368: Amazon Prime Day SCAM!? (Plus, HUGE Roblox Breach!)

Episode 368 July 11, 2024 01:03:46
368: Amazon Prime Day SCAM!? (Plus, HUGE Roblox Breach!)
Technado
368: Amazon Prime Day SCAM!? (Plus, HUGE Roblox Breach!)

Jul 11 2024 | 01:03:46

/

Show Notes

It's Leak Week on Technado: Ticketmaster barcodes and Roblox customer data abound! Almost 10 billion passwords were leaked as well as part of the RockYou2024 compilation of data. In other news, European vishing fraudsters are turning up at victims' homes and Samsung workers are on strike indefinitely. All this and more on this week's episode of Technado!

Check out the articles below for more on this week's stories:

https://thehackernews.com/2024/07/microsofts-july-update-patches-143.html

https://www.theverge.com/2024/7/10/24195541/samsung-union-launch-indefinite-strike-ai-chips-pay

https://securityaffairs.com/165460/data-breach/rockyou2024-compilation-10b-passwords.html

https://www.securityweek.com/ransomware-gang-leaks-data-allegedly-stolen-from-florida-department-of-...

https://cybernews.com/security/amazon-prime-day-2024-phishing-attacks/

https://www.bleepingcomputer.com/news/security/hackers-leak-39-000-print-at-home-ticketmaster-ticket...

https://www.darkreading.com/remote-workforce/euro-vishing-fraudsters-add-physical-intimidation-to-ar...

https://www.bleepingcomputer.com/news/technology/russia-forces-apple-to-remove-dozens-of-vpn-apps-fr...

https://www.cisa.gov/news-events/alerts/2024/07/08/cisa-and-partners-join-asds-acsc-release-advisory...

https://gbhackers.com/roblox-data-breach/

View Full Transcript

Episode Transcript

[00:00:04] Speaker A: You're listening to Technado. Welcome to another exciting, riveting episode of Technado. I sound really sarcastic, but I do mean it. I do mean it. Another thrilling, exciting adventure. [00:00:17] Speaker B: Blow your mind. [00:00:19] Speaker A: We are gonna be. We are gonna have some fun today. There was, it was an interesting news cycle this week. A lot of leaks, a lot of. [00:00:24] Speaker B: Yeah, yeah. Nothing. It didn't seem like there was a lot of crazy things going on this week. Gotta be honest with you. Yeah, a few. We got some articles. Right. But nothing like, I was kind of like struggling to find a few good things, like say good thing. I, I feel like this is a good problem for us to have. [00:00:41] Speaker A: Right. Exactly. There's not a ton of bad stuff happening. [00:00:44] Speaker B: Everything just kind of settled down this week a little bit. [00:00:46] Speaker A: So everybody's coming back from 4 July. They're still hungover. [00:00:48] Speaker B: The comments are gonna be like bullshit. Daniel. Right? [00:00:51] Speaker A: You missed eight stories. [00:00:53] Speaker B: I'm sure I did. Listen, I can only do so much. I am but one man. [00:00:56] Speaker A: There were definitely some, some big things happen this week like you said. And we do have a couple of, a couple of breaking news pieces that just, you know, because we record these and then we try to check and see what's been happening while we're recording. So it's stuff that we don't have a lot of details on yet. But for instance, this week was patch Tuesday. So let's, let's allow the segment to happen. Unless Christian might have already done it. [00:01:17] Speaker B: I think he did. [00:01:17] Speaker A: You think he did already do the breaking news? [00:01:19] Speaker B: Like I saw the breaking news. [00:01:20] Speaker A: No. Okay. We're getting, we're getting word from Christian. We're having a, we can't see like the cool effects that he does it. [00:01:27] Speaker B: Has the not been done yet? [00:01:28] Speaker A: It has not been done yet. So we can't see the effects until afterwards. So we'll give him a second. Breaking news. [00:01:34] Speaker B: Breaking news. There it is. We can see that. Kind of like if I'm looking at you, I can totally see that. [00:01:41] Speaker A: Okay. [00:01:41] Speaker B: Well, yeah, she's blind. [00:01:43] Speaker A: It's behind me. I struggle. So a couple different pieces we wanted to get into this week. Of course, it was patched Tuesday. This week, Microsoft's July update patched 143 flaws, including two actively exploited flaws. So that's always interesting. Two of which have come under active exploitation in the wild. Sounds like a problem. And the CVSS scores are pretty high. 7.87.5. So that's, I mean, nothing to sneeze at. [00:02:05] Speaker B: Nope. [00:02:06] Speaker A: Had to do with elevation of privileges and platform spoofing. That's always fun. [00:02:10] Speaker B: Okay. [00:02:11] Speaker A: Anytime I see elevation or escalation of privileges that's always, uh oh, that's not good. [00:02:15] Speaker B: Well you got to think also those are going to be so privileged. Escalation is going to usually be in a post exploitation environment. [00:02:24] Speaker A: Right. [00:02:24] Speaker B: They've already gained access, you've already got real problems. Now they're just looking to continue the damn at this point and have more control, more capabilities inside of your system than they already do. And so it's good for us to go ahead and patch those things up. You know it's funny, you read a lot of these articles, especially when it comes to these patches that get released. You know, Microsoft, that's patch Tuesday. And you look through them. Now we do point out there are two actively exploited things that, so patching is a good idea at this point. But a lot of times, and if you look through this article specifically, it does it as well. There's 143, 143. And it's like an attacker could potentially do x, an attacker could possibly commit y. And it's like, okay, but you already found the vulnerability and made a pass for it before. That was public knowledge. [00:03:22] Speaker A: Yeah. [00:03:23] Speaker B: So yes, we should patch for it and we are because Microsoft kind of heavily, heavy handedly comes along, especially for the home user and makes sure that that happens, which is a good thing. But your article is a little sensationalized at that point. [00:03:41] Speaker A: Yeah. [00:03:41] Speaker B: Right. [00:03:42] Speaker A: I think that's, and that kind of seems to be the standard now. Most things, it's like I'll see something in, it's like a million people were affected. And I go in and look and it's like, okay, well a million people had like one piece of data that was exposed. Technically they're affected, but it was like their email address that got exposed. [00:03:56] Speaker B: It's a big deal that there's this gaping hole or whatever, but we found it and fixed it before anybody knew about it. [00:04:02] Speaker A: Right, right. [00:04:03] Speaker B: I mean, I know there's some, speaking in generalities here. There could be some crazy apt out there going crazy on that. But for the most part, like we probably, you know, you get what I'm saying? [00:04:17] Speaker A: Yeah, yeah, I get. [00:04:18] Speaker B: Feels like your ear. Yes, you should patch. [00:04:21] Speaker A: I guess because there's so many, those would be the ones to highlight if they're gonna specifically call out any. They did call out a couple others that were. This is a. They were publicly known at the time of release. So they were already known. A side channel attack called Fetchbench, which is a fun name. It'd be really easy to botch that one. And then CVE 2024 35 264. It's a remote code execution bug. But those were already known. And then they were. [00:04:47] Speaker B: We discovered them. We were security researchers, figured out they were there. [00:04:50] Speaker A: Right. [00:04:51] Speaker B: And then the patch was created. So that's good. It tells us that for the most part, it sounds like security is doing a pretty good job at least finding and fixing issues. [00:05:01] Speaker A: Yeah, good job. Give them a pat on the back. [00:05:03] Speaker B: Yeah, they're. They're earning their money. [00:05:05] Speaker A: Yeah, earning their keep. Cause then the rest of the vulnerabilities, of course, would be hard to go through all of them. So they group and they're like, yeah, 37 rc flaws and that. They kind of just group them together, which makes sense. Um, but patch Tuesday is always something to. To at least mention. [00:05:16] Speaker B: It is that time again. [00:05:17] Speaker A: It is about that time. [00:05:19] Speaker B: And like Wes was saying, and it's Wednesday, so it's rollback Wednesday. [00:05:23] Speaker A: Oh, yeah, that's true. Yeah. [00:05:25] Speaker B: Right. So patch Tuesday happened yesterday. It's rollback Wednesday today. And by the time you see this, it's Thursday. So you've already done all that stuff, hopefully. [00:05:32] Speaker A: Yeah. Ideally, if you've. If you've been paying attention, you've already done all that stuff. So that was one of the things. The other thing I wanted to mention is that Samsung's dealing with a strike right now in South Korea. Thousands of Samsung workers launch indefinite strike over pay. And I saw something about this. There was a. I think it was Samsung, like, weeks ago. There was, like a one day strike, and it was a day that a lot of people were already going to be off anyway. So at the time, I didn't really pay much attention to it. But now they've been talking more and more about, oh, no, no, no. This is becoming more consistent. And so. [00:05:59] Speaker B: So what's their complaint? [00:06:01] Speaker A: Pay. It's mainly pay. [00:06:02] Speaker B: So making enough money. [00:06:04] Speaker A: Well, that's always it, isn't it? Isn't it usually my money. [00:06:08] Speaker B: A union delegate for the Teamsters for a long time. Yeah. So I grew up in union halls and all my brothers were in. [00:06:16] Speaker A: I did not know that. I learned something new about Daniel. Every week, there's always new lore about Daniel. They are demanding a 3.5% increase in base salary and extra day off to mark the union's foundation day and a fairer bonus system between executives and lower ranking workers. So that's their demands. We'll see if. I guess Samsung meets the demands. [00:06:34] Speaker B: Yeah, I don't know how that works over in South Korea. Like, how, like what their unions look like and how they operate. [00:06:40] Speaker A: Yeah. Because I would imagine it's different than the US. [00:06:43] Speaker B: My dad used to say, what I do is my dad's an old. He's gone now. But he would tell me what I would do is I would go to the workers and say, what's the problem? Oh, we need a bump and pay. Okay, what are you looking for? This was back in the sixties and seventies and stuff. Oh, we're looking for ten cent raise, right? Oh, okay. So you go to the. You go to the, you know, organization, the corporation, and say, listen, these guys are ready to strike. It's getting ready to get ugly. I don't want that. You don't want that? You know, what are you going to do about it? They say, well, you know, we can. We can do something. What do you want? He goes, well, I need $0.50. They go, huff, we can't do $0.50. That's way too much. You go, well, what can you do? And they would say, well, how about twenty five cents? I don't know. Let me go ask him and see if they'd be okay with that. And he would go back to the guys and say, hey, I got you 25. They said they thought I was great. I was the best guy. Yes, yes. Give us $0.25. Well, you know, they said that was good. [00:07:59] Speaker A: And they agreed it's acceptable. [00:08:02] Speaker B: Everyone was happy. [00:08:03] Speaker A: Yeah, right. [00:08:04] Speaker B: Everyone was happy. [00:08:05] Speaker A: That reminds me a little bit of that scene of Goodfellas where, like, Henry Hills negotiate. He's like, just give Jimmy his money. Just give him his money. [00:08:10] Speaker B: Right? [00:08:10] Speaker A: And he's there on behalf of Jimmy, like, trying. Look, I don't want to be here. You don't want to be here. [00:08:14] Speaker B: Let's just. [00:08:14] Speaker A: Let's just agree. Disagree and little negotiation going on. [00:08:18] Speaker B: Kind of funny how that under promise and over delivered. [00:08:20] Speaker A: Yeah, yeah. They seem to do that in, like, job interviews, too, don't they? [00:08:22] Speaker B: Like, listen, it doesn't matter what it is. [00:08:24] Speaker A: Yeah. [00:08:25] Speaker B: Always set the proper expectation. [00:08:27] Speaker A: I want a million dollars. We can't do that. Well, I guess I'll accept something. [00:08:32] Speaker B: 500,000. [00:08:33] Speaker A: I guess. [00:08:34] Speaker B: That's all you got? Yeah. [00:08:35] Speaker A: I'm gonna have to. I'm really gonna have to cut back, but. [00:08:37] Speaker B: Okay, see, I used to. I used to do this when I. My first help desk job. Right? On my first help desk job, they would. They would. What we were doing was a lot of y two k upgrading. [00:08:47] Speaker A: Okay. [00:08:47] Speaker B: And servicing, like, you know, computer issues around. It was at a hospital it was a local. It was a chance. [00:08:53] Speaker A: Oh, okay. [00:08:54] Speaker B: So they got a bunch of computers in for these y two k upgrades. Like, they were just big shipments of hundreds of computers. And our boss would be, how many, you know, do you think you can get 100 done this week? Which was a lot, and we could do it easily. Now I go, you know, that's a lot, but we're going to work hard for. You see what happened? Yeah. And he goes, well, how long you think it's going to take? Can you do it this week? And I go, listen, I really think it's going to take a two weeks. Okay. If you can get it done in two weeks, that'll be fine. And then I would come in at a week ago. We really killed it. But we didn't. Right, but, but listen, if it. If it's like, hiccups happened and we weren't expecting something that occurred, we now had a week worth of buffer. And if we got it done in two weeks, we hit the expectation. And they were happy because we set the expectation at something that was reasonable and then anything we got that was under that, we looked like superheroes. [00:10:00] Speaker A: Yeah. [00:10:00] Speaker B: Right. Which we know we could easily do unless something came in and then we knew we could hit the set expectation. This is how this is done. [00:10:08] Speaker A: I feel like that's smart, too, because, like, if you go above and beyond, then it's like that becomes the norm. And so then you keep exceeding and exceeding, and then eventually it's like, well, I'm working at max capacity, and now this is what you think is the bare minimum. [00:10:19] Speaker B: You should always set in a little buffer of time. Things that could go wrong that you. [00:10:25] Speaker A: Cannot foresee and for your own prevention of your burnout. [00:10:28] Speaker B: What was that movie about the oil rig that in the Gulf of Mexico, and it had Mark Wahlberg in it. Oh, and he talked about how you're trying to land the plane at the exact moment it runs out of fuel. [00:10:42] Speaker A: Deepwater Horizon. [00:10:43] Speaker B: Yes, Deepwater Horizon. That was it. That's what he was telling the executives. You're trying to land the plane at exactly the moment it runs out of fuel. [00:10:50] Speaker A: Cutting it a little close. [00:10:51] Speaker B: This is not a good strategy. Do not do that. [00:10:56] Speaker A: Anyway, so. Yeah, yeah. Strike. Union strike. It was a fun little aside there. [00:11:00] Speaker B: Yeah. [00:11:01] Speaker A: And then just. I'm going to detail on it because I don't. They're doing it right now, but they're having their second galaxy unpacked event. Samsung is. So they're announcing specs about new. [00:11:10] Speaker B: Interesting to see how this affects tech. [00:11:13] Speaker A: Yeah. [00:11:14] Speaker B: Right. Like, will this there, because according to this article, they're saying that the. The workers are trying to impact chip production. [00:11:20] Speaker A: Yeah. [00:11:21] Speaker B: And Samsung has been like, I didn't know my watch. It won't. [00:11:23] Speaker A: Mm hmm. [00:11:24] Speaker B: And we'll see who's gonna win that battle. [00:11:26] Speaker A: Yeah. Who's gonna hold out longer. [00:11:27] Speaker B: Yeah. [00:11:28] Speaker A: Who's gonna wait out longer? So that's got all I had for breaking news. Unless you had anything else. I think that was pretty much to. [00:11:33] Speaker B: Go on that ride. I gotta be honest with you. [00:11:35] Speaker A: You gotta, like, recalibrate now. [00:11:37] Speaker B: Yeah, I'm just talking. [00:11:39] Speaker A: That's what makes it. That's what makes it fun, just talking. [00:11:42] Speaker B: Shut up. [00:11:43] Speaker A: You always talk. [00:11:43] Speaker B: Always talk. [00:11:44] Speaker A: So beyond the. The breaking news, just from today and from yesterday, another big story this week, getting into our articles that we've selected. Rocky 2024 compilation containing 10 billion passwords was leaked online. That's no small amount of passwords, Daniel, if I'm not mistaken. [00:12:00] Speaker B: Seems like a lot. [00:12:01] Speaker A: Seems like a lot. [00:12:02] Speaker B: Seems like a lot. So are you familiar with Rock you? [00:12:04] Speaker A: I feel like when we do some of our episodes on, like, when you're showing password cracking and stuff, that's one of the, like, lists that you mentioned. [00:12:10] Speaker B: It's kind of like the de facto, right? The rock you list is, like, the list for a lot of things. I can see why password cracking being one of them. So rockyou was like a website, I want to believe. [00:12:23] Speaker A: Okay. [00:12:23] Speaker B: And it's been a while since I've been down the history of how Rockyou became a thing in the security world. But ultimately, it was a massive database of usernames and passwords that got leaked. And the cool. Well, say the cool thing, using that word very loosely. The interesting thing about that was it gave us some insights on how people create passwords and what they're using and how they think when they're creating passwords. So you get to analyze that and use it really well. Of course, it is also legitimate list of usernames and passwords. And now you can do things like credential stuffing and brute forcing and having a good time with that action right there. It continues to evolve. It continues to. And as new breaches come along and everything, it just grows and grows and grows. And now we're at 10 billion passwords. [00:13:18] Speaker A: I know this isn't super relevant to what was posted. I just think it's funny. That was posted on July 4 by user Obamacare. [00:13:27] Speaker B: I saw that, too. [00:13:30] Speaker A: Obama did what? [00:13:31] Speaker B: Whoa. Barack, dude. [00:13:34] Speaker A: A little overkill. A little overkill. [00:13:36] Speaker B: Calm down, son. [00:13:39] Speaker A: So, like you said, this is a collection of real world passwords. So probably a lot of them are like, the common, you know, 123456 and that kind of stuff that we see, even though year after year after year, it's like, change your password, make them stronger, you always see stuff like that pop up. [00:13:54] Speaker B: Yeah. This just makes it a whole lot, you know, more effective to do, like, dictionary attacks. [00:13:59] Speaker A: Yeah, right. That's true. [00:14:00] Speaker B: Because it's highly likely that there's a lot of password reuse. So credential stuffing is always a problem. And this is why we should be using the same password. So if someone got this rock you list, maybe they get access to one thing, but they shouldn't have access to everything. If you. And you should have two fa. Right? [00:14:20] Speaker A: Yeah, yeah. [00:14:21] Speaker B: Or. Or even better, go with some sort of token or, like, a titan key or yubikey or something with that effect. And now it's even harder, right? You gotta have multi factor enabled, because then if they just have a username and password and you're not using that username and password anywhere else, you're much safer. [00:14:40] Speaker A: Right. [00:14:40] Speaker B: Not. Not saying you're completely safe. [00:14:42] Speaker A: You might get a notification that says, like, hey, press this to log in or authenticate. And then you've got an indicator. [00:14:47] Speaker B: Hell, no. You know what's funny is that that. [00:14:50] Speaker A: Works, too, because people will just be like, okay. [00:14:53] Speaker B: Yes. They just click, okay. Because the attacker will be like, well, I got a good username and password. I'll just keep spamming the hell out of someone. [00:15:01] Speaker A: They call them MFA bomb. MFA bomb or something. [00:15:03] Speaker B: Yeah. Where they just are constantly hitting your phone with, please do this, please do this, please do this. And people just get upset and go, whatever. [00:15:12] Speaker A: Yeah, I'm tired of this, bruh. [00:15:14] Speaker B: If I'm getting that, my heart is gonna jump out of my throat and I'm running to my computer. [00:15:19] Speaker A: I'm changing every password. [00:15:20] Speaker B: I'm changing passwords, like, whatever the hell that is. The password is getting changed. [00:15:24] Speaker A: Yeah. [00:15:24] Speaker B: I start getting nothing but notifications about, hey, click this to allow. Click this to allow. Click this to allow. Are you logging in? Are you logging in? Is this you? Is this you? I don't care if it's 03:00 a.m. i am out of bed and my laptop's opening up. Changing that password. [00:15:40] Speaker A: Why take the chance? Yeah, I did think it was nice that they had. I know there's, like, a haven pwned and stuff where you can check if your information's appeared in, like, a leak but specifically, they had one that you can check for, like, if your email or phone has been leaked, but another one where you can specifically check if your password has been leaked. And because you're providing it without like a username or email or anything, it's just the password by itself. So, like, I don't know. Let's just say password. I am typing password. I'm not. This is not a real password I use. And let's see. Oh, no, it's been leaked. Oh, I can't. I would never have guessed that that had been leaked. [00:16:11] Speaker B: You know what? Try password one. [00:16:13] Speaker A: Oh. [00:16:13] Speaker B: Oh, yeah, that's going to be way more. [00:16:16] Speaker A: And that was that. More time. [00:16:17] Speaker B: No, no. Throw an exclamation point on the end of. There you go. You're good to go now. Son of a. Spring 2020. [00:16:27] Speaker A: I did try it with like, what made me spring 2025 already. People are out of the curve. It's not even 2025 yet. [00:16:34] Speaker B: Listen, because that is a known pattern of people, how they create passwords. They think that they're clever because they're just trying to satisfy the requirements of the password device. Right. The password policy. [00:16:48] Speaker A: Just hurry up, get past it and. [00:16:50] Speaker B: It needs to be easy to remember. [00:16:52] Speaker A: Yeah. [00:16:53] Speaker B: Right. So this is the failing behind. We talked kind of a little bit about this last week. That's why it is better if you couple that with some sort of multifactor and if you then are using a solid password manager that can generate secure passwords that you don't need to remember. And yes, I understand. Listen, we cannot cover everything. Please understand that we're just talking here. We're just kind of riffing off the top of our heads. Yeah, this is an in depth topic that we cannot plumb the depths of in ten minutes in a segment. [00:17:27] Speaker A: Right, right. [00:17:28] Speaker B: There's a lot to it, but by and large, basically what you do use, password manager. Use the generator that's in there to create secure passwords for each site. They're all unique, they're all random. And I'll couple that with multi factor and this is what gets you to closest to. If you have like a yubikey or Titan key, even better. [00:17:48] Speaker A: Yeah, I'm like the annoying friend and relative now that, like at family gatherings or whatever, that if somebody's talking about, oh, I gotta put in my password. I'm like, you know, you really should be using a password manager. I'm telling you, I am like the irritating, like, okay, I get it, I get it. You like your password manager. I'm not. [00:18:01] Speaker B: You had a religious experience I have. [00:18:03] Speaker A: Now that I'm using you, you are. [00:18:04] Speaker B: Sharing the password gospel with everyone. [00:18:06] Speaker A: I used to keep them in my planner. I can't believe now that I did that, because I take my planner with me everywhere, but, like, it could easily get lost. [00:18:12] Speaker B: So one of the favorite items for, if you're doing, like, dumpster diving is. Is those desktop calendars. Yeah, because people write their passwords and stuff in the margins and. Cause they sit on your desk all year, and then you throw it away and you go, yeah. I wonder if any of those are still good. [00:18:28] Speaker A: Yeah, doesn't hurt to check. Yeah, doesn't hurt to check if you're a bad actor. [00:18:32] Speaker B: Right. If I was a red teamer and I was doing, like, physical assessment, sure. I would absolutely be looking. Man, that is gold. Because I guarantee if those passwords don't work, some derivation of them will. [00:18:44] Speaker A: Yeah. So like you said, there's, I'm sure, a lot of nuance, but by and large, I think that's a good solution you proposed or, you know, way to try to prevent against your credentials or your accounts getting access. We want you to be safe. We care about you. I know it doesn't seem like it by the deadness in my eyes, but we do care about you. [00:19:00] Speaker B: The soulless. [00:19:02] Speaker A: It's just the way my eyes are. I can't help it. I just constantly. I look like a fish, you know? I can't help it. Anyway, moving on, we've got a couple other articles to get through. Ransomware gang leaks, data allegedly stolen, allegedly from Florida Department of Health. I'm covering this because it's no secret that, like, I'm from Florida. We live in Florida. I am a big. I enjoy Florida. I'm a Florida enjoyer. So figured we would touch on this 100gb of data from the Florida Department of Health claimed by the ransom hub. Ransomware gang. And they're no, they're no stranger to the ransomware gang, given their name, but they're a pretty big group that's been busy this year. [00:19:34] Speaker B: I'm just hearing their rap song in my head. Ransomware. Ransomware. Ransomware. [00:19:38] Speaker A: Like Gucci gang. [00:19:39] Speaker B: Yeah, like Gucci gang. The ransomware gang. [00:19:41] Speaker A: Oh, man, that's a horrible song. It's a horrible song. [00:19:44] Speaker B: I don't think. Does it qualify as a song? [00:19:46] Speaker A: I mean, it's noise for sure. It's definitely noise. I haven't heard that in forever. [00:19:50] Speaker B: You, rap is fine. Hip hop. [00:19:52] Speaker A: Oh, sure. [00:19:52] Speaker B: Yeah. [00:19:52] Speaker A: But that's different. That specific one, fans of rap would agree with you. That. That's. That's. It's like a joke song. People listen to it as a joke. I don't think it's really taken seriously, and rightfully so, anyway. So ransom hub, they. They began publishing allegedly this stolen information over the weekend because they obviously demanded a ransom. And the Florida Department of Health didn't pay the ransom. The deadline was last Friday, but that's because under Florida law, government entities are prohibited. You can't pay ransom. We don't negotiate with terrorists. [00:20:19] Speaker B: We do not. [00:20:20] Speaker A: Like Daniel was saying earlier. So you can't have it. [00:20:22] Speaker B: It's just encourage them. [00:20:24] Speaker A: Yeah. You pay the ransom, and it's like. And then there's no guarantee you get. [00:20:27] Speaker B: Your cyber insurance company to pay the ransom. [00:20:29] Speaker A: Yeah. Right, right. [00:20:30] Speaker B: That's pay. [00:20:31] Speaker A: Yeah. Think smarter. Not. [00:20:32] Speaker B: That's right. [00:20:34] Speaker A: So. And I guess, too, like I was gonna say, even if you pay the ransom, there's no guarantee that they'll actually then release your data or delete it or whatever. But the ransomware gang has motivation to do what they say they're gonna do, because if they don't keep up their end of the deal, I guess the. [00:20:47] Speaker B: Question becomes is, like, will. Will the. You know, the. This agency follow that procedure. Right, and that mandate to not pay out? And then if that is the case, then what is the incentive for a ransomware gang to go after someone that is not going to pay? [00:21:04] Speaker A: Yeah. If you already know, that's. [00:21:07] Speaker B: If your whole purpose in life is just get as much money out of people as you can. [00:21:10] Speaker A: Yeah. [00:21:11] Speaker B: Makes me think that, like, maybe we're not too far off that they don't pay, but they pay, right? [00:21:18] Speaker A: Officially, right. [00:21:19] Speaker B: We don't pay in pay. Yeah, because otherwise somebody got paid. [00:21:22] Speaker A: Like, why would you ever, for the purposes of extorting money, why would you then go after a government entity like this? If you were. If you were, like, a hacktivist or something, and you were like, I'm taking this information because I'm gonna publish and expose you or whatever. [00:21:32] Speaker B: But you're not for money at that point. [00:21:33] Speaker A: Yeah. [00:21:33] Speaker B: Just after change, you're hell bent on causing problems. Causing, like, bringing attention to your cause. [00:21:39] Speaker A: Or the cases, so. And in this case, it was a pii. So, like, names, addresses, phone numbers, Social Security numbers, all that stuff. Like, just patient information. [00:21:47] Speaker B: So all the oldies were goldies, right? [00:21:49] Speaker A: Yeah. Right, exactly. All the common offenders that we see. [00:21:52] Speaker B: Here, your favorite hips from seventies, eighties. [00:21:55] Speaker A: And today, some interesting stuff like dental services data that it's like, I don't know how you would use that. I'm sure you could find a nefarious use for that, but I mean, I don't know that I really want that out there. [00:22:04] Speaker B: So this is how I've kind of like, understood it and seen it is because it's like, what do you care whether or not I had a hip replacement? Yeah, what do you care whether or not I had a root canal? Like what, how is that information useful to an attacker? Well, a, you know, it's, it's ransomware data. So I've crypto locked your system. If you want to get that system back, you have to pay the ransom. And then if it's double extortion, then it's like, hey, I'm going to leak all this information online, so you got to pay me again if you don't want me to do that. How this works, and the reason that becomes like, a useful thing to do for those ransomware gangs is because if I know that you had a hip replacement, I can now call you and say, hey, I'm with doctor so and so's office, and we know you had a hip replacement and we really want to sign you up for this. And now let's, let's start getting. And they start conversations with people and they use that for identity theft because. [00:23:03] Speaker A: You think, well, they wouldn't know all this information unless they're really representative of this office. [00:23:08] Speaker B: They have all this information about you that, you know isn't public. [00:23:11] Speaker A: Yeah. [00:23:12] Speaker B: Right. So the only way they can talk about case numbers or, or, you know, your account numbers and everything because they have all that how. The only way you would have that is if you were legit. [00:23:23] Speaker A: Yeah. [00:23:23] Speaker B: So it gives them the legitimacy they need to be able to extort people. [00:23:26] Speaker A: Yeah, that's a good point. You can always find a nefarious use for information somehow. This is the same group that was responsible for the attack on frontier communications that we talked about earlier this year. So like I said, they've been dizzy and we'll see if Florida department of Health, they've not obviously given any kind of a statement or anything. They tried to reach out to them and haven't heard from them. I'm not surprised. They're probably a little busy right now, I'm sure, dealing with this. So to see if anything more comes out about this. [00:23:50] Speaker B: Just 1 minute. [00:23:52] Speaker A: Be right with you. I'm a little busy right now. [00:23:54] Speaker B: Sucks. [00:23:55] Speaker A: It did say obviously disrupted a bunch of services, but one that they called out specifically was the online system used for birth and death certificates, issuance. So if you're having a baby this past week. It's like, sorry. [00:24:05] Speaker B: They're gonna slow roll that certificate for a little bit. [00:24:07] Speaker A: Yeah, yeah. A month later, you're like, sorry, what day was that again? What time? [00:24:10] Speaker B: Cause then I need a birth certificate for my job. [00:24:13] Speaker A: Like a piece of notebook. [00:24:14] Speaker B: I mean, think about the disruption that causes, like, even. Especially with death certificates. [00:24:19] Speaker A: Yeah. [00:24:19] Speaker B: Right where I need you to stop this service. I need you to stop this payment. I need you to stop this, that, the other. Because they no longer are here with us. [00:24:27] Speaker A: Yeah, that's right. [00:24:29] Speaker B: So please stop. And they're like, not until I get a death certificate. [00:24:31] Speaker A: Yeah, I didn't think about that. [00:24:32] Speaker B: Yeah. [00:24:33] Speaker A: Interesting. Hopefully they're able to get stuff back online sooner. [00:24:36] Speaker B: You probably haven't had to go through that a lot in your life. [00:24:39] Speaker A: Because I'm sitting here alive in front of you. [00:24:41] Speaker B: No, because you haven't had a lot of relatives. [00:24:43] Speaker A: That's true. That's true. And. Yeah, any relatives that I had passed away or. It's. I was so young that it's. I was not. [00:24:48] Speaker B: It wouldn't have affected you. [00:24:49] Speaker A: Yeah. It's not like, oh, yeah, I had a spouse or whatever. [00:24:52] Speaker B: As a younger person. [00:24:53] Speaker A: That makes sense. That makes sense. And I'm also not dead, which is. [00:24:56] Speaker B: You know, which you still wouldn't be taking care of it at that point. [00:24:58] Speaker A: Again, I know it's the expression, but I am not dead. I promise. [00:25:02] Speaker B: She's the undead in a little bit more. [00:25:05] Speaker A: Well, I guess it's not happier news. It's different news. Social engineering. We're going to talk about that. Social engineering attacks take center stage on Amazon Prime Day in 2024. To be clear, it's not Amazon Prime Day yet, but they do all these early prime deals, so it's basically like a month long affair. [00:25:19] Speaker B: Yeah. So it says Amazon Prime Day, which falls on July 16 and 17th. [00:25:23] Speaker A: Yeah, some next week. [00:25:24] Speaker B: Is it like a. Is it like a 24 hours period that starts in the morning of the 16th? Yeah. How are we working? How was two days prime day? Yeah, it just doesn't make sense. [00:25:36] Speaker A: It's like a Black Friday is like a week long ordeal now. [00:25:38] Speaker B: Just call it something else. Yeah, I know it started off as prime day, and you don't want to lose that marketing campaign, but just make prime day and then make like another day. That's two or three days. Whatever. [00:25:47] Speaker A: Yeah, prime prep day. Prep for prime day. So they're saying that while you shop, cyber criminals lurk in the background waiting to steal your credentials. Ooh, that makes it sound so spooky, but I could see how if you are thinking like, oh, I gotta get these deals, you might be eager to make a purchase and not pay as much attention to what you're purchasing or, like, the details surrounding it. [00:26:05] Speaker B: Well, let me think about how phishing works. It's social engineering. [00:26:10] Speaker A: Right? [00:26:10] Speaker B: Right. At the. At the base of a phishing campaign is social engineering. I want to, as an attacker, take advantage of pressure. I want to use pressure to push you into doing something that you probably normally would be a little more like. [00:26:27] Speaker A: You know, a little more skeptical. Right. [00:26:29] Speaker B: But because of the time sensitivity and you want to get those deals, and you are getting legitimate ads left, right, and center. Now I can just kind of, as an attacker, hide and obfuscate myself in the milieu of all that. [00:26:44] Speaker A: Yeah, right. [00:26:46] Speaker B: I get to blend into that traffic and make that deal that looks just right. And if I'm doing my job as someone who's using a phishing campaign, that's what I'm doing. I'm not going like, hey, buy a car for $4. [00:27:01] Speaker A: Yeah, right. [00:27:02] Speaker B: You make it reasonably like, oh, man, that is, that's the sweetest deal. And yet it's not unbelievable, right? Those are the best fishes. I shouldn't be telling you this now. [00:27:15] Speaker A: You know. You know that if you see something that's like, that's just too good to be true. [00:27:19] Speaker B: But if you see MacBook pros for $200, that's too good to be true. That's never going to happen. [00:27:24] Speaker A: Anthony was telling me about how I think it was a relative of his that got scammed because she saw a deal for like a kayak or something for a ridiculously cheap amount of money, $50 or something. And she was like, this is a great deal, and paid it. [00:27:37] Speaker B: Oh, crap. [00:27:38] Speaker A: She did receive something in the mail. It was a postcard of a kayak. So they did send her, I think, the picture that she thought that's like. [00:27:46] Speaker B: Talking about insult to injury. [00:27:47] Speaker A: So it looked, she was like, this apparently looked legit, and, oh, it's gonna be true. I got it. I gotta, you know, grab it while I can. And they did send her something. [00:27:54] Speaker B: Yeah, it's just not guarantee. In the fine print of that, it says, that's what we're sending you. [00:27:59] Speaker A: Yeah. She thought it said the kayak pictured, and it said the picture of the kayak. That's what she was be receiving. So anyway, I may. I may have the deed may, I don't know what relative of his it was, but just thought that was interesting that somebody we know, it's the people closest to us. So this is why we talk about this stuff so that you know and you can stay vigilant. And then they also listed some Amazon websites, some fraudulent Amazon website typo squatted. Yeah. Like stuff and stuff that like Amazon Dash onboarding. Which is interesting. I would think like if I'm an employee of Amazon maybe. But. But a lot of times if you're not paying attention to the URL, see. [00:28:31] Speaker B: The Amazon and you think a lot of people just see that and their brain goes cool, legit. [00:28:35] Speaker A: Yeah. [00:28:35] Speaker B: Right. So yeah. [00:28:37] Speaker A: Or the specifically targeting like unique URL's to like different countries. So like Amazon Indo Amazon MXC that are like the Amazon Mexico domains. [00:28:46] Speaker B: Yeah. [00:28:46] Speaker A: So something to look out for. Pay attention to the URL's. [00:28:49] Speaker B: It's gotta be very, very scrupulous. Yes, scrupulous. Thank you. That was exactly the word I was looking for. [00:28:55] Speaker A: Same wavelength. That's the one time that'll happen today. [00:28:57] Speaker B: Yeah. [00:28:58] Speaker A: And then phishing attempts, like you said. So credential harvesting, fishing attempts. And they've got some tips here for how to avoid scammers about checking URL's, using strong passwords. All the regular things that hopefully you're doing anyway, but especially surrounding an event like this where people are making a lot of purchases and trying to get good deals. [00:29:14] Speaker B: Think before you click. [00:29:15] Speaker A: I'm going to probably be making some Amazon Prime Day purchases, I'm sure. But it's just something to keep in mind if you are, you're gonna be partaking in that. So I'm glad you brought that one up. [00:29:23] Speaker B: Cause it's just good. It's a good PSA, right? [00:29:26] Speaker A: Yeah. Good PSA awareness. [00:29:27] Speaker B: Enjoy prime day. Prime days. Cause it's really prime days. [00:29:33] Speaker A: That was like you imitating like a phone buzzing. I don't really. Little onomatopoeia. [00:29:37] Speaker B: Just be careful. [00:29:38] Speaker A: Just be careful. And in other, I guess related news, as far as being careful about the stuff that you're picking up, the things you're purchasing. Hackers are leaking supposedly 39,000 print at home Ticketmaster tickets for 154 events. Probably. If you've seen this, the big event name that's been highlighted is Taylor Swift. But there were other ones as well. Foo fighters and Pearl Jam and other groups and events. Fish with a ph. I didn't know they were still touring. I know who they are, I just didn't know they were touring. That's like. I think my dad used to listen to them on the radio. Whatever. [00:30:07] Speaker B: Nineties. [00:30:08] Speaker A: I'm sure jam band would make sense. And we talked about this, I think, but previously it was that they were leaking information and credentials and stuff, and now they are leaking barcodes for printed home tickets. But I was thinking about this earlier, like, also people could just print out these barcodes that have leaked and then take them in. But I would think if, like, to combat this, maybe then as Ticketmaster, you start demanding then proof of purchase as well at the door, like, okay, you've got a barcode for your printed home ticket. Let's see the receipt. Let's see the email confirmation that you bought it. Kind of a thing. [00:30:37] Speaker B: Yeah. I mean, how. How will that affect the efficiency of getting people into the venue? [00:30:46] Speaker A: Yeah. [00:30:47] Speaker B: Right. Will that make it such a hassle that people kind of go, I guess I'm not going, or maybe I go get a refund. Cause I just want to deal with this. [00:30:54] Speaker A: Yeah, right. Yeah, good point. [00:30:56] Speaker B: That's. And I'm guessing it's all those things combined that are. Is the. Is the pressure on Ticketmaster to pay these people the money they want? [00:31:07] Speaker A: And this is the second, the Taylor Swift thing. It was specifically last week, over 150,000 Taylor Swift ticket barcodes. And they said, we want 2 million for these. And this is the second instance where it's 39,000 and they're demanding half a million. So, yeah, I'm curious. If Ticketmaster, like you said, you shouldn't pay the ransom, but some companies do. [00:31:26] Speaker B: So did we see, I didn't read whether. How they. How they actually made. What was the initial access into their systems, into Ticketmaster systems. [00:31:34] Speaker A: That's a good point. [00:31:36] Speaker B: I had to guess. I would say it was a phishing campaign. [00:31:40] Speaker A: Yeah. [00:31:40] Speaker B: And somebody clicked a link, or it was credential stuffing something. You know, it's so funny to me how a lot of these big hacks, some of them are, like, legit. Like, we had a very recent software exploitation, and they were able to make their initial access through that. But a lot of times, it's just somebody in the company clicked the link. [00:32:03] Speaker A: Yeah. [00:32:03] Speaker B: And then through that, they leveraged it to be able to get into the systems, and now they're crypto locked and everything's going haywire. [00:32:09] Speaker A: Yep. [00:32:11] Speaker B: It amazes me that this is the world we live in back in my day. Yeah. You know, and a lot of. So a lot of security. So, pen tests. Red team, what's the word? Oh, my God. I'm losing my mind today. Yeah. Engagements. That's the word I'm looking for. Yeah. A lot of red team engagements, pen testing engagements. They start with assumed breach because it's most likely going to happen. [00:32:40] Speaker A: Well, and they say you should assume because then you know what you're looking for actively. [00:32:43] Speaker B: So Ben Fink from ondefend, right? Me and him had a conversation about this. We were talking. I said, how often do you get to do a phishing campaign? He's like, not very often. On their pen test engagement. It's kind of rare. I said, why is it egos? Because they know that it's going to be effective. So we just go ahead and start. [00:33:02] Speaker A: With assume breach, take out the middle, skip a step. [00:33:06] Speaker B: This is, this is very disheartening. [00:33:09] Speaker A: Why waste our time? [00:33:10] Speaker B: The fact that there is no possible real means to stop them from phishing campaigns being effective. [00:33:17] Speaker A: Human error will always, always be, yeah, it's a shame. Nobody's per Poddy's nerfect, right? So. [00:33:23] Speaker B: No, it's much, we need, we need better systems. And this is where it starts getting like, oh, okay. [00:33:28] Speaker A: Yeah, because I mean, you can do training and training is great. Security awareness training, all that stuff. But you could do training to the end of the world. [00:33:34] Speaker B: And it, it's always a non zero sum of, like, there will still be. [00:33:38] Speaker A: Somebody that will click on a link and a convincing email. Convincing link at some point is going to get through. So it's, yeah, it's an unfortunate reality as far as, yeah, the initial access, it's not talked about in this article specifically. Just because this Ticketmaster stuff's been going on for a while. This is just the latest. This is the shenanigan that they've gotten into. I will say. I can respect that. They release ticket data for a good spectrum of concerts. It wasn't just Taylor Swift and carpenter and pop artists. It was Alanis Morissette, fish, pink suicide boys, which I was like, oh, okay. [00:34:09] Speaker B: I'm not familiar with them. [00:34:10] Speaker A: Okay. You wouldn't like them. They're relatively new in the last few years. You wouldn't like them. [00:34:14] Speaker B: What kind of music do they make? [00:34:16] Speaker A: Good question. It's very, no, it's kind of intense. It's not like Joji. It's very like, it's rap, but intense. [00:34:26] Speaker B: Really? [00:34:26] Speaker A: Yeah. I don't really know how to describe. I don't know. I'll see if I can kind of, I'll see if I can find a genre name for them. I don't know how to describe it off the top of my head, breaking new ground, but very, like, intense lyrics. Very like, oh, okay. That was a lot. But yeah, so that was a lot. Ticketmaster is like, hey, those barcodes aren't gonna work. And the people that leaked the ticket barcodes are saying Ticketmaster lies. Ticketmaster says they don't work. But the Ticketmaster barcodes do work, so who knows? Don't go trying it. That's not a good idea. You shouldn't do that. [00:34:54] Speaker B: Yeah, because would you not be a thief at that point? Yeah, like, let's say I grabbed one of those barcodes and showed up with my swifty shirt on, as I do. [00:35:03] Speaker A: That you definitely own. [00:35:04] Speaker B: Yeah, I have a whole closet full of them up. Of course. Listen, I celebrate her entire discography for every era. She's amazing. I'm sure, like, the true musical genius of our time. [00:35:15] Speaker A: She's the Beethoven of our time. [00:35:17] Speaker B: Truly, Mozart has nothing on Miss Swift. [00:35:21] Speaker A: But if you did that. Yeah, you would be right in the law. Yeah, you'd be stealing the law to. [00:35:28] Speaker B: Steal access into this. [00:35:30] Speaker A: That's literally so true. Well, it's a good thing that as much as a fan of Taylor Swift as you are, you'll refrain, I'm sure. I don't know that they can keep you away from the fish concert, though, so we'll have to keep an eye on you for that one. [00:35:40] Speaker B: Yeah, you might have better luck at. [00:35:41] Speaker A: The fish concert, honestly, really funny. If a fishing attack led to the leaking of fish tickets, which is spelled. [00:35:47] Speaker B: P h I s. Exactly. [00:35:48] Speaker A: Yeah, that'd be pretty funny. I mean, funny irony, not funny. [00:35:51] Speaker B: Yeah, the irony, right? It'd be ironically funny. [00:35:53] Speaker A: It would not be. I would not be laughing. Nobody's laughing. It's not funny. It's no laughing matter. [00:35:56] Speaker B: Listen, I would boot stomp any. Yeah. [00:35:58] Speaker A: Just making me angry just thinking about it. [00:36:00] Speaker B: I could see you just spinning around like a little tasmanian devil. [00:36:03] Speaker A: I'm spitting angry. [00:36:05] Speaker B: Yes. [00:36:05] Speaker A: I am a. I'm a whirling vortex of terror. That's what I am right now. I need to. [00:36:09] Speaker B: Vortex of terror. [00:36:10] Speaker A: Yes. From a kicking and screaming, I think, with Will Ferrell. It's a good movie. [00:36:14] Speaker B: Did I see that? I don't think I did. [00:36:15] Speaker A: I recommend it. [00:36:16] Speaker B: Check it out. [00:36:16] Speaker A: It's a cute movie. It's fun. I got to take a break, though, because I got to calm my emotions down. I'm so angry about this so sexy dust. When we come back, we've. We've got a lot more fun stuff that we're going to talk about. Well, fun is a strong word, so stick around for after the break to find out what the heck I'm talking about. We'll be back with more technato. Anthony, what are we going to be talking about? [00:36:33] Speaker B: We are talking about our newest and most excellent cloud plus course. This course really does an amazing job of taking the learner from the very fundamental aspects of cloud and then walking them through some of the more advanced topics. They're going to learn about how to secure the cloud, how to optimize the cloud, how to save costs with the cloud. So this is not a course with complete bias to AWS or Google Cloud platform or Microsoft Azure. We breathe life into this material by doing demonstrations across all of the big three cloud vendors. [00:37:18] Speaker A: We have a lot of fun in cloud and we know that you will too. So come check it out. Welcome back for more tech NATO, thanks for sticking with us through that break. Hopefully you're enjoying the episode so far. We would love to. Why are you laughing at me? [00:37:33] Speaker B: Because I'm just thinking before the break we said you were going to go through a little, get a little pressure. [00:37:38] Speaker A: Release and then I went welcome back. I drank more of my celsius and I got an energy boost. If there's anything like Daniel was saying earlier, any stories that you want us to cover, anything you feel like we missed, what you want to see in the future, leave a comment. We love to hear it. I heard that Spotify is rolling out comments on podcasts now, so they're trying to compete with YouTube a little bit. So if you are a Spotify, usually I say, oh, go to the YouTube channel. If you're a Spotify enjoyer and you can comment there, feel free. I'll let our team that does the uploading there, check the comments, check the comments. If they do continue to roll that out, maybe it'll fail as a feature, but hopefully it works out. And of course subscribe if you haven't already so you never miss an episode in the future. If you are enjoying the content. So far, we got a couple more articles we're going to get into here. This is going to be an interesting one. Eurovishing fraudsters. Those all sound like fake words. Add physical intimidation to their arsenal. So it's not just manipulating emotions. And you know, I really need your help. I'm a nigerian prince and I need this money now. [00:38:34] Speaker B: It's manipulating your kneecap. [00:38:39] Speaker A: That's the only way to put it. Yeah. Yeah. They've announced the arrest, Europol has, of 54 people in connection with a phishing scam. That has a lot. It seems like a lot, a decent amount in combination with social engineering tactics and physical threats. So this is a fun one. I don't know that this is like a super common thing that you hear usually. [00:39:00] Speaker B: I feel like, I feel like you would know more about this if this was common, but I don't hear about this very often, which is why I chose this article, which it's like your standard fare of here comes the phone call. So a, they're kind of, you don't notice they're talking about vishing. So they call you on the phones, voice phishing, and they say, hey, you know, and they use social engineering tactics to try to elicit information out of you. And then they use that information to, you know, do identity theft and x, y and z, whatever, you know, horrible thing that they decide to do that weekend from there. So I think if I'm remembering correctly, and I see Sophia's kind of scouring the article right now, so you keep me on point. They, once they have some information, they then use that to get basically you to give them credit card numbers, things of that nature. [00:39:51] Speaker A: They show up at their homes eventually. [00:39:54] Speaker B: Yes, they're showing up and I think they're trying to like, say, hey, let me mark your ATM card and I'll go to the machine. Or they take them to the ATM and get them to withdraw money. [00:40:05] Speaker A: Isn't that just like, okay, take the, take the vishing out of it. If nobody called me ahead of time, if somebody just went up to my door at random and they were hoping to find somebody that was going to, I mean, if they just knocked on my door and then I opened it and they were like, give me your money. Give me your bank card, that's already. Without the vishing, I feel like that's a crime that already exists. Like, even if somebody didn't get my head. [00:40:26] Speaker B: No, I came and strong armed you to the bank. [00:40:28] Speaker A: Even if you're not physically beating me. [00:40:30] Speaker B: And said, give me your card and your pin. [00:40:32] Speaker A: Yeah. Just to show up and like, threaten me without threatening me. Like, it should be a shame if you didn't give me that pin number. [00:40:39] Speaker B: Like, be a real, real shame. [00:40:41] Speaker A: That by itself is bad enough, but then to go through the effort of like, ahead of time, it's a real. [00:40:46] Speaker B: Nice collarbone you got there. I would hate to see something bad happen to you. [00:40:52] Speaker A: Definitely in conjunction with phishing or vishing. Yeah, I've definitely never heard of. Usually it's like, like you said over the phone and like that one video of that guy that was like, freaking out because the person was going to redeem the codes that they bought and he was like, do not redeem it. [00:41:06] Speaker B: Do not redeem it. [00:41:07] Speaker A: The scammer, that's usually as far as it goes. As far as them getting angry or being threatening. [00:41:11] Speaker B: Yeah. Because usually that kind of like. So I think this is in Spain in an american context, Sophia is kind of alluding to is that a lot of scammers come from India, and those indian scammers will call and get people to go buy gift cards and then give them the redemption codes. And someone was, like, trolling with them and go, I'm gonna go ahead and redeem that code. They're like, no, no, no. [00:41:32] Speaker A: I will redeem it. Do not redeem it. [00:41:34] Speaker B: I will. I'm typing it in, so redeem it. And they're just trolling them and having a good time. It's kind of funny to watch that happen. These people are basically just going, okay, we've got the right person, and then they show up on your doorstep, right, saying, we are going to hurt you if you do not give us your card and your pIn number so we can go take your money out. [00:41:58] Speaker A: Because if you get a call and they're asking for information, and you give them a name and an address, and then it occurs to you, like, this is not legit. And even if you don't give them any financial information or anything that's super sensitive, it doesn't matter if they're. If they're engaging in this kind of a tactic, because they've already got your address. So you don't. Even if you're savvy enough to recognize this seems like a scam. They've got your address. What are you gonna do if they show up and are like, give us your money, give us your card, whatever? You could be the most savvy person in the world. [00:42:27] Speaker B: I think in my mind, there used to be a poem by a man. His name was Colt, Sam Colt. And he used to come in the box, and it said something to the effect of, be afraid of no man, regardless of his size. When danger happens, call on me and I will equalize. Yep. It's like. But nowadays we got, like, ring cameras and things, so don't answer your door. I mean, I don't. [00:42:50] Speaker A: Yeah. [00:42:51] Speaker B: Unless I know who it is. I'm like. I'm looking at my camera and going, who are you? [00:42:55] Speaker A: If I get a knock on the door, it's the Amazon delivery guy, and I don't open it. I wait for him to go away, and I go out and get my. [00:43:00] Speaker B: Package, we wonder why we're not a friendlier society. Cause I gotta worry about, like, home invasions. [00:43:05] Speaker A: Yeah. People will be like, these millennials and these Gen Z'ers, they don't. They don't even, you know, neighbors, they don't communicate. I'm like, but that's because if somebody knocks on my door, I'm like, somebody's here to hurt me. It could literally be the most innocent thing in the world. And I'm like, I wonder if that's. [00:43:17] Speaker B: Like, is that a skewed reality? Because we see media sensationalizes everything they can nowadays because it gets views, it gets clicks. So is now, are we perceiving a more dangerous reality than we actually live in? [00:43:33] Speaker A: It's definitely possible. [00:43:34] Speaker B: Or is it. Society has changed and people are just horrible. [00:43:39] Speaker A: And I think it's like a, do I really want to take that risk? Like, even if the odds that the person standing at my door is, you know, 75% chance that it's a totally harmless person, they just start, hey, can I borrow an egg? Or if people still do that, right? Do I want to take the chance that if. Okay, the worst thing that happens if I don't answer the door is they're like, wow, what a jerk. Like, she didn't answer her door, and then they walk away, or they think I'm not home. That's the worst that happens, is I get a reputation of being antisocial. I can deal with that. Like, if I answer the door and it is a threat, the worst that happens is I die. So, I mean, I know that sounds extreme, but, like, that is the worst that happens. [00:44:12] Speaker B: Yes, absolutely. [00:44:12] Speaker A: Do I want to take that chance? [00:44:13] Speaker B: So it's just simple. I think some Navy Seal was talking about, if you. If you sense danger, right. The best thing you can do is run away from it, right? I don't care who you are. You're tough guy, you're tough, whatever. Forget that noise. Just don't engage where the danger is, and then you will avoid dangerous situations. Like, but if these people are coming to your house, best thing you can do is just not answer your door. Now, you don't know that that's who it is when you knock. And of course, societal norms are your door gets a ring at the bell, you open the door and go, hello, how are you? What can I do for you? Yeah, so this is. This is crazy. This is why it's, like, another reason to avoid answering my door is that my vissers might show up. [00:45:00] Speaker A: And I guess at the beginning of this whole process, you could avoid answering the phone to a number you don't. [00:45:06] Speaker B: Know now, I guess that is my modus operandi. I don't remember. I do not answer it. [00:45:11] Speaker A: It's especially nice now because I don't know about Android. I'm sure Apple seems to be behind whatever, Android spam, right? It'll say, like, scam caller, potential spam or whatever. And then I just. Or potential political caller. I don't pick up. I'm like, I don't want to deal with that. I'm not answering that. [00:45:22] Speaker B: I'm good. [00:45:23] Speaker A: And. And then if it's a number that does not say that, and I answer it, and it's like, hello, embassy sweets. No. Like, I'm not even gonna hear you out. No. Unless I have some time and I feel like messing with you. But, like, most of the time, I'm not even gonna. I'm not even gonna. [00:45:36] Speaker B: My philosophy is, if I don't know the number and you are someone that legit needs to get ahold of me, you will leave a message and I will call you right back. [00:45:43] Speaker A: Yeah, yeah, that's a good point. [00:45:45] Speaker B: The end. [00:45:45] Speaker A: So it seems like maybe some of this could be avoided if, you know, people are vigilant. It's easy to say I'm not the one dealing with this, but being vigilant and not answering to numbers you don't know, not giving information over the phone like that, there's a lot of ways. [00:45:58] Speaker B: And if you. If you're trying to scam me to say you're from x, y or z organization, that I actually say you're my bank or whatever, right? And you say, I'm with your bank, please call us back at this number. I'm not going to do that. I'm going to go to the website, I'm going to look up the support number, and I'm going to call that. [00:46:13] Speaker A: Number and then be like, hey, you guys called. [00:46:15] Speaker B: If it's the same, then, yeah, I'll call you right back. If it's not, yeah, you get nothing. I'll call the support number and go just like you said. Hey, did you guys call? Nope. [00:46:26] Speaker A: Didn't you have to, like, you got deal with your bank or something and it was legit, but you were like, look, I can't take the chance. And they were like, good for you. [00:46:34] Speaker B: Yeah. Yes. I totally understand. I said, I'll call you all back. [00:46:37] Speaker A: Better to be safe than sorry. [00:46:38] Speaker B: Yeah. [00:46:39] Speaker A: And if they're legit, if it is legitimately your bank, they'll be like, good on you. Pat on the back. So definitely scary stuff. Hopefully, we don't. I hope this does not become the norm, because that would really suck. Come on. Are we that depraved? I really hope we don't. We don't get to that point where that's the norm. That's kind of scary. That was like, all right, yeah. So we'll move on from that. [00:47:01] Speaker B: I'm a cynic. What can I say? Yeah. [00:47:03] Speaker A: I don't blame you. I don't blame you. It's hard not to be these days. It makes me sound like an old person. It's hard these days. [00:47:11] Speaker B: We shot all the fishers, Mister Sham coach. We, I think, just enjoyed that poem. [00:47:19] Speaker A: Yeah. I didn't know that was a thing. That's the first I had heard of that poem. Sounds like. [00:47:22] Speaker B: Yeah. [00:47:22] Speaker A: Thank you for enlightening me. I feel like in the last several weeks, we've mentioned Russia in some capacity, one way or another, whether we're talking about Kaspersky or whatever. So this week is no exception. Russia is forcing Apple to remove dozens of VPN apps from the app store. [00:47:37] Speaker B: Literally two dozen, little. [00:47:39] Speaker A: Two dozen. What are we? Two dozen? [00:47:41] Speaker B: Such a weird. [00:47:43] Speaker A: I know, I know. [00:47:44] Speaker B: It's such a. To me. [00:47:45] Speaker A: You wouldn't get it. You wouldn't get it. They've removed 25 virtual private network apps from the russian app store at the request of Roscommon. [00:47:53] Speaker B: Roscommonzador. [00:47:54] Speaker A: Roskommando Manzador. [00:47:55] Speaker B: Yeah. [00:47:56] Speaker A: Rdog. We'll call him that. Rdog. Russia's telecommunications watchdog. And this is as a result of it, is these apps are, like, against the law in Russia, but this is not new. I think it was back in, like, 2018 or 2019 that this has been. Yeah, until 2017. Putin signed a bill banning VPN's proxies and Tor in July 2017, but they didn't try to enforce it until a couple of years later. And so now they're going after Apple and being like, you need to remove these from the russian app store because our citizens cannot have these. And the reason that I wanted to talk about this is that because it's like, okay, they're removing the apps from the app store. These kind of apps are against the law. And Russia seems pretty. Pretty cut and dry, I would say. You know, I feel like we talked before about how, like, legality does not necessarily mean morality. Right? [00:48:43] Speaker B: Correct. [00:48:44] Speaker A: So I personally think, and I'm sure a lot of people would agree with me, you should be allowed to visit, you know, use VPN's if you want to, and visit websites and da da. Da. [00:48:54] Speaker B: Funny how a lot of people make that argument. Like, yeah, it's legal. It doesn't mean it's right. [00:48:59] Speaker A: Exactly. [00:49:00] Speaker B: Like, slavery was legal at one point. That doesn't mean it was right. It was horrible, and it should never have existed. [00:49:05] Speaker A: So, like, these types of apps, these VPN's and proxies and things are banned in Russia so that russian citizens can't access because they don't want them using a VPN to access websites that are blocked in Russia. Right? I don't think that's right. I don't think that's okay that that's a law in Russia. That's my personal opinion. I don't live there. I'm not a citizen of Russia. But I don't think it's right that, you know, you should be controlling the flow of information like that. Right. That's not new, though. [00:49:27] Speaker B: Yeah. [00:49:27] Speaker A: So I guess it's. It's the idea that, like, okay, just because this is a law in Russia, it doesn't mean that I'm going to be like, well, good on apple for. For, you know, good on Russia for enforcing this. Good on Apple for doing this. I still don't think it's a good thing. It's just that legally, this is what they're supposed to do. This is what they have to do. [00:49:42] Speaker B: So they have to comply. It's just the way it is. I'm looking at the censorship map, the Internet censorship map. It's weird. So in the green is least censored, so things that are greener are less censored, and the things that are orange and red are most censored. It's weird how, like, the map is basically divided with a very little, like, in between. [00:50:04] Speaker A: Yeah, that's true. [00:50:04] Speaker B: Right. And it kind of moves that way across. Except for this. Oh, it's Venezuela. Yeah. Makes sense. [00:50:11] Speaker A: That makes sense. That does track. [00:50:12] Speaker B: That absolutely makes sense. But we see in Russia, it's not as red as it could be, but it's pretty red. China really kicking ass. The big red firewall, as they call it. You will not see what we do not want you to see. Russia's. You know, I think China's onto something. Maybe. Maybe we should follow suit. And doesn't surprise me. Allowing for VPN access is obviously a circumvention of those controls, so they do not want that to occur. And therefore, they're kicking people, VPN companies, out of business because they don't want you doing that. [00:50:51] Speaker A: So, I mean, I don't know if we have any, like, russian viewers. Or if we're banned in Russia, but if the tech access to data was blocked in Russia because we're. I don't know. [00:51:00] Speaker B: So I had a student, like, so my family will host chinese students. [00:51:04] Speaker A: Yeah, right, right. [00:51:05] Speaker B: Usually once a year. And it's really interesting to talk to the. Especially when they're a little bit older and, you know, they have a little more experience with life and politics and things of that nature. And one of my students, we talked about, she loved China. She was a huge. Was a patriot to her country. And it was so. But it was really good conversation. But one thing she asked me when she found out what I did for a living was, can you teach me about VPN's? [00:51:29] Speaker A: Aw. [00:51:30] Speaker B: And I was like, really? Why is that? She's like, well. [00:51:35] Speaker A: Aw, man. [00:51:36] Speaker B: You know, here's the thing. I go, so you think maybe your government overreaches a little too far? She said, yeah, too much. A little too much. She talked about comedians disappearing because. Oh, yeah, this guy got, like. She told me this, like, well known comedian got drunk at a bar and he got up and did, like, a stand up set drunk. And he said a thing or two, and it got, like, cell phoned, and he just disappeared one day. And no one ever saw or heard from him again. [00:52:03] Speaker A: Very 1984. [00:52:04] Speaker B: Yeah. I was like, that is some scary stuff right there. [00:52:07] Speaker A: I was gonna ask if you helped her, but I won't make you incriminate yourself. [00:52:12] Speaker B: I remember Don telling me, he's like, you're gonna turn her into a political dissident. She's gonna be sitting next to that comedian, some Gulag. I'm an american. I believe in american values. [00:52:26] Speaker A: Do your part. Yeah, they can't. They can't extradite you from. You're an accomplice. [00:52:32] Speaker B: Come and get me. [00:52:34] Speaker A: So, yeah. Couldn't go one week without mentioning Russia in some capacity. Had to throw that in there. In other news, though, moving away from Russia, Cisa and partners joined as D's ACSC. Lots of acronyms to release advisory on PRC state sponsored group apt 40. That is a new record, man. That's a lot acronyms in a headline line there. So they're collab. Oh, it's the Australian Signals directorates. Australian Cybersecurity center. Speaker two. [00:52:57] Speaker B: Speaking of China, apt 40. [00:53:00] Speaker A: Yep. [00:53:01] Speaker B: Is kind of a big deal, apparently, because Cecil is releasing a. Or SISA or whatever the hell that. [00:53:07] Speaker A: Whatever you want to call them. [00:53:08] Speaker B: Right. They're releasing this advisory along with the ADC, PCs, DF Ghai, JK, l MNLP from you really got to pare that down, guys. Come on. It's a lot. From Australia. That's the word. It's eluding me. Like I said, losing my mind today. Welcome to the devolution of Daniel's brain. [00:53:31] Speaker A: Just this once, we'll allow it. [00:53:32] Speaker B: Fun to watch, but yeah. So this is the national security agency, FBI, UK's National Cybersecurity center, the Canadian center for Cybersecurity. So the CCCS, New Zealand's National Cybersecurity Center, German Federal Intelligence Service, and federal office of the Protection of the Constitution. For the protection of the constitution. Good night. That is a lot. What else do we got here? People's the Republic of Korea's national intelligence service. I would assume that is South Korea and Japan's national center incident response strategy for cybersecurity. A lot of them getting together saying, hey, apt 40 kind of a problem right now. You need to kind of keep a lookout. I saw this in every major news outlet, so I thought, it seems to be a big deal. [00:54:22] Speaker A: Seems to be relevant. [00:54:23] Speaker B: Probably a good idea to just mention it. For those of you watching at home, it might be relevant to you. Yeah, you need to be aware that. So start looking into. If you're doing threat modeling at all, you might want to look at how apt 40 kind of does their thing and see if that's going to affect you one way or the other. [00:54:43] Speaker A: It's funny to me to see, like, we've got the UK, we've got Canada, New Zealand, Germany, South Korea. Like you said, Japan. All these people that are like, yeah, this is bad news. Like, collaborating on this advisory. If all. If you've got these. The Avengers of the countries getting together to be like, yeah, this is bad news, then. If they can agree on this, you know, it's probably pretty bad. [00:55:01] Speaker B: Yeah, this is basically the us government going, avengers, assemble. [00:55:06] Speaker A: Exactly. Exactly. [00:55:08] Speaker B: We have a real threat. The kaiju that is the CCP apparently lost their minds. [00:55:15] Speaker A: And they've got some aliases. Kryptonite, panda, gingham, Typhoon Leviathan. [00:55:19] Speaker B: Bronze mohawk is one of them. I love that one. [00:55:22] Speaker A: These all sound to me like fortnite skins. Like, yeah, I bought. I bought the kryptonite panda this weekend. [00:55:29] Speaker B: Awesome, man. I've been wanting to get that new. [00:55:31] Speaker A: Emote called the Bronze Mohawk. That just sounds to me like fortnite speed. I know that. [00:55:36] Speaker B: Oh, man. [00:55:37] Speaker A: People are gonna be like, no way. You just said that. I'm gonna get some hate for that. It's okay, though. Okay, though. I'll be a four night sympathizer. [00:55:42] Speaker B: Deal with it. [00:55:43] Speaker A: Just for today. I'll be a four night sympathizer. But you're right, this is definitely relevant. And this did pop up a lot in like, news cycles this year. So thought that bringing it up. [00:55:49] Speaker B: Can't leave that on the, on the table. [00:55:51] Speaker A: Cannot leave that on the table. And speaking of fortnight and other video game related, I wore my gamer earrings today. [00:55:57] Speaker B: I see you got the dmGs. [00:55:58] Speaker A: I do. I couldn't not talk about something gaming related. Roblox has suffered a breach. Only a matter of time before a big, big gaming service like this underwent something like this. Email and IP address details exposed in this Roblox data breach. If you're not familiar with Roblox, I would imagine you've probably at least heard of it at this point, but it is predominantly used by, like, kids and teenagers. So that's what stuck out to me about this. If you've got email addresses and IP addresses getting leaked, either that are. That belong to, like, kids and teenagers, or that are their parents. If I'm a parent, I'm gonna be like, crap like my kids and plan. I'm like, here, go log into Roblox, like, entertain yourself, whatever. And now I gotta deal with my stuff being exposed, you know, so there were a lot of parents that were like, this is unacceptable. Roblox needs to protect our kids. And I'm like, I get it. But also, like, this is gonna happen eventually to like, it's hard to avoid something like this. [00:56:47] Speaker B: I'm gonna look it up before I say anything. [00:56:49] Speaker A: Okay, you keep. Okay, fair enough. [00:56:50] Speaker B: More. [00:56:50] Speaker A: Fair enough, fair enough. So they did release a statement about it and say, hey, there was unauthorized access to a subset of Roblox user information. It was from a Roblox developer conference registration list. So registered name, email, ip address was among the things that were leaked. But the main concern was that it's predominantly kids and teenagers that use this site or adults that play on Roblox. And more power to you. I'm not personally a Roblox user, but I've never played it, so I can't really say anything about it. I don't have. I don't have the data to have an opinion on it. [00:57:20] Speaker B: Yeah, so it's funny. You were talking about the, you know, parents are upset. [00:57:25] Speaker A: Yes. [00:57:25] Speaker B: I'm looking at this article from the BBC from two years ago. Warning. This article contains text and images of a schmexual nature. And it's talking about roadblocks and how they have a problem, right? It's like, did we not? Apparently, for at least two years we've known about that. Now you're mad. [00:57:45] Speaker A: I mean, it's not a good thing, obviously. I don't know that it's necessarily surprising that you get people like that that are the doing. Doing and saying things. [00:57:54] Speaker B: I can't even read. Don't show my screen. [00:57:56] Speaker A: No, yeah, right. [00:57:58] Speaker B: Read. [00:57:59] Speaker A: It's, I think even in like, like chat rooms and stuff online where you wouldn't think there'd be a ton of kids. There are always gonna be people targeting kids that are trying to target kids. [00:58:08] Speaker B: I always, I tell this to my wife all the time, where there are children, there are predators. That's their prey, and they gotta go home. [00:58:14] Speaker A: Yeah. If you can see this, even in areas like, like sites like Omegle, where there should not be kids on Omegle, but there are, there are always gonna be people targeting kids, even in an area that's not meant for kids, on a site like Roblox, where this is. It was originally intended for children and teenagers. Yeah. It's gonna be flooded with people that are looking to take advantage and lure kids and stuff. So it's, I don't think it's surprising. [00:58:35] Speaker B: Right. [00:58:35] Speaker A: It's not. [00:58:36] Speaker B: I'm not saying you should be able to let your kids play Roblox or whatever, but as a parent. As a parent, I'm a parent. I have three kids, man. It is my job to protect them. [00:58:45] Speaker A: Yeah. [00:58:45] Speaker B: They are immature and do not understand. That's why they can get easily taken advantage of. So we have to step in and do a really good job of like, monitoring and helping and being there to make sure that they are safe. [00:58:59] Speaker A: Yeah. So even without the, even beyond the issue of just safety in services like this, in this case, with this breach, of course, the primary concerns are going to be phishing attacks and identity against. [00:59:09] Speaker B: Your children, because if they are using their own email accounts now, those have been compromised, they're going to start receiving phishing accounts, and God knows where that's going to pop up. Like, where that information is going to get sold to or leaked to or whatever. Who's going to utilize that and knowing that Roblox if. Right. Think in the mind of a predator. Oh, I now have better bait to catch my. What I'm going for. Right. Yeah, this is a problem. [00:59:36] Speaker A: It makes the job a little easier. [00:59:37] Speaker B: As a parent, I would be super concerned about this. [00:59:40] Speaker A: Yeah, yeah, absolutely. [00:59:41] Speaker B: My kids aren't on Roblox, so that's. [00:59:44] Speaker A: Yeah, okay, fair enough. So this particular breach is, you know, you're good. [00:59:48] Speaker B: If I. Man. Yeah. I would be freaking out. My kids accounts would be smoked at this point. [00:59:52] Speaker A: Yeah. [00:59:53] Speaker B: And their email addresses. Smoked. [00:59:55] Speaker A: Yeah. I don't blame you. [00:59:56] Speaker B: Everything. Smoked. Anything associated with this, I would smoke it. [01:00:00] Speaker A: I'd be concerned. I mean, I'm not a kid, and even if I was on roblox, I'd be like, oh, that sucks. Like, my email address, my ip address, like, dang it. Now I gotta go in and reset passwords and whatever just to be safe. [01:00:08] Speaker B: So anyway, us as adults have a hard enough time, right? [01:00:11] Speaker A: Exactly. [01:00:11] Speaker B: Phishing attempts and whatnot, much less when kids are involved. Kids have no chance to, you, kids have no chance. Yeah. It is a one sided fistfight, man. [01:00:21] Speaker A: Yeah. So if you're on roblox, if you're a kid on roblox, or if you're a parent that has a kid on roblox, is something to keep in mind. Maybe you've already heard of it, but this is something to keep in mind for sure. [01:00:30] Speaker B: Games. That's where it's at. [01:00:31] Speaker A: Yeah. Board games. Honestly, bring back board games with the. [01:00:34] Speaker B: Family together, sit at the table, talk. [01:00:37] Speaker A: I'm not saying you got to play monopoly. I understand that can be a relationship ruin. [01:00:40] Speaker B: Yeah, it will. [01:00:42] Speaker A: You don't have to play uno and then destroy lives. But, you know, they're a fun clue. Yeah. Place a clue. It's a nice slow pace. [01:00:49] Speaker B: And it's like you have to use logic and teaches good thinking, critical thinking skills to your kids and yourself. [01:00:55] Speaker A: That's a good point. [01:00:56] Speaker B: Yeah. [01:00:56] Speaker A: I'm gonna start arguing for us to play clue more at my family gatherings. [01:01:00] Speaker B: Nobody ever wants to play this edition, which we have. [01:01:02] Speaker A: Do they? Actually, that's pretty funny. I think that's pretty much gonna do it. That's. I guess that's also gaming news, talking about clues, but wanted to wrap it up with that piece from Roblox just as a little PSA. And I think that was pretty much it. I didn't see any more breaking news. I was looking while we were. Didn't see anything come up. [01:01:19] Speaker B: We had a few good ones in. [01:01:20] Speaker A: There, but few good ones in there. [01:01:21] Speaker B: Again, like we said, kind of light this week. [01:01:22] Speaker A: Kind of light this week. Quick update. Really quick. I think I mentioned it last week, but as of the day that this episode's airing Thursday the 11th, I guess we do have a webinar today at 02:00 p.m. what? [01:01:33] Speaker B: Today? Tomorrow? [01:01:33] Speaker A: Well, the day that the episode. That's what I'm saying. The day that it's released on the 11th, we'll have a webinar at 02:00 p.m. eastern time with Patrick Gorman. Infosec Pat. [01:01:40] Speaker B: Infosec Pat. [01:01:41] Speaker A: It's gonna be a good time. [01:01:42] Speaker B: It's my dog, man. So we met at b sides Tampa. I'm wearing my b sides Tampa 20. This was the 2020. Besides Tampa. I was there. Yeah, I got the t shirt. It was fun before disaster, like, literally weeks before COVID and it hit in Hillsborough county, like, which is where Tampa is. [01:02:02] Speaker A: Yeah. [01:02:02] Speaker B: Anywho, I got to meet him at b sides Tampa this year, and we just hit it off, man. Super good guy has done a lot of cool stuff. He's got a great YouTube channel. He does a lot to help people in the community try to get into the community and get into their first cyber job. So it ought to be really good to have him on and have him be able to ask questions or answer questions for people out there that are looking to get some information about what they can do to get into the career or advance their career and that kind of stuff would be a lot of good stuff. [01:02:36] Speaker A: Yeah, absolutely. Bring your questions, please bring your questions. [01:02:39] Speaker B: Super smart guy. [01:02:40] Speaker A: And it'll be here in this studio. I think it's going to be a good time. I hadn't met Patrick until hacks based on this con. Yeah. Like LinkedIn and stuff. But I hadn't met him until this year. That's also where we met our last guest, Jacob Swasinski. I'm wearing swiss merch. Wearing the merch today at the represent. I said I was gonna wear it like a few weeks ago, and then I totally forgot. So I'm wearing it today. But, yeah, we go to Mexico. [01:02:58] Speaker B: The QR code. [01:03:01] Speaker A: No, I don't need to be doing that. I don't need to do a 360. But, yeah, we'll get a chance to chat with Patrick a little bit more at length tomorrow and like, Daniel, what. [01:03:08] Speaker B: Are you talking about? 360. [01:03:09] Speaker A: Oh, I thought you said on the back. Yeah, yeah. There you go. There's the QR code. Go and scan that. Pause the video. Yeah, just, yeah. All right. Free advertising. [01:03:19] Speaker B: That's right. [01:03:19] Speaker A: There you go. Jacob, if you're watching, we're hooking him up. I think that's pretty much gonna do it now that I've gotten my not sponsored sponsorship in. So definitely join us for that webinar tomorrow. Join us next week, of course, for a new technado. Leave your comments, let us know what you want to see in the future. Thanks for joining us this week, and we'll see you next time. Thanks for watching. If you enjoyed today's show, consider subscribing so you'll never miss a new episode.

Other Episodes

Episode 346

February 08, 2024 01:09:48
Episode Cover

346: Hackers Can Spy on You... (No Webcam Required?!)

This week on Technado, Microsoft confirms the impending arrival of Windows Server 2025 (and the inevitable death of WordPad). In other "way of the...

Listen

Episode

February 24, 2022 00:46:38
Episode Cover

Technado, Ep. 244: Real Defense's Gary Guseinov

Are mergers and acquisitions the way to drive innovation and growth in cybersecurity? Gary Guseinov of RealDefense shared his take on this week's Technado....

Listen

Episode

June 11, 2020 00:48:48
Episode Cover

Technado, Ep. 155: Corelight’s Alex Kirk

Alex Kirk, a Security Engineer at Corelight, joined the podcast this week to talk about Zeek, a Raspberry Pi version of their product, and...

Listen