What A Week For Hacks (Transcript)

(Full Show Audio)

00:00:00.000 –> 00:00:04.840
All right folks you have the download button on security assessment podcast

00:00:04.840 –> 00:00:09.800
brought to you by our company Lipani security if you’re interested go to the

00:00:09.800 –> 00:00:14.240
link in the show notes below and check out all of our services software that we

00:00:14.240 –> 00:00:19.680
offer as well as our blogs about security in all our past podcast

00:00:19.680 –> 00:00:25.360
episodes I want to thank you all for listening and let the show begin

00:00:25.360 –> 00:00:39.240
all right guys thank you very much for joining us another episode of the

00:00:39.240 –> 00:00:45.720
security assessment podcast I am your host Brandon Lopani and like I said it’s

00:00:45.720 –> 00:00:52.720
great to be with you again tons of security news as there always is but a

00:00:52.720 –> 00:00:57.480
couple good housekeeping tips first a bunch of you reached out to me on

00:00:57.480 –> 00:01:02.520
Twitter to tell me that they noticed that the art changed I did I actually

00:01:02.520 –> 00:01:08.960
got somebody to actually help us out and we actually got new show art it’s I

00:01:08.960 –> 00:01:12.480
think it looks much better rather than just our business logo they actually

00:01:12.480 –> 00:01:17.720
went ahead and actually made the logo a little bit quite a very much cooler

00:01:17.720 –> 00:01:21.640
actually and like I said made it look a little more different to our business

00:01:21.640 –> 00:01:25.520
name is on there and then the name of the podcast and then like I said she did

00:01:25.520 –> 00:01:28.760
a few things with the the art and so that so I really appreciate that looks

00:01:28.760 –> 00:01:32.600
much better I think looks much cooler I know the old saying you’re not supposed

00:01:32.600 –> 00:01:37.360
to judge a book by its cover but unfortunately the cooler your show art

00:01:37.360 –> 00:01:42.240
looked the better change you have the people you know reading your listening

00:01:42.240 –> 00:01:46.720
to your podcast just like a book if it’s got a cool cover much better chance of

00:01:46.720 –> 00:01:54.160
people reading it so I appreciate that also too we got a lot of people that

00:01:54.160 –> 00:01:57.760
wanted to communicate with us so we actually went ahead if you go to our

00:01:57.760 –> 00:02:03.720
website LaPani security.com and you go ahead and check it out there’s actually

00:02:03.720 –> 00:02:08.080
a forum area there so go ahead and join the forums and we can chat about shows

00:02:08.080 –> 00:02:14.280
security news all that stuff on there and again that is the forum so I want to

00:02:14.280 –> 00:02:19.480
I guess I give you guys some options how to communicate with us the forums are

00:02:19.480 –> 00:02:22.720
pretty cool we’ll use that for the show as well as anybody who wants to talk

00:02:22.720 –> 00:02:26.800
other news and like I said of course you can always email us on a website just

00:02:26.800 –> 00:02:31.400
hit contact us and shoot me an email you can do that as well so I do appreciate

00:02:31.400 –> 00:02:34.240
that like I said you guys have been reaching out and communicating with me I

00:02:34.240 –> 00:02:38.800
do appreciate that and I appreciate you listening to the show so thank you very

00:02:38.800 –> 00:02:44.640
much for that also – over I’ve been working on a couple of security tools I

00:02:44.640 –> 00:02:47.920
added a password strength tool runs locally on your machine you can test

00:02:47.920 –> 00:02:52.400
your password strength there’s tons of them online bit Warren and bit warden

00:02:52.400 –> 00:02:59.160
and security org and a bunch of places offer great tools like that but I was in

00:02:59.160 –> 00:03:02.340
the mood to putz around with some code and I messed around that and that’s on

00:03:02.340 –> 00:03:07.640
the site and that’s free it’s also gonna be up on the Windows Store as well so we

00:03:07.640 –> 00:03:11.920
are I’m doing that as well so a lot of like it’s a lot of little projects

00:03:11.920 –> 00:03:18.000
things going on but over the weekend is always podcast time so again I thank you

00:03:18.000 –> 00:03:25.000
all for listening the show now should be on all the services if I did miss one

00:03:25.000 –> 00:03:30.020
please reach out to me and let me know like I said my emails on my website if I

00:03:30.020 –> 00:03:34.560
missed but I think I have it on all the services now but like I said if I’m

00:03:34.560 –> 00:03:42.680
missing any please let me know so a couple things I wanted to wanted to talk

00:03:42.680 –> 00:03:46.680
about we have a lot of news to talk about but I thought this was

00:03:46.680 –> 00:03:51.120
specifically an interesting article that wanted to kind of start to show off with

00:03:51.120 –> 00:03:58.000
apparently there was a on the security now podcast there was actually somebody

00:03:58.000 –> 00:04:05.480
who had said that they were actually seeing they were monitoring their

00:04:05.480 –> 00:04:10.000
network and they actually were seeing that their wash machine was down was

00:04:10.000 –> 00:04:18.040
uploading and downloading like three gigs of data it was it was unbelievable

00:04:18.040 –> 00:04:22.200
I was reading about this and apparently somebody had hot I mean we all know IOT

00:04:22.200 –> 00:04:27.280
devices like fridges and stuff like that and stoves and stuff don’t get updated

00:04:27.280 –> 00:04:30.400
as much but apparently somebody they actually found somebody running a botnet

00:04:30.400 –> 00:04:35.560
and it was all these wash machines and they were all all this sort of things

00:04:35.560 –> 00:04:39.880
and the reason why I bring this up is somebody it’s somebody it’s in the thing

00:04:39.880 –> 00:04:47.600
that got interesting is to me was and it kind of makes sense so if you hijack an

00:04:47.600 –> 00:04:52.920
IOT device specifically like a wash machine or a refrigerator now the

00:04:52.920 –> 00:04:56.960
specific bug that they’re talking about was actually something that got loaded

00:04:56.960 –> 00:05:01.000
into RAM and I know a lot of people that are listening gonna say well that’s easy

00:05:01.000 –> 00:05:05.760
enough to fix you just restart the the device you’re absolutely 100% right but

00:05:05.760 –> 00:05:09.880
I never really thought about this but it really got me thinking how often do you

00:05:09.880 –> 00:05:15.720
actually unplug your washing machine think about it how often do you actually

00:05:15.720 –> 00:05:20.560
unplug your refrigerator or even think about something like your dishwasher

00:05:20.560 –> 00:05:25.080
that you can’t even get to the plug right kind of an interesting thought

00:05:25.080 –> 00:05:31.240
think about where if you hijack an IOT device you actually have control of this

00:05:31.240 –> 00:05:34.960
thing for quite a while unless the people have a power outage and since

00:05:34.960 –> 00:05:39.840
these devices obviously most of them don’t get regular updates or I mean

00:05:39.840 –> 00:05:44.080
obviously you’re a lot of times your refrigerator is going to last a lot

00:05:44.080 –> 00:05:48.920
longer then probably the support from you know from the manufacturer as far as

00:05:48.920 –> 00:05:52.800
like the updates for the software so they go really makes these these

00:05:52.800 –> 00:05:57.520
connected devices especially vulnerable and and even if they are being updated

00:05:57.520 –> 00:06:02.120
if you get a vulnerability you can load into the RAM like I said think of how

00:06:02.120 –> 00:06:06.680
many times you’ve ever restarted your washing machine or restarted your fridge

00:06:06.680 –> 00:06:10.280
or like I said or something like a while I guess it or a dishwasher where you

00:06:10.280 –> 00:06:16.600
can’t even get to the plug in most cases really doesn’t happen often so if you

00:06:16.600 –> 00:06:21.080
hijack those devices you could have a bot like I said until people have a

00:06:21.080 –> 00:06:24.280
power outage so and if that’s the case you just go back and reinfect them and

00:06:24.280 –> 00:06:27.800
then you’re gonna have them again until people you know until people come I mean

00:06:27.800 –> 00:06:31.760
it kind of is a scary thought if you really think about it because you know

00:06:31.760 –> 00:06:35.320
people will you know have these these connected devices that never get

00:06:35.320 –> 00:06:42.040
restarted so all you need to do is load a you know something into RAM and and

00:06:42.040 –> 00:06:44.520
it’s gonna be there until they have a power outage and think about this well

00:06:44.520 –> 00:06:47.400
the people have a generator what if you have a generator now think now you’re

00:06:47.400 –> 00:06:52.080
never gonna have a real power I mean so I mean a kind of an interesting scary

00:06:52.080 –> 00:06:57.920
thought to think about and something I heard about security now made me really

00:06:57.920 –> 00:07:01.640
you know really think about the IOT devices that I have in my house and all

00:07:01.640 –> 00:07:08.860
that and you know how how you know if somebody got a control of one you know

00:07:08.860 –> 00:07:13.040
it’s it’s it’s pretty brutal and a lot of people especially like the security

00:07:13.040 –> 00:07:16.400
like security people network people tinker or stuff that we’re gonna monitor

00:07:16.400 –> 00:07:20.920
our network traffic and stuff like that but a lot of people like think about

00:07:20.920 –> 00:07:24.840
older people and some of that really don’t really you’re not gonna monitor

00:07:24.840 –> 00:07:27.960
you know don’t don’t monitor their network traffic they just the Internet’s

00:07:27.960 –> 00:07:33.920
there and that’s it so specifically kind of a scary kind of a scary thing to

00:07:33.920 –> 00:07:36.520
think about and something to really think about if you do have IOT attached

00:07:36.520 –> 00:07:41.320
devices you how often they are getting patched so interesting interesting very

00:07:41.320 –> 00:07:46.600
interesting topic I need like I said on security now I really was interested in

00:07:46.600 –> 00:07:50.760
that one this week I don’t listen to it every week I do like Steve Gibson I do

00:07:50.760 –> 00:07:55.160
like spin right wonderful hard drive recovery tool I mean he doesn’t need our

00:07:55.160 –> 00:07:59.000
plug he’s got twit but really is a great hard drive recovery tool he does do a

00:07:59.000 –> 00:08:03.800
great podcast so security now is one I do listen to on occasion and like I said

00:08:03.800 –> 00:08:10.680
it’s really worth listening to also to this week not really security news but

00:08:10.680 –> 00:08:16.320
the the pre-orders for Apple’s vision Pro started like I said really not

00:08:16.320 –> 00:08:19.320
security news but the reason I’m bringing it up is there are already

00:08:19.320 –> 00:08:24.320
people hacking or hawking them excuse me up on eBay already for double the price

00:08:24.320 –> 00:08:28.680
it always happens when there’s a shortage on things Apple specifically

00:08:28.680 –> 00:08:32.380
doesn’t you know only has a limited amount of them to start with I know the

00:08:32.380 –> 00:08:36.600
I believe if I’m not mistaken the a lot of the reviewers and stuff I’ve seen on

00:08:36.600 –> 00:08:41.120
YouTube and all that already have them but apparently if you break the screen

00:08:41.120 –> 00:08:45.680
see almost $800 to fix the screen if you are going to get the vision Pro I

00:08:45.680 –> 00:08:51.840
recommend the Apple care one thing I will say I’ve always said this to people

00:08:51.840 –> 00:08:56.320
especially maybe not so much with the Apple stuff because Apple’s got pretty

00:08:56.320 –> 00:09:01.880
good control that stuff but I do want to say that if you do buy anything like

00:09:01.880 –> 00:09:06.000
that online like I said that’s not much Apple because apples usually got pretty

00:09:06.000 –> 00:09:09.720
good control their stuff but if you do buy any of that stuff online be very

00:09:09.720 –> 00:09:15.560
careful I’ve actually seen people not myself personally but I have actually

00:09:15.560 –> 00:09:21.680
seen online people that actually will will get old laptops you know load you

00:09:21.680 –> 00:09:26.120
know Windows or Linux on them and then load a key logger or load a virus I’m

00:09:26.120 –> 00:09:29.360
like that I’m saying keep an eye on things or use it as a botnet and then

00:09:29.360 –> 00:09:32.380
sell it online if people say oh wow look I got this cheap computer for a hundred

00:09:32.380 –> 00:09:34.440
bucks well yeah you did get a cheapie for a

00:09:34.440 –> 00:09:38.080
hundred bucks but now everything you type is being logged or you know every

00:09:38.080 –> 00:09:40.360
time there’s an attack or something like that your computer is gonna be the one

00:09:40.360 –> 00:09:45.960
used being used as the you know the botnet so you know be very careful when

00:09:45.960 –> 00:09:51.080
you buy cheap electronics online you never know what people do to them I think

00:09:51.080 –> 00:09:56.320
that they call that a supply chain attack obviously we all know we’ve seen

00:09:56.320 –> 00:10:00.320
the videos and some of that what happens with that but again be very very careful

00:10:00.320 –> 00:10:03.600
with that I always encourage people if you are going to get a used computer

00:10:03.600 –> 00:10:07.840
make sure you wipe it the other thing that’s really concerning about that too

00:10:07.840 –> 00:10:13.400
is I see especially especially online on Facebook marketplace a lot you see a lot

00:10:13.400 –> 00:10:17.440
of people that are actually okay you know I’m just I didn’t use this computer

00:10:17.440 –> 00:10:20.920
I’m just selling it online because I don’t need it anymore and then you open

00:10:20.920 –> 00:10:23.760
and I see people you know you started up and oh hey look there’s people’s crap

00:10:23.760 –> 00:10:27.480
still on this computer they never even wiped it clean that happens a lot as

00:10:27.480 –> 00:10:30.040
well especially without recycle electronics and stuff like that happens

00:10:30.040 –> 00:10:37.360
a lot so just another thing to be aware huh so speaking of that too by the way

00:10:37.360 –> 00:10:44.200
one of the other interesting things like I said I was reading very interesting to

00:10:44.200 –> 00:10:47.760
me anyway talking about the Google keyboard how the Google keyboard has

00:10:47.760 –> 00:10:53.640
really got grown in popularity I avoid I mean I’m always concerned about all the

00:10:53.640 –> 00:10:56.560
stuff to get Google collects it’s only gonna be a matter of time before somebody

00:10:56.560 –> 00:11:00.760
eventually hacks them and and we really know how much data they are collecting

00:11:00.760 –> 00:11:04.560
on us we know they’re collecting a lot of data on us but like I said this

00:11:04.560 –> 00:11:09.880
specifically I’m eventually it’s going to happen but anyway you know especially

00:11:09.880 –> 00:11:13.480
when I have a keylog if you think about using the Google keyboard I mean that

00:11:13.480 –> 00:11:17.640
thing basically is a legalized key logger I mean it’s I’m sure Google’s logging

00:11:17.640 –> 00:11:20.760
everything you’re typing specific keywords and all that kind of stuff I

00:11:20.760 –> 00:11:24.720
know I mean I know it I mean I know Google has good security I’m not saying

00:11:24.720 –> 00:11:27.600
they don’t but you think about it using the Google keyboard is basically allowing

00:11:27.600 –> 00:11:32.040
Google to be your key be a legalized key logger I kind of put that out to people

00:11:32.040 –> 00:11:36.800
kind of concerning especially some of the stuff going on with Google now with

00:11:36.800 –> 00:11:42.640
the anti ad tracking stuff you know chromium what would have said to me is

00:11:42.640 –> 00:11:45.880
you know a lot of companies have gone to the open source chromium which is

00:11:45.880 –> 00:11:50.120
maintained by Google and you can create your own browser on chromium but what’s

00:11:50.120 –> 00:11:56.960
concerning to me on that specifically is now that people are using chromium to

00:11:56.960 –> 00:12:02.080
create their own browser everybody but Firefox it’s a bit concerning to me

00:12:02.080 –> 00:12:06.640
because now you know Google is gonna make this ad tracking change to chromium

00:12:06.640 –> 00:12:10.360
and it’s gonna basically affect all the browsers everybody’s about all the

00:12:10.360 –> 00:12:16.120
browsers except for Firefox so it’s a little bit concerning to me that Google

00:12:16.120 –> 00:12:21.440
has kind of kind of because of their open source chromium because everybody

00:12:21.440 –> 00:12:27.120
jumping on board with it now has a very easy way to go ahead and pretty much

00:12:27.120 –> 00:12:30.160
sway the market however they want if you think about it I mean the only one that

00:12:30.160 –> 00:12:33.640
any ad blocker technology and stuff that’s going to work on anymore is gonna

00:12:33.640 –> 00:12:40.680
be Firefox you know because I mean edge opera brave all those guys are built I’m

00:12:40.680 –> 00:12:43.240
not sure what Braves gonna do crazy see what the Braves gonna do they’re saying

00:12:43.240 –> 00:12:47.280
they’re gonna do something I’m curious what they’re gonna do but I mean even

00:12:47.280 –> 00:12:51.540
chromium is gonna have this anti ad technology built in basically Google has

00:12:51.540 –> 00:12:57.200
a way now of kind of kind of swaying the market however they want it’s very

00:12:57.200 –> 00:13:01.640
concerning to me personally I don’t particularly care for it I think that

00:13:01.640 –> 00:13:05.680
you know open source is one thing but they’re also using open source to go

00:13:05.680 –> 00:13:08.300
ahead and push the market in the direction they want to benefit their

00:13:08.300 –> 00:13:13.560
business a little bit a little bit unethical as far as I’m concerned let

00:13:13.560 –> 00:13:16.520
me see the ones that won’t be affected obviously are going to be Firefox and of

00:13:16.520 –> 00:13:20.060
course Safari isn’t affected but those are gonna be only two of the ads

00:13:20.060 –> 00:13:24.440
blocking technology gonna keep working on I recommend to personally if you

00:13:24.440 –> 00:13:26.960
don’t like people tracking you which I don’t particularly like with Google’s

00:13:26.960 –> 00:13:32.400
doing I recommend using Firefox or specifically sound like Firefox or a

00:13:32.400 –> 00:13:37.120
Chrome but like I said I don’t I don’t like I said I’m not very big now the

00:13:37.120 –> 00:13:41.580
other thing too like I said Google has been pushing especially to get rid of

00:13:41.580 –> 00:13:44.700
you know certain cookies and have their own master cookie and everybody uses

00:13:44.700 –> 00:13:48.740
their master cookie and I’m like well yeah that’s great because they’re saying

00:13:48.740 –> 00:13:51.980
oh we’re doing this for privacy but you’re also doing it so everybody’s gonna

00:13:51.980 –> 00:13:57.140
rely on you now for the ads I mean they’re they’re slowly pushing their way

00:13:57.140 –> 00:14:04.080
into being big brother and like I said it’s from a security standpoint concerning

00:14:04.080 –> 00:14:08.300
because I mean if Google does ever get hacked the amount of data that’s gonna

00:14:08.300 –> 00:14:14.400
be released on everybody it’s gonna be a pretty pretty insane it’s gonna be way

00:14:14.400 –> 00:14:18.140
worse than anything we’ve seen I remember when the whole Ashley Madison

00:14:18.140 –> 00:14:22.380
hack happened you know we’re talking even worse with Google because they know

00:14:22.380 –> 00:14:24.660
what you’re searching where you’re searching what time you’re searching or

00:14:24.660 –> 00:14:33.220
pretty pretty concerning so you know something to be concerned about some

00:14:33.220 –> 00:14:36.180
other things too I’ve got a ton of stuff things they got tons I want to talk

00:14:36.180 –> 00:14:39.920
about oh one of the things too I wanted to talk to somebody I know a couple

00:14:39.920 –> 00:14:44.280
people we were talking about how people reached out to me talking about Plex you

00:14:44.280 –> 00:14:48.200
know hosting your own stuff and and your own music and your own videos of that I

00:14:48.200 –> 00:14:52.120
know Plex said they’re gonna be coming out with their own version of like the

00:14:52.120 –> 00:14:55.320
iTunes store and so that’s that you can buy and rent videos right on their

00:14:55.320 –> 00:14:58.760
service I think that’ll be pretty cool they’ve talked about that a few times

00:14:58.760 –> 00:15:04.460
doesn’t come to fruition yet but eventually maybe we’ll see but one of

00:15:04.460 –> 00:15:07.840
things I do want to bring up about that somebody had brought up to me that you

00:15:07.840 –> 00:15:12.780
can use Plex to you know if you tore in a video or something like that you can

00:15:12.780 –> 00:15:16.260
you know use Plex to you know share it on your local network and while that I

00:15:16.260 –> 00:15:20.380
don’t condone that but if you do download a torrent I just want to say

00:15:20.380 –> 00:15:23.920
one thing guys you gotta be very careful you download a torrent especially with

00:15:23.920 –> 00:15:27.600
the popular movies a lot of those torrent files with the popular movies

00:15:27.600 –> 00:15:31.920
have viruses and spyware and some of that built in a lot of times what people

00:15:31.920 –> 00:15:36.160
will do is they will say okay well this is a popular movie I’ll rip it but then

00:15:36.160 –> 00:15:39.200
what I’ll do is I’m gonna put a little little little piece of code in this

00:15:39.200 –> 00:15:43.040
little file here so that this way when they watch the movie and affects their

00:15:43.040 –> 00:15:48.880
system so just something to be you know if you’re going to torrent videos or they

00:15:48.880 –> 00:15:52.160
don’t like I said don’t condone I don’t recommend but if you do torrent videos

00:15:52.160 –> 00:15:55.400
be very careful make sure you scan the files and stuff like that so you don’t

00:15:55.400 –> 00:16:03.080
get a virus on your computer very very important one of the other interesting

00:16:03.080 –> 00:16:08.360
articles this week on throat calm I read his he’s a really big follows he does

00:16:08.360 –> 00:16:12.920
everything with Microsoft and I really follow his stuff because I mean I use I

00:16:12.920 –> 00:16:16.900
use both Mac and Windows I like them both actually but specifically he really

00:16:16.900 –> 00:16:20.920
gets into the guts of Windows and a lot of my customers have Windows one of the

00:16:20.920 –> 00:16:26.640
things he had talked about two specific things was subscription fatigue and the

00:16:26.640 –> 00:16:29.960
reason I’m bringing this up is I know it’s not security related but I do want

00:16:29.960 –> 00:16:33.280
to bring it up because one of the things that he was talking about is that a lot

00:16:33.280 –> 00:16:40.720
of people are starting to host their own files internally people that’s like are

00:16:40.720 –> 00:16:46.800
like okay well I can you know if I buy this NAS for $250 $300 this neck gear

00:16:46.800 –> 00:16:51.320
NAS whatever I can hold you know host like four terabytes of files and I don’t

00:16:51.320 –> 00:16:57.000
have to have any storage online I could save a subscription of $9.99 a month and

00:16:57.000 –> 00:17:00.580
by the way do I want to point out that that’s we just saw about Plex similar

00:17:00.580 –> 00:17:06.280
concept but one of the things he brought up we were people were commenting on

00:17:06.280 –> 00:17:11.800
this and it is very important you know sometimes saving saving money is good

00:17:11.800 –> 00:17:14.480
especially with the economy so that always you know try to save where you

00:17:14.480 –> 00:17:18.880
can but one of the things I do want to point out as well it’s great to host

00:17:18.880 –> 00:17:22.520
your own files and stuff like that heaven forbid you have a fire or

00:17:22.520 –> 00:17:27.120
anything like that you just lost all your data there’s no you know you should

00:17:27.120 –> 00:17:31.400
always have an off-site backup and I know people are saying themselves well

00:17:31.400 –> 00:17:34.520
you know I’ll just save one more sub locally and save a subscription and and

00:17:34.520 –> 00:17:37.440
it is I mean I agree with it too I’m sure we’re all trying to cut back

00:17:37.440 –> 00:17:42.240
especially with subscription services going up and up and up but specifically

00:17:42.240 –> 00:17:47.640
if you if you are going to be saving data locally you really should have

00:17:47.640 –> 00:17:53.280
backup I have my own local NAS here that I host and save all my files on that I’m

00:17:53.280 –> 00:17:57.920
working on some of that but I do also have it set up so that it backs up to

00:17:57.920 –> 00:18:02.080
the cloud any changes I know I think carbonite offers a service like that I

00:18:02.080 –> 00:18:08.940
know I think carbonite I think I think fast go back or a fast backup or go back

00:18:08.940 –> 00:18:14.480
fast or any of those I think junk I think it’s what jungle backup or

00:18:14.480 –> 00:18:17.840
whatever that well that’s an encrypted one but they um they offer where they’ll

00:18:17.840 –> 00:18:21.900
back your NAS up for you every night even if you’re using any if you’re using

00:18:21.900 –> 00:18:26.580
anything any of the popular NAS is like Synology or anything like that they have

00:18:26.580 –> 00:18:31.600
services built right into it but like I said if you are going to be saving your

00:18:31.600 –> 00:18:35.600
stuff locally to try to save money backing it up to an external hard drive

00:18:35.600 –> 00:18:38.280
and leaving it is not I mean a NAS little bit different because you have

00:18:38.280 –> 00:18:43.020
usually have two hard drives that are redundant but if you are going to be

00:18:43.020 –> 00:18:45.500
just backing up your data to a hard drive saying oh yeah I’m gonna back my

00:18:45.500 –> 00:18:49.200
data up this fancy money that one hard drive sitting in your you know your

00:18:49.200 –> 00:18:53.180
living room or your kitchen if there’s a fire you lost all your stuff so I don’t

00:18:53.180 –> 00:18:56.340
particularly recommend that I know we’re all trying to save money on subscription

00:18:56.340 –> 00:19:05.480
services but it’s not exactly the safest and best way to do things so like I said

00:19:05.480 –> 00:19:11.860
just be very careful sometimes you are saving money but you’re also exposing

00:19:11.860 –> 00:19:18.080
yourself possibly to you know you know losing your data so be very very careful

00:19:18.080 –> 00:19:23.820
with that one of the things one of the things somebody did show me this week

00:19:23.820 –> 00:19:30.700
that I like I said I have not I didn’t I knew I knew about it but never actually

00:19:30.700 –> 00:19:39.200
messed with it we’re all on social media these days and there’s a site online

00:19:39.200 –> 00:19:50.520
called red act dev r-e-d-a-c-t dot dev and what this service actually does and

00:19:50.520 –> 00:19:55.000
like I said I have to look because there is a paid version and there is a a free

00:19:55.000 –> 00:20:01.480
version what you can actually do is you can actually go on here and you link

00:20:01.480 –> 00:20:08.840
your social media accounts and it will actually delete all your posts it does

00:20:08.840 –> 00:20:15.280
it all for you so something to think about like I said um like I said it’s

00:20:15.280 –> 00:20:20.280
you can look at it it’s also a mobile app as well but I guess it’s something

00:20:20.280 –> 00:20:23.440
to think about I know a couple people have asked me how do I go ahead and get

00:20:23.440 –> 00:20:29.360
rid of my you know how do I go ahead and get rid of stuff that I posted that I

00:20:29.360 –> 00:20:33.560
don’t want like I said you can go in and actually clear out an entire account of

00:20:33.560 –> 00:20:38.000
data especially Twitter and some of that so just something to look at somebody

00:20:38.000 –> 00:20:41.240
that showed that to me the other day and I really liked it and I wanted to bring

00:20:41.240 –> 00:20:45.480
it up to you guys so they know some people want to kind of prune back some

00:20:45.480 –> 00:20:49.480
of their social media so getting into some of the news of the week that I

00:20:49.480 –> 00:20:53.520
actually collected tons of it we’re not gonna go through all of it because

00:20:53.520 –> 00:20:58.120
there’s so much of it I remember when a friend of mine started a security

00:20:58.120 –> 00:21:01.280
podcast back like maybe 15 years ago he had said I wonder if I’m gonna have

00:21:01.280 –> 00:21:08.400
enough to talk about it seems like now it’s just so much of it but avante has

00:21:08.400 –> 00:21:13.360
had a rough couple weeks the security vendor like I bring this up because I

00:21:13.360 –> 00:21:17.280
know I have had people with the vante and I’ve had a kind of run around

00:21:17.280 –> 00:21:23.920
pre nuts apparently avante their remote so their remote software that last people

00:21:23.920 –> 00:21:28.880
work remotely actually has a vulnerability in it and it was actually

00:21:28.880 –> 00:21:35.360
made NBC News last night apparently top US cybersecurity watchdog issue an

00:21:35.360 –> 00:21:39.740
emergency directive federal agencies about popular software saying that they

00:21:39.740 –> 00:21:44.640
need to go ahead and either patch it or remove it because I guess the government

00:21:44.640 –> 00:21:49.960
uses avante so pretty important if you remember last week I think on the show

00:21:49.960 –> 00:21:55.980
we talked about the VPN had an issue so now they’re remote software which allows

00:21:55.980 –> 00:21:59.360
for remote desktop some of that and now there was this week and then their VPN

00:21:59.360 –> 00:22:03.120
and then earlier this week they had another issue that they released so

00:22:03.120 –> 00:22:08.660
avante is really getting picked apart so something if you do have an avante

00:22:08.660 –> 00:22:13.760
system make sure you are patched and ready to go VPN the remote software

00:22:13.760 –> 00:22:18.920
remote desktop all that stuff that they provide is been having some

00:22:18.920 –> 00:22:23.840
vulnerability so please if you are somebody with avante go ahead and get

00:22:23.840 –> 00:22:30.780
that patched on another site this week you actually says export experts warn of

00:22:30.780 –> 00:22:36.940
Mac OS backdoor hidden in pirated versions of popular software now while

00:22:36.940 –> 00:22:43.600
this is a great article okay the backdoor in the dot dig but they’re

00:22:43.600 –> 00:22:49.240
saying legitimate software like navicat premium ultra edit final shell secure

00:22:49.240 –> 00:22:55.040
CRT and Microsoft remote desktop or have been found to have even though they are

00:22:55.040 –> 00:23:00.680
legit they actually have backdoors into the system so something to be very

00:23:00.680 –> 00:23:04.840
careful of you do use any of those softwares I actually do myself make sure

00:23:04.840 –> 00:23:11.240
you either uninstall them or you patch them very important kind of surprised me

00:23:11.240 –> 00:23:15.640
too because Microsoft had heck of a week this week as far as their stuff

00:23:15.640 –> 00:23:20.420
Microsoft executive said that their emails were hacked by their top guys

00:23:20.420 –> 00:23:24.480
like people they haven’t said names but a match by Sasha and people like that

00:23:24.480 –> 00:23:30.000
the CEO they’re saying that Microsoft actually their emails got hacked by a

00:23:30.000 –> 00:23:34.280
Russian intelligence group the interesting thing about this while we

00:23:34.280 –> 00:23:38.480
weren’t doing the podcast at the time obviously if you remember the solar

00:23:38.480 –> 00:23:46.640
winds attack that happened back in I believe was 2000 or 20 20 20 it’s the

00:23:46.640 –> 00:23:50.560
same they’re saying it’s the same group how they know they have not said how but

00:23:50.560 –> 00:23:57.960
that was something in the news this week that really is kind of really was

00:23:57.960 –> 00:24:01.840
concerning Microsoft obviously I’m waiting to see what’s gonna happen I can

00:24:01.840 –> 00:24:05.080
only imagine that they’re gonna be there’s gonna be a lot of cleanup

00:24:05.080 –> 00:24:08.000
because when you when you’re that high of an executive at a company like that

00:24:08.000 –> 00:24:12.600
you get emails that are not supposed to be out in the world like trade secret

00:24:12.600 –> 00:24:17.080
stuff and things about purchases and things like that that can really be

00:24:17.080 –> 00:24:21.160
dangerous they get out in the wrong hands so I’m sure Microsoft’s in cleanup

00:24:21.160 –> 00:24:25.880
mode right now for that one of the the other interesting articles I’ve

00:24:25.880 –> 00:24:31.320
followed this this pretty closely actually and I take this with a grain

00:24:31.320 –> 00:24:34.320
of salt personally because it’s Kaspersky and they’re rushing company

00:24:34.320 –> 00:24:38.480
and that’s concerning to me because I know there’s been always been

00:24:38.480 –> 00:24:42.280
speculation about Kaspersky and their ties with the government some of that so

00:24:42.280 –> 00:24:47.120
I take this at value but one of the things Kaspersky has recently launched

00:24:47.120 –> 00:24:52.800
is a tool called I shut down and it’s designed basically to detect notorious

00:24:52.800 –> 00:24:58.560
spyware that is on your iOS device I’m not really sure I know cup I’ve seen

00:24:58.560 –> 00:25:04.640
this going around the internet people talking about this I am personally a

00:25:04.640 –> 00:25:08.960
little hesitant with anything from Kaspersky right now because of

00:25:08.960 –> 00:25:12.200
everything going on in the world I know I have seen a bunch of people that used

00:25:12.200 –> 00:25:17.160
it and they said they did find stuff I’m again it’s supposed to be for that

00:25:17.160 –> 00:25:23.360
Pegasus that quad dreams rain and the other one predator so again I mean I

00:25:23.360 –> 00:25:28.400
think you know that it’s well it could be a good tool I would be hesitant to

00:25:28.400 –> 00:25:33.800
use it right now anything like that from Kaspersky that’s that’s just me

00:25:33.800 –> 00:25:38.320
Microsoft having a heck of a week – by the way I had another story here in my

00:25:38.320 –> 00:25:44.840
show notes a critical Microsoft SharePoint bug now actively exploited CIS a

00:25:44.840 –> 00:25:48.440
warns that the attackers are now exploiting a critical Microsoft

00:25:48.440 –> 00:25:52.440
SharePoint privilege escalation vulnerability that can be chained with

00:25:52.440 –> 00:25:58.360
another critical bug now one thing that I do point out that I went through the

00:25:58.360 –> 00:26:02.320
this and read through this whole thing it says the Microsoft SharePoint server

00:26:02.320 –> 00:26:09.320
exploit chain was successfully cut founded by star labs researcher they

00:26:09.320 –> 00:26:15.400
earned $100,000 reward from from what I could take from this because the they

00:26:15.400 –> 00:26:19.880
weren’t overly descriptive about this Microsoft I’m guessing it’s going to be

00:26:19.880 –> 00:26:24.440
if you have in-house SharePoint running that’s a big business for Microsoft

00:26:24.440 –> 00:26:27.360
SharePoint a lot of people don’t know they actually bought SharePoint they

00:26:27.360 –> 00:26:30.960
didn’t actually build it but one of the things like I said if you are running

00:26:30.960 –> 00:26:34.280
SharePoint make sure you go ahead and patch your service but I believe it is

00:26:34.280 –> 00:26:37.680
internal SharePoint it has to be because if it was its external SharePoint

00:26:37.680 –> 00:26:41.640
Microsoft will patch it for you so yeah like I said but they didn’t because one

00:26:41.640 –> 00:26:46.080
of the things somebody had asked was on the forums was is is this currently

00:26:46.080 –> 00:26:49.840
being exploited on 365 and if it is I mean there’s nothing we could really do

00:26:49.840 –> 00:26:52.680
about it Microsoft’s got a patch it but I would imagine they’re probably gonna

00:26:52.680 –> 00:26:57.640
patch it so if you’re running internal SharePoint go ahead and patch immediately

00:26:57.640 –> 00:27:02.400
Microsoft had a lot of big bugs over the last year or so you remember I think it

00:27:02.400 –> 00:27:06.400
was last right around Christmas time whatever they had an issue with exchange

00:27:06.400 –> 00:27:09.440
it got to the point rack space actually had a shut all their servers down

00:27:09.440 –> 00:27:13.980
because it was that vulnerable a lot of stuff going on with that but that is

00:27:13.980 –> 00:27:17.560
something by the way that is going to be coming to an end Microsoft has said that

00:27:17.560 –> 00:27:23.320
they will not be releasing exchange server anymore that I think they said

00:27:23.320 –> 00:27:26.560
they’re releasing their last version of local exchange I don’t know that’s gonna

00:27:26.560 –> 00:27:30.360
fly a lot of people really upset about that and it’s not so the reason why that

00:27:30.360 –> 00:27:35.600
is an issue is because you do have stuff people like lawyers and stuff like that

00:27:35.600 –> 00:27:40.640
that do host their own exchange servers because of the whole security and

00:27:40.640 –> 00:27:48.040
privacy of what they’re actually doing and they don’t want stuff exposed out to

00:27:48.040 –> 00:27:52.240
the cloud specifically because they don’t you know how cloud is redundant

00:27:52.240 –> 00:27:55.480
well they there’s just some kind of rules where they can’t have data being

00:27:55.480 –> 00:27:59.520
backed up in other countries if it’s certain things regarding certain it’s

00:27:59.520 –> 00:28:03.240
all law and stuff I don’t really understand that well but like I said

00:28:03.240 –> 00:28:06.560
it’s there’s something about that I know lawyers specifically upset about that

00:28:06.560 –> 00:28:10.600
some doctors are really upset about that because of the whole HIPAA thing which

00:28:10.600 –> 00:28:15.640
I mean obviously 65 in the cloud is HIPAA compliant but especially people

00:28:15.640 –> 00:28:19.200
with trade secrets or stuff like that you know are concerned and stuff like

00:28:19.200 –> 00:28:22.640
that so we’ll see I mean Microsoft I mean the end of the day Microsoft’s

00:28:22.640 –> 00:28:26.160
gonna keep releasing it if it’s making them money that’s what it comes down to

00:28:26.160 –> 00:28:31.000
you know so you know as things you know stop making Microsoft money is when

00:28:31.000 –> 00:28:34.800
they’re pushing it to the cloud so you know Microsoft’s legacy business of

00:28:34.800 –> 00:28:39.560
Windows Server and Exchange SharePoint all that sort of stuff is still making

00:28:39.560 –> 00:28:43.000
them a lot of money on-prem so until it doesn’t they’re gonna keep releasing it

00:28:43.000 –> 00:28:47.200
so like I said we’ll see what happens with that I would imagine a lot of people

00:28:47.200 –> 00:28:51.080
really complained about the SharePoint going into the cloud I’m sorry about

00:28:51.080 –> 00:28:56.040
exchange going into the cloud I actually am all for it SharePoint I don’t think

00:28:56.040 –> 00:28:59.780
should be in the cloud because SharePoint is very customizable and you

00:28:59.780 –> 00:29:04.200
can do a lot with it where exchange not so much and it’s much more secure in the

00:29:04.200 –> 00:29:07.600
cloud like I said I think I don’t think you’re gonna see I don’t think you’re

00:29:07.600 –> 00:29:11.480
gonna see SharePoint stop being released locally but I do think exchange

00:29:11.480 –> 00:29:14.440
eventually will go all in the cloud but I guess I do like SharePoint locally

00:29:14.440 –> 00:29:18.920
because it is very customizable and I have seen some companies with very

00:29:18.920 –> 00:29:24.860
elaborate SharePoint setups speaking of things that are hacked and secure lush

00:29:24.860 –> 00:29:29.080
cosmetics I know they’re pretty popular company I don’t know a lot about them

00:29:29.080 –> 00:29:34.480
but I do know that they had a they got hacked pretty bad and they have somebody

00:29:34.480 –> 00:29:38.160
coming in an IT company doing an independent security audit to check their

00:29:38.160 –> 00:29:42.920
system so really glad they’re doing that but they did get hacked they haven’t

00:29:42.920 –> 00:29:46.240
released I obviously want the report as the people to come in and do a search

00:29:46.240 –> 00:29:49.200
and spec see I don’t think they know what got hacked a lot of these places

00:29:49.200 –> 00:29:52.080
like cosmetics companies and stuff of that don’t really know the security

00:29:52.080 –> 00:29:55.140
infrastructure too well so they you know they’re gonna somebody come in do an

00:29:55.140 –> 00:29:59.120
audit see what got tampered with and then obviously make recommendations but

00:29:59.120 –> 00:30:03.160
to tighten the place up so if you are somebody that uses them you might want

00:30:03.160 –> 00:30:07.040
to keep an eye on your credit cards or whatever you use on there so our friends

00:30:07.040 –> 00:30:14.760
down under had a substantial breach labor was hit by a major government data

00:30:14.760 –> 00:30:19.880
breach millions of files stolen from key departments labor has admitted it

00:30:19.880 –> 00:30:24.420
suffered Australia’s largest ever government data breach with key

00:30:24.420 –> 00:30:29.880
intelligence defense economic department information files were stolen from

00:30:29.880 –> 00:30:36.400
Australia’s largest commercial law firm so those people in Australia I can

00:30:36.400 –> 00:30:39.680
imagine I really hope they have good cyber insurance because they are going

00:30:39.680 –> 00:30:43.480
to need it the interest the other interesting thing about this they said

00:30:43.480 –> 00:30:49.720
in April of 2023 of 2023 ransomware group stole more than 2.5 million files

00:30:49.720 –> 00:30:55.200
from the firm so this is you know something that’s this is a pretty big

00:30:55.200 –> 00:31:03.000
deal because a lot of government stuff has gone out so like I said I saw that

00:31:03.000 –> 00:31:05.800
I’m like oh interesting so it’s not just our government that gets hacked by the

00:31:05.800 –> 00:31:13.400
way it’s everybody else as well also – there are a bunch of those of you that

00:31:13.400 –> 00:31:17.360
use WordPress for your website there has been a lot of stuff coming out about

00:31:17.360 –> 00:31:23.040
this obviously WordPress always has issues with hacks and some of that so

00:31:23.040 –> 00:31:26.760
you have to make sure you keep all your stuff up to date but they said over 6700

00:31:26.760 –> 00:31:32.720
WordPress sites using outdated version of the pop-up builder plug-in have been

00:31:32.720 –> 00:31:37.600
infected and are suffering from malware so if you are somebody that uses the

00:31:37.600 –> 00:31:42.600
pop-up builder plug-in on your website I would make sure to get that hack get

00:31:42.600 –> 00:31:47.160
that fix so you don’t get hacked or if you are hacked roll back to a backup

00:31:47.160 –> 00:31:51.360
there’s another one as well this week about WordPress over 300,000 WordPress

00:31:51.360 –> 00:31:58.320
sites vulnerable to post SMTP plug-in so if you are somebody that uses SMTP on

00:31:58.320 –> 00:32:03.520
WordPress and you use the post SMTP plug-in you have to patch that as well

00:32:03.520 –> 00:32:10.040
so it’s a busy week for security stuff going on I mean always is but

00:32:10.040 –> 00:32:15.160
specifically this week there’s a lot of a lot of hacks and stuff like that

00:32:15.160 –> 00:32:21.920
opera has a bug in it which is going to let hackers run any file on your Mac or

00:32:21.920 –> 00:32:29.520
Windows PC that was in the news this week as well opera obviously pretty

00:32:29.520 –> 00:32:35.240
popular I mean it’s definitely it’s not on chrome level or Firefox level but

00:32:35.240 –> 00:32:40.680
definitely is pretty popular but like I said security researchers disclosed a now

00:32:40.680 –> 00:32:45.440
patch security floor in opera web browser that was allowing people with

00:32:45.440 –> 00:32:50.920
Microsoft Windows or Apple OS that could exploit any files or run any files on

00:32:50.920 –> 00:32:55.160
their system so the remote code execution vulnerability my flaw they’re

00:32:55.160 –> 00:33:02.120
calling it was discovered and apparently it is patched now so if you are if you’re

00:33:02.120 –> 00:33:06.280
using opera browser or opera GX make sure you go in patch that’s actually

00:33:06.280 –> 00:33:10.600
pretty concerning thing because anybody can run any files on your machine pretty

00:33:10.600 –> 00:33:17.280
scary so team viewer apparently has another big attack right now that people

00:33:17.280 –> 00:33:21.480
figure out how to remotely gain access to systems team viewers saying to patch

00:33:21.480 –> 00:33:27.000
it any of that stuff especially team viewer and any desk and a lot of these

00:33:27.000 –> 00:33:31.240
things they’re always very vulnerable to attacks is obviously you get remote

00:33:31.240 –> 00:33:35.080
control so nice a machine so I know these things are important are very

00:33:35.080 –> 00:33:37.960
well used but you got to make sure you keep up to date because these companies

00:33:37.960 –> 00:33:41.000
have quite that I would not want to be on one of these security teams for one

00:33:41.000 –> 00:33:45.880
of these companies I can only imagine what they go through the amount of just

00:33:45.880 –> 00:33:51.220
stuff that they have to deal with with attacks and all that cuz I mean

00:33:51.220 –> 00:33:54.840
basically think about it I mean somebody I mean you’re basically if you get

00:33:54.840 –> 00:33:58.160
hacked is basically give somebody remote access to a system so it’s a it’s a

00:33:58.160 –> 00:34:03.120
really tough really tough thing to you know deal with I give any of these guys

00:34:03.120 –> 00:34:07.600
that work on these teams tons and tons of credit because it definitely is a

00:34:07.600 –> 00:34:12.360
home edge is gonna be hard work so the one the last article I want to talk

00:34:12.360 –> 00:34:17.720
about is an interesting one they are actually saying that there is a lack of

00:34:17.720 –> 00:34:23.200
cybersecurity experts in the industry and the same part of the problem is that

00:34:23.200 –> 00:34:26.920
a lot of the kyber security experts don’t have the degrees required to get

00:34:26.920 –> 00:34:31.880
the job this is an interesting article it’s from the national was at the

00:34:31.880 –> 00:34:38.320
national the national cyber director he addressing the cyber talent shortage

00:34:38.320 –> 00:34:44.560
this is actually like I said this is actually on the actual news site clear

00:34:44.560 –> 00:34:49.320
news dot clearance jobs calm which is where you would look for federal jobs

00:34:49.320 –> 00:34:54.480
he’s actually saying that he working that they want to remove the degree

00:34:54.480 –> 00:34:58.480
requirement most jobs in the US government for skyber secure car for

00:34:58.480 –> 00:35:01.520
your degrees many people don’t have a four-year degree that our security

00:35:01.520 –> 00:35:06.720
experts and they want to go ahead and remove that just way they will not get a

00:35:06.720 –> 00:35:11.720
shortage as people without four-year degrees are not being considered so

00:35:11.720 –> 00:35:16.840
basically what this is the government is is lowering their standards for getting

00:35:16.840 –> 00:35:21.560
people and and honestly I don’t blame them I know a lot of good cybersecurity

00:35:21.560 –> 00:35:26.040
people myself included that don’t have four-year degrees that went maybe to

00:35:26.040 –> 00:35:29.560
college for two years have associates and they got into cybersecurity I know

00:35:29.560 –> 00:35:33.400
many people that didn’t go to college at all and when it got into cybersecurity I

00:35:33.400 –> 00:35:36.800
know a lot of programmers that are amazing bug finders that never went to

00:35:36.800 –> 00:35:41.800
college and do a great job so I actually think this is actually really good most

00:35:41.800 –> 00:35:47.040
of your good hackers didn’t go to college I hate to say that but a

00:35:47.040 –> 00:35:51.480
majority of your good hackers don’t go to college I know a lot of good good

00:35:51.480 –> 00:35:54.760
security professionals and some of that that you bug bounty and some of that

00:35:54.760 –> 00:35:57.520
none of them are meant to college they just hang out and just do bug bounty all

00:35:57.520 –> 00:36:02.960
day I know a lot of guys that actually did get in trouble and then got jobs

00:36:02.960 –> 00:36:06.000
with the government after they got out I know a lot of that kind of stuff happens

00:36:06.000 –> 00:36:12.520
so I think this is a specific case where they’re gonna have to you know sometimes

00:36:12.520 –> 00:36:15.800
the you know the government needs to understand that they’re you know they

00:36:15.800 –> 00:36:19.520
you’re not always gonna you have to look sometimes it’s not even lowering your

00:36:19.520 –> 00:36:24.480
standards if the industries have changed so much you know 20 30 years ago none of

00:36:24.480 –> 00:36:28.080
your IT people went to college because College for Computer Technology didn’t

00:36:28.080 –> 00:36:32.320
exist so I mean a really interesting thing and some of your your best minds

00:36:32.320 –> 00:36:36.300
are not college graduates so I think this is actually a good thing by the

00:36:36.300 –> 00:36:38.680
government I’m sure they’re gonna have some kind of vetting process where you

00:36:38.680 –> 00:36:42.920
have to pass it you know test or something like that I’m sure that

00:36:42.920 –> 00:36:47.200
there’ll be something there but like I said I actually think this is actually a

00:36:47.200 –> 00:36:52.600
really good idea get more able to get more people get better people sometimes

00:36:52.600 –> 00:36:55.720
people that you know there’s a big difference in one thing anybody that

00:36:55.720 –> 00:37:00.080
works in cybersecurity or it works any job field whether it’s a skill or trade

00:37:00.080 –> 00:37:04.120
will realize there’s always a big difference between knowledge and

00:37:04.120 –> 00:37:08.800
experience and that’s really important so I do want to bring that up like I

00:37:08.800 –> 00:37:12.160
said some of the best coders I’ve ever met have never went to college and they

00:37:12.160 –> 00:37:16.660
were great coders so I mean it’s it’s one of those kinds of businesses where

00:37:16.660 –> 00:37:20.160
sometimes you’re not going to always you know college isn’t for everybody some

00:37:20.160 –> 00:37:24.040
people are better at educating themselves and I think that is becoming a real

00:37:24.040 –> 00:37:27.880
thing now especially with the internet stuff a lot of people go to cyber school

00:37:27.880 –> 00:37:31.160
now a lot of people do home school now some of that because they want to move

00:37:31.160 –> 00:37:35.360
faster they want to learn more there’s actually quite a bit of that actually I

00:37:35.360 –> 00:37:38.920
know quite a few people that are that are cyber schooling or homeschooling

00:37:38.920 –> 00:37:42.760
just because they can move at a faster pace and get more done and be more

00:37:42.760 –> 00:37:47.040
prepared for college and then some people isn’t you know colleges for

00:37:47.040 –> 00:37:51.600
everybody a lot of guys that made good money doing apps on the App Store and

00:37:51.600 –> 00:37:56.240
stuff that have never went to college so you know it’s one of those kinds of

00:37:56.240 –> 00:37:58.520
things where I think the government realizes that yes we’re holding people

00:37:58.520 –> 00:38:02.360
to a ridiculously high standard some of the best people in we need to get the

00:38:02.360 –> 00:38:07.360
best so in order to get the best we have to lower the standards of what we want

00:38:07.360 –> 00:38:10.960
and you know college is not for everybody like I said there are some

00:38:10.960 –> 00:38:14.760
great people in security industry that don’t have four-year degrees so I’m

00:38:14.760 –> 00:38:18.120
really happy that they’re doing that we need to really get a handle on this kind

00:38:18.120 –> 00:38:23.100
of thing because with all this government sponsored hacking and all

00:38:23.100 –> 00:38:27.400
that kind of stuff we are going to need really good people and especially since

00:38:27.400 –> 00:38:31.960
there is a shortage of people this is a good way of doing it and I want to point

00:38:31.960 –> 00:38:35.280
this out to a lot of people talk about COVID and and I’m not getting political

00:38:35.280 –> 00:38:39.360
I’m not but a lot of people say COVID where’d all these people go why didn’t

00:38:39.360 –> 00:38:44.080
people go back to work it just shows you too that it’s it’s not just like the job

00:38:44.080 –> 00:38:49.600
it’s not just like the food industry it’s not just the you know the the

00:38:49.600 –> 00:38:53.920
blue-collar jobs with a shortage of people even in in white-collar fields

00:38:53.920 –> 00:38:58.920
there is a shortage of good people so it just shows you it doesn’t matter what

00:38:58.920 –> 00:39:03.840
industry your is there is a serious shortage of people in the workforce and

00:39:03.840 –> 00:39:07.960
like I said it doesn’t matter you know what industry you’re in there is a

00:39:07.960 –> 00:39:12.320
shortage right now so I thought that was interesting like I said I want to go

00:39:12.320 –> 00:39:15.880
ahead and just point one thing out like I said if you want to reach out to me go

00:39:15.880 –> 00:39:20.640
to the website the pain of security comm email me I do enjoy all the emails and

00:39:20.640 –> 00:39:25.760
really appreciate it and like I said I have I do we do have the forums up now

00:39:25.760 –> 00:39:29.400
and a lot of other things so please go with it we also have a lot of free tools

00:39:29.400 –> 00:39:33.360
I have I write a lot of free little tools and give them away for free if you

00:39:33.360 –> 00:39:38.280
go to the pain of security comm click on tools click on software there is tons of

00:39:38.280 –> 00:39:41.480
free software there you can use little security tools little things I write

00:39:41.480 –> 00:39:46.120
that I give away for free go ahead and like I said take you know you know

00:39:46.120 –> 00:39:49.800
download them enjoy them use them like I said all these little goodies that I

00:39:49.800 –> 00:39:52.520
write like I said I give them away for free I enjoy messing with code when I

00:39:52.520 –> 00:39:56.680
have some downtime and it’s nice just make sometimes little tools that people

00:39:56.680 –> 00:40:01.440
can use and kind of help people out just like this podcast so I want to thank

00:40:01.440 –> 00:40:08.000
everybody for listening and we will see you on the next episode thank you much

00:40:08.000 –> 00:40:08.840
(upbeat music)