like Mozilla.

00:29:16,820 –> 00:29:22,640
I tell everybody to use Mozilla just because they are a security first browser.

00:29:22,640 –> 00:29:23,640
Very important to me.

00:29:23,640 –> 00:29:27,540
And I tell everybody, use Mozilla if you can.

00:29:27,540 –> 00:29:31,460
I push everybody that way and I apologize to them if I feel like I’m preaching it.

00:29:31,460 –> 00:29:34,300
I don’t get paid by Mozilla to make this announcement.

00:29:34,300 –> 00:29:39,100
It’s just they are very security conscious and very much put the user first.

00:29:39,100 –> 00:29:42,580
And I really, that and like a signal, any of those companies that put users first, I

00:29:42,580 –> 00:29:44,740
really appreciate.

00:29:44,740 –> 00:29:48,240
But Mozilla obviously does have to make some revenue and they have announced today that

00:29:48,240 –> 00:29:54,780
their Mozilla Monitoring Plus, which scrubs the internet for personal information from

00:29:54,780 –> 00:29:57,480
the web for free.

00:29:57,480 –> 00:30:01,740
They have announced that they are having a new $9 per month service called Mozilla Monitor

00:30:01,740 –> 00:30:05,900
Plus and this will automatically scrub for you.

00:30:05,900 –> 00:30:09,420
So it would tell you where your stuff works and you would have to actually manually go

00:30:09,420 –> 00:30:11,760
and do it and do the work yourselves.

00:30:11,760 –> 00:30:15,820
Now for $9 a month it will go do the work for you.

00:30:15,820 –> 00:30:20,560
Again if you don’t, I know we’re all in subscription fatigue, but if you want to keep your stuff

00:30:20,560 –> 00:30:23,360
off the internet this would be worth $9 a month.

00:30:23,360 –> 00:30:27,700
If you want to do it for free that’s fine, you just have to do all the manual work.

00:30:27,700 –> 00:30:29,180
So very important.

00:30:29,180 –> 00:30:31,160
I wanted to bring that up because it is a service.

00:30:31,160 –> 00:30:33,060
I do tell people to use.

00:30:33,060 –> 00:30:38,320
I would recommend if you do know somebody who is not the most tech savvy person, it

00:30:38,320 –> 00:30:41,560
may actually be the right step.

00:30:41,560 –> 00:30:46,740
Maybe it’s the kind of person that your grandmother or your mom who’s not overly tech savvy say,

00:30:46,740 –> 00:30:50,220
“Hey, maybe it’s worth the $9 a month for you if you’re worried about your security.”

00:30:50,220 –> 00:30:54,180
If it’s somebody like us who can handle all the technical stuff, you do it yourself.

00:30:54,180 –> 00:30:58,460
So I thought that was really interesting and really important and I just wanted to bring

00:30:58,460 –> 00:30:59,460
that up.

00:30:59,460 –> 00:31:04,580
So speaking of open source by the way, something else I wanted to point out.

00:31:04,580 –> 00:31:10,300
Apple today or this week announced that it is launching a new open source programming

00:31:10,300 –> 00:31:13,180
language that’s called PKL.

00:31:13,180 –> 00:31:17,340
Now I was going to confuse PKI because I confuse those myself too.

00:31:17,340 –> 00:31:19,220
I was like, “Wait, don’t we already have this?”

00:31:19,220 –> 00:31:27,100
But no, it launched February 1 of 2024 with Hinta version 0.25.

00:31:27,100 –> 00:31:33,300
It’s going to be used, it’s designed around a key value structure in the main system.

00:31:33,300 –> 00:31:37,620
I’m not going to get too techy into it, but they have launched this and what basically

00:31:37,620 –> 00:31:43,300
the goal of this is, it’s supposed to be an embedded configuration language hoping to

00:31:43,300 –> 00:31:49,960
take the stress out of the small to large or simple to complex, ad hoc to repetitive

00:31:49,960 –> 00:31:52,560
configurations tasks.

00:31:52,560 –> 00:31:55,620
So go look into it more if you’re interested.

00:31:55,620 –> 00:31:58,860
I’m actually not overly interested in this.

00:31:58,860 –> 00:32:03,040
I know a couple of people I know on Twitter that were talking about it.

00:32:03,040 –> 00:32:09,140
They said it’s very nice, it’s very simple, easy to use, it’s good for simple stuff.

00:32:09,140 –> 00:32:11,220
It is actually on GitHub if you want to go ahead and look at the code.

00:32:11,220 –> 00:32:15,340
Like I said, I just wanted to bring that up because they have open source another programming

00:32:15,340 –> 00:32:16,340

00:32:16,340 –> 00:32:20,100
So kind of interesting, thought it was really cool.

00:32:20,100 –> 00:32:26,760
And also too, I wanted to bring up another thing that was like, they’ve been very taken

00:32:26,760 –> 00:32:30,500
care of it, but it was on bleeping computers, so it’s worth noting it.

00:32:30,500 –> 00:32:33,820
Mastodon had a vulnerability that has those hackers to take over accounts.

00:32:33,820 –> 00:32:36,300
Like I said, that was very late last week, early this week.

00:32:36,300 –> 00:32:38,020
I think we were ready to record the podcast.

00:32:38,020 –> 00:32:44,060
It’s already been taken care of CVE 2024-23832.

00:32:44,060 –> 00:32:51,580
And like I said, it stems from insufficient origin validation to Mastodon, allowing attackers

00:32:51,580 –> 00:32:52,580
to take over accounts.

00:32:52,580 –> 00:32:59,500
The reason why I brought it up, it was rated 9.4, which is kind of why I brought it up.

00:32:59,500 –> 00:33:04,000
It impacts all Mastodon versions before 3.5.17.

00:33:04,000 –> 00:33:09,540
So if you are running your own Mastodon server, go ahead and patch it.

00:33:09,540 –> 00:33:15,580
The flaw was fixed, like I said, in 4.2.5 released a couple days ago.

00:33:15,580 –> 00:33:19,780
So just go ahead and up your new version.

00:33:19,780 –> 00:33:25,420
Like I said, it’s the version before 3.5.17.

00:33:25,420 –> 00:33:29,300
So if you’re on 4, you should be okay.

00:33:29,300 –> 00:33:31,460
But I would upgrade to the latest version anyway.

00:33:31,460 –> 00:33:38,140
Like I said, it’s already been patched, but like I said, that was late last week where

00:33:38,140 –> 00:33:39,140
they talked about it.

00:33:39,140 –> 00:33:42,700
I just wanted to bring it up because I know a bunch of us here run our own Mastodon instances.

00:33:42,700 –> 00:33:46,060
One thing that’s nice, if you’re on something like Masthope or something like that, one

00:33:46,060 –> 00:33:50,320
of those hosted platforms, you actually can’t patch it for you.

00:33:50,320 –> 00:33:54,300
So I thought that was, that’s one of the nice parts about having hosted solutions.

00:33:54,300 –> 00:33:56,180
You know, it does it for you.

00:33:56,180 –> 00:34:00,720
So by the way, I wanted to point, the other thing that was on bleeping computer, which

00:34:00,720 –> 00:34:05,660
caught my attention again late last week, it didn’t make the podcast because I had recorded

00:34:05,660 –> 00:34:12,460
it by the time, but Clorox said they had a cyber attack caused 49 million in expenses.

00:34:12,460 –> 00:34:13,460

00:34:13,460 –> 00:34:19,620
I mean, I mean, they have, sure they have insurance, probably cyber insurance, but like

00:34:19,620 –> 00:34:28,820
I said, it affected 8,700 employees and almost 7.5 billion in revenue last year for the company.

00:34:28,820 –> 00:34:32,980
And they got hacked on August 11th.

00:34:32,980 –> 00:34:36,620
And it actually, like I said, they actually, they’re not saying what it was, but they were

00:34:36,620 –> 00:34:43,020
saying that when they reported their final, their earnings for last year, they had said

00:34:43,020 –> 00:34:47,360
that they had a big loss because of this cyber attack.

00:34:47,360 –> 00:34:52,980
So like I said, it cost the company, you know, quite a bit of money.

00:34:52,980 –> 00:34:57,220
Remember Johnson Controls had a hack like that a couple months, it was a couple months

00:34:57,220 –> 00:34:59,980
ago that took their whole systems down.

00:34:59,980 –> 00:35:02,400
So you know, these cyber attacks are big.

00:35:02,400 –> 00:35:05,600
They affect companies, they cost companies money.

00:35:05,600 –> 00:35:09,720
And like I said, a lot of these companies have cyber insurance, but it’s just important

00:35:09,720 –> 00:35:13,000
to be aware of it.

00:35:13,000 –> 00:35:17,820
One thing I do want to talk about with Windows anyway, Microsoft has announced that they

00:35:17,820 –> 00:35:21,940
are bringing the Linux pseudo command to Windows server.

00:35:21,940 –> 00:35:26,940
That was big news again late last week, but I just want to bring that up because Microsoft

00:35:26,940 –> 00:35:30,360
is, I mean, definitely a different Microsoft guys than it was years ago.

00:35:30,360 –> 00:35:33,360
I know for a fact Microsoft used to be anti Linux.

00:35:33,360 –> 00:35:38,580
Now pretty much the majority of servers on Azure are Linux, but, and obviously you have

00:35:38,580 –> 00:35:42,780
the sub, you know, the Android subsystem for Windows and the Android subsystem for Linux.

00:35:42,780 –> 00:35:47,300
But Microsoft now says they’re bringing the Linux pseudo command feature to Windows 20,

00:35:47,300 –> 00:35:52,400
Windows server 2025 offering a new way for people to elevate themselves.

00:35:52,400 –> 00:35:54,080
So I thought that was interesting.

00:35:54,080 –> 00:35:57,960
They’re testing it and it’s going to be in an insider preview.

00:35:57,960 –> 00:36:00,040
So that was a big news.

00:36:00,040 –> 00:36:03,440
It really is news for Microsoft, see Microsoft embracing the open source and Linux.

00:36:03,440 –> 00:36:08,360
It definitely is a different company than it was under Balmer or Gates.

00:36:08,360 –> 00:36:11,520
And I mean, I think at the time they were the right CEOs, but now with open source being

00:36:11,520 –> 00:36:16,040
what it is and stuff like that, you know, adapt or adapt or die, right?

00:36:16,040 –> 00:36:17,360
Some news out of Denmark.

00:36:17,360 –> 00:36:20,960
And the only reason why I’m bringing this up is this is quite interesting.

00:36:20,960 –> 00:36:25,320
Denmark ordered schools to stop sending student data to Google.

00:36:25,320 –> 00:36:29,760
Danish, I wonder if this is really important because a lot of school districts in America

00:36:29,760 –> 00:36:32,240
use Google workspace.

00:36:32,240 –> 00:36:37,840
Danish data protection authority has issued an injunction regarding student data being

00:36:37,840 –> 00:36:43,640
funneled through Google using Chromebook and Google workspaces in schools.

00:36:43,640 –> 00:36:50,160
The matter was brought up by an agency stating that kids being, one, they don’t think it’s

00:36:50,160 –> 00:36:53,840
right that young kids data is going out onto the internet.

00:36:53,840 –> 00:37:05,520
They’re saying that Google is analyzing documents with personal data on them, allowing Google

00:37:05,520 –> 00:37:10,280
to build a profile on kids before they’re even of age to understand what it is.

00:37:10,280 –> 00:37:14,680
They were announced that they must cease the transfer of personal data to Google for specific

00:37:14,680 –> 00:37:18,240

00:37:18,240 –> 00:37:22,440
They want to ensure that Google refrains from processing the data and building profiles

00:37:22,440 –> 00:37:23,920
on kids and stuff like that.

00:37:23,920 –> 00:37:31,400
Like I said, it’s actually pretty big news because there is no on-prem version of Google

00:37:31,400 –> 00:37:35,480
workspace like there is with Microsoft and SharePoint and stuff like that.

00:37:35,480 –> 00:37:38,000
So this is actually pretty big news.

00:37:38,000 –> 00:37:42,800
Like I said, it’s one of those things where, you know, they want to, I get what they’re

00:37:42,800 –> 00:37:43,800
trying to do.

00:37:43,800 –> 00:37:47,480
They’re trying to say, well, Google workspace for education, Chrome OS, Chrome, all that’s

00:37:47,480 –> 00:37:48,480
gathering data.

00:37:48,480 –> 00:37:51,120
They’re building profiles on these kids when the kids are in kindergarten, first grade,

00:37:51,120 –> 00:37:52,600
second grade, they don’t understand.

00:37:52,600 –> 00:37:55,680
They have no way of knowing what’s going to happen later on down the road.

00:37:55,680 –> 00:37:58,440
So I mean, it’s a really tough, tough thing.

00:37:58,440 –> 00:38:05,280
I have been saying this for a while, but again, it’s a tough thing because the problem is,

00:38:05,280 –> 00:38:14,080
is Google is a much lower cost in the door than Windows or Mac.

00:38:14,080 –> 00:38:18,520
Obviously iPads, obviously, you know, the iPad could last a kid, you know, his whole

00:38:18,520 –> 00:38:22,960
career because Apple really, you know, has let the iPad, you know, kid may only need

00:38:22,960 –> 00:38:27,940
two iPads over the course of his entire 13 years or three where a Chromebook is every

00:38:27,940 –> 00:38:29,640
three or four years yet to replace it.

00:38:29,640 –> 00:38:33,920
But Chromebook is also like 200 bucks compared to an iPad.

00:38:33,920 –> 00:38:41,080
So you know, that’s how Google kind of got in the door with these sorts of things because,

00:38:41,080 –> 00:38:45,120
you know, a Chromebook is, you know, 200 bucks and then, you know, three years place, you

00:38:45,120 –> 00:38:49,600
know, 200 bucks, 200 dollar device and then the kids has now, now it’s been in service

00:38:49,600 –> 00:38:50,600
for eight years.

00:38:50,600 –> 00:38:54,080
Whereas an iPad, you know, you’re looking at, we got to lay out five, six, $700.

00:38:54,080 –> 00:38:56,160
So that’s kind of how Google got in the door.

00:38:56,160 –> 00:39:01,520
But and then two windows machines, you know, are expensive to, you know, they’re looking

00:39:01,520 –> 00:39:04,560
at, well, windows machines, you got to maintain it.

00:39:04,560 –> 00:39:07,680
You got to upgrade it where the Chromebook was simple and easy.

00:39:07,680 –> 00:39:11,880
I mean it, I mean, both, both platforms do have their advantage.

00:39:11,880 –> 00:39:17,960
I will say that, but I guess what they’re saying now is, you know, it’s getting, I kind

00:39:17,960 –> 00:39:19,360
of get what they’re saying.

00:39:19,360 –> 00:39:23,060
It’s, it’s, you’re, you’re building profiles on kids and they don’t even understand what

00:39:23,060 –> 00:39:26,760
they’re sharing or what they’re sharing and how they’re sharing and they’re, I mean, it

00:39:26,760 –> 00:39:30,240
is, it is a pretty interesting topic.

00:39:30,240 –> 00:39:35,320
I’ve always said to, I don’t understand how Google gets around the whole, you know, you’re

00:39:35,320 –> 00:39:38,720
not 13, you’re, so you’re not supposed to have an account on the internet, but yet they

00:39:38,720 –> 00:39:43,920
get around it because it’s their workspace product or their education product or, you

00:39:43,920 –> 00:39:46,840
know, the years of, okay, well kids can’t be on the internet till they’re a certain

00:39:46,840 –> 00:39:47,840

00:39:47,840 –> 00:39:51,560
Well, Chromebook is always connected and Google specifically collects everything in the cloud

00:39:51,560 –> 00:39:53,600
so that they can have it, analyze it, look at it.

00:39:53,600 –> 00:39:56,520
I mean, it’s, it’s definitely a controversial topic.

00:39:56,520 –> 00:40:01,760
I’m not saying I don’t, I don’t necessarily disagree with Denmark personally, but unfortunately

00:40:01,760 –> 00:40:04,320
it’s the way it is in America.

00:40:04,320 –> 00:40:09,320
And I don’t think Google has gotten a big foothold in America and muscled out Microsoft.

00:40:09,320 –> 00:40:13,020
You remember when I was younger growing up, everybody had Microsoft windows and those

00:40:13,020 –> 00:40:15,600
kids were conditioned to be Microsoft’s future customers.

00:40:15,600 –> 00:40:16,600
That worked out.

00:40:16,600 –> 00:40:20,040
Well now Google’s saying, well, if we do this, those people will be our future customers.

00:40:20,040 –> 00:40:24,640
You know, it’s, it’s, you know, it’s the same reason why Apple’s trying to keep iPhones

00:40:24,640 –> 00:40:28,800
in schools and stuff like that because they want kids to learn iOS so that they become

00:40:28,800 –> 00:40:30,800
future customers.

00:40:30,800 –> 00:40:33,160
It’s just, you know, it’s conditioning, man.

00:40:33,160 –> 00:40:35,040
It’s just the way it is.

00:40:35,040 –> 00:40:38,480
The other thing I think this is the last funny story I want to bring up, and this will be

00:40:38,480 –> 00:40:41,320
the last news story of the week.

00:40:41,320 –> 00:40:47,360
Apparently there was a 3 million electric two buses were used in a DDoS attack.

00:40:47,360 –> 00:40:52,120
Apparently the news site announced that a cyber security firm for tonight, fortunate,

00:40:52,120 –> 00:40:57,120
excuse me, said three million electrocute buses were infected with Java malware and

00:40:57,120 –> 00:41:01,000
were used to conduct a DDoS attack against a Swiss company.

00:41:01,000 –> 00:41:07,080
Um, again, any internet connected device can be used as a weapon.

00:41:07,080 –> 00:41:10,720
Uh, it’s the same thing like the refrigerators that were being used.

00:41:10,720 –> 00:41:15,000
Uh, remember in a DDoS attack a while back, this is a very similar thing.

00:41:15,000 –> 00:41:18,320
So it’s made funny that it’s electric toothbrushes.

00:41:18,320 –> 00:41:20,680
So I thought that was really funny.

00:41:20,680 –> 00:41:24,840
And uh, you know, like I said, any internet connected device can be used as a weapon folks.

00:41:24,840 –> 00:41:30,980
Like it’s just, you know, if somebody can hack it, somebody can, uh, can use it as a

00:41:30,980 –> 00:41:31,980

00:41:31,980 –> 00:41:33,260
But I thought it was funny.

00:41:33,260 –> 00:41:38,520
It was three, it was three million electric toothbrushes.

00:41:38,520 –> 00:41:40,080
That’s just hysterical.

00:41:40,080 –> 00:41:44,780
Um, shows you that you should, you know, not be using Java.

00:41:44,780 –> 00:41:49,160
And uh, what’s even more funny is they, uh, when they were testing these things, they

00:41:49,160 –> 00:41:55,080
found that most of the toothbrushes were using default passwords and default, um, all the

00:41:55,080 –> 00:41:56,080
defaults were set.

00:41:56,080 –> 00:42:01,820
Yeah, because who the heck thinks that, you know, who thinks to change the password on

00:42:01,820 –> 00:42:02,820
their toothbrush?

00:42:02,820 –> 00:42:04,820
I mean, think about it.

00:42:04,820 –> 00:42:07,940
Uh, you know, and this is what the tweets out of this story were great.

00:42:07,940 –> 00:42:10,460
Somebody was like, somebody was like, what is wrong with people?

00:42:10,460 –> 00:42:11,460
There’s no details.

00:42:11,460 –> 00:42:14,600
Like who, who is the target of the DDoS?

00:42:14,600 –> 00:42:15,600
What happened?

00:42:15,600 –> 00:42:16,600
What brand of toothbrushes?

00:42:16,600 –> 00:42:19,640
Uh, you know, people are like, I don’t understand this.

00:42:19,640 –> 00:42:22,420
This is why would somebody hijack somebody’s toothbrush?

00:42:22,420 –> 00:42:24,740
I mean, it was just, some of these were funny.

00:42:24,740 –> 00:42:27,780
I mean, again, they haven’t released much of it yet.

00:42:27,780 –> 00:42:31,840
Uh, the devices, I’m sure there’s going to be an update for the devices to patch them.

00:42:31,840 –> 00:42:35,660
But um, you know, it’s just hysterical.

00:42:35,660 –> 00:42:37,660
Uh, it’s just unbelievable.

00:42:37,660 –> 00:42:39,660
I just, it’s funny.

00:42:39,660 –> 00:42:43,260
I mean, uh, toothbrushes, you know, it’s just, you always get that one story of the week

00:42:43,260 –> 00:42:44,260
that always makes you laugh.

00:42:44,260 –> 00:42:49,120
And uh, here you are brushing your teeth and meanwhile you’re, uh, you’re DDoSing somebody.

00:42:49,120 –> 00:42:50,580
So I thought that was pretty funny.

00:42:50,580 –> 00:42:56,200
That along with the, uh, the, uh, the novel one, uh, my opinion were the two best stories

00:42:56,200 –> 00:42:58,060
of the week this week as far as funny goes.

00:42:58,060 –> 00:42:59,820
Um, I do want to point out folks as well.

00:42:59,820 –> 00:43:03,420
Uh, I do want to get to one thing here before we get to the end of the show.

00:43:03,420 –> 00:43:04,620
Uh, listener feedback.

00:43:04,620 –> 00:43:07,220
I cleaned out the mailbag today.

00:43:07,220 –> 00:43:09,140
I do appreciate all listener feedback.

00:43:09,140 –> 00:43:12,260
A bunch of people that they really like to show.

00:43:12,260 –> 00:43:13,980
Shows really well, well done.

00:43:13,980 –> 00:43:16,420
Uh, most, most comments pretty positive.

00:43:16,420 –> 00:43:19,140
Um, I will say that, but I do appreciate the feedback.

00:43:19,140 –> 00:43:22,660
Again, it’ll be in the show notes,

00:43:22,660 –> 00:43:23,660
Send in all your information.

00:43:23,660 –> 00:43:24,900
That’s the best way to reach me.

00:43:24,900 –> 00:43:30,340
Um, and I will go ahead and take care of trying to get as much as I can on the show.

00:43:30,340 –> 00:43:35,740
Uh, somebody had pointed out to me that the co-pilot, so we talked about co-pilot last

00:43:35,740 –> 00:43:36,740

00:43:36,740 –> 00:43:41,780
We talked about it again this week, but a co-pilot does not run on Firefox.

00:43:41,780 –> 00:43:43,260
Only chromium based.

00:43:43,260 –> 00:43:47,100
Uh, the chat GPT though works on Mac and Firefox.

00:43:47,100 –> 00:43:48,100
So they want to play on them.

00:43:48,100 –> 00:43:55,380
Microsoft co-pilot, if you’re going to use co-pilot by co-pilot, it does not run on Firefox.

00:43:55,380 –> 00:43:56,620
Only chat GPT does.

00:43:56,620 –> 00:43:59,540
And chat GPT also works on the Mac and Firefox.

00:43:59,540 –> 00:44:03,900
I will say, I do know that chat GPT is much more cross platform.

00:44:03,900 –> 00:44:06,180
Uh, obviously Microsoft’s not really that worried.

00:44:06,180 –> 00:44:10,980
I do know office for the Mac does have co-pilot, but Microsoft obviously not as worried about

00:44:10,980 –> 00:44:15,240
bringing co-pilot to the Mac desktop because it’s their co-pilot.

00:44:15,240 –> 00:44:16,980
They want you to use Windows.

00:44:16,980 –> 00:44:21,380
Um, but chat, if you do want to spend $20 a month, chat GPT does work on all platforms.

00:44:21,380 –> 00:44:22,660
It’s more cross platform.

00:44:22,660 –> 00:44:26,880
So a very, very important that.

00:44:26,880 –> 00:44:30,500
Also too, somebody had pointed out to me, and I did want to bring this up on the show

00:44:30,500 –> 00:44:32,460
because I felt it was really important.

00:44:32,460 –> 00:44:40,100
Um, if you go to Microsoft OneNote, uh, it actually comes up with a message that said,

00:44:40,100 –> 00:44:42,860
this browser has no longer supported.

00:44:42,860 –> 00:44:49,900
Um, kind of implying that Microsoft is very focused on edge and chromium based browsers

00:44:49,900 –> 00:44:51,980
and really doesn’t care about Firefox anymore.

00:44:51,980 –> 00:44:56,660
Um, I do notice that some other people have pointed out too, that certain things, uh,

00:44:56,660 –> 00:44:58,100
don’t work in Firefox.

00:44:58,100 –> 00:45:03,500
Um, certain sites, um, you know, that, and unfortunately that’s just the way it is.

00:45:03,500 –> 00:45:10,640
Firefox is, uh, definitely the, the smaller, and unfortunately if you are using the smaller,

00:45:10,640 –> 00:45:13,560
less known browser, you’re going to run into issues like this.

00:45:13,560 –> 00:45:17,220
Most of the companies now are focused on the chromium based browsers.

00:45:17,220 –> 00:45:22,780
Um, the only thing I can recommend to you if you, if this is a problem for you, um,

00:45:22,780 –> 00:45:28,320
is to go ahead and use Brave, which is a security focused browser, but it is built on chromium.

00:45:28,320 –> 00:45:33,420
So that is the only option I would recommend, but I am glad somebody pointed that out and

00:45:33,420 –> 00:45:35,060
I really do appreciate that.

00:45:35,060 –> 00:45:38,780
Um, like I said, if you are, if you do have to use a chromium based browser and some people

00:45:38,780 –> 00:45:42,300
do, um, like I said, I recommend using Brave if you can.

00:45:42,300 –> 00:45:45,520
Um, also too, I didn’t want to, nobody else put this into me.

00:45:45,520 –> 00:45:48,240
We were talking about hard drives and stuff like that.

00:45:48,240 –> 00:45:55,480
Um, I, I didn’t get a chance to really too much dig into it, but a recent report declared

00:45:55,480 –> 00:46:06,220
that the quality of, of actual micro SDs and USB sticks and stuff like that, uh, are actually

00:46:06,220 –> 00:46:07,220
on the decline.

00:46:07,220 –> 00:46:11,980
They’re saying that they’re finding that, that USB sticks and micro SDs are becoming

00:46:11,980 –> 00:46:13,620
less and less reliable.

00:46:13,620 –> 00:46:16,220
Uh, so I thought that was really interesting.

00:46:16,220 –> 00:46:18,420
Um, I have talked about Spinrite a few times.

00:46:18,420 –> 00:46:22,280
I know Steve Gibson over on Twit, uh, does the security now podcast.

00:46:22,280 –> 00:46:23,280
He creates it.

00:46:23,280 –> 00:46:25,820
It is, I think it is one of the best hard drive recovery tools.

00:46:25,820 –> 00:46:27,860
I actually do buy a copy of it.

00:46:27,860 –> 00:46:29,980
Um, I think I’m, I’m thinking I have six right now.

00:46:29,980 –> 00:46:34,700
I didn’t get his latest version, but I did get six and, uh, it is a really great, you

00:46:34,700 –> 00:46:35,780
can use it on drives.

00:46:35,780 –> 00:46:36,780
It works on solid states.

00:46:36,780 –> 00:46:41,380
It works on all stuff and, uh, it will work on jump drives and, and SD cards and stuff

00:46:41,380 –> 00:46:42,380
like that.

00:46:42,380 –> 00:46:43,980
So, um, go ahead and use that.

00:46:43,980 –> 00:46:49,580
I do understand that a lot of the quality, unfortunately, of these, these sticks and

00:46:49,580 –> 00:46:52,540
stuff is all going to be made in a cheaply in places.

00:46:52,540 –> 00:46:53,540
And that’s unfortunate.

00:46:53,540 –> 00:46:57,500
Uh, I always tell everybody, if you’re going to buy USB sticks, if you’re going to buy

00:46:57,500 –> 00:47:03,140
micro SDs, uh, cards, stuff like that, try to buy name brand like scan disc and stuff

00:47:03,140 –> 00:47:07,780
like that, just because you know, they’re not going to come from this little place in

00:47:07,780 –> 00:47:11,020
China that puts viruses and stuff like that on them, because that’s what happens.

00:47:11,020 –> 00:47:14,620
A lot of these cheaper sticks, yeah, they’ll work on your machine, but they also infect

00:47:14,620 –> 00:47:15,620
your machine.

00:47:15,620 –> 00:47:19,180
Um, and I don’t know if a lot of people don’t know that, but that’s kind of a gimmick is

00:47:19,180 –> 00:47:23,100
I’ll buy these, these jump drives, infect them with something and they’ll post them

00:47:23,100 –> 00:47:26,900
up on Amazon cheaply and hope people will buy them.

00:47:26,900 –> 00:47:31,380
That’s a cheap way of me, uh, distributing my virus and an easy way of me building a

00:47:31,380 –> 00:47:34,460
botnet for relatively cheaply and I don’t have to worry about hacking or anything like

00:47:34,460 –> 00:47:35,460

00:47:35,460 –> 00:47:37,140
Just people sticking their USB sticks in.

00:47:37,140 –> 00:47:38,500
So very important.

00:47:38,500 –> 00:47:44,220
Um, also too, uh, I do want to point out too, I made a mistake yesterday and, or the other

00:47:44,220 –> 00:47:48,820
day, last week on the podcast and they pointed out to me yesterday, um, Spinrite will actually

00:47:48,820 –> 00:47:50,500
work on an Intel based Mac.

00:47:50,500 –> 00:47:54,300
I did say that it does not work on Mac and I was wrong.

00:47:54,300 –> 00:47:57,420
It works on Intel based Macs.

00:47:57,420 –> 00:48:00,820
Uh, but you need the latest version 6.1.

00:48:00,820 –> 00:48:02,580
So I do want to point that out because that was really important.

00:48:02,580 –> 00:48:03,860
Somebody did bring that up to my attention.

00:48:03,860 –> 00:48:08,300
He said, Hey Steve, on the last couple episodes ago said that it does work on Intel Mac 6.1.

00:48:08,300 –> 00:48:11,620
Uh, does not work on M1 Macs, but still works on Intel.

00:48:11,620 –> 00:48:15,580
So if you have somebody on Intel Mac that’s having hard drive issues, uh, you could actually

00:48:15,580 –> 00:48:16,900
use Spinrite to help them out.

00:48:16,900 –> 00:48:20,620
So I just wanted to bring that up and, uh, cause I misspoke.

00:48:20,620 –> 00:48:24,780
So also too, again, folks, if you do have anything that you want to send in, uh, anything

00:48:24,780 –> 00:48:28,700
again, go to is my email.

00:48:28,700 –> 00:48:29,700
Please send it in.

00:48:29,700 –> 00:48:31,500
I appreciate all the feedback and I love it.

00:48:31,500 –> 00:48:33,340
Uh, I want to thank you very much for listening.

00:48:33,340 –> 00:48:36,020
I apologize for my voice and not feeling well today.

00:48:36,020 –> 00:48:39,580
Um, but like I said, I do want to get the show out because I really enjoyed doing it

00:48:39,580 –> 00:48:41,220
and I felt it was important.

00:48:41,220 –> 00:48:44,900
I want to thank everybody for listening and we will see you on the next episode.

00:48:44,900 –> 00:48:45,900
Thank you very much.

00:48:45,900 –> 00:48:47,940
(dramatic music)

00:48:47,940 –> 00:48:48,440

Apple Zero Day Sold To Government

Today on the show we get into three zero-day vulnerabilities that the government is using to get into iPhones. We talk about Chinese hackers in the US networks for five years targeting communications, energy, transportation, and water systems. China’s ICBC was hit with a ransomware attack but was saved by Novell Netware. Plus this week’s listener feedback and was your toothbrush part of a DDoS attack.

We Talk New of The Week

  • Critical Vulnerability Affecting Most Linux Distros
  • Microsoft bringing Linux sudo command to Windows Server 2025
  • Denmark orders schools to stop sending student data to Google
  • Clorox says cyberattack caused $49 million in expenses
  • Mastodon vulnerability allows attackers to take over accounts
  • Mozilla Monitor Plus Scrubs Your Leaked Personal Information
  • Apple just launched a new open-source programming language
  • JetBrains warns of new TeamCity auth bypass vulnerability
  • Apple iTunes Going Away For New Apps
  • Verizon insider data breach hits over 63,000 employees

The Security Assessment Podcast is Brought To You By Lipani Security LLC.

Send Questions To –

(Full Show Transcript)

Fighting Ransomware Attacks

Today on the show we talk about Ransomware Attacks and using an Albert Sensor. The CISA has a ransomware pilot program to help fight attacks across all sectors at Microsoft releases preview of Windows Server 2025 with includes hotpatch which is a feature that allows you to patch servers without a reboot. Plus a batch of listener feedback and questions.

We Talk News of The Week

  • Samsung extends Android updates from 5 to 7 years
  • Kansas City public transportation authority hit by ransomware
  • US Department HHS gets 7.5 Million Stolen
  • Cloudflare Has A Security Breach
  • Mercedes-Benz Leaves Private Key In Public Repository
  • HP class action lawsuit over printer bricking

The Security Assessment Podcast is Brought To You By Lipani Security LLC.

Send Questions To –

(Full Show Transcript)

Fighting Ransomware Attacks (Transcript)

(Full Show Audio)

00:00:00.000 –> 00:00:05.640
All right, folks, you’ve hit the download button on Security Assessment Podcast, brought

00:00:05.640 –> 00:00:08.560
to you by our company, Lipani Security.

00:00:08.560 –> 00:00:12.640
If you’re interested, go to the link in the show notes below and check out all of our

00:00:12.640 –> 00:00:19.800
services software that we offer, as well as our blogs about security in all our past podcast

00:00:19.800 –> 00:00:20.800

00:00:20.800 –> 00:00:34.000
I want to thank you all for listening and let the show begin.

00:00:34.000 –> 00:00:39.840
All right, folks, and welcome to another episode of the Security Assessment Podcast.

00:00:39.840 –> 00:00:43.320
I’m going to thank you all as always for listening.

00:00:43.320 –> 00:00:46.920
I am your host, Brandon.

00:00:46.920 –> 00:00:51.120
A lot to talk about as there always is in the world of security, but one of the things

00:00:51.120 –> 00:00:56.200
I do want to talk about real quickly is, because it’s so huge as far as a new product line

00:00:56.200 –> 00:01:01.000
and a big launch, and Apple obviously launching the Vision Pro.

00:01:01.000 –> 00:01:04.280
They just released a recording of this on Saturday, so everybody would have gotten them

00:01:04.280 –> 00:01:06.560
yesterday that ordered them on the pre-release.

00:01:06.560 –> 00:01:12.160
So, but big news, a lot of YouTube videos coming out last couple of days, a lot of the

00:01:12.160 –> 00:01:17.440
embargo was lifted from Apple, so a lot of the YouTubers are showing it now and stuff.

00:01:17.440 –> 00:01:20.840
So we’re not exactly, like I said, I have not touched one yet.

00:01:20.840 –> 00:01:22.120
I haven’t messed with one.

00:01:22.120 –> 00:01:26.200
I know a lot of people are able to go into stores and mess with them and things like

00:01:26.200 –> 00:01:27.200

00:01:27.200 –> 00:01:30.200
Like I said, I have not yet, but I did watch some of the reviews.

00:01:30.200 –> 00:01:32.160
It does look very cool.

00:01:32.160 –> 00:01:33.920
I like the multi-screen thing.

00:01:33.920 –> 00:01:36.520
I’m not sure what I would actually use it for.

00:01:36.520 –> 00:01:38.440
I’m a big Mac user.

00:01:38.440 –> 00:01:39.440
I do like my Mac.

00:01:39.440 –> 00:01:43.080
I do like my iPhone, my Apple Watch, my headphones, stuff like that.

00:01:43.080 –> 00:01:46.080
But I’m not really sure what I would actually use it for.

00:01:46.080 –> 00:01:48.200
It does look very cool.

00:01:48.200 –> 00:01:51.720
I definitely can see it being a big thing for Apple.

00:01:51.720 –> 00:01:55.520
I know they do have a little bit of a supply chain issue with it because they can only

00:01:55.520 –> 00:01:59.040
get so many screens right now.

00:01:59.040 –> 00:02:00.900
But like I said, I did want to bring that up.

00:02:00.900 –> 00:02:03.640
Those of you that haven’t seen it, go and check out all the reviews.

00:02:03.640 –> 00:02:08.800
I, Justine, had a really good 25-minute review, and a bunch of other people have had reviews

00:02:08.800 –> 00:02:09.800

00:02:09.800 –> 00:02:13.320
I’m sure we will, as the next couple weeks go on, I’m sure we’ll see more and more of

00:02:13.320 –> 00:02:14.840
these reviews.

00:02:14.840 –> 00:02:18.840
But a very big new category for Apple that they aren’t in yet.

00:02:18.840 –> 00:02:21.840
And maybe this would be the big push that VR needs.

00:02:21.840 –> 00:02:22.920
We do not know.

00:02:22.920 –> 00:02:27.720
So like I said, that was, I think, the biggest news of the week.

00:02:27.720 –> 00:02:31.080
And fortunately, when you have a lot of big news like this, when Apple releases a big

00:02:31.080 –> 00:02:34.340
thing like this, it drowns out quite a bit of the other news.

00:02:34.340 –> 00:02:37.000
So we’ll talk about that here today.

00:02:37.000 –> 00:02:43.600
But like I said, it was really kind of a monumental moment, the fact that Apple’s in a new space.

00:02:43.600 –> 00:02:46.680
I think it’s going to work out pretty well for Apple.

00:02:46.680 –> 00:02:48.800
Apple doesn’t always do well in new spaces.

00:02:48.800 –> 00:02:53.680
Remember the HomePod, that’s an area where they really haven’t thrived.

00:02:53.680 –> 00:02:56.040
They’ve had some over the years in the Netbook space.

00:02:56.040 –> 00:02:57.320
I don’t know if you guys remember that.

00:02:57.320 –> 00:03:00.080
This is back in probably the early 2000s.

00:03:00.080 –> 00:03:01.660
They tried to get into the Netbook space.

00:03:01.660 –> 00:03:03.840
That didn’t work out for them.

00:03:03.840 –> 00:03:08.480
The services business is doing very well, but again, how many people are using Apple

00:03:08.480 –> 00:03:12.260
Plus and Apple Music versus how many people are using Netflix and Spotify.

00:03:12.260 –> 00:03:15.160
They’re getting a piece in the market, but definitely not the biggest piece.

00:03:15.160 –> 00:03:17.160
So we’ll see.

00:03:17.160 –> 00:03:23.160
Apple is definitely still an iPhone first company, followed by the other products.

00:03:23.160 –> 00:03:29.680
I will say though, you do notice that their wearables and their Macs and a bunch of other

00:03:29.680 –> 00:03:34.320
things are $7, $8 billion businesses, which are huge businesses by the way.

00:03:34.320 –> 00:03:38.180
But when you compare it to the iPhone, it’s small.

00:03:38.180 –> 00:03:40.800
Apple has actually gotten their services business up.

00:03:40.800 –> 00:03:45.180
They just released their earnings report and they’re saying that their services business

00:03:45.180 –> 00:03:46.920
is their second largest business.

00:03:46.920 –> 00:03:50.040
But those numbers are a little skewed.

00:03:50.040 –> 00:03:53.940
Apple does include all your AppleCare stuff in that.

00:03:53.940 –> 00:03:56.880
They do include the $11 billion from Google they get.

00:03:56.880 –> 00:04:02.240
They include a lot of stuff in there that aren’t particularly necessarily services,

00:04:02.240 –> 00:04:03.380
if you know what I’m trying to say.

00:04:03.380 –> 00:04:07.600
So those numbers are a little skewed, especially when you think about how many people are paying

00:04:07.600 –> 00:04:13.020
for AppleCare on iPads and phones and computers, stuff like that.

00:04:13.020 –> 00:04:17.520
Like I said, their money they get from Apple, their advertising money they get for the iPhone.

00:04:17.520 –> 00:04:22.640
There’s a lot of things that are in there that aren’t necessarily what you think of

00:04:22.640 –> 00:04:24.000
as Apple TV services.

00:04:24.000 –> 00:04:26.320
So I just want to bring that up.

00:04:26.320 –> 00:04:31.500
Also too, a couple of things too, somebody had brought up with Apple services.

00:04:31.500 –> 00:04:37.760
Apple hasn’t necessarily released their numbers as far as how many subscribers they have for

00:04:37.760 –> 00:04:40.440
Apple Music and things like that.

00:04:40.440 –> 00:04:41.960
Like I said, I’m not saying Apple’s not hurting.

00:04:41.960 –> 00:04:45.160
They’re doing more than fine, okay?

00:04:45.160 –> 00:04:49.640
But just something I did want to bring up that since it was a pretty big thing this

00:04:49.640 –> 00:04:53.380
week, I did want to go ahead and bring up.

00:04:53.380 –> 00:04:58.280
Also too, some other news that I think is important that I do want to bring up that

00:04:58.280 –> 00:05:01.980
not really security related, but was big news that I think is going to really be a big thing

00:05:01.980 –> 00:05:03.740
in this industry.

00:05:03.740 –> 00:05:07.680
We have Apple moving into a new space, but then Microsoft moving into a new space as

00:05:07.680 –> 00:05:12.580
well with AI and releasing Microsoft Co-Pilot.

00:05:12.580 –> 00:05:16.320
They have Co-Pilot, which is 20 bucks a month and Co-Pilot Pro.

00:05:16.320 –> 00:05:19.080
They also have Co-Pilot for business.

00:05:19.080 –> 00:05:23.000
All these things, like I said, you should have JitHub, which is still 10 bucks a month.

00:05:23.000 –> 00:05:24.860
They’re not changing that.

00:05:24.860 –> 00:05:31.980
But they do have their Co-Pilot for Office, for personal use, Office, Windows, all that

00:05:31.980 –> 00:05:32.980

00:05:32.980 –> 00:05:37.760
Then they have their other Co-Pilot, which is their professional version.

00:05:37.760 –> 00:05:39.740
They went for businesses, which is 30 bucks a month.

00:05:39.740 –> 00:05:43.280
Then they have their Pro version for creators.

00:05:43.280 –> 00:05:48.860
So again, a big space here at Microsoft moving into a new space, Apple moving into a new

00:05:48.860 –> 00:05:49.860

00:05:49.860 –> 00:05:54.420
As I would say on their earnings call, they are looking into AI and what they can do with

00:05:54.420 –> 00:05:55.420

00:05:55.420 –> 00:05:58.400
I’m interested to see what’s going to happen with that.

00:05:58.400 –> 00:06:00.320
Apple’s way behind on this stuff with Siri.

00:06:00.320 –> 00:06:02.120
I’d be curious to see what they do with that.

00:06:02.120 –> 00:06:05.900
If they’re going to partner with ChatGPT or if they are going to do something on their

00:06:05.900 –> 00:06:09.260
own, that will remain to be seen.

00:06:09.260 –> 00:06:14.220
So big news, I think, as far as that stuff goes, just because it’s two new spaces and

00:06:14.220 –> 00:06:18.180
it’s two new spaces that two of the biggest companies in the world are getting into.

00:06:18.180 –> 00:06:23.480
So I just wanted to bring that up because I thought it was really relevant and something

00:06:23.480 –> 00:06:24.900
to really be aware of.

00:06:24.900 –> 00:06:31.780
Some of the stuff that I wanted to, we’re in the news and it is kind of, for me, technically

00:06:31.780 –> 00:06:32.780
security related.

00:06:32.780 –> 00:06:35.500
I did want to bring this up because I thought it was rather interesting.

00:06:35.500 –> 00:06:43.540
Apparently, a lot of the new electric cars do not have AM radio in them.

00:06:43.540 –> 00:06:47.840
And the reason why I’m bringing this up and why it is security related is they are saying

00:06:47.840 –> 00:06:53.740
the government now is saying that these electric car manufacturers are going to need to insulate

00:06:53.740 –> 00:07:00.980
around these AM radios so that AM radio needs to remain in cars.

00:07:00.980 –> 00:07:04.660
And I know you’re thinking to yourself, well, who listens to AM radio?

00:07:04.660 –> 00:07:12.180
According to the government, 80 million people a year still listen to AM radio.

00:07:12.180 –> 00:07:19.120
Personally, if you’re under the age of 50 and listening to AM radio, I’d be shocked.

00:07:19.120 –> 00:07:23.200
But the reason they’re saying this is actually really important is because a lot of money

00:07:23.200 –> 00:07:26.800
has gone into redundancy and stuff like that into the AM radio system.

00:07:26.800 –> 00:07:31.880
And the AM radio system is actually a very big part still of the emergency broadcast

00:07:31.880 –> 00:07:32.880

00:07:32.880 –> 00:07:37.520
And as you know, a lot of the electric cars have been coming without AM radio because

00:07:37.520 –> 00:07:41.260
AM radio, the frequency interferes with the car.

00:07:41.260 –> 00:07:46.180
So instead of insulating against it, they have just been taking AM radios out of cars.

00:07:46.180 –> 00:07:55.160
So be as it may, the government is saying now that they’re going to need these companies

00:07:55.160 –> 00:07:58.160
to put AM radio back in cars.

00:07:58.160 –> 00:08:01.200
So all the electric cars that have taken AM radios out, they’re going to have to put them

00:08:01.200 –> 00:08:03.420
in and they’re going to insulate around them.

00:08:03.420 –> 00:08:06.240
It’s going to be quite expensive, they say, to insulate them.

00:08:06.240 –> 00:08:12.240
But the government’s kind of saying, hey, we need this in the cars for the emergency

00:08:12.240 –> 00:08:14.540
broadcast system.

00:08:14.540 –> 00:08:19.260
I think an interesting thing to talk about, because I don’t even know what the AM emergency

00:08:19.260 –> 00:08:23.400
frequency is, if I’m being honest with you, in our local area here.

00:08:23.400 –> 00:08:29.260
But apparently they are saying it’s actually a, government’s saying it’s actually a national,

00:08:29.260 –> 00:08:33.860
I don’t want to say national security, but it kind of is because it’s a national, the

00:08:33.860 –> 00:08:35.180
national emergency system.

00:08:35.180 –> 00:08:38.660
People need a way to get to it in their cars because if they’re in their cars, that’s when

00:08:38.660 –> 00:08:42.560
they’re going to be commuting and transferring, going other places in the event of storms

00:08:42.560 –> 00:08:43.560
and stuff like that.

00:08:43.560 –> 00:08:48.780
So I don’t know how I really feel about this.

00:08:48.780 –> 00:08:52.620
One of the things that somebody had brought up online, which is a lot of your conservative

00:08:52.620 –> 00:08:57.960
radio, right wing radio is still on AM.

00:08:57.960 –> 00:09:03.040
People are saying maybe they’re doing that to try to keep conservative radio alive.

00:09:03.040 –> 00:09:05.760
There’s a whole lot of rumors with this sort of thing and not getting political about it,

00:09:05.760 –> 00:09:08.120
but I could see the government doing something like that.

00:09:08.120 –> 00:09:13.240
But like I said, interesting to hear this, that they’re saying 80 million people, that

00:09:13.240 –> 00:09:19.240
number sounds really high to me, still listen to AM radio, but they are saying that it’s

00:09:19.240 –> 00:09:21.520
essential for the emergency broadcast system.

00:09:21.520 –> 00:09:27.340
I could actually see to a certain degree this, only because during hurricane Sandy, I was

00:09:27.340 –> 00:09:33.020
very involved with the emergency broadcast system during a major snow ice storm we had

00:09:33.020 –> 00:09:34.080
up here.

00:09:34.080 –> 00:09:38.300
I was very involved with the emergency broadcast system and I know everybody’s saying, well,

00:09:38.300 –> 00:09:39.300
I’ll just use my cell phone.

00:09:39.300 –> 00:09:47.020
But in rural areas and in bigger city areas, there have been issues during these storms

00:09:47.020 –> 00:09:51.140
of that because so many people are on their phones that these cell phone networks get

00:09:51.140 –> 00:09:52.260

00:09:52.260 –> 00:09:57.240
I know specifically during Sandy, we had issues with so many people trying to reach out to

00:09:57.240 –> 00:10:01.240
their family during Sandy that the cell phone towers and stuff got overwhelmed.

00:10:01.240 –> 00:10:04.120
We had issues where cell phone towers went down.

00:10:04.120 –> 00:10:12.360
So there are quite a bit of things here, reasons that this could be useful also to radio waves

00:10:12.360 –> 00:10:20.660
carry and can go places that sometimes digital can’t because they’re analog versus digital.

00:10:20.660 –> 00:10:25.460
So a lot of things with this, there’s a whole big thing you can check out on the government’s

00:10:25.460 –> 00:10:29.220
website about it, look up AM radio emergency broadcast.

00:10:29.220 –> 00:10:35.020
There are quite a bit with this and I know, like I said, in my mind, I’m thinking to myself,

00:10:35.020 –> 00:10:36.980
who is really going to use AM radio?

00:10:36.980 –> 00:10:40.640
But I do kind of understand where they’re coming with this only because I have seen

00:10:40.640 –> 00:10:47.540
cellular telephones fail in these kinds of situations, especially in rural and big cities.

00:10:47.540 –> 00:10:49.120
They just get so many people on them.

00:10:49.120 –> 00:10:52.260
These networks just can’t handle all the traffic.

00:10:52.260 –> 00:10:57.440
Like I said, I think it’s going to up the cost of the car because obviously if these

00:10:57.440 –> 00:11:02.940
companies do have to insulate against these things, it’s going to just obviously trickle

00:11:02.940 –> 00:11:04.940
down to the consumer.

00:11:04.940 –> 00:11:06.940
We’re going to pay for it in the end.

00:11:06.940 –> 00:11:08.220
They’re not going to absorb that cost.

00:11:08.220 –> 00:11:12.180
But like I said, it was rather interesting to steer this whole thing.

00:11:12.180 –> 00:11:17.060
There’s been things going on about this all week that they’re saying that this is a big

00:11:17.060 –> 00:11:20.660
thing and they ought to do this and they got to do that.

00:11:20.660 –> 00:11:23.260
We need AM radio around.

00:11:23.260 –> 00:11:24.820
It’s just been a huge thing.

00:11:24.820 –> 00:11:30.160
And like I said, it’s very quite shocking to me just how much, you know, how many people

00:11:30.160 –> 00:11:32.100
are still listening to AM radio.

00:11:32.100 –> 00:11:33.360
It just kind of shocked me.

00:11:33.360 –> 00:11:36.900
But again, that was in the news this weekend.

00:11:36.900 –> 00:11:38.780
It was a pretty big topic.

00:11:38.780 –> 00:11:45.420
Like I said, I still believe that that 80 million number is a bit on the high side,

00:11:45.420 –> 00:11:51.460
especially when they’re saying that the millennials are the largest voting group now.

00:11:51.460 –> 00:11:54.240
And I don’t know how many of them are listening to AM radio.

00:11:54.240 –> 00:11:58.060
So kind of interesting with that.

00:11:58.060 –> 00:12:02.820
Some other stuff that came up in the news, follow ups to what we were talking about last

00:12:02.820 –> 00:12:03.820

00:12:03.820 –> 00:12:09.660
Apparently, Microsoft Teams was hit by a second outage.

00:12:09.660 –> 00:12:11.620
They’ve had a couple of outages in three days.

00:12:11.620 –> 00:12:16.940
Microsoft hasn’t really went into what is happening, but they had a second outage recently

00:12:16.940 –> 00:12:19.140
this past week.

00:12:19.140 –> 00:12:22.540
Kind of, you know, kind of big news with that.

00:12:22.540 –> 00:12:26.260
I mean, how many teams is a huge thing?

00:12:26.260 –> 00:12:29.820
And Microsoft is hedged their bets on this stuff, especially since the pandemic and during

00:12:29.820 –> 00:12:31.400
the pandemic and all that.

00:12:31.400 –> 00:12:36.720
And now it’s the second outage in North America and South America that they’ve seen in a week.

00:12:36.720 –> 00:12:38.500
So that was a follow up.

00:12:38.500 –> 00:12:40.580
They’re still investigating what’s going on with it.

00:12:40.580 –> 00:12:45.500
They’re saying they haven’t actually really came out and said yet what it is, but apparently

00:12:45.500 –> 00:12:47.340
they are investigating it.

00:12:47.340 –> 00:12:54.380
So I thought that was rather interesting in the news this week.

00:12:54.380 –> 00:12:57.140
Also too, some other news as well.

00:12:57.140 –> 00:13:05.420
We were talking about that Chromium and Google forcing people, you know, with the to use

00:13:05.420 –> 00:13:06.420

00:13:06.420 –> 00:13:11.140
You know, the thing where they can force advertising and stuff like that.

00:13:11.140 –> 00:13:17.780
Apparently now Google announced in their earnings report they have 20 million more people on

00:13:17.780 –> 00:13:25.040
YouTube Premium, making them have over 100 million YouTube Premium subscribers.

00:13:25.040 –> 00:13:27.020
So I thought that was interesting.

00:13:27.020 –> 00:13:33.300
Some other people had pointed out if you do want to use Firefox or use a version of Firefox

00:13:33.300 –> 00:13:39.020
if you don’t like Firefox, Firefox does have other, there are other editions of Firefox

00:13:39.020 –> 00:13:43.260
that you can use that are based on the Firefox browser.

00:13:43.260 –> 00:13:45.340
Obviously Tor, which is really slow.

00:13:45.340 –> 00:13:47.620
I don’t know if I’d recommend that.

00:13:47.620 –> 00:13:51.060
Libra Wolf, which is another security based focused Firefox.

00:13:51.060 –> 00:13:53.860
They have Pale Moon.

00:13:53.860 –> 00:13:54.860
There’s a bunch of different ones.

00:13:54.860 –> 00:14:00.660
If you search, just go ahead and search Firefox, you know, browsers, Firefox based web browsers

00:14:00.660 –> 00:14:01.660
and they’ll come right up.

00:14:01.660 –> 00:14:02.660
There’s so many different options.

00:14:02.660 –> 00:14:07.180
I actually didn’t realize how many different versions of Firefox there were as far as how

00:14:07.180 –> 00:14:11.700
many people had used it to build different browsers.

00:14:11.700 –> 00:14:13.340
So I thought that was really neat.

00:14:13.340 –> 00:14:16.380
They do have the Firefox developer version if you don’t want all the Firefox junk built

00:14:16.380 –> 00:14:18.380

00:14:18.380 –> 00:14:20.780
Like I said, there’s a Molvid browser.

00:14:20.780 –> 00:14:22.700
There’s just so many of them.

00:14:22.700 –> 00:14:25.520
Like I said, WaterFox, the list just goes on and on and on.

00:14:25.520 –> 00:14:27.920
But like I said, go ahead and check that out.

00:14:27.920 –> 00:14:32.300
Like I said, I always recommend Firefox only because I know they’re very security focused

00:14:32.300 –> 00:14:34.900
first and they’re not based on Chrome.

00:14:34.900 –> 00:14:38.060
So I really am 100% all in on Firefox.

00:14:38.060 –> 00:14:40.740
So I know they had, they did have complaints.

00:14:40.740 –> 00:14:42.180
They did have been still complaining.

00:14:42.180 –> 00:14:47.100
We talked about it last week, but this week they’re saying that, you know, it’s going

00:14:47.100 –> 00:14:51.060
to be very difficult for them to make, they’re going to have to maintain two browsers now,

00:14:51.060 –> 00:14:56.540
one in the US, one in the EU because Apple on iOS is still making you use WebKit in America.

00:14:56.540 –> 00:14:59.980
But over in the EU, you don’t have to use WebKit.

00:14:59.980 –> 00:15:04.020
So like I said, they were talking about how it’s going to be quite a project.

00:15:04.020 –> 00:15:06.980
So I’m sure they’ll figure it out.

00:15:06.980 –> 00:15:13.740
But like I said, that was a quite a big topic as far as Apple, Spotify coming out the other

00:15:13.740 –> 00:15:20.420
day saying that the new rules that Apple made for the EU are a joke and that it’s not, they’re

00:15:20.420 –> 00:15:28.240
not, it gives the illusion of security and gives the illusion of opening things up when

00:15:28.240 –> 00:15:33.400
they’re still kind of forcing you to go the direction they want just in a different way.

00:15:33.400 –> 00:15:39.460
Kind of, you know, kind of a, kind of, I kind of agree with them because there’s still,

00:15:39.460 –> 00:15:42.420
Apple still has control over the platform.

00:15:42.420 –> 00:15:46.480
They’re just letting you do things a different way.

00:15:46.480 –> 00:15:52.100
So it’s not, again, there, it’s the illusion of openness is what Spotify called it.

00:15:52.100 –> 00:15:57.380
Like I said, I’m not super, I do do some development work, but I don’t do a whole heck of a lot

00:15:57.380 –> 00:15:59.040
of development on iOS.

00:15:59.040 –> 00:16:04.360
I do know as somebody who has developed tools and stuff like that, I mostly develop for

00:16:04.360 –> 00:16:06.320
Windows and Linux.

00:16:06.320 –> 00:16:10.680
I do have some stuff available for the Mac, but I’ve never actually published it on the

00:16:10.680 –> 00:16:11.680
App Store.

00:16:11.680 –> 00:16:18.000
I have a serious issue with the way Apple handles the App Store personally.

00:16:18.000 –> 00:16:21.220
I don’t think it’s fair that I have to pay a hundred dollars a year for a developer account

00:16:21.220 –> 00:16:27.200
to put my app out there and for free to give away a tool to somebody for free in the App

00:16:27.200 –> 00:16:28.200
Store on the Mac.

00:16:28.200 –> 00:16:32.240
That’s a hundred dollars a year as a developer and, and so Apple gets a hundred dollars a

00:16:32.240 –> 00:16:34.580
year and I get to give a tool away for free.

00:16:34.580 –> 00:16:40.140
Like why isn’t there a way that people like me that want to give tools away for free on

00:16:40.140 –> 00:16:43.660
the App Store can get on and give them away for free without having to pay a hundred dollars

00:16:43.660 –> 00:16:44.660
a year?

00:16:44.660 –> 00:16:47.680
I just don’t think it’s, it’s right.

00:16:47.680 –> 00:16:51.840
I mean, it really stinks that, like I said, I would love to put apps on the App Store

00:16:51.840 –> 00:16:58.740
for Mac OS, but I’m not going to spend a hundred dollars a year, you know, to put something

00:16:58.740 –> 00:17:00.560
for free on the App Store, but it’s not going to do it.

00:17:00.560 –> 00:17:05.920
So I’ve really had an issue with this over the years and the way Apple does handle the

00:17:05.920 –> 00:17:12.240
Mac Store, whether it’s for, you know, iOS or Mac OS, they’ve always kind of muscle people

00:17:12.240 –> 00:17:16.600
and they get people to pay, you know, put free apps on there and I just, I really don’t

00:17:16.600 –> 00:17:17.600
care for it.

00:17:17.600 –> 00:17:24.400
And, that’s something, you know, that is part of my issue with Apple and the way they handle

00:17:24.400 –> 00:17:25.400
this sort of thing.

00:17:25.400 –> 00:17:30.320
So, like I said, kind of, I think Apple needs a better way of handling free apps.

00:17:30.320 –> 00:17:32.600
They need a better way of handling open source.

00:17:32.600 –> 00:17:36.840
You know, these open source companies that basically run on donations have to pay Apple

00:17:36.840 –> 00:17:40.920
just to keep their free open source apps on Apple’s platform.

00:17:40.920 –> 00:17:41.920
That’s not right.

00:17:41.920 –> 00:17:43.800
That’s not really fair.

00:17:43.800 –> 00:17:48.480
And like I said, I really think that, you know, Apple could do a much better job with

00:17:48.480 –> 00:17:49.480
these sorts of things.

00:17:49.480 –> 00:17:55.200
So, other, something else I wanted to talk about too, kind of a big issue as far as security

00:17:55.200 –> 00:18:00.200
goes for anybody that’s listening, it’s a network admin and anybody that handles security,

00:18:00.200 –> 00:18:06.400
but apparently Microsoft, which has had something called hot patching, which allows you to patch

00:18:06.400 –> 00:18:07.720
the server without rebooting.

00:18:07.720 –> 00:18:15.120
It’s a very, very popular Azure feature that Microsoft has had for quite a while and has

00:18:15.120 –> 00:18:22.760
only been available on Azure, is now going to be available in Windows Server 2025.

00:18:22.760 –> 00:18:27.840
So, they released the Server 2025 preview the other day and a bunch of people have been

00:18:27.840 –> 00:18:29.500
messing with it.

00:18:29.500 –> 00:18:37.800
And now apparently Microsoft is going to allow you in Server 2025 to patch servers using

00:18:37.800 –> 00:18:40.940
hot patching where you don’t have to reboot the server.

00:18:40.940 –> 00:18:42.940
That’s actually pretty big news.

00:18:42.940 –> 00:18:48.660
Microsoft for decades, you have always had to go ahead and to patch the servers, you

00:18:48.660 –> 00:18:50.340
had to reboot them.

00:18:50.340 –> 00:18:52.020
And now you’re going to be able to use hot patching.

00:18:52.020 –> 00:18:58.360
Now for a long time, Microsoft was only putting hot patching on Azure because they wanted

00:18:58.360 –> 00:19:02.020
people to go to Azure and hey, well, if you do it on Azure, you get this feature.

00:19:02.020 –> 00:19:06.720
Well, now they’re going to let you bring it to people that want to have servers internally

00:19:06.720 –> 00:19:08.840
or need servers internally.

00:19:08.840 –> 00:19:13.360
I think this comes down to Microsoft knows that what they call their legacy business,

00:19:13.360 –> 00:19:18.480
which is selling server software to businesses and stuff like that, still a big business

00:19:18.480 –> 00:19:19.480
for them.

00:19:19.480 –> 00:19:21.520
A lot of companies are not going to go to the cloud.

00:19:21.520 –> 00:19:22.520
They don’t want those monthly bills.

00:19:22.520 –> 00:19:28.000
They want to host their own servers due to security, due to infrastructure, whatever.

00:19:28.000 –> 00:19:33.000
And Microsoft is just going to have to say, bite the bullet and just say, “Hey, you know

00:19:33.000 –> 00:19:34.220

00:19:34.220 –> 00:19:37.840
We’re going to have to take some of these great features over in Azure and put them

00:19:37.840 –> 00:19:44.100
into regular desktop, not desktop, but server-based operating system, on-prem server-based operating

00:19:44.100 –> 00:19:49.060
system if we want to keep this business that’s bringing in billions of dollars a year in

00:19:49.060 –> 00:19:50.660
revenue going.”

00:19:50.660 –> 00:19:59.960
So in the new Windows Server 2025, there will be hot patching, which used to just be an

00:19:59.960 –> 00:20:01.280
Azure feature.

00:20:01.280 –> 00:20:05.640
But apparently now, like I said, Microsoft is going to be bringing it to all of us.

00:20:05.640 –> 00:20:07.120
So I think that is wonderful.

00:20:07.120 –> 00:20:10.580
And I really appreciate Microsoft doing this.

00:20:10.580 –> 00:20:15.220
I know a lot of customers that still need and want to host their own server internally.

00:20:15.220 –> 00:20:19.100
Every bunch of years, they have us come in and do an upgrade.

00:20:19.100 –> 00:20:20.100
This is a big deal.

00:20:20.100 –> 00:20:22.800
People do not want to go out in the cloud and keep paying a monthly fee.

00:20:22.800 –> 00:20:24.120
I’m not saying it’s right.

00:20:24.120 –> 00:20:25.120
I’m not saying it’s wrong.

00:20:25.120 –> 00:20:27.600
It’s whatever’s best for your operation, your business.

00:20:27.600 –> 00:20:30.700
But it’s really nice that they’re actually giving us these features.

00:20:30.700 –> 00:20:34.760
So I do really appreciate Microsoft putting the customer first here.

00:20:34.760 –> 00:20:38.400
So speaking of Microsoft news, a little transition there.

00:20:38.400 –> 00:20:43.640
Microsoft, we all remember they got breached a couple of weeks ago.

00:20:43.640 –> 00:20:47.040
I guess somebody was able to get to their higher ups, their email.

00:20:47.040 –> 00:20:49.960
Microsoft did release more information on that.

00:20:49.960 –> 00:20:54.900
Apparently Microsoft security team detected a nation state attack on their corporate systems

00:20:54.900 –> 00:20:58.860
on January 12th of this year.

00:20:58.860 –> 00:21:01.460
And they jumped into response.

00:21:01.460 –> 00:21:02.460
It was attacked.

00:21:02.460 –> 00:21:08.680
It was a threat actor, Midnight Blizzard, which is a Russian state sponsored attack,

00:21:08.680 –> 00:21:12.720
a Russian state actor or attacker.

00:21:12.720 –> 00:21:19.020
And like I said, they went ahead and it was a, apparently, apparently while they noticed

00:21:19.020 –> 00:21:23.000
it on January 12th, they went through the logs and they actually found that in November

00:21:23.000 –> 00:21:32.320
of 2023, a threat actor used a password spray attack to compromise a legacy product.

00:21:32.320 –> 00:21:39.680
They said non-production, non-production product that apparently had a giant foot and gained

00:21:39.680 –> 00:21:41.720
a giant foothold on their systems.

00:21:41.720 –> 00:21:48.520
Like I said, but apparently it was actually now they’re saying it was a Russian state

00:21:48.520 –> 00:21:50.120
sponsored attack.

00:21:50.120 –> 00:21:56.220
So like I said, not sure they’re not, they haven’t released what they got yet, but they

00:21:56.220 –> 00:22:01.460
have said that it was, they have narrowed it down and they do know who it was, what

00:22:01.460 –> 00:22:03.940
it was and how they got in and what the system was.

00:22:03.940 –> 00:22:10.900
So interesting, interesting there only because the state sponsored hacking stuff is becoming

00:22:10.900 –> 00:22:12.520
more and more popular.

00:22:12.520 –> 00:22:19.800
So speaking of interesting things that have also been announced for tax go, a still unknown

00:22:19.800 –> 00:22:25.520
threat actor stole 7.5 million from the US Department of Health and Human Services in

00:22:25.520 –> 00:22:31.540
a security breach that took place between March and mid November of last year.

00:22:31.540 –> 00:22:35.920
So this is actually really interesting because they still don’t know who took it, but the

00:22:35.920 –> 00:22:43.120
unknown attacker is believed to have gained access to an HHS system that processes civilian

00:22:43.120 –> 00:22:47.960
grant payments using a spear phishing attack.

00:22:47.960 –> 00:22:56.760
They then process the hijacked payments for five grant recipients before being deleted.

00:22:56.760 –> 00:23:00.360
Like I said, they’re still investigating as to who did it.

00:23:00.360 –> 00:23:07.140
But yeah, so interesting, what upsets me about this is they still don’t know who did it and

00:23:07.140 –> 00:23:08.680
this happens quite a while ago.

00:23:08.680 –> 00:23:12.680
So like I said, that was something I noticed in the news.

00:23:12.680 –> 00:23:17.900
Again, a lot of these big security breaches and stuff that were announced really got buried

00:23:17.900 –> 00:23:19.120
under all the Apple news.

00:23:19.120 –> 00:23:23.600
And that’s, I mean, that’s just the way it is, but I do want to point that out because

00:23:23.600 –> 00:23:26.980
some of these are actually really big news.

00:23:26.980 –> 00:23:30.840
Something else I wanted to point out as well, something else that was announced again kind

00:23:30.840 –> 00:23:33.580
of got buried in the news here.

00:23:33.580 –> 00:23:38.800
In the news, apparently Samsung has announced with the launch of their S24 series smartphones

00:23:38.800 –> 00:23:45.020
that you will be saving seven years of software and security updates.

00:23:45.020 –> 00:23:51.020
That’s an increase from the company’s previous smartphone series, which they’ve had before,

00:23:51.020 –> 00:23:52.880
which is only five years.

00:23:52.880 –> 00:23:57.100
So they have, like I said, they’ve gone ahead and bumped it to seven.

00:23:57.100 –> 00:24:01.280
A lot of people believe that they did that because Google bumped their phones to seven

00:24:01.280 –> 00:24:03.140
years for security updates.

00:24:03.140 –> 00:24:05.580
So that’s why they think they were, a lot they’re doing it.

00:24:05.580 –> 00:24:10.980
So now if you have an Android device, you will be getting updates for seven years from

00:24:10.980 –> 00:24:12.780
Samsung and Google.

00:24:12.780 –> 00:24:14.380
I wish all the companies would do that.

00:24:14.380 –> 00:24:18.780
I see so many Samsung smartphones from my daughter’s friends and stuff like that that

00:24:18.780 –> 00:24:21.020
are just out of date and they’re not getting updates.

00:24:21.020 –> 00:24:26.260
And it’s quite scary when you think about it and people don’t even understand it or

00:24:26.260 –> 00:24:27.260
even know about it.

00:24:27.260 –> 00:24:31.080
So a lot of people just are completely just don’t know about this stuff and that’s what

00:24:31.080 –> 00:24:32.080

00:24:32.080 –> 00:24:34.920
So I thought that was a little bit of interesting news that I saw as well.

00:24:34.920 –> 00:24:39.480
I wanted to bring that up because I know a couple of people that listen to the show were

00:24:39.480 –> 00:24:42.240
talking about Android and I appreciate one of our listeners.

00:24:42.240 –> 00:24:43.240
They sent that to me.

00:24:43.240 –> 00:24:45.520
So thank you very much for that.

00:24:45.520 –> 00:24:47.800
Again, I do have my email in the show notes.

00:24:47.800 –> 00:24:49.880
That’s the best way to reach me.

00:24:49.880 –> 00:24:52.440
Please send me any information you have or questions.

00:24:52.440 –> 00:24:53.620
We do have some listener feedback.

00:24:53.620 –> 00:24:55.500
I’ll get to hit a little bit here.

00:24:55.500 –> 00:24:58.620
But some of that, I guess I do appreciate a couple of people send that back.

00:24:58.620 –> 00:25:01.620
Again, I’m not overly knowledgeable.

00:25:01.620 –> 00:25:07.100
I don’t say I’m knowledgeable, I’m knowledgeable of it, but I don’t have an Android smartphone.

00:25:07.100 –> 00:25:11.580
So I don’t particularly, I’m not as up on that as I should be.

00:25:11.580 –> 00:25:13.620
Maybe that’s something I should really focus on this year.

00:25:13.620 –> 00:25:17.080
But I do appreciate them sending me that.

00:25:17.080 –> 00:25:20.660
So something I thought was interesting and I actually, I have known about this, but I’ve

00:25:20.660 –> 00:25:25.200
been, anytime the government sticks their nose in stuff, I’m sometimes a little hesitant

00:25:25.200 –> 00:25:29.680
to kind of jump in because things are, and I don’t want to get political, but we all

00:25:29.680 –> 00:25:32.640
know sometimes when the government sticks their nose in things get worse.

00:25:32.640 –> 00:25:38.800
Fortunately, sometimes politics, just insecurity or anything should not go along.

00:25:38.800 –> 00:25:45.500
But the CISA is actually, they had a sort of a pilot program last year.

00:25:45.500 –> 00:25:50.700
You can go ahead and check it out at the website at

00:25:50.700 –> 00:25:57.340
And for companies that may be kind of unaware of the security vulnerabilities or things

00:25:57.340 –> 00:26:01.400
like that, what this is, this is a stop ransomware thing.

00:26:01.400 –> 00:26:05.180
And what you do is you can actually sign your company up.

00:26:05.180 –> 00:26:07.840
And I don’t know the exact specifics as I have not done this, but I wanted to bring

00:26:07.840 –> 00:26:12.340
this up because this was started last year and I know they had an update on it here on,

00:26:12.340 –> 00:26:14.180
and somebody had brought this to my attention.

00:26:14.180 –> 00:26:15.180
Again, I appreciate that.

00:26:15.180 –> 00:26:17.640
We have a great community here.

00:26:17.640 –> 00:26:20.640
But one of the things they have pointed out is you can sign up and what happens is the

00:26:20.640 –> 00:26:26.160
CISA will kind of monitor your, you know, your, your port, your systems or however they

00:26:26.160 –> 00:26:27.880
do it.

00:26:27.880 –> 00:26:34.920
And what you can actually do with this is, if they do find any, anything that could be

00:26:34.920 –> 00:26:38.380
a vulnerability that could allow ransomware in or stuff like that, they will actually

00:26:38.380 –> 00:26:43.280
reach out to you and tell you, Hey, you have an explanatory system patch this or whatever.

00:26:43.280 –> 00:26:47.440
Because a lot, especially smaller companies and especially school districts that maybe

00:26:47.440 –> 00:26:51.300
don’t have security people and stuff on staff or people that aren’t as aware or maybe full

00:26:51.300 –> 00:26:56.180
time, especially some smaller businesses, they might not even have IT people full time.

00:26:56.180 –> 00:26:57.660
So they don’t know unless they call somebody in.

00:26:57.660 –> 00:27:02.580
But what they’ll actually do is they will actually alert you of this stuff so you can

00:27:02.580 –> 00:27:04.320
patch it.

00:27:04.320 –> 00:27:09.580
Like I said, that is at their, it’s stop

00:27:09.580 –> 00:27:13.000
Like I said, they started this last year and now they’re expanding it to include more

00:27:13.000 –> 00:27:14.000

00:27:14.000 –> 00:27:17.760
I think you have to, I don’t know if they send you, I believe they send you a, an Albert

00:27:17.760 –> 00:27:18.760

00:27:18.760 –> 00:27:24.400
An Albert sensor sits on your system and it reports back to CISA and what it does, it

00:27:24.400 –> 00:27:25.400
monitors the traffic.

00:27:25.400 –> 00:27:29.360
And if it does see something that it sees, it could be a vulnerability or it could be

00:27:29.360 –> 00:27:30.360
an issue.

00:27:30.360 –> 00:27:32.600
They will go ahead and reach back to you.

00:27:32.600 –> 00:27:37.480
But that, like I said, is something it’s from the CISA and it’s a, like I said, it’s an

00:27:37.480 –> 00:27:38.480
Albert sensor.

00:27:38.480 –> 00:27:42.360
And those of you that say, well, you may not be so happy about the government’s taking

00:27:42.360 –> 00:27:44.440
something on your network that’s going to sniff traffic.

00:27:44.440 –> 00:27:47.720
I wouldn’t be so happy about it either.

00:27:47.720 –> 00:27:49.540
You can get a free Albert sensor.

00:27:49.540 –> 00:27:53.020
It’s free, it’s open source and you can actually have it alert you.

00:27:53.020 –> 00:27:56.920
That might be a better option for some of you guys that aren’t so thrilled about, you

00:27:56.920 –> 00:27:59.040
know, the government sticking something on your network.

00:27:59.040 –> 00:28:02.680
I’m kind of in the same boat with you, like I said, but you can get an Albert sensor.

00:28:02.680 –> 00:28:03.680
It’s free.

00:28:03.680 –> 00:28:06.060
You can load it on a raspberry PI, on a little computer, whatever that, and have it monitor

00:28:06.060 –> 00:28:07.920
your systems.

00:28:07.920 –> 00:28:09.080
It’s not that difficult to set up.

00:28:09.080 –> 00:28:10.520
There are tons of YouTube videos on it.

00:28:10.520 –> 00:28:14.740
There are tons of documentation on the internet, but that’s something you can do.

00:28:14.740 –> 00:28:19.420
Like I said, if you, if you know a company that maybe isn’t able to handle this sorts

00:28:19.420 –> 00:28:23.640
of thing, have them reach out and maybe they can get some help with that.

00:28:23.640 –> 00:28:28.960
Like I said, smaller businesses that don’t have people like us on the staff, maybe they

00:28:28.960 –> 00:28:29.960
can sign up.

00:28:29.960 –> 00:28:33.720
And then if you have your, you know, if you’re a business and you want to monitor things,

00:28:33.720 –> 00:28:35.760
maybe you put your own Albert sensor in.

00:28:35.760 –> 00:28:40.400
But either way, that was something, like I said, that I noticed and that I wanted to

00:28:40.400 –> 00:28:45.740
bring up to you guys, because that is something, like I said, it’s a year ago now.

00:28:45.740 –> 00:28:49.520
And like I said, there, the, the system, it wasn’t, like I said, it was kind of like a

00:28:49.520 –> 00:28:54.400
pilot program with, I think it was at schools at the beginning and certain companies, but

00:28:54.400 –> 00:28:56.500
now they are going to be opening it up a little more.

00:28:56.500 –> 00:28:58.840
So that might be something useful.

00:28:58.840 –> 00:29:01.360
Even if you’re in the security business, that might be something to have, maybe some of

00:29:01.360 –> 00:29:05.640
your customers sign up for, or maybe you can even sell them an Albert sensor.

00:29:05.640 –> 00:29:09.040
Like I said, go ahead and be your choice, but like I said, that is something out there

00:29:09.040 –> 00:29:14.840
and is available and ransomware is such a big thing nowadays that it’s something you

00:29:14.840 –> 00:29:18.840
got to fight against because it can really put a whole company out of business.

00:29:18.840 –> 00:29:22.560
So news on that.

00:29:22.560 –> 00:29:27.080
Also too, I wanted to bring something up that I thought was interesting.

00:29:27.080 –> 00:29:30.840
I actually happened to scroll, kind of stumbled upon this.

00:29:30.840 –> 00:29:39.960
I remember last week we talked about HP was basically anti using third party, you know,

00:29:39.960 –> 00:29:43.800
in cartridges because they want to have like a subscription business for that.

00:29:43.800 –> 00:29:46.720
But apparently they did push that third party firmware update.

00:29:46.720 –> 00:29:50.160
It was actually on 9to5Mac where I saw this.

00:29:50.160 –> 00:29:56.720
They actually did push this third party update to try to help people that were, you know,

00:29:56.720 –> 00:29:58.720
had out of date firmware and were vulnerable to attack.

00:29:58.720 –> 00:30:01.760
It actually bricked a bunch of printers.

00:30:01.760 –> 00:30:04.120
And a lot of people are really upset about it.

00:30:04.120 –> 00:30:07.500
A lot of people are saying, well, hey, this was just a money grab.

00:30:07.500 –> 00:30:12.640
But what it was is they had well-known viruses that were actually embedded in third party

00:30:12.640 –> 00:30:16.360
cartridges that were actually being only a problem.

00:30:16.360 –> 00:30:21.840
And if you did have, they patched and I guess a lot of some, obviously some things bricked,

00:30:21.840 –> 00:30:26.160
some people that had the cartridges bricked, some just like I said, some just bricked because

00:30:26.160 –> 00:30:29.120
they were too old to handle the update or whatever happened.

00:30:29.120 –> 00:30:35.600
But apparently Ars Technica also reported on this saying that security experts, whether

00:30:35.600 –> 00:30:39.700
this could happen, they said it’s so far out there.

00:30:39.700 –> 00:30:44.280
It would be a nation state attack on a specific individual.

00:30:44.280 –> 00:30:46.140
I don’t know if I really believe that.

00:30:46.140 –> 00:30:50.620
What a lot of this was, was these companies giving out third party, well, they weren’t

00:30:50.620 –> 00:30:54.400
giving out, but people were selling third party cartridges with viruses in them, either

00:30:54.400 –> 00:30:57.560
not knowing and what it is again.

00:30:57.560 –> 00:31:01.200
This is basically one of those things where I sell you a cartridge, it’s infected, you

00:31:01.200 –> 00:31:02.200
put it in a machine.

00:31:02.200 –> 00:31:06.960
Now I have a bot where I can use it to DDoS.

00:31:06.960 –> 00:31:07.960
That’s what this is.

00:31:07.960 –> 00:31:08.960
This is building a botnet.

00:31:08.960 –> 00:31:12.320
What they were doing is people that were, I think anyway, what my personal feelings

00:31:12.320 –> 00:31:15.360
about it is that they were trying to help create a botnet.

00:31:15.360 –> 00:31:16.840
Cause that’s the only reason why you do that.

00:31:16.840 –> 00:31:20.080
I mean, same thing with the smart fridges and stuff that people still have their way

00:31:20.080 –> 00:31:21.080
out of date.

00:31:21.080 –> 00:31:22.240
Those things are compromised.

00:31:22.240 –> 00:31:24.400
People aren’t hacking into them to get your fridge data.

00:31:24.400 –> 00:31:28.000
They’re hacking into it so that they have something to use for a botnet.

00:31:28.000 –> 00:31:30.560
Same thing with these printers and the little devices like this.

00:31:30.560 –> 00:31:31.840
People don’t hack into them for data.

00:31:31.840 –> 00:31:32.840
They hack into what they have.

00:31:32.840 –> 00:31:34.120
They can use them to DDoS.

00:31:34.120 –> 00:31:39.360
But the reason why I’m bringing that up is apparently HP is now going to be facing a

00:31:39.360 –> 00:31:45.920
huge class action lawsuit over this for bricking printers and stuff like that.

00:31:45.920 –> 00:31:48.600
Like I said, not all the printers brick because of bad cartridges.

00:31:48.600 –> 00:31:50.640
Some of them brick because of hardware issues.

00:31:50.640 –> 00:31:52.520
Some of them brick because of software issues.

00:31:52.520 –> 00:31:53.520
Some of them bricked.

00:31:53.520 –> 00:31:58.400
I mean, it just, there are so many reasons, but apparently HP is saying that they were

00:31:58.400 –> 00:32:01.360
trying to protect people and it didn’t come off that way.

00:32:01.360 –> 00:32:05.600
They’re kind of in the doghouse now because it kind of made it look like, Hey, the way

00:32:05.600 –> 00:32:09.680
they, the way they worded it and the way they made it sound was, you know, we’re doing this

00:32:09.680 –> 00:32:13.360
to protect you, but it kind of made it look like they were doing it to make themselves

00:32:13.360 –> 00:32:16.000
a business because now how many people had brick printers?

00:32:16.000 –> 00:32:18.840
So they’re facing a class action lawsuit.

00:32:18.840 –> 00:32:23.040
It’d be kind of neat to see how this kind of plays out.

00:32:23.040 –> 00:32:26.840
It’s kind of the whole thing with Apple where, okay, we don’t let people side load for security

00:32:26.840 –> 00:32:30.480
reasons, but it’s also a way of Apple controlling the ecosystem.

00:32:30.480 –> 00:32:32.640
I think this is kind of one of those double-edged swords.

00:32:32.640 –> 00:32:37.640
So we’ll have to see what happens with this as we go forward.

00:32:37.640 –> 00:32:38.960
This will be one that we’ll have to watch.

00:32:38.960 –> 00:32:42.640
These sort of things take forever to go through.

00:32:42.640 –> 00:32:45.560
So we’ll have to see, like I said, and see what comes out of it.

00:32:45.560 –> 00:32:47.800
But yeah, I thought that was pretty interesting.

00:32:47.800 –> 00:32:53.480
Especially, it made it on 9 to 5 Mac because so many people were just crazy over this.

00:32:53.480 –> 00:32:57.240
So I’d be really upset that the printers aren’t working and stuff like that.

00:32:57.240 –> 00:32:59.520
I actually don’t print that much anymore.

00:32:59.520 –> 00:33:03.120
I don’t have an HP printer, but I actually don’t print that much anymore.

00:33:03.120 –> 00:33:08.040
And I don’t really have anybody I know that had this problem personally.

00:33:08.040 –> 00:33:13.000
But like I said, I thought it was interesting that they had an update on that story.

00:33:13.000 –> 00:33:19.480
Especially after all the craziness last week with how many printers got bricked.

00:33:19.480 –> 00:33:22.520
I kind of figured this would be a thing.

00:33:22.520 –> 00:33:27.440
So some other news that I think is interesting to security professionals, I’m not sure about

00:33:27.440 –> 00:33:34.160
others out there, but federal investigators, ever since that whole thing with Trump, with

00:33:34.160 –> 00:33:40.280
the situation with January 6th and Trump and the Secret Service deleting their text messages

00:33:40.280 –> 00:33:48.440
and stuff like that, apparently now the federal investigators are warning companies that are

00:33:48.440 –> 00:33:54.240
either under investigation or warning federal entities like the US Department of Justice

00:33:54.240 –> 00:34:05.200
and the FTC, the Federal Trade Commission, that if anybody is under investigation, that

00:34:05.200 –> 00:34:11.280
they are not allowed to delete messages from tech companies like Slack, Microsoft Teams,

00:34:11.280 –> 00:34:12.280
and Signal.

00:34:12.280 –> 00:34:15.720
Apple wasn’t on the list, which surprised me of all things.

00:34:15.720 –> 00:34:22.520
But apparently they’re saying this guidance comes as the Federal Investigation and Department

00:34:22.520 –> 00:34:31.120
of Justice looks through rules and how messaging is handled in the government.

00:34:31.120 –> 00:34:35.920
In November of last year, the FCC accused Amazon of deleting more than two years worth

00:34:35.920 –> 00:34:42.100
internal signal employee chats after the agency was under investigation for antitrust lawsuits.

00:34:42.100 –> 00:34:48.520
They’re also going after Google, who apparently deleted messages during the antitrust trial

00:34:48.520 –> 00:34:51.760
that was going on recently.

00:34:51.760 –> 00:34:52.960
We all remember what happened with that.

00:34:52.960 –> 00:34:57.600
Google apparently had, when they were home, actually had emails saying, “Hey, delete your

00:34:57.600 –> 00:34:59.080
message so they can’t get them.”

00:34:59.080 –> 00:35:05.520
But this is also too, they’re warning their own state entities, “You’re not allowed to

00:35:05.520 –> 00:35:08.720
delete your messages if you’re under investigation.”

00:35:08.720 –> 00:35:13.680
Like I said, Apple is not on the list, but Apple was not able to get messages back during

00:35:13.680 –> 00:35:14.680

00:35:14.680 –> 00:35:19.240
It’s a pretty big thing because, and like I said, I’m not trying to get political, but

00:35:19.240 –> 00:35:24.280
it was actually a big thing when they were investigating January 6th, how many people,

00:35:24.280 –> 00:35:29.840
these state entities deleted their messages, like the Secret Service.

00:35:29.840 –> 00:35:33.520
I think there was even a couple other entities that deleted their messages.

00:35:33.520 –> 00:35:38.080
And now these big tech companies that are in these anti-lawsuits are doing the same

00:35:38.080 –> 00:35:39.080

00:35:39.080 –> 00:35:41.640
Instead of people seeing their messaging history, they just blew it away.

00:35:41.640 –> 00:35:44.640
Like I said, Google did that.

00:35:44.640 –> 00:35:48.800
I know Apple didn’t because Apple actually is actually pretty aware on that stuff.

00:35:48.800 –> 00:35:50.440
But I forget who else did it.

00:35:50.440 –> 00:35:51.520
I know Google did it.

00:35:51.520 –> 00:35:55.800
Like I said, so this is a pretty big thing.

00:35:55.800 –> 00:36:01.960
And the thing that’s weird about companies like Google is, Google actually does provide

00:36:01.960 –> 00:36:09.280
a Google Workspace product called Google Vault that allows you to put holds on stuff so it

00:36:09.280 –> 00:36:11.080
can’t be deleted.

00:36:11.080 –> 00:36:13.360
And it’s kind of interesting that Google, obviously they probably didn’t want those

00:36:13.360 –> 00:36:16.100
chats to be deleted, so they probably had somebody take off the hold.

00:36:16.100 –> 00:36:23.120
But I know Google has it, I know Microsoft has it, that you can actually hold it so that

00:36:23.120 –> 00:36:24.120
they don’t get deleted.

00:36:24.120 –> 00:36:25.900
I’m sure Slack probably has something like that as well.

00:36:25.900 –> 00:36:28.360
Microsoft Teams I know has it because it’s built into Office.

00:36:28.360 –> 00:36:30.600
But this is actually pretty big.

00:36:30.600 –> 00:36:36.360
Signal I don’t think does because they’re not a huge corporate entity in the sense of

00:36:36.360 –> 00:36:41.340
you can’t manage your Signal accounts via corporate commodity.

00:36:41.340 –> 00:36:44.720
But I thought it was pretty interesting that they finally are telling these companies,

00:36:44.720 –> 00:36:51.360
no, you can’t do that and no, if you’re a government entity that is part of the US government,

00:36:51.360 –> 00:36:53.420
you can’t delete your messages.

00:36:53.420 –> 00:36:58.620
Because the Federal Trade Commission and the US Department of Justice, the Secret Service,

00:36:58.620 –> 00:37:02.340
I think even the IRS I think actually had issues where when they were investigating

00:37:02.340 –> 00:37:07.920
Trump they were missing emails or messages that were sent to the Trump organization.

00:37:07.920 –> 00:37:11.480
So I think it’s interesting the government stepping in now and kind of saying, we have

00:37:11.480 –> 00:37:14.100
a problem with people deleting this stuff.

00:37:14.100 –> 00:37:17.680
Not only on the trial side, but internally let’s try to take care of this.

00:37:17.680 –> 00:37:20.720
But I guess what I don’t understand is why these companies, and probably because they

00:37:20.720 –> 00:37:26.180
don’t want this stuff to get out, why these companies don’t put holds on this stuff, litigation

00:37:26.180 –> 00:37:27.180

00:37:27.180 –> 00:37:28.600
That’s such a common thing in this day and age.

00:37:28.600 –> 00:37:30.540
Like I said, it’s probably because they don’t want people to see it.

00:37:30.540 –> 00:37:35.080
But like I said, I know for a fact Google has been caught doing it.

00:37:35.080 –> 00:37:39.420
I know, I think Microsoft got caught possibly doing this during discovery back in the day

00:37:39.420 –> 00:37:42.080
when they were facing issues.

00:37:42.080 –> 00:37:45.340
I know for a fact that they’ve had issues in the government with people deleting stuff

00:37:45.340 –> 00:37:46.340
they shouldn’t.

00:37:46.340 –> 00:37:50.980
So like I said, they can say it, but now will people do it?

00:37:50.980 –> 00:37:53.040
That will kind of remain to be seen.

00:37:53.040 –> 00:37:59.460
I know people like Warren Buffett and some of your bigger companies out in Silicon Valley,

00:37:59.460 –> 00:38:06.600
like investors and stuff, will purposely say, “Don’t send me an email unless it’s something

00:38:06.600 –> 00:38:09.760
that’s not going to be held against us,” or, “Don’t send me an email.”

00:38:09.760 –> 00:38:13.180
I know Warren Buffett doesn’t send an email at all just so it can’t be used against him.

00:38:13.180 –> 00:38:18.380
I know specifically some of the early investors like in Oracle and stuff, they actually say

00:38:18.380 –> 00:38:21.740
they don’t have email because they’ve been sued so many times they don’t bother with

00:38:21.740 –> 00:38:22.740

00:38:22.740 –> 00:38:27.340
They just want handwritten stuff or just come and tell them so there’s no evidence of it.

00:38:27.340 –> 00:38:31.540
It’s kind of crazy what these companies do, but it’s kind of nuts.

00:38:31.540 –> 00:38:35.180
One of the things I wanted to bring up, talking about having a rough day, when I spread this,

00:38:35.180 –> 00:38:37.420
I was like, “Oh, I hate to be this guy.”

00:38:37.420 –> 00:38:46.960
But apparently somebody had left their employee authentication token sitting in a GitHub repository

00:38:46.960 –> 00:38:54.200
that had access to a Mercedes GitHub Enterprise server, which is hosted internally, which

00:38:54.200 –> 00:39:02.760
has access to all their source code and accidentally exposed, like I said, all their internal code

00:39:02.760 –> 00:39:08.540
data, but like I said to everybody in the world, unrestricted access.

00:39:08.540 –> 00:39:14.080
And they’re investigating this, but apparently the key was there for more than 90 days before

00:39:14.080 –> 00:39:16.200
it was discovered.

00:39:16.200 –> 00:39:22.080
And like I said, they’re going through, they don’t know exactly what they got yet.

00:39:22.080 –> 00:39:27.200
They’re doing an audit now, but apparently the token gave unrestricted, unmonitored access

00:39:27.200 –> 00:39:32.300
to the entire source code for Mercedes.

00:39:32.300 –> 00:39:36.840
Like I said, I would not want to be that guy.

00:39:36.840 –> 00:39:41.520
Apparently somebody sent this to me, it’s actually on TechCrunch, but I was like, “Oh,

00:39:41.520 –> 00:39:45.280
I felt really bad for that poor security admin now.

00:39:45.280 –> 00:39:50.120
I’m sure he’s got a lot of cleanup to do and a heck of a lot of work ahead of him.”

00:39:50.120 –> 00:39:53.920
Just all their source code, that’s just, oh, that’s brutal.

00:39:53.920 –> 00:39:58.460
We remember when some of Microsoft’s source code got out, luckily it was for older stuff,

00:39:58.460 –> 00:40:02.160
but that’s one thing you don’t want is your source code to get out.

00:40:02.160 –> 00:40:08.440
So yeah, that was something I saw on the news and I was like, “Oh, ouch.”

00:40:08.440 –> 00:40:11.440
So I thought that was interesting.

00:40:11.440 –> 00:40:16.720
One thing I do want to point out, like I said, I did have some listener feedback.

00:40:16.720 –> 00:40:19.280
I have a couple more news stories I want to get to, but I do want to read this.

00:40:19.280 –> 00:40:21.160
Somebody had brought this up to me.

00:40:21.160 –> 00:40:26.960
Somebody had asked me, I think it’s a younger listener.

00:40:26.960 –> 00:40:28.360
I don’t want to read his whole email.

00:40:28.360 –> 00:40:31.880
Anyway, it’s a younger kid that wants to get into programming and he asked what language

00:40:31.880 –> 00:40:32.880
should he learn.

00:40:32.880 –> 00:40:38.680
You know, it really depends on what you want to do is the advice I would actually give

00:40:38.680 –> 00:40:39.680

00:40:39.680 –> 00:40:43.280
I know myself, I use Python a lot.

00:40:43.280 –> 00:40:45.720
I use JavaScript a lot.

00:40:45.720 –> 00:40:51.240
I use HTML every day almost for different stuff we’re doing or just for coding projects

00:40:51.240 –> 00:40:52.240
I’m doing.

00:40:52.240 –> 00:40:54.760
PHP I use quite a bit.

00:40:54.760 –> 00:40:56.040
It really depends on what you’re going to be doing.

00:40:56.040 –> 00:41:02.120
I mess around a lot of code stuff, like web code stuff and a lot of data stuff.

00:41:02.120 –> 00:41:07.440
I know if you’re going to be a database admin, I would recommend learning SQL.

00:41:07.440 –> 00:41:08.680
There’s so many different things.

00:41:08.680 –> 00:41:12.120
It really depends on the project you want to do or what you want to do, depending on

00:41:12.120 –> 00:41:13.600
what language you learn.

00:41:13.600 –> 00:41:20.520
I know myself, I started out with Visual Basic because I was writing Windows stuff.

00:41:20.520 –> 00:41:24.080
Then I know I went to C# and then, like I said, I started doing a lot more security

00:41:24.080 –> 00:41:27.160
projects so I started using Python for a lot of things just because it’s what I like to

00:41:27.160 –> 00:41:28.160

00:41:28.160 –> 00:41:33.800
It’s loosely written and I just like how it’s got so much support in the community.

00:41:33.800 –> 00:41:39.320
And then I know some people, you know, who use C# for everything for what they do.

00:41:39.320 –> 00:41:42.800
I know guys that just do database stuff that just knows SQL.

00:41:42.800 –> 00:41:44.840
It really depends on what you want to do.

00:41:44.840 –> 00:41:46.960
It really depends on what language you should learn.

00:41:46.960 –> 00:41:50.440
It’s just like with any language, if you think you’re going to French, you probably should

00:41:50.440 –> 00:41:51.920
learn French.

00:41:51.920 –> 00:41:55.480
If you think you’re going to Germany, you should learn German.

00:41:55.480 –> 00:41:58.240
It just really comes down to what you want to do.

00:41:58.240 –> 00:41:59.760
The question is unfortunately a little bit broad.

00:41:59.760 –> 00:42:01.800
I wish you would give me more of what you’re trying to do.

00:42:01.800 –> 00:42:05.160
But like I said, I would say it depends on what you’re trying to do.

00:42:05.160 –> 00:42:07.360
It depends on what language you want to learn.

00:42:07.360 –> 00:42:09.720
I did email him back and ask him what he was doing.

00:42:09.720 –> 00:42:11.400
He didn’t get back to me yet.

00:42:11.400 –> 00:42:18.200
But like I said, that would be my, that would be really my, what I would suggest.

00:42:18.200 –> 00:42:23.080
Somebody else too that listened to the show last week pointed up, they had said, I’m not

00:42:23.080 –> 00:42:24.420
comfortable with GitHub.

00:42:24.420 –> 00:42:25.720
Where else can I host my code?

00:42:25.720 –> 00:42:28.880
You had spoken about Mantis.

00:42:28.880 –> 00:42:34.600
Mantis really isn’t a code repository as it is more of a, more of like a code, more like

00:42:34.600 –> 00:42:38.200
use it for your problems and your, your bugs and stuff like that.

00:42:38.200 –> 00:42:39.200
You can use JITLab.

00:42:39.200 –> 00:42:40.200
JITLab is free.

00:42:40.200 –> 00:42:41.200
It’s open source.

00:42:41.200 –> 00:42:42.200
You can host your own JITLab.

00:42:42.200 –> 00:42:46.120
I mean, you can host it on a little Mac mini or a little, even, I mean, if you want to

00:42:46.120 –> 00:42:48.800
host a little pie with, and you can do whatever.

00:42:48.800 –> 00:42:52.080
I mean, it’s just, it’s so easy and versatile if you’re not comfortable on JITLab.

00:42:52.080 –> 00:42:53.960
I personally use JITLab.

00:42:53.960 –> 00:42:55.720
I know a lot of people that don’t.

00:42:55.720 –> 00:42:59.720
I know specifically a couple friends of mine that do have software that they use to make

00:42:59.720 –> 00:43:03.240
money, refuse to host it on JITLab because they’re so worried that even though it’s a

00:43:03.240 –> 00:43:08.000
private repository, Microsoft might look at it and build it into windows.

00:43:08.000 –> 00:43:10.960
You know, when it’s your livelihood, if you’re not comfortable with it, I mean, all my stuff

00:43:10.960 –> 00:43:11.960
is open source.

00:43:11.960 –> 00:43:15.960
I don’t care if anybody takes it, but if it’s your livelihood, you know, you can host it

00:43:15.960 –> 00:43:16.960
on JITLab locally.

00:43:16.960 –> 00:43:22.560
I mean, you can even host it on, I mean, if it’s really like something you just, you know,

00:43:22.560 –> 00:43:27.560
you can even host it on any real local storage, a NAS in your house.

00:43:27.560 –> 00:43:32.600
I mean, it’s not something, you don’t necessarily need a repository for everything, but it depends

00:43:32.600 –> 00:43:33.600
on what you’re doing.

00:43:33.600 –> 00:43:37.080
But yeah, like I said, I would say, like I said, everything I do is really open source.

00:43:37.080 –> 00:43:40.840
I really could care less if somebody gets it, but if it’s your livelihood, I mean, you

00:43:40.840 –> 00:43:43.540
can host your own JITLab server on your own server internally.

00:43:43.540 –> 00:43:49.080
You can host it, like I said, on a NAS locally or whatever like that.

00:43:49.080 –> 00:43:51.420
I mean, there’s a lot of stuff you can do to keep your code safe.

00:43:51.420 –> 00:43:57.140
I probably would be a little bit more worried about it if my stuff wasn’t open source.

00:43:57.140 –> 00:44:00.560
So I wanted to point that out.

00:44:00.560 –> 00:44:04.200
Something else somebody wanted me to point it out to me, and I knew about it, but I should

00:44:04.200 –> 00:44:06.560
have mentioned it on the show.

00:44:06.560 –> 00:44:10.320
Somebody had mentioned to me, talking about outages, you really should let everybody know

00:44:10.320 –> 00:44:11.320
about the down detector.

00:44:11.320 –> 00:44:14.760
There’s a lot of sites like that now, but yeah, down detector will actually tell you

00:44:14.760 –> 00:44:17.000
if something is actually down.

00:44:17.000 –> 00:44:21.260
Because sometimes these companies don’t always know they’re down or necessarily don’t get

00:44:21.260 –> 00:44:27.060
the information up on their support sites and stuff to let you know they’re having an

00:44:27.060 –> 00:44:28.780
outage or open their Twitter.

00:44:28.780 –> 00:44:33.960
So sometimes the only way to know if it’s right in the middle of something before the

00:44:33.960 –> 00:44:39.220
company knows or before it’s announced is if you go to the down detector, you’ll always

00:44:39.220 –> 00:44:48.580
see on the front page, “Hey, why is,” just for example, “Why is YouTube got all these

00:44:48.580 –> 00:44:49.820
people complaining about YouTube?

00:44:49.820 –> 00:44:51.360
Why are all these people complaining about Google?

00:44:51.360 –> 00:44:55.560
Why are all these people complaining about Teams or Word Online?”

00:44:55.560 –> 00:44:59.720
So it is a really useful tool, especially, like I said, if you think you’re having an

00:44:59.720 –> 00:45:06.560
issue and you don’t know if it’s you or if it’s the company.

00:45:06.560 –> 00:45:11.460
Like I said, I’ve done it at down to domain times because I’ve had customers saying, “Hey,

00:45:11.460 –> 00:45:13.800
our Google Meet isn’t working.”

00:45:13.800 –> 00:45:15.320
And well, Google doesn’t have anything on their site.

00:45:15.320 –> 00:45:18.720
Then I go to a down detector and it’s like, “Oh, wow, look at all those people saying

00:45:18.720 –> 00:45:21.160
they’re having trouble with Google,” or, “Hey, look at all those people saying they’re having

00:45:21.160 –> 00:45:22.160
trouble with Facebook.”

00:45:22.160 –> 00:45:29.280
Or I’ve actually been in situations like that and they have everybody on their Slack, Teams.

00:45:29.280 –> 00:45:33.660
They have all their, I bet you they have probably almost every service you can find on the down

00:45:33.660 –> 00:45:34.660

00:45:34.660 –> 00:45:38.260
Somebody emailed that to me to bring that up and it really was something good that I

00:45:38.260 –> 00:45:41.840
really think if you don’t know about it, now you do kind of.

00:45:41.840 –> 00:45:43.820
But like I said, it’s a down detector.

00:45:43.820 –> 00:45:49.660
That’s actually a really great site and I really recommend going there if you are having

00:45:49.660 –> 00:45:53.440
an issue and you’re not really sure about, like I said, what’s going on.

00:45:53.440 –> 00:45:56.360
So like I said, go ahead and check that out.

00:45:56.360 –> 00:45:59.960
Something else too I did want to bring up, talking about nation state hacking, I forgot

00:45:59.960 –> 00:46:01.840
about this, it was at the bottom of my notes.

00:46:01.840 –> 00:46:07.280
Cloudflare announced that they had a nation state hacker attack that accessed their source

00:46:07.280 –> 00:46:08.280

00:46:08.280 –> 00:46:10.840
A lot of people are going to, a couple of people are asking why do people want source

00:46:10.840 –> 00:46:13.380
code so bad because if you get the source code, you can kind of find where the holes

00:46:13.380 –> 00:46:14.960
and the bugs are.

00:46:14.960 –> 00:46:18.880
But they actually had said, there are another one, Cloudflare, a lot of people use them

00:46:18.880 –> 00:46:20.480
to host their sites.

00:46:20.480 –> 00:46:25.040
They announced that they had a nation state hack and that they didn’t really announce

00:46:25.040 –> 00:46:26.800
who the nation state was on this article.

00:46:26.800 –> 00:46:33.080
But I guess I’m not really sure what it was, but like I said, they announced that they

00:46:33.080 –> 00:46:34.640
had somebody come in and steal source code.

00:46:34.640 –> 00:46:38.880
If you host on Cloudflare, go ahead and I think they did release an email to everybody,

00:46:38.880 –> 00:46:39.920
so go ahead and check that out.

00:46:39.920 –> 00:46:42.040
But yeah, they announced that.

00:46:42.040 –> 00:46:47.880
The other thing that was interesting that I did want to bring up to all of you, the

00:46:47.880 –> 00:46:53.820
NSA admits to secretly buying your internal browsing data without warrants.

00:46:53.820 –> 00:46:56.920
That was something that was in the news this week.

00:46:56.920 –> 00:47:02.260
The NSA admits that they’ve been buying data from data brokers and stuff.

00:47:02.260 –> 00:47:05.080
We kind of talked about this a little bit last week, but now they’re talking about how

00:47:05.080 –> 00:47:09.760
the NSA, they admitted to doing it as well as other companies that admitted to doing

00:47:09.760 –> 00:47:10.760

00:47:10.760 –> 00:47:17.640
But apparently now the NSA, after again, the FTC prohibited it and said that, no, you can’t

00:47:17.640 –> 00:47:22.840
do that to companies like in market media and some of the who have been selling data

00:47:22.840 –> 00:47:24.300
to companies without some of that.

00:47:24.300 –> 00:47:29.060
Now the NSA is saying, hey, we’ve done it too along with these other organizations.

00:47:29.060 –> 00:47:34.240
So it’s not really news, but kind of more of an update to that story.

00:47:34.240 –> 00:47:38.940
And then on one story I wanted to bring up too as well, I found this late in the day

00:47:38.940 –> 00:47:43.320
the other day, but I wanted to bring this up because we were talking about ransomware

00:47:43.320 –> 00:47:47.580
and how they have things now, Albert sensors and stuff that they’re trying to help these

00:47:47.580 –> 00:47:49.260
organizations with.

00:47:49.260 –> 00:47:55.260
But Kansas city area transportation announced that they were hit with a ransomware attack

00:47:55.260 –> 00:47:56.860
on Tuesday, January 23rd.

00:47:56.860 –> 00:48:03.180
And that was the reason why pretty much all the transportation systems were down.

00:48:03.180 –> 00:48:12.140
There are 70 buses, they have 70 buses, six Metro fleets, 300 buses.

00:48:12.140 –> 00:48:16.320
They reported 10.5 million people use their transportation services and were unable to

00:48:16.320 –> 00:48:21.860
on Wednesday, uh, due to a ransomware attack that impacted all the communications for the

00:48:21.860 –> 00:48:25.300
entire Kansas city transit.

00:48:25.300 –> 00:48:30.480
So again, when I say the Albert sensor and stuff like that, um, you know, it is really

00:48:30.480 –> 00:48:31.480

00:48:31.480 –> 00:48:39.220
Uh, the other thing that they were saying is the, um, these companies, ransomware attackers,

00:48:39.220 –> 00:48:43.900
um, apparently they’re, they actually, this is what I thought was interesting about this.

00:48:43.900 –> 00:48:48.980
They actually said they wanted $2 million if they paid within so many days and a hundred

00:48:48.980 –> 00:48:52.640
thousand a day after they met that if they didn’t meet the deadline.

00:48:52.640 –> 00:48:56.040
So then not only it’s like, it’s like, okay, so you get to pay us this, but if you don’t

00:48:56.040 –> 00:48:58.920
meet the deadline, we’re going to keep up in the price.

00:48:58.920 –> 00:49:03.160
So, um, I thought that was not interesting, but it kind of made me laugh a little bit.

00:49:03.160 –> 00:49:08.360
So, uh, like I said, again, this, these, these ransomware attacks are a big issue and a big

00:49:08.360 –> 00:49:09.360
money grab.

00:49:09.360 –> 00:49:13.820
And, um, like I said, they’re, they’re trying to do a lot to protect against them, but,

00:49:13.820 –> 00:49:17.380
uh, unfortunately you can only, you know, these, a lot of these, these, especially government

00:49:17.380 –> 00:49:18.720
and stuff only do so much.

00:49:18.720 –> 00:49:22.540
So it’s kind of good that they’re, you know, working against them, trying to anyway, but

00:49:22.540 –> 00:49:23.540
uh, it’s tough.

00:49:23.540 –> 00:49:26.820
Well, again, folks, I want to thank everybody for listening.

00:49:26.820 –> 00:49:33.940
I do want to say, uh, any more listener feedback, please go ahead and email me at

00:49:33.940 –> 00:49:35.820
It will be down in the show notes below.

00:49:35.820 –> 00:49:39.680
Uh, if you have anything you want to tell me, any comments, questioning like that.

00:49:39.680 –> 00:49:43.240
Um, and I will, like I said, get back to you on the next show.

00:49:43.240 –> 00:49:47.280
I want to thank everybody for listening and we will see you on the next episode.

00:49:47.280 –> 00:49:48.120
Thank you very much.

00:49:48.120 –> 00:49:50.400
(upbeat music)

00:49:50.400 –> 00:49:50.900

Using Globaleaks To Protect Sources

Many times, Sources (whistleblowers) need to send information anonymously to reports or journalists. Using email or putting files on cloud storage is not safe or secure if you want a free, safe, secure, and anonymous way to allow sources to share information I suggest Globaleaks.

Globaleaks is a free open-source platform that allows sources to anonymously send information and data to reporters. Globaleaks is easy and simple to set up and anyone regardless of technical savvy can do it easily. Globaleaks has great instructions and a simple template that can be done with little or no effort on Docker.

After the installation, I examined the security of this system and was very impressed. To start with when the source or whistleblower submits an incident only the user with the recipient roll can read it. Globaleaks has three roles defined Whistleblower, Recipient, and Administrator.

From Globaleaks Documentation:
“Recipient – The user receiving anonymous reports submitted by Whistleblowers and responsible for their analysis. Recipients act reasonably in good faith and have to be considered in all scenarios described as trusted parties with reference to the protection of Whistleblowers’ and the confidentiality of the information by them communicated.”

I figured as Administrator of the system and the server I would have access but Globaleaks really thought this through. Not even the admin account has access to the encrypted data submitted by the source.

After going through Globaleak’s very well-done documentation I found this:

“Administrator – The users supporting the setup, management and monitoring the security of the platform. Administrator may not represent the same entity running, promoting and managing the whistleblowing initiatives (e.g., hosted solutions, multiple stakeholders projects, etc). The Administrator has to be considered in all scenarios described as a trusted entity. They do not have direct access to reports and they are responsible for advising Recipients on the best practices to be adopted in their work.”

Despite being the admin, you don’t have access to the data. I decided to check even deeper. I went on to the test server I made as admin and examined Globaleaks and all the documents submitted and the databases were encrypted. Even at the server level, the admin does not have access to the data.

The database stores users’ passwords hashed with a random 128-bit salt, unique for each user and hashed using Argon2. This key derivation function was selected as the winner of the Password Hashing Competition in July 2015. The hash involves a per-user salt for each user and a per-system salt for whistleblowers. The system forces users to change their password at their first login and pushes to use 2FA for recipients and admin users.

I then started wondering about the logs I should be able to see what IP address the source used to connect to the server. When I checked the logs, I found something interesting. While the logs are on the server for diagnostics all IP addresses and login information times were all nulled out for additional security of the source. Even metadata is nulled for additional protection.

One thing I did notice during the setup of Globaleaks you can set up the system to work on the regular web which Globaleaks does not recommend even using a VPN. They recommend making the server a .onion domain. A .onion domain is the address of a website that can only be accessed through the Tor anonymity browser. Regular browsers won’t be able to navigate the relay of proxy servers that will take users to this type of website.

Globaleaks recommends accessing the platform via the Tor Browser to allow the best practices for protecting source identity and reducing the possibility that a system involved in the operation has tracked their activities and their IP address.

Reading through documentation Globaleaks software is in adherence with the OWASP Security Guidelines. GlobaLeaks tries to get a security audit done every 2 years and does participate in HackerOne bug bounty.

I found this platform to be very secure and well done through my research and I would recommend it to any company that needs a platform for sources or whistleblowers.

Apple iPhone Had Backdoor

We start the show off with a bunch of Apple news talking about them having a backdoor in their phones for the last four years or more. Apple adds a new feature in iOS 17.3 called Stolen Device Protection and in iOS 17.4 Apple will allow side loading. Microsoft CoPilot and Outlook email are possibly tracking you and we get into .onion domain.

We Talk New of The Week

  • Chrome Updates Incognito Warning
  • Data Breach of 1M Cancer Center Patients
  • HP Does Not Want Third Party Ink Used
  • MavenGate Attack
  • Microsoft Teams Outage
  • Plus Much More.

The Security Assessment Podcast is Brought To You By Lipani Security LLC.

Send Questions To –

Full Show Transcript

Apple iPhone Had Backdoor (Transcript)

00:00:00.000 –> 00:00:04.800
All right folks you have the download button on security assessment podcast

00:00:04.800 –> 00:00:09.800
brought to you by our company Lopani security if you’re interested go to the

00:00:09.800 –> 00:00:14.240
link in the show notes below and check out all of our services software that we

00:00:14.240 –> 00:00:19.680
offer as well as our blogs about security in all our past podcast

00:00:19.680 –> 00:00:25.360
episodes I want to thank you all for listening and let the show begin

00:00:25.360 –> 00:00:39.160
all right and welcome to another great edition of our podcast a security

00:00:39.160 –> 00:00:47.000
assessment podcast hosted by yours truly Brandon so folks a bunch of things to

00:00:47.000 –> 00:00:52.120
talk about this week I hope I get to the news but I have a bunch of other stuff I

00:00:52.120 –> 00:00:57.480
want to go ahead and talk about this week because a lot of a lot of things

00:00:57.480 –> 00:01:05.520
came out and I just want to go over everything with you so first and foremost

00:01:05.520 –> 00:01:12.240
Apple a lot of news coming out of there first of all the vision pro as that was

00:01:12.240 –> 00:01:16.240
released this past week and Apple so far I said they sold a hundred and

00:01:16.240 –> 00:01:22.200
eighteen thousand units now I know this isn’t security related but I’m gonna kind

00:01:22.200 –> 00:01:27.560
of bring this full circle so if you guys remember over the years Apple’s policies

00:01:27.560 –> 00:01:32.560
with their app store and all that kind of stuff have been very much based on

00:01:32.560 –> 00:01:37.320
security so in other words we have to you know take a third of this because it

00:01:37.320 –> 00:01:42.240
caused us to run you know the app store it costs us to do this that well

00:01:42.240 –> 00:01:46.840
apparently now a lot of these companies that they have really messed with

00:01:46.840 –> 00:01:55.680
Netflix Spotify Google are coming back now and kind of striking back at Apple a

00:01:55.680 –> 00:01:59.360
little bit they are actually a lot of these companies are saying well yeah

00:01:59.360 –> 00:02:04.440
we’re not making an app for the vision Pro sorry Apple so there’s no Spotify

00:02:04.440 –> 00:02:09.040
support no Netflix support no YouTube support on it there’s quite a few things

00:02:09.040 –> 00:02:11.520
that are not going to be available in the vision brokers people are not making

00:02:11.520 –> 00:02:17.160
apps if the thing really takes off I’d imagine that they probably woke they

00:02:17.160 –> 00:02:21.520
don’t want to mix out on that part of the market but apparently a lot of these

00:02:21.520 –> 00:02:25.860
companies are a little upset with Apple’s tough tactics and what they

00:02:25.860 –> 00:02:30.160
think they’ve done to them over the years and stuff and they are not going

00:02:30.160 –> 00:02:33.800
to take it and they’re gonna hit Apple where it hurts and that’s app support

00:02:33.800 –> 00:02:38.120
for the vision Pro so while Apple has always done it on the gaze you know guys

00:02:38.120 –> 00:02:43.120
of security apparently now coming back to kind of bite them a little bit so

00:02:43.120 –> 00:02:49.520
that was in the news with the vision Pro do I think all of that over the years is

00:02:49.520 –> 00:02:54.840
all for security I don’t necessarily think at all I think was to help Apple’s

00:02:54.840 –> 00:03:02.240
business but I do think that now this visa may either way I like I said it’s

00:03:02.240 –> 00:03:06.080
going to you know it’s gonna be a thing for them now and going forward they’re

00:03:06.080 –> 00:03:10.840
gonna have I think a tough time with this app support I know Microsoft apps

00:03:10.840 –> 00:03:15.280
and stuff are on it but apparently a lot of the other entertainment apps that

00:03:15.280 –> 00:03:21.400
people are gonna want are not on it so 17 an app update did come out before the

00:03:21.400 –> 00:03:25.920
iPhone will begin to patch a vulnerability but also Apple added

00:03:25.920 –> 00:03:30.200
something called stolen device protection for the iPhone and what this

00:03:30.200 –> 00:03:33.920
actually is stolen device protection adds a layer of security to your phone

00:03:33.920 –> 00:03:38.200
that basically like if you’re trying to use it when you’re at home or work

00:03:38.200 –> 00:03:42.760
places it recognizes it will actually help protect your account and and so no

00:03:42.760 –> 00:03:46.840
words when if your device you know like if your devices phones it’s stolen it’s

00:03:46.840 –> 00:03:49.440
gonna be someplace where you’re not normally so what this will say is hey

00:03:49.440 –> 00:03:54.400
this isn’t you know this device really has never been here before why are you

00:03:54.400 –> 00:03:58.360
trying to change your password right now and then it’s gonna obviously force you

00:03:58.360 –> 00:04:04.640
to do face face ID biometrics as well as part of it because in case somebody’s

00:04:04.640 –> 00:04:09.960
shoulder surfing and you know you know they just catch catch your code like I

00:04:09.960 –> 00:04:13.040
said if they open it and then also to the so in order if you want to change

00:04:13.040 –> 00:04:15.640
your password it’s actually be your code anymore if you’re in a weird place

00:04:15.640 –> 00:04:20.240
you’re going to have to actually scan your face and put in the code so more of

00:04:20.240 –> 00:04:24.280
a two-factor kind of thing I think I think it’s gonna be really lovely I said

00:04:24.280 –> 00:04:26.960
well this could make you know changing your password a little more of a pain

00:04:26.960 –> 00:04:32.400
the way it sounds you can read through Apple support document the way it sounds

00:04:32.400 –> 00:04:35.720
is it’s only going to be an issue if you’re going someplace you’re normally

00:04:35.720 –> 00:04:39.200
not and you’re and you’re trying to change your password so it looks like

00:04:39.200 –> 00:04:41.920
Apple’s being really intelligent about that now like I said it’s gonna really

00:04:41.920 –> 00:04:45.840
be more of a thing where okay I’m out and about you know I’m at a place I’ve

00:04:45.840 –> 00:04:49.400
never been before I went to change my password and now it’s gonna make me scan

00:04:49.400 –> 00:04:53.600
my face put in my passcode and it’s gonna make me wait you know so it’s one

00:04:53.600 –> 00:04:56.840
of those things it looks like I think it’s a good idea definitely not gonna

00:04:56.840 –> 00:04:59.960
hurt I think it’s gonna be much more of an issue if you’re hook oh someplace

00:04:59.960 –> 00:05:02.320
you’ve never been before it’s gonna be like your credit card if you try to use

00:05:02.320 –> 00:05:05.720
your credit card someplace you’ve never been before you know it’s gonna make it

00:05:05.720 –> 00:05:11.160
a little more difficult so I’m all for it I think that’s a good thing also to

00:05:11.160 –> 00:05:17.320
Apple they actually the beta now is out for 17 for which is gonna be the next

00:05:17.320 –> 00:05:23.960
update which is coming in March and apparently now Apple in in the EU very

00:05:23.960 –> 00:05:31.040
key part here in the EU they are going to allow side loading of apps and in

00:05:31.040 –> 00:05:35.840
loading things outside of the App Store but however there’s gonna be the saying

00:05:35.840 –> 00:05:39.940
a fee for it or a charge for it or something like that Apple hasn’t said

00:05:39.940 –> 00:05:44.560
what yet this is all speculation because if you can do see in the code that there

00:05:44.560 –> 00:05:50.840
is actually slide loading that’s going to be available but like I said it’s

00:05:50.840 –> 00:05:54.960
going to be an issue because you’re gonna have to pay for it I think I think

00:05:54.960 –> 00:05:58.600
Apple’s gonna use it as a is hey you want this great you got to pay for it

00:05:58.600 –> 00:06:02.600
now so that was something that a lot of people is talking about too on the

00:06:02.600 –> 00:06:07.720
iPhone which is okay so Apple is going to allow side loading now in Europe and

00:06:07.720 –> 00:06:12.520
please it’s not in America yet just point that out in Europe but in order to

00:06:12.520 –> 00:06:16.920
do this you got to pay a fee now somebody had said what if I use a VPN I

00:06:16.920 –> 00:06:19.960
don’t think that’s gonna work because I think the Apple knows where the phones

00:06:19.960 –> 00:06:23.880
purchased if it’s purchased over in Europe or purchased here so even if you

00:06:23.880 –> 00:06:27.840
use a VPN that’s not gonna make a difference they’re still gonna know

00:06:27.840 –> 00:06:32.320
where the phone was bought so even if you would use a VPN now if you bought a

00:06:32.320 –> 00:06:38.700
phone overseas and brought it here I think it would be okay so I’m wondering

00:06:38.700 –> 00:06:42.520
now if people that want to side load apps are gonna buy apps overseas and how

00:06:42.520 –> 00:06:46.480
Apple’s gonna regulate this is this could start to be a pretty big thing for

00:06:46.480 –> 00:06:51.400
Apple and then – if people figure if they are going to allow side loading how

00:06:51.400 –> 00:06:54.960
are they going to control it and if there is a way to do it can people over

00:06:54.960 –> 00:06:59.000
here so people here make start cracking their iPhones and doing it so I’m

00:06:59.000 –> 00:07:03.520
curious to see what this is gonna once you start opening that little box there’s

00:07:03.520 –> 00:07:06.200
no way to go back now Android has been able to people to andrew’s been able to

00:07:06.200 –> 00:07:11.400
do this for since the beginning of it because androids open source but I’m

00:07:11.400 –> 00:07:18.360
very curious to see how this is going to play out over the next you know as it

00:07:18.360 –> 00:07:23.480
starts happening because Apple is doing this to comply with EU regulations which

00:07:23.480 –> 00:07:26.640
I mean I understand them allow you I mean it’s your phone you bought it it’s

00:07:26.640 –> 00:07:33.440
not like Apple owns it but I’m very curious to see what is what how this is

00:07:33.440 –> 00:07:36.400
gonna play out and how people are gonna make it work over here in America you

00:07:36.400 –> 00:07:41.100
know people over here in America and I figure it out so well that remains to be

00:07:41.100 –> 00:07:44.680
seen but it looks like Apple is going to start allowing sideloading but it is

00:07:44.680 –> 00:07:47.960
going to cost it’s not going to be free there may be a monthly subscription to

00:07:47.960 –> 00:07:53.400
do it Apple’s gonna I’m sure figure out a way to have control over it so we will

00:07:53.400 –> 00:08:00.720
have to wait and see with that also – some other interesting things that have

00:08:00.720 –> 00:08:05.360
come out of Apple this week that I found this was actually a couple like this is

00:08:05.360 –> 00:08:09.180
a couple weeks ago but I wanted to wait and see to talk about it so apparently

00:08:09.180 –> 00:08:15.640
Apple hasn’t now Apple has somebody had discovered a back door in iOS where

00:08:15.640 –> 00:08:21.180
Apple can get into your phone Oh Apple’s kept it a very tight-knit secret not

00:08:21.180 –> 00:08:24.600
many people have ever been able to nobody’s been able to they say they

00:08:24.600 –> 00:08:29.560
don’t know if you like to explain it or not only Apple’s able to do it but the

00:08:29.560 –> 00:08:34.920
reason why I’m bringing this up is because this really is going to set a

00:08:34.920 –> 00:08:38.960
precedent now be now that people know this exploit is out there and not really

00:08:38.960 –> 00:08:42.860
an exploit it’s something Apple can do but if you remember a couple years ago

00:08:42.860 –> 00:08:49.640
Apple was trying to get there FBI was trying to get Apple to unlock an iPhone

00:08:49.640 –> 00:08:53.740
of somebody that they thought something you know whatever they wanted to get into

00:08:53.740 –> 00:08:58.120
this person’s phone and remember Apple says once the phone is locked we can’t

00:08:58.120 –> 00:09:02.620
we can’t unlock well apparently Apple can so they kind of lied to the

00:09:02.620 –> 00:09:06.880
government saying that no we can’t get into that device when they actually can

00:09:06.880 –> 00:09:11.440
now the fact that people know what the exploit is nobody they’re saying that

00:09:11.440 –> 00:09:14.520
they don’t believe it’s being exploited because only Apple knows about it it’s

00:09:14.520 –> 00:09:21.080
been very kept very very tight but my issue with this though is is if Apple

00:09:21.080 –> 00:09:24.920
knows about it one have they used it which they have said they haven’t but we

00:09:24.920 –> 00:09:29.560
don’t know about that and then two now that it’s out there Apple’s you know

00:09:29.560 –> 00:09:33.840
gonna I’m sure Apple’s gonna patch it now but even if you patch it you can’t

00:09:33.840 –> 00:09:37.440
what’s to say somebody figures out a way to unpack it by putting an old version

00:09:37.440 –> 00:09:42.880
of iOS on a phone or something like that so this is gonna make things a lot a lot

00:09:42.880 –> 00:09:47.120
so our security goes I think it really hurts Apple tremendously now because the

00:09:47.120 –> 00:09:52.400
fact is it was there you could get in not I mean Apple I think on whatever but

00:09:52.400 –> 00:09:58.920
now that it’s there I’m sure these the state-sponsored company you know FBI

00:09:58.920 –> 00:10:02.600
are gonna try to find how to get into it how to use it so they can get in after

00:10:02.600 –> 00:10:06.160
Apple told them they couldn’t so I imagine Apple is gonna probably get some

00:10:06.160 –> 00:10:09.200
crap for lying to government which whatever that doesn’t really I don’t

00:10:09.200 –> 00:10:12.520
really care about that but I’m curious now what they are going to do and how

00:10:12.520 –> 00:10:16.600
they are gonna try to exploit this especially on phones that they want if

00:10:16.600 –> 00:10:21.380
you remember during that whole thing where Apple were refusing to unlock the

00:10:21.380 –> 00:10:27.660
iPhone I remember distinctly Apple was going to so when you back your phone up

00:10:27.660 –> 00:10:35.160
to the cloud to iCloud that that backup is not encrypted all the iPhone if you

00:10:35.160 –> 00:10:38.680
back up your phone to that cloud it’s not encrypted Apple was going to have a

00:10:38.680 –> 00:10:42.820
feature on the phone where you can swipe and say hey I want my all my backups to

00:10:42.820 –> 00:10:49.360
my iCloud encrypted the Apple actually took him had to kind of be nice to the

00:10:49.360 –> 00:10:53.060
FBI said listen we’re not going to give people the ability to encrypt their

00:10:53.060 –> 00:10:58.960
backups in the cloud now if you plug your phone into a computer and I – I

00:10:58.960 –> 00:11:03.380
called iTunes with something iTunes open up iTunes and hit you know make backup

00:11:03.380 –> 00:11:06.560
and notice did you want to encrypt backup yes it will encrypt it on your

00:11:06.560 –> 00:11:12.480
computer but the iCloud backup that’s saved up to iCloud is not encrypted and

00:11:12.480 –> 00:11:16.960
they say the reason why Apple does this is to help the FBI out because if they

00:11:16.960 –> 00:11:20.420
can at least get into some his iCloud account they can at least get an

00:11:20.420 –> 00:11:24.680
unencrypted backup of the phone and you know at least that way they you know it

00:11:24.680 –> 00:11:27.500
was basically like Apple saying hey we’re gonna play nice so at least if you

00:11:27.500 –> 00:11:31.940
hacked the person’s iCloud you know bag up you can get a copy of the it was kind

00:11:31.940 –> 00:11:36.920
of like because I guess the I guess they said the FBI and some of that actually

00:11:36.920 –> 00:11:42.120
do use iCloud iCloud backups of that to get to phones and stuff or people of

00:11:42.120 –> 00:11:45.560
interest and things like that so I guess it was Apple’s way of saying okay well

00:11:45.560 –> 00:11:49.080
we’re going to go ahead and at least we’re not gonna crack this device for

00:11:49.080 –> 00:11:52.980
you but there is a way of you getting a copy of the phone it’s kind of a little

00:11:52.980 –> 00:11:58.060
hold in Apple’s thing that they do to help out law enforcement but the fact

00:11:58.060 –> 00:12:00.480
that they’ve lied for years and said they have no way of getting into a

00:12:00.480 –> 00:12:03.960
device and they actually could I’m curious to see if there are going to be

00:12:03.960 –> 00:12:08.940
any repercussions for this I doubt there will be but you know it’s it will have

00:12:08.940 –> 00:12:12.720
to wait and see what happens but this is quite an interesting topic to me anyway

00:12:12.720 –> 00:12:16.280
because people said well they’re patched now that people found out about it yes

00:12:16.280 –> 00:12:19.920
they passed it but just because it once it’s there it’s there I mean you could

00:12:19.920 –> 00:12:23.160
patch it but then you know people can install the patch we can use an old

00:12:23.160 –> 00:12:26.080
version of iOS once once they find us there apparently it’s been there since

00:12:26.080 –> 00:12:33.160
the iPhone 6 6 & 7 they said so you know and the new phone has it all the new

00:12:33.160 –> 00:12:36.880
phones have it but now obviously the patch but again it’s there so I’m very

00:12:36.880 –> 00:12:39.680
curious to see what’s gonna go with this this is gonna be an interesting topic to

00:12:39.680 –> 00:12:45.600
watch now especially since there is a way to do this so this am I been on the

00:12:45.600 –> 00:12:51.080
Apple should have ever done this I’m totally against it but you know it is

00:12:51.080 –> 00:12:54.560
what it is it’s out there now and we have to deal with it so but yes I thought

00:12:54.560 –> 00:13:00.220
that was a very interesting topic to say the least as far as that doesn’t mind to

00:13:00.220 –> 00:13:05.000
the authorities all that kind of stuff it was interesting so speaking of another

00:13:05.000 –> 00:13:08.520
thing about Apple we’re just gonna I’m just gonna unload all the Apple news

00:13:08.520 –> 00:13:14.000
first thing in the podcast Mozilla is saying that Apple’s new browser rules

00:13:14.000 –> 00:13:18.440
are a real pain in the butt Apple has new rules in the EU that we talked about

00:13:18.440 –> 00:13:24.840
before that are supposed to support open iOS to alternative browsers supposed to

00:13:24.840 –> 00:13:29.560
be opening up iOS to alternative routers that alternative browsers thank you

00:13:29.560 –> 00:13:35.120
Apple’s new webkit which they’re releasing to meet with EU requirements

00:13:35.120 –> 00:13:38.960
so now you’re not only going to use webkit but you’re gonna have this other

00:13:38.960 –> 00:13:42.720
thing now so what what people are saying is well this is gonna be a pain in the

00:13:42.720 –> 00:13:47.320
butt now because you’re gonna have to maintain you’re going to retain either

00:13:47.320 –> 00:13:50.800
the one for America which is using webkit which yeah and then you have to

00:13:50.800 –> 00:13:55.360
maintain the one in Europe now which supports other things besides webkit so

00:13:55.360 –> 00:13:59.880
it kind of makes it having to maintain both but I get why Apple’s doing this

00:13:59.880 –> 00:14:03.360
you know they’re trying to make it so that at least the you know people that

00:14:03.360 –> 00:14:08.200
want to use the apps in the store and stuff are safe but apparently they could

00:14:08.200 –> 00:14:12.600
say the EU they’re saying that since there’s gonna be two versions of this

00:14:12.600 –> 00:14:15.600
particular way you can do this one with the webkit and the one outside of the

00:14:15.600 –> 00:14:22.360
webkit it’s gonna make it kind of a pain to maintain both you know both browsers

00:14:22.360 –> 00:14:26.560
because like I said the Apple like I said their plan is to restrict their

00:14:26.560 –> 00:14:31.240
newly announced browser engine kit to EU specific apps so you’re gonna have

00:14:31.240 –> 00:14:33.560
webkit which is the general kit that we’re all used to and then you’re gonna

00:14:33.560 –> 00:14:39.120
have the browser engine kit specifically for the EU so again this is more that EU

00:14:39.120 –> 00:14:43.400
regulation stuff so it’s gonna be kind of a pain you got to maintain both

00:14:43.400 –> 00:14:47.480
webkits now and obviously that patch that came out this week obviously patched

00:14:47.480 –> 00:14:51.720
webkit because there’s a vulnerability in it but like I said it was a I guess

00:14:51.720 –> 00:14:56.960
it’s been a pretty crazy week I kind of understand where Mozilla is going with

00:14:56.960 –> 00:15:01.600
this again I would like to see and again you can’t get it’s the only thing I don’t

00:15:01.600 –> 00:15:05.000
like about this it’s only in EU so you can’t I would love to see what the other

00:15:05.000 –> 00:15:10.320
webkit is and compare it to this webkit and want to see but like I said that was

00:15:10.320 –> 00:15:13.800
something I saw it then I was like oh that’s that’s pretty interesting so

00:15:13.800 –> 00:15:18.160
Mozilla is complaining about it I’m sure others will complain about it as well

00:15:18.160 –> 00:15:23.180
but that’s what we’re doing so apparently like I said this is all EU

00:15:23.180 –> 00:15:27.600
stuff because the EU regulations and all that so like I said we’ll have to keep

00:15:27.600 –> 00:15:31.640
an eye on all that and see what happens I’d love to see if you get like I said

00:15:31.640 –> 00:15:34.320
let’s get a hands on the webkit over here in America to see what’s actually

00:15:34.320 –> 00:15:40.320
going on with it but we will have to see speaking of things by the way that I

00:15:40.320 –> 00:15:42.960
want to talk about one of the things that somebody had talked about we talked

00:15:42.960 –> 00:15:47.480
about bitwarden and things of that nature with last no I think last podcast

00:15:47.480 –> 00:15:51.080
before whatever it was but dumb somebody had asked about bitwarden on their phone

00:15:51.080 –> 00:15:55.840
and one of the things I had said I think was last podcast was that if you’re

00:15:55.840 –> 00:16:01.880
gonna go with a password app you have to kind of go with it and stick with it and

00:16:01.880 –> 00:16:04.840
one of the things I was trying to explain I don’t think people know this

00:16:04.840 –> 00:16:10.040
and I’ve tried this before you have you can go into your iPhone or Android and

00:16:10.040 –> 00:16:15.720
you don’t have to use Apple’s password manager you can use a different password

00:16:15.720 –> 00:16:21.080
manager you could go in there and say hey I don’t want you know Apple I want

00:16:21.080 –> 00:16:26.680
to use bitwarden or I want to use one password or whatever and once you do

00:16:26.680 –> 00:16:30.360
that you know you can set up so the biometrics I know a lot of people saying

00:16:30.360 –> 00:16:32.680
what’s ridiculous I’m using this on my device and every time I have to type in

00:16:32.680 –> 00:16:38.240
the password no you have to go in you can enable bio biometrics on it on your

00:16:38.240 –> 00:16:42.480
iPhone you can even enable bio biometrics on your Mac if you want to

00:16:42.480 –> 00:16:45.640
yeah you have to open a bitwarden and sign into it but then once you do that

00:16:45.640 –> 00:16:51.300
you can use biometrics on your Mac also so you can use Windows Hello on Windows

00:16:51.300 –> 00:16:54.240
or you can use your password reader on your on your Windows device I’m sorry

00:16:54.240 –> 00:16:58.020
your password your fingerprint reader on your device and you can use biometrics

00:16:58.020 –> 00:17:03.900
for that so I know a lot of you guys are doing using it in the browser there is

00:17:03.900 –> 00:17:11.680
browser integration for Windows Hello and for Mac or like I said Windows so I

00:17:11.680 –> 00:17:15.860
think there’s even Chrome support actually too but like I said Chromebook

00:17:15.860 –> 00:17:18.240
support but like I said go ahead and like I said if you want to use your

00:17:18.240 –> 00:17:21.060
bio met like it’s not a lot of people said to me well I’m using bitwarden

00:17:21.060 –> 00:17:24.520
because it’s safe but it’s kind of a pain in the butt you gotta keep typing

00:17:24.520 –> 00:17:28.180
in the password you don’t you can actually have the biometrics on your

00:17:28.180 –> 00:17:32.320
Android iPhone Windows Mac because you can use Windows Hello or your

00:17:32.320 –> 00:17:36.460
fingerprint reader and go ahead and like I said and it does work pretty well I

00:17:36.460 –> 00:17:40.580
have actually used biometrics so I have all that set up I know it’s not so bad

00:17:40.580 –> 00:17:45.480
on a laptop with a full keyboard but when you’re using your iPhone or if

00:17:45.480 –> 00:17:48.560
you’re you know got stuff in your hand and you just want to look at a password

00:17:48.560 –> 00:17:51.700
or something like that you just want to look at your phone like I said there is

00:17:51.700 –> 00:17:55.200
cable that so go ahead and like I said you can set that up you know a couple

00:17:55.200 –> 00:17:58.020
people that asked about that again if you want to reach out to me it’s

00:17:58.020 –> 00:18:03.180 is the email I’ll put it in the show notes also so

00:18:03.180 –> 00:18:08.940
you can reach out to me like I said on Twitter kb3yua it’s my call sign but

00:18:08.940 –> 00:18:11.720
like I said you can do that as well a couple people had asked about that so I

00:18:11.720 –> 00:18:16.400
just wanted to bring that up also the other thing I wanted to bring up as well

00:18:16.400 –> 00:18:21.680
more information on the Microsoft hack I guess this is kind of the news I was

00:18:21.680 –> 00:18:24.320
worried we’re gonna get to new stories but I guess these are kind of new stories

00:18:24.320 –> 00:18:30.360
I guess Microsoft apparently they got hacked obviously we know that their big

00:18:30.360 –> 00:18:35.240
executives got hacked because of an old an old system that was sitting out there

00:18:35.240 –> 00:18:38.980
apparently it was a test account that got hacked it was basically a password

00:18:38.980 –> 00:18:44.320
spray account and once they got that simple easy password they were kind of

00:18:44.320 –> 00:18:49.120
able to kind of work their way up and stuff like that so it’s it’s like I said

00:18:49.120 –> 00:18:53.960
it’s not like I said it was very basically a very easy simple password

00:18:53.960 –> 00:18:59.280
hack that’s how most of these things happen believe it or not most of your

00:18:59.280 –> 00:19:02.480
big attacks like this happen for stuff like this but it was just a basic

00:19:02.480 –> 00:19:06.160
password spray attack somebody got into their old account you know they’re an

00:19:06.160 –> 00:19:10.980
old account and and that was pretty much it so like I said not you know not a

00:19:10.980 –> 00:19:14.520
whole lot unfortunately like I said I’m not a fortunate but I’m saying in

00:19:14.520 –> 00:19:21.080
general a lot of times these kinds of hacks are not you know overly complex

00:19:21.080 –> 00:19:24.420
also to one of the other things I would like to point out I got a bunch of

00:19:24.420 –> 00:19:28.080
people that reached out we were talking about Microsoft 365 and all that kind of

00:19:28.080 –> 00:19:32.920
stuff Microsoft Teams actually had like an eight-hour outage yesterday Friday

00:19:32.920 –> 00:19:39.120
and Microsoft hasn’t announced why but they had you know they have had you know

00:19:39.120 –> 00:19:42.840
an outage so it’s one of the point that anybody struggled with teams yesterday

00:19:42.840 –> 00:19:48.780
there was an outage also – I would like to point out to anybody that is

00:19:48.780 –> 00:19:51.340
listening I know a lot of you guys that listen are like me like to mess with

00:19:51.340 –> 00:19:55.700
codes of that if you haven’t yet like I said chat I really would recommend if

00:19:55.700 –> 00:20:00.720
you use github go ahead and get copilot for github is 10 bucks a month I really

00:20:00.720 –> 00:20:03.940
do recommend I don’t make any money on this they’re not Microsoft’s not paying

00:20:03.940 –> 00:20:08.420
me I’m just saying it really helps you when you’re in a bind or you’re

00:20:08.420 –> 00:20:11.380
struggling or you can’t find an error in your code or you’re struggling to

00:20:11.380 –> 00:20:15.060
thinking maybe get the right code for an issue you’re working on I really do

00:20:15.060 –> 00:20:18.500
recommend it I’m not saying it’s a replacement for actually being a coder I

00:20:18.500 –> 00:20:22.580
think it’s just a tool that helps you out but the other reason I’m bringing

00:20:22.580 –> 00:20:26.860
that up is I know a lot of you guys say well I don’t like copilot I don’t like

00:20:26.860 –> 00:20:32.520
you know I don’t like github and I use you know was it jet lab or what is it

00:20:32.520 –> 00:20:35.140
one of the other ones they have there’s a bunch of them out there and that’s

00:20:35.140 –> 00:20:39.260
fine you don’t necessarily have to use a github and by the way I would like to

00:20:39.260 –> 00:20:42.980
point out those of you that know I’m really into open source one of the other

00:20:42.980 –> 00:20:47.180
things that I have actually used in the past I don’t use it much now but I used

00:20:47.180 –> 00:20:52.900
you is mantis mantis is actually a really great open source tool for those

00:20:52.900 –> 00:20:56.040
of you that is that a programmers that say handle my stuff in github I like to

00:20:56.040 –> 00:21:00.460
host my own code I like to host my own bug stuff I like to do all that you can

00:21:00.460 –> 00:21:04.620
go ahead and use mantis it’s a great thing you can also use it for help desk

00:21:04.620 –> 00:21:09.500
there’s it’s open source there’s tons of plugins for it I strongly recommend it

00:21:09.500 –> 00:21:13.020
it’s free it doesn’t cost you a dime also like I said there is something

00:21:13.020 –> 00:21:17.180
called jet lab and that ran out like I said I don’t use jet lab too much I use

00:21:17.180 –> 00:21:23.720
it once in a while only because I help out with the fedora project and they use

00:21:23.720 –> 00:21:27.780
jet lab which is fine but that’s also free you can use there’s also an open

00:21:27.780 –> 00:21:32.120
source version of that but like I said mantis or jet lab are fine I do like to

00:21:32.120 –> 00:21:36.260
use github but that’s fine but anyway one of the reasons why I’m bringing that

00:21:36.260 –> 00:21:40.580
up is because a bunch of guys have said to me well I don’t use github I don’t

00:21:40.580 –> 00:21:47.960
want to pay for copilot so if you are a Windows user Microsoft has actually

00:21:47.960 –> 00:21:54.380
announced copilot there’s copilot which is 20 bucks a month and copilot Pro so

00:21:54.380 –> 00:21:59.060
if you’re a personal user you can get copilot for like 20 bucks a month and

00:21:59.060 –> 00:22:04.760
it works on no works on all the office products it works on vs code works on

00:22:04.760 –> 00:22:08.880
Visual Studio all that kind of stuff so you can get that if you don’t want to

00:22:08.880 –> 00:22:13.200
say I mean it probably is the same thing but it like I said it actually is really

00:22:13.200 –> 00:22:17.120
good it’s Microsoft copilot it actually does I’ve actually found it myself when

00:22:17.120 –> 00:22:19.820
I’m actually like if I was typing up a document for the podcast or something

00:22:19.820 –> 00:22:24.160
like that or piping of a document for somebody it actually is nice because

00:22:24.160 –> 00:22:26.960
actually correct your spelling while you’re doing it it helps to finish

00:22:26.960 –> 00:22:32.200
sentences of that I look at I look at it really more as a tool than anything else

00:22:32.200 –> 00:22:37.540
I know $30 is a bit steep I did get the personal version just because I thought

00:22:37.540 –> 00:22:42.360
it was better in the sense of I mean I have an office professional account for

00:22:42.360 –> 00:22:47.160
testing and stuff but like I said instead of having the professional one

00:22:47.160 –> 00:22:50.160
and going through the business version of Microsoft office I just got the

00:22:50.160 –> 00:22:54.900
personal co-pilots test and it actually works like I said with office it

00:22:54.900 –> 00:22:57.960
works with all their stuff it actually works with their power apps and things

00:22:57.960 –> 00:23:01.600
like that so I mean it basically built into all Microsoft products so if you

00:23:01.600 –> 00:23:05.640
are on got somebody that does a lot of Microsoft work if you are somebody that

00:23:05.640 –> 00:23:09.300
codes if you’re even if you you know somebody like you know a friend or a

00:23:09.300 –> 00:23:13.860
wife that uses office a lot or excel a lot it could really be a great tool for

00:23:13.860 –> 00:23:19.540
them I know 20 is a little steep but it really is a very powerful tool and I

00:23:19.540 –> 00:23:23.520
really do recommend it like I said I’m trying like I said I’m not getting any

00:23:23.520 –> 00:23:28.140
paid from Microsoft to sell you anything but I do think it’s really a great tool

00:23:28.140 –> 00:23:33.540
and I really think you could all a lot of people could benefit from it so like I

00:23:33.540 –> 00:23:36.960
said be something to work looking into you could also go to chat cheap teens

00:23:36.960 –> 00:23:42.360
you get $20 version there it’s not built into as much as the Microsoft one is if

00:23:42.360 –> 00:23:46.560
you use Microsoft products it even works the Microsoft co-pilot on on office even

00:23:46.560 –> 00:23:50.840
works on Mac that kind of shocked me because I do use a Mac so for some

00:23:50.840 –> 00:23:53.600
things so I was kind of shocked I was like hey I works on my Windows machine I

00:23:53.600 –> 00:23:58.000
can’t expected that but then I hopped over on my Mac and like works on that

00:23:58.000 –> 00:24:02.220
too the other thing is – it’s kind of neat that I did like with it and of

00:24:02.220 –> 00:24:04.920
course security is a thing you know I wonder what this thing’s reading and

00:24:04.920 –> 00:24:08.920
keeping the logs that’s something I thought about too but I don’t think it

00:24:08.920 –> 00:24:13.440
summarizes emails it can I all that kind of stuff so a pretty neat could be for

00:24:13.440 –> 00:24:17.080
somebody who maybe is a small business owner that can’t afford to pay a

00:24:17.080 –> 00:24:20.920
secretary or can’t afford to pay an assistant this could be something that

00:24:20.920 –> 00:24:25.000
could really help you out so like I said I know we all worry about what it’s

00:24:25.000 –> 00:24:28.400
collecting what it’s learning but it is something I just wanted to bring up it

00:24:28.400 –> 00:24:33.640
is it was a pretty powerful tool a little bit of old news here but I didn’t

00:24:33.640 –> 00:24:37.840
want to bring this up Google has obviously got hit with that big thing we

00:24:37.840 –> 00:24:42.040
talked about last week for the incognito mode we all remember that whether it

00:24:42.040 –> 00:24:45.880
wasn’t really incognito they were still recording your stuff apparently Google

00:24:45.880 –> 00:24:51.620
settled that lawsuit and now they have actually updated the information in

00:24:51.620 –> 00:24:54.240
their incognito window in the new Chrome so if you update the latest version of

00:24:54.240 –> 00:24:59.480
Chrome you’ll notice the incognito is worded a lot differently saying yes we

00:24:59.480 –> 00:25:03.620
you know it is called conneal we can’t you know you know they did change the

00:25:03.620 –> 00:25:06.880
wording or not a big deal but I just thought just thought that was kind of

00:25:06.880 –> 00:25:11.920
funny that they changed went ahead and changed around a bunch of that stuff so

00:25:11.920 –> 00:25:16.640
it was funny also – I also wanted to bring up somebody had sent me a question

00:25:16.640 –> 00:25:21.000
asking me about global leaks I had talked about that I am gonna publish an

00:25:21.000 –> 00:25:23.960
article on the website this week or next week I did a whole review on it I

00:25:23.960 –> 00:25:28.880
actually loaded in on a VM and I’ve been messing with it somebody had asked me

00:25:28.880 –> 00:25:34.160
about using a VPN and uploading to global leaks I do want to point out too

00:25:34.160 –> 00:25:39.420
that while you should always use a VPN even if you’re using Tor if you if you

00:25:39.420 –> 00:25:44.720
once you actually load up global leaks it actually does a dot onion domain so if

00:25:44.720 –> 00:25:48.720
you are more comfortable with VPN and then opening up Tor and then going to

00:25:48.720 –> 00:25:53.080
that onion site you could do that as well that would probably be the way they

00:25:53.080 –> 00:25:56.120
that’s actually the way they recommend on their documentation as I was looking

00:25:56.120 –> 00:25:59.940
through it I was actually checking the sound like oh okay that’s interesting so

00:25:59.940 –> 00:26:05.880
they actually do recommend using the onion site and not and actually doing it

00:26:05.880 –> 00:26:12.120
that way so but like I said if you you do load up global leaks and all that you

00:26:12.120 –> 00:26:17.160
do notice it will automatically make a dot onion site so that you can go ahead

00:26:17.160 –> 00:26:22.960
and you know use it with Tor and be much more secure again VPN and a

00:26:22.960 –> 00:26:28.120
Tor if you use VPN and use Tor it’s almost anonymous I would say I would say

00:26:28.120 –> 00:26:32.240
it’s pretty pretty close to anonymous so like I said I wanted to point that out

00:26:32.240 –> 00:26:34.540
so if you do see anything I know a couple people say well what is a dot

00:26:34.540 –> 00:26:39.400
onion domain that’s all part of the Tor stuff so very important and I just

00:26:39.400 –> 00:26:42.460
wanted to bring them because that was a question that somebody messaged me and I

00:26:42.460 –> 00:26:45.640
just didn’t want to address it on the podcast so thank you very much I love

00:26:45.640 –> 00:26:49.520
all the emails that I’m getting we get a couple I got a couple last week and I

00:26:49.520 –> 00:26:52.900
got a couple this week so like I said I’m gonna put the email it’s Brandon

00:26:52.900 –> 00:26:58.600
the pain security send me questions if you have also to my Twitter kb3 yua like

00:26:58.600 –> 00:27:02.440
I said reach out to me with your questions and like I said I’ll try to

00:27:02.440 –> 00:27:06.220
answer them on the podcast so I really appreciate that it was really cool you

00:27:06.220 –> 00:27:08.880
know getting emails and stuff like that from you guys knowing that everybody’s

00:27:08.880 –> 00:27:13.160
listening and I like I said I really do appreciate that you guys listening and I

00:27:13.160 –> 00:27:17.260
really appreciate you guys commenting back so like I said really really

00:27:17.260 –> 00:27:21.460
appreciate it so I wasn’t sure I was going to get to the gets all the news I

00:27:21.460 –> 00:27:26.540
had but we’ll get to some of it anyway important stuff anyway so apparently

00:27:26.540 –> 00:27:30.140
WordPress obviously is always under attack by lots of things but apparently

00:27:30.140 –> 00:27:34.100
hackers are targeting a WordPress database plug-in active in they saying

00:27:34.100 –> 00:27:39.020
over a million sites that’s pretty big it’s something called better search

00:27:39.020 –> 00:27:43.100
replace is the WordPress plug-in and hats like I said it’s being exploited

00:27:43.100 –> 00:27:48.580
apparently they have released an update so go ahead and update that if you are

00:27:48.580 –> 00:27:52.340
like I said running WordPress a very important update to WordPress site

00:27:52.340 –> 00:27:55.780
regularly let me tell you there’s so many vulnerabilities out there it’s just

00:27:55.780 –> 00:28:02.300
unbelievable like I said just just how much you know how many vulnerabilities

00:28:02.300 –> 00:28:05.300
come out for WordPress I mean it’s a great platform but it just drives you

00:28:05.300 –> 00:28:08.540
nuts when you really look how many vulnerabilities there are it’s crazy

00:28:08.540 –> 00:28:12.140
something something else like I said I grabbed my attention today the US

00:28:12.140 –> 00:28:16.020
Federal Trade Commission is continuing to clamp down on data brokers by

00:28:16.020 –> 00:28:21.380
prohibiting in market media from selling or licensing precious location data that

00:28:21.380 –> 00:28:25.020
was on a hacker news this week apparently there’s a settlement that’s

00:28:25.020 –> 00:28:30.620
going on part of out a part of allegations that a Texas based company is

00:28:30.620 –> 00:28:33.980
selling information and not telling customers that they’re selling the

00:28:33.980 –> 00:28:39.020
location information the FTC has kind of stepped in and kind of made the kind of

00:28:39.020 –> 00:28:42.620
is going athletes come and saying hey we’re trying to pass a law here if you

00:28:42.620 –> 00:28:47.780
want to you know if you know in in market what’s the name of the company or

00:28:47.780 –> 00:28:50.740
any company for that matter they’re going after saying if you’re going to

00:28:50.740 –> 00:28:57.740
sell people’s location data you have to have their consent so the FCC FTC is

00:28:57.740 –> 00:29:01.260
really clamp you know cracking down on this I’m wondering how this is gonna

00:29:01.260 –> 00:29:05.820
affect things like Facebook I mean like companies like four squared and yes

00:29:05.820 –> 00:29:08.260
they’re still out there but I know probably like but why four square yeah

00:29:08.260 –> 00:29:11.860
how about four squared it’s not there they’re a location they have all that

00:29:11.860 –> 00:29:15.880
stuff there they still collect you have companies like Google so that I’m

00:29:15.880 –> 00:29:19.100
wondering how this is gonna affect them going forward I know in their terms of

00:29:19.100 –> 00:29:22.620
service they do tell you that they use the location services and stuff but I’m

00:29:22.620 –> 00:29:30.900
curious how this is going to play out as we go you know further and further with

00:29:30.900 –> 00:29:33.820
this sort of thing so we’ll have to wait and see but apparently the FCC is

00:29:33.820 –> 00:29:37.300
starting to crack down if people are going to sell your data they have to

00:29:37.300 –> 00:29:40.340
tell you they’re going to sell your location data so those of you that have

00:29:40.340 –> 00:29:45.700
an HP printer I found this was something that I was on our testing a apparently

00:29:45.700 –> 00:29:50.420
the HP CEO apparently he addressed the company’s controversial practice of

00:29:50.420 –> 00:29:56.100
bricking printers when users use third-party ink this is a serious thing

00:29:56.100 –> 00:30:00.820
now they’re saying that they have hacked we’ve actually seen that you can embed

00:30:00.820 –> 00:30:07.640
viruses in ink cartridges okay and and what HP is saying here is well this is

00:30:07.640 –> 00:30:14.020
the reason why we’re bricking printers because we want you to buy HP ink so you

00:30:14.020 –> 00:30:19.640
don’t get a virus on your printer and in wall okay I do agree with that to a

00:30:19.640 –> 00:30:23.700
certain degree they’re also doing this because they want you to sign up for

00:30:23.700 –> 00:30:28.940
that HP cartridge subscription service they want you to buy their cartridges

00:30:28.940 –> 00:30:32.460
they make the money they want you buying third-party cartridges but the fact is

00:30:32.460 –> 00:30:37.740
it’s your printer and the fact that if you are using a third-party cartridge

00:30:37.740 –> 00:30:42.700
you know that they break your basically brick your thing is hey it’s not a valid

00:30:42.700 –> 00:30:46.540
cartridge you can’t use it is ridiculous and this is all because they’re trying

00:30:46.540 –> 00:30:51.340
to get into the service of okay well you sign up you get an HP printer and you

00:30:51.340 –> 00:30:55.100
sign up for a service and then you know and then every and every time you run

00:30:55.100 –> 00:30:59.180
low on ink will automatically send it to you it’s all I mean it’s all I mean

00:30:59.180 –> 00:31:02.340
they’re saying it’s a guise of security because oh we can get a virus if you use

00:31:02.340 –> 00:31:06.580
a non-authentic ink cartridge you maybe that is some of it I’m not saying it

00:31:06.580 –> 00:31:10.380
isn’t but you know as I know HP is a business they’re not just protecting you

00:31:10.380 –> 00:31:14.940
to be your friend they also want you to buy their ink so I thought that was an

00:31:14.940 –> 00:31:19.140
interesting thing as well so one of the other things I saw online was about

00:31:19.140 –> 00:31:24.860
Maven gate those of you that don’t know what that is Maven gate is also there’s

00:31:24.860 –> 00:31:27.900
several public popular libraries out there for like Java Android and some of

00:31:27.900 –> 00:31:33.020
that and Maven gate is basically a supply chain attack according to the

00:31:33.020 –> 00:31:36.960
site access to projects can be hijacked through domain name purchases and since

00:31:36.960 –> 00:31:41.940
most default build configurations are vulnerable you know they’re worried so

00:31:41.940 –> 00:31:47.280
what’s happening is and this is a little bit of the problem with open source to a

00:31:47.280 –> 00:31:51.660
certain degree so we saw this with the Apache vulnerability but what’s

00:31:51.660 –> 00:31:56.260
happening is is people are okay they’re working on projects they’re working on

00:31:56.260 –> 00:32:01.140
things you know they get domains or something like that and then they stay

00:32:01.140 –> 00:32:03.420
work on the platform then they either lose interest or they don’t need the

00:32:03.420 –> 00:32:06.580
product anymore or whatever and then these projects just sit there well

00:32:06.580 –> 00:32:09.980
what’s happening with Maven gate is people are saying okay well this project

00:32:09.980 –> 00:32:13.920
has been abandoned a while but I can still see people are downloading it and

00:32:13.920 –> 00:32:19.060
using it oh look this domain is available let me grab it because the

00:32:19.060 –> 00:32:22.760
person lets the domain go because you’re not using it anymore let me grab it let

00:32:22.760 –> 00:32:26.500
me put some infected stuff on this so when people download the repository their

00:32:26.500 –> 00:32:31.220
machines get infected so that’s kind of the what Maven gate is and that’s kind

00:32:31.220 –> 00:32:35.340
of what’s going on right now and they’re saying a lot of Java and Android

00:32:35.340 –> 00:32:40.100
applications are vulnerable because people are still using these calls to

00:32:40.100 –> 00:32:42.820
these you know these repositories but these repositories are not being

00:32:42.820 –> 00:32:48.140
maintained anymore mobile security firm added Maven gate technology included

00:32:48.140 –> 00:32:53.060
vulnerabilities to the attack that seemed reports the 200 companies Facebook

00:32:53.060 –> 00:32:58.980
Google signal Amazon and others were using these repositories that were not

00:32:58.980 –> 00:33:02.460
patched so apparently that you know so it’s this is a pretty big deal and this

00:33:02.460 –> 00:33:05.420
is kind of that whole thing we talked about like when Apache when Apache had

00:33:05.420 –> 00:33:09.500
that big vulnerability you know the problem is some people may not be

00:33:09.500 –> 00:33:14.840
maintaining those repositories anymore so that that log4j thing is still an

00:33:14.840 –> 00:33:19.100
issue in a bunch of stuff I mean if you’re talking you know yeah you know a

00:33:19.100 –> 00:33:22.640
piece of code that’s been patched in three years four years that somebody’s

00:33:22.640 –> 00:33:25.260
downloading that repository and using it to build an app that thing is still

00:33:25.260 –> 00:33:29.760
vulnerable so this is kind of the whole supply chain attack thing comes from but

00:33:29.760 –> 00:33:33.060
like I said Maven gate is pretty interesting because like I said people

00:33:33.060 –> 00:33:35.940
are actually going through old repositories hackers are going through

00:33:35.940 –> 00:33:40.800
old repositories and saying okay well I see this domains available let me grab

00:33:40.800 –> 00:33:45.720
this domain and let me you know make this repository something I’ll clone

00:33:45.720 –> 00:33:48.780
repository but I’ll put some code in there so when people download that

00:33:48.780 –> 00:33:55.400
repository you know it you know it gets you know they get hacked so very

00:33:55.400 –> 00:34:01.460
important there the other thing I wanted one other article I saw that really kind

00:34:01.460 –> 00:34:06.580
of shocked me a little bit was there was a data breach of 1 million cancer

00:34:06.580 –> 00:34:11.600
patients on slashdot and what happened was and this is I mean very common it

00:34:11.600 –> 00:34:15.560
does happen but apparently what happened was you had a million patients

00:34:15.560 –> 00:34:21.740
information got out in November and since the breach hit in South Lake Union

00:34:21.740 –> 00:34:25.060
Cancer Center research I’m also giving the name out just so you guys know in

00:34:25.060 –> 00:34:28.880
case anybody goes there but apparently they’re saying that they are receiving

00:34:28.880 –> 00:34:34.160
apparently again more swatting stuff because they have over a thousand over a

00:34:34.160 –> 00:34:41.340
million emails and then here’s the even scarier part through how they got into

00:34:41.340 –> 00:34:45.360
the system was that Citrix bleed vulnerability that was just released not

00:34:45.360 –> 00:34:48.820
that was released so that just means somebody had a patch their machines in

00:34:48.820 –> 00:34:52.980
forever or a patch their Citrix systems in a while so that’s concerning as well

00:34:52.980 –> 00:34:56.820
but apparently they have over a million emails and they’re swatting all these

00:34:56.820 –> 00:34:59.720
people and you think about these people are sick they’re dealing with a lot they

00:34:59.720 –> 00:35:03.860
might not be paying attention as much they might not be feeling well you know

00:35:03.860 –> 00:35:08.780
it’s kind of a kind of a sick thing to do to attack sick people but again they

00:35:08.780 –> 00:35:13.580
got into that Citrix bleed vulnerability and you know apparently now they like I

00:35:13.580 –> 00:35:16.800
said they’re swatting emails so that’s and that’s concerning because what they

00:35:16.800 –> 00:35:19.340
could say you owe bill I mean it’s easy enough to see when somebody’s not paying

00:35:19.340 –> 00:35:22.580
attention to a lot going on like this you can go ahead and say oh hey you owe

00:35:22.580 –> 00:35:29.740
a bill you know or something like that so again concerning by the way hundred

00:35:29.740 –> 00:35:36.260
seventy thousand sonic walls by the way exposed to a security incident that

00:35:36.260 –> 00:35:39.180
apparently makes them vulnerable to DDoS that was also in the news this week so

00:35:39.180 –> 00:35:45.460
if you are using a sonic wall make sure you are patched speaking of something

00:35:45.460 –> 00:35:49.540
that came up this is actually on the rot calm I really like Paul throughout he

00:35:49.540 –> 00:35:54.940
does a wonderful job really top-level journalism but apparently as we all know

00:35:54.940 –> 00:35:59.680
if you don’t know Microsoft is moving from mail and they want they want to go

00:35:59.680 –> 00:36:04.360
to move everybody to outlook on the desktop and all that kind of stuff we

00:36:04.360 –> 00:36:08.100
all know that’s been you know that’s been coming they’ve been talking about

00:36:08.100 –> 00:36:14.300
it for a while now but apparently somebody had looked through there’s a

00:36:14.300 –> 00:36:18.320
actually a barely of a lot of people are saying that it looks like outlook is no

00:36:18.320 –> 00:36:26.080
longer simply an email service in a new post the privacy focused company is not

00:36:26.080 –> 00:36:30.020
so privacy focused anymore meaning Google I’m sorry I mean Microsoft its

00:36:30.020 –> 00:36:37.500
data collection mechanism for Microsoft 772 external partners and ad delivery

00:36:37.500 –> 00:36:41.660
systems are linked into Microsoft’s email system which would be outlook comm

00:36:41.660 –> 00:36:47.300
or any or any of their general outlook in general whether it’s email or not the

00:36:47.300 –> 00:36:51.480
disclosure explains that Microsoft and 772 of its partners are scanning the PC

00:36:51.480 –> 00:36:58.080
on which the new outlook runs specifically to identify the user what

00:36:58.080 –> 00:37:02.840
they’re storing and information apparently a separate choose your ads

00:37:02.840 –> 00:37:07.380
layout window is also shown only in the EU because obviously EU has different

00:37:07.380 –> 00:37:11.220
rules in here in America but so apparently you know if you’re using

00:37:11.220 –> 00:37:15.980
outlook mail you know Microsoft always claimed to be their privacy security

00:37:15.980 –> 00:37:20.020
but apparently they’re tracking you and I’ll tell you why this is Microsoft

00:37:20.020 –> 00:37:25.340
wants they they spend all money on chat GPT they want to really boost their bit

00:37:25.340 –> 00:37:30.020
their advertising business using chat GPT and other things but now apparently

00:37:30.020 –> 00:37:33.580
like I said they’ve got over hundreds and hundreds of trackers in the new

00:37:33.580 –> 00:37:38.720
outlook so if you are using outlook either on your computer or on the web

00:37:38.720 –> 00:37:43.180
just be aware that there are a lot of trackers in there not sure not sure how

00:37:43.180 –> 00:37:47.400
many Google has I’m sure Gmail has some or quite a bit but like I said that was

00:37:47.400 –> 00:37:52.940
rather concerning and Microsoft really didn’t even deny it which is or didn’t

00:37:52.940 –> 00:37:56.100
you know it was just really a I just didn’t really care for the way Microsoft

00:37:56.100 –> 00:38:04.180
you know handled it also to hackers have exploited Windows Defender smart screen

00:38:04.180 –> 00:38:10.620
flaw to spread data stealer malware by the way the vulnerability Microsoft

00:38:10.620 –> 00:38:14.420
Defender it’s a critical flaw in Microsoft Windows Defender apparently

00:38:14.420 –> 00:38:19.980
Microsoft has released an update for it so run your Windows updates if you have

00:38:19.980 –> 00:38:25.700
not so like I said all that was that was like I said a little concerning

00:38:25.700 –> 00:38:28.060
Microsoft really getting hit hard last couple weeks with security

00:38:28.060 –> 00:38:34.500
vulnerabilities on the another thing too on the hacker news there is apparently a

00:38:34.500 –> 00:38:41.740
new NPM Trojan bypass that installs any desk with so apparently what it does is

00:38:41.740 –> 00:38:48.420
the Trojan gets on your machine and then uses JavaScript file and actually

00:38:48.420 –> 00:38:52.780
installs any desk so I thought that was interesting I do any desk is pretty

00:38:52.780 –> 00:38:57.660
secure but you do have to be careful it has been lately not as good as it used

00:38:57.660 –> 00:39:00.140
to be they’re getting a lot of hacks and stuff like that so you gotta be careful

00:39:00.140 –> 00:39:06.460
but apparently yeah this actually like I said actually installs any it infects

00:39:06.460 –> 00:39:10.460
your machine but it doesn’t just it doesn’t figure malware it infects it

00:39:10.460 –> 00:39:14.340
with with any desk and that allows people and obviously I’m sure ensures

00:39:14.340 –> 00:39:17.540
it’s also as a service and set the password or something like that and

00:39:17.540 –> 00:39:19.900
there are people that obviously know that so they’re able to get in that way

00:39:19.900 –> 00:39:25.180
so that was interesting also apparently Walmart Financial Services I’ve been the

00:39:25.180 –> 00:39:31.060
target for they’re saying since since 2013 Walmart they’re saying Americans

00:39:31.060 –> 00:39:37.140
have been swindled out of 27 billion dollars in 2013 and 2022 apparently pro

00:39:37.140 –> 00:39:42.980
publica investigated the company and apparently it’s only refunded four

00:39:42.980 –> 00:39:47.860
million dollars in gift card fraud and others it refused to it actually refused

00:39:47.860 –> 00:39:53.340
to actually refund and all that so apparently Walmart now is under heavy

00:39:53.340 –> 00:39:58.060
scrutiny over this saying that Walmart doesn’t really want to refund those gift

00:39:58.060 –> 00:40:00.900
cards because they make money on people buying gift cards and that’s why they

00:40:00.900 –> 00:40:05.180
don’t refund them and apparently like I said Walmart as under investigation by

00:40:05.180 –> 00:40:10.660
the F the FTC over how they don’t you know they have Walmart this is where

00:40:10.660 –> 00:40:16.460
Walmart has a financial incentive to avoid cracking down it makes money each

00:40:16.460 –> 00:40:21.500
time Walmart gift card is used and earns a fee when another brand of card is

00:40:21.500 –> 00:40:26.380
bought as a result Walmart has never cracked down on their gift cards or

00:40:26.380 –> 00:40:30.020
money transfer services because they do have money transfer services at Walmart

00:40:30.020 –> 00:40:33.940
and apparently they have been proud of just kind of turning a blind eye to it

00:40:33.940 –> 00:40:36.820
because the more people that you know use these gift cards of that more money

00:40:36.820 –> 00:40:40.440
they make so they don’t care if people are getting hacked or fraud out of it

00:40:40.440 –> 00:40:47.700
because they’re making a fortune on it so apparently 20 think about that 27

00:40:47.700 –> 00:40:55.700
billion dollars that’s a lot of money between 2013 and 2022 so Walmart now is

00:40:55.700 –> 00:40:58.900
apparently under investigation for this they’re possibly gonna be a big

00:40:58.900 –> 00:41:02.860
class-action lawsuit against this but apparently Walmart does not crack down

00:41:02.860 –> 00:41:07.540
on this because they’re making a fortune on it isn’t that lovely so it doesn’t

00:41:07.540 –> 00:41:10.780
matter screw the consumer that buys you all the time as long as you’re making

00:41:10.780 –> 00:41:15.460
money so one thing I did want to bring up in while it’s not security related I

00:41:15.460 –> 00:41:22.140
thought it’s pretty cool apparently this past week was the 40th anniversary of

00:41:22.140 –> 00:41:28.500
the Macintosh being released never Steve Jobs released it like I said on

00:41:28.500 –> 00:41:32.820
right after the smoothie of the big huge Super Bowl ad that was huge and I wasn’t

00:41:32.820 –> 00:41:37.100
I was 84 I wasn’t alive yet but I’ve seen it in movies I’ve watched on

00:41:37.100 –> 00:41:42.500
YouTube for that but apparently 40th anniversary of the Macintosh so I

00:41:42.500 –> 00:41:46.180
thought that was really cool a lot of places are covered in stuff like that I

00:41:46.180 –> 00:41:50.300
know I just Dean on YouTube she actually brought him brought one of the old max

00:41:50.300 –> 00:41:53.740
all the way to Cupertino and stuff like that so it was a lot of fun this week

00:41:53.740 –> 00:41:58.940
like I said I really I am a Mac user I think I said I do use Windows as well

00:41:58.940 –> 00:42:03.340
but I do use a Mac as well so I thought that was pretty cool and like I said

00:42:03.340 –> 00:42:08.340
40th anniversary of the Mac so that was pretty cool a lot of people don’t

00:42:08.340 –> 00:42:12.140
realize that was the user interface on that as well son of Windows by the way

00:42:12.140 –> 00:42:16.580
the GUI the instant interface wasn’t actually Apple it or Microsoft invented

00:42:16.580 –> 00:42:20.660
they actually stole it from Xerox Park who came up with it and Xerox was like

00:42:20.660 –> 00:42:24.380
too worried about the copier business and didn’t want to get into the PC

00:42:24.380 –> 00:42:28.460
business so they decided to go ahead like I said they didn’t care about it so

00:42:28.460 –> 00:42:32.740
those guys took it but I thought that was pretty cool like I said 40th

00:42:32.740 –> 00:42:37.780
anniversary of the Macintosh release and like I said I thought there’s a lot of

00:42:37.780 –> 00:42:40.060
fun a lot of people covered it on the internet and some of that so I’m sure

00:42:40.060 –> 00:42:43.660
you guys might probably saw it but if not like I said a lot of fun

00:42:43.660 –> 00:42:48.900
Leo Laporte on actually they on MacBreak Weekly they actually booted up

00:42:48.900 –> 00:42:53.940
an old Macintosh that he actually has as part of it and they it was really a

00:42:53.940 –> 00:42:57.860
whole thing was a lot of fun it was cool to see how revolutionary it was like I

00:42:57.860 –> 00:43:02.580
said the first Macintosh really had a lot of it was revolutionary but had a

00:43:02.580 –> 00:43:06.780
lot of problems the Macintosh Plus was the game plus was they came up with

00:43:06.780 –> 00:43:11.980
after Steve Jobs left which is basically just the second version of it had a lot

00:43:11.980 –> 00:43:16.060
less issues and stuff like that but again still revolutionary still amazing

00:43:16.060 –> 00:43:22.820
still really cool and obviously became a major success after you know Jobs left

00:43:22.820 –> 00:43:25.820
and of course after Microsoft’s are really pushing the GUI everybody wanted

00:43:25.820 –> 00:43:28.860
GUI based and that’s when a lot of people started jumping on the Apple

00:43:28.860 –> 00:43:33.020
bandwagon and stuff along with Windows so I thought that was pretty cool and

00:43:33.020 –> 00:43:36.940
like I said 40th anniversary Mac a big moment pretty cool especially for

00:43:36.940 –> 00:43:40.260
somebody like me as a Mac guy really like it and like I said I was really

00:43:40.260 –> 00:43:44.860
neat to like I said to see it and just all the different stories you hear and

00:43:44.860 –> 00:43:47.140
stuff like that about people you know the swap of death because you always

00:43:47.140 –> 00:43:51.340
keep swapping disks because it didn’t have any local hard drive so you every

00:43:51.340 –> 00:43:53.620
time you want to do something you got a swap disk and people usually call it a

00:43:53.620 –> 00:43:57.940
swap of death I’m just a lot of cool stuff like I said not really security

00:43:57.940 –> 00:44:01.740
related but like I said it was definitely a lot of fun and a lot of

00:44:01.740 –> 00:44:06.420
people don’t realize too with the the original Mac there was like I said there

00:44:06.420 –> 00:44:09.340
was there was just so many issues with the original was it was a revolutionary

00:44:09.340 –> 00:44:15.500
yes but it really didn’t take off until after it like I said after they came out

00:44:15.500 –> 00:44:19.540
with the second version of it which was the Macintosh Plus which had a hard

00:44:19.540 –> 00:44:23.700
drive in it which had well the other promise and he those things used to

00:44:23.700 –> 00:44:27.580
overheat all the time because Jobs didn’t want a fan so they reworked the

00:44:27.580 –> 00:44:31.100
internal things like that like I said I mean anything is you know the first-gen

00:44:31.100 –> 00:44:34.540
is gonna have issues but like I said but it was really cool I liked it and I

00:44:34.540 –> 00:44:37.720
wanted to bring that up because like I said I am kind of a little bit of a fan

00:44:37.720 –> 00:44:42.500
boy to a certain degree you know not all the time but definitely with with their

00:44:42.500 –> 00:44:48.500
computers anyway so I want to thank everybody for listening and we will see

00:44:48.500 –> 00:44:55.100
you on the next episode thank you very much

What A Week For Hacks

Today on the show we go over backing up your data locally and in the cloud. We then get into IoT devices like washer, dryer, frige and other appliances. We talk about Google Chrome tracking, Chromium open source, Ivanti has more exploits and much more.

We Talk New of The Week

  • Critical Microsoft SharePoint
  • Microsoft Executive Emails Hacked
  • Opera MyFlaw Bug
  • Cybersecurity Talent Shortage
  • Kaspersky’s iShutdown Tool
  • Lush cosmetics Reports Cyberattack
  • Labor hit by major government data breach

Plus Much More.

The Security Assessment Podcast is Brought To You By Lipani Security LLC.

(Full Show Transcript)

What A Week For Hacks (Transcript)

(Full Show Audio)

00:00:00.000 –> 00:00:04.840
All right folks you have the download button on security assessment podcast

00:00:04.840 –> 00:00:09.800
brought to you by our company Lipani security if you’re interested go to the

00:00:09.800 –> 00:00:14.240
link in the show notes below and check out all of our services software that we

00:00:14.240 –> 00:00:19.680
offer as well as our blogs about security in all our past podcast

00:00:19.680 –> 00:00:25.360
episodes I want to thank you all for listening and let the show begin

00:00:25.360 –> 00:00:39.240
all right guys thank you very much for joining us another episode of the

00:00:39.240 –> 00:00:45.720
security assessment podcast I am your host Brandon Lopani and like I said it’s

00:00:45.720 –> 00:00:52.720
great to be with you again tons of security news as there always is but a

00:00:52.720 –> 00:00:57.480
couple good housekeeping tips first a bunch of you reached out to me on

00:00:57.480 –> 00:01:02.520
Twitter to tell me that they noticed that the art changed I did I actually

00:01:02.520 –> 00:01:08.960
got somebody to actually help us out and we actually got new show art it’s I

00:01:08.960 –> 00:01:12.480
think it looks much better rather than just our business logo they actually

00:01:12.480 –> 00:01:17.720
went ahead and actually made the logo a little bit quite a very much cooler

00:01:17.720 –> 00:01:21.640
actually and like I said made it look a little more different to our business

00:01:21.640 –> 00:01:25.520
name is on there and then the name of the podcast and then like I said she did

00:01:25.520 –> 00:01:28.760
a few things with the the art and so that so I really appreciate that looks

00:01:28.760 –> 00:01:32.600
much better I think looks much cooler I know the old saying you’re not supposed

00:01:32.600 –> 00:01:37.360
to judge a book by its cover but unfortunately the cooler your show art

00:01:37.360 –> 00:01:42.240
looked the better change you have the people you know reading your listening

00:01:42.240 –> 00:01:46.720
to your podcast just like a book if it’s got a cool cover much better chance of

00:01:46.720 –> 00:01:54.160
people reading it so I appreciate that also too we got a lot of people that

00:01:54.160 –> 00:01:57.760
wanted to communicate with us so we actually went ahead if you go to our

00:01:57.760 –> 00:02:03.720
website LaPani and you go ahead and check it out there’s actually

00:02:03.720 –> 00:02:08.080
a forum area there so go ahead and join the forums and we can chat about shows

00:02:08.080 –> 00:02:14.280
security news all that stuff on there and again that is the forum so I want to

00:02:14.280 –> 00:02:19.480
I guess I give you guys some options how to communicate with us the forums are

00:02:19.480 –> 00:02:22.720
pretty cool we’ll use that for the show as well as anybody who wants to talk

00:02:22.720 –> 00:02:26.800
other news and like I said of course you can always email us on a website just

00:02:26.800 –> 00:02:31.400
hit contact us and shoot me an email you can do that as well so I do appreciate

00:02:31.400 –> 00:02:34.240
that like I said you guys have been reaching out and communicating with me I

00:02:34.240 –> 00:02:38.800
do appreciate that and I appreciate you listening to the show so thank you very

00:02:38.800 –> 00:02:44.640
much for that also – over I’ve been working on a couple of security tools I

00:02:44.640 –> 00:02:47.920
added a password strength tool runs locally on your machine you can test

00:02:47.920 –> 00:02:52.400
your password strength there’s tons of them online bit Warren and bit warden

00:02:52.400 –> 00:02:59.160
and security org and a bunch of places offer great tools like that but I was in

00:02:59.160 –> 00:03:02.340
the mood to putz around with some code and I messed around that and that’s on

00:03:02.340 –> 00:03:07.640
the site and that’s free it’s also gonna be up on the Windows Store as well so we

00:03:07.640 –> 00:03:11.920
are I’m doing that as well so a lot of like it’s a lot of little projects

00:03:11.920 –> 00:03:18.000
things going on but over the weekend is always podcast time so again I thank you

00:03:18.000 –> 00:03:25.000
all for listening the show now should be on all the services if I did miss one

00:03:25.000 –> 00:03:30.020
please reach out to me and let me know like I said my emails on my website if I

00:03:30.020 –> 00:03:34.560
missed but I think I have it on all the services now but like I said if I’m

00:03:34.560 –> 00:03:42.680
missing any please let me know so a couple things I wanted to wanted to talk

00:03:42.680 –> 00:03:46.680
about we have a lot of news to talk about but I thought this was

00:03:46.680 –> 00:03:51.120
specifically an interesting article that wanted to kind of start to show off with

00:03:51.120 –> 00:03:58.000
apparently there was a on the security now podcast there was actually somebody

00:03:58.000 –> 00:04:05.480
who had said that they were actually seeing they were monitoring their

00:04:05.480 –> 00:04:10.000
network and they actually were seeing that their wash machine was down was

00:04:10.000 –> 00:04:18.040
uploading and downloading like three gigs of data it was it was unbelievable

00:04:18.040 –> 00:04:22.200
I was reading about this and apparently somebody had hot I mean we all know IOT

00:04:22.200 –> 00:04:27.280
devices like fridges and stuff like that and stoves and stuff don’t get updated

00:04:27.280 –> 00:04:30.400
as much but apparently somebody they actually found somebody running a botnet

00:04:30.400 –> 00:04:35.560
and it was all these wash machines and they were all all this sort of things

00:04:35.560 –> 00:04:39.880
and the reason why I bring this up is somebody it’s somebody it’s in the thing

00:04:39.880 –> 00:04:47.600
that got interesting is to me was and it kind of makes sense so if you hijack an

00:04:47.600 –> 00:04:52.920
IOT device specifically like a wash machine or a refrigerator now the

00:04:52.920 –> 00:04:56.960
specific bug that they’re talking about was actually something that got loaded

00:04:56.960 –> 00:05:01.000
into RAM and I know a lot of people that are listening gonna say well that’s easy

00:05:01.000 –> 00:05:05.760
enough to fix you just restart the the device you’re absolutely 100% right but

00:05:05.760 –> 00:05:09.880
I never really thought about this but it really got me thinking how often do you

00:05:09.880 –> 00:05:15.720
actually unplug your washing machine think about it how often do you actually

00:05:15.720 –> 00:05:20.560
unplug your refrigerator or even think about something like your dishwasher

00:05:20.560 –> 00:05:25.080
that you can’t even get to the plug right kind of an interesting thought

00:05:25.080 –> 00:05:31.240
think about where if you hijack an IOT device you actually have control of this

00:05:31.240 –> 00:05:34.960
thing for quite a while unless the people have a power outage and since

00:05:34.960 –> 00:05:39.840
these devices obviously most of them don’t get regular updates or I mean

00:05:39.840 –> 00:05:44.080
obviously you’re a lot of times your refrigerator is going to last a lot

00:05:44.080 –> 00:05:48.920
longer then probably the support from you know from the manufacturer as far as

00:05:48.920 –> 00:05:52.800
like the updates for the software so they go really makes these these

00:05:52.800 –> 00:05:57.520
connected devices especially vulnerable and and even if they are being updated

00:05:57.520 –> 00:06:02.120
if you get a vulnerability you can load into the RAM like I said think of how

00:06:02.120 –> 00:06:06.680
many times you’ve ever restarted your washing machine or restarted your fridge

00:06:06.680 –> 00:06:10.280
or like I said or something like a while I guess it or a dishwasher where you

00:06:10.280 –> 00:06:16.600
can’t even get to the plug in most cases really doesn’t happen often so if you

00:06:16.600 –> 00:06:21.080
hijack those devices you could have a bot like I said until people have a

00:06:21.080 –> 00:06:24.280
power outage so and if that’s the case you just go back and reinfect them and

00:06:24.280 –> 00:06:27.800
then you’re gonna have them again until people you know until people come I mean

00:06:27.800 –> 00:06:31.760
it kind of is a scary thought if you really think about it because you know

00:06:31.760 –> 00:06:35.320
people will you know have these these connected devices that never get

00:06:35.320 –> 00:06:42.040
restarted so all you need to do is load a you know something into RAM and and

00:06:42.040 –> 00:06:44.520
it’s gonna be there until they have a power outage and think about this well

00:06:44.520 –> 00:06:47.400
the people have a generator what if you have a generator now think now you’re

00:06:47.400 –> 00:06:52.080
never gonna have a real power I mean so I mean a kind of an interesting scary

00:06:52.080 –> 00:06:57.920
thought to think about and something I heard about security now made me really

00:06:57.920 –> 00:07:01.640
you know really think about the IOT devices that I have in my house and all

00:07:01.640 –> 00:07:08.860
that and you know how how you know if somebody got a control of one you know

00:07:08.860 –> 00:07:13.040
it’s it’s it’s pretty brutal and a lot of people especially like the security

00:07:13.040 –> 00:07:16.400
like security people network people tinker or stuff that we’re gonna monitor

00:07:16.400 –> 00:07:20.920
our network traffic and stuff like that but a lot of people like think about

00:07:20.920 –> 00:07:24.840
older people and some of that really don’t really you’re not gonna monitor

00:07:24.840 –> 00:07:27.960
you know don’t don’t monitor their network traffic they just the Internet’s

00:07:27.960 –> 00:07:33.920
there and that’s it so specifically kind of a scary kind of a scary thing to

00:07:33.920 –> 00:07:36.520
think about and something to really think about if you do have IOT attached

00:07:36.520 –> 00:07:41.320
devices you how often they are getting patched so interesting interesting very

00:07:41.320 –> 00:07:46.600
interesting topic I need like I said on security now I really was interested in

00:07:46.600 –> 00:07:50.760
that one this week I don’t listen to it every week I do like Steve Gibson I do

00:07:50.760 –> 00:07:55.160
like spin right wonderful hard drive recovery tool I mean he doesn’t need our

00:07:55.160 –> 00:07:59.000
plug he’s got twit but really is a great hard drive recovery tool he does do a

00:07:59.000 –> 00:08:03.800
great podcast so security now is one I do listen to on occasion and like I said

00:08:03.800 –> 00:08:10.680
it’s really worth listening to also to this week not really security news but

00:08:10.680 –> 00:08:16.320
the the pre-orders for Apple’s vision Pro started like I said really not

00:08:16.320 –> 00:08:19.320
security news but the reason I’m bringing it up is there are already

00:08:19.320 –> 00:08:24.320
people hacking or hawking them excuse me up on eBay already for double the price

00:08:24.320 –> 00:08:28.680
it always happens when there’s a shortage on things Apple specifically

00:08:28.680 –> 00:08:32.380
doesn’t you know only has a limited amount of them to start with I know the

00:08:32.380 –> 00:08:36.600
I believe if I’m not mistaken the a lot of the reviewers and stuff I’ve seen on

00:08:36.600 –> 00:08:41.120
YouTube and all that already have them but apparently if you break the screen

00:08:41.120 –> 00:08:45.680
see almost $800 to fix the screen if you are going to get the vision Pro I

00:08:45.680 –> 00:08:51.840
recommend the Apple care one thing I will say I’ve always said this to people

00:08:51.840 –> 00:08:56.320
especially maybe not so much with the Apple stuff because Apple’s got pretty

00:08:56.320 –> 00:09:01.880
good control that stuff but I do want to say that if you do buy anything like

00:09:01.880 –> 00:09:06.000
that online like I said that’s not much Apple because apples usually got pretty

00:09:06.000 –> 00:09:09.720
good control their stuff but if you do buy any of that stuff online be very

00:09:09.720 –> 00:09:15.560
careful I’ve actually seen people not myself personally but I have actually

00:09:15.560 –> 00:09:21.680
seen online people that actually will will get old laptops you know load you

00:09:21.680 –> 00:09:26.120
know Windows or Linux on them and then load a key logger or load a virus I’m

00:09:26.120 –> 00:09:29.360
like that I’m saying keep an eye on things or use it as a botnet and then

00:09:29.360 –> 00:09:32.380
sell it online if people say oh wow look I got this cheap computer for a hundred

00:09:32.380 –> 00:09:34.440
bucks well yeah you did get a cheapie for a

00:09:34.440 –> 00:09:38.080
hundred bucks but now everything you type is being logged or you know every

00:09:38.080 –> 00:09:40.360
time there’s an attack or something like that your computer is gonna be the one

00:09:40.360 –> 00:09:45.960
used being used as the you know the botnet so you know be very careful when

00:09:45.960 –> 00:09:51.080
you buy cheap electronics online you never know what people do to them I think

00:09:51.080 –> 00:09:56.320
that they call that a supply chain attack obviously we all know we’ve seen

00:09:56.320 –> 00:10:00.320
the videos and some of that what happens with that but again be very very careful

00:10:00.320 –> 00:10:03.600
with that I always encourage people if you are going to get a used computer

00:10:03.600 –> 00:10:07.840
make sure you wipe it the other thing that’s really concerning about that too

00:10:07.840 –> 00:10:13.400
is I see especially especially online on Facebook marketplace a lot you see a lot

00:10:13.400 –> 00:10:17.440
of people that are actually okay you know I’m just I didn’t use this computer

00:10:17.440 –> 00:10:20.920
I’m just selling it online because I don’t need it anymore and then you open

00:10:20.920 –> 00:10:23.760
and I see people you know you started up and oh hey look there’s people’s crap

00:10:23.760 –> 00:10:27.480
still on this computer they never even wiped it clean that happens a lot as

00:10:27.480 –> 00:10:30.040
well especially without recycle electronics and stuff like that happens

00:10:30.040 –> 00:10:37.360
a lot so just another thing to be aware huh so speaking of that too by the way

00:10:37.360 –> 00:10:44.200
one of the other interesting things like I said I was reading very interesting to

00:10:44.200 –> 00:10:47.760
me anyway talking about the Google keyboard how the Google keyboard has

00:10:47.760 –> 00:10:53.640
really got grown in popularity I avoid I mean I’m always concerned about all the

00:10:53.640 –> 00:10:56.560
stuff to get Google collects it’s only gonna be a matter of time before somebody

00:10:56.560 –> 00:11:00.760
eventually hacks them and and we really know how much data they are collecting

00:11:00.760 –> 00:11:04.560
on us we know they’re collecting a lot of data on us but like I said this

00:11:04.560 –> 00:11:09.880
specifically I’m eventually it’s going to happen but anyway you know especially

00:11:09.880 –> 00:11:13.480
when I have a keylog if you think about using the Google keyboard I mean that

00:11:13.480 –> 00:11:17.640
thing basically is a legalized key logger I mean it’s I’m sure Google’s logging

00:11:17.640 –> 00:11:20.760
everything you’re typing specific keywords and all that kind of stuff I

00:11:20.760 –> 00:11:24.720
know I mean I know it I mean I know Google has good security I’m not saying

00:11:24.720 –> 00:11:27.600
they don’t but you think about it using the Google keyboard is basically allowing

00:11:27.600 –> 00:11:32.040
Google to be your key be a legalized key logger I kind of put that out to people

00:11:32.040 –> 00:11:36.800
kind of concerning especially some of the stuff going on with Google now with

00:11:36.800 –> 00:11:42.640
the anti ad tracking stuff you know chromium what would have said to me is

00:11:42.640 –> 00:11:45.880
you know a lot of companies have gone to the open source chromium which is

00:11:45.880 –> 00:11:50.120
maintained by Google and you can create your own browser on chromium but what’s

00:11:50.120 –> 00:11:56.960
concerning to me on that specifically is now that people are using chromium to

00:11:56.960 –> 00:12:02.080
create their own browser everybody but Firefox it’s a bit concerning to me

00:12:02.080 –> 00:12:06.640
because now you know Google is gonna make this ad tracking change to chromium

00:12:06.640 –> 00:12:10.360
and it’s gonna basically affect all the browsers everybody’s about all the

00:12:10.360 –> 00:12:16.120
browsers except for Firefox so it’s a little bit concerning to me that Google

00:12:16.120 –> 00:12:21.440
has kind of kind of because of their open source chromium because everybody

00:12:21.440 –> 00:12:27.120
jumping on board with it now has a very easy way to go ahead and pretty much

00:12:27.120 –> 00:12:30.160
sway the market however they want if you think about it I mean the only one that

00:12:30.160 –> 00:12:33.640
any ad blocker technology and stuff that’s going to work on anymore is gonna

00:12:33.640 –> 00:12:40.680
be Firefox you know because I mean edge opera brave all those guys are built I’m

00:12:40.680 –> 00:12:43.240
not sure what Braves gonna do crazy see what the Braves gonna do they’re saying

00:12:43.240 –> 00:12:47.280
they’re gonna do something I’m curious what they’re gonna do but I mean even

00:12:47.280 –> 00:12:51.540
chromium is gonna have this anti ad technology built in basically Google has

00:12:51.540 –> 00:12:57.200
a way now of kind of kind of swaying the market however they want it’s very

00:12:57.200 –> 00:13:01.640
concerning to me personally I don’t particularly care for it I think that

00:13:01.640 –> 00:13:05.680
you know open source is one thing but they’re also using open source to go

00:13:05.680 –> 00:13:08.300
ahead and push the market in the direction they want to benefit their

00:13:08.300 –> 00:13:13.560
business a little bit a little bit unethical as far as I’m concerned let

00:13:13.560 –> 00:13:16.520
me see the ones that won’t be affected obviously are going to be Firefox and of

00:13:16.520 –> 00:13:20.060
course Safari isn’t affected but those are gonna be only two of the ads

00:13:20.060 –> 00:13:24.440
blocking technology gonna keep working on I recommend to personally if you

00:13:24.440 –> 00:13:26.960
don’t like people tracking you which I don’t particularly like with Google’s

00:13:26.960 –> 00:13:32.400
doing I recommend using Firefox or specifically sound like Firefox or a

00:13:32.400 –> 00:13:37.120
Chrome but like I said I don’t I don’t like I said I’m not very big now the

00:13:37.120 –> 00:13:41.580
other thing too like I said Google has been pushing especially to get rid of

00:13:41.580 –> 00:13:44.700
you know certain cookies and have their own master cookie and everybody uses

00:13:44.700 –> 00:13:48.740
their master cookie and I’m like well yeah that’s great because they’re saying

00:13:48.740 –> 00:13:51.980
oh we’re doing this for privacy but you’re also doing it so everybody’s gonna

00:13:51.980 –> 00:13:57.140
rely on you now for the ads I mean they’re they’re slowly pushing their way

00:13:57.140 –> 00:14:04.080
into being big brother and like I said it’s from a security standpoint concerning

00:14:04.080 –> 00:14:08.300
because I mean if Google does ever get hacked the amount of data that’s gonna

00:14:08.300 –> 00:14:14.400
be released on everybody it’s gonna be a pretty pretty insane it’s gonna be way

00:14:14.400 –> 00:14:18.140
worse than anything we’ve seen I remember when the whole Ashley Madison

00:14:18.140 –> 00:14:22.380
hack happened you know we’re talking even worse with Google because they know

00:14:22.380 –> 00:14:24.660
what you’re searching where you’re searching what time you’re searching or

00:14:24.660 –> 00:14:33.220
pretty pretty concerning so you know something to be concerned about some

00:14:33.220 –> 00:14:36.180
other things too I’ve got a ton of stuff things they got tons I want to talk

00:14:36.180 –> 00:14:39.920
about oh one of the things too I wanted to talk to somebody I know a couple

00:14:39.920 –> 00:14:44.280
people we were talking about how people reached out to me talking about Plex you

00:14:44.280 –> 00:14:48.200
know hosting your own stuff and and your own music and your own videos of that I

00:14:48.200 –> 00:14:52.120
know Plex said they’re gonna be coming out with their own version of like the

00:14:52.120 –> 00:14:55.320
iTunes store and so that’s that you can buy and rent videos right on their

00:14:55.320 –> 00:14:58.760
service I think that’ll be pretty cool they’ve talked about that a few times

00:14:58.760 –> 00:15:04.460
doesn’t come to fruition yet but eventually maybe we’ll see but one of

00:15:04.460 –> 00:15:07.840
things I do want to bring up about that somebody had brought up to me that you

00:15:07.840 –> 00:15:12.780
can use Plex to you know if you tore in a video or something like that you can

00:15:12.780 –> 00:15:16.260
you know use Plex to you know share it on your local network and while that I

00:15:16.260 –> 00:15:20.380
don’t condone that but if you do download a torrent I just want to say

00:15:20.380 –> 00:15:23.920
one thing guys you gotta be very careful you download a torrent especially with

00:15:23.920 –> 00:15:27.600
the popular movies a lot of those torrent files with the popular movies

00:15:27.600 –> 00:15:31.920
have viruses and spyware and some of that built in a lot of times what people

00:15:31.920 –> 00:15:36.160
will do is they will say okay well this is a popular movie I’ll rip it but then

00:15:36.160 –> 00:15:39.200
what I’ll do is I’m gonna put a little little little piece of code in this

00:15:39.200 –> 00:15:43.040
little file here so that this way when they watch the movie and affects their

00:15:43.040 –> 00:15:48.880
system so just something to be you know if you’re going to torrent videos or they

00:15:48.880 –> 00:15:52.160
don’t like I said don’t condone I don’t recommend but if you do torrent videos

00:15:52.160 –> 00:15:55.400
be very careful make sure you scan the files and stuff like that so you don’t

00:15:55.400 –> 00:16:03.080
get a virus on your computer very very important one of the other interesting

00:16:03.080 –> 00:16:08.360
articles this week on throat calm I read his he’s a really big follows he does

00:16:08.360 –> 00:16:12.920
everything with Microsoft and I really follow his stuff because I mean I use I

00:16:12.920 –> 00:16:16.900
use both Mac and Windows I like them both actually but specifically he really

00:16:16.900 –> 00:16:20.920
gets into the guts of Windows and a lot of my customers have Windows one of the

00:16:20.920 –> 00:16:26.640
things he had talked about two specific things was subscription fatigue and the

00:16:26.640 –> 00:16:29.960
reason I’m bringing this up is I know it’s not security related but I do want

00:16:29.960 –> 00:16:33.280
to bring it up because one of the things that he was talking about is that a lot

00:16:33.280 –> 00:16:40.720
of people are starting to host their own files internally people that’s like are

00:16:40.720 –> 00:16:46.800
like okay well I can you know if I buy this NAS for $250 $300 this neck gear

00:16:46.800 –> 00:16:51.320
NAS whatever I can hold you know host like four terabytes of files and I don’t

00:16:51.320 –> 00:16:57.000
have to have any storage online I could save a subscription of $9.99 a month and

00:16:57.000 –> 00:17:00.580
by the way do I want to point out that that’s we just saw about Plex similar

00:17:00.580 –> 00:17:06.280
concept but one of the things he brought up we were people were commenting on

00:17:06.280 –> 00:17:11.800
this and it is very important you know sometimes saving saving money is good

00:17:11.800 –> 00:17:14.480
especially with the economy so that always you know try to save where you

00:17:14.480 –> 00:17:18.880
can but one of the things I do want to point out as well it’s great to host

00:17:18.880 –> 00:17:22.520
your own files and stuff like that heaven forbid you have a fire or

00:17:22.520 –> 00:17:27.120
anything like that you just lost all your data there’s no you know you should

00:17:27.120 –> 00:17:31.400
always have an off-site backup and I know people are saying themselves well

00:17:31.400 –> 00:17:34.520
you know I’ll just save one more sub locally and save a subscription and and

00:17:34.520 –> 00:17:37.440
it is I mean I agree with it too I’m sure we’re all trying to cut back

00:17:37.440 –> 00:17:42.240
especially with subscription services going up and up and up but specifically

00:17:42.240 –> 00:17:47.640
if you if you are going to be saving data locally you really should have

00:17:47.640 –> 00:17:53.280
backup I have my own local NAS here that I host and save all my files on that I’m

00:17:53.280 –> 00:17:57.920
working on some of that but I do also have it set up so that it backs up to

00:17:57.920 –> 00:18:02.080
the cloud any changes I know I think carbonite offers a service like that I

00:18:02.080 –> 00:18:08.940
know I think carbonite I think I think fast go back or a fast backup or go back

00:18:08.940 –> 00:18:14.480
fast or any of those I think junk I think it’s what jungle backup or

00:18:14.480 –> 00:18:17.840
whatever that well that’s an encrypted one but they um they offer where they’ll

00:18:17.840 –> 00:18:21.900
back your NAS up for you every night even if you’re using any if you’re using

00:18:21.900 –> 00:18:26.580
anything any of the popular NAS is like Synology or anything like that they have

00:18:26.580 –> 00:18:31.600
services built right into it but like I said if you are going to be saving your

00:18:31.600 –> 00:18:35.600
stuff locally to try to save money backing it up to an external hard drive

00:18:35.600 –> 00:18:38.280
and leaving it is not I mean a NAS little bit different because you have

00:18:38.280 –> 00:18:43.020
usually have two hard drives that are redundant but if you are going to be

00:18:43.020 –> 00:18:45.500
just backing up your data to a hard drive saying oh yeah I’m gonna back my

00:18:45.500 –> 00:18:49.200
data up this fancy money that one hard drive sitting in your you know your

00:18:49.200 –> 00:18:53.180
living room or your kitchen if there’s a fire you lost all your stuff so I don’t

00:18:53.180 –> 00:18:56.340
particularly recommend that I know we’re all trying to save money on subscription

00:18:56.340 –> 00:19:05.480
services but it’s not exactly the safest and best way to do things so like I said

00:19:05.480 –> 00:19:11.860
just be very careful sometimes you are saving money but you’re also exposing

00:19:11.860 –> 00:19:18.080
yourself possibly to you know you know losing your data so be very very careful

00:19:18.080 –> 00:19:23.820
with that one of the things one of the things somebody did show me this week

00:19:23.820 –> 00:19:30.700
that I like I said I have not I didn’t I knew I knew about it but never actually

00:19:30.700 –> 00:19:39.200
messed with it we’re all on social media these days and there’s a site online

00:19:39.200 –> 00:19:50.520
called red act dev r-e-d-a-c-t dot dev and what this service actually does and

00:19:50.520 –> 00:19:55.000
like I said I have to look because there is a paid version and there is a a free

00:19:55.000 –> 00:20:01.480
version what you can actually do is you can actually go on here and you link

00:20:01.480 –> 00:20:08.840
your social media accounts and it will actually delete all your posts it does

00:20:08.840 –> 00:20:15.280
it all for you so something to think about like I said um like I said it’s

00:20:15.280 –> 00:20:20.280
you can look at it it’s also a mobile app as well but I guess it’s something

00:20:20.280 –> 00:20:23.440
to think about I know a couple people have asked me how do I go ahead and get

00:20:23.440 –> 00:20:29.360
rid of my you know how do I go ahead and get rid of stuff that I posted that I

00:20:29.360 –> 00:20:33.560
don’t want like I said you can go in and actually clear out an entire account of

00:20:33.560 –> 00:20:38.000
data especially Twitter and some of that so just something to look at somebody

00:20:38.000 –> 00:20:41.240
that showed that to me the other day and I really liked it and I wanted to bring

00:20:41.240 –> 00:20:45.480
it up to you guys so they know some people want to kind of prune back some

00:20:45.480 –> 00:20:49.480
of their social media so getting into some of the news of the week that I

00:20:49.480 –> 00:20:53.520
actually collected tons of it we’re not gonna go through all of it because

00:20:53.520 –> 00:20:58.120
there’s so much of it I remember when a friend of mine started a security

00:20:58.120 –> 00:21:01.280
podcast back like maybe 15 years ago he had said I wonder if I’m gonna have

00:21:01.280 –> 00:21:08.400
enough to talk about it seems like now it’s just so much of it but avante has

00:21:08.400 –> 00:21:13.360
had a rough couple weeks the security vendor like I bring this up because I

00:21:13.360 –> 00:21:17.280
know I have had people with the vante and I’ve had a kind of run around

00:21:17.280 –> 00:21:23.920
pre nuts apparently avante their remote so their remote software that last people

00:21:23.920 –> 00:21:28.880
work remotely actually has a vulnerability in it and it was actually

00:21:28.880 –> 00:21:35.360
made NBC News last night apparently top US cybersecurity watchdog issue an

00:21:35.360 –> 00:21:39.740
emergency directive federal agencies about popular software saying that they

00:21:39.740 –> 00:21:44.640
need to go ahead and either patch it or remove it because I guess the government

00:21:44.640 –> 00:21:49.960
uses avante so pretty important if you remember last week I think on the show

00:21:49.960 –> 00:21:55.980
we talked about the VPN had an issue so now they’re remote software which allows

00:21:55.980 –> 00:21:59.360
for remote desktop some of that and now there was this week and then their VPN

00:21:59.360 –> 00:22:03.120
and then earlier this week they had another issue that they released so

00:22:03.120 –> 00:22:08.660
avante is really getting picked apart so something if you do have an avante

00:22:08.660 –> 00:22:13.760
system make sure you are patched and ready to go VPN the remote software

00:22:13.760 –> 00:22:18.920
remote desktop all that stuff that they provide is been having some

00:22:18.920 –> 00:22:23.840
vulnerability so please if you are somebody with avante go ahead and get

00:22:23.840 –> 00:22:30.780
that patched on another site this week you actually says export experts warn of

00:22:30.780 –> 00:22:36.940
Mac OS backdoor hidden in pirated versions of popular software now while

00:22:36.940 –> 00:22:43.600
this is a great article okay the backdoor in the dot dig but they’re

00:22:43.600 –> 00:22:49.240
saying legitimate software like navicat premium ultra edit final shell secure

00:22:49.240 –> 00:22:55.040
CRT and Microsoft remote desktop or have been found to have even though they are

00:22:55.040 –> 00:23:00.680
legit they actually have backdoors into the system so something to be very

00:23:00.680 –> 00:23:04.840
careful of you do use any of those softwares I actually do myself make sure

00:23:04.840 –> 00:23:11.240
you either uninstall them or you patch them very important kind of surprised me

00:23:11.240 –> 00:23:15.640
too because Microsoft had heck of a week this week as far as their stuff

00:23:15.640 –> 00:23:20.420
Microsoft executive said that their emails were hacked by their top guys

00:23:20.420 –> 00:23:24.480
like people they haven’t said names but a match by Sasha and people like that

00:23:24.480 –> 00:23:30.000
the CEO they’re saying that Microsoft actually their emails got hacked by a

00:23:30.000 –> 00:23:34.280
Russian intelligence group the interesting thing about this while we

00:23:34.280 –> 00:23:38.480
weren’t doing the podcast at the time obviously if you remember the solar

00:23:38.480 –> 00:23:46.640
winds attack that happened back in I believe was 2000 or 20 20 20 it’s the

00:23:46.640 –> 00:23:50.560
same they’re saying it’s the same group how they know they have not said how but

00:23:50.560 –> 00:23:57.960
that was something in the news this week that really is kind of really was

00:23:57.960 –> 00:24:01.840
concerning Microsoft obviously I’m waiting to see what’s gonna happen I can

00:24:01.840 –> 00:24:05.080
only imagine that they’re gonna be there’s gonna be a lot of cleanup

00:24:05.080 –> 00:24:08.000
because when you when you’re that high of an executive at a company like that

00:24:08.000 –> 00:24:12.600
you get emails that are not supposed to be out in the world like trade secret

00:24:12.600 –> 00:24:17.080
stuff and things about purchases and things like that that can really be

00:24:17.080 –> 00:24:21.160
dangerous they get out in the wrong hands so I’m sure Microsoft’s in cleanup

00:24:21.160 –> 00:24:25.880
mode right now for that one of the the other interesting articles I’ve

00:24:25.880 –> 00:24:31.320
followed this this pretty closely actually and I take this with a grain

00:24:31.320 –> 00:24:34.320
of salt personally because it’s Kaspersky and they’re rushing company

00:24:34.320 –> 00:24:38.480
and that’s concerning to me because I know there’s been always been

00:24:38.480 –> 00:24:42.280
speculation about Kaspersky and their ties with the government some of that so

00:24:42.280 –> 00:24:47.120
I take this at value but one of the things Kaspersky has recently launched

00:24:47.120 –> 00:24:52.800
is a tool called I shut down and it’s designed basically to detect notorious

00:24:52.800 –> 00:24:58.560
spyware that is on your iOS device I’m not really sure I know cup I’ve seen

00:24:58.560 –> 00:25:04.640
this going around the internet people talking about this I am personally a

00:25:04.640 –> 00:25:08.960
little hesitant with anything from Kaspersky right now because of

00:25:08.960 –> 00:25:12.200
everything going on in the world I know I have seen a bunch of people that used

00:25:12.200 –> 00:25:17.160
it and they said they did find stuff I’m again it’s supposed to be for that

00:25:17.160 –> 00:25:23.360
Pegasus that quad dreams rain and the other one predator so again I mean I

00:25:23.360 –> 00:25:28.400
think you know that it’s well it could be a good tool I would be hesitant to

00:25:28.400 –> 00:25:33.800
use it right now anything like that from Kaspersky that’s that’s just me

00:25:33.800 –> 00:25:38.320
Microsoft having a heck of a week – by the way I had another story here in my

00:25:38.320 –> 00:25:44.840
show notes a critical Microsoft SharePoint bug now actively exploited CIS a

00:25:44.840 –> 00:25:48.440
warns that the attackers are now exploiting a critical Microsoft

00:25:48.440 –> 00:25:52.440
SharePoint privilege escalation vulnerability that can be chained with

00:25:52.440 –> 00:25:58.360
another critical bug now one thing that I do point out that I went through the

00:25:58.360 –> 00:26:02.320
this and read through this whole thing it says the Microsoft SharePoint server

00:26:02.320 –> 00:26:09.320
exploit chain was successfully cut founded by star labs researcher they

00:26:09.320 –> 00:26:15.400
earned $100,000 reward from from what I could take from this because the they

00:26:15.400 –> 00:26:19.880
weren’t overly descriptive about this Microsoft I’m guessing it’s going to be

00:26:19.880 –> 00:26:24.440
if you have in-house SharePoint running that’s a big business for Microsoft

00:26:24.440 –> 00:26:27.360
SharePoint a lot of people don’t know they actually bought SharePoint they

00:26:27.360 –> 00:26:30.960
didn’t actually build it but one of the things like I said if you are running

00:26:30.960 –> 00:26:34.280
SharePoint make sure you go ahead and patch your service but I believe it is

00:26:34.280 –> 00:26:37.680
internal SharePoint it has to be because if it was its external SharePoint

00:26:37.680 –> 00:26:41.640
Microsoft will patch it for you so yeah like I said but they didn’t because one

00:26:41.640 –> 00:26:46.080
of the things somebody had asked was on the forums was is is this currently

00:26:46.080 –> 00:26:49.840
being exploited on 365 and if it is I mean there’s nothing we could really do

00:26:49.840 –> 00:26:52.680
about it Microsoft’s got a patch it but I would imagine they’re probably gonna

00:26:52.680 –> 00:26:57.640
patch it so if you’re running internal SharePoint go ahead and patch immediately

00:26:57.640 –> 00:27:02.400
Microsoft had a lot of big bugs over the last year or so you remember I think it

00:27:02.400 –> 00:27:06.400
was last right around Christmas time whatever they had an issue with exchange

00:27:06.400 –> 00:27:09.440
it got to the point rack space actually had a shut all their servers down

00:27:09.440 –> 00:27:13.980
because it was that vulnerable a lot of stuff going on with that but that is

00:27:13.980 –> 00:27:17.560
something by the way that is going to be coming to an end Microsoft has said that

00:27:17.560 –> 00:27:23.320
they will not be releasing exchange server anymore that I think they said

00:27:23.320 –> 00:27:26.560
they’re releasing their last version of local exchange I don’t know that’s gonna

00:27:26.560 –> 00:27:30.360
fly a lot of people really upset about that and it’s not so the reason why that

00:27:30.360 –> 00:27:35.600
is an issue is because you do have stuff people like lawyers and stuff like that

00:27:35.600 –> 00:27:40.640
that do host their own exchange servers because of the whole security and

00:27:40.640 –> 00:27:48.040
privacy of what they’re actually doing and they don’t want stuff exposed out to

00:27:48.040 –> 00:27:52.240
the cloud specifically because they don’t you know how cloud is redundant

00:27:52.240 –> 00:27:55.480
well they there’s just some kind of rules where they can’t have data being

00:27:55.480 –> 00:27:59.520
backed up in other countries if it’s certain things regarding certain it’s

00:27:59.520 –> 00:28:03.240
all law and stuff I don’t really understand that well but like I said

00:28:03.240 –> 00:28:06.560
it’s there’s something about that I know lawyers specifically upset about that

00:28:06.560 –> 00:28:10.600
some doctors are really upset about that because of the whole HIPAA thing which

00:28:10.600 –> 00:28:15.640
I mean obviously 65 in the cloud is HIPAA compliant but especially people

00:28:15.640 –> 00:28:19.200
with trade secrets or stuff like that you know are concerned and stuff like

00:28:19.200 –> 00:28:22.640
that so we’ll see I mean Microsoft I mean the end of the day Microsoft’s

00:28:22.640 –> 00:28:26.160
gonna keep releasing it if it’s making them money that’s what it comes down to

00:28:26.160 –> 00:28:31.000
you know so you know as things you know stop making Microsoft money is when

00:28:31.000 –> 00:28:34.800
they’re pushing it to the cloud so you know Microsoft’s legacy business of

00:28:34.800 –> 00:28:39.560
Windows Server and Exchange SharePoint all that sort of stuff is still making

00:28:39.560 –> 00:28:43.000
them a lot of money on-prem so until it doesn’t they’re gonna keep releasing it

00:28:43.000 –> 00:28:47.200
so like I said we’ll see what happens with that I would imagine a lot of people

00:28:47.200 –> 00:28:51.080
really complained about the SharePoint going into the cloud I’m sorry about

00:28:51.080 –> 00:28:56.040
exchange going into the cloud I actually am all for it SharePoint I don’t think

00:28:56.040 –> 00:28:59.780
should be in the cloud because SharePoint is very customizable and you

00:28:59.780 –> 00:29:04.200
can do a lot with it where exchange not so much and it’s much more secure in the

00:29:04.200 –> 00:29:07.600
cloud like I said I think I don’t think you’re gonna see I don’t think you’re

00:29:07.600 –> 00:29:11.480
gonna see SharePoint stop being released locally but I do think exchange

00:29:11.480 –> 00:29:14.440
eventually will go all in the cloud but I guess I do like SharePoint locally

00:29:14.440 –> 00:29:18.920
because it is very customizable and I have seen some companies with very

00:29:18.920 –> 00:29:24.860
elaborate SharePoint setups speaking of things that are hacked and secure lush

00:29:24.860 –> 00:29:29.080
cosmetics I know they’re pretty popular company I don’t know a lot about them

00:29:29.080 –> 00:29:34.480
but I do know that they had a they got hacked pretty bad and they have somebody

00:29:34.480 –> 00:29:38.160
coming in an IT company doing an independent security audit to check their

00:29:38.160 –> 00:29:42.920
system so really glad they’re doing that but they did get hacked they haven’t

00:29:42.920 –> 00:29:46.240
released I obviously want the report as the people to come in and do a search

00:29:46.240 –> 00:29:49.200
and spec see I don’t think they know what got hacked a lot of these places

00:29:49.200 –> 00:29:52.080
like cosmetics companies and stuff of that don’t really know the security

00:29:52.080 –> 00:29:55.140
infrastructure too well so they you know they’re gonna somebody come in do an

00:29:55.140 –> 00:29:59.120
audit see what got tampered with and then obviously make recommendations but

00:29:59.120 –> 00:30:03.160
to tighten the place up so if you are somebody that uses them you might want

00:30:03.160 –> 00:30:07.040
to keep an eye on your credit cards or whatever you use on there so our friends

00:30:07.040 –> 00:30:14.760
down under had a substantial breach labor was hit by a major government data

00:30:14.760 –> 00:30:19.880
breach millions of files stolen from key departments labor has admitted it

00:30:19.880 –> 00:30:24.420
suffered Australia’s largest ever government data breach with key

00:30:24.420 –> 00:30:29.880
intelligence defense economic department information files were stolen from

00:30:29.880 –> 00:30:36.400
Australia’s largest commercial law firm so those people in Australia I can

00:30:36.400 –> 00:30:39.680
imagine I really hope they have good cyber insurance because they are going

00:30:39.680 –> 00:30:43.480
to need it the interest the other interesting thing about this they said

00:30:43.480 –> 00:30:49.720
in April of 2023 of 2023 ransomware group stole more than 2.5 million files

00:30:49.720 –> 00:30:55.200
from the firm so this is you know something that’s this is a pretty big

00:30:55.200 –> 00:31:03.000
deal because a lot of government stuff has gone out so like I said I saw that

00:31:03.000 –> 00:31:05.800
I’m like oh interesting so it’s not just our government that gets hacked by the

00:31:05.800 –> 00:31:13.400
way it’s everybody else as well also – there are a bunch of those of you that

00:31:13.400 –> 00:31:17.360
use WordPress for your website there has been a lot of stuff coming out about

00:31:17.360 –> 00:31:23.040
this obviously WordPress always has issues with hacks and some of that so

00:31:23.040 –> 00:31:26.760
you have to make sure you keep all your stuff up to date but they said over 6700

00:31:26.760 –> 00:31:32.720
WordPress sites using outdated version of the pop-up builder plug-in have been

00:31:32.720 –> 00:31:37.600
infected and are suffering from malware so if you are somebody that uses the

00:31:37.600 –> 00:31:42.600
pop-up builder plug-in on your website I would make sure to get that hack get

00:31:42.600 –> 00:31:47.160
that fix so you don’t get hacked or if you are hacked roll back to a backup

00:31:47.160 –> 00:31:51.360
there’s another one as well this week about WordPress over 300,000 WordPress

00:31:51.360 –> 00:31:58.320
sites vulnerable to post SMTP plug-in so if you are somebody that uses SMTP on

00:31:58.320 –> 00:32:03.520
WordPress and you use the post SMTP plug-in you have to patch that as well

00:32:03.520 –> 00:32:10.040
so it’s a busy week for security stuff going on I mean always is but

00:32:10.040 –> 00:32:15.160
specifically this week there’s a lot of a lot of hacks and stuff like that

00:32:15.160 –> 00:32:21.920
opera has a bug in it which is going to let hackers run any file on your Mac or

00:32:21.920 –> 00:32:29.520
Windows PC that was in the news this week as well opera obviously pretty

00:32:29.520 –> 00:32:35.240
popular I mean it’s definitely it’s not on chrome level or Firefox level but

00:32:35.240 –> 00:32:40.680
definitely is pretty popular but like I said security researchers disclosed a now

00:32:40.680 –> 00:32:45.440
patch security floor in opera web browser that was allowing people with

00:32:45.440 –> 00:32:50.920
Microsoft Windows or Apple OS that could exploit any files or run any files on

00:32:50.920 –> 00:32:55.160
their system so the remote code execution vulnerability my flaw they’re

00:32:55.160 –> 00:33:02.120
calling it was discovered and apparently it is patched now so if you are if you’re

00:33:02.120 –> 00:33:06.280
using opera browser or opera GX make sure you go in patch that’s actually

00:33:06.280 –> 00:33:10.600
pretty concerning thing because anybody can run any files on your machine pretty

00:33:10.600 –> 00:33:17.280
scary so team viewer apparently has another big attack right now that people

00:33:17.280 –> 00:33:21.480
figure out how to remotely gain access to systems team viewers saying to patch

00:33:21.480 –> 00:33:27.000
it any of that stuff especially team viewer and any desk and a lot of these

00:33:27.000 –> 00:33:31.240
things they’re always very vulnerable to attacks is obviously you get remote

00:33:31.240 –> 00:33:35.080
control so nice a machine so I know these things are important are very

00:33:35.080 –> 00:33:37.960
well used but you got to make sure you keep up to date because these companies

00:33:37.960 –> 00:33:41.000
have quite that I would not want to be on one of these security teams for one

00:33:41.000 –> 00:33:45.880
of these companies I can only imagine what they go through the amount of just

00:33:45.880 –> 00:33:51.220
stuff that they have to deal with with attacks and all that cuz I mean

00:33:51.220 –> 00:33:54.840
basically think about it I mean somebody I mean you’re basically if you get

00:33:54.840 –> 00:33:58.160
hacked is basically give somebody remote access to a system so it’s a it’s a

00:33:58.160 –> 00:34:03.120
really tough really tough thing to you know deal with I give any of these guys

00:34:03.120 –> 00:34:07.600
that work on these teams tons and tons of credit because it definitely is a

00:34:07.600 –> 00:34:12.360
home edge is gonna be hard work so the one the last article I want to talk

00:34:12.360 –> 00:34:17.720
about is an interesting one they are actually saying that there is a lack of

00:34:17.720 –> 00:34:23.200
cybersecurity experts in the industry and the same part of the problem is that

00:34:23.200 –> 00:34:26.920
a lot of the kyber security experts don’t have the degrees required to get

00:34:26.920 –> 00:34:31.880
the job this is an interesting article it’s from the national was at the

00:34:31.880 –> 00:34:38.320
national the national cyber director he addressing the cyber talent shortage

00:34:38.320 –> 00:34:44.560
this is actually like I said this is actually on the actual news site clear

00:34:44.560 –> 00:34:49.320
news dot clearance jobs calm which is where you would look for federal jobs

00:34:49.320 –> 00:34:54.480
he’s actually saying that he working that they want to remove the degree

00:34:54.480 –> 00:34:58.480
requirement most jobs in the US government for skyber secure car for

00:34:58.480 –> 00:35:01.520
your degrees many people don’t have a four-year degree that our security

00:35:01.520 –> 00:35:06.720
experts and they want to go ahead and remove that just way they will not get a

00:35:06.720 –> 00:35:11.720
shortage as people without four-year degrees are not being considered so

00:35:11.720 –> 00:35:16.840
basically what this is the government is is lowering their standards for getting

00:35:16.840 –> 00:35:21.560
people and and honestly I don’t blame them I know a lot of good cybersecurity

00:35:21.560 –> 00:35:26.040
people myself included that don’t have four-year degrees that went maybe to

00:35:26.040 –> 00:35:29.560
college for two years have associates and they got into cybersecurity I know

00:35:29.560 –> 00:35:33.400
many people that didn’t go to college at all and when it got into cybersecurity I

00:35:33.400 –> 00:35:36.800
know a lot of programmers that are amazing bug finders that never went to

00:35:36.800 –> 00:35:41.800
college and do a great job so I actually think this is actually really good most

00:35:41.800 –> 00:35:47.040
of your good hackers didn’t go to college I hate to say that but a

00:35:47.040 –> 00:35:51.480
majority of your good hackers don’t go to college I know a lot of good good

00:35:51.480 –> 00:35:54.760
security professionals and some of that that you bug bounty and some of that

00:35:54.760 –> 00:35:57.520
none of them are meant to college they just hang out and just do bug bounty all

00:35:57.520 –> 00:36:02.960
day I know a lot of guys that actually did get in trouble and then got jobs

00:36:02.960 –> 00:36:06.000
with the government after they got out I know a lot of that kind of stuff happens

00:36:06.000 –> 00:36:12.520
so I think this is a specific case where they’re gonna have to you know sometimes

00:36:12.520 –> 00:36:15.800
the you know the government needs to understand that they’re you know they

00:36:15.800 –> 00:36:19.520
you’re not always gonna you have to look sometimes it’s not even lowering your

00:36:19.520 –> 00:36:24.480
standards if the industries have changed so much you know 20 30 years ago none of

00:36:24.480 –> 00:36:28.080
your IT people went to college because College for Computer Technology didn’t

00:36:28.080 –> 00:36:32.320
exist so I mean a really interesting thing and some of your your best minds

00:36:32.320 –> 00:36:36.300
are not college graduates so I think this is actually a good thing by the

00:36:36.300 –> 00:36:38.680
government I’m sure they’re gonna have some kind of vetting process where you

00:36:38.680 –> 00:36:42.920
have to pass it you know test or something like that I’m sure that

00:36:42.920 –> 00:36:47.200
there’ll be something there but like I said I actually think this is actually a

00:36:47.200 –> 00:36:52.600
really good idea get more able to get more people get better people sometimes

00:36:52.600 –> 00:36:55.720
people that you know there’s a big difference in one thing anybody that

00:36:55.720 –> 00:37:00.080
works in cybersecurity or it works any job field whether it’s a skill or trade

00:37:00.080 –> 00:37:04.120
will realize there’s always a big difference between knowledge and

00:37:04.120 –> 00:37:08.800
experience and that’s really important so I do want to bring that up like I

00:37:08.800 –> 00:37:12.160
said some of the best coders I’ve ever met have never went to college and they

00:37:12.160 –> 00:37:16.660
were great coders so I mean it’s it’s one of those kinds of businesses where

00:37:16.660 –> 00:37:20.160
sometimes you’re not going to always you know college isn’t for everybody some

00:37:20.160 –> 00:37:24.040
people are better at educating themselves and I think that is becoming a real

00:37:24.040 –> 00:37:27.880
thing now especially with the internet stuff a lot of people go to cyber school

00:37:27.880 –> 00:37:31.160
now a lot of people do home school now some of that because they want to move

00:37:31.160 –> 00:37:35.360
faster they want to learn more there’s actually quite a bit of that actually I

00:37:35.360 –> 00:37:38.920
know quite a few people that are that are cyber schooling or homeschooling

00:37:38.920 –> 00:37:42.760
just because they can move at a faster pace and get more done and be more

00:37:42.760 –> 00:37:47.040
prepared for college and then some people isn’t you know colleges for

00:37:47.040 –> 00:37:51.600
everybody a lot of guys that made good money doing apps on the App Store and

00:37:51.600 –> 00:37:56.240
stuff that have never went to college so you know it’s one of those kinds of

00:37:56.240 –> 00:37:58.520
things where I think the government realizes that yes we’re holding people

00:37:58.520 –> 00:38:02.360
to a ridiculously high standard some of the best people in we need to get the

00:38:02.360 –> 00:38:07.360
best so in order to get the best we have to lower the standards of what we want

00:38:07.360 –> 00:38:10.960
and you know college is not for everybody like I said there are some

00:38:10.960 –> 00:38:14.760
great people in security industry that don’t have four-year degrees so I’m

00:38:14.760 –> 00:38:18.120
really happy that they’re doing that we need to really get a handle on this kind

00:38:18.120 –> 00:38:23.100
of thing because with all this government sponsored hacking and all

00:38:23.100 –> 00:38:27.400
that kind of stuff we are going to need really good people and especially since

00:38:27.400 –> 00:38:31.960
there is a shortage of people this is a good way of doing it and I want to point

00:38:31.960 –> 00:38:35.280
this out to a lot of people talk about COVID and and I’m not getting political

00:38:35.280 –> 00:38:39.360
I’m not but a lot of people say COVID where’d all these people go why didn’t

00:38:39.360 –> 00:38:44.080
people go back to work it just shows you too that it’s it’s not just like the job

00:38:44.080 –> 00:38:49.600
it’s not just like the food industry it’s not just the you know the the

00:38:49.600 –> 00:38:53.920
blue-collar jobs with a shortage of people even in in white-collar fields

00:38:53.920 –> 00:38:58.920
there is a shortage of good people so it just shows you it doesn’t matter what

00:38:58.920 –> 00:39:03.840
industry your is there is a serious shortage of people in the workforce and

00:39:03.840 –> 00:39:07.960
like I said it doesn’t matter you know what industry you’re in there is a

00:39:07.960 –> 00:39:12.320
shortage right now so I thought that was interesting like I said I want to go

00:39:12.320 –> 00:39:15.880
ahead and just point one thing out like I said if you want to reach out to me go

00:39:15.880 –> 00:39:20.640
to the website the pain of security comm email me I do enjoy all the emails and

00:39:20.640 –> 00:39:25.760
really appreciate it and like I said I have I do we do have the forums up now

00:39:25.760 –> 00:39:29.400
and a lot of other things so please go with it we also have a lot of free tools

00:39:29.400 –> 00:39:33.360
I have I write a lot of free little tools and give them away for free if you

00:39:33.360 –> 00:39:38.280
go to the pain of security comm click on tools click on software there is tons of

00:39:38.280 –> 00:39:41.480
free software there you can use little security tools little things I write

00:39:41.480 –> 00:39:46.120
that I give away for free go ahead and like I said take you know you know

00:39:46.120 –> 00:39:49.800
download them enjoy them use them like I said all these little goodies that I

00:39:49.800 –> 00:39:52.520
write like I said I give them away for free I enjoy messing with code when I

00:39:52.520 –> 00:39:56.680
have some downtime and it’s nice just make sometimes little tools that people

00:39:56.680 –> 00:40:01.440
can use and kind of help people out just like this podcast so I want to thank

00:40:01.440 –> 00:40:08.000
everybody for listening and we will see you on the next episode thank you much

00:40:08.000 –> 00:40:08.840
(upbeat music)


More Secure Ways To Send Data (Transcript)

(Full Show Audio)

All right folks you have the download button on security assessment podcast
00:00:00,000 –> 00:00:04,840

brought to you by our company Lipani security if you’re interested go to the
00:00:04,840 –> 00:00:09,800

link in the show notes below and check out all of our services software that we
00:00:09,800 –> 00:00:14,240

offer as well as our blogs about security in all our past podcast
00:00:14,240 –> 00:00:19,680

episodes I want to thank you all for listening and let the show begin
00:00:19,680 –> 00:00:25,360

all right let the show begin our first episode of the security assessment
00:00:25,360 –> 00:00:40,040

podcast I am your host Brandon and this show is going to be we’re gonna try to
00:00:40,040 –> 00:00:45,960

do a weekly show about the security every week a lot of you guys might
00:00:45,960 –> 00:00:49,720

remember me from the technology geek podcast which I did for many many years
00:00:49,720 –> 00:00:54,720

but recently we don’t I have not done that show I’ve been concentrating more
00:00:54,720 –> 00:01:00,200

on the business and things that are going on in the security world and the
00:01:00,200 –> 00:01:05,240

hardware world all that kind of stuff so the show is gonna be a little bit
00:01:05,240 –> 00:01:09,560

different for those of you that remember me from the technology geek podcast but
00:01:09,560 –> 00:01:13,360

except we’re gonna be focusing more on security we’re gonna talk about other
00:01:13,360 –> 00:01:16,000

things trust me tech news gadgets all that kind of stuff but more security
00:01:16,000 –> 00:01:20,880

focused here now on this show and speaking of security news we’ll dive
00:01:20,880 –> 00:01:27,240

right in here so a lot of a lot of things really going on overseas right
00:01:27,240 –> 00:01:33,000

now we all know obviously about the Russia and Ukraine situation but
00:01:33,000 –> 00:01:39,320

apparently that there has been research done and people have found out apparently
00:01:39,320 –> 00:01:44,000

Russia has hacked over 10,000 security cameras in Ukraine and they’ve been
00:01:44,000 –> 00:01:50,600

using these cameras specifically to target attacks target specific cities
00:01:50,600 –> 00:01:58,640

just their their strikes on Ukraine get updates on what’s going on in Ukraine
00:01:58,640 –> 00:02:03,760

all that so recently they have went ahead and they have Ukraine’s shut down
00:02:03,760 –> 00:02:09,520

a lot of their security cameras really to protect themselves as well as you
00:02:09,520 –> 00:02:16,160

know Russia spying on them and things like that what’s concerning to me though
00:02:16,160 –> 00:02:20,040

is some of the camera vendors that they use over there are here in America
00:02:20,040 –> 00:02:24,120

Ukraine has not yet released a list of what camera vendors or what kind of
00:02:24,120 –> 00:02:31,360

cameras were infected I would really like to know that because the odds are
00:02:31,360 –> 00:02:34,680

chance some of those camera vendors are probably used over here I know they for
00:02:34,680 –> 00:02:41,160

the only thing we got so far about this was that the cameras are made by China
00:02:41,160 –> 00:02:45,120

North Korea and Russia so that could be a whole sort of whole bunch of brands I
00:02:45,120 –> 00:02:50,920

wish they would release it they have not yet I know people are trying to find out
00:02:50,920 –> 00:02:54,440

obviously it’s probably not the top thing on Ukraine’s list to get out there
00:02:54,440 –> 00:02:57,800

but is something very important if you see any weird activity or anything like
00:02:57,800 –> 00:03:01,480

that going on on your cameras it may be something worth taking a look at so just
00:03:01,480 –> 00:03:08,240

keep yourself you know you know kind of keep an eye on things just see what’s
00:03:08,240 –> 00:03:13,520

going on with your camera system and if you see anything obviously turn them off
00:03:13,520 –> 00:03:17,840

right away and then also to the news I think it’s important enough really to
00:03:17,840 –> 00:03:22,720

talk about because it’s still all stuff in Ukraine going on but apparently Russia
00:03:22,720 –> 00:03:26,760

hackers were inside Ukraine’s telecom giant for months and they haven’t
00:03:26,760 –> 00:03:32,320

Russian hackers were inside Ukraine’s telecom giant Kistar forgive me if
00:03:32,320 –> 00:03:37,320

I butchered that and apparently they’ve been in for by the last year doing cyber
00:03:37,320 –> 00:03:41,840

attacks all that kind of stuff so one of the things that I guess is concerning
00:03:41,840 –> 00:03:46,800

about that is if you do send any email or any information over to Ukraine your
00:03:46,800 –> 00:03:53,640

data possibly could have gotten hung up with this America obviously has been
00:03:53,640 –> 00:03:57,840

communicating with Ukraine for a lot of things so it’s very concerning now one
00:03:57,840 –> 00:04:04,040

of the things they said if people need to be worried about is people using SIM
00:04:04,040 –> 00:04:06,680

cards because of the attacks anybody that used used an ATM anything like that
00:04:06,680 –> 00:04:12,280

anybody who’s communicated to anybody overseas you know so there’s just they
00:04:12,280 –> 00:04:16,800

have the attackers wiped almost I mean wiped almost everything so it’s gonna be
00:04:16,800 –> 00:04:20,880

almost impossible to find out who did it but they said there’s thousands of
00:04:20,880 –> 00:04:24,560

virtual servers and PCs that they said that they got access to so like I said
00:04:24,560 –> 00:04:29,800

you just be very cautious if you are speaking to anybody over there as it you
00:04:29,800 –> 00:04:37,080

know you could have been exposed if you give any personal information so just be
00:04:37,080 –> 00:04:41,620

concerned about that also to anybody I wanted to bring this up because I get to
00:04:41,620 –> 00:04:47,120

get some people ask me about it 23 and me still a mess over there they’ve been
00:04:47,120 –> 00:04:51,840

hit with about 30 lawsuits since December the breach apparently what
00:04:51,840 –> 00:04:57,360

they’re saying is 6.9 million of their users were exposed to some point they
00:04:57,360 –> 00:05:04,160

see roughly about 14,000 accounts were compromised so I mean it’s a big deal
00:05:04,160 –> 00:05:10,240

over there I’m very skeptical about this the fact that I’m 23 and me is trying to
00:05:10,240 –> 00:05:18,080

say oh it’s not our fault it’s your fault and all that kind of stuff they’re
00:05:18,080 –> 00:05:22,400

gonna hit this is gonna be a big class-action lawsuit you know it’s going
00:05:22,400 –> 00:05:25,200

to be like I said they’ve already gotten hit with 30 lawsuits already and I just
00:05:25,200 –> 00:05:30,400

don’t like the way they’re handling this saying that well that if this setting
00:05:30,400 –> 00:05:33,520

wasn’t if you turn the setting off you your account wouldn’t have been breached
00:05:33,520 –> 00:05:36,480

so it’s your fault for not turning this thing off I just I don’t particularly
00:05:36,480 –> 00:05:39,600

care the way they’re handling this they’re not taking any responsibility
00:05:39,600 –> 00:05:43,240

and that is a rather concerning speaking of lawsuits if you remember in 2020 the
00:05:43,240 –> 00:05:52,040

Google had Google got a lawsuit against them for claiming that the incognito
00:05:52,040 –> 00:05:56,520

mode apparently they’re still tracking you in incognito mode they apparently
00:05:56,520 –> 00:06:00,760

settled that with five billion I don’t know exactly how it’s gonna be dished
00:06:00,760 –> 00:06:04,440

out yet they haven’t talked about it yet but I’m sure there will be a lot anybody
00:06:04,440 –> 00:06:08,240

I guess it’s using cognitos give me a title to a few bucks so we will have to
00:06:08,240 –> 00:06:12,200

kind of to see what happens with that and keep an eye on that going forward
00:06:12,200 –> 00:06:18,120

and then also to that big class-action lawsuit was settled with that company
00:06:18,120 –> 00:06:22,360

home advisor apparently they were selling people saying hey you know you
00:06:22,360 –> 00:06:25,880

can get great leads from our company and apparently they were selling garbage
00:06:25,880 –> 00:06:29,600

leads to people and people were I mean losing money because you’re getting all
00:06:29,600 –> 00:06:33,480

these leads and and all that and you’re collecting tons of leads and stuff like
00:06:33,480 –> 00:06:37,120

that and the most you you pay per lead but get a lot of leads were garbage so
00:06:37,120 –> 00:06:43,280

apparently there was a big class action lawsuit with that and apparently
00:06:43,280 –> 00:06:47,560

everybody’s going to be entitled to so much money I mean it won’t be you’re not
00:06:47,560 –> 00:06:50,920

gonna get back everything you lost but I’m sure they’re they dished out at
00:06:50,920 –> 00:06:54,000

checks I know some people I saw on the internet got you know 30 40 50 dollars
00:06:54,000 –> 00:06:58,000

it really depends on how much you lost with those particular that class-action
00:06:58,000 –> 00:07:03,360

lawsuit but that was another lawsuit like I said it’s a lot of lawsuits are
00:07:03,360 –> 00:07:05,760

getting settled here early in this first part of them you know the month so but
00:07:05,760 –> 00:07:10,680

like I said I wanted to bring that up as well there there’s been so many of these
00:07:10,680 –> 00:07:14,480

lawsuits and it’s gonna keep going on but yeah 20 like it’s 23 in May home
00:07:14,480 –> 00:07:19,080

advisor Google all these lawsuits got settled this week so we’re moving moving
00:07:19,080 –> 00:07:24,880

forward so last pass the the largest I think password management company in the
00:07:24,880 –> 00:07:29,460

world I think anyway announced on their blog that they’re going to be making
00:07:29,460 –> 00:07:33,360

some serious changes to their system as you guys know they got hit a few times
00:07:33,360 –> 00:07:38,760

with a bunch of cyber attacks things of that nature last pass I actually have
00:07:38,760 –> 00:07:43,960

lost confidence in them there’s been too many attacks all and stuff over the last
00:07:43,960 –> 00:07:49,200

couple years I think it’s not all their fault as a company gets bigger and
00:07:49,200 –> 00:07:53,760

bigger it’s hard to sometimes to keep the security locked down well I mean it
00:07:53,760 –> 00:07:57,140

is their fault but it’s harder for them to lock it down and their their system
00:07:57,140 –> 00:08:01,400

is closed source so they don’t have people can’t review their code and some
00:08:01,400 –> 00:08:05,000

of that so but they are now trying to tighten things up a little bit on their
00:08:05,000 –> 00:08:10,520

blog they said they’re gonna be there asking customers to update their master
00:08:10,520 –> 00:08:15,080

password to make it longer and more secure they are going to be enforcing
00:08:15,080 –> 00:08:18,880

and enrolling multi-factor authentication and all these changes
00:08:18,880 –> 00:08:23,840

are going to be rolling out as they are trying to go ahead and make their
00:08:23,840 –> 00:08:29,600

systems more secure they should have been doing I know you know there’s
00:08:29,600 –> 00:08:34,000

always been a fine line in security between usability and secure you know
00:08:34,000 –> 00:08:40,640

secure ability in a sense of you don’t want to make something too secure that
00:08:40,640 –> 00:08:44,120

it’s so complicated that people don’t want to use it especially if you’re a
00:08:44,120 –> 00:08:47,140

for-profit business but you also don’t want to make it income you know too
00:08:47,140 –> 00:08:51,600

simple and insecure because then you’re not really doing your customers a
00:08:51,600 –> 00:08:55,000

service so that’s a very tough line to walk and specifically in the password
00:08:55,000 –> 00:09:00,800

management business it’s extremely difficult just because of the way things
00:09:00,800 –> 00:09:05,880

are you know it generally in this world people tend to take convenience over
00:09:05,880 –> 00:09:11,280

security and that’s perfectly normal but when you’re running a password
00:09:11,280 –> 00:09:15,520

management that has access to everything for people to get you have to be really
00:09:15,520 –> 00:09:20,480

secure and I think they’ve really dropped the ball on it I personally
00:09:20,480 –> 00:09:25,680

recommend that everybody use bitwarden that’s what I use they walk much fine
00:09:25,680 –> 00:09:32,040

they walk it’s much I like the way they run their company much more all their
00:09:32,040 –> 00:09:36,320

code is open source so hackers and things like that can look and see hey
00:09:36,320 –> 00:09:40,560

there’s a bug or report to them and they can patch it I like the fact that they
00:09:40,560 –> 00:09:44,840

have third-party audits done regularly that are public knowledge so they can
00:09:44,840 –> 00:09:50,280

have accountability so what they do is they have we have the security audits
00:09:50,280 –> 00:09:54,720

done once they fix the problems and all that they post the security audits up to
00:09:54,720 –> 00:09:58,960

their customers to show hey we had an audit done we found problems we fixed it
00:09:58,960 –> 00:10:03,440

so it keeps us honest the worst kind what really what last pass did that
00:10:03,440 –> 00:10:07,840

really upset me about them was they had an issue they knew they had an issue
00:10:07,840 –> 00:10:13,200

they kept it very hush-hush and then when they finally did have a breach
00:10:13,200 –> 00:10:17,160

because the issue they never patched they they didn’t react to it well they
00:10:17,160 –> 00:10:22,480

didn’t hate they they didn’t hand in quick didn’t react to it quick enough
00:10:22,480 –> 00:10:27,080

their response times were terrible with it you know the whole thing with them is
00:10:27,080 –> 00:10:32,000

just I just don’t particularly care for the way they’ve handled it and I do like
00:10:32,000 –> 00:10:36,640

the way last pass I’m sorry excuse me I do like the way bitwarden has handled
00:10:36,640 –> 00:10:41,440

any issues they’ve had quickly they’ve open sourced everything like they should
00:10:41,440 –> 00:10:45,600

for a company like that they have done everything the way I would have done it
00:10:45,600 –> 00:10:50,200

and the way I think is responsible to do it when you’re looking at you have
00:10:50,200 –> 00:10:54,200

people’s whole lives in their database and I know you’re saying what whole lives
00:10:54,200 –> 00:10:58,200

well yeah because most people use these passwords man for their bank accounts
00:10:58,200 –> 00:11:01,320

for all that kind of stuff very sensitive data that really needs to be
00:11:01,320 –> 00:11:07,240

overly secure you know it’s one of those things when you are when you’re storing
00:11:07,240 –> 00:11:11,840

people’s passwords to their personal information it needs to be tight and
00:11:11,840 –> 00:11:17,320

fortunately last pass I think they’ve just I think at the beginning they were
00:11:17,320 –> 00:11:21,160

ahead of their time with password managing and I think they just grew too
00:11:21,160 –> 00:11:25,060

fast grew too big and just you know they’re they they just got bigger than
00:11:25,060 –> 00:11:29,720

what they could handle they didn’t patch the code right they didn’t handle
00:11:29,720 –> 00:11:33,040

security audits and everything properly and sometimes that happens bitwarden is
00:11:33,040 –> 00:11:38,160

a lot smaller company they’re open source so that they can put the stuff
00:11:38,160 –> 00:11:42,200

out there if you want you know their their attitude is well here’s the code
00:11:42,200 –> 00:11:44,640

you know take a look let me know what you think if you want to run your own
00:11:44,640 –> 00:11:47,520

password managers you can here’s our code to do it so you’re safe and secure
00:11:47,520 –> 00:11:51,920

with it you run your own or you can buy our service I mean I think everything
00:11:51,920 –> 00:11:56,400

the way bitwarden has done it is is appropriate and compared to last pass
00:11:56,400 –> 00:12:01,920

they really stepped up their game so I am very very much pro bitwarden it’s the
00:12:01,920 –> 00:12:09,080

one I recommend they are not a sponsor of this podcast I want to point that out
00:12:09,080 –> 00:12:12,800

I’m recommending them because I personally use them I personally had
00:12:12,800 –> 00:12:16,680

good experiences with them also – they have iOS support they have Android
00:12:16,680 –> 00:12:22,280

support so if you’re using it on your desktop and you say hey I would like to
00:12:22,280 –> 00:12:26,000

use this on my phone as well you can use it on your phone as well and they have
00:12:26,000 –> 00:12:30,880

browser extensions it’s really really well done they have they’re actually
00:12:30,880 –> 00:12:35,160

adding passkey now which is a very important thing it’s in beta it should
00:12:35,160 –> 00:12:39,120

be out where instead of just using a password use a long key they support
00:12:39,120 –> 00:12:43,520

biometric so if you’re on a Mac or on your phone it can use face ID you can
00:12:43,520 –> 00:12:46,880

use ID your thumb ID your fingerprint ID like I said everything about them is
00:12:46,880 –> 00:12:53,360

being done properly for a password manager and that’s why I am very very
00:12:53,360 –> 00:12:57,560

pro bitwarden they are not a sponsor if they would like to I would be more than
00:12:57,560 –> 00:13:01,440

having to take them on as a sponsor but like I said the way they are handling
00:13:01,440 –> 00:13:05,080

the password manager I am very very for I actually have had companies in the
00:13:05,080 –> 00:13:09,320

past that wolf said to me you know we’re not comfortable hosting on bitwarden
00:13:09,320 –> 00:13:13,000

we’d like to host we like bit wouldn’t like to host it ourselves on our own
00:13:13,000 –> 00:13:16,400

server so we don’t have a big bill because they got a lot of users because
00:13:16,400 –> 00:13:19,000

you pay by the user with their their hosting count so you can actually take
00:13:19,000 –> 00:13:23,680

bit wardens code and host your own server and I am and it’s really cool like
00:13:23,680 –> 00:13:28,520

I said I I really like it because like I said if you’re a big company and say hey
00:13:28,520 –> 00:13:32,200

you know we don’t want to spend you know two three thousand a month on on you
00:13:32,200 –> 00:13:36,440

know password but we want something secure and safe you can actually use bit
00:13:36,440 –> 00:13:40,640

what it actually has the software and everything built out for you all you
00:13:40,640 –> 00:13:44,360

have to do is load it on your own server and you can manage it yourself so I
00:13:44,360 –> 00:13:47,600

really like the way they do this kind of twice that they’re really as a password
00:13:47,600 –> 00:13:51,240

manager they are right where you’d want to be and that’s why I really think if
00:13:51,240 –> 00:13:55,240

you are going to use a password manager I strongly recommend using bitwarden
00:13:55,240 –> 00:13:59,600

because they do they’ve got they are on the right track they handle incident
00:13:59,600 –> 00:14:03,920

response properly I’ve looked into the way they secure stuff with encrypt stuff
00:14:03,920 –> 00:14:08,320

like I said everything is being done right like I said I think last passage
00:14:08,320 –> 00:14:13,720

become too big of a company and they are putting their profit over people and
00:14:13,720 –> 00:14:17,800

insecurity you cannot do that you have to put security over profit one of the
00:14:17,800 –> 00:14:23,200

other companies that I used to recommend that I don’t anymore is to to know to
00:14:23,200 –> 00:14:27,140

to know to them and proton proton mail I used to be really pro both of these
00:14:27,140 –> 00:14:34,880

companies they run they’re running encrypting email services so in other
00:14:34,880 –> 00:14:38,540

words if you wanted to you could send an email to somebody with that was
00:14:38,540 –> 00:14:42,260

encrypted and so they can only open if they had the password or if they had the
00:14:42,260 –> 00:14:45,800

PGP key or anything like that but apparently recently there was a recent
00:14:45,800 –> 00:14:50,920

document that somebody sent me back from late news late November to donota is
00:14:50,920 –> 00:14:58,740

actually they were there they were supposed to be always okay crit you
00:14:58,740 –> 00:15:03,940

know encrypting email keeping your email safe and stuff that and apparently when
00:15:03,940 –> 00:15:07,720

you send an encrypt email it still is encrypted in their systems but because
00:15:07,720 –> 00:15:14,080

of a law that came out in Germany now there is a case right now they’re being
00:15:14,080 –> 00:15:19,580

required to be able to allow law enforcement to monitor mailboxes and
00:15:19,580 –> 00:15:25,880

this is kind of concerning to me because one of the things they are saying this
00:15:25,880 –> 00:15:29,680

is the way they responded to us I asked them a question about it they shouldn’t
00:15:29,680 –> 00:15:33,480

change anything for other users their emails should continue to be encrypted
00:15:33,480 –> 00:15:38,300

by default nevertheless to de nova sees a one-time bypass of encryption as a
00:15:38,300 –> 00:15:43,160

security risk to all customers now that’s what they said however he goes
00:15:43,160 –> 00:15:48,600

nothing I want to say as we emphasize surveillance measure only affects newly
00:15:48,600 –> 00:15:55,180

received unencrypted emails so in other words if somebody sent you an email from
00:15:55,180 –> 00:16:00,360

say Gmail or wherever you’re coming from those emails are not encrypted so if
00:16:00,360 –> 00:16:06,360

they sent if they sent you an email like say from your Gmail account they would
00:16:06,360 –> 00:16:10,140

capture it and read it or allow the law enforcement people to read it the
00:16:10,140 –> 00:16:14,900

company cannot decrypt data that is already encrypted so any of your emails
00:16:14,900 –> 00:16:19,120

that are there are safe also to they’ve added this if you send any encrypted or
00:16:19,120 –> 00:16:26,240

end-to-end encrypted emails through to to through to to note out those messages
00:16:26,240 –> 00:16:30,800

will still be encrypted so that’s a bit concerning so basically if I send you an
00:16:30,800 –> 00:16:37,280

email from to to know that’s encrypted they can’t read it but if you would just
00:16:37,280 –> 00:16:41,400

you know log into your Gmail your outlook or your Yahoo AOL whatever you’re using
00:16:41,400 –> 00:16:45,800

and send me a message to my to know account they could read it so kind of I
00:16:45,800 –> 00:16:51,660

mixed feelings about this now because they’re there I used to recommend them
00:16:51,660 –> 00:16:56,440

to people because they’re in sending encrypted safe email you still can send
00:16:56,440 –> 00:16:59,440

encrypted emails but before this all email sent to you was encrypted they
00:16:59,440 –> 00:17:03,720

did not keep logs they did not keep anything like that now they’re kind of
00:17:03,720 –> 00:17:07,560

changing their tune saying that you know if an email is sent unencrypted we can
00:17:07,560 –> 00:17:11,280

you know we can catch it so I am a little upset about that that is not the
00:17:11,280 –> 00:17:17,000

service they sold that is not the service that they used to have them as
00:17:17,000 –> 00:17:22,880

well as ProtonMail bunchies encrypted email services now are starting to do
00:17:22,880 –> 00:17:29,400

this and it’s rather concerning like you sold the fact that you know if I
00:17:29,400 –> 00:17:35,400

somebody sent me an email it would be received and encrypted no matter what
00:17:35,400 –> 00:17:39,760

now so only the emails I send from your company are encrypted so any emails I
00:17:39,760 –> 00:17:44,920

get back or not I mean it’s it’s just basically saying like oh if you you know
00:17:44,920 –> 00:17:48,920

it’s if you use our service you’re safe but if you’re gonna use receive email
00:17:48,920 –> 00:17:52,140

from companies outside it’s different and that that’s a big problem to me
00:17:52,140 –> 00:17:55,840

because if you’re running a bit you know it’s one thing to say email other
00:17:55,840 –> 00:18:00,280

friends that are using Tutanota but the problem is if they offer business level
00:18:00,280 –> 00:18:05,640

encrypt this is actually what’s on there say business level encryption all your
00:18:05,640 –> 00:18:11,640

emails encrypted and secure yes all your emails are encrypted and secure but if
00:18:11,640 –> 00:18:16,200

you’re running a business all these other companies are going to be sending
00:18:16,200 –> 00:18:19,040

you emails not all those emails are going to be encrypted so that’s actually
00:18:19,040 –> 00:18:23,280

kind of a lie because it means that any email that you get somebody if a
00:18:23,280 –> 00:18:28,480

business logs on to their Google Google workspace account or somebody logs on
00:18:28,480 –> 00:18:33,640

to their office 365 and shoot you an email to your Tutanota account first of
00:18:33,640 –> 00:18:37,280

all they don’t know you’re on Tutanota because they’re just sending it to your
00:18:37,280 –> 00:18:39,280

domain but like and then all of a sudden that email now is can be read because it
00:18:39,280 –> 00:18:44,120

was sent unencrypted it’s just not it’s not that’s not what they sold and the
00:18:44,120 –> 00:18:48,800

fact that they made a tool that can hang out there and catch these email so in
00:18:48,800 –> 00:18:51,760

other words the catch they’re catching the emails before they go to the
00:18:51,760 –> 00:18:55,000

encryption so that’s that’s a breach of security and I am not for that now
00:18:55,000 –> 00:19:00,880

they’re even posting on their website now they’re keeping count amount of
00:19:00,880 –> 00:19:05,640

reports that they’re asking law enforcement is asking for and stuff like
00:19:05,640 –> 00:19:08,320

that and apparently they’ve had 121 requests for data requests for real-time
00:19:08,320 –> 00:19:16,000

traffic they they’re listing on and that’s great that they’re listing at all
00:19:16,000 –> 00:19:19,560

but that doesn’t it doesn’t really fix the problem it just you know make you
00:19:19,560 –> 00:19:27,680

can make you more concerned you see how many how many people are asking for it
00:19:27,680 –> 00:19:30,640

how many people they’re complying with so for those of you that do work in the
00:19:30,640 –> 00:19:34,800

enterprise the there’s two big security vulnerabilities that came out this past
00:19:34,800 –> 00:19:42,480

it was just Friday Thursday or Friday came out apparently Juniper Networks
00:19:42,480 –> 00:19:47,360

apparently their firewalls has a critical remote code execution
00:19:47,360 –> 00:19:53,040

vulnerability which they are have flaw apparently it’s well it’s substantial
00:19:53,040 –> 00:20:00,200

flaw in the census it goes way way back to all even older versions so they have
00:20:00,200 –> 00:20:04,760

released a patch for that and then also to Avanti or Pulse Secure had a zero day
00:20:04,760 –> 00:20:14,640

vulnerability that they released a patch for it’s not really a patch more of a
00:20:14,640 –> 00:20:19,840

fix for right now so they can patch it but so that is another one that there’s
00:20:19,840 –> 00:20:25,080

been two big ones that came out last week and like I said luckily enough they
00:20:25,080 –> 00:20:31,000

have mitigation take not so much patches but mitigation techniques that you can
00:20:31,000 –> 00:20:35,940

go ahead and look that up as well anybody who got hit with the black
00:20:35,940 –> 00:20:43,940

basta in Bubba torrent illa ransomware if you were lucky enough that you
00:20:43,940 –> 00:20:53,080

haven’t saved the hard drive or just got hit with it recently Cisco has
00:20:53,080 –> 00:21:00,400

announced as well as a vast that they have a decryption tool that you can run
00:21:00,400 –> 00:21:08,080

and it will actually decrypt the data that those guys have put on your stuff
00:21:08,080 –> 00:21:15,480

that’s what ransomware is they encrypt your data so you can get to it but these
00:21:15,480 –> 00:21:19,560

guys actually have a tool now both of them the vast has one and now Cisco has
00:21:19,560 –> 00:21:25,160

one as well and you can actually run this and it will decrypt your data so
00:21:25,160 –> 00:21:28,800

you can get it back like I said it was always glad to see when they get these
00:21:28,800 –> 00:21:33,480

tools they don’t always happen but it was really nice to see somebody finally
00:21:33,480 –> 00:21:37,760

have a tool that can get your data back in those situations those of you by the
00:21:37,760 –> 00:21:45,000

way don’t forget to run your Microsoft Windows update because it’s past Tuesday
00:21:45,000 –> 00:21:49,400

was Microsoft’s patch Tuesday they patched 48 vulnerabilities on computers
00:21:49,400 –> 00:21:55,760

I know they have some of the vulnerabilities they patched did break
00:21:55,760 –> 00:22:01,080

things for some something IBM broke something with them and I think Adobe as
00:22:01,080 –> 00:22:05,520

well so love updates coming out for those things but yes they have had over
00:22:05,520 –> 00:22:10,960

48 patches came out this past week so that’s a pretty heavy patch Tuesday for
00:22:10,960 –> 00:22:16,800

Microsoft but I think I said at least they at least they got that done also to
00:22:16,800 –> 00:22:22,680

Adobe had some vulnerabilities with cold fusion that came out D link has some
00:22:22,680 –> 00:22:28,200

issues a couple of them that were released that have csv’s from the CIA
00:22:28,200 –> 00:22:33,840

say the cybersecurity infrastructure security agency so that was in the news
00:22:33,840 –> 00:22:39,720

this week as well coders if you use JIT lab don’t forget they also had a
00:22:39,720 –> 00:22:46,240

vulnerability this week you have to patch against so quite a bit of patching
00:22:46,240 –> 00:22:52,000

going on this week I mean it always does a second week second Tuesday of every
00:22:52,000 –> 00:22:56,040

month is always patched Tuesday from Microsoft and most companies go ahead
00:22:56,040 –> 00:22:59,800

and follow suit with that sort of stuff also – I do want to bring up as well we
00:22:59,800 –> 00:23:08,680

have a big piece on our website about signal really did a real deep dive into
00:23:08,680 –> 00:23:15,480

signal on our website because I felt it was important I know a lot of people
00:23:15,480 –> 00:23:20,200

especially recently friends of mine are looking for more secure messengers not
00:23:20,200 –> 00:23:26,720

just for personal use but for their businesses and signal is is about as I
00:23:26,720 –> 00:23:33,640

mean about as secure as you can get as far as a messaging platform meant that
00:23:33,640 –> 00:23:38,760

it was created by the guys who invented whatsapp and when whatsapp got bought by
00:23:38,760 –> 00:23:43,680

Facebook apparently Facebook said they weren’t going to compromise the
00:23:43,680 –> 00:23:47,960

integrity of it but apparently they have they do collect metadata and stuff like
00:23:47,960 –> 00:23:51,640

that on whatsapp even though it’s supposed to be a secure messenger again
00:23:51,640 –> 00:23:55,480

profit over people and so now these guys went out a bunch of years ago and
00:23:55,480 –> 00:24:00,680

started signal and it really is quite a you know it’s it’s a 501 nonprofit was
00:24:00,680 –> 00:24:07,960

founded in 2018 and unlike all the other messengers out there they actually do
00:24:07,960 –> 00:24:15,120

encrypt and and nobody can read it but you and the guy person that’s receiving
00:24:15,120 –> 00:24:18,440

it that’s not by the way Facebook messenger Snapchat Skype Google chat
00:24:18,440 –> 00:24:23,840

text messages they are not and and encrypted the only ones that are end to
00:24:23,840 –> 00:24:27,760

end encrypted right now are whatsapp allegedly signal definitely and I
00:24:27,760 –> 00:24:34,660

message definitely so those are two important things to remember if you’re
00:24:34,660 –> 00:24:40,540

going to send somebody a message you need to be safe and secure I guess it I
00:24:40,540 –> 00:24:45,080

message or the signal I recommend either or either or if it’s fine and whatsapp
00:24:45,080 –> 00:24:51,600

is supposed to be secure and I’m not exactly sure how much I trusted there’s
00:24:51,600 –> 00:24:55,360

a lot coming out about Facebook collecting metadata collecting phone
00:24:55,360 –> 00:24:59,920

number linking that to people’s Facebook accounts so they can figure out who’s
00:24:59,920 –> 00:25:03,640

sending these encrypted messages and all that so I would be I’m hesitant I like
00:25:03,640 –> 00:25:08,920

whatsapp I do use whatsapp but if I’m gonna send something safely and securely
00:25:08,920 –> 00:25:12,280

I usually use I message or signal yet the one thing that stinks about I
00:25:12,280 –> 00:25:17,060

message is the person has to be on an iPhone or you know you can’t you can’t
00:25:17,060 –> 00:25:23,740

get it I mean that’s the only thing I mean I wish I wish Apple would open up I
00:25:23,740 –> 00:25:29,260

message to to Android just because I think it would be I mean RCS eventually
00:25:29,260 –> 00:25:35,820

might fix this but it would make end to end encryption much safer and much
00:25:35,820 –> 00:25:41,580

better I think anyway but I mean Apple’s never gonna do that they’re a
00:25:41,580 –> 00:25:47,140

for-profit company they’re they’re not gonna give I message out to just anybody
00:25:47,140 –> 00:25:51,820

because they they want people to be locked into their platform with the blue
00:25:51,820 –> 00:25:55,100

bubbles and all that so they’re not going to they’ve already talked about it
00:25:55,100 –> 00:25:58,800

many a time saying that well if we put I message on Android it might make it so
00:25:58,800 –> 00:26:02,700

easy for people to get off of Apple so they’re not going to do that I wish they
00:26:02,700 –> 00:26:06,940

would though because it would just be so much better because I message it the way
00:26:06,940 –> 00:26:11,460

the way they store stuff the way they message I go it’s just so much safer
00:26:11,460 –> 00:26:15,180

than than Android I mean RCS is going to make it better but it’s not going to
00:26:15,180 –> 00:26:20,580

make it it’s gonna make it a little bit more secure but not as much as it
00:26:20,580 –> 00:26:25,060

because SMS messages are unbelievably insecure but like I said specifically I
00:26:25,060 –> 00:26:30,160

wish they would but so what I do is if I know the person has an Android I tell
00:26:30,160 –> 00:26:35,260

them I want to use signal talk to them because signal is cross-platform it even
00:26:35,260 –> 00:26:38,760

works on the desktop and all that kind of stuff it works on your desktop it
00:26:38,760 –> 00:26:42,480

works on Mac or Windows or it’s pretty much like since it’s since it’s just an
00:26:42,480 –> 00:26:46,940

app it’s it’s cross-platform which is very nice but the one thing I am
00:26:46,940 –> 00:26:51,940

concerned about signal though is they have made it public on their blog this
00:26:51,940 –> 00:26:55,820

is they are a nonprofit you know they are they do burn through a lot of money
00:26:55,820 –> 00:27:00,220

so they are looking for donations so I actually donate a few bucks a year to
00:27:00,220 –> 00:27:05,700

them because I do use signal I know it’s not much but if you all donated a few
00:27:05,700 –> 00:27:08,780

dollars to them you know it would help them out they are a nonprofit they are
00:27:08,780 –> 00:27:12,460

really my whole issue is I well I do like signal and I think they are a great
00:27:12,460 –> 00:27:19,340

platform I don’t know if enough of their users care enough about security that
00:27:19,340 –> 00:27:25,900

they’re willing to pay for it that’s the issue with security sometimes is you
00:27:25,900 –> 00:27:30,700

know somebody may use signal and say oh this is a wonderful great platform it’s
00:27:30,700 –> 00:27:34,340

very secure they do everything to you know authenticate they do everything
00:27:34,340 –> 00:27:39,260

right but the problem is the majority of people that use it probably don’t care
00:27:39,260 –> 00:27:46,140

enough about it to pay for it I know specifically a lot of journalists use
00:27:46,140 –> 00:27:50,820

signals so they can talk to their sources securely I know a lot of
00:27:50,820 –> 00:27:56,020

countries are using it right now especially in well actually some
00:27:56,020 –> 00:28:00,560

countries actually signal is gonna pull out of because they can’t get like I
00:28:00,560 –> 00:28:05,580

think it’s England wants them to make it eat you know want them to decrypt the
00:28:05,580 –> 00:28:10,280

messages so they can read them and signals like no that’s not what we do
00:28:10,280 –> 00:28:14,180

we’re not decrypting our messages we’re pulling out of England like so but I
00:28:14,180 –> 00:28:18,740

know over like Ukraine and places like that they have been using signal to
00:28:18,740 –> 00:28:22,420

communicate securely between whatever they’re doing over there with all that
00:28:22,420 –> 00:28:26,700

stuff so I do know a lot of people links in America thought of journalists use it
00:28:26,700 –> 00:28:30,900

I do know a bunch of people use it for communicating with their company if
00:28:30,900 –> 00:28:37,220

they’re sending around trade secrets stuff like that but I know but like I
00:28:37,220 –> 00:28:40,380

said my whole issue is is signal saying well we need you know we need to raise
00:28:40,380 –> 00:28:44,140

money we’re gonna keep this going we’re a nonprofit and my whole issue with that
00:28:44,140 –> 00:28:49,740

is well you know I don’t know if enough people using it care about it enough to
00:28:49,740 –> 00:28:56,460

pay for it I mean I pay five bucks you know I’m which is nothing when you’re
00:28:56,460 –> 00:29:01,100

looking at I think they said their runway cost runway cost is how much it
00:29:01,100 –> 00:29:04,500

cost to run the company nonprofit I think they’re saying it will cost like
00:29:04,500 –> 00:29:08,020

12 to 15 million a year that’s that’s a lot of money to run a nonprofit but
00:29:08,020 –> 00:29:12,220

again they’ve got server costs they’ve got server hosting things of that nature
00:29:12,220 –> 00:29:16,460

so you know that’s kind of part of it and also to authenticating the phone
00:29:16,460 –> 00:29:21,700

numbers and things like that so there’s there’s a lot going on there and it’s
00:29:21,700 –> 00:29:24,900

not cheap to make a secure service and since they are open source and since
00:29:24,900 –> 00:29:30,340

they are you know nonprofit you know it’s a little more complicated again
00:29:30,340 –> 00:29:34,660

they’re not a for-profit company they’re putting security over people so that’s
00:29:34,660 –> 00:29:38,180

why I’m very much pro you know giving them money because they are actually
00:29:38,180 –> 00:29:42,980

creating a wonderful service and putting the security over profitability but
00:29:42,980 –> 00:29:46,660

unfortunately they rely on donations like I said I don’t know if there’s
00:29:46,660 –> 00:29:51,140

enough people that care about that service or care enough about what’s
00:29:51,140 –> 00:29:55,300

going on behind the scenes to be able to you know keep going I would imagine
00:29:55,300 –> 00:30:00,900

probably the founders they did very well selling to Facebook what’s app and
00:30:00,900 –> 00:30:04,620

imagine that they may actually put more money in to keep it going but there’s no
00:30:04,620 –> 00:30:08,340

guarantee with that I hope signal doesn’t go out of business because they
00:30:08,340 –> 00:30:10,900

have been done a lot of good work recently and help protect a lot of
00:30:10,900 –> 00:30:15,260

people and I just I don’t think they’re gonna be able to come up with enough
00:30:15,260 –> 00:30:19,540

money and keep going the same thing goes for Firefox you know Mozilla Firefox is
00:30:19,540 –> 00:30:27,180

like the alternative to Chrome they’re the alternative to a lot of other
00:30:27,180 –> 00:30:32,860

browsers and you know Mozilla is another one putting security over everything
00:30:32,860 –> 00:30:38,820

else they are a nonprofit organization but the problem is is again when you’re
00:30:38,820 –> 00:30:44,500

making a browser that’s pro security you know pro putting people first in your a
00:30:44,500 –> 00:30:49,840

nonprofit you have to rely on people donating and I don’t know if enough
00:30:49,840 –> 00:30:53,860

people I mean Mozilla has a big user base but again I think people just
00:30:53,860 –> 00:30:58,340

download it and use it and I don’t think enough people care about the security or
00:30:58,340 –> 00:31:02,500

what Mozilla is trying to do here to be able to to get enough donations to pay
00:31:02,500 –> 00:31:08,980

for their you know tens of millions of dollars a year and cost of running so
00:31:08,980 –> 00:31:13,580

you know it’s a it’s a very weird situation we’re in right now when it
00:31:13,580 –> 00:31:18,820

comes to you know security in the sense of you know these companies are trying
00:31:18,820 –> 00:31:23,780

to be nonprofit so they can put their put users first but it’s also tough when
00:31:23,780 –> 00:31:28,220

you’re trying to you know gain you know trying to earn money you know it’s it’s
00:31:28,220 –> 00:31:33,020

a different it’s a different situation I know specifically places like I think I
00:31:33,020 –> 00:31:39,140

know I know Firefox has run into some really tough issues and even signal as
00:31:39,140 –> 00:31:43,260

well and in places like China Egypt Cuba Iran places like that where they’ve
00:31:43,260 –> 00:31:49,900

actually banned Firefox and banned stuff like signal because of they don’t like
00:31:49,900 –> 00:31:54,060

the end-to-end encryption stuff and all that and again you know it’s I mean it’s
00:31:54,060 –> 00:31:59,220

a fortune for those people that yeah they can’t use a service because their
00:31:59,220 –> 00:32:02,660

country is against it especially in places like China and stuff where they
00:32:02,660 –> 00:32:07,460

are companies are must provide you know a way for them to read data and so that
00:32:07,460 –> 00:32:13,420

that’s that’s kind of the whole controversy behind tick-tock is you know
00:32:13,420 –> 00:32:18,220

the people are using tick-tock and toasted over there and and since it is a
00:32:18,220 –> 00:32:22,620

Chinese company you know they do have you know the the right in China to look
00:32:22,620 –> 00:32:29,620

through data and stuff like that of their people but since that is since
00:32:29,620 –> 00:32:34,500

Americans and other countries are using him that’s kind of where the security
00:32:34,500 –> 00:32:38,780

issue comes in is if it’s somebody who’s an American citizen do they have the
00:32:38,780 –> 00:32:42,940

right to look through it and it says it is hosted over in China do they have or
00:32:42,940 –> 00:32:50,100

you know are they looking through you know Americans data and so that so that
00:32:50,100 –> 00:32:54,380

that’s kind of why they did the ban on tick-tock because you’re dealing with a
00:32:54,380 –> 00:32:58,300

country that is is allowed to you know spy on their people but we don’t allow
00:32:58,300 –> 00:33:04,300

that in America well the problem is you have politicians and stuff like that
00:33:04,300 –> 00:33:07,660

that have tick tock on their phone and they’re in all these private discussions
00:33:07,660 –> 00:33:11,100

and stuff like that so that’s kind of where the controversy kind of came in
00:33:11,100 –> 00:33:15,660

with tick-tock and like I said you also have other companies as well other
00:33:15,660 –> 00:33:20,740

countries as well that like like I said like Egypt and Cuba and places like that
00:33:20,740 –> 00:33:26,340

where you know they don’t they’re allowed to spy on their people too and
00:33:26,340 –> 00:33:30,300

then when it’s an Americans data that’s where the kind of the controversy comes
00:33:30,300 –> 00:33:33,420

in so like I said there is that I feel that security and encryption is a human
00:33:33,420 –> 00:33:39,840

right but a lot of other countries don’t feel that same way so that’s like I said
00:33:39,840 –> 00:33:45,780

that’s part of the problem also – one of the others I wanted to bring up as well
00:33:45,780 –> 00:33:50,300

with tuna tuna Noda and proton mail one of the other issues I have with this
00:33:50,300 –> 00:33:56,760

whole situation with them capturing encrypted email and and the reason I do
00:33:56,760 –> 00:34:00,780

have a big issue with this is because a lot of places news outlets will say well
00:34:00,780 –> 00:34:06,900

hey use you know email us at this website and it’ll be an attitude to know
00:34:06,900 –> 00:34:10,740

the address or at a proton mail address that if you’re a whistleblower and
00:34:10,740 –> 00:34:15,720

you’re going to email them from an email address that’s not a to denote account
00:34:15,720 –> 00:34:20,280

we’re not a proton mail account um you’re you’re exposing your information
00:34:20,280 –> 00:34:24,580

out there if you’re trying to silently whistle blow something you’re not going
00:34:24,580 –> 00:34:30,440

to be able to you know it’s there they’re catching non encrypted emails so
00:34:30,440 –> 00:34:36,060

kind of ruins the whole point of being a whistleblower and the privacy you know
00:34:36,060 –> 00:34:41,420

these companies think oh hey we’re using you know tuna Nova or proton mail so that
00:34:41,420 –> 00:34:46,220

we’re getting these things securely you’re not actually and that that’s kind
00:34:46,220 –> 00:34:51,660

of what the concern is is you have a source that is coming to you thinking
00:34:51,660 –> 00:34:58,500

they’re sending it to you securely via an encrypted email message but it’s not
00:34:58,500 –> 00:35:01,900

it’s actually getting caught because it’s unencrypted what you with the best
00:35:01,900 –> 00:35:06,620

way to do would be to go ahead and create a to denote account or a proton
00:35:06,620 –> 00:35:09,900

mail account and send it to that address from so sweet stain because if it stays
00:35:09,900 –> 00:35:14,540

to denote a to to denote our pro time at a proton mail it’s encrypted so that
00:35:14,540 –> 00:35:18,340

would be the only way you’d be able to protect yourself but the problem is a
00:35:18,340 –> 00:35:20,980

lot of people most people don’t know that and that’s kind of the the dangerous
00:35:20,980 –> 00:35:26,800

and the scary part of the whole situation they do have open source
00:35:26,800 –> 00:35:32,900

software out there stuff like global leaks which is a open source software
00:35:32,900 –> 00:35:39,160

completely free for a company to put in place and what it actually does is it
00:35:39,160 –> 00:35:43,260

actually allows your source to submit data to a news organization securely
00:35:43,260 –> 00:35:49,980

anonymously and safely I’ve actually looked into this I’m actually gonna
00:35:49,980 –> 00:35:53,700

write something up for the web plate eventually about this I haven’t gotten
00:35:53,700 –> 00:35:57,040

to it yet but I will and I’ve actually really done an in-depth look into their
00:35:57,040 –> 00:36:01,120

systems and what it does is it actually sends you actually upload completely
00:36:01,120 –> 00:36:05,880

anonymously they don’t save any logs on the server or anything like that and
00:36:05,880 –> 00:36:09,440

then what it does you upload the actual data to the server and encrypts it only
00:36:09,440 –> 00:36:15,580

the person on the other end that’s in charge of looking at you know that data
00:36:15,580 –> 00:36:20,480

can actually open it and view it nobody else and even the server admin can look
00:36:20,480 –> 00:36:25,400

at that data because it’s encrypted it’s only available to the person that’s in
00:36:25,400 –> 00:36:29,580

charge of that server as far as the person that’s in charge of reading it
00:36:29,580 –> 00:36:34,080

whether it’s legal or a report or whatever like that it’s much more
00:36:34,080 –> 00:36:37,160

secure way of doing it like I said it’s called global leaks I’ll put a link in
00:36:37,160 –> 00:36:42,000

the description below they’re not a sponsor it’s completely free it’s open
00:36:42,000 –> 00:36:44,900

source and like I said it actually is a much more secure way for your contact or
00:36:44,900 –> 00:36:51,380

your whatever whistleblowers whatever to send data to a reporter or to news
00:36:51,380 –> 00:36:57,740

organization and they’re completely it’s completely anonymous there’s no logs or
00:36:57,740 –> 00:37:02,340

no nothing and this way they can get it up to you securely without risking their
00:37:02,340 –> 00:37:06,680

lives or their jobs or whatever they’re trying to leak out to you just sending
00:37:06,680 –> 00:37:11,900

an email through to to Nova proton mail is not a secure thing anymore unless you
00:37:11,900 –> 00:37:18,020

do it through you know through proton mail or through to to note I and most
00:37:18,020 –> 00:37:22,580

people don’t know to do that so it’s actually quite a not as a secure way of
00:37:22,580 –> 00:37:26,460

doing it sending it via email but like I said global leaks is a it’s a completely
00:37:26,460 –> 00:37:32,420

open source piece of software any company anybody can use it you could set up be
00:37:32,420 –> 00:37:36,740

set up the server takes me 20 minutes to set up and then like I said somebody can
00:37:36,740 –> 00:37:40,900

go right to the site whatever upload stuff and then the person that’s marked
00:37:40,900 –> 00:37:46,700

as the receiver or the reviewer can go ahead and review it and see if what
00:37:46,700 –> 00:37:50,460

they’re gonna do with it but like I said the even the server admin cannot see it
00:37:50,460 –> 00:37:54,380

it’s all encrypted all the database stuff is all encrypted all the passwords
00:37:54,380 –> 00:37:57,460

or everything is the software was done so well and with the thought of
00:37:57,460 –> 00:38:01,300

protecting sources it’s a really great I wish more people would use it
00:38:01,300 –> 00:38:05,320

unfortunately it’s one of those things where it was created I don’t know how
00:38:05,320 –> 00:38:09,020

many people are actually using it but I wish more people would because it is
00:38:09,020 –> 00:38:12,700

such a great piece of software and again that is global leaks if you don’t know
00:38:12,700 –> 00:38:17,380

how to install it reach out to us we can always help you out with that this isn’t
00:38:17,380 –> 00:38:20,660

an ad but it is something that most news organizations really should know about
00:38:20,660 –> 00:38:25,140

and like I said they’re what it amazes me to is like I said it is open source
00:38:25,140 –> 00:38:30,340

it is completely free and I like I said I wish more more organizations would
00:38:30,340 –> 00:38:35,180

would use it I think it will be eventually it’s just gonna take time to
00:38:35,180 –> 00:38:38,780

get people on board with it so and that is like I said global leaks I will put a
00:38:38,780 –> 00:38:43,260

link in the show notes as well so folks I’m gonna wrap it up on our first
00:38:43,260 –> 00:38:47,780

episode like I said if you you can listen to all of our old shows which we
00:38:47,780 –> 00:38:51,460

don’t have yet this would be the first one like I said at the panty security
00:38:51,460 –> 00:38:55,460

calm also to check out all of our services and everything we offer at our
00:38:55,460 –> 00:39:00,220

site like I said lapani security calm and I want to thank you for listening
00:39:00,220 –> 00:39:05,220

and we will talk to you on the next episode thank you very much
00:39:05,220 –> 00:39:12,660