Skip to main content
Optrics Insider

Optrics Insider

By Optrics Insider
The Optrics Insider is a regular podcast hosted by our very own Scott Young & Shaun Sturby, which highlights topics of interest to I.T. people, whether it be regarding the latest security vulnerabilities as well interesting (and sometimes funny) things that are happening in the industry. So if you are an IT Manager, IT Admin, CIO or interested in I.T. be sure to check out our podcast!
Listen on
Where to listen
Apple Podcasts Logo

Apple Podcasts

Breaker Logo

Breaker

Castbox Logo

Castbox

Google Podcasts Logo

Google Podcasts

Pocket Casts Logo

Pocket Casts

RadioPublic Logo

RadioPublic

Spotify Logo

Spotify

Optrics Insider - New Windows Update Removes Adobe Flash & Google Discloses Windows Exploit
Join Scott Young and Shaun Sturby from Optrics Engineering as as they discuss Windows update KB4577586 that permanently removes end-of-life Adobe Flash as well as why Google's Project Zero disclosed a zero-day Windows exploit. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:18 - Today's 2 topics 0:40 - Topic 1: New Windows Update Removes Adobe Flash 3:20 - Topic 2: Google Discloses Zero Day Windows Exploit 6:45 - Closing remarks Learn more about the Windows update by going to: > Update for the removal of Adobe Flash Player: October 27, 2020 Learn more about Google's Project Zero by going to: > Google’s Project Zero discloses Windows 0-day that’s been under active exploit #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
08:30
January 20, 2021
Optrics Insider - Windows Update to Avoid, Taking Down TrickBot & Important NAS Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a Windows update to avoid, how researchers took down TrickBot and an important NAS update. Get IT tips here: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:18 - Today's 3 topics 1:06 - Topic 1: Windows Update to Avoid 5:57 - Topic 2: Taking Down TrickBot 7:59 - Topic 3: Important NAS Update 9:45 - Closing remarks Todays virtual background is the data center at CERN: > CERN Data Centre Learn more about the Windows update to avoid: > Windows TCP/IP Remote Code Execution Vulnerability (CVE-2020-16898) Learn more about how Microsoft and U.S. Cyber Command tried to take down TrickBot on one of the world's largest malware networks: > New action to combat ransomware ahead of U.S. elections  > Microsoft and U.S. Cyber Command try to take down TrickBot > Microsoft Safety Scanner Learn more about the the NAS firmware updates for the Windows ZeroLogin vulnerability: > QNAP Security Advisory List (ZeroLogon) > QNAP Issues Patch for Zerologon Vulnerability > Synology-SA-20:21 Zerologon #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
10:47
January 14, 2021
Optrics Insider - SonicWall VPN Bug, Encryption Backdoor, Bot Posting to Reddit & Racy Onion
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss why you should patch your SonicWall firewall now due to a VPN bug, why the international "Five Eyes" organization would like to have an encryption backdoor, how a software engineer caught a bot posting to Reddit and how Facebook deemed an onion too sexy for its ad platform. Get IT tips here: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:17 - Today's 3 topics 0:51 - Topic 1: SonicWall VPN Bug (Patch Now) 2:37 - Topic 2: Five Eyes Asking for an Encryption Backdoor 5:10 - Topic 3: Bot Caught Posting to Reddit 8:43 - Bonus: An Onion Too Sexy for Facebook 11:25 - Closing remarks Learn more about SonicWall's VPN bug here: > CVE-2020-5135 - Buffer Overflow in SonicWall VPNs - Patch Now > SonicWall Security Advisor Vulnerability List Learn more about Five Eyes nations (plus Japan and India) wanting an encryption backdoor here: > Five Eyes nations plus Japan, India call for Big Tech to bake backdoors into everything Learn more about the software engineering discovering the bot posting on Reddit here: > Software Engineer Catches Intelligent Bot Posting on Reddit Learn more about the onion "too sexy" for Facebook here: > Why some onions were too sexy for Facebook #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
12:43
January 13, 2021
Optrics Insider - Thin Client Backdoor, Get Fined for Paying Ransom & UEFI Malware
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a new thin client backdoor for devices managed by HP Device Manager, how the US Treasury Department might fine you for paying the ransom if you're attacked by ransomware and a new UEFI (Unified Extensible Firmware Interface) malware. Get IT tips here: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:19 - Today's 3 topics 0:40 - Topic 1: Thin Client Backdoor 3:44 - Topic 2: Get Fined for Paying Ransom 6:51 - Topic 3: UEFI Malware 9:31 - Closing remarks Learn more about the HP Device Manager Thin Client backdoor: > FYI: If you're running HP Device Manager, anyone on your network can get admin on your server via backdoor Ransom Ware infection? Pay the ransom and get fined by US Govt: > Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam Learn more about the new UEFI malware: > UEFI malware rears ugly head again: Kaspersky uncovers campaign with whiff of China #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
12:19
January 12, 2021
Optrics Insider - KnowBe4 Spoofed, Security Awareness Training Wears Off & Microsoft Zero Login Flaw
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss security awareness training company KnowBe4 being spoofed, the fact the security awareness training for you staff does wear off over time and Microsoft's zero login flaw. Get IT tips here: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:18 - Today's 3 topics 0:50 - Topic 1: KnowBe4's Emails Spoofed 3:03 - Topic 2: Security Awareness Training Wears Off 4:46 - Topic 3: Microsoft Zero Login Flaw 7:35 - Closing remarks Learn more about KnowBe4 being spoofed: > They're Back: Bad Guys Spoof KnowBe4 Again Download a copy of KnowBe4's Social Engineering Red Flags PDF here: > www.OptricsInsider.com/SocialEngineeringRedFlags Learn more about why security awareness training wears off and what you can do: > Phishing awareness training wears off after a few months Learn more about Microsoft's zero login flaw: > Zerologon: Instantly Become Domain Admin by Subverting Netlogon Cryptography (CVE-2020-1472) > Mitigate Netlogon Elevation of Privilege Vulnerability from August 2020 Patch Tuesday > As you're scrambling to patch the scary ZeroLogon hole in Windows Server, don't forget Samba – it's also affected #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
09:10
January 11, 2021
Optrics Insider - Bluetooth Vulnerability, Wordpress Vulnerability & Equinix Breach
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the BLURtooth bluetooth vulnerability, the breach at the Equinix data center and how WordPress sites are vulnerable due to the File Manager plugin. Get IT tips here: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:22 - Today's 3 topics 0:52 - Topic 1: Bluetooth Vulnerability 6:02 - Topic 2: Equinix Breach 8:58 - Topic 3: Wordpress Vulnerability 13:50 - Closing remarks Learn more about the BLURtooth vulnerability: > Billions of Bluetooth gadgets bothered by ‘BLURtooth’ miscreant-in-the-middle bug Learn more about the Equinix data center breach: > Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom Learn more about the WordPress vulnerability: > Hackers are fighting a war over 300K vulnerable WordPress sites #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
15:08
January 8, 2021
Optrics Insider - Checkpoint SSL VPN Cert Expired, Undocumented Zyxel Backdoor & Solarwinds Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the SSL certificate for Checkpoint VPN devices that has expired, the undocumented backdoor in Zyxel devices and a Solarwinds update from Bruce Schneier. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:18 - Today's 3 topics 0:35 - Topic 1: Checkpoint SSL VPN Cert Expired 2:41 - Topic 2: Undocumented Zyxel Backdoor 7:38 - Topic 3: Solarwinds update from Bruce Schneier 13:41 - Closing remarks Learn more about Checkpoint's SSL Cert for their SSL VPN expiring here: > Happy New Year: Jan 1, 2021 security cert expiration causes havoc for some Check Point VPN users Learn more about the undocumented backdoor for Zyxel products here: > Undocumented user account in Zyxel products (CVE-2020-29583)  Learn more about the latest Solarwinds update from Bruce Schneier here: > Schneier on Security: Latest on the SVR’s SolarWinds Hack Learn more about getting a penetration test if you want to test the effectiveness of your network security, or if you think you've been hacked and need help with remediation: > www.Optrics.com/penetration-testing #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
14:14
January 7, 2021
Optrics Insider - User Loyalty & Why Should You Have Service Backups
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the impressive loyalty of an employee at Tesla's Gigafactory in Nevada and why should you have backup network services. Get IT tips here: - www.OptricsInsider.com Timecodes: 0:00 - Intro 0:16 - Today's 3 topics 0:43 - Topic 1: User Loyalty at Tesla's Gigafactory 3:33 - Topic 2: Why Should You Have Service Backups 10:45 - Closing remarks Learn more about the attempt by a Russian national to plant ransomware at Tesla's Gigafactory"  - A Tesla Employee Foiled an Alleged Ransomware Scheme Why you should have multiple services available in case one fails: - CenturyLink Outage Causing Internet Wide Problems - CenturyLink outage led to a 3.5% drop in global web traffic - https://twitter.com/GossiTheDog/status/1300059682955026432?s=09 - https://twitter.com/johullrich/status/1300066938798956544 - https://twitter.com/eastdakota/status/1300175734984511488?s=09 - August 30th 2020: Analysis of CenturyLink/Level(3) Outage How to know if a service is down or if it's an issue on your end: - https://downforeveryoneorjustme.com/ #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
11:28
January 5, 2021
Optrics Insider - CanPar Express & U of Utah Ransomware, AI Fighter Beats Ace & Lock Your Computer
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss both CanPar Express and the University of Utah getting hit by ransomware (interestingly they paid the ransom and Shaun explains why), plus how an AI fighter pilot beat a real ace (in simulation) and as a bonus, why you should lock your workstation before you walk away. Get IT tips here: - www.OptricsInsider.com Timecodes: 0:00 - Intro 0:20 - Today's 3 topics 0:48 - Topic 1: CanPar Express & University of Utah Ransomware 4:50 - Topic 2: AI Fighter Beats Ace 6:46 - Topic 3:  Why You Should Lock Your Workstation 9:45 - Closing remarks Canpar Express hit by ransomware outbreak: - Canadian shipping company Canpar gets an unwanted delivery – ransomware University of Utah paid $457K for ransomware: - Utes gotta be kidding me... University of Utah handed $457K to ransomware creeps AI Fighter pilot better than real ACE - in simulation: - So long, Top Gun... AI software waxes US F-16 pilot's tail 5-0 during virtual dogfight drills Why you should lock your workstation when you walk away: - Trucking hell: Kid leaves dad in monster debt after buying oversized vehicle on eBa #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
10:55
January 4, 2021
Optrics Insider - DEF CON Recap, Black Hat USA 2020 Recap & Defacing Reddit
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the recent online versions of Def Con, Black Hat USA 2020 & how hackers defaced Reddit with pro-Trump messages. Get IT tips here: - www.OptricsInsider.com Timecodes: 0:00 - Intro 0.20 - Today's 3 topics 0:51 - Topic 1: DEF CON Recap, Black Hat USA 2020 Recap 9:16 - Topic 2: Defacing Reddit 10:40 - Closing remarks Learn more about the DEF CON here: - www.defcon.org - Defcon Conference Youtube Channel Learn more about the Black Hat USA 2020 here: - Black Hat USA 2020 Learn more about the defacing of Reddit with pro-Trump messages here: - Hackers are defacing Reddit with pro-Trump messages #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
12:03
December 31, 2020
Optrics Insider - Intel Data Leak, Meow Attack, Emotet Trojan & Zoom Bug
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a leak at Intel, how the new "Meow" attack wiped out nearly 4,000 databases, why the Emotet Trojan is still going strong after 6 years and how a Zoom Bug allowed snoopers crack a private meeting password in minutes. For more IT tips go to: - www.OptricsInsider.com Timecodes: 0:00 - Intro 0:23 - Today's 3 topics 0:44 - Topic 1: Intel Data Leak 2:25 - Topic 2: Meow Attack 4:12 - Topic 3: Emotet Trojan 9:36 - Bonus: Zoom Bug 11:32 - Closing remarks Learn more about the Intel data leak here: - Did Intel fail to protect proprietary secrets, or misconfigure servers? Lessons from the leak Learn more about the "Meow" attack here: - New ‘Meow’ attack has deleted almost 4,000 unsecured databases Learn more about the Emotet trojan here: - Emotet trojan keeps evolving and is back on the scene Learn more about  the Zoom bug here: - Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
13:58
December 30, 2020
Optrics Insider - SySAdmin Day, Cloudflare Outage, UFO VPN Hack & Garmin Cloud Outage
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss making sure you thank your System Admins (as they've been really busy lately), an outage at Cloudflare, hack of UFO VPN and the recent Garmin Cloud outage (Garmin manufactures GPS units and smart watches and provider of maps to airline pilots). For more IT tips go to: - www.OptricsInsider.com Timecodes: 0:00 - Intro 0:20 - Today's 3 topics 0:53 - Topic 1: SysAdmin Day 2:05 - Topic 2: Cloudflare Outage 4:10 - Topic 3: UFO VPN Hacked 7:30 - Topic 4: Garmin Cloud Outage 11:52 - Closing remarks If your IT admin is seeming a bit grumpy lately, they should be forgiven. The Apple updates are the latest in what has been an epic week for security fixes. On top of the regularly scheduled Microsoft, Adobe, and SAP Patch Tuesday security updates, we were treated to a massive 443 bug patch bundle from Oracle, a hefty Cisco update release, and of course, the Twitter hackopolypse keeping peeps amused or horrified. Learn more about the Cloudflare outage: - Cloudflare outage on July 17, 2020 Learn more about the UFO VPN hack: - “Zero logs” VPN exposes millions of logs including user passwords, claims data is anonymous Learn more about the Garmin Cloud outage: - Fitness freaks flummoxed as massive global Garmin outage leaves them high and dry for hours #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec #SysAdminDay
12:53
December 30, 2020
Optrics Insider - SIGRed, Twitter Security Breach & MS Outlook Crashing
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss why you need to immediately patch your Microsoft DNS Server (if you're using one) due to the SIGRed vulnerability, the Twitter security breach and why Microsoft Outlook has been crashing lately due to a recent problematic update. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:17 - Today's 3 topics 0:23 - Topic 1: SigRed 2:10 - Topic 2: Twitter Security Breach 4:40 - Topic 3: MS Outlook Crashing 6:49 - Closing remarks Learn more about the SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability: > PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability > KB4569509: Guidance for DNS Server Vulnerability CVE-2020-1350 Learn more about the Twitter Security Breach: > Twitter Suffers Major Security Breach > Twitter says spear-phishing attack on employees led to breach Learn more about why Microsoft Outlook has been crashing lately: > Microsoft releases a fix for Outlook crashes after a problematic update causes issues for many users #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
08:18
December 23, 2020
Optrics Insider - Blu-Ray Player Boot Loop, Microsoft Update Changes & Cancelled SSL Certs
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss Samsung's Blu-ray player boot loop, Microsoft making changes to their updates and why Digicert cancelled 50,000 SSL certificates. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:18 - Today's 3 topics 0:45 - Topic 1: Samsung Blu-Ray Player Boot Loop 3:19 - Topic 2: Microsoft Update Changes 5:56 - Topic 3: DigiCert Cancelling 50,000 SSL Certs 12:16 - Closing remarks Details on Samsung Blu-ray players in a Boot Loop: > Ask Hackaday: What Can Be Done With Your Bootlooping Blu-Ray?  Details on Microsoft making a change in how manual deferral of Windows 10 feature updates: > Microsoft removes manual deferrals from Windows Update by IT pros 'to prevent confusion' Details on Digicert cancelling 50,000 EV HTTPS certificates: > Digicert will shovel some 50,000 EV HTTPS certificates into the furnace this Saturday after audit bungle #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
13:18
December 22, 2020
Optrics Insider - F5 Patch Now, Einstein Data Trends & Don't Scam the Master
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss F5's announcement to patch their devices now, National Cyber Awareness System's Einstein Data Trends for May 2020 & don't scam the master Kevin Mitnick. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:19 - Today's 3 topics 0:36 - Topic 1: F5 Patch Now 3:54 - Topic 2: Einstein Data Trends 7:15 - Topic 3: Don't Scam the Master 9:15 - Closing remarks Details on the need to patch F5's devices now: > K52145254: TMUI RCE vulnerability CVE-2020-5902 > CVE-2020-5902: F5 BIG-IP RCE Vulnerability > Twitter.com/Kevvyg National Cyber Awareness System EINSTEIN Data Trends for May 2020: > EINSTEIN Data Trends – 30-day Lookback Read Kevin Mitnick's Twitter feed here: > Twitter.com/KevinMitnick #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
10:12
December 22, 2020
Optrics Insider - Sophos Breach & Watchguard's Dark Web Scan Beta
Join Scott Young and Shaun Sturby from Optrics Engineering (https://www.Optrics.com) as they discuss a recent Sophos breach notification and Watchguard's Dark Web Scan beta. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:26 - Today's 3 topics 0:42 - Topic 1: Sophos Firewall Buffer Overflow Vulnerability 3:56 - Topic 2: WatchGuard's Dark Web Scan Beta 8:52 - Closing remarks Learn more about Sophos' breach notification: > Advisory: Buffer overflow in XG Firewall v17.x User Portal Learn more about ManageEngine's Password Manager Pro: > ManageEngine Password Manager Pro Learn more about Password Safe: > https://pwsafe.org/ Learn more about WatchGuard's new Dark Web Scan beta: > Scan for Data Breaches #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
10:28
December 18, 2020
Optrics Insider - The Largest DDoS Attack, Blue Leaks, Dating App Data Breaches & Ripple 20
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the largest DDoS (distributed denial of service) attack, blue leaks and dating app data breaches and Ripple 20.   For more IT tips go to:  > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:20 - Today's 3 topics 0:30 - Topic 1:  The Largest DDoS Attack on Amazon Web Service 2:29 - Topic 2:  Blue Leaks & Dating App Data Breaches 5:43 - Topic 3: Ripple 20 8:36 - Closing remarks Learn more about the largest DDoS attack: > AWS Shield Threat Landscape report is now available Data Breaches - BlueLeaks and Dating apps:  > ‘BlueLeaks’ Exposes Files from Hundreds of Police Departments >  Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More Learn more about Ripple 20:  > New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking > Ripple20 - 19 Zero-Day Vulnerabilities Amplified by the Supply Chain #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
09:32
December 16, 2020
Optrics Insider - iPhone WiFi Exploit, FireEye Hacked, Solarwinds Orion Backdoor & CIA Owns OmniSec
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the iPhone zero click WiFi exploit,  cybersecurity company FireEye hacked and their red team tools being stolen, how network management and performance monitoring tool Solarwinds Orion was used to install a backdoor and the CIA is found to own Omnisec another Swiss cypto company. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:16 - Today's 3 topics 0:49 - Topic 1: iPhone Zero-Click Wi-Fi exploit 3:45 - Topic 2: How FireEye was hacked 6:48 - Topic 3: How SolarWinds Orion was used to install a backdoor 9:34 - Bonus Topic: Cypto AG update 11:00 - Closing remarks Learn more about the Iphone's Zero-Click Wi-Fi Exploit: > An iOS zero-click radio proximity exploit odyssey  > iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever Learn more how FireEye was hacked and their Red Team tools were stolen: > FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community > GitHub - Red Team Tool Countermeasures Learn how SolarWinds Orion was used to install a backdoor: > Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor > US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor > SolarWinds Breach Used to Infiltrate Customer Networks (Solarigate) Learn more about the CIA owning Swiss cryptography company Omnisec: > Report Claims CIA Controlled Second Swiss Encryption Firm #OptricsInsider #TechNews #ITNews
12:19
December 16, 2020
Optrics Insider - Malicious Banking Apps, Internet of Troubles, IBM Cloud Down & Malware at Honda
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the FBI's warning about malicious banking apps, the "Internet of Troubles", IBM's cloud being down for 2 hours plus both Honda and the City of Knoxville being hit by malware. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:21 - Today's 3 topics 0:51 - Topic 1: FBI Warning About Malicious Banking Apps 3:58 - Topic 2: Internet of Troubles (IoT) 6:30 - Topic 3: IBM Cloud Down for 2 hours 8:23 - Topic 4: Honda and City of Knoxville Hit by Malware 12:30 - Closing remarks FBI Public Service Announcement - Increased Use of Mobile Banking Apps Could Lead to Exploitation: > Increased Use of Mobile Banking Apps Could Lead to Exploitation Learn more about why it's important to update the firmware on Internet of Things (IoT) devices: > An Internet of Trouble lies ahead as root certificates begin to expire en masse, warns security researcher Learn more about IBM's cloud being down for 2 hours: > From off-prem to just off: IBM Cloud goes down planet-wide so hard even the status page didn't work > IBM blames 'external' network provider, incorrect routing, traffic flood for its two-hour cloud outage Learn more about the malware that hit Honda: > Honda confirms its network has been hit by cyberattack Learn more about the City of Knoxville and how they fell victim to a ransomware attack: > Knoxville still quiet on ransomware attack and what's being done to fix it #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
14:20
December 14, 2020
Optrics Insider - Contract Tracing App Spoofing, Windows 10 2004 Update & Have I Been Pwned?
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss Contact Tracing App spoofing, issues with the latest Windows 10 2004 Update (and why you should wait to update to it) and how an email pwned an IT help desk. For more IT tips go to: > https://www.OptricsInsider.com Timecodes: 0:00 - Intro 0:21 - Today's 3 topics 0:39 - Topic 1: Contract Tracing App Spoofing 2:05 - Topic 2: Windows 10 2004 Update 4:49 - Topic 3: Have I Been Pwned? 7:15 - Closing remarks Contact tracing app spoofing is already happening – and it's dangerously simple to do: > Contact-tracer spoofing is already happening – and it's dangerously simple to do Learn more about issues with the Windows 10 2004 May update: > Windows 10 2004: Microsoft warns of a new bug that makes connected displays go black > Microsoft Reveals Long List Of Windows 10 May 2020 Issues > Microsoft Puts Windows 10 May 2020 Update on Hold for Most Devices Learn how an email pwned entire firm's helpdesk ticket system: > Weekly Update 194 > Have I Been Pwned breach report email pwned entire firm's helldesk ticket system #OptricsInsider #TechNews #ITNews
08:05
December 11, 2020
Optrics Insider - CIA & Crypto AG, $1 Billion Bitcoin Seized from Silk Road & Fortinet's VPN Hacked
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the CIA owning Swiss crytography company Crypto AG, the $1 billion worth of Bitcoin that we were seized and the hacker who released 49,000 firewall passwords after hacking Fortinet's VPN. For more IT tips go to: > https://www.OptricsInsider.com Timecodes: 0:00 - Intro 0:17 - Today's 3 topics 0:40 - Topic 1: CIA & Swiss Crypto AG working together 2:39 - Topic 2: $1 Billion Bitcoin seized from Silk Road 4:27 - Topic 3: Hacker releases 49k Fortinet passwords 6:40 - Closing remarks Learn more about the CIA & Crypto AG: > https://www.theregister.com/2020/11/12/crypto_ag_swiss_parliament_report Learn more about the seizure of $1 billion worth of Bitcoin: > https://www.secplicity.org/2020/11/10/us-justice-department-makes-one-billion-dollar-drug-seizure Learn more about the hacker who posted 49,000 firewall passwords: > https://www.bleepingcomputer.com/news/security/hacker-posts-exploits-for-over-49-000-vulnerable-fortinet-vpns #OptricsInsider #TechNews #ITNews
08:35
December 11, 2020
Optrics Insider - ThunderSpy, Work from Home Till End of 2020 & QNAP Vulnerability
Join Scott Young and Shaun Sturby from Optrics Engineering  as they discuss the ThunderSpy vulnerability  for Thunderbolt connections, the possibility of working from home till  the end of 2020 and into the new year plus a vulnerability that was  discovered with QNAP network attached storage (NAS) devices.   For more IT tips go to:  > https://www.OptricsInsider.com   Timecodes: 0:00 - Intro 0:20 - Topic 1: ThunderSpy 3:08 - Topic 2: Work from Home Till End of 2020 5:13 - Topic 3: QNAP Vulnerability 8:42 - Closing remarks Learn more about ThunderSpy:  > When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security > Thunderspy. Who Said External DMA Was a Good Idea Learn more about working from home till the end of the 2020:  > Snap! Twitter employees WFH, scam site boom, FB Avatars, SpaceX simulator Learn more about the QNAP vulnerability:  > Hundreds of thousands of QNAP devices vulnerable to remote takeover attacks #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
12:29
December 10, 2020
Optrics Insider - MS Teams Vulnerability, Windows Bugs Report & COVID-19 Contact Tracing Apps
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a Microsoft Teams Vulnerability, Windows Bugs Report and COVID-19 Contact Tracing Apps. Plus as a bonus, Shaun will discuss something to consider when buying an IoT (Internet of Things) device for your home and their hidden costs. For more IT tips go to: > www.OptricsInsider.com  Timecodes: 0:00 - Intro 0:35 - Topic 1: MS Teams Vulnerability 1:51 - Topic 2: Windows Bugs Report 6:05 - Topic 3: COVID-19 Contact Tracing Apps 8:20 - Topics 4: IoT Buyer Beware 11:58 - Closing remarks Learn more about the Microsoft Teams Vulnerability:: > We could have pwned Microsoft Teams with a GIF, claims Israeli infosec outfit Learn more about the Windows Bugs Report:: > >We're going on a vuln hunt. We're going catch a big one: Researchers find Windows bugs dominate – but fixes are fast Learn more about COVID-19 Contact tracing apps:: > Privacy Preserving Protocols to Trace Covid19 Exposure/a> IoT Buyer Beware:: > Three things in life are certain: Death, taxes, and cloud-based IoT gear bricked by vendors. Looking at you, Belkin #OptricsInsider #TechNews #ITNews
12:39
December 8, 2020
Optrics Insider - Apple Mail iOS Bug, Zoom v5 Update & Online Meeting Etiquette
Join Scott Young and Shaun Sturby from Optrics Engineering  as they discuss a bug in Apple Mail iOS, the  Zoom v5 update and online meeting etiquette tips.   For more IT tips go to:  > www.OptricsInsider.com   Timecodes: 0:00 - Intro 0.28 - Topic 1: Apple Mail iOS Bug 1:37 - Topic 2: Zoom v5 Update 6:39 - Topic 3: Online Meeting Etiquette 9:52 - Closing remarks Learn more about the Apple Mail Bug:  > Apple Mail Bug Lets Hackers Control Your iPhone Learn more about the Zoom version 5 update:  > It’s Here! 5 Things to Know About Zoom 5.0 Learn more about online meeting etiquette:  > The Dos and Don’ts of Online Video Meetings > 13 etiquette tips for video conference calls > 12 Tips For Making Your Virtual Meetings More Professional Learn more about OBS Studio: > https://obsproject.com/ #OptricsInsider #TechNews #ITNews
11:24
December 8, 2020
Optrics Insider - Remote Patching, COVID-19 Spam Email & CMR vs SMR NAS Hard Drives
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss work from home PCs and patches, the notable increase in COVID-19 related spam emails as well as CMR (conventional magnetic recording) vs. SMR (shingled magnetic recording) hard drives and what you need to consider when using either for  network attached storage (NAS) devices.    For more IT tips go to:  > www.OptricsInsider.com For information on ManageEngine's Desktop Central go to:  > www.ManageEngine.ca/desktop-central For information on F-Secure go to:  > www.Optrics.com/partners/f-secure CMR vs. SMR Hard Drive Additional Reading:  > www.servethehome.com/surreptitiously-swapping-smr-into-hard-drives-must-end > https://blocksandfiles.com/2020/04/14/wd-red-nas-drives-shingled-magnetic-recording #OptricsInsider #TechNews #ITNews
09:59
December 8, 2020
Optrics Insider - Top 3 Work from Home IT Security Issues
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the top 3 work from home IT security issues that IT administrators and IT managers currently face as their employees transition to working remotely from home.   For more IT tips go to:  > https://www.OptricsInsider.com Timecodes: 0:00 - Intro 1:40 - Topic 1: Keeping your staff who are working from home safe 4:00 - Topic 2: Keeping your network safe 5:25 - Topic 3: Pros and cons of working from home 7:40 - Closing remarks Resources mentioned in the interview:   > OpenDNS: www.OpenDNS.com > CIRA D-Zone DNS Firewall: www.CIRA.ca/cybersecurity-services/canadian-alternative-opendns > WhatISMyIPAddress: https://WhatIsMyipAddress.com > ManageEngine Desktop Central: www.ManageEngine.ca/Desktop-Central > KnowBe4 Security Awareness Training: www.Optrics.com/KnowBe4 #OptricsInsider #TechNews #ITNews
11:13
December 5, 2020