18 Burst results for "Lawrence Abrams"

"lawrence abrams" Discussed on Security Now

Security Now

07:32 min | 2 months ago

"lawrence abrams" Discussed on Security Now

"Garment Hack. Lawrence Abrams bleeping computer as we know, as always had a strong interest in ransomware. So I'm not surprised that his coverage of the Garmin ransomware attack was the most detailed of any I've seen nor that he's had access to some. Insiders who have reached out to provide him some extra tasty bits. Among. Other things an employee inside Garmon informed him that the initial ransom demand was for ten million dollars. Oh. Yeah. Holy Moly. Dead. Dead million dollars. Okay. We don't know what ransom was finally paid. But it seems more certain than ever. That Garmon did pay up Lawrence wrote. After a four day outage, Garmon suddenly announced that they were starting to restore services and it made us suspect that they paid the ransom to receive a decrypt her. then. Last Saturday. Lawrence posted today bleeping computer gained access to an execute, -able created by the garment it department to Decrypt a workstation and then install a variety of security software on the machine. Since wasted locker. That's the ransomware is an enterprise targeting ransomware with no known weaknesses in their encryption algorithm. Decrypt, her cannot be made for free. And remember that bleeping computer has has been sort of a focal point four. The less than well designed ransom. Where mistakes were found in the encryption which allowed for the creation of a no charge, dijk crypt door <hes> and those have been organized and are are and can be found through bleeping computer. So he said to obtain a working decryption key Garmon must have paid the ransom to the attackers and he said this is where he said is not known how much was paid, but as previously stated, an employee told bleeping computer that the original ransom demand was for ten million dollars. When extracted this restoration package? This is the one that they that they received. A copy of that had been prepared by garments it department. This. Restoration package includes various security software installers, a decryption key, a wasted locker decrypt door, and a script to run them all. When executed the restoration package, decrypt the computer and then preps the machine with security software. Garments stripped contains a time stamp of July Twenty Fifth Twenty Twenty, which indicates that the ransom was paid either on the twenty fourth or twenty fifth. Using the sample of wasted locker from the garment attack, that is the actual. The actual ransomware from the garment attack bleeping computer encrypted did a virtual machine. And tested the decrypt her to see if it would decrypt their files. He said in our test, the decrypt. Decrypt files. So Interesting was that the package received by bleeping computer included references to both the cyber security firm Ms Soft E.. M.. S., I S O. F T. R. M, m cysts, soft sorry. Emphasis soft, and the ransomware negotiations service cove wear. When bleeping computer subsequently reached out to cove where they were told that they do not comment on any ransomware incidents reported in the media. And similarly emphasise soft toll bleeping computer that they could not comment on any cases that they create decryption tools and are not involved in ransom payments. Brett callow a threat analyst at. Mc Soft said, I cannot comment on specific cases, but generally speaking emphasis soft has no involvement whatsoever in negotiating or transacting ransom payments. We simply create decryption tools. Okay. Now, that's interesting news. So it might seem odd for a reputable security firms such as m soft to to have anything to do with ransomware, but they have an interesting angle. As we know, the decryption side of the ransomware mess sometimes receives much less attention from the bad guys who need to create the decrypt her Dan, the encryption side. Consequently. The decrypt have tended historically to be buggy to crash or to for some reason, fail to fully undo the damage that they had originally done despite. Having, received a valid key. So that's where M soft comes in. They reverse engineer questionable ransomware decrypt. There's for which the decryption key is known. To create a more robust and reliable decrypt her for a victims systems. Emphasis soft ransomware recovery services, page states if the ransomware. If the ransom has been paid, but the attacker provided decrypt is slow or faulty. We can extract the decryption code and create a custom built solution that decrypt up to fifty percent faster with less risk of data damage or loss. So. This also explains why the decryption package garment finally used also contained legitimate security software. That extra security software along with improved decrypt, her may have been provided by emphasis soft or may have been. Put together by garments it. And of course, as we mentioned last week, now that evil corporate has been attributed as the creator of wasted locker and has been placed on the US sanctions list for using dry decks to cause more than one hundred, million dollars in financial damages. Paying this ransom could lead to hefty fines from the government. So do these sanctions sources familiar with cove where have told bleeping computer that the negotiation company has placed wasted locker on their own restricted list starting in early July and will not be handed handling negotiations for related attacks.

Garmin reportedly paid millions to resolve its recent ransomware attack

Security Now

07:32 min | 2 months ago

Garmin reportedly paid millions to resolve its recent ransomware attack

"Garment Hack. Lawrence Abrams bleeping computer as we know, as always had a strong interest in ransomware. So I'm not surprised that his coverage of the Garmin ransomware attack was the most detailed of any I've seen nor that he's had access to some. Insiders who have reached out to provide him some extra tasty bits. Among. Other things an employee inside Garmon informed him that the initial ransom demand was for ten million dollars. Oh. Yeah. Holy Moly. Dead. Dead million dollars. Okay. We don't know what ransom was finally paid. But it seems more certain than ever. That Garmon did pay up Lawrence wrote. After a four day outage, Garmon suddenly announced that they were starting to restore services and it made us suspect that they paid the ransom to receive a decrypt her. then. Last Saturday. Lawrence posted today bleeping computer gained access to an execute, -able created by the garment it department to Decrypt a workstation and then install a variety of security software on the machine. Since wasted locker. That's the ransomware is an enterprise targeting ransomware with no known weaknesses in their encryption algorithm. Decrypt, her cannot be made for free. And remember that bleeping computer has has been sort of a focal point four. The less than well designed ransom. Where mistakes were found in the encryption which allowed for the creation of a no charge, dijk crypt door and those have been organized and are are and can be found through bleeping computer. So he said to obtain a working decryption key Garmon must have paid the ransom to the attackers and he said this is where he said is not known how much was paid, but as previously stated, an employee told bleeping computer that the original ransom demand was for ten million dollars. When extracted this restoration package? This is the one that they that they received. A copy of that had been prepared by garments it department. This. Restoration package includes various security software installers, a decryption key, a wasted locker decrypt door, and a script to run them all. When executed the restoration package, decrypt the computer and then preps the machine with security software. Garments stripped contains a time stamp of July Twenty Fifth Twenty Twenty, which indicates that the ransom was paid either on the twenty fourth or twenty fifth. Using the sample of wasted locker from the garment attack, that is the actual. The actual ransomware from the garment attack bleeping computer encrypted did a virtual machine. And tested the decrypt her to see if it would decrypt their files. He said in our test, the decrypt. Decrypt files. So Interesting was that the package received by bleeping computer included references to both the cyber security firm Ms Soft E.. M.. S., I S O. F T. R. M, m cysts, soft sorry. Emphasis soft, and the ransomware negotiations service cove wear. When bleeping computer subsequently reached out to cove where they were told that they do not comment on any ransomware incidents reported in the media. And similarly emphasise soft toll bleeping computer that they could not comment on any cases that they create decryption tools and are not involved in ransom payments. Brett callow a threat analyst at. Mc Soft said, I cannot comment on specific cases, but generally speaking emphasis soft has no involvement whatsoever in negotiating or transacting ransom payments. We simply create decryption tools. Okay. Now, that's interesting news. So it might seem odd for a reputable security firms such as m soft to to have anything to do with ransomware, but they have an interesting angle. As we know, the decryption side of the ransomware mess sometimes receives much less attention from the bad guys who need to create the decrypt her Dan, the encryption side. Consequently. The decrypt have tended historically to be buggy to crash or to for some reason, fail to fully undo the damage that they had originally done despite. Having, received a valid key. So that's where M soft comes in. They reverse engineer questionable ransomware decrypt. There's for which the decryption key is known. To create a more robust and reliable decrypt her for a victims systems. Emphasis soft ransomware recovery services, page states if the ransomware. If the ransom has been paid, but the attacker provided decrypt is slow or faulty. We can extract the decryption code and create a custom built solution that decrypt up to fifty percent faster with less risk of data damage or loss. So. This also explains why the decryption package garment finally used also contained legitimate security software. That extra security software along with improved decrypt, her may have been provided by emphasis soft or may have been. Put together by garments it. And of course, as we mentioned last week, now that evil corporate has been attributed as the creator of wasted locker and has been placed on the US sanctions list for using dry decks to cause more than one hundred, million dollars in financial damages. Paying this ransom could lead to hefty fines from the government. So do these sanctions sources familiar with cove where have told bleeping computer that the negotiation company has placed wasted locker on their own restricted list starting in early July and will not be handed handling negotiations for related attacks.

Ransomware Garmon Lawrence Abrams Fifth Twenty Twenty Mc Soft Garmin United States Brett Callow O. F T. R. M DAN Engineer Analyst
"lawrence abrams" Discussed on Security Now

Security Now

07:45 min | 7 months ago

"lawrence abrams" Discussed on Security Now

"Code Execution Vulnerability in windows occurring when a user opens a specially crafted and militias link file which is just supposed to be a pointer to something else So this file could be this link. File could be presented to the victim on a removable drive or a remote share and when opened would execute a militias binary embedded in the link file. So it's a sort of self contained buffer overflow in a windows link file and what's significant about? This is that sink. Since link files are non execute able they are often passed over by any channel monitoring AV system in the interest of its saving time. They're they're these. Av systems are desperate not to slow things down because they're already criticized for the fact that they do in fact impede the flow because they've got to open everything up and see if anything looks bad so when they see it a link files like that's just link file we're fine and lets it. Bhai except now that so that allows them to bypass AV system protections And which makes us worse. So one of the twenty five was a remote code execution provided any windows link file then we had four memory. Corruption Vulnerabilities in Microsoft's Media Foundation. Any four of those could allow an attacker to gain the ability to install programs view change or delete data or create new user accounts on the victim's machine. None of that's good and worse a user might have run afoul of this merely by accessing militias file or a web page so it's easy to encounter counter. Attackers are most likely to try and exploit this vulnerability via spam email with malicious links attachments. And I didn't dig any further in but it sounds like we have four still surviving. Buffer overflows somewhere in the media content interpretation. We've often seen how difficult it is to get everything right in an interpreter but Microsoft's still hasn't managed to you. Leo doesn't it feel like like with curly in Bathtub. We're not making progress on this problem. I mean it's just like when is this going to end? It's a hundred and seventeen things to patch now anyway next up and I had to count them. I counted ten US so half of the top. Twenty of the important vulnerabilities were all found in. The Way Microsoft's Chakra core scripting engine. Which of course is the engine. Microsoft wrote from scratch for the first attempt at its illustrious brand new edge web browser which of course it later abandoned With an edge of course replaced the creaky old Internet explorer. In every one of these ten different instances an attacker could successfully corrupt. I've been suppressing cough for awhile. Could corrupt the victim. Machine's memory in a way that would allow them to execute arbitrary code in the context of the current user. Given that are web browsers are now the way we reach out onto the Internet and expose ourselves. I'm sure everyone is happy with Microsoft's decision to simply put their own window dressing around the open source community developed and maintained chromium web browser. But until you switch to that ten problems have been found serious remote code execution problems in the original chuck record engine for edge then. We had two additional critical coat. Palm Remote. Remote Code Execution Vulnerabilities fixed in the script. Engine that's not the J. script. Dll That's which is the old one that earlier versions of e. used but but I e eleven doesn't use but it still would get invoked. The this is Jay Script Deol which is what I e eleven now uses so an attacker could Exploit those two bugs by tricking the user into visiting a specially crafted website under eleven or by marking inactive ex-control safe for initialisation in an application or Microsoft Office document that hosts the eleven rendering engine as many of them do so these bugs. Fortunately while there's only two of them specifically require some user interaction and would rely on some form of social engineering on the attackers part although they're both rated critical and the remote and remote code execution The I go there and then load a document and then get it executed so Requires more jumping through hoops. But that's not that high bar these days so We wrap up the top twenty with to final one's Twenty Twenty Zero. Eight eight one zero eight. Three also remote Code Execution Vulnerabilities these this time. Gd I plus. They're trickier Because it's much more necessary for an attacker to get the user to jump through some hoops but Given that can be done you know. They were rated critical and Microsoft has patched them now. So I'M GONNA I'M GONNA stop talking about last Tuesday because something way more bizarre and the that had whole industry scratching its head happened last week which I decided needed. Its own treatment. And it's the the title of the podcast the SNB goes fiasco Where I don't hold Microsoft to blame it a fault in the. It's bad that they had the problem But it's a weird set of coincidences that caused them to really create a mess. So we will wrap up by talking about that. I did want to note The last week we mentioned four companies Microsoft Google Cisco and log man who are all making their various telecommuting resources available for the case of Google Cisco and log in ninety days in the chorus Mike and in the case of Microsoft One hundred twenty days. I'm sorry one hundred eighty days to help with you know minimize the impact of lifestyle changes being driven by the need for isolation. Of course. That's more important today than it was a week ago. So that's even more significant. I stumbled upon. This bleeping computer's Lawrence. Abrams is now created and has expanded upon this and is actively maintaining a page I've got a link to it in the show notes. I imagine if you were to Google list of free software and services during Corona virus outbreak. That's in the tail of his. You are L. You would probably find it. He wrote on that page. In response to the Corona Virus Cove in nineteen outbreak. Many organizations are asking their employees to work remotely. This.

Microsoft Twenty Twenty Zero Google Palm Remote Corona Virus Cove US Media Foundation Bhai tricking Leo Abrams Lawrence Mike
"lawrence abrams" Discussed on Security Now

Security Now

03:42 min | 1 year ago

"lawrence abrams" Discussed on Security Now

"To restore lost data using company backup systems, which he described as good asked by a reporter. If the company would rule out paying the demanded ransom. The CFO said the main strategy is to use backup Lawrence Abrams at bleak being computer. Who is of course, everyone's go to site for ransomware details added he said, it should be noted that while this ransomware has had high profile targets. It is not the most active one out there targeting companies and has not seen wide distribution. He said, Furthermore, it's very noisy as it consumes. A lot of CPU causes windows explorer. Her to crash repeatedly and Bork's the system he wrote enough while encrypting that you can't run normal programs of saying other words is not very stealth ful while it's doing it's it's deed. He says unless it's launched on an idol machine. It would have a good chance of being spotted. So anyway, what I had heard subsequent reporting is that they they have removed it and they are restoring from backup. So no Megan payout. Oh, and there was no fixed price, given either these guys in their in their note, they instructed the infected company to contact them and strike up a dialogue at. Yeah. And that the amount requested would be a function of how long it took to reach out and contact though. Yeah. So call today. Call gold today. That's right. So. So anyway, that's the that's the background on that attack. And we're gonna talk about windows, a by Microsoft, renaming windows defender after we take a brief break. Good timing is good because all of this security conversation. I know that you and your audience love the idea of keeping style that. That box at my favorite industrial design. Oh, so gorgeous. This is of course, the helm server, and you know, while it is an Email server right now is going to be a whole lot more. Let me let me put up Helms lower third. So you have all the information while I'm talking about. I've I'm running a home server at home. I love this thing or love the idea to. They they don't call this an Email server, though, they call it a personal server. So right now, it's your Email server using state of the art, Email technology. It's your calendars. It's your context you don't to sink them with Google anymore. But it's going to be I think in the long run a lot lot more. So this helm server has one hundred twenty eight gigs of storage, which was more than enough to hold my eleven years worth of g mail. I moved all my g mail over to it and shut down much Email and shut it down. Just put a vacation note saying use this anymore. I took the opportunity to register a new domain name dedicated domain name attached to this the helm guys are really smart other people like Steve Gibson. Who know what you need to do to run an Email server and one of the biggest problems running your home, Email serve rulers to one is your is p won't like it? And most of the time I s p's block outbound Email. Mt. People twenty-five because they think if you're sending Email from your home, computer, you probably, you know..

Bork Lawrence Abrams CFO reporter Megan Mt Google Helms Microsoft Steve Gibson eleven years
"lawrence abrams" Discussed on KTRH

KTRH

06:00 min | 1 year ago

"lawrence abrams" Discussed on KTRH

"Steam cleaning the top story this hour two years in the making now attorney general William bar is released a letter that summarizes special counsel Robert Mueller's report, here's FOX's Jake Gibson. The special counsel's investigation did not find the Trump campaign or anyone associated with it conspired or coordinated with Russia in its efforts to influence the two thousand sixteen presidential election and bar further concluded that the evidence developed during the special counsel investigation, not sufficient to establish that the president committed any obstruction of Justice. Congressional lawmakers though from both parties they're calling for the full report to be released or calling bar into question. Of course, large parts of it are. Underlaw not able to be released because they're classified. Well, the election isn't until next year, but they're already predictions get this of a landslide win for President Trump in. Here's KTAR Saunders. Live to explain those predictions are coming from the same economic models. Have predicted Trump would win three years ago. Don Lusk in a trend macrobiotics lyrics research from that actually predicted the Trump win till KTAR H Y a second Trump term in a landslide is more than likely. The economy is strong on election day at twenty twenty as it is today. Trump is gonna win by a larger electoral college vote margin than Obama did in either of his elections which were considered land flights. But isn't this premature won't Democrats do everything in their power to stop economic growth? Lufkin says yes, but it's too late for them. Trump's ongoing deregulatory agenda, the gradual repopulation the supreme court with less. Regulator friendly justices. These things all point to confidence and bigger growth in the future. In other words, anything the left would try to do between now and twenty twenty is too little too late. Thank you very much, Mr. cliff. Do you think the strong economy assures, President Trump a landslide victory in twenty twenty dedicate era shot com sound off on our Facebook page democratic voters meantime, more interested in nominating? A candidate who can beat President Trump them one. They even agree with on the issues. According to a USA today Suffolk university poll fifty five percent of democratic respondents prefer electability over ideological purity. They're not even opposed to a candidate who endorses socialism. If that person can beat Trump man, that's just insane. No that's called hate. Our news time right now, seven four students affected by last week's fire and deer park will return to school today. Cleanup efforts continuing at the I T C facility started burning last weekend additional flare ups occurred as late as Friday, the US coastguard has closed seven miles of the Houston ship channel after nine toxins were detected in water samples. They've also deployed more than twenty seven thousand feet of booms to contain the leak after that dike wall collapsed on Friday. Texas, lawmakers could be pulling billions of dollars out of the rainy day fund to cover expenses for hurricane Harvey relief school finance reform and property tax relief Rice University political science, Professor Marc Jones, says the spirit of the rainy-day funds was for unexpected one time expenses not recurring expenses using them to fund ongoing school finance reforms and essentially paying for public schools is somewhat problematic because you can use them this cycle. There's no guarantee that they'll be there. The next cycle which will just create a whole for the future Texas has the nation's largest rainy day fund with roughly eleven billion dollars. Audrey more NewsRadio seven forty tear each. Our news time now seven oh five three Texans scheduled to appear in federal court in Boston today to face charges in the nationwide college admissions bribery scandal, they're calling it varsity blues former Yates high school, teaching assistant Nikki Williams and Houston tennis, coach Martin FOX allegedly playing a role in getting the children of wealth. Parents into elite colleges. Former university of Texas tennis coach Michael center was fired for allegedly accepting a one hundred thousand dollar bribe to falsely designate a student as a tennis recruit who is trying to get into UT. Well, there is a move on the left to lower the voting age to sixteen. How will that turn out scientists in the UK those people don't actually even reach adulthood until their thirties? Researchers studied the brain and nervous system the age at which you become an adult is different for everyone. Some eighteen year old still going through changes in the brain that can affect behavior and make them more likely to develop mental health disorders. I think that's pretty normal physical peak about twenty eight or twenty nine. Don't get there to later. So let me for Houston psychologist Lawrence Abrams says you don't just go from childhood to adulthood, there's a period of growth between the thinking is usually more superficial. They don't have the experience make judgments as well as older people, and that's one of the conceptual material experience understanding the world going around. There's also been a shift of sentencing guidelines for younger criminals as well. Nick ranking bitch, NewsRadio seven forty Katy Perry. Just made the case for raising the voting age that lowering. Yeah, what would turn out you raise it to thirty. That would be interesting. Wouldn't it? We'd get a lot more conservative in hurry. When we well. I was of the generation there were so many people being drafted into the Vietnam war. Now, how could you send them off to fight and maybe lose their lives and not let them vote. So there's always that military. Sure sure, it's not a huge percentage of the population anymore. It's now seven oh, seven one democrat annotate also promoting the idea of a universal income. How will that work will businessmen candidate Andrew Yang proposing a thousand dollars a month paycheck, everybody to basically, do nothing. Just astounding that anybody would propose something so expensive that just essentially bankrupts the government right off the bat is bankrupt the government business analysts Spencer. Mcgowan says this sounds like a gimmick in order to buy votes. He says it's irresponsible.

President Trump Houston special counsel Texas USA twenty twenty tennis Robert Mueller Underlaw president KTAR Saunders FOX William bar Don Lusk Jake Gibson attorney Facebook
"lawrence abrams" Discussed on KTRH

KTRH

05:27 min | 1 year ago

"lawrence abrams" Discussed on KTRH

"Findings. Okay. How could you obstruct Justice? If you didn't commit a crime bar. Andrew scored that the special counsel states said quote, while this report does not conclude that the president committed a crime. It also does not exonerate him and quote leaders in both parties nonetheless calling for the release of the full report the election isn't until next year. But they're already predictions of a landslide win for president. Trump and Katyushas Cassandra's is live to explain the predictions are coming from the same economic models. That predicted the Trump winning twenty sixteen now done Lufkin with Trend Micro lyrics. That's one research firm that predicted his victory three years ago. To- KTAR H Y A second. Trump term is more than likely the economy is strong on election day at twenty twenty as it is today. Trump is going to win by a larger electoral college vote margin than Obama did in either of his elections, which were considered land fight. Isn't this premature won't Democrats do everything they can to stall economic growth Lufkin says? Yeah. Yeah, they will. But it's already too late for them. Trump's ongoing deregulatory agenda, the gradual repopulation the supreme court with less. Regulator friendly justices. These things all point to confidence and growth in the future. In other words, anything the left would try to do between now and twenty twenty is a story of being too little too late. I don't know kind of pulled it off at the last minute under George Bush. Didn't they do you think too strong economy assures President Trump a landslide victory in twenty twenty? That's our question today. KTAR dot com. You can sound off on our Facebook page. Meantime, those voters on the democrat side, they're more interested in nominating. A candidate who can beat President Trump in one day agree with on the issues as according to a USA today Suffolk university poll fifty five percent of democrat response respondents prefer electability over ideological purity. They're not even opposed to a candidate who endorses socialism as long as that person is seen as capable of unseating. President trump. Our news time now five oh four three Texans scheduled to appear in federal court in Boston today. Facing charges, the nationwide college admissions bribery scandal former Yates high school, teaching assistant Nikki Williams, Houston, tennis, coach Martin FOX allegedly played a role in getting the children of wealthy parents into a. Elite colleges. Former university of Texas tennis coach Michael center was fired for allegedly accepting a one hundred thousand dollar bribe to falsely designated student who is trying to get into UT as a tennis recruit. Well, there is a move on the left to lower the voting age to sixteen but scientists in the UK say people don't actually reach adulthood until their thirties. Researchers who studied the brain and nervous system city agent, which you become an adult is different for everyone. Some eighteen year old still going through changes in the brain that can affect behavior and make them more likely to develop mental health disorders normal physical peak about twenty eight or twenty nine. We don't get there to later. So let me for Houston psychologist Lawrence Abrams says you don't just go from childhood to adulthood, there's a period of growth between their thinking. He's usually more superficial. They don't have the experience make judgments as well people do and that's one of the conceptual material having that experience understands the world going around. There's also been a shift of sentencing guidelines for younger criminals as well. Nick ranking bitch, NewsRadio seven forty KTAR h still working on that adult thing. I'm almost there. I think. Thank rush you've raised to adults. No, it's my second childhood. Maybe so one democrat candidate promoting the idea of universal income is businessman candidate, Andrew Yang proposing a thousand dollar a month paycheck to everyone basically to do nothing. Just astounding that anybody would propose something so expensive that just essentially bankrupts the government right off the bat. Well. Two thousand dollars about twelve grand a year. What does that gonna do for your average person? What are you? What are you can buy for that not a lot, and where's the money coming from kiss gonna print it this is analyst Spencer by gallon? That's who you just heard says this sounds like a gimmick to buy votes. He says it's irresponsible to keep people attached to the government handout, adding it would discourage future business and innovation. Our news time five oh seven Houston Cougars advanced to the Sweet Sixteen with a seventy four fifty nine win over Ohio State in the NC double A tournament there. One of two Texas teams still in the big dance. Texas Tech also moving on after beating buffalo seventy eight fifty eight now the red raiders are going to be facing Michigan on Thursday in Anaheim. Houston has a Friday match up with Kentucky and Kansas City. Tune into all your Cougars action on K P R C nine fifty rockets beat the pelicans one thirteen ninety James harden leading the way with twenty eight points a team will be in Milwaukee against the east leading bucks tomorrow night. Houston Astros, wrapping up spring training in Florida with a five three win over Washington. Now, they're going to be a minute maid park. Today and tomorrow for an exhibition series against the pirates the new backpack ban, by the way, the ballpark going into effect tonight. Coverage will start at six fifty five and sports talk seven ninety year. First pitch at seven ten. I'm sheriff Ryan Houston's news, weather and traffic station. Newsradio seven forty K T R.

President Trump Lufkin Houston twenty twenty Andrew Yang president Houston Astros tennis Ryan Houston George Bush Facebook Trend Micro Houston Cougars special counsel Boston Obama Katyushas Cassandra UK university of Texas
"lawrence abrams" Discussed on Security Now

Security Now

01:48 min | 1 year ago

"lawrence abrams" Discussed on Security Now

"So. So definitely very cool. And this was a neat trick. I'm not sure that I have a use for it. But it's another thing that I wanted to sort of adds to our listeners bag of tricks. This is from be bleeping computer's, founder Lawrence Abrams. He discovered that it was possible to use either chrome or fire FOX in a headless fashion. That is no you I shown to to use the browser to render the image of a remote websites page by URL and save the page rendering to a image file all with with never launching the browser itself. Which is kind of interesting in the show notes. I've got a link. To bleeping computer's post about this. Or you could just go to bleeping, computer dot com and re down through the chronologically posted. I comes in order to find software, and or sorry, chrome and fire FOX could take screen shots of sites from the command line. Anyway, basically, you the ideas you in a, Yup. Up a command window, and you give the you need to like give it the path to chrome wherever chrome dot XY is located then dash dash headless space dash DASS screen shot equals..

FOX Lawrence Abrams founder
"lawrence abrams" Discussed on KTRH

KTRH

04:00 min | 1 year ago

"lawrence abrams" Discussed on KTRH

"Tell us what you think on our Facebook page. Our news time now is five four. Well, they're not wasting any time. The battle has in sued the house led by the new speaker, Nancy Pelosi, the Democrats passing a package of bills that would fund six special agencies Recep timber approving money for the department of homeland security that does not include any money for the wall. Secretary of state Mike Pompeo, telling KTAR to Sean Hannity on Fox News. The wall is a must border security is an important part of American sovereignty and keeping Americans safe. There is a central role to make sure that we know who's coming in and what is coming into our country. Yeah. Senate majority leader Mitch McConnell, though has said he won't bring any Bill to the floor for a vote that does not have the support of the president. He won't get the votes in the Senate. And so the Democrats all they did was a show a show Intel Texas may be one of the largest states in the union, but still one of only four whose own lawmakers meet every other year, the kind of like it that way to tell you. The truth is unlikely to change anytime soon. Texas is part time legislature dates back to the states founding fathers who believed in so-called citizen lawmakers, but some argue it keeps Texas a beater two behind states that meat year round hat necessarily ride herd in a rapidly changing situation. Sometimes the legislature isn't here to react to that. And that's been something of a disadvantage for infrequent sessions. Ross Ramsey at the Texas Tribune says so far though it's worked for nearly one hundred seventy five years the advantage of having biennial sessions instead of constant sessions is that the legislature is not always making law. There's no time for them to mess around and do busy work. Texas. Lawmakers earn just seventy two hundred dollars per year plus one hundred ninety dollars each day. They're in session. Nick ranking bitch. Newsradio seven forty. It's now five oh, six boy. This is a big change in Texas history. The co founder of Southwest Airlines has died. Herb Kelleher he used. A cocktail napkins with his co founder rollin king in nineteen sixty six to brainstorm a low-fare airline that revolutionized the industry. Kelleher was eighty seven the airline. Did not reveal the cause of his death that you can thank love field. Hobby airport and the growth of Southwest Airlines. All because of that guy. Her Kelleher has died. Search continuing for the killer of seven year old jasmine Barnes from some big names stepping up to help out the family, Houston, Texas wide receiver. Andre Hopkins said he'll dedicate the playoff game against the colts sfjazz mean and donating his check from the game to help the family basketball legends, Shaquille O'Neal, also donating money to help cover the cost of the funeral. Harris County sheriff's office has released a composite sketch of the man they believe is responsible for killing seven year old. Jasmine Barnes police have a man in custody after in the death of his three children and shooting of his wife in Texas city Junaid mood called nine one one to turn himself in a few hours after police found the three dead children in an apartment along with a woman who'd been shot in the head. The children are five to an infant the woman now in stable condition, though at a local hospital our news time five oh seven while odds are you're going to make a first impression on someone today. And you're not gonna have very much time to make it positive. Less time than it'll take me to tell you. It's twenty seven seconds max or for Dr Lawrence Abrams to tell you size matters figure. People particularly have to have a reasonable look on their face or they become threatening. Because it's all about looks the five things you need to know to make a positive first impression smile. Be polite. Listen make eye contact and don't stink sent is one of the most lingering impressions, we leave. Nikki Courtney NewsRadio seven forty KTAR H O we needed to know that James harden gets it done again as the raucous take down the defending NBA champs. Shoot..

Intel Texas Herb Kelleher Texas Southwest Airlines Mitch McConnell Texas Tribune Senate Facebook jasmine Barnes Nancy Pelosi Mike Pompeo Fox News co founder Sean Hannity department of homeland Harris County Ross Ramsey James harden Shaquille O'Neal
"lawrence abrams" Discussed on Security Now

Security Now

05:09 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"Mellon University to deal with future security attacks. But the worms biggest legacy to date. Was it started away? After that. It started wave after wave of computer and internet attacks. He said if Robert Morris hadn't done it someone else would have. But regardless today, we live in a world where a day doesn't go by without a serious attack. So thirty years ago, Leo. Wow. Wow. And speaking of not a day going by. Lawrence Abrams at bleeping computer, brings news of a crazy. New ransomware that calls itself common. Ransom. And I would argue as does Lawrence that actually he says absolutely under no circumstances. Never ever. I'm thinking. You know, we'll take it as a challenge. So here's the deal that the ransom note for common. Ransom reads. Hello, dear friend. I love this notes. There's so funny. Exactly. Hello, dear. Fred, your files were encrypted point. Yeah. Yeah. You're a really a good friend. You have only twelve hours to decrypt it in case of no answer our team will delete your decryption password. That's right because we're your friend, your friend, and it says right back to our Email old at nuke dot Africa. And then it says in your message you have to write this ide-. And then it provides in the in the note the victim ide- for your machine. So you identify yourself to them by your victim ide-, then get this the IP address and port of the RDP service. That is the remote desktop protocol of the infected machine they want permission to remote into computer lease to fix. I'm not kidding Leo to Vic to to disinfect it number three, the username and password, having admin rights. I know this secures worse than the fix. And then that of course, he's was. Yes, that course was exactly Lawrence's point and the time of day when you have paid point one bit BTC point one bitcoin. So what's at around eight six hundred and fifty US at the moment because bitcoins Huck had been hovering around sixty five hundred dollars to the following bitcoin wallet. And then you give you the bitcoin address. They says after payment our team will decrease your files immediately. Meaning they will remote onto your machine and Lawrence points out that at that point your screen goes blank because windows workstations only allow one interactive log in at a time. So they acquire it you get logged out. They now have admin rights on your machine, and you can't see what's going on. So. Oh, Lord only knows what's going to happen. So okay. So first of all who the heck is going to give bad guys a remote desktop protocol connection to this machine. If you're to be infected by this nightmare. The best advice would be what Lawrence Abrams at bleeping, computer. Who I will argue is the industry's leading expert on ransomware. Joe don't don't even consider this. But okay, what if you absolutely absolutely absolutely had to have some files off of that machine? So obviously, the best advice would be not to get yourself infected in the first place. But if that ship has sailed, and you have no backups, and you absolutely have to. Okay. So as I said sort of as an exercise what we're not which we're not recommending, I would say take everything absolutely everything else off your network. Since so many things are these days WI fi connected, perhaps changed the WI fi password and reboot your router. So. What if you took the router out and direct connected, the computer Jedi internet, and then that way, you're on. I think that's probably a better idea. Leo, I like that better..

Lawrence Abrams Leo Ransom Robert Morris Mellon University Vic Joe WI US Fred bitcoins Huck Lord sixty five hundred dollars thirty years twelve hours one bit
"lawrence abrams" Discussed on Security Now

Security Now

04:37 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"We also talk about all the latest Security News, tech news, maybe even explain how some of this stuff works. Thanks to this guy right here. The explainer in chief, Steve Gibson ellos the've man, star LaPorte dough. Be back with you again this week for our six hundred eighty fifth episode now. Yeah. So the thing that caught my interest and I want to do this more as a discussion just sort of the pros and cons because I think it will be interesting. My my promotion of the idea of auto updating routers has generated some controversy, but this particular news will probably generate additional controversy. So controversy is good. That's why it's the title of the show. Good Samaritans. With a question Mark, it turns out somewhere. We don't know where we, oh, wait. I think he's Russian-speaking or is a very go. There's a Russian speaking good Samaritan question Mark who claims to have and there's been some confirmation so far patched more than one hundred thousand of the vulnerable. Mike. Grow tick routers without their owner's knowledge or permission just saying, well, I'm gonna fix this for you. Taking resume of the exploit in the first place, right, to get in there to Bassett. Yes, exactly. And then essentially, what he's doing he he's not updating firmware. He's installing firewall rules to prevent additional exploitation, and there's a lot of, you know, there's a lot of sides to this because, well, we'll discuss it without interests without stepping on our own lead. We're also gonna talk about just briefly note as you did at the end of MAC, break, weekly, the death, sad, death. I don't know if at death is ever good. I think it's anyway. This case is sad, Microsoft co-founder, Paul Allen passed away yesterday at the age of sixty five. Also, we're going to revisit some of the things we've been talking about recently just for some follow ups. The Bloomberg China's supply chain hacking report, which is continue. To be controversial. We there some additional news on Microsoft's October patching fiasco. It's hard to characterize it as anything, but a Facebook revised downwards their the number of people who were breached and had their private stuff stolen from them and all my God, Lawrence Abrams over at bleeping computer said seven. That was so funny I every time I think about about their revision, it makes me chuckle so we'll share that we're going to look at the end of t. l. LS versions. One point zero and one point. One explore Google's edition of something known as control flow integrity, which was added for the first time to Android. Nine. Take a look at a GAO report about the very sad state of the US department of defense, weapons cybersecurity that actually had some bit of humor in it. Well. Yeah, it did. I was trying to think whether it came from reporting or report self, but no, as it was in the PDF we're gonna look at the implications of the forthcoming end of life of PHP five point x ads at the end of this year, and that's got could be a problem. We'll take a quick look at an av comparison test. Recognizing as we always do that. They're always a little suspect because you gotta wonder, well who contract it for that, but it was interesting. We're gonna do if we have time entertain a few bits of feedback from our listeners, including one from John McAfee, who I don't think is a listener because. He would be smarter if he was a listener. And then we're going to consider as I mentioned the implications of gray hat vigilante hacking of other people's routers ostensibly or by intention to fix them. So, and then of course, we have our typical fund pitcher of the week. So I think another great podcast.

Mark Bassett Microsoft Steve Gibson Lawrence Abrams John McAfee Facebook US department of defense Google Bloomberg China Paul Allen Mike co-founder GAO six hundred eighty fifth
"lawrence abrams" Discussed on Security Now

Security Now

04:35 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"And what was I going to while you're thinking? Let me just show you what apple has decided in this regard. So I have it checked right now show full website address, but I can unchecked that. And then instead of seeing up here the fully qualified address, I'm just going to see Twitter, yes or Twitter dot com. If I turn that on, I'll see this long you are on, you know what's missing is the actual URL for the site. It's just showing your on Twitter, you can if you copy it, you will get the fully qualified you are l. and everything after it. Yeah. Well, and you know, Leo part of the, I think, partly this is also a reaction to how incredibly ugly URL's com. Yeah. I mean, like do really want to see this, but you could make the argument I could make the well. Yeah, but I need to know this is the verges account, and this is a particular status from the verge instead of just a generic bland. I'm on Twitter. Dot com. At least apple choice here, but I don't fan so giving the user choice yet there's a fault is by the way, the simplified version and I bet you ninety nine percent of MAC users don't even know that they like the system. So. So so what's interesting is that apparently Lawrence Abrams oblique bleeping computer picked up on this. Apparently Google is experimenting with the same thing on their search results. In his posting, Lawrence wrote Google really wants to get rid of the WWW sub domain. He's as I, we had Google removing WWW in chrome sixty nine address bar, and now there's some tests underway to remove it from search results as well. He wrote. I was first alerted to this when one of bleeping computer's reporters noticed that the bleeping computer domain was showing up in Google search results as just HTTPS, colon slash slash bleeping computer dot com. Although officially it is WWW he said, when I checked from my end, though it was showing it listed as normal with, you know, WWW dot bleeping computer while researching this behavior. I found many dome. Maine's where Google was removing the WWW sub domain in the search results. Once I performed a refresh of the page, meaning the search results page, though the normal WWW sub domain would be listed. Again, in some cases I could refresh over and over. He wrote and the results would switch back and forth between WWW and non WWW. Ultimately, he says, I could not get bleeping computer dot com to show the non WWW version. So I found another site that was also performing this behavior. When I searched for Pailate Palo Alto networks, it showed the domain listing without the WWW sub domain. If you clicked on the search result, the site would perform and this is interesting to me a three. Oh, one redirect to WWW which means they weren't just changing the visual. They were actually they were choosing not to have to the URL itself, did not have the WWW in it. So that Palo Alto networks was doing three Owen redirect over to WWW. He says, which is the sites desired behavior. He's had on a refresh of the search result page. The normal WWW version of the are uphill appeared again in the search results. This time, though the site links have been changed. He said to a smaller display on the under the domain description. So any goes on. But my guess is as we know Google has a massive server farm and he was probably getting different servers picking up his query when he refreshed and some of them for whatever reason were not showing WWW and others were so an. And he, he did ask Google. He got no response from Google one way or the other to like what they were doing and what was going on. But we, we do look like we're in some sort of flex here with whether or not or how Google is going to treat. You know the WWW prefix on domain names. Inter- it's an interesting question because. And I would hope this isn't..

Google Twitter Owen Lawrence Abrams apple Palo Alto Pailate Palo Alto Leo Maine ninety nine percent
"lawrence abrams" Discussed on Security Now

Security Now

02:55 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"And or commands can download additional files, exfiltrated anything receive commands. As I mentioned via PDF Email attachments and is e set, said, highly resistant and resilient against take down. So an interesting and sort of unsuspected command control channel, basically your your MS outlook or your the bat client are compromised. And when someone sends that person a compromise deal l. that gives them command and control, and then a PDF is packaged up and sent back out as. As as by by way of response. So it uses PDF's as the transaction mechanism and has accessed anybody at managed to get infected. Wow, okay. We talked about last week. We had fun with the idea of chrome not wanting to be injected into, and and that coverage was brought to us by bleeping computer, of course, and leaving computer as we know they, I got onto our radar because they were really the guy the go-to website. Lawrence Abrams is the is the founder of bleeping computer. They were the go-to website for crypto malware and were like the first really good information about that. So they reached out to a bunch of av companies with whom they maintain, of course, good relations because you know, that's that's their business bit. Defenders Bogdon looks like boat Zach to be OT easy a. t. you who's a senior east threat analyst forbid defender toll bleep. He computers reporters that as of last Monday, August twentieth bit defender would no longer be monitoring chrome sixty six and subsequent versions with their anti exploit technology bogged and said, quote, starting with the chrome six, the chrome browser version sixty six Google has gradually rolled out. New feature that prevents third party software from monitoring the applications processes? Well, we know that's not quite true. It's that it's beginning to notify users. If if the browser crashes and then has a as a list of things that might be culprits. Anyway, he says, while this measure ensures that rogue applications do not interfere with the Google product, it also prevents security solutions from inspecting the browsers memory in search of.

Google Lawrence Abrams Bogdon founder analyst Zach
"lawrence abrams" Discussed on Risky Business

Risky Business

04:14 min | 2 years ago

"lawrence abrams" Discussed on Risky Business

"A whole windows domain drop into chrome as shell and get like a crime boss like experience, but on Linda's, maybe that's where things a hitting a minute. I could say Google, bring pretty Kane on that. I can imagine Marxist being less came. Now, look shout out to Lawrence Abrams who write the story for bleeping computer because he wasn't really getting much in the way of answers to his questions from Google. So we into the sauce. Yeah, good on according to the bible, and he's the guy who founded and owns computers. So clearly kind of knows what he's doing a little bit. And yeah, go to see him digging install scripts to figure out what it was doing all that kind of thing. Yeah, good book. That was a nice pick up for sure. We've got some more threats threat threat threat stuff to talk about here at Amanda griped from the verge looking at what they had describing as an international hacking network, the way that they were owning the companies that distribute press releases to front run the market and basically do inside trading. It's pretty interesting right up. Yeah, it's a great in depth piece talking. You essentially a bunch of Ukrainian Christians immigration the US, and then ended up running this running the scam where some ACA, somebody were breaking into Businesswire and that kind of people stealing these press releases and then selling access through them. One hundred thousand dollars a week kind of thing. And. And people were trading ahead of the market. According to the right up, made something in the order of a hundred million dollars possibly more during this kind of thing, and then used it to fund building churches and Georgia and stuff like Georgia in the US, not lot them suburb barbeque, but, but it's really kind of a bizarre story and you load the great details. I'm there's one bit about one of the Ukrainian hackers that was quite involved in in actually doing the hacking who gets. Bench of USA if we are investigating they send someone across the talk to this guy, extradite him, and then the Ukrainian intelligence apparatus picks them up says, you're going to do the same thing for us. Now we're going to trade on that information, hit the market, and thanks very much for your service. Yeah, it's just a, it's an amazing story and right up, and it's really nice seeing. We see often when we're talking about this kind of crime. We already saying one little snapshot in time, one little bit of it and seeing the whole story kind kinda into and is really good, good. The context when you're doing stuff to think about all things differently with they did screw up some people for trading on the information I didn't. I, yeah, they ended up getting a bunch of people that were in the US rolled another one of Ukrainians that was on a holiday in Mexico, a home gonna make skins to pick them up, say that he was being deported back Ukraine him and have little side trip to Dallas, Texas. On the way this has isn't crying. What the hell? Yeah, that's another did they certainly roll up a bunch of people, but at least a couple one or two of the hackers in question still kinda going about their business in Ukraine, really good right up and the some cooperation of the, you know, the involvement of the agrarian intelligence apparatus in profiting off this in once it was it into which you know is is not particularly. Now. Listeners sent me this one, and I think it's just spectacularly hilarious and potatoes to some of Lazarus crews, more novel ways of fundraising. Adam, yes, North Korean friends have been owning up people who run crypto currencies, which makes a lot of sense for them, great things to steal. They appear to be running a like a company that makes peace of trading software tried in cryptocurrencies. They're making a piece of trading software, and then it's legit trading software that legit works. And then when you update it, which happens when a matinee stole it also. Stole a little bit of a bit of the old back door that then gives up your access to the North Korean supremely if I can steal money bitcoins or whatever things that you have is a bunch of interesting kinda August. But attribution, he has a few components that share share bits previous Lazarus group operations. Previous is a particular component full chill that we've seen used by them going back number of years in some common components..

Lawrence Abrams USA Google Ukraine Kane Lazarus Linda Amanda Georgia Businesswire cryptocurrencies Dallas Mexico Texas Adam One hundred thousand dollars hundred million dollars one bit
"lawrence abrams" Discussed on Security Now

Security Now

03:18 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"Pee with a super long cash value. So it's not an notice. It's not just the user of that who made that request. But what's happened is it's poison the cash for the recur sive DNS server that might be used by all the customers of a given ISP so it can have long lasting, very broad and sweeping implications. We're talking about very clever weaponized attack that uses BGP as as one of its parts, and then along cashed DNS record to put the cherry on top or the icing on the cake. So anyway, oracle concluded there. They're posting of this Security News by saying, if previous attacks were shots across the bow, the that is b.j EP attacks. These incidents show the. Internet infrastructure is now taking direct hits and they right. Unfortunately, there is no reason not to expect to see more of these types of attacks against the internet in the future. And this is an example of where DNS is being exploited, where the only SIS, the only solution that we have for this exploitation is an at will be the use of DNS sec. DNS would securely signed the records, and there would not be away in the instance of this kind of rerouting spoofing for the spoofer to to spoof the records as long as the recipient knew that the that the site records were. Signed by the DNA sec. And in fact, the the thorough Tate of record for that domain woods would specify that that the, you know, in this case GRC dot com. For example, that the GR c. dot com domain was supporting DNS sex. So as as we also talked about recently de the progress toward DNS sex stalled about five years ago and is not moving forward slowly. I don't know how this Olten happens is just gonna take time. But until that happens, we're vulnerable to this kind of exploitation. And I had here in the notes. This comment about the issue of poor windows, ten update experiences. I think we've pretty much covered it. Lawrence Abrams of bleeping computer posted his note about Susan Bradley who's a well-known, Microsoft MVP eight. She's been MVP for eighteen years, polled a whole bunch of people. She put together a an open letter to Microsoft executives such an della, Carlos Pacheco, and Scott Guthrie about the frustration that windows.

Susan Bradley MVP Microsoft Carlos Pacheco Lawrence Abrams oracle Scott Guthrie eighteen years five years
"lawrence abrams" Discussed on Security Now

Security Now

05:40 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"Hash cracking tool that is able to enlist the aid of GP us and gets really high. Hash based cracking rates. He was poking around a w. p. a. three, the forthcoming next version of WPA where at everyone knows where WPA two now and the beleaguered, how why? Feis security specification. And we were talking about WPA three a few weeks ago that will eventually it'll come out. I was excited about it because I got teased by the by the fact that looked like the specs Ron line. But all they were was like the table of contents and it's like nandonet is like, okay, fine. So we don't get. I don't get to take a look at it yet, but the the problem is that unless all of the existing devices are retrofit, then it's doesn't do us a lot of good even when WPA. Three certified routers eventually occur. It isn't clear that WPA two routers will be able to upgrade their firmware to WPA three. I, I don't know one way or the other, but you know, the wifi allowance alliance is all about certification and stamps, and trademarks and nonsense which shouldn't have. There should be none of that in something in a protocol as important to the world as as you know, wireless Ethernet access, but it is. That's where we are. So so, but but even if routers could get updated or when they're eventually replaced, all the other devices need to be updated to. And you know, it's not clear when I o t light bulbs are get get themselves up data. So we're stuck with WPA two for the foreseeable future. What the author of hash cat. Tripped over just I mean, like this has been sitting here for years and no one noticed it is a significant advancement in, I guess we'd call the state of the art in WI fi network password, cracking which makes it enough easier that everyone's going to be doing it a boy. So yeah, that's the topic of today's podcast, but we got a lot more to talk about. We've got another new and diabolical router hack and attack reds discovery that SMS based to factor at that occasion is insufficient. Oh, who knew? Well, of course, all of our listeners new wannacry refuses to die and knocked a major acted the largest company and Taiwan off of its manufacturing cycle for a weekend. And we have a interesting piece of research study that was done about law enforcement's use of forensic resources that has some surprises. We'll talk about and Bruce Nyerere weighed in on that as well, a new in very clever BG p based attack. We were talking about how that Portuguese ISP was finally frozen off the internet at after years of selling BGP chunks of IP four space. They didn't own to spammers. This is different ad and diabolical. Again, these attacks are getting more clever. An interesting survey was done Lawrence Abrams who's the founder bleeping computer has a good friend who's a long standing MVP of Microsoft. Who did a survey took a survey of windows ten update, actually sort of dissatisfaction. That is the snap from bleeping computer's coverage is the picture of the week. We'll talk about that just briefly because as a consequence of this bears on us because people are disabling it, which of course ends up having security consequence. Google has advanced their state-sponsored attack notifications. In an interesting way. Also the intercept got wind of Google's new project Dragonfly, which I'm sure you and your crew talking about tomorrow with Jeff Stacy. We have a highly targeted and amazingly powerful ransomware campaign. Some closed, closing the loop feedback from our listeners, and then we're going to talk about this soup. Essentially, something that's always been possible. Nobody noticed in the existing WPA two protocol not WPA three that the hash cat guy acknowledges that if it ever happens, they finally really did solve this problem probably. But. It's going to be longtime coming. In the meantime, we hacking WPA, you know, WI fi access point passwords. Just got a lot easier. So I think another great podcast..

WI Google Ron line Bruce Nyerere Taiwan Lawrence Abrams Jeff Stacy Microsoft MVP founder
"lawrence abrams" Discussed on Security Now

Security Now

05:51 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"Hardback and free for audible trials so i you know i really think it's card guinness titled the perfect weapon war sabotage and fear because it's just out there aren't many reviews on amazon but one that caught my eye i wanted to share from someone who is himself an author he says i came to this book the long way around knowing that i had just published a military thriller in which north korea crashes the electrical grid for the greater dc area my brotherinlaw sent me a link to david sanger's recent interview on npr regarding this book he said listening to mr sanger confirmed some of the scariest parts of my own research i discovered that my fictional scheme for robbing the us government of lexical power is uncomfortably similar to an actual cyber attack that flatlined large segments of the ukrainian grid in two thousand fifteen far from being worse case imaginary scenarios some of the concepts i've written about he writes have already played out in the real world usually in countries distant from the united states and under circumstances that either don't make the news or don't create an impression on the public consciousness he says i burned through this book in less than a day the perfect weapon has the page flipping intensity of the best techno thriller novels with the gravitas of meticulously sourced nonfiction if i had to sum up this book in one word it would be terrifying he says with true stories from the cyber sabotage of the democratic national committee to the penetration of the white house computer networks this book is a wakeup call for our technology dependent civilization i just hope we don't hit the snooze button and go back to sleep so okay so that's the book david sanger is like the real deal in a serious old school journalist so that makes this controversy which has arisen interesting bleeping computer are our friends lawrence abrams and his team have some terrific coverage of this that helps to sort of summarize this bay said that s cyber security firm fireeye has denied claims that had been ramping up on social media all of last week about illegally hacking back a chinese nation state cyber espionage group the claims and social media discussions started after the publication of the perfect weapon and they go on to explain what that is what we just talked about that he says in and been a bleeping computer writes in the book sanger recounted a series of events from twenty thirteen in the lead up to fire i publishing a report called a pt one exposing one of china's cyber espionage units and actually we talked about this at the time as one of the things that we covered on the podcast five years ago and then bleeping rights at the time the report was a landmark moment in the cyber intelligence community as it exposed the activities of chinese hackers in depth of detail like never before even going as far as pinning the hacking on unit six one three nine eight of china's people liberal liberation army the pla an attribution level unheard of at the time okay so what sanger wrote and i have a there's in the show notes for an for anyone who's interested is a is a link to a tweet by thomas rid who's a political scientist known for his work on the history and risks of information technology in conflict he's also a professor of strategic studies at johns hopkins university school of advanced international studies so he was was the one who sort of brought this to light snapping some pieces of sanger's book because what david sanger wrote was ever resourceful mandy and ceo kevin mandy as staff of former intelligence officers and cyber experts try to different method of proving their case they might not be able to track the ip addresses to the tongue road high rise itself but they could actually look inside the room where the hacks originated as soon as they detected chinese hackers breaking into the private networks of some of their clients remember this is mandy and previous to the acquisition by fire i by by fire i mostly fortune five hundred companies mandy is investigators reached back through the network to activate the cameras on the hackers own laptops they could see their key strokes while actually watching them at their desks he sang a writes the hackers just about all of the male and most in their mid twenty s carried on like a lot of young guys around the world he writes they showed up at work around eight thirty a m shanghai time check to.

five years
"lawrence abrams" Discussed on Security Now

Security Now

02:03 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"And then you know i mean i i know that i and i know you and and other people leo will fire up a task manager a task viewer to see what what process in our system is hogging all of the all of the the memory and or you know sometimes it's memory in this case with a crypto minor it's cpu resource so bleeping computer's lawrence abrams described a new minor which they had become aware of which is doing exactly this now it's not particularly clever i'll describe the clever solution in a minute but what they're doing is so the so this thing gets into someone's machine it establishes a an entry in task scheduler so that at at midnight it will for the task scheduler will i trigger so it doesn't do anything when it first gets into the machine and using task scheduler is a time honored means for malware to execute itself 'cause tasks gust scheduler is able to to run things for which it has it has been set up to do so at midnight this thing the task scheduler triggers and then repeats every minute so that launches the minor which checks to make sure that there isn't already an instance of it mining and if so then the the newly relaunched instance immediately terminates while mining it proactively enumerates the the systems process list in order to and this is what i'm thinking is well okay this is kind of brute force.

lawrence abrams
"lawrence abrams" Discussed on Security Now

Security Now

02:20 min | 2 years ago

"lawrence abrams" Discussed on Security Now

"And and this was triggered by a blog posting of digits where they were talking about their own discontinuation on april first and they said no no no not this is not a joke we are we are discontinuing support for one point zero and one point one of t l s i don't know whether the yet support one point three but they certainly do one point two that's where everybody is so i want to talk about that because there was one just perfect quote from their blog that i really enjoyed and i thought you know this make it makes sense now to talk about how we get out of where we have been as we know it's never easy to stop using something which is working and is it obviously a problem even when it is obviously a problem we often still just say oh well you know like version one like version four of ip ip v four where all still using it or not supposed to be because you know it ran out there is no more but oh look i'm still using it and so are you so what the heck anyway we're going to talk about intel's big specter microcode announcement telegram inching out the door of russia or actually being pushed out the door u s law enforcement's continuing push for in air quotes lawful decryption which actually unfortunately amounts to unlawful encryption which i just this the the the way that bill was worded as knowing also we have more state level net neutrality lote local us state level net neutrality news latte laurie laurie lawrence abrams at bleeping computer is a fan of a wind ten a acoming windows ten replacement for disc lean up i wanted to share since i would just been you and i were just talking about disk cleanup and how he recommended to people we've got a.

intel russia bill us specter laurie laurie lawrence abrams