Optrics Insider
By Optrics Insider
Optrics InsiderDec 14, 2020
Optrics Insider - DeepFake Lite, Microsoft Print Nightmare & Kaseya Ransomware Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss DeepFake Lite using Anthony Bourdain's voice in a new documentary on his life, the "Summer of Sam" Microsoft Print Nightmare and the latest Kaseya Ransomware Attack update.
For more IT tips go to:
Timecodes:
> 0:00 - Intro
> 0:19 - Today's 3 topics
> 0:33 - Topic 1: Deep Fake Lite
> 7:35 - Topic 2: Microsoft Print Nightmare
> 11:12 - Topic 3: Kaseya Update
> 14:20 - Closing remarks
More on DeepFake Lite:
> A Haunting New Documentary About Anthony Bourdain
> Voice clone of Anthony Bourdain prompts synthetic media ethics questions
More on Microsoft PrintNightmare / "Summer of SAM" - HiveNightmare / Print Spooler CVE-2021-34481:
> Windows Elevation of Privilege Vulnerability (CVE-2021-36934)
> Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34481)
More on how Kaseya obtained a "universal decryptor key" for the REvil ransomware and is delivering it to clients:
> Kaseya obtains REvil decryptor, starts sharing it with afflicted customers
Optrics Insider - Punk Spider, Irony Thy Name is Jim & What is Your Olympic Password?
Timecodes:
> 0:00 - Intro
> 0:21 - Today's 3 topics
> 0:40 - Topic 1: Punk Spider
> 4:34 - Topic 2: Irony, Thy Name is Jim
> 8:27 - Topic 3: What is Your Olympic Password?
> 11:03 - Closing remarks
More on Punk Spider:
> A Controversial Tool Calls Out Thousands of Hackable Websites
More on Jim Browning getting his Youtube channel deleted:
> Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam
So to prove that anyone can be scammed, I was convinced to delete my @YouTube channel because I was convinced I was talking @YouTubeCreators support. I never lost control of the channel, but the sneaky s**t managed to get me to delete the channel. Hope to recover soon. pic.twitter.com/ygmt2CDlR1
— Jim Browning (@JimBrowning11) July 26, 2021Learn more about KnowBe4 by going to:
> KnowBe4 Security Awareness Training
Find out what percentage of your employees are Phish-prone:
> Start Your Free Phishing Security Test
Download a copy of the Social Media Red Flags PDF here:
> https://www.optricsinsider.com/recommends/social-engineering-red-flags/
Find out which of your users take the bait and reply to a spoofed email:
> Find out now how many of your users take the bait and reply to a spoofed email
Find out how vulnerable your network is against Ransomware and cryptomining attacks:
> How vulnerable is your network against RANSOMWARE and CRYPTOMINING attacks?
Find out which of your users are vulnerable to a social media phishing attack:
> Don't get hacked by social media phishing attacks! Find out which of your users are vulnerable now!
Learn more about the Red Flags of URLS here:
Learn more about Curricula Security Awareness Training here:
Optrics Insider - Print Driver Zero Day, SonicWall VPN Vulnerability & Kaseya Hacked
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the printer driver nightmare zero day vulnerability, SonicWall's VPN appliance is under attack and Kaseya's recent ransomware attack.
Timecodes:
- 0:00 - Intro
- 0:19 - Today's 3 topics
- 0:40 - Topic 1: Printer Driver Zero Day
- 06:09 - Topic 2: SonicWall VPN Vulnerability
- 10:38 - Topic 3: Kaseya VSA Hack
- 17:04 - Closing remarks
Print Nightmare Zero Day:
> PrintNightmare, Critical Windows Print Spooler Vulnerability
> CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit
Ways to keep the computers in your network updated:
> ManageEngine Desktop Central
Good tool to keep your personal computers updated:
> CCleaner
SonicWall Warns of Active Attacks Against VPN Appliances:
> Urgent Security Notice: Critical Risk to Unpatched End-of-Life SRA & SMA 8.x Remote Access Device
Got $70M spare change?
> Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software
Autonomous Cars Hacked Scene - The Fate of the Furious:
Optrics Insider - Dell Vulnerability, CVS Health Leak, WD MyBook Remote Factory Reset & Zero Trust
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the Dell Bios Connect vulnerability, the 1 billion records that were leaked from CVS Health, Western Digital's MyBook remote factory reset issue and the Zero Trust cybersecurity framework.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:19 - Today's 4 topics
0:42 - Topic 1: Dell Bios Connect Vulnerability
4:14 - Topic 2: CVS Health Leak
10:48 - Topic 3: Western Digital MyBook Remote Factory Reset
15:10 - Topic 4: Zero Trust
21:15 - Closing remarks
Dell BiosConnect Vulnerability:
WD My Book Live and My Book Live Duo getting a remote factory reset - all data appears gone:
> Important Announcement About Your WD My Book Live Product: WDC-21008
> Recommended Security Measures for WD My Book Live and WD My Book Live Duo
Zero Trust cybersecurity - moving from hard shell / soft center to NoTrustForYou!:
> Executive Order on Improving the Nation’s Cybersecurity
> https://en.wikipedia.org/wiki/Zero_trust_security_model
> What is Zero Trust? A model for more effective security
> Embrace Proactive Security with Zero Trust
Need help with your network security? We can help! Contact us at:
Optrics Insider - Which is Bigger 26M or 8.4B? Open Redirects, Akamai Outage & PoE Powered Spam
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss what is bigger - 26 million or 8.4 billion, open redirect, the recent Akamai CDN outage and PoE powered can of spam to stop spam..
Timecodes:
0:00 - Intro
0:21 - Today's 4 topics
0:55 - Topic 1: Which is Bigger 26 Million or 8.4 Billion?
8:01 - Topic 2: Open Redirects
12:11 - Topic 3: Akamai CDN Outage
13:24 - Topic 4: PoE Powered Can of Spam
19:07 - Closing remarks
Hackers Stole Nearly 26 Million User Login Credentials for Sites Like Amazon, Google, Facebook between 2018 and 2020:
> Nameless malware that stole 1.2 TB of private data
> https://twitter.com/troyhunt/status/1402358364445679621?s=21
Password Manager Options Mentioned:
> PSafe
> ManageEngine Password Manager Pro
> RoboForm
Google Meet Open Redirects and Why Phishers Love Them:
> Open redirects ... and why Phishers love them
Akamai experienced an outage for one of its Prolexic DDoS services (Routed 3.0) with approximately 500 customers using this service:
> Akamai Provides Prolexic DDoS Service Impact Update (Status: Resolved)
PoE-powered can of spam to stop Ad spam:
> https://twitter.com/danielhepper/status/1403624545010003970
Optrics Insider - Why JBS Paid $11M in Ransom, Impact of the Fastly Outage & the Zoll Vulnerability
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss why JBS paid $11 million in ransom (and it wasn't to get their data back), how the Fastly outage knocked the Internet offline and Zoll's defibrillator dashboard vulnerability advisory.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:57 - Topic 1: JBS Pays Ransom
7:02 - Topic 2: Fastly Outage
15:12 - Topic 3: Zoll advisory
20:56 - Closing remarks
JBS Paid $11M Ransom to Prevent Attackers from Leaking Stolen Data:
> JBS USA Cyberattack Media Statement - June 9
Fireside Chat with Unitrends and their All-in-One Backup and Recovery Solutions:
> https://www.youtube.com/watch?v=-Gpr6_jmpes
Fastly CDN Outage Knocked Portions of the Internet Offline:
> Fastly - Summary of June 8 outage
Not the only one - Cloudflare also had a recent outage:
> Cloudflare Pages Build Delays - Incident Report for Cloudflare
ICS Medical Advisory (ICSMA-21-161-01) ZOLL Defibrillator Dashboard:
> ICS Medical Advisory (ICSMA-21-161-01)
The Wolf Starring Christian Slater | HP Studios:
> https://www.youtube.com/watch?v=ZUP4ib5FzGs
HP Wolf Security - A New Breed of Endpoint Security | Security | HP:
> https://www.youtube.com/watch?v=ACXhdzOoEic
Grey's Anatomy: A Cyber Attack:
> https://www.youtube.com/watch?v=xFUkzzAXXYg
Grey's Anatomy: Bad Guys Asking 5k Bitcoins Bailey asks Jackson for Money Season 14 Episode 8:
Optrics Insider - Ransomware Headlines, White House Ransomware Memo & Amazon Launches Sidewalk
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the large number of organizations in the headlines who have been hit by ransomware, the White Houses recent memo to private organizations on what they can do to prevent being a victim of a ransomware attack as well as today's launch of Amazon's Sidewalk wireless mesh service.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:18 - Today's 3 topics
0:37 - Topic 1: Ransomware Headlines
2:10 - Topic 2: White House Ransomware Memo
11:39 - Topic 3: Amazon Launches Sidewalk
22:09 - Closing remarks
Ransomware headlines:
> FBI Statement on JBS Cyberattack
> NY & Mass. Transportation Providers Targeted in Recent Attacks
> Unauthorized access to Fujifilm servers
> Sturdy Memorial Hospital - Notice of Data Security Incident
White House Memo: Advice to Private Sector on Protection from Ransomware:
> Memo: What We Urge You to Do to Protect Against the Threat of Ransomware [PDF Download]
> Cybersecurity & Infrastructure Security Agency: Ransomware Guidance and Resources
Good Security Habits:
> Cybersecurity & Infrastructure Security Agency: Security Tip (ST04-003)
Security Awareness Training Options to Train Your Staff on What Not to Click:
[KnowBe4] - www.Optrics.com/KnowBe4
[Curricula] - www.Optrics.com/partners/Curricula
How to Stay Safe Against Phishing Attacks & Social Engineering with Mike Brill from KnowBe4:
> www.YouTube.com/watch?v=kRM9rd_zj9o
Learn More About How to Test the Security of Your Network with a Penetration Test:
> www.Optrics.com/partners/Foresite
Amazon Sidewalk is Going Live Next Week:
> How to disable Amazon Sidewalk (and why you should do it)
> How Amazon Sidewalk Works—and Why You May Want to Turn It Off
> Amazon Sidewalk goes live tomorrow, here’s why you shouldn’t be scared
Optrics Insider - HaveIBeenPwned Announcement, VMWare Vulnerability & Colonial Pipeline Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss Troy Hunt's recent announcement about his HaveIBeenPwned service, a VMWare patch you need to apply immediately to vCenter Server as well as how the US Department of Homeland Security has responded to the Colonial Pipeline hacked.
Timecodes:
0:00 - Intro
0:19 - Today's 3 topics
0:34 - Topic 1: HaveIBeenPwned Announcement
7:06 - Topic 2: VMWare Vulnerability
9:32 - Topic 3: Colonial Pipeline Update
15:29 - Closing remarks
Troy Hunt's call for help with his HaveIBeenPwned service:
> Pwned Passwords, Open Source in the .NET Foundation and Working with the FBI
Patch immediately: VMware warns of critical remote code execution hole in vCenter Server:
> Questions & Answers for VMSA-2021-0010
> How to Disable VMware Plugins in vCenter Server (83829)
After Ransomware hit Colonial Pipeline DHS issues directive:
> DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators
Stuff You Should Know Podcast - How the Electrical Grid Works:
> https://podcasts.apple.com/au/podcast/how-the-electrical-grid-works/id278981407?i=1000516928439
Other Links:
> Outdated computer system exploited in Florida water treatment plant hack
> A password for the Hawaii emergency agency was hiding in a public photo, written on a Post-it note
Optrics Insider - WiFi FragAttacks & Internet Explorer End-of-Life
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the WiFi FragAttacks (fragmentation and aggregation attacks) as well as a reminder that Internet Explorer 11 will be retired and go out of support on June 15, 2022. Time to start using Microsoft Edge, Google Chrome, Firefox, Brave or any of the other more modern browsers.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 2 topics
0:33 - Topic 1: WiFi Frag Attacks
6:12 - Topic 2: Internet Explorer 11 End-of-Life
9:18 - Closing remarks
WiFi FragAttacks:
> Vulnerabilities in billions of Wi-Fi devices let hackers bypass firewalls
Microsoft announces the official end of Internet Explorer:
> The future of Internet Explorer on Windows 10 is in Microsoft Edge
> Microsoft announces the official end of Internet Explorer
Alternative browsers:
Optrics Insider - US Executive Order on Cybersecurity & Microsoft Outlook Email Bug Fix
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss President Biden's recent executive order on cybersecurity as well as the Outlook email bug fix that Microsoft recently fixed.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 2 topics
0:33 - Topic 1: US Executive Order on Cybersecurity
7:12 - Topic 2: Microsoft Outlook Bug Fix
11:07 - Closing remarks
New US Executive Order on Cybersecurity:
> Biden Signs Executive Order to Bolster Federal Government’s Cybersecurity
Microsoft Fixes Outlook Email Bug:
Optrics Insider - Pulse Secure VPN Fix, 21 Nails in Exim, Colonial Pipeline Ransomware & Signal Ads
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the fix for a vulnerability with Pulse Secure VPN, 21 vulnerabilities in open source mail server Exim, the effects of Colonial Pipeline being hit by ransomware and how Signal is trying to take out Instagram ads.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:40 - Topic 1: Pulse Secure VPN Fix
6:20 - Topic 2: 21 Nails in Exim
8:29 - Topic 3: Colonial Pipeline Ransomware
12:40 - Topic 4: Signal vs. Instagram Ads
17:48 - Closing remarks
Links:
> US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day
> Find out what percentage of your employees are Phish-prone
> Download a copy of the Social Media Red Flags PDF
> Find out which of your users take the bait and reply to a spoofed email
> Find out how vulnerable your network is against Ransomware and cryptomining attacks
> Find out which of your users are vulnerable to a social media phishing attack
Optrics Insider - RIP Dan Kaminsky, Emotet Kill Switch, ParkMobile Breach, Name:Wreck & 802.11bf
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the passing of well-known cybersecurity researcher Dan Kaminski at age 42, the Emotet trojan kill switch, the ParkMobile breach, the Name:Wreck DNS vulnerability and the new 802.11bf Wi-Fi standard.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 5 topics
1:01 - Topic 1: RIP Dan Kaminski
2:12 - Topic 2: Emotet Kill Switch
4:14 - Topic 3: ParkMobile breach
5:49 - Topic 4: Name:Wreck DNS Vulnerability
7:58 - Topic 5: 802.11bf Wi-Fi standard
12:47 - Closing remarks
Links:
> Prominent security expert Dan Kaminsky passes away at 42:
> ‘EmoCrash’ Exploit Stoppered Emotet For 6 Months
> ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users
Optrics Insider - Pwn2Own Vancouver 2021, QNAP Vulnerability & 500M LinkedIn Users Being Sold Online
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss CanSecWest's Pwn2Own whitehat competition in Vancouver, the latest QNAP vulnerability and the data from 500 million LinkedIN users that is now being sold online.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:21 - Today's 3 topics
0:36 - Topic 1: Pwn2Own Vancouver 2021
4:52 - Topic 2: QNAP Vulnerability
10:13 - Topic 3: LinkedIn Data Leak
16:12 - Closing remarks
Learn more about Pwn2Own Vancouver 2021:
> Microsoft's Windows 10, Exchange, and Teams hacked at Pwn2Own
> Announcing Pwn2Own Vancouver 2021
> Pwn2Own 2021 - Schedule and Live Results
Learn more about getting a penetration test:
> www.Optrics.com/services/penetration-testing
Learn more about the latest QNAP vulnerability:
> QNAP caught napping as disclosure delay expires, critical NAS bugs revealed
Learn more about the LinkedIn data leak:
> Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof
Find out if your phone number or email address is in a data breach:
Optrics Insider - 533M Facebook Accounts Leaked, FBI/CISA & Fortinet Vulnerability & Ubiquiti Hacked
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the data from 544 million Facebook accounts that was leaked, the joint FBI CISA Joint Cybersecurity Advisor regarding the known Fortinet FortiOS vulnerabilities as well as the Ubiquiti hack.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:24 - Today's 3 topics
0:49 - Topic 1: 533 Million Facebook Accounts Leaked
5:24 - Topic 2: FBI/CISA & Fortinet Vulnerability
7:00 - Topic 3: Ubiquiti Hacked
13:09 - Closing remarks
Learn more more about the 533 million Facebook accounts which were leaked:
> https://twitter.com/troyhunt/status/1378463581604220931?s=03
Read the FBI and CISA's Joint Cybersecurity Advisory (CSA) regarding the known Fortinet FortiOS vulnerabilities:
> FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities
Watch "Fortinet SSL VPN Hacked - 49,000 Firewall Passwords Released"
> www.youtube.com/watch?v=RwQCqnSSyEM
Learn more about the Ubiquiti hack:
Optrics Insider - Hackers Backdoor PHP, Samsung's 512 GB Memory Chip & Acer hit with $50M Ransomware
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss how hackers breached the main Git repository to insert a backdoor into PHP, Samsung's first 512GB DDR5 DRAM chip and how computer giant Acer was hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:52 - Topic 1: Hackers Backdoor PHP
4:38 - Topic 2: Samsung's 512 GB memory chip
7:55 - Topic 3: Acer hit with $50M ransomware attack
11:57 - Closing remarks
Learn how hacker's figured out a backdoor to PHP:
> Hackers Breach PHP Git Server and Insert Backdoor in Source Code
Learn more about Samsung's first 512GB DDR5 DRAM chip:
> Samsung aims first 512GB DDR5 DRAM chip built on High-K/Metal Gate tech at HPC, AI markets
Learn how Acer was hit with a $50 million ransomware attack:
> Computer giant Acer hit by $50 million ransomware attack
> Acer reportedly targeted with $50 million ransomware attack
Watch my interview with Mike Brill from KnowBe4:
> Optrics Insider - How to Stay Safe Against Phishing Attacks & Social Engineering
Learn more about KnowBe4 by going to:
Find out how vulnerable your network is against Ransomware and cryptomining attacks:
> www.OptricsInsider.com/Recommends/Ransomware-Simulator
Find out what percentage of your employees are Phish-prone:
> www.OptricsInsider.com/Recommends/Phishing-Security-Test
Find out which of your users are vulnerable to a social media phishing attack:
> www.OptricsInsider.com/Recommends/Social-Media-Phishing-Test
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - MS Exchange Patch Update, F5 BIG-IP Update, Verkada Breach & Patch Tuesday Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they provide an update on the MS Exchange Hafnium Patch as well as discuss an F5 BIG-IP update you'll want to apply, a breach with Verkada brand surveillance cameras and some things to look at with the latest Patch Tuesday Update.
For more IT tips go to:
Timecodes:0:00 - Intro
0:20 - Today's 4 topics
0:44 - Topic 1: MS Exchange Hafnium Patch Update
4:53 - Topic 2: F5 BIG-IP Update
6:48 - Topic 3: Verkada Surveillance Camera Breach
9:21 - Topic 4: Patch Tuesday Update
13:07 - Closing remarks
> Warning the World of a Ticking Time Bomb
> Microsoft Exchange Server Vulnerabilities Mitigations – updated March 15, 2021
> K02566623: Overview of F5 vulnerabilities (March 2021)
Learn more about the Verkada Surveillance Camera Breach:> Hackers Breach Thousands of Security Cameras, Exposing Tesla, Jails, Hospitals
> Microsoft hurries out this fix for Windows 10 printer crash problem
Optrics Insider - Exchange Server Vulnerability, Qualisys Hit with Ransomware & VMWare Vulnerability
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the Microsoft Exchange Server Hafnium patch, security vendor Qualisys being hit by ransomware and the Carbon Spider and Sprite Spider VMWare ransomware.
For more IT tips go to:
Timecodes:0:00 - Intro
0:21 - Today's 3 topics
0:47 - Topic 1: Microsoft Exchange Server Hafnium patch
5:14 - Topic 2: Qualisys hit by ransomware
8:19 - Topic 3: Carbon Spider & Sprite Spider VMWare ransomware
11:46 - Closing remarks
Learn more about the Exchange Server Hafnium Patch:> HAFNIUM targeting Exchange Servers with 0-day exploits
> At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software
> US National Security Council urges review of Exchange Servers in wake of Hafnium attack
> Qualys hit with ransomware: Customer invoices leaked on extortionists' Tor blog
> Qualys SSL Server Test
Optrics Insider - How to Stay Safe Against Phishing Attacks & Social Engineering
Join Scott Young from Optrics Engineering and Mike Brill from KnowBe4 as they discuss the latest Zoom phishing attacks and social engineering and how best to keep you and your staff safe from them.
Read the "Running Headfirst into a Breach" blog article mentioned in the podcast.
For more IT tips go to:
> www.OptricsInsider.com
Learn more about KnowBe4 by going to:
Find out what percentage of your employees are Phish-prone:
Download a copy of the Social Media Red Flags PDF here:
> Social Engineering Red Flags (PDF)
Find out which of your users take the bait and reply to a spoofed email:
Find out how vulnerable your network is against Ransomware and cryptomining attacks:
Find out which of your users are vulnerable to a social media phishing attack:
Learn more about the Red Flags of URLS here:
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - SuperMicro Supply Chain Attack, CRA Suspends 100k Accounts & MacOS Infection
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the SuperMicro supply chain attack, why CRA (Canada Revenue Agency) suspended 100,000 user accounts and how the Silver Sparrow infected almost 30,000 MacOS devices in 153 countries, including the latest M1 powered devices.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:38 - Topic 1: SuperMicro Supply Chain Attack
5:23 - Topic 2: CRA Suspends 100k Accounts
8:23 - Topic 3: Silver Sparrow MacOS Infection
11:10 - Closing remarks
Learn more about the SuperMicro supply chain attack here:
> The Long Hack: How China Exploited a U.S. Tech Supplier
Learn more about CRA's suspension of 100,00 user accounts here:
Learn more about the Silver Sparrow MacOS infection here:
> Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight
Optrics Insider - Facebook Phishing Domains, 3.2 Billion Emails Leaked & Microsoft Emergency Fix
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the fight between Facebook and Proofpoint / Wombat Security over using similar looking domains to conduct phishing tests to protect users, the 3.2 billion emails that were leaked along with their passwords and the emergency fix Microsoft had to release to fix one of their patches that was causing user's computers to "blue screen" after they ran an update.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:18 - Today's 3 topics
0:34 - Topic 1: Facebook Phishing Domains
2:53 - Topic 2: 3.2 Billion Emails & Passwords Leaked
6:52 - Topic 3: Microsoft Emergency Fix
10:23 - Closing remarks
Learn more about the fight over Facebook phishing domains here:
> Phishing awareness gone wrong: Facebook tries to seize websites set up for staff security training
Learn more about the email password breach here:
> 3.2 Billion Emails and Passwords Leaked in Data Breach
Learn more about Microsoft's emergency fix:
> Microsoft issues emergency fix for Wi-Fi
Resources mentioned:
> PSafe
> ManageEngine Password Manager Pro
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - 179 Microsoft Admin Portals, 60 Billion Less DNS Requests & Urgent SonicWall Patch
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a useful list of 179+ Microsoft portals for IT admins, how Google was able to reduce the number of DNS requests by 60 billion, an urgent SonicWall patch as well as a Linux sudo command bug.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:17 - Today's 3 topics
0:39 - Topic 1: 179+ Microsoft Portals for Admins
2:51 - Topic 2: 60 Billion Less DNS Requests
5:57 - Topic 3: Urgent SonicWall Patch
7:20 - Bonus: Linux sudo bug
9:49 - Closing remarks
List of 179+ known Microsoft admin portals:
> Microsoft runs 179 admin portals, says sysadmin supergroup
> https://twitter.com/AdamFowler_IT/status/1321959895839600640
Chromium clean up drops DNS traffic:
> Chromium cleans up its act – and daily DNS root server queries drop by 60 billion
> https://en.wikipedia.org/wiki/Chromium_(web_browser)#Active
Urgent SonicWall patch (SMA-100):
Decade-old bug in Linux world's sudo can be abused by any logged-in user to gain root privileges
> Decade-old bug in Linux world's sudo can be abused by any logged-in user to gain root privileges
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Emotet Botnet Update, School Laptops with Malware and Faces of the Riot
Join Scott Young and Shaun Sturby from Optrics Engineering as they provide an update on the Emotet Botnet, discuss school laptops in the UK that came pre-loaded with malware, the new "Faces of the Riot" website and security researchers who have been targeted by hackers.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:14 - Today's 4 topics
0:39 - Topic 1: Emotet Botnet Update
3:40 - Topic 2: School laptops in the UK that came pre-loaded with malware
6:30 - Topic 3: "Faces of the Riot" website
9:54 - Topic 4: Security Researchers targeted by hackers
14:16 - Closing remarks
Learn more about the Emotet Botnet here:
> International Action Targets Emotet Crimeware
> Authorities plan to mass-uninstall Emotet from infected hosts on April 25, 2021
Link to our previous video on the Emotet Botnet:
> Optrics Insider - Intel Data Leak, Meow Attack, Emotet Trojan & Zoom Bug
How "Hurry, hurry, there's a pandemic on" resulted in Laptops with pre-loaded malware being sent to schools:
> Laptops given to British schools came preloaded with remote-access worm
Learn more about the new "Faces of the Riot" website here:
> This site posted every face from Parler’s Capitol Hill insurrection videos
> New Site Extracts and Posts Every Face from Parler's Capitol Hill Insurrection Videos
Learn more about the new campaign targeting security researchers:
> New campaign targeting security researchers
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Update on Solarwinds Attack, Extreme Networks Misses Flash Deadline & DNSpooq
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss FireEye's update on the Solarwinds attack, Flash is dead but Extreme Networks didn't get the memo, DNSpooq and SonicWall joins FireEye, Microsoft and MalwareBytes on the list of network security companies who have been hacked.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:49 - Topic 1: FireEye's update on the Solarwinds attack
2:33 - Topic 2: Flash is dead but Extreme Networks didn't get the memo
4:45 - Topic 3: DNSpooq
10:45 - Bonus Topic: SonicWall joins FireEye, Microsoft and MalwareBytes
14:09 - Closing remarks
Learn more about FireEye's update on the Solarwinds Hack:
> Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
> Mandiant Azure AD Investigator
Learn more about Extreme Network missing Adobe Flash End-of-Life deadline:
Learn more about DNSpooq:
Learn more about Pi Hole:
> Pi-hole - Network-wide ad blocking
Learn more about SonicWall being added to security companies who have had a security breach:
> Urgent Security Notice: Probable SMA 100 Series Vulnerability [Updated Jan. 25, 2021]
> SonicWall says it was hacked using zero-days in its own products
> Supply Chain Attacks & 0-Days: Es tu, SonicWall?
Learn more about VirusTotal:
> https://support.virustotal.com/hc/en-us/articles/115002126889-How-it-works
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - New Windows Update Removes Adobe Flash & Google Discloses Windows Exploit
Join Scott Young and Shaun Sturby from Optrics Engineering as as they discuss Windows update KB4577586 that permanently removes end-of-life Adobe Flash as well as why Google's Project Zero disclosed a zero-day Windows exploit.
For more IT tips go to: Timecodes:0:00 - Intro
0:18 - Today's 2 topics
0:40 - Topic 1: New Windows Update Removes Adobe Flash
3:20 - Topic 2: Google Discloses Zero Day Windows Exploit
6:45 - Closing remarks
Learn more about the Windows update by going to:> Update for the removal of Adobe Flash Player: October 27, 2020
Learn more about Google's Project Zero by going to:> Google’s Project Zero discloses Windows 0-day that’s been under active exploit
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Windows Update to Avoid, Taking Down TrickBot & Important NAS Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a Windows update to avoid, how researchers took down TrickBot and an important NAS update.
Get IT tips here:
Timecodes:
0:00 - Intro
0:18 - Today's 3 topics
1:06 - Topic 1: Windows Update to Avoid
5:57 - Topic 2: Taking Down TrickBot
7:59 - Topic 3: Important NAS Update
9:45 - Closing remarks
Todays virtual background is the data center at CERN:
Learn more about the Windows update to avoid:
> Windows TCP/IP Remote Code Execution Vulnerability (CVE-2020-16898)
Learn more about how Microsoft and U.S. Cyber Command tried to take down TrickBot on one of the world's largest malware networks:
> New action to combat ransomware ahead of U.S. elections
> Microsoft and U.S. Cyber Command try to take down TrickBot
Learn more about the the NAS firmware updates for the Windows ZeroLogin vulnerability:
> QNAP Security Advisory List (ZeroLogon)
> QNAP Issues Patch for Zerologon Vulnerability
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - SonicWall VPN Bug, Encryption Backdoor, Bot Posting to Reddit & Racy Onion
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss why you should patch your SonicWall firewall now due to a VPN bug, why the international "Five Eyes" organization would like to have an encryption backdoor, how a software engineer caught a bot posting to Reddit and how Facebook deemed an onion too sexy for its ad platform.
Get IT tips here:
Timecodes:
0:00 - Intro
0:17 - Today's 3 topics
0:51 - Topic 1: SonicWall VPN Bug (Patch Now)
2:37 - Topic 2: Five Eyes Asking for an Encryption Backdoor
5:10 - Topic 3: Bot Caught Posting to Reddit
8:43 - Bonus: An Onion Too Sexy for Facebook
11:25 - Closing remarks
Learn more about SonicWall's VPN bug here:
> CVE-2020-5135 - Buffer Overflow in SonicWall VPNs - Patch Now
> SonicWall Security Advisor Vulnerability List
Learn more about Five Eyes nations (plus Japan and India) wanting an encryption backdoor here:
> Five Eyes nations plus Japan, India call for Big Tech to bake backdoors into everything
Learn more about the software engineering discovering the bot posting on Reddit here:
> Software Engineer Catches Intelligent Bot Posting on Reddit
Learn more about the onion "too sexy" for Facebook here:
> Why some onions were too sexy for Facebook
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Thin Client Backdoor, Get Fined for Paying Ransom & UEFI Malware
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a new thin client backdoor for devices managed by HP Device Manager, how the US Treasury Department might fine you for paying the ransom if you're attacked by ransomware and a new UEFI (Unified Extensible Firmware Interface) malware.
Get IT tips here:
Timecodes:
0:00 - Intro
0:19 - Today's 3 topics
0:40 - Topic 1: Thin Client Backdoor
3:44 - Topic 2: Get Fined for Paying Ransom
6:51 - Topic 3: UEFI Malware
9:31 - Closing remarks
Learn more about the HP Device Manager Thin Client backdoor:
Ransom Ware infection? Pay the ransom and get fined by US Govt:
> Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam
Learn more about the new UEFI malware:
> UEFI malware rears ugly head again: Kaspersky uncovers campaign with whiff of China
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - KnowBe4 Spoofed, Security Awareness Training Wears Off & Microsoft Zero Login Flaw
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss security awareness training company KnowBe4 being spoofed, the fact the security awareness training for you staff does wear off over time and Microsoft's zero login flaw.
Get IT tips here:
Timecodes:
0:00 - Intro
0:18 - Today's 3 topics
0:50 - Topic 1: KnowBe4's Emails Spoofed
3:03 - Topic 2: Security Awareness Training Wears Off
4:46 - Topic 3: Microsoft Zero Login Flaw
7:35 - Closing remarks
Learn more about KnowBe4 being spoofed:
> They're Back: Bad Guys Spoof KnowBe4 Again
Download a copy of KnowBe4's Social Engineering Red Flags PDF here:
> www.OptricsInsider.com/SocialEngineeringRedFlags
Learn more about why security awareness training wears off and what you can do:
> Phishing awareness training wears off after a few months
Learn more about Microsoft's zero login flaw:
> Zerologon: Instantly Become Domain Admin by Subverting Netlogon Cryptography (CVE-2020-1472)
> Mitigate Netlogon Elevation of Privilege Vulnerability from August 2020 Patch Tuesday
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Bluetooth Vulnerability, Wordpress Vulnerability & Equinix Breach
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the BLURtooth bluetooth vulnerability, the breach at the Equinix data center and how WordPress sites are vulnerable due to the File Manager plugin.
Get IT tips here:
Timecodes:
0:00 - Intro
0:22 - Today's 3 topics
0:52 - Topic 1: Bluetooth Vulnerability
6:02 - Topic 2: Equinix Breach
8:58 - Topic 3: Wordpress Vulnerability
13:50 - Closing remarks
Learn more about the BLURtooth vulnerability:
> Billions of Bluetooth gadgets bothered by ‘BLURtooth’ miscreant-in-the-middle bug
Learn more about the Equinix data center breach:
> Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom
Learn more about the WordPress vulnerability:
> Hackers are fighting a war over 300K vulnerable WordPress sites
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Checkpoint SSL VPN Cert Expired, Undocumented Zyxel Backdoor & Solarwinds Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the SSL certificate for Checkpoint VPN devices that has expired, the undocumented backdoor in Zyxel devices and a Solarwinds update from Bruce Schneier.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:18 - Today's 3 topics
0:35 - Topic 1: Checkpoint SSL VPN Cert Expired
2:41 - Topic 2: Undocumented Zyxel Backdoor
7:38 - Topic 3: Solarwinds update from Bruce Schneier
13:41 - Closing remarks
Learn more about Checkpoint's SSL Cert for their SSL VPN expiring here:
> Happy New Year: Jan 1, 2021 security cert expiration causes havoc for some Check Point VPN users
Learn more about the undocumented backdoor for Zyxel products here:
> Undocumented user account in Zyxel products (CVE-2020-29583)
Learn more about the latest Solarwinds update from Bruce Schneier here:
> Schneier on Security: Latest on the SVR’s SolarWinds Hack
Learn more about getting a penetration test if you want to test the effectiveness of your network security, or if you think you've been hacked and need help with remediation:
> www.Optrics.com/penetration-testing
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - User Loyalty & Why Should You Have Service Backups
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the impressive loyalty of an employee at Tesla's Gigafactory in Nevada and why should you have backup network services.
Get IT tips here:
Timecodes:
0:00 - Intro
0:16 - Today's 3 topics
0:43 - Topic 1: User Loyalty at Tesla's Gigafactory
3:33 - Topic 2: Why Should You Have Service Backups
10:45 - Closing remarks
Learn more about the attempt by a Russian national to plant ransomware at Tesla's Gigafactory"
- A Tesla Employee Foiled an Alleged Ransomware Scheme
Why you should have multiple services available in case one fails:
- CenturyLink Outage Causing Internet Wide Problems
- CenturyLink outage led to a 3.5% drop in global web traffic
- https://twitter.com/GossiTheDog/status/1300059682955026432?s=09
- https://twitter.com/johullrich/status/1300066938798956544
- https://twitter.com/eastdakota/status/1300175734984511488?s=09
- August 30th 2020: Analysis of CenturyLink/Level(3) Outage
How to know if a service is down or if it's an issue on your end:
- https://downforeveryoneorjustme.com/
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - CanPar Express & U of Utah Ransomware, AI Fighter Beats Ace & Lock Your Computer
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss both CanPar Express and the University of Utah getting hit by ransomware (interestingly they paid the ransom and Shaun explains why), plus how an AI fighter pilot beat a real ace (in simulation) and as a bonus, why you should lock your workstation before you walk away.
Get IT tips here:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:48 - Topic 1: CanPar Express & University of Utah Ransomware
4:50 - Topic 2: AI Fighter Beats Ace
6:46 - Topic 3: Why You Should Lock Your Workstation
9:45 - Closing remarks
Canpar Express hit by ransomware outbreak:
- Canadian shipping company Canpar gets an unwanted delivery – ransomware
University of Utah paid $457K for ransomware:
- Utes gotta be kidding me... University of Utah handed $457K to ransomware creeps
AI Fighter pilot better than real ACE - in simulation:
- So long, Top Gun... AI software waxes US F-16 pilot's tail 5-0 during virtual dogfight drills
Why you should lock your workstation when you walk away:
- Trucking hell: Kid leaves dad in monster debt after buying oversized vehicle on eBa
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - DEF CON Recap, Black Hat USA 2020 Recap & Defacing Reddit
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the recent online versions of Def Con, Black Hat USA 2020 & how hackers defaced Reddit with pro-Trump messages.
Get IT tips here:
Timecodes:
0:00 - Intro
0.20 - Today's 3 topics
0:51 - Topic 1: DEF CON Recap, Black Hat USA 2020 Recap
9:16 - Topic 2: Defacing Reddit
10:40 - Closing remarks
Learn more about the DEF CON here:
- Defcon Conference Youtube Channel
Learn more about the Black Hat USA 2020 here:
Learn more about the defacing of Reddit with pro-Trump messages here:
- Hackers are defacing Reddit with pro-Trump messages
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Intel Data Leak, Meow Attack, Emotet Trojan & Zoom Bug
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a leak at Intel, how the new "Meow" attack wiped out nearly 4,000 databases, why the Emotet Trojan is still going strong after 6 years and how a Zoom Bug allowed snoopers crack a private meeting password in minutes.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:23 - Today's 3 topics
0:44 - Topic 1: Intel Data Leak
2:25 - Topic 2: Meow Attack
4:12 - Topic 3: Emotet Trojan
9:36 - Bonus: Zoom Bug
11:32 - Closing remarks
Learn more about the Intel data leak here:
- Did Intel fail to protect proprietary secrets, or misconfigure servers? Lessons from the leak
Learn more about the "Meow" attack here:
- New ‘Meow’ attack has deleted almost 4,000 unsecured databases
Learn more about the Emotet trojan here:
- Emotet trojan keeps evolving and is back on the scene
Learn more about the Zoom bug here:
- Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - SySAdmin Day, Cloudflare Outage, UFO VPN Hack & Garmin Cloud Outage
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss making sure you thank your System Admins (as they've been really busy lately), an outage at Cloudflare, hack of UFO VPN and the recent Garmin Cloud outage (Garmin manufactures GPS units and smart watches and provider of maps to airline pilots).
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:53 - Topic 1: SysAdmin Day
2:05 - Topic 2: Cloudflare Outage
4:10 - Topic 3: UFO VPN Hacked
7:30 - Topic 4: Garmin Cloud Outage
11:52 - Closing remarks
If your IT admin is seeming a bit grumpy lately, they should be forgiven. The Apple updates are the latest in what has been an epic week for security fixes.
On top of the regularly scheduled Microsoft, Adobe, and SAP Patch Tuesday security updates, we were treated to a massive 443 bug patch bundle from Oracle, a hefty Cisco update release, and of course, the Twitter hackopolypse keeping peeps amused or horrified.
Learn more about the Cloudflare outage:
- Cloudflare outage on July 17, 2020
Learn more about the UFO VPN hack:
- “Zero logs” VPN exposes millions of logs including user passwords, claims data is anonymous
Learn more about the Garmin Cloud outage:
- Fitness freaks flummoxed as massive global Garmin outage leaves them high and dry for hours
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec #SysAdminDay
Optrics Insider - SIGRed, Twitter Security Breach & MS Outlook Crashing
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss why you need to immediately patch your Microsoft DNS Server (if you're using one) due to the SIGRed vulnerability, the Twitter security breach and why Microsoft Outlook has been crashing lately due to a recent problematic update.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:17 - Today's 3 topics
0:23 - Topic 1: SigRed
2:10 - Topic 2: Twitter Security Breach
4:40 - Topic 3: MS Outlook Crashing
6:49 - Closing remarks
Learn more about the SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability:
> PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability
> KB4569509: Guidance for DNS Server Vulnerability CVE-2020-1350
Learn more about the Twitter Security Breach:
> Twitter Suffers Major Security Breach
> Twitter says spear-phishing attack on employees led to breach
Learn more about why Microsoft Outlook has been crashing lately:
> Microsoft releases a fix for Outlook crashes after a problematic update causes issues for many users
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Blu-Ray Player Boot Loop, Microsoft Update Changes & Cancelled SSL Certs
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss Samsung's Blu-ray player boot loop, Microsoft making changes to their updates and why Digicert cancelled 50,000 SSL certificates.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:18 - Today's 3 topics
0:45 - Topic 1: Samsung Blu-Ray Player Boot Loop
3:19 - Topic 2: Microsoft Update Changes
5:56 - Topic 3: DigiCert Cancelling 50,000 SSL Certs
12:16 - Closing remarks
Details on Samsung Blu-ray players in a Boot Loop:
> Ask Hackaday: What Can Be Done With Your Bootlooping Blu-Ray?
Details on Microsoft making a change in how manual deferral of Windows 10 feature updates:
> Microsoft removes manual deferrals from Windows Update by IT pros 'to prevent confusion'
Details on Digicert cancelling 50,000 EV HTTPS certificates:
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - F5 Patch Now, Einstein Data Trends & Don't Scam the Master
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss F5's announcement to patch their devices now, National Cyber Awareness System's Einstein Data Trends for May 2020 & don't scam the master Kevin Mitnick.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:19 - Today's 3 topics
0:36 - Topic 1: F5 Patch Now
3:54 - Topic 2: Einstein Data Trends
7:15 - Topic 3: Don't Scam the Master
9:15 - Closing remarks
Details on the need to patch F5's devices now:
> K52145254: TMUI RCE vulnerability CVE-2020-5902
> CVE-2020-5902: F5 BIG-IP RCE Vulnerability
National Cyber Awareness System EINSTEIN Data Trends for May 2020:
> EINSTEIN Data Trends – 30-day Lookback
Read Kevin Mitnick's Twitter feed here:
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Sophos Breach & Watchguard's Dark Web Scan Beta
Join Scott Young and Shaun Sturby from Optrics Engineering (https://www.Optrics.com) as they discuss a recent Sophos breach notification and Watchguard's Dark Web Scan beta.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:26 - Today's 3 topics
0:42 - Topic 1: Sophos Firewall Buffer Overflow Vulnerability
3:56 - Topic 2: WatchGuard's Dark Web Scan Beta
8:52 - Closing remarks
Learn more about Sophos' breach notification:
> Advisory: Buffer overflow in XG Firewall v17.x User Portal
Learn more about ManageEngine's Password Manager Pro:
> ManageEngine Password Manager Pro
Learn more about Password Safe:
Learn more about WatchGuard's new Dark Web Scan beta:
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - The Largest DDoS Attack, Blue Leaks, Dating App Data Breaches & Ripple 20
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the largest DDoS (distributed denial of service) attack, blue leaks and dating app data breaches and Ripple 20.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:30 - Topic 1: The Largest DDoS Attack on Amazon Web Service
2:29 - Topic 2: Blue Leaks & Dating App Data Breaches
5:43 - Topic 3: Ripple 20
8:36 - Closing remarks
Learn more about the largest DDoS attack:
> AWS Shield Threat Landscape report is now available
Data Breaches - BlueLeaks and Dating apps:
> ‘BlueLeaks’ Exposes Files from Hundreds of Police Departments
> Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More
Learn more about Ripple 20:
> New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking
> Ripple20 - 19 Zero-Day Vulnerabilities Amplified by the Supply Chain
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - iPhone WiFi Exploit, FireEye Hacked, Solarwinds Orion Backdoor & CIA Owns OmniSec
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the iPhone zero click WiFi exploit, cybersecurity company FireEye hacked and their red team tools being stolen, how network management and performance monitoring tool Solarwinds Orion was used to install a backdoor and the CIA is found to own Omnisec another Swiss cypto company.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:16 - Today's 3 topics
0:49 - Topic 1: iPhone Zero-Click Wi-Fi exploit
3:45 - Topic 2: How FireEye was hacked
6:48 - Topic 3: How SolarWinds Orion was used to install a backdoor
9:34 - Bonus Topic: Cypto AG update
11:00 - Closing remarks
Learn more about the Iphone's Zero-Click Wi-Fi Exploit:
> An iOS zero-click radio proximity exploit odyssey
> iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever
Learn more how FireEye was hacked and their Red Team tools were stolen:
> FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community
> GitHub - Red Team Tool Countermeasures
Learn how SolarWinds Orion was used to install a backdoor:
> US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
> SolarWinds Breach Used to Infiltrate Customer Networks (Solarigate)
Learn more about the CIA owning Swiss cryptography company Omnisec:
> Report Claims CIA Controlled Second Swiss Encryption Firm
#OptricsInsider #TechNews #ITNews
Optrics Insider - Malicious Banking Apps, Internet of Troubles, IBM Cloud Down & Malware at Honda
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the FBI's warning about malicious banking apps, the "Internet of Troubles", IBM's cloud being down for 2 hours plus both Honda and the City of Knoxville being hit by malware.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:21 - Today's 3 topics
0:51 - Topic 1: FBI Warning About Malicious Banking Apps
3:58 - Topic 2: Internet of Troubles (IoT)
6:30 - Topic 3: IBM Cloud Down for 2 hours
8:23 - Topic 4: Honda and City of Knoxville Hit by Malware
12:30 - Closing remarks
FBI Public Service Announcement - Increased Use of Mobile Banking Apps Could Lead to Exploitation:
> Increased Use of Mobile Banking Apps Could Lead to Exploitation
Learn more about why it's important to update the firmware on Internet of Things (IoT) devices:
Learn more about IBM's cloud being down for 2 hours:
> From off-prem to just off: IBM Cloud goes down planet-wide so hard even the status page didn't work
Learn more about the malware that hit Honda:
> Honda confirms its network has been hit by cyberattack
Learn more about the City of Knoxville and how they fell victim to a ransomware attack:
> Knoxville still quiet on ransomware attack and what's being done to fix it
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - Contract Tracing App Spoofing, Windows 10 2004 Update & Have I Been Pwned?
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss Contact Tracing App spoofing, issues with the latest Windows 10 2004 Update (and why you should wait to update to it) and how an email pwned an IT help desk.
For more IT tips go to:
> https://www.OptricsInsider.com
Timecodes:
0:00 - Intro
0:21 - Today's 3 topics
0:39 - Topic 1: Contract Tracing App Spoofing
2:05 - Topic 2: Windows 10 2004 Update
4:49 - Topic 3: Have I Been Pwned?
7:15 - Closing remarks
Contact tracing app spoofing is already happening – and it's dangerously simple to do:
> Contact-tracer spoofing is already happening – and it's dangerously simple to do
Learn more about issues with the Windows 10 2004 May update:
> Windows 10 2004: Microsoft warns of a new bug that makes connected displays go black
> Microsoft Reveals Long List Of Windows 10 May 2020 Issues
> Microsoft Puts Windows 10 May 2020 Update on Hold for Most Devices
Learn how an email pwned entire firm's helpdesk ticket system:
> Have I Been Pwned breach report email pwned entire firm's helldesk ticket system
#OptricsInsider #TechNews #ITNews
Optrics Insider - CIA & Crypto AG, $1 Billion Bitcoin Seized from Silk Road & Fortinet's VPN Hacked
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the CIA owning Swiss crytography company Crypto AG, the $1 billion worth of Bitcoin that we were seized and the hacker who released 49,000 firewall passwords after hacking Fortinet's VPN.
For more IT tips go to:
> https://www.OptricsInsider.com
Timecodes:
0:00 - Intro
0:17 - Today's 3 topics
0:40 - Topic 1: CIA & Swiss Crypto AG working together
2:39 - Topic 2: $1 Billion Bitcoin seized from Silk Road
4:27 - Topic 3: Hacker releases 49k Fortinet passwords
6:40 - Closing remarks
Learn more about the CIA & Crypto AG:
> https://www.theregister.com/2020/11/12/crypto_ag_swiss_parliament_report
Learn more about the seizure of $1 billion worth of Bitcoin:
> https://www.secplicity.org/2020/11/10/us-justice-department-makes-one-billion-dollar-drug-seizure
Learn more about the hacker who posted 49,000 firewall passwords:
#OptricsInsider #TechNews #ITNews
Optrics Insider - ThunderSpy, Work from Home Till End of 2020 & QNAP Vulnerability
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the ThunderSpy vulnerability for Thunderbolt connections, the possibility of working from home till the end of 2020 and into the new year plus a vulnerability that was discovered with QNAP network attached storage (NAS) devices.
For more IT tips go to:
> https://www.OptricsInsider.com
Timecodes:
0:00 - Intro
0:20 - Topic 1: ThunderSpy
3:08 - Topic 2: Work from Home Till End of 2020
5:13 - Topic 3: QNAP Vulnerability
8:42 - Closing remarks
Learn more about ThunderSpy:
> When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security
> Thunderspy. Who Said External DMA Was a Good Idea
Learn more about working from home till the end of the 2020:
> Snap! Twitter employees WFH, scam site boom, FB Avatars, SpaceX simulator
Learn more about the QNAP vulnerability:
> Hundreds of thousands of QNAP devices vulnerable to remote takeover attacks
#OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec
Optrics Insider - MS Teams Vulnerability, Windows Bugs Report & COVID-19 Contact Tracing Apps
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a Microsoft Teams Vulnerability, Windows Bugs Report and COVID-19 Contact Tracing Apps. Plus as a bonus, Shaun will discuss something to consider when buying an IoT (Internet of Things) device for your home and their hidden costs.
For more IT tips go to:
Timecodes:
0:00 - Intro
0:35 - Topic 1: MS Teams Vulnerability
1:51 - Topic 2: Windows Bugs Report
6:05 - Topic 3: COVID-19 Contact Tracing Apps
8:20 - Topics 4: IoT Buyer Beware
11:58 - Closing remarks
Learn more about the Microsoft Teams Vulnerability::
> We could have pwned Microsoft Teams with a GIF, claims Israeli infosec outfit
Learn more about the Windows Bugs Report::
Learn more about COVID-19 Contact tracing apps::
> Privacy Preserving Protocols to Trace Covid19 Exposure/a>
IoT Buyer Beware::
> Three things in life are certain: Death, taxes, and cloud-based IoT gear bricked by vendors. Looking at you, Belkin
#OptricsInsider #TechNews #ITNews
Optrics Insider - Apple Mail iOS Bug, Zoom v5 Update & Online Meeting Etiquette
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss a bug in Apple Mail iOS, the Zoom v5 update and online meeting etiquette tips.
For more IT tips go to:
Timecodes:
0:00 - Intro
0.28 - Topic 1: Apple Mail iOS Bug
1:37 - Topic 2: Zoom v5 Update
6:39 - Topic 3: Online Meeting Etiquette
9:52 - Closing remarks
Learn more about the Apple Mail Bug:
> Apple Mail Bug Lets Hackers Control Your iPhone
Learn more about the Zoom version 5 update:
> It’s Here! 5 Things to Know About Zoom 5.0
Learn more about online meeting etiquette:
> The Dos and Don’ts of Online Video Meetings
> 13 etiquette tips for video conference calls
> 12 Tips For Making Your Virtual Meetings More Professional
Learn more about OBS Studio:
#OptricsInsider #TechNews #ITNews
Optrics Insider - Remote Patching, COVID-19 Spam Email & CMR vs SMR NAS Hard Drives
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss work from home PCs and patches, the notable increase in COVID-19 related spam emails as well as CMR (conventional magnetic recording) vs. SMR (shingled magnetic recording) hard drives and what you need to consider when using either for network attached storage (NAS) devices.
For more IT tips go to:
For information on ManageEngine's Desktop Central go to:
> www.ManageEngine.ca/desktop-central
For information on F-Secure go to:
> www.Optrics.com/partners/f-secure
CMR vs. SMR Hard Drive Additional Reading:
> www.servethehome.com/surreptitiously-swapping-smr-into-hard-drives-must-end
> https://blocksandfiles.com/2020/04/14/wd-red-nas-drives-shingled-magnetic-recording
#OptricsInsider #TechNews #ITNews
Optrics Insider - Top 3 Work from Home IT Security Issues
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the top 3 work from home IT security issues that IT administrators and IT managers currently face as their employees transition to working remotely from home.
For more IT tips go to:
> https://www.OptricsInsider.com
Timecodes:
0:00 - Intro
1:40 - Topic 1: Keeping your staff who are working from home safe
4:00 - Topic 2: Keeping your network safe
5:25 - Topic 3: Pros and cons of working from home
7:40 - Closing remarks
Resources mentioned in the interview:
> OpenDNS: www.OpenDNS.com
> CIRA D-Zone DNS Firewall: www.CIRA.ca/cybersecurity-services/canadian-alternative-opendns
> WhatISMyIPAddress: https://WhatIsMyipAddress.com
> ManageEngine Desktop Central: www.ManageEngine.ca/Desktop-Central
> KnowBe4 Security Awareness Training: www.Optrics.com/KnowBe4
#OptricsInsider #TechNews #ITNews