Listen to the latest updates, developments, and insights into the world of cybersecurity. Learn how to protect yourself against the ever evolving threat of cybercrime from leading talk radio shows and premium podcasts.
Cyber Security Weekly Podcast
A highlight from Episode 363 - From Spectre/Meltdown to side channel attacks on microcontrollers
"This is Jane though and I'm at blackhead Asia 2023 and with me today. I'm very pleased and very privileged to have central Pinto, who is a professor with university of minho. And Cristiano Rodriguez, who is also with the universities and they are going to be sharing with us on site channel attacks on microprocessors. So thank you so much. Microcontroller. So thank you for correcting me there. So thank you very much for your time today. Yeah, thank you, Jen for taking the time to basically interview us or to spend a few words with us. Yes. So yes, you correct me earlier. The difference between microprocessors and microcontrollers. So I'm going to be asking you about what is the difference between those and also obviously about exactly. The key observation here is that all the majority of the side channels attacks that we know, for example, the most well-known in the last few years is spectrum meltdown in particular, those are micro architectural side channels because side channels in general is quite broad. Is that they target microprocessors or also so called application processors units. That are the CPUs or the computing units that power cloud infrastructure, servers, desktops, laptops, mobile device. What we have done was we went to the completely opposite side of the computing spectrum and instead of these high performance powerful CPUs, we target the very teeny tiny small CPUs or microcontroller units that goes inside these embedded or IoT device. All right. That's the big difference. They are typically very resource constrained in terms of computing power, but also in terms of memory and power consumption. Now I'm going to ask you why it's a slight channel type, but before we go on to that. So you talk about microcontrollers in IoT devices. So for example, we will be seeing some of them say in our mobile phones, yes. Exactly. In the mobile phones, you have typically microprocessors plus microcontrollers. But typically, for example, where you have microcontrollers in some smartwatch, for example, when you have these IoT appliances, you have on your washing machine. And all of that stuff is where you have this microcontroller unit. All right, okay, so thanks for giving us a brief introduction into the difference between a microcontroller and a microprocessor. So now I'm going to ask you what is a site channel tag? Yeah, side channel attack is not a new concept at all. I channel that I've been here for quite a long time. If you go to Google scholar and you put side channel attack, you'll find more than 1 million entries about papers and related literature. The particular thing about side channel attacks is that it's a technique that allows attackers to retrieve secrets used in computations, basically by observing the side effects that those computations have in specific physical properties and the environment. For example, there are different side channels, some can be related to sound trace, others can be related to it and power, others can be related to electromagnetic radiation and others can be related to timing. So by detecting the differences in the temperature. One is, for example, one attack that where the attackers or the actors or the researchers basically leverage thermal cameras to basically observe thermal trace. So they basically having thermal cameras when we press the keys or do a pattern like to unlock the phone, they can analyze those images and recognize the patterns and they can understand which patterns people use to basically unlock
Cyber Security Today
A highlight from Cyber Security Today, May 24, 2023 - Generative AI used for child porn, Google to pay Washington state millions for misleading location practices, and more
"That includes training AI systems to create images of child sex abuse, and deepfake audio files that tout extremism. This is according to researchers at ActiveFence. Among the worrisome evidence, a poll of 3 ,000 people on a closed child predator forum on the dark web found 78 % have or plan to use Generative AI for child sex abuse images or stories. The report is another call for governments to impose regulatory safeguards on the use of Generative AI. I've reported many times on hackers trying brute -force attacks on internet -connected devices as a way to initially get into corporate IT networks. The latest evidence on this comes from a French company called Tetris, which has some honeypots set up on the web to learn the tactics of attackers. The most common words, those who recently tried a honeypot, were variations on the word password and welcome, like, you know, password123 and so on. Two of the most common usernames tried are admin and root. It's imperative that IT administrators make sure not only that employees use safe passwords, but also the default passwords that come with new hardware and software are changed as soon as they're installed. Google has agreed to pay Washington state almost $40 million to settle allegations of using misleading location practices. Google will also have to follow court -ordered reforms to increase transparency about its location tracking settings. The state alleged Google deceptively led consumers to believe they have control over how Google collects and uses their location data. However, the state said consumers really couldn't effectively prevent Google from collecting and profiting from their location data. Many government entities in Utah still haven't adopted cybersecurity best practices. That's according to a report from the state's Legislative Auditor General, which surveyed cities, counties, towns, school districts and colleges. What many haven't done are the basics, like adopting a cybersecurity framework to follow. How unimportant is cybersecurity among government agencies in Utah? Only 37 % of organizations replied to the government survey. The keypass password manager has a vulnerability. A researcher created a proof -of -concept hack showing the master password, except for the first character, can be recovered from the application's memory. Now, a hacker would need access to a victim's computer. This hack can't be done remotely over the internet. Still, watch for and install a new keypass update to fix this hole. A 28 -year -old British IT security analyst has been convicted of blackmailing his company after it was hit with a cyber attack in 2018. The attacker demanded a ransom. After that, the IT employee accessed and altered the attacker's email message in hopes that if a payment was made, it would go to him. Unfortunately, he left a digital trail that led back to his home computer. Deleting the data before the police arrived didn't help him. He will be sentenced in July. And finally, are you looking for cyber insurance? Do you fear rising premiums? Well, there's good news. Researchers at Global Data think the pressure on insurers to keep increasing premiums may ease in the second half
A highlight from SN 924: VCaaS Voice Cloning as a Service - HP printer update, KeePass vulnerability, SpinRite bug
"You know, we've been talking about ransomware as a service. So like to make it much easier for the bad guys to deploy ransomware. Well, once you know, now, of course, we've got voice cloning as a service. So that took over the title. And we're going to wrap up by talking about that. But we're going to lead off with a tracking device follow up, then answer some questions, including what happened when I updated my own Asus router and what happened when HP attempted to update all of their OfficeJet Pro 920e series printers in the field. What did the Supreme Court have to say, if anything, about Section 230? How concerned should keypass users be about this new master password disclosure vulnerability? What's Apple's position on chat GPT? What's Google been quietly doing about its user profiling without tracking privacy sandbox technology? What disappointing news did the Senate Intel Committee just reveal about the US FBI? And why did the Python Foundation suddenly close all new registrations of users and packages? Then after I announce and explain the discovery and fix for a long standing bug that has always existed in spin, right? Six point zero. What long thought long thought to be bug free, long thought to be perfect. I know probably extending as far this bug extends as far back as spin, right? Three point one as far as I know, in the early nineties, I did confirm it in five. Oh, we're going to finish by examining the emergence of this new voice cloning as a service dark web facility. And oh, we've got a terrific picture of the week. I am I am being overloaded with fences and gates that go nowhere. It turns out very common. Turns out the world is full of this. I quit is going on here. But it's really today we've got a really fun picture of the week that will be of interest. It's just so clever about a mistake that people can make in coding. Ah, I'm going to guess the mistake you made in spin, right? It was not a buffer overflow bug. I'm going to guess it wasn't. And I will defend myself because it wasn't a bug back then either. Oh, interesting that it became one. So that's interesting. That's an interesting example. Well, we'll talk about that in a second. But first, a word from our sponsor Express VPN, the only VPN I use and trust. And I can explain to you why I trust it. But let me explain what you can do with it. First, one of the things that Express VPN does is let you be anywhere in the world because they have servers all over the world. And you can use any one of them as your exit door to the public Internet. Why would you want that? Well, let me give you an example. different They have content available to users depending on where they're located. I asked Netflix about this. They said, yeah, is it I said, is it wrong for me to do this? They said, no, you paid you subscribe to Netflix. We just don't think people are going to end up doing it. Netflix has tens of thousands of shows worldwide. You only get to see, you know, the fraction that's available in your country. So watching Netflix without Express VPN be kind of like paying for a gym membership and saying you can only use the treadmill. Don't don't look over there at the bikes. Express VPN lets you change your online location so you can control where you want Netflix to think you're located. You like anime, you go to Japan. You like British comedies, BBC comedies. You go to the UK. They have more than almost a hundred different server locations all over the world. So you gain access to thousands of new shows.
Cyber Security Weekly Podcast
A highlight from Episode 362 - OpenJDK offering security and cost efficiencies
"Scott sellers, the president, CEO, and cofounder, better get that right co fan. He must have a cofounder with you with Azul. Thanks for joining us on my second sec weekly. Thank you, Chris. Great to be with you today. Wonderful. And I understand you'll hear in Australia, so it's great to welcome to Australia. You're based in California, otherwise. Yeah, maybe let's introduce us to Azul. And then we'll go through your purpose of being in, well, sunny Sydney. I don't know what Melbourne's like today, but yeah, your purpose here in Australia. Thanks, Chris. Appreciate it. And yes, first time I've been to Australia and it's been lovely. We've been here for the week and we're in Sydney and now Melbourne and I've just enjoyed a tremendously so excited to come back soon as well. So as well as the company has a 20 year heritage specifically addressing pain points associated with the Java platform. And as you may know, Java is truly ubiquitous and in the enterprise and universities and public sector settings, it really is the heart of much of what's going on in DevOps today. And we can get into the details of that, but really what we focus on is providing the world's best Java platform and enabling DevOps teams to more effectively and efficiently meet the business needs. Maybe what's the platform, where's the strengths, I suppose, for the platform itself, and obviously it's focused for enterprise. And we'll also touch on the security aspect naturally as well. But yeah, what's the real strengths of the platform that you've got? Absolutely. So to give just a little bit of background on Java, which I think would help people understand, you know, where it all comes from Java, of course, was invented. My son in the late 90s. And really has flourished as a very, very popular platform and language for which most applications in the enterprise network are developed using Java language or other Java like languages. And it's an open-source platform. So in 2006, sun open-sourced all of Java. And I think that's one of the reasons that Java has continued to flourish as there is no one single vendor that controls Java and I think if you look at some of the most successful open-source projects ever, I think you'd put both Java and Linux probably as the two that clearly have been massively successful. And I think the nature of the fact that both are open-source have really led to the popularity and the success and really kind of know it in sight for each and overall and the enterprise and really other science in general. So why is that? It's not going anywhere. It's a fundamental language as part of the software ecosystem. Being around for 20 odd years, I used to have a lot of confidence on where the platform's going. Absolutely continues to be continues to grow. And we've been as well as a company, as I mentioned, we have a 20 year heritage. So we've seen a lot through those 20 years in terms of the evolution of the platform and the popularity. And it always there's always waves of interest sort of the new hot language of the day. And when you look at the various stats of usage and developers developing different applications and things like that, of course, we always look at those and one of the things that continues to make jealous of popular is just the vast amount of frameworks and libraries and open-source features capabilities that allow for applications to be develops a readily. And when you think about application development, nothing is written from scratch. A lot of it is just pulling various pieces from open-source projects and open-source libraries and frameworks and these types of things. And most of that is Java and continues to be developed in Java. So you can think about it or really like a flywheel that once it gets spinning, it gets faster and faster and faster and almost becomes self perpetuating level of success. And that's certainly is the case for Java. I think the other thing that happened was significant in the overall life of Java so far is beginning in 2019, the open-source community, which develops Java, which is called open JDK, the open JDK community, and that with us involved and bigger companies like Oracle and IBM and Red Hat. We collaborate very effectively within the open JDK community, beginning in 2019, we changed how future versions of Java are developed and released. And before that, it was sort of like a Big Bang release model where you defined all the features and it took three, four, 5 years to develop kind of the next major version of Java and it was the delivery schedules were very difficult to predict and it was frustrating because you'd want to get some feature in. And even if something wasn't to be released for another 18 months, you couldn't touch it because all the other features you needed to go and it was just it felt very antiquated. And so beginning in 2009, 2019, the community moved to a train based release methodology, which of course is much more typical nowadays in terms of agile development and continuous improvements and those types of things. So now, every 6 months, like clockwork, every March, every September, a new version of Java is released. And if a feature is not ready to go, well, it doesn't go in that release it may be going the next one of the next one after that.
Recorded Future - Inside Threat Intelligence for Cyber Security
A highlight from 68. SPECIAL FEATURE: 'The Slave Armies Powering a New Kind of Golden Triangle Cybercrime' from The Underworld Podcast
"In this episode, which dropped last year, host Sean Williams sits down with reporters Nathan southern and Lindsey Kennedy to talk about how Chinese gangsters, crypto scams, cybercrime, extortion, and human trafficking have all come together in created a population of cyber slaves, and these centers of digital servitude have been popping up around casino towns in Southeast Asia. And just a heads up, in addition to being rather shocking, this episode includes some strong language. Take a listen. On January 28th this year, a Bangkok local government official is checking the Facebook page of a volunteer group he set up to help folks struggling financially during the pandemic. Among the messages, there's a disturbing video. From an 18 year old Tiger girl arise swollen from crying. I'm in a building opposite the karaoke buses the girl. She traveled from Bangkok to the Thai Cambodia border she adds, where she's been promised a job in the CD, Cambodian casino town of poipet, but everything has gone tragically wrong. Once across the border, she's been told her new role will actually be to scam strangers online. And if she wants to leave, her father will have to pay 40,000 bucks over a thousand U.S. dollars. I know everything and I'm afraid that he'll kill me, she says. Referencing the boss who has tricked her into this criminal world. I don't know what it will do to the others after this, and I don't know if I can contact you again. I've heard that at least 20 or 30 people have died. The official echo pop Luang preset is bemused at first, perhaps this video is a scam he wonders. But the Titans since location details and photos from her Cambodian compound. And in the coming months, dozens more trafficking victims share their own stories, sent into slavery, casino towns all over Southeast Asia. Cambodia, Laos, Myanmar, each one has a tale of misery, orchestrated by Chinese gangsters. Hotspots like poip and Sia nucle and Cambodia, and the golden triangle special economic zone in Laos, the home of notorious casino, the king's Romans, are
DARKWEB.TODAY - Hackers & Cyber SECURITY
A highlight from just another twitter space
"Level. Are you driving? I'm talking with my friends. He's basically, if he wasn't because of him, I wouldn't have been in Argentina last year in the party. He really wanted to push me. After that, it was just all a book in the park because when I submitted that, everybody was like, oh, we wanted to. He was like, no, he was telling me, because he lives in Argentina that he was talking to a friend that said, okay, how about visiting the Euro? In a long weekend. Yes. Why? Definitely good reason. The unique reason that it's just basically you just have a fun time. That's not something. That it's important to have a good time, so it will people that care about really caring about me and everyday behavior support all the time often. I have already told you this a thousand times and you. Know this, but it's very easy to be next to a person where everything is beautiful and wonderful. When things are complicated, they got everybody's tips back and. Nobody's there. Yeah, so that is so to work along sometimes. But here we are, you know, that hearing in Argentina, there is a very big community. So you know that I'm working most of the community here at Hackett. I work in sustainability team. Backbone to team. The under hacking 2016 community community. So I work in a community. It's very hard to me because I have my degree in math and study intelligence right now. And a part of that in the B side in trying to give my social life, but it's hard to be. Yeah, well, you know, I already told you about that beside here that yeah, I wanted to do that. And. The guy that he was the first person who knew I was into prison, he was the first person who called me in prison, not being my mother. I hit her with her too, you know, in this situation, these are probably the best filters in life to know who is who around you. And here you would really know who are the people that really care. And the people that weren't sure around that were disappeared, these are the best things in your life. These things are the right and the positive side of it. The perfect way in order to know who. I applied for the submission for paper for the eco for this year will be submitted with a guy from Chelsea from Miami. I'll also show you security. We build a bit of sending a proposal to talk about that. And that's it. I don't want to talk much about that, but not only him also with some other people, I will not say, last year, really, it was the last day that it was at extension in the last day that I did it on the last minute of the United States. I have a lot of people that would, from other crises like this guy, the USA, that would really have the skills, the knowledge, would love to be in a conflict like this. But okay, on their own, even though they don't have to worry about anything, sometimes I don't know. Yeah, well, it's a double personalities and how comfortable you feel. But if they do with somebody that they trust and it's not having to handle all the operation themselves, yeah, they can apply and they are really amazing topics that they already know a lot about and are really interested for the community.
DARKWEB.TODAY - Hackers & Cyber SECURITY
A highlight from another twitter spaces
"Well, if you're talking, I can't hear you. And T hacked, what up, what up? Apparently Alberto's probably resting. Or are you Alberto? Hacking bounty InfoSec saying nice. Cool? Yep. Alberto, I always look for your space first. Because it's safe. Super curious about something you said last night. How come Samantha doesn't like to blockchain? Tim, all right, if you're talking Alberto give me emoji if you're not, give me no emoji. Why are the captions now working? Twitter, where's my captions? Do a little toggle toggle captions one, two, one, two. No. Come on. Oh, I'll bet they come nice. Thank you, Twitter. I was driving. Hello, hello. Analysts and slave learning. The Puerto sleeping? Well, good. He's got to sleep at some time. Curious how he keeps going. He was being very cool that they would listen tomorrow, I think. Oh, that's pretty neat. Oh, okay, so you host one and then you get it recorded. I don't know. I'm so bad at going back and listening to the recorded spaces and stuff because I feel like you missed the boat. I think if you put it in the space again and somebody goes, they will find nothing out there. No, that's pretty good. No, you know, that's a big part of it trying to keep a ledger almost of all your content, spaces. I just don't have time to listen to everybody's recording spaces. You know what I mean? Like especially if they do it daily, like there's no way to process that much content. Yeah, that's right. There we can process all the things that we went through or we have been through. And some important things can be recorded though, giving a track is good, but it has some other. Sense of security also. What you're speaking out, sometimes your thoughts are gifted in a different way. Literary you may have different views of that.
Chat w_ Alberto Daniel Hillmp3 - burst 2
"Of your bio from your LinkedIn page. Oh, why do I can talk about myself without reading? I would be better. That would be better. Why don't you tell us a little bit about yourself? I know. Yeah, that's right. Well, guys, I am a computer engineer. I am my name is Alberto, first of all. I want to kill. I am from Uruguay, of America. And I am a computer engineer. I have been working for 20 years into information security in different fields, such as computer forensics, consulting, I have a BMP certification, which is a pressure management professional from the PMA organization, and that allowed me to lead many projects, implementing information security management systems, based on the norm, so I select 27,000, which I am also satisfied, and I am the first hacker in Uruguay that will seem to be, but that's not the main point, the pain point is that I was sent to research and for trying to help others seem to present without being guilty of any crime. And well, I am here with my friend Tony that I met on the address spaces. And well, she invited me to talk in a space with her and I'm very honored to be here today. Thank you. And I want to welcome everyone to this nice space. I see we have Jason, who I met also on Twitter space bunsen and beaker who hosts an incredible portrait of phrases. Make sure you follow. I guess he does a great work and also my good friend Jason, who is an incredible guitarist. He plays beautiful music for me and hi there. So she's just kind of remark the sky as we follow each other. How are you? And hi Mike, how are you, space Mike, and also let's say hi to mister proctor 31 and also to Samantha. Hi, everybody. Welcome to this space. And again, another disclaimer. We are recording this space. I am running an analytics on this space. So if you could go ahead and share this out and invite all your Friends, even if they're not seen on this base, there are people listening to us right now according to the software. I wanted to talk a little bit about some of the things that you experienced. But what made you decide to reach out? I mean, you know, they say that no good deal unpunished. Alberto, I wonder, can we talk a little bit about that? Well, maybe you decide to reach out and to help your country. Wait, do you mean after or before being arrested? Before being arrested, I mean, did you thought that you would get arrested for doing this? Absolutely not. It was something that never crossed my mind. It was something that for me, it was impossible that would never happen. I mean, if you ask anyone from my school, when I was a child, when I was in university, I was probably the most introverted person in the class, the person that if you have told anyone of my act Friends from college, who will be impression, if you have to do one person in the future, I would probably leave it the last in the list to be considered, no, never across my mind. And as I work in cybersecurity, one of the key things that we do is finding some problems in systems, you may find them in the place where you work and you are paid for finding them. I mean, that's part of your issue. Or actually, when you go to your house and you tell your computer, you can also find security problems in systems that are not under your control. And yeah, I did find a lot of problems in many systems. And all the time, I reported them in order to help those people that both the companies that are involved and the people whose information is started in those systems that are being vulnerable without wanting anything in return. I mean, there are no problems here in Europe. So you do it just to help you then get I mean, you don't get to eat sometimes I think in return, but I consider that that's the thing to do because otherwise somebody with bad intentions will probably find the same problem you found. And they will be affecting the private information of a lot of people, which I really like because privacy for me is something patients and I respect other people's privacy and I want my what I don't want to I don't want to be invaded by policy and my life is quite public right now, but I really think the priorities should be really respected. But I have reported for years not to accompanies to what I find the best, but to assert of my country, the search is agency of the development that handles all the security things that are linked to the government and to critical systems or importance systems such as America providers, for example, or financial financial institutions. And well, I have done it for years. And I never had any problem. Until I found a very important security issue in America provider that was the provider of my ex-girlfriend where she wanted to set an appointment in the system and she gave me a computer to do that. And well, before she gave me her username and password, I was already in the system with the privilege of administrator being able to see absolutely everything everything out there, the provider with the username admin and the password admin, which is something that is hard to relieve, but it was true. So I immediately reported that to the serve. And then I forgot about it because you had to report it and you don't need to get any update or you have to know how the incident is being handled and solved. That's not part of the
3 Former U.S. Intelligence Operatives Admit Hacking for United Arab Emirates
"Three former. Us intelligence and military officials were behind an international hacking scheme newly released court documents show. They admitted the united arab emirates hired them to hack into computer networks around the world including right here in the us. They also sent advanced hacking technology from the us to help the uae spy on its enemies a team there ended up breaking into the computers and smartphones of thousands of targets including rival governments journalists and human rights activists. The justice department says the men committed computer fraud and violated export laws. But they made a deal to avoid a criminal trial instead. They'll have to pay almost one point seven million dollars in fines between the three of them and they'll have to cooperate with federal investigation. The men will also never again be able to get a us. Government security clearance. The justice department called it a first of its kind resolution so far. The emirati government has not commented
Microsoft Warns of New IE Zero-Day Exploited in Targeted Office Attacks
"Is warning of a newly discovered. I e believe it or not. What sort of indirectly i-it's zero day being actively exploited currently in targeted attacks using their office apps while the danger might not be extreme. Especially if the user of this or the use of this exploit remains targeted This should remind us of our picture of the week two weeks ago which was titled pandora's inbox where pandora's depicted thinking to herself. It can't hurt to open one little attachment can it And while i agree that it's unlikely to hurt any of us. We do know that once zero day has been observed being used and it's become public Those highly targeted attacks likely become spray attacks. You know the secret is out and a patch will be forthcoming. Which means that. The optimal strategy at that point is for those who wish to exploit what has now become a time. Limited advantage is to go from you. Know targeting individual people to spraying this thing foreign wide to collect all of the curious and even the incurease pandora's Which may be possible so my word to our listeners. Don't be a pandora When we hear that it's an easier o'day that's really a misnomer. Because the vulnerability which is now being tracked cvt two thousand twenty one. Four zero four four four was found in microsoft's 'em html component which was also known as trident which is the i e. browser
Apple Issues Urgent iPhone Software Update to Address Critical Spyware Vulnerability
"Heads up if you have an apple device. There's an urgent warning to download the latest emergency software update now available apple just released it to fix a critical security problem security. Researchers found a flaw that lets a certain spyware infect iphones ipads apple watches or mac computers. But here's the thing. The person who owns the device does not even have to click on anything to let the cybercriminals in so users might not even know when they've been compromised with this technology. Hackers can control the devices camera and microphone and they can record text messages. Emails and phone calls. The spyware is made by an israeli company called the nso group. The firm sells its technologies to governments and police forces for crimefighting purposes but amnesty international says the spyware has also been used against activists and journalists. The average user probably would not be targeted but apple. Still says everyone should update their devices. Now just in case and the emergency software. Update comes just hours before. Apple's big product launch happening today apple is expected to unveil the latest version of the
Cyber Security Today
Who Are Ransomware Gangs Targeting?
"Which organizations are ransomware gangs looking to target. According to israeli cyber security firm kayla they primarily want firms based in the us canada. Australia and europe who on average earn more than one hundred million dollars in annual revenue and are not in the education health. Care government or nonprofit sectors. That's according to an analysis of forty five conversation threads on criminal forums. these forums are where initial access brokers claim to have hijacked into a company and are now selling that access to ransomware groups. Attackers are looking to buy specific types of access to victims so it and security administrators should pay attention to this. Highly desirable are companies. That have vulnerabilities in their microsoft remote. Desktop protocol set up which is used my employees for remote access as well as those with vulnerable virtual private networks setups using products from six palo. Alto networks vm-ware fortinet and cisco systems now in the last several months all of these products have issued patches for vulnerabilities. So you shouldn't be caught off guard for such access. Ransomware attackers are willing to pay up to one hundred thousand dollars and remember if your company earns less than a hundred million dollars a year. Don't be complacent. That's an average of the requirements of some attackers and only for messages seen during a narrow timeframe
Cyber Security Headlines
Ransomware Gang Threatens to Leak Data if Victim Contacts FBI
"Ransomware gang threatens to leak data if victim contacts. Fbi or the police in an announcement published on ragner lockers. Dark net leak site this week. The group is threatening to publish full data of victims who seek the help of law enforcement and investigative agencies following a ransomware attack or who contacted data recovery experts to attempt decryption or to conduct the negotiation process this announcement puts additional strain on victims considering that governments worldwide have strongly advised against paying ransoms but have suggested turning to law enforcement instead
Firewalls Don't Stop Dragons Podcast
Razer Mouse Security Flaw Can Give Admin Access to Non-Admin PC Users
"There was a rather disturbing story about how this security researcher was able to take over. Someone's computer t- basically live plug in the right kind of mouse now. This case that happens to be a razor mouse And there was actually a steel series mouse. That turns out had the same problem. But the problem's not with these mice the problems with microsoft windows so. This is an article from. Tom's guide and realize that there was actually a previous article to this. But talk about both of them so chronologically. It's gonna feel weird but just hang with me in the article. Explain both of these cases as we go a day. After the world learned that razor gaming mice could be used to take over windows. Pc's there's news at the same trick. Works with steel series gaming keyboards. Mice headsets and even mouse pads as with the razor mice. It's actually the windows. Desktop application that causes the trouble. That's because it gets system wide privileges during installation without first asking for a system administrators permission. This flaw was discovered by security researcher. Lawrence amer who was inspired by the razor issue. A militias human using or mauer. That's already running on a windows ten. Pc and presumably this applies to windows. Eleven to as a low level user during the installation process can leverage this flock to gain full system control and cybersecurity terms. This is called privilege escalation or escalation elevation of privileges it's when processes or users gained powers. They shouldn't have however. This law isn't the fault of steel series or a razor. Those companies are just trying to get their software and stone quickly. This is instead of microsoft issue because windows isn't distinguishing between hardware drivers which normally don't need admin permissions to install and peripheral related desktop software which should need edmund permission microsoft needs to fix this privilege escalation situation before more problems like this pop up as they almost certainly will. So what can you do about this to avoid having your p. honed by gaming peripherals. Make sure you lock the screen of your workplace. Pc when you step away from your desk home. Bc's are under less threat from this kind of attack due to there being fewer potential users around. But you might want to shut off your pc when you've got a lot of company over to really make sure that this can't happen to your machine log. In as an administrator good system than settings and then about and click on the advanced system settings link this will spawn a box labeled system properties. Select the hardware tab and then click the button device installation settings in the pop up window that follows title. Do you want to automatically downloaded absent and custom icons available for devices. Select the radio button labeled no in apparently next to know in parentheses says your device might not work as expected as you might imagine taking this more severe route might make installing new hardware not just gaming mice and keyboards but also printers headphones. Even usb security keys a bit more arduous although not impossible
Is It Time to Ditch Two-Factor Text Messages?
"Of the most important security measures you can take turning on two factor authentication to log into various online accounts whether it's for your bank your email or your twitter account but it might be time to ditch the option to receive those codes. You get by text that's right. I'm usa today. Tech columnist rob pecoraro writes about this on dot usa today dot com exploring alternatives to rely on text messages when enabling two factor authentication. It's especially important if your t. mobile customer as a recent data breach made its customers more susceptible to what's called a sim swap attack where a hacker tries to take over a phone line to intercept two factor authentication messages and it doesn't require the hacker to physically have your phone in their possession one alternative to receiving text with a code that allows you to continue the log in process is to switch to an or app google authenticate or is one big example. I've used an app called offi h. y. for years. Now it's fantastic. I use it for several of my accounts. It's really easy to set up in. All you do is when it gets to that screen that asks for the code to put in Instead of again getting text she'll go to the offi app and pull up the account. And it'll give you a six digit code. You type it right in. There are also some apps like google bypass text message altogether instead showing a message on your screen asking if you tried signing in and then he can tap either yes or no to confirm that you can also purchase an encrypted usb security key to linked to your account and then confirmed by plugging into the new device. They usually start around twenty five dollars but can't be fooled by fishing pages and protect multiple
Twitch Streamers Are Taking a Day off to Protest Hate Raids
"Expect the popular live streaming platform twitch to be a little quieter than usual today. Many streamers have staged a one day blackout. They're hoping to draw attention. To so called hate raids and show solidarity with streamers face them during these raids. Some users will swarm streamers chats with racist and hateful language for example one streamer who's black and uses them pronoun says they've been a frequent target. Other streamers say they see hate raids with the n. Word posted so much that other chats cannot even get through twitch has encouraged people to report those kinds of issues and says. It's planning updates later this year. To help streamers protect
T-Mobile Hacker Who Stole Data on 50 Million Customers
"T mobile thanks to the fact that the attacker a us citizen believes that he's currently outside the long arm of us law enforcement. We're now learning quite a lot about the. who what. And why of his quite successful data exfiltration attack on t. mobile and none of what. We're learning flatters. T. mobile's cybersecurity. The wall street journal turns out had been chatting with the purported attacker via telegram for some time. They've confirmed that his name is john. Binns b. i. n. s. john is a twenty one year old. Us citizen of turkish descent. Who relocated from the us back to turkey three years ago. John was reportedly discussing details of the reach before they were widely known and t. mobile received their first indications of trouble when they were notified of the breach by unit to twenty one. Be a cybersecurity. Company the monitors the dark web for their own purposes. So they saw the that. John was offering the sale of all of this data breach material on the dark web and they unit to one b. said T mobile. Do you have a problem that You haven't told anybody about so john. The wall street journal that his attack against t. Mobile was conducted from the comfort of his home in izmir turkey where he lives with his mom of turkish descent. His american father died when he was just too and he and his mom moved back to turkey three years ago when he was eighteen. He reportedly uses the online handles. I are dev and vortex with an numeric. Oh among others Among other handles and he's alleged to have an online track record that includes some participation in the creation of a massive dot net. That was used for online de dos attacks. Four years ago when he was still in the us in seventeen years old
Who Are the Belarusian Cyber Partisans?
"The first place. I want to talk about these actually. From patrick neil at mit technology review. And i think he's written probably one of the stories here About the cyber partisans in belarus. These this is the group that claimed to be hacktivists. Who ex filled a whole bunch of Data that's critical to the functioning of the belarusian. Sort of security apparatus and. Yeah he's got he's got right up really talking about this group. It's interesting stuff. Yes this is a really good return to the because we talked wasn't two or three weeks ago on the show win by. I started dropping some of the things that this group the partisans had hacked out the various interstate security apparatus in belarus. And this kind of goes back and looks at. That story has a bunch more details about kind of the makeup of the group They should be saying something. Like fifteen ish people bounce from the work in the tech industry and belarus in general and a few that have some sub security experience about what kind of learning to hack on the fly supported by a whole bunch of ex patriots involuntary ex patriot belarussian police and other state security people that fled the country after you know some of the bad things down in las relations and they end up providing support and gardens and analytics To help them go through. The process of making the most of the networks have a gangster. I think this kind of spitballing at times like it. Is this exactly what it sounds like. Is it really activists and local did initially talk about this. We came down on the side of well. This actually looks like it might be genuine kind of weird and it starts is to see some stories that back out that feel that we have at the time because we were going on. I'm pretty thin input at that at that point in the story but this is just an i was reading. This and i'm struck by this is like really walked inside a threat. Looks like you know we. We've seen so much has been made in writing about computer security over the you know the the dangers of insiders. This is really the in game of of insider when your own national government is using the people who work the mechanics of your national governments have security apparatus tuning against you and then using those tolls against the government and that's just a. That's inside three writ large and it's really interesting to see.
Dangers of Data Collected in Afghanistan
"The taliban seizure of hide that's hand-held interagency identity detection equipment biometric registration and identification devices aroused concern when it was first reported but the risks of that loss while real seem likely to be limited. Mit technology review argues. That a more serious matter is the insurgent government's acquisition of apps the afghan personnel and pay system used by the deposed governments ministries of defense and the interior. A great deal of data was collected in apps. Technology reviews sources tell it that each profile and apps contains at least forty data fields quote. These include obvious personal information such as name date data birth as well as a unique. Id number that connects each profile to a biometric profile kept my the afghan ministry of interior. But it also contains details on the individuals military specialty and career trajectory. As well as sensitive relational data such as the names of their father uncles and grandfathers as well as the names of the two tribal elders per recruit who served as guarantors for their enlistment and quote this amounts to a catalog of community connections with anyone whose name appears in a profile flagged as connected in some non trivial way to the subject of the profile. And unfortunately there are signs that the lists are being used in head hunting searches for personnel. Who served in or otherwise connected to the former government's military services apps data was unprotected by retention or deletion policies and was presumably seized intact.
Is FBI's Magic Lantern the Ultimate Keylogger?
"This malware called magic lantern. And i find it fascinating. It usually infects a computer through an email attachment. You get email which says to open the attachment and when you do zane. Your computer is infected. And what magic lantern does. Is it record your key strokes and sends everything you type back to a central system so the hackers can see everything you type now of course with a key stroke logger like this. It can pick up any message. You send the people private chats and of course your passwords to who's the shady hacking group that uses magic lantern the f. b. i. In two thousand one someone issued a freedom of information request and got back information. The fbi uses this magic lantern malware to capture key strokes on target computers. No i'm under the impression that the fbi would need to get permission to use the software like a search warrant or something so this would classify magic lantern to be a lawful intercept mechanism meaning. They had permission to basically wiretaps on one. But this sparked a debate in the security community. The question was if the fbi has legal permission to eavesdrop on someone by using magic lantern should antivirus and security companies detect and report on this activity. Of course the fbi would like to go unnoticed in any kind of stealth mission and would rather antivirus companies not alert when they see this but on the other hand. That's the whole point of antivirus software to alert. When something is going on and shouldn't be happening. F secure antivirus company based in finland said right away that they would absolutely report on this but they're in finland the fbi is in the us. Mcafee an american antivirus tools said they would not alert the user if the tool saw magic lantern trigger and that it would ignore it later. They denied saying they're saying they do. In fact alert when magic lantern is detected on a computer but this opens a door to a strange world of allies and enemies. And it's hard to know who to trust when the software you buy might be lying to you or when the fbi is busy infecting people with malware to spy on them.
3 Dimensional Wealth Radio
T-Mobile CEO Apologizes for Data-Security Breach
"An apology from a communications giant Ron Dirac Stra has the story, T-mobile told nearly 50 million customers whose personal data was stolen. It was truly sorry for the breach. In a written statement, CEO Mike Seaver says the company spends a lot of effort to try to stay ahead of criminal hackers, but did live up to the expectations they have for themselves to protect their customers. 21 year old American living in Turkey, told The Wall Street Journal. He was responsible and blame Team Mobil's lax security for making it
Atlanta's Morning News
Biden Urges Tech Moguls to Help Fight Cybersecurity Threat
"In the wake of major cybersecurity breaches. Like the one of the Alpharetta based colonial pipeline. President Biden meets with top executives from major tech and financial companies. Reporter Moussa Deka Madar says the White House wants the private sector to help toughen its defenses. Google pledged to spend 10 billion in the next five years to secure software supply chains, expand security models and train 100,000 America. And then it support and data analytics. Microsoft also pledged to provide $150 million in technical services to help federal, state and local governments with upgrading their
Cyber Security Headlines
New Hampshire Town Loses $2.3M in Taxpayer Money to Cyberattack
"Hampshire town loses millions to email scammers. The town of peterborough reported. It lost two point. Three million dollars. As a result of business email compromise scammers which redirected bank transfers using forged documents. Sent to the peterborough finance department. The compromise was achieved using fishing and social engineering techniques. The town. I became aware of the issue on july. Twenty six when the convent school district reported. It didn't receive. Its one point. Two million dollar monthly transfer the us secret service cyberfraud task force is currently investigating the attack which originated from overseas. It's unclear if insurance will cover the lost funds and it's down for the transactions can be
CoinDesk Podcast Network
Nickel Digital Sees Growing Institutional Demand in UK for Crypto
"Let's start with institutional adoption expectations. Yesterday i shared some results of a recent deloitte survey that showed just how normalized digital assets were becoming among fund managers. Today another survey out of the uk said something very similar. Nickel digital is a digital asset hedge firm that was started by former goldman sachs and j. p. morgan investors. They recently surveyed wealth managers and other institutional investors and found that more than half plan to increase crypto acid exposure between now and twenty twenty three over a quarter say that they will dramatically increase their exposure. The reason most often cited predictably was number. Go up aka. The long-term appreciation prospects of crypto assets. Now to be clear about this study only twenty. Three asset managers were surveyed so a relatively small sample size but those managers oversee sixty six and a half billion dollars in assets so it certainly not small if you're looking in terms of assets under management of these twenty-three managers nine said they'd become more confident about how digital assets work and nine cents at the regulatory environment was improving in terms of concerns sixteen still cited market structure issues of liquidity and lack of transparency so summing up a very small sample size but much in line with the deloitte survey we discussed yesterday which had for its part a much larger sample size of twelve hundred eighty
Twitch Streamers to Hold One-Day 'Blackout' to Draw Awareness to 'Hate Raids'
"Streamers are Preparing to take a day off from the platform to bring attention to so called hate raids. The Washington Post reports that a blackout is scheduled for September. 1st. It's reportedly meant to bring awareness to the fact that some users employed dummy and bought accounts to flood a streamers chat with abuse, like hateful slurs and symbols.