35 Burst results for "National National National National Security Security Security"

Members of Congress visit Taiwan after tense Pelosi trip riles up China

AP News Radio

00:43 sec | 15 hrs ago

Members of Congress visit Taiwan after tense Pelosi trip riles up China

"A delegation of American lawmakers is visiting Taiwan just 12 days after a visit by House speaker Nancy Pelosi that visit angered China China responded to Pelosi's visit by sending missiles warships and warplanes into the seas and air around Taiwan the American institute in Taiwan says a 5 member delegation led by democratic senator Ed Markey of Massachusetts is in Taiwan to meet senior leaders and to discuss U.S. Taiwan relations regional security trade investment and other issues The American institute in Taiwan represents the U.S. government which does not have official ties with Taiwan China claims self ruled Taiwan is a territory in objects to it having

Taiwan House Speaker Nancy Pelosi China Senator Ed Markey American Institute Pelosi Massachusetts U.S. U.S. Government
FBI seized 'top secret' documents from Trump home

AP News Radio

00:52 sec | 2 d ago

FBI seized 'top secret' documents from Trump home

"A federal judge has unsealed the search warrant that authorized the FBI's unprecedented search of Donald Trump's Florida home this week Court papers show FBI agents took 11 cents of classified records from Mar-a-Lago including documents labeled top secret The court did not release specific details about what's in the documents which former Justice Department official Steven salzberg says is proper Because that would reveal things that people who don't have security clearances aren't exposed to see Trump has said the seas documents were all D classified though that's unclear He'd kept the documents despite multiple requests from agencies to follow federal law and hand them over Both he and the Justice Department urged the judge to take the unusual step of unsealing the warrant Sagar Meghani Washington

FBI Steven Salzberg Donald Trump Justice Department Florida Sagar Meghani Washington
The Legal Significance of the Trump Raids With Attorney Joyce Vance

Stephanie Miller's Happy Hour Podcast

02:06 min | 2 d ago

The Legal Significance of the Trump Raids With Attorney Joyce Vance

"I have to say even for you, like, solid calm professionals. This is a lot this week. I mean, just those of us that aren't lawyers are like, oh my God. And now Scott Perry's phone. I mean, talk to us about I don't even know where to start with the legal significance of this week. But go ahead. So maybe one way of looking at it, this is probably the most boring way, but you know me, I'm boring. Yeah. That's what we love about it. Is that today is 89 days before the midterm election, Mar-a-Lago was searched. 91 days before the midterm election. And DoJ notoriously tries to go dark on politically complicated investigations. At a period of time sufficiently far enough out from an election to avoid any allegation that they're influencing the election. You know, the ghost of Jim Comey sort of lingers over that whole thing. I'm glad you got to him before I did. Yes. Early. If DoJ had stuff to do, it makes sense that we would see it happening this week. And so now they've got 90 days to quietly sort through what they obtained at Mar-a-Lago. We have no idea what that is. And figure out, you know, let's just put this on the table early. Two things could be going on at Mar-a-Lago, assuming the reporting is correct. This is about national security classified papers. One is there could be a criminal investigation going on. These cases are rarely prosecuted, but there's some factors here that suggest that there would be good reason to investigate and consider that. Possibly more importantly are the national security implications. And whenever you have a spill of classified evidence, you've got to figure out what's involved in the spill and whether or not there is risk to national security. So, you know, we've got a former president who notoriously sat at dinner at Mar-a-Lago and sort of crowdsourced advice on how to handle a Korean missile launch. There's no telling what he would do with papers. The important thing is that people need to get people government needs to understand what's happened and what the risks are.

Scott Perry Lago DOJ Jim Comey
Jill Wine-Banks Explains What Goes Into Getting a Search Warrant

Stephanie Miller's Happy Hour Podcast

02:07 min | 2 d ago

Jill Wine-Banks Explains What Goes Into Getting a Search Warrant

"Can you explain as a prosecutor? Jill, what a lot of people have said is do you know how much evidence there has to be for a judge to sign off on a search warrant for the home of a former president. We talked about this with Jeffrey Clark and John eastman that for a lawyer of a president, there's got to be a high bar. Can you explain what just happened yesterday? It's a high power for any American citizen. To be subjected to a search. And a judge will take even extra caution if it happens to be somebody who happens to be the former president of the United States. The bar is very high. It isn't the same as what it would take to convict at a trial, which is beyond a reasonable doubt. But probable cause means it's more probable than that. And remember, there is a judge who has already found that Don eastman and Donald Trump more probably than not, more likely than not, committed a crime. As far as the reporting here, we can, I would say, conclude that the reason for this search had to do with missing documents that were wrongfully taken from The White House and kept at Mar-a-Lago. Some of those are highly classified and pose a national security threat. We don't know if those are the ones that they were looking for. We don't even know for sure that it was documents that belong to the government and not to Donald Trump that they're looking for. But we do know whatever they were looking for if they find other things that are evidence of crime. They can take them if they're in plain sight. They have to be within the exact precincts of what the subpoena said. So if the subpoena says they can search a safe, they can search his office, they can search his bedroom. All of that is fine. That means they can't go into the lobby. It means they can't go into the bed, whatever room isn't named. But if they find something there, then in the places that are specified, it's fair game.

Jeffrey Clark John Eastman Don Eastman Donald Trump Jill United States White House
Kash Patel: Not Handing the Warrant Was a Bad Move by FBI

The Dan Bongino Show

01:21 min | 2 d ago

Kash Patel: Not Handing the Warrant Was a Bad Move by FBI

"Knew things had broken bad and that we were sadly descending down this tyrannical root cache But I'm sitting there this week and I'm watching this with my wife unfold and I'm sitting there with the proverbial jaw drop I can't believe they would usually they were a little more cryptic about this Now one of the things I found odd about this is the lawyer thing Being very familiar with the legal space yourself Why would you not allow a lawyer in such a high profile service of a warrant Why would you not allow Donald Trump's lawyers on the scene there It seems odd Look as my time as a national security prosecutor at DoJ server warrants and execute lines on tariffs and other bad guys even we follow the letter of the law deliver the warrant and follow the rules because we knew that they would use any hiccup against us And the only reason that this occurred and now we know for sure and I said it earlier and you did to the attorney general Merrick Garland have to personally sign off on this and that's what he admitted to And they did it because they are basically panicking and heat and they don't know what to do now They've lost control of the political argument which is the last thing they wanted to lose control over And now the facts are going to slowly slip away from them like Russia gay And to not hand over that warrant is a rookie mistake by whatever FBI guys are on the ground But I think it's worse than that I think it was orchestrated by the top and they said don't give it to him

Merrick Garland Donald Trump DOJ Russia FBI
FBI Searched for Nuclear Documents at Mar-a-Lago

Mike Gallagher Podcast

01:05 min | 2 d ago

FBI Searched for Nuclear Documents at Mar-a-Lago

"Merrick Garland? Confirmed that he personally approved the decision. To raid Trump's home, president Trump overnight said release all the documents, so people can see what they were looking for, the mainstream media is reporting they were looking for nuclear documents? Impacting obviously national security? This stuff is right out of a Tom Clancy novel. You can not make this up. And now, of course, Trump is officially denying there were any nuclear documents being stored at Mar-a-Lago. Well, they're either are or there aren't. This to me is pretty simple. If there aren't, Merrick Garland and Christopher wray and the rest of them need to resign in disgrace. If there are, that's bad for president Trump. There's no way around that.

Merrick Garland President Trump Donald Trump Tom Clancy Christopher Wray
The Trump Bombshells Keep Dropping With Glenn Kirschner

Stephanie Miller's Happy Hour Podcast

02:31 min | 2 d ago

The Trump Bombshells Keep Dropping With Glenn Kirschner

"Let me just talk to you about this latest reporting this morning. National security experts are also shocked that signals intelligence was recovered, so it's not even just the nuclear stuff, former senior intelligence officials said during the Trump administration highly classified intelligence about sensitive topics, including about intelligence gathering in Iran, was routinely mishandled one former official said the most highly classified information often ended up in the hands of personnel who didn't appear to have the need to possess it weren't authorized to read it. Former official also said signals intelligence intercepted electronic communications like emails and phone calls of foreign leaders was among the type of information that often ended up with unauthorized personnel, such intercepts were among the most closely guarded secrets because of what they can reveal about how the U.S. has penetrated foreign governments. One person with familiar with the inventory of the 15 boxes taken from Mar-a-Lago indicated signals intelligence material was in them. I mean, Michael Hayden just tweeted Jesus Christ. That's what intelligence professionals are saying. They said Bill crystal said people ask why would Trump keep documents plenty of possible reasons EG this is pure speculation. Signals Intel on MBS and Jamal Khashoggi or on Saudi nukes are the kind of docs you'd want in case you had to remind the Saudis to keep the money coming, one historian said if it was you or I and not Trump or were in possession of top secret documents about nuclear weapons or signals Intel will you and I would be handcuffs in a very bright room with glam rock playing in our ears yet he plays the victim. Again, every time you think we're at the end of a bombshell, right? And I didn't even know what signals intelligence was until this morning, but that's another layer, right? It is. And you know what this proves Steph, it proves the folly of having a policy that says you can't indict a sitting criminal president because people knew he was misusing mishandling classified documents all day every day. That closes the danger to our national security and by all accounts we did nothing about it. Why? Because a sitting president gets to commit as many crimes as he wants while in the Oval Office with impunity. That's insanity. That's banana republic approach to government. And this highlights the danger of that, which is now come home to roost. I hope we learn this lesson based on this episode.

Trump Administration Bill Crystal Jamal Khashoggi Michael Hayden Intel Lago Iran Donald Trump Saudi U.S. Steph Oval Office
Charlie Welcomes Darren Beattie to Reflect on the Mar-a-Lago Raid

The Charlie Kirk Show

01:10 min | 2 d ago

Charlie Welcomes Darren Beattie to Reflect on the Mar-a-Lago Raid

"Joining us now is Darren Beatty from revolver dot news, Darren welcome back to the program. I want to start kind of at square one with you here. The significance your take on the raid, your thoughts. Well, it's huge. The Department of Justice, Merrick Garland, Joe Biden's Department of Justice. They crossed the Rubicon here. I mean, they've engaged in egregious sensation of the national security apparatus of the Justice Department before. But this act is just too overt. It's too outrageous. It's too egregious. And they've overstepped their bounds. And that's why they're panicking. That's why they're engaged in an exercise of frenetic finger pointing, trying to lay all the blame at Christopher wray when we know that this had to be approved at much higher levels. Because they know they overstepped their bounds. And what that means is the ball is in our court, the ball is in the court of the Republicans of the GOP. And now it's just a question of what to do with it. Because if you drop the ball, it's going to be more of the same and even worse. So it's time to get very serious, very responsible, come up with a real plan and implement it.

Darren Beatty Merrick Garland Department Of Justice Darren Joe Biden Christopher Wray Justice Department GOP
 Hong Kong population shrinks for 2nd year under virus curbs

AP News Radio

00:35 sec | 2 d ago

Hong Kong population shrinks for 2nd year under virus curbs

"Hong Kong's government says its population has shrunk for a second year as antivirus controls hamper the inflow of new workers and births declined The territories census and statistics department has announced the population as of mid 2022 has declined by 1.6% from a year earlier to just over 7 million with the net outflow of just over 113,000 residents while less than a 5th of new residents arrived However the announcement gives no indication of how many thousands of people might have left due to the crackdown and a national security

Territories Census And Statist Hong Kong
The Left Who Plead the Fifth

The Officer Tatum Show

01:18 min | 3 d ago

The Left Who Plead the Fifth

"I'm a finish the list of people who play at the 5th. We can go back through Obama's boy. Ben Rhodes, you know, after he, you know, the Iran deal went south, Congress wanted answers. He sent his buddy Ben roe, a rose. I said, Ben roe, Ben Rhodes. To testify, he played the 5th the whole time. Brian pagliano, the one that was the IT person that with no security clearance was the IT person of Hillary Clinton's private server in our House who got exposed to classified information and all kinds of other stuff. All the government secret everything. This guy didn't work for the government. Anyway, when he had to testify, he evoked the Fifth Amendment a 125 times. Then you had a similar person, similar to Brian, because they were both associated with this private server. And Paul, he was a part of, I think it's called plate. River network, I could be saying it wrong, God forgive me. He was the person responsible of wiping Hillary Clinton's private server with bleach bit. He also refused to testify before the House oversight committee and played the 5th.

Ben Rhodes Ben Roe Brian Pagliano Hillary Clinton Iran Barack Obama Congress Brian Paul House Oversight Committee
Seb Talks to Kash Patel About the Purpose of Security Clearances

America First with Sebastian Gorka Podcast

01:48 min | 3 d ago

Seb Talks to Kash Patel About the Purpose of Security Clearances

"I have so many things I want to dissect with you. Let's start by let's talk about clearances and classified information. Yeah. So I've still got my clearance. I gained a clear inside of clearance, a secret clearance in the British Army. I got a TSS CI in The White House when I came in and I think most people don't understand why the clearance system exists and why we have classified information and who the intelligence agencies of America work for. So would you as somebody who's worked in Congress convicted terrorists to the DoJ ran The Pentagon, why do we have intelligence services? And who are they writing their classified products for cash? Yeah, that's a great starting point. We'll get to their failures in the second, but classified information serves a purpose set. It's to protect American national security interests, which means you are protecting Americans. And sometimes the information is so sensitive, we don't want it out there in the public. IE. We don't want to tell Baghdadi that we're coming to get him because we put it out on Twitter. We don't want the facebooks of the world to know the positions of our hostages before we go and get them. Those are just obvious examples, but the better point is the intelligence collection doesn't always necessarily lead to an end state. It shapes policy at The White House and how we defend against Russia, China, and Iran, the largest state sponsor of terrorism and the like. So there is a need and a purpose for classified information. But the over classification of information has become a systemic problem and the failure of agencies to be able to share with each other is another problem that I tried to fix when I was deputy director of national intelligence.

British Army Baghdadi White House DOJ Pentagon Congress America Twitter Russia Iran China
Eric Trump: FBI Raid Was Directed by the White House

ToddCast Podcast with Todd Starnes

01:29 min | 3 d ago

Eric Trump: FBI Raid Was Directed by the White House

"Eric Trump on newsmax. This does not happen without presidential consent. You know The White House new Mark my word, they're out there today saying that no one in The White House knew this was a 100% mark my word directed by the White House. This is a political hit on my father. They know Biden's floundering the polls. He's doing absolutely horrible. And so what do they do? They put on a stunt like this. And I want everybody to remember, God forbid, I hate having to say this, but if there's ever another terrorist attack in this country, if there's ever another school shooting in this country, the next time you see a serial killer in this country, I want everybody to remember that the FBI spent all their resources going into Mar-a-Lago to look for effectively records for a public library, you know, rather than being focused on China who's ripping off America every single day rather than being focused on the threats that plagued this country, terrorism that wants to come in here, Al-Qaeda. By the way, that raid, 9 hours, 9 hours they were rummaging around immoral Lago. Eric Trump now says, and this is coming from the attorneys, the Trump attorneys. They said they were shown the warrant from a distance, but they were told that they were not allowed to observe anything. They had to leave the building and here's the most important part of this folks. And this is why we know something else was going on in Mar-a-Lago. They told the Mar-a-Lago staff to turn off all of the security cameras. So

Eric Trump White House Newsmax Biden FBI Qaeda Lago China America AL Donald Trump MAR
Are Trump Boxes the Real Problem?

The Hugh Hewitt Show: Highly Concentrated

01:20 min | 3 d ago

Are Trump Boxes the Real Problem?

"I do want to talk about allocation of bureau resource. You have a lot of FBI agents living in your state and they're important and valued members of our entire national fabric. They do great work. But I don't know where John Bolton lives, but the Iranian revolutionary guard corps could force does. I'm worried about people in front of justice Kavanaugh's house, including an attempted assassination of him. I'm worried about an open border. I'm I just don't know about the allocation of resources to boxes and Donald Trump's basement that this represents. Well, I can't argue with that and Marilyn probably has a higher percentage of FBI agents living there than any other state. I would imagine we've got a higher percentage of federal employees than any other state we surround the nation's capital. I just had a meeting with John Bolton last week in Annapolis. He lives in Maryland. And he does have security. I mean, I don't know all the details of these threats, but apparently it's still a concern. And we have been both Glenn youngkin and I, governor of Virginia, have been pushing the Biden administration to do more at the federal level to help us. It's been state and local police trying to enforce the law, but there are federal laws protecting the Supreme Court Justices, and they're really not doing it.

Iranian Revolutionary Guard Co John Bolton FBI Kavanaugh Donald Trump Marilyn Glenn Youngkin Annapolis Biden Administration Maryland Virginia Supreme Court
Armed man approaches FBI office, exchanges gunfire with cops

AP News Radio

00:56 sec | 3 d ago

Armed man approaches FBI office, exchanges gunfire with cops

"In armed man in body armor tried to breach a security check point at an FBI office amid increased threats against federal agents after the FBI searched Donald Trump's Florida home Authorities say agents at the Cincinnati field office confronted the man who fled and later exchanged gunfire with police There have been growing threats against FBI agents and offices nationwide after the Mar-a-Lago search Violence against law enforcement is not the answer no matter what anybody is upset about or who they're upset with As he visited the bureau's Omaha Nebraska office yesterday FBI chief Chris ray said in remarks carried on WOW T the threats are deplorable The FBI's warning agents to avoid protesters and to put away their security key cards while outside the office Sagar Meghani Washington

FBI Cincinnati Field Office Donald Trump Florida Chris Ray Omaha Nebraska Washington
FBI Upset Mar-a-Lago Security Cameras Recorded Raid

Mike Gallagher Podcast

01:14 min | 3 d ago

FBI Upset Mar-a-Lago Security Cameras Recorded Raid

"Saw two lawyers for president Trump on Sean Hannity's show last night. One of them said they wouldn't let her even on the property or anywhere near the raid. His own lawyer, the FBI refused to let his legal representatives monitor the raid. Maybe I'm watching too much TV, but I thought that's something kind of fundamental. Your lawyer is there to protect your rights. Have you heard about the surveillance videos? The cameras at Mar-a-Lago reportedly the FBI ordered Mar-a-Lago to shut down the surveillance cameras. So that there would be no surveillance footage of what they took out of the president's home. According to Eric Trump, those cameras didn't go off. The FBI thought they did, but they apparently kept rolling. And now the FBI is livid and the Justice Department is demanding all the surveillance tapes to be handed over to them. What in the world would they be worried about?

President Trump FBI Sean Hannity Eric Trump Lago Justice Department
Investigative Journalist Julie Kelly Sees the FBI Raid Backfiring

The Dinesh D'Souza Podcast

02:18 min | 3 d ago

Investigative Journalist Julie Kelly Sees the FBI Raid Backfiring

"Guys, I'm really delighted to welcome to the podcast. Well, welcome back to the podcast. The one and only Julie Kelly. She is the go to person on the issues that we're going to talk about, which is the FBI, the double standards of the Biden DoJ, what needs to be done, Julie, thank you for joining me, delighted to have you as always, it seems to me that this raid on Mar-a-Lago, which perhaps the Democrats thought would be a way to smear Trump has kind of backfired on them and I wonder if you agree with that assessment and how you think this is going to play out. Hi, dinesh. Thank you, as always, for having me on and for covering my work. I do think it's backfiring. I think even some Democrats and left wing pundits are recognizing that, look, this is an egregious, unprecedented move. And there needed to be some real salad justification for it. And some public explanation, but if we're being told in what is being reported by both Trump camp and even federal authorities taught leaking to news outlets, if he was indeed cooperating and they somehow thought he had classified material in his possession, they were already working with Trump and his lawyers to figure that out. So there's really nothing that justifies it seems this judge who we now know is tied to Clinton world and to raids presidents, former president and potential rival of Joe Biden, raid his house, FBI agents for hours asking apparently for the Mar-a-Lago people to shut off security cameras, not give them a copy of the warrant looking for some sort of classified documents that's the ruse anyway. I think this is really fired up, even people dinesh, who have been completely silent on the abuses of the FBI related to anyone. Any Trump supporter or the president himself.

Julie Kelly Donald Trump FBI Trump Camp DOJ Dinesh Lago Biden Julie Joe Biden Clinton
Iranian man charged in John Bolton assassination plot

AP News Radio

00:43 sec | 4 d ago

Iranian man charged in John Bolton assassination plot

"In Iranian operative has been charged in a plot to murder John Bolton I'm Lisa dwyer with the latest the Justice Department says that an Iranian operative was offering $300,000 to eliminate former U.S. national security adviser John Bolton assistant attorney general for the FBI's national security division Matt Olson says This assassination plot was undertaken and apparent retaliation for the January 2020 killing of Qasem Soleimani Identified by U.S. officials as a member of the Iran's revolutionary guard is currently wanted by the FBI on charges related to the murder for hire plot Olsen says This was not an idle threat And this is not the first time we uncovered brazen acts by

John Bolton Lisa Dwyer National Security Division Matt Olson Justice Department Qasem Soleimani FBI U.S. Iran Olsen
Malcolm Nance Reminds Everyone That Warrants Are Lawful

Stephanie Miller's Happy Hour Podcast

01:53 min | 4 d ago

Malcolm Nance Reminds Everyone That Warrants Are Lawful

"You know, warrants are executed every day. Hundreds by the FBI, the U.S. Marshals. You know, it means that law that judiciary has found adequate evidence in order to have your place searched waving the Fourth Amendment, right? Unlawful search and seizure. This is lawful search and seizure. And they can't wrap their heads around it. What they're really upset about is that laws are applying to Donald Trump and people like them. White people. And Malcolm, this is your area of expertise, national security. This is again none of us know all the details, but certainly the speculation is this is national security related. To get a warrant to raid the home of a former president, means, you know, this clearly was classified information as Joyce Vance just told us, I don't care what they say. They obviously didn't properly declassify it. They're trying to claim that now, but in order to get her do a raid, Malcolm talked to us a little bit about, you know, because obviously there's a lot of speculations. Are they selling the secrets to the Saudis to the Russians? Like, who knows, right? Oh God. Oh my God. Or they're documents which are implicate them in crimes that they classify. Yeah. You know? And they know that these documents are missing because there's a sequence of numbering one up numbering every one of those documents. And they're missing. And I understand, it wasn't 15 boxes they're looking for. 27? Yeah. I think 24, 27, 20 5 is what I heard this morning, but a lot. My understanding. They took 12 more. They were originally 15. They took 12 more boxes out of Mar-a-Lago so bring the total to 27. I'm sorry.

U.S. Marshals Joyce Vance Malcolm FBI Donald Trump
"  security" Discussed on SECTION 9 Cyber Security

SECTION 9 Cyber Security

05:30 min | 6 months ago

" security" Discussed on SECTION 9 Cyber Security

"When we talk about IT and information security, I'm Damian hall. And I'm Dorothy. And today we're going to be doing a mini security audit and this is where we kind of go over some of the things we're doing in security and just sort of double checking in for a fine. We want to know if these things are good for us or not. Now let's remind ourselves of what we're trying to do here. So a couple episodes ago, I came up with a short list of things that we're going to try to do here at section 9 to improve overall security. And on that list I have patching to FA application allow listing and system on for better windows login. Now we're doing the first three, we're going to save cis man for a separate episode because there's a lot that goes on in that. So we're going to be looking at patching two FA and application allow listing. Now, to give people a better understanding of what we're doing here at section 9, I want to talk about our environment because it's one thing to talk about security in a lab environment. But what does it look like when you drag it out of the lab or out of a book or a video and apply that to the real world? So we're tiny. There's just two of us. But we have Microsoft 360 five, we're using Azure AD and intune, and we have Windows 10 systems that are joined to Azure AD, and they're sort of partially managed out of intune. Whenever we want to apply settings, we're going to be doing that through intune. And this is an environment which can be applied to a business. So if we had, let's say, a hundred employees, we could use this environment in that situation. And it would work perfectly. So I'm trying to create that scenario where, instead of doing security in a lab, we're doing security in the real world. One that you can take with you and you can apply to a business environment, which you can do that, because we're doing it..

Damian hall Dorothy Microsoft
"  security" Discussed on SECTION 9 Cyber Security

SECTION 9 Cyber Security

05:23 min | 7 months ago

" security" Discussed on SECTION 9 Cyber Security

"Servers. I'm going beyond that idea that I only have one laptop. I can just install everything myself. I don't need a tool for that. Versus I have a hundred laptops. I have a thousand laptops. How do we manage that? And I think that's where I'm at with security is how do we manage something beyond one or two devices in a lab environment, or just using an example of something? How do you take that and move that into the real world? Because when you do that, it's a completely different situation. You're no longer in a situation where you have one or two lab workstations and maybe a server, now you have 50, 60, a hundred laptops that are moving around, and they're out there in the real world. They're not always in the office. How do you log that? So if you have a seam solution or things like security onion with the Elk stack on there, well how do I send it logs when I have people at home? I have people in a coffee shop. I have people in the office, how do I get all the logs into that one location so I can analyze them. Those are things that make it a challenge and that's what the real world looks like. It's not a nice neat little simple lab where everything is in one location. It's all over the place, and it's messy. And that's where things get interesting. And that's why I think it's important to have that short list. What are some things I think are really, really, really important that we can do and they're easy, right? Like two factor authentication when you have Azure AD is pretty simple. Let's go beyond that. Let's try some of the other stuff. And if we do things like honey pot, well, where does that live, right? Those are some things that I'm looking at now. And so I'm going to take the stuff that we have in all these different classes I've taken so far. And try to create that short list of things that we can do. And hopefully this is helpful to others so they can kind of see what we're doing and use some of the things that we're trying to do. I think one of the best things I.

"  security" Discussed on Security Now

Security Now

02:23 min | 7 months ago

" security" Discussed on Security Now

"Because collide, KOL IDE is built by like minded security practitioners who have seen in the past just how much MDM was disrupting end users. Frustrating them so badly they throw up their hands, forget, all right, I'm using my own laptop. I'm not using this. This is ridiculous. I hear that story a lot. Without telling anyone, of course, opening you up to all sorts of problems. That's scenario, which everybody loses the user and you and your business and everything. Collide is different. Instead of locking down a device, I really like this. I really like this. Collide takes a user focused approach that communicates security recommendations to your employees directly on slack. So after collides set up, in fact, I'm sure Russell wants to use this because we use slack. Device security turns from this on or off police state, basically, into a dynamic conversation. The conversation starts with the users installing the endpoint agent on their own. So they're already kind of empowered, right? We don't deliver this to you, locks down. We say here, install collide. Through a guided process, it happens right inside their first slack message. From there, collide regularly sends employees recommendations. Suggestions, if you will, when they notice their devices in an insecure state. Ranging from simple things like your screen lock is not set up correctly or it doesn't come on. There's no password to turn it off that kind of thing. To somewhat more nuanced maybe even difficult to solve issues like suggesting people secure two factor backup codes sitting in their download folder. That's probably not it can't see post it notes on the screen, but that's the next worst thing. And because it's talking directly to employees, colitis educating them about the company's policies and how to best keep their devices secure using real examples from this is what's actually happening. Some theory, plus they feel listened to and engaged. And honestly, they're more likely to become a partner in security, rather than fighting at every step of the way. Collide, Linux, Mac or Windows. Cross platform endpoint management. It puts end users first. But make sure your security is taken care of. And it's of course for.

Russell
"  security" Discussed on Security Now

Security Now

03:38 min | 7 months ago

" security" Discussed on Security Now

"GRC dot SC slash what is this? 8 5 four. And that will tell you whether you're okay or not. And maybe is it set up? It should have given you more than that already. Let me go directly. There we go. There you go. Building my port, 20,005. Yes. Okay. I'm familiar with not a port anybody's familiar with. Okay, so security yeah, it's your stealth, good. The security research firm sentinel one has discovered that some common code licensed by a number of prominent router manufacturers contains a highly critical remotely exploitable flaw. Among the writers known to be affected are those by netgear, TP link, tender, Edna max, D link and Western Digital. Holy coal. Ugly. I know. So here's what we know. Day or rather he, at sunel one, his name is max. Discovered a high severity flaw in the what's known as the cake codes as the company, K codes, net USB kernel module used by that large number of network device vendors and affecting millions of end user router devices. This allows attackers to remotely exploit the vulnerability to execute code in the kernel. Set in the labs, max's company began the disclosure process last year on the 9th of September, and the patch was sent to licensee, router vendors on the 4th of October. So it should be incorporated into router firmware updates by now. That's more than 90 days. At this time, sentinel one has not discovered evidence of in the wild abuse. Okay, so here, in the author's voice, is how this all began. He said, as a number of my projects start when I heard that prone to own mobile 2021 had been announced. I said about looking at one of the targets having not looked at the netgear device when it appeared in the 2019 contest, I decided to give it a look over. While going through various paths through various binaries, I came across a kernel module called net USB. As it turned out, this module was listening on TCP port two zero zero zero 5 on the IP zero zero zero zero. Provided that there were no firewall rules to emplace to block it and typical consumer routers don't have any. That would mean it was listening on the when as well as the land. He says, who wouldn't love a remote colonel bug? Net USB is a product developed by K codes. It's designed to allow remote devices in a network to interact with USB devices connected to a router. For example, you could interact with a printer as though it is plugged directly into your computer via USB. This requires a driver on your computer, the communicates with the router through this kernel module. Of course, you don't have to be using this to have it there, alive and running in your router..

Edna max netgear sentinel max
"  security" Discussed on Security Now

Security Now

05:55 min | 7 months ago

" security" Discussed on Security Now

"Having the stated goal of getting public and private sector organizations to rally their efforts and resources with the aim of securing Okay. Good goal. Although not only about log for J, ver J was the clear catalyst. Behind the summit, and the public sector, the list of participants, pretty much was the who's who, including the deputy national security adviser for cyber and emergence emerging technology, that's a department that was an new burger. National cyber director, Chris inglis, officials from the office of the national cyber director, office of science and technology policy, the Department of Defense, the Department of Commerce, the Department of Energy, the Department of Homeland Security, the security and infrastructure security agency, of course, the cisa, the NIST and the NSF. The private sector was well represented by akamai, Amazon, Apache, Apple, Cloudflare, Facebook slash meta, GitHub, Google, IBM, the Linux foundation, the open-source security foundation, the open-source security foundation, I didn't know there was one. Good. Microsoft Oracle, Red Hat, and VMware. The participants focused their attention on the three topics. First, preventing security defects and vulnerabilities in open-source software, I guess, good. Let's do that. Improving the process for finding security flaws and fixing them. And third, shrinking the time needed to deliver and deploy fixes. All worthy goals. The White House's after action report wrote, quote, most major software packages include open-source software, including software used by the national security community. Open-source software brings unique value and has unique security challenges. Because of its breadth of use and the number of volunteers, responsible for its ongoing security maintenance. So this sounds a little bit like what the FTC we talked about last week. What they said, they did appreciate the particular challenges it represented because it was not commercial. It was all free and just done by random people. During the summit, Google proposed the creation of a new organization. That would act as a marketplace for open-source maintenance that would match volunteers from participating companies with critical projects that need the most support. Can't walker, Google's president of global affairs and chief legal officer, both for Google and Alphabet. He was quoted, saying, for too long, the software community has taken comfort in the assumption that open-source software is generally secure due to its transparency and the assumption that many eyes were watching to detect and resolve problems. But in fact, while some projects do have many eyes on them, others have few or none at all. Growing reliance on open software means that it's time for industry and government to come together to establish baseline standards for security, maintenance, provenance, and testing. To ensure it with money for Christ's sake and that's the problem. They use this stuff for free. And then they go, well, you see. Broken. It's broken. To ensure national infrastructure, he said, and other important systems can rely on open-source projects. At least, only use proprietary. But it's Google, after all. Right. Yes. These standards should be developed through a collaborative process with an emphasis on frequent updates continuous testing and verified integrity..

source security foundation Chris inglis office of the national cyber d security and infrastructure se Cloudflare office of science and technolo national security community Google cisa Linux foundation akamai Department of Commerce Department of Homeland Securit NIST Department of Defense Department of Energy GitHub NSF Red Hat Apache
"  security" Discussed on Security Now

Security Now

03:10 min | 11 months ago

" security" Discussed on Security Now

"Won't be a problem but is bad. Why active still a. Why is it still in windows. It's well it's because they're you know documents live on and you you would want that document not to be able to open a website now would you. I know you gotta you gotta have that in your in your power. I remember us specifically talking about what a threat. It was to allow something downloaded from the web to rub locally on your computer as it because and it's bringing in java script what could possibly go wrong. I mean those not only is your. Is your document scripting in order to bring in a in order to host a container which is then a web browser in your document which has been given a u. r. l. to a foreign server which could then load something in with java script writing and like do something it's like there should be a way just remove activex. I stunned. it's still alive in there. Yeah that's crazy there. Must that's that's it. Internet explorer component. Yeah yeah well well. Active x is Is what is what Com evolved into so there was the cry honan object model calm and then it sort of they. They like they got so tired of doing like extensions of it because the kept figuring out it could do more. Did they said okay. Let's just kinda start over so we'll call it but oh and it was also a renaming. Remember that it's sort of like it. They didn't feel like it was exciting enough. It's like it's active com ole right which is pretty good. Sounds like a bull fabulous. It's still supported through As a witness. Ten through internet explorer eleven. Even though it's been deprecated for years right. And so this is invoking i e an old i e control through activex in order to bring it back alive so yeah and i mean we're not noticed we're not even talking about the fact that that ease 'em html control has a problem because like of course it does like why. Why would we imagine that out that. A browser component would not have a horrible easily exploitable flaw. Instead we're just talking about. Oh this is the way you invoke it because embedded in office documents. Okay so we also have. This seems to be abbreviation day. We all i also ran across w. f. h. Which is the new abbreviation for a work from home. That's now a thing w. f. u. w. f. h. your wfan aging anyway last thursday hp's wolf security group published a new study which they titled security rebellions and rejections..

wolf security group hp
"  security" Discussed on Defensive Security Podcast

Defensive Security Podcast

04:03 min | 1 year ago

" security" Discussed on Defensive Security Podcast

"Hey it's our job to advise what to do if desired right. Yeah very similar to lawyer like yeah. You probably shouldn't stab that guy on camera. That would be bad for you but you could still go stab the guy on camera. I don't know it's probably bad example. But you know what i mean. It's just i obviously. It security or cyber is so new and legal professionals ancient. So i don't know if these rav will be defined into laws but it seems to me very similar so let's see Don't share the report or sorry. Share with as few people as necessary for portas is also necessary for internal business. Accounting regulatory purposes. Have a separate sanitized. Report prepared the report and the related work must be a legal expense paid for by the company's legal budget preferably through outside counsel that was also one of the observations of the judge. Let me just restate. We're not giving legal advice. I'm reading this This document document anticipated potential threat of litigation early on and take time to carefully select and prepare your thirty bc witness for the deposition. Whatever the heck that means there you go. Well was a national argue. So it's meant for lawyers that's right that's right which we are not which we're definitely not but again assume that you're engaging a third party forensis company that the report is going to be covered by legal privilege unless you take the action. That's that's the whole point of this. Talk to your attorneys. Don't assume this is your fun parties. I totally am all right. So final story. This one comes from secure world that i owe and the title is suing the sea so solar winds fires back so we've obviously talked about solar winds ad nauseam. Some solar winds investors have sued solar winds The company and as well as their ceo in their see so basically. I'm summarizing basically alleging What i would loosely called malpractice and Basically saying that that In a couple of different points. You know that that the company didn't do the right. You know didn't exhibit responsible security Oversight and so they use some specific examples from former employees. you know one of which was a Strategist and had complained that they that the company wasn't doing enough in in a couple particulars security. There is also the very public issue with the The solar winds one-two-three password. That's referenced in here and so you know point is that it's finding interesting that this is a this is an example where it's not just the company that is being sued. It's also in this in this case. It's the leadership of the company and look it is hard enough to bc. So i think this is. This is really if this becomes common practice. I fear what we're going to see on but on the other hand on that's that's one side on the other side. I think it will quite likely derived different kinds of behaviour..

portas
"  security" Discussed on The 443 - Security Simplified

The 443 - Security Simplified

05:08 min | 1 year ago

" security" Discussed on The 443 - Security Simplified

"There's no liability. There's nothing holding them to this. So you're representing mark. I think optimistic opinion that people want to be secure and one to work in any way they can do. This colonial pipeline might fall into that because they suffered an issue. But i'm from. I'm at the point until it is regulated until there is teeth. I'm not sure it's going to make much difference. So i hope your interpretation of the end you know. I'm glad that they're trying to work voluntary but maybe there should be regulation about a minimum baseline set of security that industrial control critical systems need to establish so. I don't know it sounds. There's nothing wrong with this memorandum. I loved all the ideas of what it proposes. But where's the meat. Where's the beef. Whereas the either the teeth and forcing people to do security or the actual details about what any of this new policy is because i see ics policy that's existed from department of homeland security. Caesar ics cert nist before. So i just want more detail right now. It just seems like oh. We want to make this better less wave our magic wand if only were that easy. But you're right. I think it will boil down to whether they can add teeth to it or not because to be fair teeth or carrots yes it is either fines. Or some some incentive you can also enforce a regulation by giving tax or monetary or other incentives. If you do so add something to this. That really gets the ics community on board beyond just voluntary. Because let's face it as much as everyone wants to be secured. They don't have the time. Voluntary does not seem to often work. And while like you said a lot of these utility districts and stuff are really maintained by very local municipalities like ness not necessarily even state level down the county or city in some cases it is critical to our nation's infrastructure so it makes sense.

department of homeland securit Caesar
"  security" Discussed on Security Now

Security Now

05:26 min | 1 year ago

" security" Discussed on Security Now

"Hello everybody is. I don't know how. Steve does this mustache thing. We're giving steve the week off <hes>. You know he he takes no time off. The man works his butt off not only with with his with his products. Spin right and and all the research and stuff. He does for his website. Grc dot com. But he spends you know hours putting together the security now show every week and the funny thing is about steve. He never wants to take a day off. He never wants to miss a show so i've tied him up and put them in a closet so he can't be here today because the guy needs a week off and we're gonna take some of the best moments from the year. Twenty twenty starting with the story of and this was a bad one clearview and their face recognition technology. So last week we talked about the clearview a i company who were doing the facial recognition and bragging the web for three billion face sprints and made them available to six hundred police department so they could identify people within seconds since then clearview has increased their collection of cease and desist. Letters are just not exactly what they are hoping to be collecting from major. Us social media players. The first one they they received was from twitter a couple of weeks ago when twitter told clearview to stop collecting its data and to delete whatever it had. In addition facebook has similarly demanded the clearview stop scraping photos because the that action violates facebook's policies and now google and youtube are also both telling clearview to stop violating their policies against data scraping. Clearview take on. This is defiance. The ceo hone thanh fat was interviewed last wednesday morning this morning. News show <hes>. He's told to trust him. He said the technology is only to be used by law enforcement and only to identify potential criminals. Tom fat claims that the results which which is not encouraging our ninety nine point six percent accurate. I guess though you wouldn't wanna miss. I want a false positive. Miss identify you as a bad guy. So i guess accuracy is is a better thing and he also claimed that it's his right to collect public photos to feed into his facial recognition archive. He said. there's also a first amendment right to public information so the way we have built our system is to only take publicly available information and index it that way and we by the way there was a recent supreme court decision having to do or was it supreme court but maybe ninth circuit court having to do with scraping of linked in which they ruled. Yup you can't stop scraping if it's public information. Y'all can't stop it. In fact i have that i mentioned that here <hes>. So we know from last week when we talked about this the that in illinois at least with their bitta. The biometric information privacy act <hes>. You know it's illegal there <hes>. And youtube statement read quote. Youtube terms of service explicitly forbid collecting data. That can be used to identify a person. Clearview has publicly admitted to doing exactly that and in response we sent them a cease and desist letter as facebook <hes>. Facebook said last tuesday that it has demanded that clearview stop scraping photos because the action violates its policies. Facebook said we have serious concerns that clear views practices which is a with sorry serious concerns with clear views practices which is why we've requested information as part of our ongoing review. How they respond. We'll determine the next steps. We take which i'm sure. Facebook attended sort of sound ominous <hes>. And <hes> taunt that defended clearview as being a google like search engine. He said google can pull information from all different websites. If it's public and it can be inside sorry. Excuse me if it's public and it could be inside. Google search engine. It can be an hours as well. Google disagreed saying that clearview isn't at all like their search engine. Google said there's a big difference between what we do and the way your shanghai ing everyone's face images without their consent. Most websites want to be included in google search and we give webmasters control over what information from their site is included in our search results

Google clearview dinh shanghai leo san francisco lincoln faa california
"  security" Discussed on Application Security PodCast

Application Security PodCast

04:03 min | 3 years ago

" security" Discussed on Application Security PodCast

"Matt Clapham is a product security person as a developer security engineer advisor and manager. He began his career as a software tester, which led him down the path of figuring out how to break things. Matt lives in the medical software world and visited the healthcare information and management systems society hymns conference. Matt shares his perspectives on application cybersecurity through the eyes of the healthcare industry. There is much for us to understand by viewing. How other segments approach security and privacy Matt believes in stepping outside the echo chamber and experiencing how other industries see security, and he achieved that by visiting this non security conference in sharing his experiences with us. And remember if he visits your booth at an event, you better know, how your company's make secure product or solution. I wanna take a moment to introduce you to security journey at security journey. We believe security is every developers job we work with our customers to help them, build long-term, sustainable security culture amongst all their developers are choice to provide security education that is conversational quick hands on and fun. We don't do lectures. Instead, we let the experts talk about what's important modules are quick ten to twenty minutes in length. We believe in hands on experiments builder and breaker style that allow developers to put what they learned into action. And lastly, fun training. Doesn't have to be boring. We make it engaging and fun for the developers. Visit WWW dot security journey dot com to sign up for a free trial of the security DOJ. Oh. The application security podcast here. We. Hey, folks. Welcome to this episode of the application security podcast. This is Chris Romeo CEO of security journey and one of the co hosts here on the podcast, and I'm also joined by Robert, hey, Robert, hey, Chris. This is Robert threat, mulling architects, offer security architect and very enthusiastic about application security. So we're joined today by a guest who has been on the podcast two times before. So this is his third. Visit and that is Matt Clapham. And we were just talking about where we had actually done these podcasts interviews before. And so Matt Nye had done. Our last interview at converge conference in Detroit, Michigan, which is actually coming up here in a couple of months, and so if you're anywhere near the Detroit metro area in Michigan or anywhere in the state of Michigan should definitely come down. And be a part of this event. It's very cool. Lots of good stuff happening. Matt great to have you back on the show. Show again, thank you for being willing to share your expertise with the industry K happen to be here. So we thought we would refresh your origin story seems like it's been about time. Right. We have to refresh these things now and again, and so especially because your origin story that's going to impact the rest of the things that we talk about here. What what's kind of your origin story or how'd you get involved with security? Sure, I started out as a software tester. I'd been interested in software and went to college to learn about technology and computer science, and as I left college. I started as a tester, and I found that I really enjoyed breaking thinks right? And then as I got better and better at finding the flaws and whatnot. I said we'll, hey, why do we why do we not look at things like of risk management like question why everybody's running as an admin on windows all the time. Right. And so that that actually made me a better offer tester because I could start to to bring things in new and interesting ways and so. Experimented more with that. And I also learn more from talking to co workers

Matt Matt Clapham security architect Matt Nye Michigan Detroit Robert DOJ Chris Romeo developer advisor engineer CEO twenty minutes
"  security" Discussed on Security on The Bayou

Security on The Bayou

06:59 min | 3 years ago

" security" Discussed on Security on The Bayou

"And. Welcome to security on the by you. I'm your host Chris Adkins, and they're a recap of today's Security News. And why it matters to you? Good morning friends. It is Tuesday April thirtieth in here is today's Security News first off from the Atlantic dot com. Not your additional security article that we'll discuss here, but the title is people are clamoring to buy old insulin pumps written by Sarah saying on the Atlantic. So this is an interesting article in there's a lot of you know, sort of medical terminology, and you know, a lot about insulin and type one diabetes, but it's interesting because it has to do with hacking of a mid Tron ick, insulin pump. So essentially what they've done is the views this pump to create a process that they call looping. So that this software that runs on a artificial paint. Greece can then talk to this insulin pump and regulate the amount of insulin. That is put into the person's body. This is interesting because they. They stopped making these Medtronic pumps, y'all. I think in twenty fourteen so you have all these people running around on EBay and Craigslist and Facebook trying to grab these things. So that they can build these systems and use them to instead of having to count everything all day, and, you know, do do all kinds of different insulin shots, and it makes their life a little bit easier of so much. This is used across the industry quite a bit so much. So that the CEO of JD R f-, the Juve juvenile diabetes research foundation, actually does this himself. So very interesting article not your whole security, but hey, it's hacking. So we're gonna talk about it. All right next from threat post dotcom. Mauer infest popular pirate, streaming hardware. This should come. As no surprise anybody. So some researchers have gone and grabbed a Cody streaming box in essentially determined that every. One of the add-ons that it's on there while I'm gonna take the back, not everyone a large majority of the pieces of software and add on that are in this Cody box contain our some of the things that it's doing it is taking all of the wireless information your ID password in such from that box and sending it to server in another country. Somebody had one point five terabytes of data was uploaded from a device that shared the same network of the Cody box. So they were able to move laterally on the network in extract one point five terabytes of data. I don't know about you guys. But that would flag my my p pretty quick as going over my limit. So just a lot of some interesting things here. I mean, this should not be a surprise at all. I mean, if you were if you were developing free, quote, unquote, apps that a larger stream illegally, wouldn't you try and take advantage of that to all these people trying to do that. So. Apparently is quite a bit of talk about it on. The the dark web. And I mean, they the developers of these things literally discussed this with each other on how to do this affectively. So an interesting thing stay away from it. I mean at the end of the day, I mean, at least make sure you're protected somehow if you're gonna use this stuff all right next one a this one. I when I started reading it. I got a bit of a chuckle then it got pretty serious pretty quick. So this one from the registered coat UK Chinese Dev jailed and fined for posting DJ excuse me, DJ is private keys on get hub. So DJ I makes drones for those that don't know. So he ended up posting two extremely important keys on get one of them was the AS key for the firmware. So that's why I got a little bit of a chuckle. How people were allowed to go. You know, they can now modify the firmware to. There there needs. But the second one this was kind of a big deal. He he dropped a wildcard SSL key for star DJ DJ, I dot com. Don't wanna can't say that. And that's a big deal. I mean the world of. Keys. That's big one specially SSL key. So, you know, any sub domain of DJ, I dot com now, hopefully, they've gone revoke that key in you know, they've gone through that process. But who knows at this point? That's a that's pretty dangerous. So he ended up getting fined just under twenty three thousand pounds two hundred thousand Yuan is what it ended up being. So he, of course, is very sorry. I was born in a very poor village. I studied hard all the time. I finally got new university. It was very happy thing to me, and my parents. But now all the things are done. I am done. I will go to jail. I have to take the stain in my life. My girlfriend began to break up with me while my family are broken. F-bomb? What are what are terrible things? Maybe the only thing can do now is to die is so hard. I need to be free. I feel for this guy. That's that's pretty big deal. Sound people who say those kind of things about how wanna die and girlfriends Brigham don't sound like it was intentional. So. All right. Normally we do four, but we're already over our time for the day. So thank you for joining us. It is what day is it's Tuesday, Tuesday, April thirtieth twenty nineteen everybody have a wonderful day.

Cody box diabetes Chris Adkins Medtronic Atlantic Sarah CEO Mauer EBay Greece UK Brigham Facebook JD R Craigslist five terabytes twenty three thousand pounds
"  security" Discussed on Security Now

Security Now

01:31 min | 3 years ago

" security" Discussed on Security Now

"Steve so Android security. Ten years in. Yeah. Since this is the Templars day. Yeah. It really hasn't gone fast. I didn't realize we were like we're doing the podcast what had happened. I still have the first phone right here. I won't get a now. But it's back. Museum of old crap. Nice. Yeah. It's terrible phone. But as you say, we've come a long way, we have so and and really I want to talk about exactly that in detail. How we've come from a security standpoint in the show notes, I've got a link to the Google Android security twenty eighteen report final as they call it. It's a PDF thirty one page report. Which? Examines and shares the statistics of like what they recognize ecosystem data that the the the benefit of GU what they call Google play. Protect the the Android platform security, and then essentially the threats that are out there. The the the very aggressive P H A families, the potentially harmful applications. They write that they Android security teams mission is to.

Google Steve Ten years
"  security" Discussed on Security Now

Security Now

03:23 min | 3 years ago

" security" Discussed on Security Now

"Can better protect. Ourselves Kaspersky have released an online tool that allows you to check your MAC address against a database of victim MAC addresses, which is hidden. Good on casper ski on one hand. But on the other hand good on. Of course, they are Australia in good on Kaspersky. But on the other hand, this is highly inefficient and does not really serve the security community. So we thought it would be a good idea to extract the list and make it public. So that every security practitioner would be able to bulk compare them that is the whole list to known machines in their domain. If you are interested in the list, it can be don't downloaded here or here for the extended list, and I have a link to this page in the show notes where those here and here are links to the. The extended link lists. I also had that actually down below they. So these guys also felt that having a simple list of targeted victim. Macadear would be far more useful for large enterprises with many hundreds of thousands of systems where the stakes were pretty high. Because after all we're talking about the reliable installation of a Trojan back door by unknown actors into specific, laptops, when who knows who's, you know, specific a Seuss, laptops. So how do we solve this problem? That is the problem to these guys faced well, of course, it's a variation of the classic brute force password cracking problem. Although it's significantly simplified. Because in this case, we know that every test MAC address is a forty eight bit binary input to the cracking hash Fung. Action. And we know that half of it will be one of a handful of twenty four bit vendor. Mac prefixes it within the forty eight bit binary. So it's like a password whose length we exactly know. And and in fact, half of it is one of a subset of possible. Twenty four bit chunks. So the skylight cyber guys calculated that their own fastest of first of all day, reverse engineer, a reverse engineered the algorithm because there it was it's sitting in an ex he they used Ida idea, the interactive disassembly. It'll be fun. When in the future we start hearing about them using the NSA's tool, but that'll take a while to proliferate through the ecosystem, they figure out exactly what the hashing function was. They then designed that they took hash cat and tried to use it. But the the function was custom. So they customized and built a custom version of hash cat to reverse the Kaspersky hash functions their.

Kaspersky Australia Mac Seuss Macadear engineer Ida forty eight bit Twenty four bit twenty four bit one hand
"  security" Discussed on Security Now

Security Now

04:31 min | 3 years ago

" security" Discussed on Security Now

"And they have a camera watching your eyes. And if you look away from the road, it rumbles your seat vigorously, so there, I think this look to seven thirty seven max is crashed. Because the apparently the auto stall feature that was supposed to. You know, pull the nose down did it incorrectly and pull it down into the ground. Right. It's very similar problem. Right and pilots who didn't know enough to disable it. That's what happened. So I think it says autopilot is always going to need at least for a while. Anyway, human intervention and considered the lawsuit. I mean, it you there's just no way these car companies are not needing to be able to say we took proactive measures to to own for this to only be an assist function. Not a, you know Grohl up in the backseat and and take a nap while we drive you to work feature. So yeah. Yeah. Could really interesting topic. Yeah. So this is a classic hack. We've course we talked last week about ace's shadow hammer MAC addresses. Well, the as shadow hammer attack. How two of their download servers were infected with multiple. Of malware over a duration of five months. Presumably by a somehow someone who got an advanced persistent presence in their system and was able to do this in reporting. I did note that they were only, laptops. So that's significant because remember that one of my as I was scratching my head brainstorming where could a list of MAC addresses have been resource one of them was from WI fi heights hot spots in a mobile scenario. That's right. They say the MAC addresses, don't yes, you mobile hotspots, get the MAC addresses, and the the other interesting thing was the turns out. There was a list. A further refined list of double MAC addresses where it was the the land and the WI fi MAC address, which was known. So, you know, I don't know what that further tells us, but. That that that would potentially set I think. Yeah. One of my hypothesis is is that they had seen them roaming. They knew who they were. So they were gonna come back and get them L K. So anyway, what as I described last week? What Kaspersky did was they offered an online resource where people could put their MAC addresses in. And it would tell them whether they were all of those six hundred seventeen I think it was addresses or a downloadable tool. If you didn't want to put your MAC address into Kaspersky page, you could download a standalone exc- that would that contain them. All well. Okay. So get this for whatever reason they chose not to publish their full list. Amac addresses, right? It was give it submitted to us. And we'll tell you or download this exc- will. They obscured the MAC addresses by hashing them with a salted hash assaulted SHA to fifty six with a complex algorithm that merge, the MAC addresses in the salt several times in the hash in order to make it, you know, it just made up their own hashing function, essentially, well this apparently bothered some guys at an Australian security firm skylight cyber they wrote the question of who did this. And why is that the skylight cyber wrote the question of who did this, and why is intriguing but not one we were trying to answer in this case first things first if information regarding targets exists, it should be made publicly available to the security community. So we.

Kaspersky WI Grohl Amac first things first five months
"  security" Discussed on Security Now

Security Now

05:05 min | 3 years ago

" security" Discussed on Security Now

"So thank you cash. Life your support and thank you for supporting security now. Yeah. When I say it like that it sounds like, oh, yeah. I remember that. We decided to put less in the front just to get to the shows a little bit faster. So we moved to cash lie inside. So. As we were saying yesterday was April first infamous, April Fools day. But no one was fooling here. I just wanted to note that Android user should update or look for updates from their provider because there were a pair of critical remote code execution vulnerabilities and nine high severity privilege elevation vulnerabilities. And also an information disclosure vulnerability is all patched they were once again, the the art they are sees remote code execution problems. We're in the much troubled media framework, which of course, has been a constant source of trouble because it is a massive interpreter. And that we know how hard those are to get right? So there were two vulnerabilities. What were updated is version seven point zero seven point one point? One seven point one point two eight point zero eight point one and nine so everything essentially from seven point oh on you, depending upon where you get your Android do as it was just released yesterday update yourself because again, the what we have seen is that a patch gets reverse engineered and the bad guys jump on it, and a we know that the media framework is particularly susceptible because it is a essentially your your Android. Mobile device is a wide open. Ma looking you know, a funnel looking for things. You know tweets and snap chats and Twitter, pictures and just everything coming into it. And if it's if if there is a problem in the render of some some type of content than it's readily exploited and the bad guys are going to look at this. And they started yesterday, and they're going to try to get people who haven't updated so do so they did say of them that there were no reports of active customer exploitation or abuse of any of these remote of of these newly report issues. So these none of these are zero days, but we know that even one days is now these days enough, so we're getting fixed. Okay now. Leo as a tesla owner. This will be of interest to you. And I'm sure we have many tesla owners the attention grabbing headline, which is very very wrong was researchers trick tesla to drive into oncoming traffic. That would not be a good thing. Early for not to thank you in terms of ruining your day, pretty high up on us. And unfortunately, in this case the hack appears to a been easy to pull off. But not at all what the headlines have said there is a forty page research paper published by researchers at ten cent. Keen security lab, their paper was titled experimental security research of tesla autopilot, and I hadn't the pun of autopilot hadn't occurred to me, actually, Leo until I what's the began auto. I get it isn't that. Why never thought either is that wonderful. I don't like the name because it implies it flies itself. And it doesn't know man. And I will argue and our and our listeners, maybe a little more, even you will maybe a little more convinced of that. By the end of this because they did find something which is you know worrisome, but anyway, so they're abstract reads, and I'll share it because they did three different things. The abstract reads keen security lab has maintained the security research work on tesla vehicle. The this is a Chinese outfit, by the way. So you'll see their English is not quite you know, hours, but still very legible or intelligible on tesla. Vehicle and shared our research results on black hat USA twenty seventeen and twenty eighteen in a row based on the root privilege of the AP. E that's tesla autopilot e c you software version eighteen point six point one, and we should note. It's now at eighteen point twenty five or something..

tesla Leo Twitter Ma zero days one days
"  security" Discussed on Security Now

Security Now

03:59 min | 3 years ago

" security" Discussed on Security Now

"If I look here for the shortest one. There was actually one of the Chinese networks was. Three days eleven hours and fifty minutes. The worst was one month Twenty-three days. Okay. So that's way over on almost two months, and they had a hundred and sixty three mal wear. You are ELLs the next biggest was two hundred and fifty six Maui where you are ELLs that was a Chinese site are Chinese host to the took that reacted after one month nine days on the other hand the number one hosting site. A provider was digital ocean in the US, and they had three hundred and seven mal where you are L so more than any other provider and their reaction time was six days, twelve hours and fifty six minutes. So I know I certainly we should mention the sponsors, you know. Okay. And what people use them. So easy to spin up a site, right? Yeah. Exactly. And also, I just going to say that these guys have to be responsible because they don't want to take down Assad. They you know, they shouldn't take down a site based on a report without verifying it. So otherwise, you've got, you know, script kitties maliciously reporting good sites that they don't like as being malicious and getting them booted for no good reason. So so, you know with when you have a huge number of sites. There's a lot of remediation work at and burden that that you that has that goes along with it. So anyway, so they went on to talk about what malware was found there and that the number one malware by a long shot was something called IMO Tet, which is a very capable and increasingly flexible. Trojan, which is sort of multi-purpose it gets in. And then it's polymorphic it changes shape, it it's very hard to deal with. And of course, the bad guys are constantly churning out. New domains to host this stuff, and then spew out links and social networks and on on download sites and an an ads and wherever they can to get people to click on them to download the malware and then go from there. So boy wet that's the, unfortunately, that's the world that we live in today. Crazy chrome will be playing catch up to. I e and fire FOX when it comes to mitigating drive by downloads from I frames web browser I frames, and we've talked about them have always been frightening from a security standpoint, they're, you know, we often talk about the classic trade-off between security and flexibility. Nothing could be a better example of that than the I frame, I frame as we know is short for inline frame. It allows the designer of a web page to set aside a rectangular region a frame whose contents will be filled in by the result of an I frame URL, fetch so the origin web page specifies the URL. Then the browser goes to fetch it and to render it sort of as a many web page unto itself. And they are I frames are what have enabled the entire web browser advertising industry since they conveniently allow.

US Assad Maui one month Twenty-three days fifty six minutes fifty minutes eleven hours twelve hours Three days two months nine days six days
"  security" Discussed on Security Now

Security Now

05:41 min | 3 years ago

" security" Discussed on Security Now

"Com. It's all about collaboration. Isn't it always is it? Well, and you know, you don't have to work with anybody. But everybody else is on a team, Steve Gibson works alone. Well, but I do have the the the gang in the newsgroup. They keep Ernst. Yeah. They they're very very important to the processed. I mean, you can develop in a cocoon, but you're not necessarily going to do the right thing. And there's always stuff you miss. It's valuable. I know it is. Yeah. So I I don't really talk about IOS and MAC OS security updates about. I haven't I have a few times in the past this one caught my attention. Just because if I when I searched on the word arbitrary to page the page lit up arbitrary, yes. Because that's the phrase apple uses the phrase, arbitrary code execution. So so I believe I heard Rene say last week that he was a prized that the update was to twelve point one point three because he was expecting. I think it to go to twelve point to I don't, you know, he's the MAC. Guru follower genius guy. So I I don't know what that's about. But anyway, what we got was twelve point one point three presumably maybe apple how already has other plans for twelve point to and that hasn't happened yet. So these things apply to iphone five s and later ipad air and later, the ipad touch six generation. And you know, that caught my eye as I said because when I searched the for when I searched the Security News details page, I had the link here in the show notes for any was interested it for the word arbitrary. I got a lot Blute. Yeah. I got bluetooth an attacker in a privileged network position may be able to to execute arbitrary code. And they described an out of bounds. Read was addressed with improved input validation. But until then you've got an over the air remote codex acution vulnerability in FaceTime. A remote attacker may be able to initiate a FaceTime, call using arbitrary code execution. Get that didn't seem that bad. But still he don't want that a bunch of Colonel impacts Colonel arbitrary code execution. Those are never good. There was. In the apples live X P C, which is a part of the Iowa's process management system. There was an arbitrary code execution. Also, another arbitrary code execution in sequel light web kit had a bunch and those are not good. Because of course, that has a lot web kit is is, you know, internet facing. So there was politically a politically. This. But yeah, exactly. Processing, maliciously crafted, web content may lead to arbitrary code execution. Actually, all three of them say that. So there's a memory corruption issue as addressing with improve memory, handling a type confusion issue was addressed with improved memory handling and multiple memory corruption. Issues were addressed with improved memory handling. No, apple doesn't ever. Give us any details is just you be happy. These are no longer going to bite you and flora acetate was involved in. I remember we talked about him before or she or whoever it working with Trend Micro zero day initiative. Floro acetate reports to trend who then reports to apple also web RTC an again, an high potentially high impact because that tends to be internet facing. And so there was an arbitrary code execution vulnerability there. So. Although I've read malicious right? Oh, yeah. Yeah. Yeah. Mead. We provide the code. We're going to stuff down a throat whether you like it or not betray censo- so harmless, but exactly lately, arbitrarily it's whatever the guy wants to execute. Exactly. Yeah. Exactly. So as we know has historically been less prone to reverse engineering tax than windows yet. A lot of these seem not good. So, you know, I I don't know why it is. But I my systems update lazily it'll be like a week will go by. And then I'll, you know, something it'll begin to say, you know, we'd like to reboot your ipad or your phone or something I go. Oh, anyway. So this time I went looking, and I I was asked if I wanted to download and update and I said, yes, thank you. So. I would just suggest to our listeners again probably targeted attacks these as far as we know we'll be don't know that whether they are in the wild or not they're not they weren't disclosed zero days. So we can presume they're not. But it would be good update..

apple Rene Steve Gibson Ernst Iowa Mead zero days zero day