Irongeek Cast 128: Horseshoes and Russian Escapades

Irongeek Cast 128: Horseshoes and Russian Escapades



hello everybody welcome to our geek cast number 128 horseshoes and Russian escapades as if I do like doing good we need like a little animated dude who's like head banging through the intro yeah we could do that I could probably figure out a way to do that um actually there's probably a way to do it through hangouts but I probably won't figure that out before hangouts spits no options i I know Darrin posted another option that option looking too much yet I've been a lazy bastard does it do streaming YouTube Darrin I'm sorry what the option you presented in the channel for streaming I made that stream straight to YouTube uh I don't know I didn't look too hard into I just can't propose and see what people thought and I think Jackson but fire all not working with WebRTC H I believe is what it uses so that may not be an option to use no no no I mean it's fine it just it just means that after swap ports so I thought to use the app to use mom my main my main firewall bypass okay I'll look into it some more then over the weekend and let you know because I think we have one more we can do it on hangouts before it's over assuming that they don't kill thirty-first cool yeah yeah Jack you could always just throw your system straight to your DMZ and be done with it and I will follow that under bad idea by which which oddly enough which oddly enough I I was looking I was looking on my looking at this Facebook group and that was some advice of money gay because they were having issues connecting to Xbox Live yeah just don't like Schmucks in the DMC anybody listening that was complete sarcasm like don't do that poor do and tell us your IP address yes yes research purposes as well as saying how much money you have in your bank account oh wait I mean research yes for research purposes yeah we liked see how much money everybody listening currently has so that you can donate it at Eastern crunch their patreon / Adrian Crenshaw argy almost I know a lot of people left patreon because of the whole sargon of akkad and other things mmm nice you so Cappy how you doing I'm doing good have having a very slow week at work but otherwise it's going good I don't have any complaints excellent this week well one complaint but we'll get to it he'll be dealt with Darren how are you oh dude okay I've had some pretty good news in the way home which I'll while we talk off they are just get to share as it relates to my boom boom my FFL so awesome I was gonna say you're pregnant no but your mom is daddy yeah you better call me Dad now don't make it weird [Laughter] one morning you was dairy your boxer was drinking my drinking mouthwash use who is that director I thought it was kool-aid but you know that Darren it may it taste a different okay Jack it's going great man welcome to the iron key cast where if we were a trained we would be during held immediately that's right hey we're constant constantly derailed come we even start the first time so we haven't left the station yet we're off the tracks already exactly I'm saying we barely got past the intro okay tux hey this week I'm doing pretty well yeah yeah yeah killed any new pies yet no I'm I'm not no I actually left that gig him being that you got personal pies I like that personal pies Oh personal spice oh but yeah I am still doing stuff uh uh I need to get the official power supplies for the fours that I got because um they're really finicky about just any off-the-shelf five volt USB C and I tried powering off the GPIO pins and couldn't turn on besides like the kernel started booting and it like froze been enumerated the USB devices in our state well my advice for you is to get the non chipped us B C's ah okay or I can always I guess I could just desolder that spot the USBC connector and plug in me I have like 5 volt 5 amp power supplies um how much do the power supplies cost like 15 bucks no like 80 or nine dollars I think yeah yeah I mean just buy this power supply no I will but this seems like seems like a little overkill but yeah so like desolder it off is gonna be taking away more of my time and value my time so no wait uh yeah I'm looking at it yeah I mean it's like what you're gonna spend whenever you go to Wendy's to get some fast food get the power supply mmm there yeah of course of course the guy from Ohio plugs Wendy's and not anything else one other thing I don't eat McDonald's the closest chick-fil-a is I think I've eaten at chick-fil-a one time cuz I just don't know where they are around here I like Dena toes like pizza but – that's from Columbus yeah you're you're not helping your case yeah I like white white castle's from here – uh-huh Dewey's pizza in Cincinnati area I've never had that one is it good it's freaking amazing it's uh yeah you should look that one up get over there it size like in okay it's by try to think if it's bright by Westchester I know they have one I don't know about peel of chick-fil-a I mean okay but I always eat chickens good but that is pretty much all but I will go there for ya there chickens pretty good um kind of a life hack I guess if you like chick-fil-a like the food like the taste of it but you don't want to you know Java chick-fil-a go to Sam's Club they actually have Eve chicken nuggets at these pickle juice in them that are actually really he's just like it you had the perfect name-brand nuggies mm-hmm I like I like rallies that's I actually woke my first real you know job to sports like tax returns and all that yeah looking at the first rallies in Jays Ville Indiana okay and uh my favorite chicken sandwich ever rallies had about man probably ten years ago I know it you're talking about a Frank's redhot dipped I mean it wasn't like they just like put some Frank's on there I mean they took this deep-fried chicken patty and you could get like double patties on it I mean it was amazing and they would dip it in a bat of Frank's redhot my goodness it was best spicy chicken ever no no you did not just say that that's blasphemy yeah I did just I well I like Frank's I like I like I like all kinds of hot sauces but everywhere Frank's redhot is not hot sauce it's agreed like I've done hot pepper challenges and everything but just from a flavor perspective like I like it way more than say like Texas pee or Tabasco I just like the flavor of it but then dipping that entire freaking thing down there and then you know sauce is just dripping off of that it was amazing and they only had it like one year I think it was for about four months and I probably in that four month time frame a at least 20 of those say with just everybody has her own taste for me I like that taste that's like the one thing that got me through some of the blender the sandwiches when I was living in Europe it's like okay cool she's got a thing of Franks here we go Frank's a hot sauce but there's a different kind of it's what that's what the original buffalo sauce was wasn't it oh pretty close yeah mm-hmm and if you have all D's in your area cuz Franks can get a little pricey if you use a lot of it the all DS Berman branded like the all DS brand of hot sauce tastes almost exactly the same and it's like a quarter the price okay I be covered everybody said hello to everybody in the cast almost I've had a good week so far last week my counterpart my cohort was out of the office so last week was stupid busy and got back to normal levels so I can breathe again so good week so far this week I am not really looking forward to my flight out to blackhat I'm gonna have to get up at like 3:30 in the you know freaking morning but other than that next few weeks should be really good Adrienne how's your week that's been going okay someone's new Gotham a podcast you guys the freeway Coons and a hoodie ordered a bunch of stickers for who Chaka Khan sent me some you should be those various conferences I'm going to and nice that's about it I also got 50 magnets okay cool they look cool look Matt Magness will be big about like three inches as opposed to two inches squared two inches squared is the most economical and it you can still read all the text on it yes very cool off-topic I know it's a little bit yeah things in the magnets still have like the date of the conference or just like okay here's this magnet one is it the end the stick is the same pattern it's just different sizes and the magnet size is three inches is the smallest one that they had cool does anybody use something up and stick them you'll by the way I'm about to use T spring for some of my stuff just to try it out but I will let you know how that goes uh because I know a couple of guys that I'm friend a couple of my friends have used them for stickers and it turns out all right I've got some of them like on my backpack from them ordering stuff so they're decent I do want to give public notice to Marla ahem no one can beat my private stock hot sauce grandma's recipe Marla if you would like to share we would love to hear what that is if if you're willing to share I probably have 35 different hot sauces right now and I'm selected but whenever I use it obviously because just you know summer expensive summer inexpensive but yeah hot so I'll in a local liquor shop I think it's called party barn or something like that Jack would know it what's that supposed to mean no no I know I'm aware of it which they they family stops talking most of them at the bummer yeah you'll get all sorts of crazy shit that's the one thing that was like in a double sealed container called pure cap yeah I don't think I'm what touch that oh yeah like I have a it literally from yeah probably not the same brand but I have one that is just straight capsaicin so yeah that definitely exists and yeah it can get incredibly hot you definitely have to use it sparingly do do the one drop test one drop taste it and then add it to your different foods and stuff I'm old roommate now not good not North Korea shit knows maybe and well I know right now but usually my hot sauce is when he was cooking and he made that mistake about getting somewhere in Spain girls going to pee without washing his hands oh yeah yeah yeah there was a big old dude like three or four jobs back and and they were eating it was either Quaker Steak or B dubs one of those but it was her hot wings you know which are like crazy crazy hot but still they have some heat there's pepper oil in there and yeah went to the bathroom didn't wash his hands beforehand and this is a big boy this is you know six five six six to 80 to 300 lot of muscle and you just heard this woman scream and you're like oh my like run out like where's this woman and we realize it's coming from the men's bathroom and here he comes out and his eyes are just teared up and yeah when go off in my flesh pocket that's about the list I've had quick drive home to take a shower just the entire way just screaming at the top of your lungs that's right okay Marla I definitely agree too hot and it loses its taste gotta have it just hot enough to let you feel it while keeping its unique flavor yes hundred percent agree I go baby hot what is it uh Dave's insanity saucy sauce a lot stuff but after use that shit sparingly because I'm I'm a bit of a hothead but man I just totally get destroyed by some people if that's such a problem down here but she was like chili cook-offs in Texas is the it jackasses who think oh I'll make it as hard as possible I'll make a hot enough Tina no your stomach lining but that that's not a flavor he's not flavor it's a flavor enhancer you correct yeah and see like whenever i make chili i honestly try not to make chili that is too hot the only I can eat it but I'll use like four or five different types of peppers all the way up to nuclear but the nuclear I'll use sparingly just for flavor and just try to get that heat up to the point that most people can like actually handle it right and you know and enjoy it not like handle it and they're dying while they're handling it yeah don't make a mistake I obey with my ghost pepper back in cheese yeah yeah Fitz if you go a little too hard there it's gonna get really hot really quick and and and the thing with ghost peppers so I chose pepper sauces but I also ate a ghost pepper straight it lingers and yeah and that's the rough part because yeah it's awesome for about 15-20 seconds and then all of a sudden you realize it's still there and it's amplifying and it's still there for another 5-10 minutes well well some well somebody didn't like the fact that Jesus I used was had ghost peppers in it and it was like well just oh some uh disto some ghost peppers in there as well so the next time I made it you know I pretty much had to throw it out because I couldn't finish it yeah yeah then your stomach's gonna have probably have some issues and then the next day you're gonna be loving that porcelain through what is the hottest pepper out there right now considered because I don't people breeding them and crossbreeding and which I think there's a mix between the Reaper and the ghost pepper though now that's supposed to be hotter I think cuz when it goes pepper than Reaper and I think there's something above that now but I just haven't been keeping up with it to the nagas like wait hang on someone's using the Google yeah ooh good research good research so according to there's Carolina Reaper and then there's the Trinidad Moruga scorpion yeah which the Trin unless the Muruga is something special tree not scorpion normally yes slightly below the go snapper yeah so it's if this is a stupid way to write this article if you put the Carolina Reaper at the top with a Scoville level of 2.2 million okay so it is still Reaper I thought they cross bred Reaper um yeah there's one that looks like it might be no no from what I'm seeing it's it's the Carolina Reaper so full nice well dragon's breath hang on so he says dragon so there's just a new one called dragon's breath clocks in a Scoville range parrot Scoville rating of two point four eight million what how did it come to be say what they used to make it Oh about we'll get on with the rest of Castillo and get happy sunshine when some interesting point and I didn't if you guys seen this news guys peppers are very interesting yeah they just like yeah but can we get back opinion from you fellas on John McAfee being arrested I don't know he was arrested uh I didn't hear he was arrested this is according to McAfee that he's being detained which it's McAfee so make blow great again McAfee yeah I mean he may be detained he may not be it could be one of his little PR I'm trying to stay in the limelight episodes but I haven't seen any secondary confirmation that he's actually been detained outside of entertaining it okay so here is a article that I just pulled up from heavy calm I'll find something else later heavy yeah John McAfee's campaign manager has said on Twitter that the presidential candidate and his wife might have been arrested or detained on his boat sparking rumors about a possible quote Deadman switch that John McAfee recently talked about online McAfee has been living off a boat and says it's because he wanted for not paying taxes now his campaign manager is saying that McAfee and his wife might have been detained on the batboat this is a developing story and pulling up a couple of the tweets here this is logging on whatever his campaign manager again I have good reason to suspect that John McAfee and his wife and other companions have been detained by authorities at the latest port of call I will be operating this account providing updates as they become possible update number two I last spoke to John as his boat was being boarded the situation was tense but controlled our conversation was cut short by authorities confiscating their phones quotes the bastards wouldn't even give him a cigarette wait he he wasn't on a British vessel and these aren't the Iranian boarding the boat right Maccabi yeah yeah I'll put that in here yeah actually I had impromptu meeting with him not it pin person but at a conference with sky dock on I don't know which number it was that they just happened to be there and it was really low attendance conference cuz they didn't do enough advertisement ahead of time for that one and what someone just having to be at the bar at the hotel and look down it's like McAfee is that fucking John McAfee so next thing I know the guys walking in to the hall and he had no attention to being at this hacker conference but he did an impromptu speech which unfortunately I couldn't it wasn't getting recorded I think that was some that was someone else's the duty to record I think that year evidence duty but uh yeah he just end up showing up at a conference at random nice but yeah until we see something that is outside of a publicist or manager whatever this guy was I'm gonna take with a grain of salt maccabe's freakin nuts yeah I'm gonna pull his Twitter on the side here and I'll be watching that as we're going through the show so if anything like juice tea or anything comes out you see I will give updates as stuff develops sounds like the good time to hold on for dear life of your Bitcoin safe McAfee is about to reveal any secrets oh cool yeah and he's not affiliated but well he has his own cryptocurrency yeah he does and so he's a proponent of crypto for sure or at least I he said he was gonna start one today anybody know if that ever happened his cryptocurrency get up and run oh hang on so posted about an hour ago McAfee I'm gonna share my screen here please yeah okay so leaving so this was posted about an hour ago leaving detention don't judge my looks for days of confinement I was treated well my superiors were friendly and helpful in spite of the helpful circumstances we decided to move on more later so so say he was detained in a massage parlor parlor a hat did look at like behind this this this doesn't look like an office this looks like a house or like some weird house or something oh yeah like house arrest it pulls that first picture the other guy keep all of the middle earners in there it's like oh I know this house I've been there see try and see what that flag on his shoulder is uh-oh recognize that when I'm and it always in the Gulf right so it's like yeah I could win the small Nations there okay yeah all right yeah no weird can confirm they're safe yep okay so about an hour ago they they were released they are under way to a new location would have been forced to leave the freedom boat for now John will be assuming control of this account again after travel okay hey speaking of crazy was Assange ever taken into custody yeah yeah so was he actually like in jail now somewhere yeah he's being held in British detention okay yeah he's he's definitely being detained and in jail ooh boy thank you yeah why did McAfee go kind of out on the run initially I know he paranoid well that's that's the fear but paranoia in general I know that's what I thought it was was there anything legitimate though he killed somebody well I don't know if it's been proven but that's that's the running theory but his ass is also crazy off a bath salts to so yeah yeah I'm going with a hard like shrug here when they say we want to talk to you and you take off yeah they're after me yeah but that was a different country he killed someone in what country was Belize of lilies yes believes but I thought that I thought they like they stuck they dropped the case I think they have but I mean put an awkward wonder how much he had to pay them to drop that case oh by the way uh I saw so were you put in a title I didn't want to change it so I figured out was horseshoes in Russian spades uh but I was one who named this electric people because uh did you hear that record higher well good how it pass away yes yes yeah that was unfortunate I put it in there that you could change it if you wanted to I like that cause it's on topic okay yeah who would botnets okay so I have a small little update on Oh an update okay we knew where you were talk about small and little just curious where that was going yeah yeah so I confirmed something that was my suspicion so if you go to shoten right now and try to search for a docker and if you're researching stuff for that I'm sorry but they are blocking everything docker related in the HTTP level any sort of web querying or from the browsers because of what I found the only way that they could figure out to block it or stop any further attacks that could automatically spread was just having cloud fair flare just 503 all of their all their requests so apologies for that it still works on the API if you want to do more research into that I just want to make that quick little announcement because it could get annoying yes so like some of the research you've been doing have you been doing it via API or going yeah so initially it was on the gooey side and then I got kind of fed up with having to keep like scrolling through page after page after page so that's why I wrote the scanning tool that I have to look for them and I'm going to write the reporting feature so that actually gives a nicer report and actually like greps out stuff but yeah doing that will also be a lot faster as the AP you don't have to page through everything and I became Zack you'll have a record and if anything changes you can actually like base everything back out and yes I won't know good database as well as the attacker that you were looking into some I mean they were already ap I doubt right nope so they were doing everything based on curl commands actually so they would so it within the code base he had a large list of I think about 3000 different queries and like just different queries like he made like a full list of stuff where he knew like like Ali Baba was using it Amazon was using docker he basically went like whatever filter he could throw on to it other than like basic like docker and port 2375 he went to just like things like different languages because it might show up different in another language but yeah so he had all those he would curl them out and put them in an IP list and then he had the docker code inside of the image to actually try and take that IP list and then go out and exploit from the docker container to that other host that had also had pinged so that's how it kind of propagated through shodhan recently though since that's not the case it's all hard-coded now so he kind of just got everything was sent back to his command and control server yeah and now it's just a hard-coded list that he got from all of his BA or it can like rogue containers and he just has that packaged into the malware now so it's it's a little more difficult to track him but that's why I wrote the tool to track it but just right now scans it but he also has a skill set to be able to go ahead and tie into the API right yes but the thing with that is that's enough so here's here's the thing with this – you don't have unlimited queries with the API if you exhaust all your queries you're going to well then it'll be email address CPI key which so it has tied to that is tied to your account which shows mm-hmm associated with your email right right and whatever you know yeah and you obviously can't go in and make multiple email addresses then get multiple API keys right right which is what his MO has been is doing that but it's a lot easier to probably track it from the API key rather than your account I don't know yeah so it's a little bit OPSEC move but I mean yeah my thought is he will still be able to he or she whoever will still be able to him get around it at you know in a time frame so it's only putting a small band-aid on the will get ripped off and it'll be wide open again so my my favorite thing so far has been he'd tried to base64 encode everything thinking that was gonna stop people from looking at his code and he did it and then I just decoded everything because its basics t4 and then it was the same image and whatever so it was like alright cool I grabbed all the evidence that I couldn't sent it out to people and then the next image he forgot to like reset when he did a test so all the base64 encoded stuff was there but so was also the rest of the code you like ran the code ran the test at a docker push and then like started it was it was funny well which host confirms it's a single person not a team there's there's no QA occurring all that fun stuff maybe or it's an honest mistake yeah it's evidence of it I have no grasp on any sort of attribution right now the fact that I'm not seeing any other ones popping up that aren't kind of yeah like once like the first couple of instances where I took people down a lot of stuff kind of like dropped off where it's still there and I can't attribute it to anything yeah or without like going in and like looking at network traffic which I am not authorized to do on these devices that are being attacked yeah it's I mean maybe you could request that the attacker actually make some logging and send it out then you could capture that logging yeah sure no I'm working on a couple of features to dalek to actually monitor different stuff because I'm shodhan you can set up different IPS that you can monitor so taking his attacking base and look at the ones that he's frequented the most and then making an alert for that so that anytime something changes on that system I'm aware of it and I can look at it see if it's new and all this other stuff yeah let's see if it's legitimate I mean especially from being outside the perimeter you know that's a really good idea I like that yeah yeah yeah and damn pretty soon daleks also gonna have the freebird module it's just gonna echo Freebird whenever Jack uses it no it's not no there's no it's gonna identified via source IP yeah naming the database the database module is free free bird' cool also be free bird' dot pi we like no sense for it to be a database I like it hey can you hear whining in my background yeah yeah he's fine a thetan yeah yeah he's super happy right now Ethan's just mad that I haven't written the database yet yes will do we'll do a baby cast that would be funny we'll probably get a lot more of viewers and insight than normal yeah probably but yeah so that was like the one thing that I wanted to bring up because I was watching another talk where people were looking for different docker containers and kubernetes instances and they were using shodhan and census io for that and then I was like oh man I just made these guys this is life a little bit harder whoops I like it but important note everything that's written and Dalek is based off of the shodhan module and python there's other things that you can develop on your own for yourself so if you don't need a lot of stuff you can go ahead and just script up some of this stuff out and codes open source I don't care if you just fork it and make tweaks to it as needed so hey you want to post a link to Dalek on there yeah yeah okay let's hit the breach report I was lazy this week and since potentially Kathy I think added a couple on here I was like security I added one so but breach report so Russia FSB projects had been popped so there was a third-party contractor working with Russia's FSB and this is being said to be Russia's secret intelligence agencies largest data breach in history the attackers were able to get 7.5 terabytes worth of data from a major contractor they didn't actually say who the contractor was at least whenever I've gone through this information including the FSB projects 2d and on anonymize tour browsing scraping social media and help the state split its internet off from the rest of the world North Korea and the data was passed mainstream media outlets for publishing yes and yeah it's yeah there's another link that I found I'll to find it later but they actually list out what each of the projects quote-unquote that were leaked and what they were for so we might be seeing that dropped somewhere in the future which I would find very interesting yeah because especially with that D anonymization of Tor yeah governments would be very interested in that yeah the Dean autumn is a ssin of tor was called Nautilus s man apparently was actually launched back in 2012 so seven years ago you know they haven't done it by now they're probably never what don't but no I think I think that's when I got I think that's when I got caught like like hope hosting uh hosting like 19 or so exit notes yeah I mean but like CIA side how many CIA hosts yeah hey Israel Mike's a little oh okay but yeah definitely interesting because we had NSA you know all the NSA tools dropped a few years ago this didn't unfortunately get into tooling from the Russian agency but it is pretty cool to look into and be able to see what projects side they're working on in a offensive manner yep because we've always worried about what's going on there well worried we've been interested yes yeah it's definitely interesting and the person they are attributing it to and honestly I didn't look this guy up to see if it's on Twitter zero virus v1 are you dollar sign so I'm not sure if that's like get please on Twitter is he this account doesn't exist you say doesn't doesn't know they got they got they got pulled like if you go to that Twitter page right now this is what you see yeah they got taken down yeah so they got well they were on Twitter yeah probably probably is because they said something or to order that will we could we could do this one of two ways one you take them down or we take you down so over is is actually a group of people is not a person okay so honestly you know to still breach the contract normally that's not gonna be a single person oh here is going to be a group but I think are people out there owned one of the members hang on okay it's in Russian so pardon this but this was oh sorry your native language awesome oh you do you strike vodka all I know are swear words but apparently all right this might be a journalist as well I am Not sure but in the naked security article that I originally saw this in this is the guy that's kind of been exploiting that are leaking this information out so I will also post this in the show notes as well here for you guys to take a look that's right and this is the one that goes through and shows like what no this one wasn't going through and show each of these projects but I don't know there's another one that I saw later I think it was BBC might have done it was BBC Cappy doesn't know Cappy didn't know let's translate let's see how broken English this is I'm actually getting fairly impressed by the translations on these they're way better than Facebook's oh yeah since my wife is Filipino and she has Filipino friends who make comments mixed up English and the Sigala back and forth in the same paragraph they do yes yes and that happens not only in writing but regular like speaking also yeah which is why whenever my wife's mom is over here and they're having a conversation and I call it tag along but it's like you said tagalog my dad is 3/4 a Filipino one-quarter Japanese that's why I can understand like what they're talking about and get the vast majority contextually of what they're speaking about even though they are not speaking a language that I am familiar with in any way it's very nice of them that dark Cal said how you celexa to get on tour nice yes use wiretap to get on dark Al's like oh yeah I use Alexa as a an act or exit node I use it as my SSH jump box dark gal thank you that was funny all right see I posted a couple of links in there from Sophos and BBC that has the BBC article has a little bit more of a description on these projects that we found nice ok are we dealt with Russia lets it move on to some lanova 136 terabytes 32 terabytes oh wait you know my title is wrong aha yeah see I'm actually reading the subject real quick anybody who was watching if you've never watched us or we didn't mention it the last time you were watching us we're going off the show notes so Google whatever something but if you go over to Adrienne's Adrienne Corrine show on the left side under the YouTube stream you'll see show notes and then docs google bring that up and you can see the different links and articles that we're talk about right now there's also a discord invite link at the top of the show notes if you want to chat with us or chalice the community in discord and some of us are better about getting on there than others I'm on the unfortunately the I'm not as good about getting on there I'm always on there if if you say something give me about a half hour yeah Jack lives on actually discord was designed for Jack I mean it realized that Jack is the center of the universe and disk or just you know designed itself around him so nah pretty amazing alright so Lenovo security vulnerability exposes 36 terabytes of sensitive information this is kind of a little bit of a combo between vulnerable stuff and a breach report so Lenovo recently acknowledged a major security vulnerability and categorized it as a high security vulnerability and ah snap oh snap I don't know what's going on with this page like there's a memory leak or something in this page it's your system probably that too unfortunately the exploit ended up in exposing the data of thousands of users with Lenovo EMC storage devices so this kind of goes back to the last week we're talking about oh excuse me all the storage devices getting hacked yep or being flawed in a way that it could be hacked yeah and security researchers who studied the impact revealed that the security flaw resulted in data leaks of 36 terabytes of data and I believe that's collectively and there's a vertical structure report linked here that you guys can go and read that but I won't get into that it was stored it so 36 terabytes of data was stored in around 13,000 spreadsheet files and you know comments honestly yes or no because you think about EMC you know I've been as here at home I have how much 32 tear raw no 6 I think therefore tear drives so 16 raw 12 usable you know and we're talking you know three NASA's potentially you know if you got everything off of it so I mean yes it is a lot but as far as impact I'm just curious how many actual people were impacted by this so here here's the thing to in the next paragraph down the researchers who used a search engine for did you show them to figure out whether these data leaks were happening revealed that approximately 3 million 30,000 106 files were in the index that you could grab so that is pretty much any think let me give me two seconds here why to show in Lenovo EMC see it what that comes up watch they've like 502 503 this stuff – yeah no results found try to CMC Excel on over mm-hmm I mean because whenever comes a storage nobody thinks about Lenovo when they're and you know kind of puts Lenovo with EMC well maybe hang on I got an idea what if I say product damn it's that time of the year you got an idea I love this time of year it's my favorite please login login okay you're killing me yeah so no product meaning I will look and see if I can find that shoten thing so that you can actually see that because yeah it's a little pedantic or look at Cappy pulling out the college words yeah haven't you connected ours than like so that was four so like yesterday wow you were in college when you were four that's amazing I was actually talking to a guy today he's like yeah when I was 18 I was like wait you're you're like a senior in college and you're 18 he's like no when when I was a oh okay good you're at least I thought I was talking to a genius thank you for clarifying that all right other than you making jokes about people's age old man oh I know I'm Doogie Howser wait to see you know a Tookie Howser is exactly oh wait uh Caprica do you know who Johnny number five is now oh my gosh you don't watch short circuit oh just like eight years old and he knows who's Charley come on he's old of you by like a year don't don't start that okay he's older than you by like a chin hair come on the one the one I don't have very many okay that's okay we still love you but but yeah so I was speaking with somebody yesterday and I came up with this amazing marketing thing that you know we need to have Johnny number five I like we will have no company branding no signage no nothing just have Johnny number five there and you will have everyone like flocked to the booth and I was speaking with somebody like who's Johnny number five no what don't tell me that like I have to educate you it he's only and all of a sudden I realized I I could be a marketing God because you know you just bring Johnny number five and everybody will go to your booth no matter where you are okay yeah so no I have not seen this movie but I have seen just live I don't know what it was yes and you just look at Johnny Five and you're like yep I I would walk up to see that yep right see ya especially if he was holding free swag yeah even if he wasn't you're still gonna go up to see him I said especially yeah hold the spring flag even if he's not he's not yeah yeah see marketing I could have been a marketing person never had a clue but yeah so that basically is Lenovo with 36 terabytes of information gone ish wait what was it gone or just copied cop okay so not gone yeah I know I could just I just yeah it might not be gone gone glad just like just compromised it has left the building sort of yes quite yeah we'll call it Elvis yeah I like that we should definitely that could become a security phrase it has been Elvis I like that okay lastly with each reported comes a cost so I saw this article pop up on my security alert stuff it it just the tag or the title caught my eye your business hit by a data breach expect the bill of three point nine two million where we've been seeing with every breach report and that that we briefed on everything each report that we make and each week we see a bunch of them and oftentimes there's a huge fine with them and IBM's an annual study they did a cost of a data breach report and found that it's risen 12 percent in the last five years and organizations can expect to pay an average of three point nine two million dollars and it goes into a little bit more with that but this also goes into into a topic later that we discussed this is very much like an average and not like a per case basis like with Equifax yeah like that's gonna be a little bit more but that's at least the average so every time that we see women's breach reports there's going to be an uptick so if we put more crap in here there might be an uptick in the costs especially in the coming years especially with everything with gdpr and stuff like that happening where they are straight up just finding people they're finding not people finding companies for just poor security practices in general or poor data practices in general I see this number rising again exponentially within the next year yeah and and something to think about too you know one two system being systems being compromised not to are are not going to equate to four million dollars and especially if it's a user's desktop where 80% of Plus of stuff comes in yeah that's not gonna be four million dollars so the big thing is you will be breached I mean I work for a defense company you know information security defense company you know whether you used us use somebody else whatever you need 24/7 sock monitoring you need EDR you know you actually need things on your end points and quite retarded baby yeah yep like the days of antivirus is a thousand years ago antivirus is antiquated now granted yes you should still have anti-virus because it's gonna get rid of the script kitties who are reusing code it's gonna get rid of the crap that's currently known out there but we're the actual attack you know I had to live through no beta unfortunately that sucked you know whenever and unfortunately that was nation state but whenever it is an advanced threat uh threat actor you know they are not going to use off-the-shelf products you know they're not going to be using Metasploit that you know every AV can potentially pick up they're going to be used using customized utilities that they've developed for specific attack and your standard antivirus is not going to detect that I mean Microsoft Defender ATP all that stuff like it is honestly really good now but it's still not going to potentially detect that we're at from where it started yeah yeah I mean it five years ago I would have said you know defenders complete like I would have laughed at you if you were using defender in an organization today honestly from AV perspective defenders want to by far one of the better ABS out there they're actually utilizing all this information that they have you know collecting the information categorizing you know like breaking it down and actually making it meaningful and useful and improving their product for detection so from a as well as you know one of the few things I got to actually give it to Microsoft you know getting in and certain to protect the the memory space things like that that's that's good like we should have done this for a long freakin time so defender from a Navy perspective yeah it's actually good now but whenever you're talking about advanced threats it's still gonna get blown away by somebody who's good so that's where you need that monitoring you need to have that 24/7 you know if if you have your own an out in house sock and can afford that and keep it staffed awesome you know if not get out there find somebody who can do that 24/7 as well as has the technology you know and the endpoint product that complements your sock so okay my rant off my soapbox no it's cool I was gonna add to it another thing to note too that don't like is real saying don't just have the one protection in place because also you you have to configure your environment in a certain way to like Windows Defender yeah from where it started it was a pile of garbage but now it's actually something that's usable but it's real easy if someone is already like on your system to open up a PowerShell window and do some fun PowerShell trickery to just bypass any sort of administration or well I I have power under is to shut down defender you know like as long as I have admin capability on a box I do you mean I mean yeah I'm a PowerShell string that will shut down defender yeah and then you don't even need admin in some cases and some environments you can just set the execution policy exactly processes to be bypassed so it just bypasses everything within a normal non system PowerShell instance yeah and you can literally that's that's how like I shelled my first box was just my first my first like internal was just setting the execution policy and then putting an empire putting a Death Star agent on it and then seeing where else I could go within the work like that was like my first foothold was something that like level of just like um to try and move around and pip nice and then yeah you know if if you are somebody who thinks the application whitelisting is like the holy grail and nothing can get past this okay that's just a filter yeah I mean most the time it works fairly well but for anybody who doesn't know checkout living off the land binaries and scripts because did you know that read server 32 and Windows can make URL call guess what the attackers do they're utilizing it and there's all these binaries out there Mac Linux Windows that can do things that are outside the normal scope you know the normal thinking of what they should be able to do they can do these other things and execute you like for instance you can actually cute shellcode using IE so by opening it up in a browser you can execute shell code within IE 2 then get any sort of whatever you want to do yeah yeah so there's not just like one thing out that you know that's why I said you know yeah you need to have anti-virus but you also need to have ATR you still need to have that perimeter you know firewall you need to have your web filter out there like all these things you know that the onion you know multiple layers and ultimately it's best if you have that you know somebody monitoring all this stuff because if you have all this technology in place and all it does is collect information but nobody is actually looking at it it's completely worthless yep and training and making people aware doing security awareness training making sure people aren't doing stuff to mitigate stuff like that because yeah berries on that I mean I didn't mean to interrupt you there hey Jack if you're not gonna go ahead uh you will always have new employees you will always have that one person who keeps clicking on shit so you are always going to have that internal threat somewhere you know you can't fully mitigate that but training will definitely lessen you know your risk but training will not mitigate it in and of itself yeah so yeah it needs to be that's what and same goes with like the technology side which is why I wanted to bring like that outer layer of your security onion needs to be your people you can have all these other layers that go a little deeper in the tech side but you need that firstly the first layer is always going to be people exactly because what happens whenever you know you take the laptop outside of the premises or you know and where you just have layer yeah where you get fished but you take it outside they connect to Starbucks because that's what they do and then they have something on their system that now comes back into your perimeter it never had to breach your perimeter it hit a laptop outside of it came back in and now it's working on spreading you know caprica got a tunnel back you know reversed shell back and you know he's like oh sweet it's finally coming from the IP address that is there external firewall yeah awesome yeah from from the inside yeah and they're letting me you have 22 outbound or whatever yeah actually fun fun trick for red teamers if you need to have a something go outbound in there blocking 22 outbound just have SSH configured to go through port 443 yes yes or or take it over 50 52 53 53 yep yeah like nobody isn't gonna block DNS there there is one time and this this wasn't my I can't claim this at all but one of my co-workers he was telling me this one story when we were setting up this reverse shell using four for three that one time he exfilled stuff via ICMP no shit yeah I was like happy all these things you did let go one important that I didn't do it's like yeah yep it's kind of our job and to you know remember this three point nine two million that's average if you are a shop with you know seventy systems yeah the dollar amounts not going to be at high whenever you start hitting like the four million that's whenever you're hitting like three thousand two thousand plus system somewhere in that range so we are still talking averages but when you're reckon like how many how much data is being exfiltrated yeah not compromised was the word I was looking for but yeah yeah agreed okay do I hit the bulb yeah so we actually got a kind of a fun one that actually came out with proof of concept code at launch date which I was like I don't have to question like four days I find the thing literally took me a Google search to find it so critical remote code execution flaw a he met Jocko because we are security professional yeah you can't Google dorkin's Wow yes yeah and it's way more effective honestly not techno thank you because keeps changing their freakin parameters a search engine is a search engine so mm-hmm it doesn't matter the same way you're looking for information through Google with the different parameters are the different boolean's and if-else conditional statements you're gonna do it with DuckDuckGo or Y and sorbet you or oops yeah thank you or whatever else is out there but just to clarify uh the reason why like I like duck taco you know doesn't store cookies doesn't store you know personal information about you like that is why I like tecnico it it doesn't have as much information as Google but it also he hasn't store your information so if it's not going yeah it also this was why I originally started using it for a little bit was it had a lot of penalize kind of stubborn or not tool a lot of indexes centered around searches that developers would use so when I was a developer doctor goes to spot for me to go yeah trying accidental Ryan accidental but yeah it's a great spot for it's a great it's a great search engine I would use it with brave if you want to have full like non-scoring whatever and that that's what I actually do I a couple it like whenever I'm here at home I'm I'm a pie hole so that X is out most the advertisements coming in and then a couple you know brave with duck taco I mean it's it's really nice mixture okay back to the vulnerability of the week and by Charles critical remote code execution flaw in Palo Alto gateways hits uber so uber got a hit with something kind of funny um so the flaw in was it called and Palo Alto Networks their gateway global to protect interface yeah if you give it a format string or like a specific format string and the company's SSL gateway and that's what handle client-to-server SSL handshakes and stuff like that you get code execution and I'll go into that in a second year and the almighty curl is basically all that the code is so it got hit or not it's uber actually got hit with it because the researchers decided to use it on uber on their website we're so Orange sigh I think I'm saying that correctly and Mei Chang they did the hole right up here essentially the like what the bug was where it would say hey there's invalid parameters if you curled it so if you did a post request to it with a bunch of these like non just trying to do a buffer overflow basically through the parameter eventually you could do something like this where if you gave it all of your different commands and whatever you could and with all of the different parameters here you could then send a post request via curl to then do whatever this command string is here we're in this place it uploads a file named echoes pwned into hack dot txt on the web server and we can or in this case it was hacked txt which uh yeah but he decided to do this against ubers internal comm and I see yeah that was those bad and it's it's bad but it's a nice little thing so that if you're at home and or if you're and within a lab or if you need to test this vulnerability to then mitigate it within your organization codes right here I've linked in the show notes as well you can make this do whatever you want so if you want to instead of just to put in say a text file you could put in a Rochelle see that box and then pivot through of their gateway so it pretty much yeah is bad so have fun so this is an issue with fallows right mm-hmm ooh ooh Burr was who they utilize as the victim as the the client study but this is an issue with palos yes this is an issue with Palo Alto and they have provided this to Palo Alto within the bug bounty program yeah can I check out palate like if I can like submit and disclose on the same freakin day yeah I mean some some companies are like that some companies are okay with you putting out the code as long as there's a patch for it but if they don't have a patch but but they don't have a patch so this guy disclosed at some point in the past and now that they have a patch or disclose it to Paulo sometime in the past and now I have a patch now he's releasing okay yep so just checking yeah so I don't know according to our survey so for illicit effective devices you can see that in the second article as well that the security researchers put up on blog orange TW so there is a couple of devices that aren't affected by this and it's highly because the feature was either updated or didn't exist because I'm thinking it was updated in version 9 but wasn't updated there was it didn't exist in or at least this version of it didn't exist in version 7.0 so if you have them a little older it's not if you have one that's newer it's all about anything in between you're kind of just boned nice but yeah there's also a way to check this as well so if you don't want to actually exploit your system you can actually just do this which I actually like this a lot I want researchers to start doing this more where they give you a way to actually just verify it without actually exploiting or wrecking any of the systems because that is something that is on a daily basis like a daily annoyance for me when assessing different vulnerabilities that may be present with an engagements yeah so just doing a time curl and with different parameters to a your global global protect SSL manager and then putting that in the death-knell and echoing that out you can see what's going you can see the differences in time and actually see how stuff is going so if you see stuff going a higher and higher it means that stuff is actually getting ran on the back end yeah and honestly you know palos are by far one of my favorite firewalls mm-hmm you know from a corporate perspective I mean they way more innovative than the vast majority of others out there stop a lot of stuff in a previous company you know we went from Cisco ASA's that would accept anything on a VPN connection practically to palos and Palos you know actually said ok well if you're using this encryption you know we we're using this and they have to also use this exact same encryption whereas most environments I've been in with a SAS you would end up saying ok well here are the list of encryptions that we will accept and pallasite at now screw that okay you choose the one that you want to use and the other guys got to use that too like I mean that alone for me was like ooh that's actually pretty sweet but I mean they're mixed with wildfire I actually like what the palace do quite a bit yep I also from not having to directly work with them but using them has been a little bit easier than some of the Cisco stuff so I mean I wouldn't necessarily always say easier but I mean from a security perspective like I haven't messed with what's uh Cisco's newer stuff past the ASA's Rick happen I can't remember it whatever it is higher power yeah firepower so from a management perspective pallars Palos are definitely easier to work with um you know for a management perspective than firepower as well as the older school stuff but yeah I mean one of the few times I will actually say Paulo wins hands down over Cisco like just about never freaking category mm-hmm yeah from what I've heard from engineers that I've had to work with firepower it's a pain in the butt I mean it it's an updated version of the ASAE and you know right those interfaces and yeah yep so that's vulnerability of the week go and check out that stuff play around with the have don't do something don't exploit something that is in your own exploited in a lab or with permission oh look at Capra code droppin the oh yeah well I don't want the video get to get taken down by YouTube although actually quick segue YouTube is actually and YouTube / and Google has actually redacted their tool or their terms on hacking videos so they're actually working to make it so that you can do it and put stuff up from a research perspective now so the videos that are up that they took down have they brought them back up I believe so like okay the big one I think with the firework they're shooting off fireworks over Wi-Fi I think they got that figured out and put it back up but I don't know I don't see this as like okay we fixed it this is a step in the right direction I guess but yeah yeah I mean because research is still research it doesn't matter if it's medical if it's whatever you know security it's still research and it's working to make something better so it's just kind of funny funny to me that now that I think about I just thought of this funny analogy so like you can literally pop they're like you have channels like dr. pimple popper like you're literally showing what could be considered gore how popular that kind of channel is – right and she actually got her own TV show – on TLC from for that um explain this to me so there was a channel that you could of a licensed physician who was at all just dermatologists or whatever I couldn't remember the name she cute Asian lady she started posting she started recording some of the operations that she was doing and posting them to YouTube of her like popping like cysts like blackheads and all this other stuff and people really really enjoyed it what the link you can take a look at the channel yeah yeah you know she's but like stuff like that like that I it it kind of falls on the same line in my mind as this is something for like if you're going in for one of those things and you want to know what's actually gonna happen like surgeons do that all the time where they were toward their surgeries and post those out for like but that's not really if you if you consider somebody getting their uh getting their back pop from you know black it from my 20 years ago popped asgore and surgery is going some of them some of that and I'm not saying like it's all out of like all of it as gore I'm saying some of them could be considered I'm like in YouTube's crappy algorithm for like whatever like monetization or or content filtering or whatever like well just surprises me well I was about to say because uh hit you know hitting in a shoebox hitting in a shoebox somewhere in my closet there's a DVD I definitely don't want people to see yeah yeah you know there are times that you age get a little older and decide you know it's something I may not want to keep anymore no I'm keeping it to box in that closet nobody else is gonna be able to see it it sees a DVD just break it into like a gazillion pieces cuz he wants to he watches it every night before he goes to bed I mean you know what I used to like to do with DVDs and CDs I had this massive fireplace and you know whatever I left I swear there was probably at least a thousand burst DVDs and CDs in that fireplace it was just fun no I'm not gonna I'm not gonna burn anything the answer waiting to happen isn't that are there like some things and sees it probably you shouldn't inhale the fumes of problem yes yeah skank I mean I will I will give you a hint it's from Kuta it's from it's for March of o32 March of Oh for got it I know what it is but yeah so quick segue we can jump into some of the more vulnerable stuff L was that the segue hmm I thought there was gonna be a segue like after you said quick segue okay Pro FTP d ft PD whoops so pro FTP D and honestly sorry I didn't get a better article on this one but remote code exec bug exposes over 1 million servers so security researcher uncovered critical security vulnerability in it puts over a million servers at risk even though the flaw was disclosed to Pro FTP in September of last September of last year there's still no patch however the threat threat can be mitigated by means of workaround vulnerability is tracked via CVE which is in the article check show notes effects mod copy module of Pro FTP D and every single / f TBD version the workaround consists of disabling this module and the pro can config file so if you are out there and run a pro FTP d server check out the CVE you can disable it and be good yup so I linked in the show notes this article from bleeping computer which is where the read more section of the article Israel put up goes to and it kind of goes a little more in-depth on the technical side of where that stuff is how the configure or what conditions it needs to be and all this other stuff and there's a patch there there's patch back ported to 1.36 and there's a workaround available according to bleeping computer well the work arounds gonna be disabling mm-hmm yeah so but it's FTP I mean you shouldn't have that facing outbound yeah I mean very explain yeah I mean if you guys still have like straight at least do sf2 FTP you know secure FTP if you're still gonna do some type of TP and then still keep up watch for bugs watch for bones on it update it because that's the thing with a lot of FTP systems and SFTP systems you know a lot of the time sis admins will throw them out there make it convenient for people or do stuff and then okay it's here you guys go use it I don't never look at it for next year well well in one in one instance I didn't even I didn't even know that on my on my network there was a there was an FTP server that was legacy dead somebody because somebody set up wait wait a way to hack back win yeah that exact thing happened to me probably about five years ago and it was like hey what I mean and honestly it was a straight up FTP server and I'm like holy shit really like what is it anon anon do that that shit's been hit by China more times than once man like that one box I showed you Jack where's just like everything has a shell on it oh that was bad that was really bad oh my god yeah so general rule of thumb in my mind don't run ftp externally like or at least have some sort of access control lists in place or something no link you do not run FTP ever run SFTP at minimum and then keep it updated watch what users are allowed on it everything else I mean like you're going with an unencrypted tunnel like come on really or just have everyone learn how to s see stuff real quickly I mean hey that you can't like just right it's like we have all these different things like I mean heck like you and using SharePoint or any of the OWA tools yeah but you like you also have to remember though a lot of times ft people will be used for like third party you know contractors third parties companies that you are dealing with not necessarily like internal employees if you think if you're okay so if your third party if a third party is working with you and they need they tell you have FTP open so externally so they can interface with it tell him to get pen well yeah but I mean think about like um engineering companies you know they have CAD files that are 10 10 gig you know you're not gonna email that uh you don't want to set up an internal SharePoint account you know which means ad account everything else for them so you need some type of a mechanism to share that data so you're gonna set up some type of FTP you know something like that so or you do so here here's what I had as a solution and this is actually a problem I had to tackle when I was a developer with an architecture firm with these different CAD files and like 30 gig PDFs for some reason they were 30 gigs exactly well what ended up working was we would go through via the web application to over encrypted channels to an s3 bucket that would store everything that they owned and was configured correctly in whatever and when it allowed like remote users to just be whatever and pull things and just have everything up there so that they need to share stuff then they could put it up through the web application that way yeah which is all the really good solution yeah there's other ways around doing stuff like that and in so FTP yes quick and dirty solution for sure but use SFTP if you have more time and more resources get some sort of like feature within a like application to then go out to an s3 bucket because then everything's going over HTTP hopefully and but even at that even then like having it just yeah so for the architecture firm stuff I get it there's other ways to work with it too and it was something that actually came up like a month before I had to fix that I got the issue raised to me so that was good timing as three buckets just became a thing and it worked with our framework and everything so yeah I mean and and it's the thing that organisations hit constantly you know because you have to be able to share data and large sizes of data between different organizations you know if if you want to be a business and stay in place and you know actually do business like it happens so just try to do it the right way as secure as you potentially can there's also another I think it's a Microsoft product but I think they have encrypted secure share folders that you have to create you create the share folder and then you give you via email access to those share folders but those are encrypted so then it shares the key within like the like it checks your email and then it serves the key via HTTPS and that's where you're talking about onedrive right now I think it's onedrive I guess onedrive but it it doesn't have the same interface from what I have been using so yeah one thing to keep in mind here is a lot of businesses will use FTP not necessarily for human interactive purposes usually where an automated transfer files like a managed file transfer yeah or some kind of automatic data processing so that they're the ones use it and some of the stuff they use is really old so trying to give up TP may be impossible to near impossible and a lot of the time they'll be interacting like IOT types of devices with that so yeah it's yeah it comes fun yeah and now that I think about it there is one instance where it's used but I'm not going to say publicly who use it who uses it kappa cows mom my mom okay my mom is more paranoid than I am right now so that I good you see under dolly yeah right you were a worthwhile birth yes oh yeah oh oh no I don't know Kappa I'll put you I'll put your Bob being like June Cleaver baking cookies and shit she doesn't eat but then she whenever she logs in she's answering like three different push notifications more like Betty White but okay mom sorry if you're watching this jillybear Betty why pretty close but yeah so and also just having even just at a base level access control logs like only xip can interface with this FTP server but why would it be yeah dreams of IP use like a lot of things that you can do to mess to not mess with it to secure it or at least make it harder yes and Joba not forgetting yeah yes the role always be zero days and onedrive dropbox etc yes but to and the way they do that the kind of unique link that they use for sharing is not necessarily unique we found that out over the years that there is the potential of finding that unique link so I'm still you know kind of so-so on how that sharing occurs just know that was an Instagram thing I mean cuz Dropbox was notorious for that back in the day their algorithm really sucked I think they have improved it over the years now but there was a program written it was probably like five six years ago that essentially you could create Dropbox links and it would throw up all these links and come to find out these are like valid Dropbox links and so somebody had figured out kind of like the algorithm that Dropbox was using to Jenner they're links and even though they were like I don't know 20 characters long with you know blah for the you know upper be lower eight whatever you know somebody actually figured that out a few years back but they have modified the algorithm since then so it is definitely better but yeah back in the day like I would not touch Dropbox for anything just because I knew that was out there okay that's right all right very quickly because it's not super it's not really there is a vulnerability and it's that there's a fix I will be right back mm-hmm so Apple's iOS 12.4 and watch OS 5.3 updates to fix the walkie talkie vulnerability so a couple weeks back this dropped where oh that uh essentially there was an eavesdropping vulnerability again the same thing with like FaceTime where he could just like do whatever yeah he's dropping in iOS seems to be like the goal for most researchers this year but there is a patch out for it now I figured I would just throw it in there because we didn't I don't think we covered it last week but it's something good to just be like hey Pat your stuff because there's a fix now please do it and also Apple has been trying to fix a lot of stuff lately from like face FaceTime zoom to this so just a quick little sidebar there next we've got the bullets in of the week so every week we put out or we don't put this out we put in the show notes a full list of the weekly bulletin from sisa the cyber infrastructure branch of the homeland security of the United States and it has a list of all vulnerabilities were published this week and giving their severity so look through that it's always a good thing to look at on a weekly basis see if there's anything new for instance like hey here's edge where there's a remote execution vulnerability that exists in a way that Microsoft browsers access objects in memory aka Microsoft browser memory corruption vulnerability so if you also want to do like a research project or start working on writing exploits this is kind of a good spot to look at – so yeah we do that every week where we put this in the show notes which are at the in the description underneath each of our streams you can go to the show notes and it will always be the last one inside vulnerable stuff all right so now unless anyone has anything on either of those topics it's gonna take Adrienne's crackling of like a potato chip bag or something as they new so I'm getting my raccoons in order okay that sounds good like actual raccoons like you have to like actual ones actual actual raccoons don't make very good pets All Things Considered I got a pack of stickers here I was curious how many was in one pack mm-hmm I was counting them and now I got to put them in something else cuz they were wrapped up in cellophane before okay mm-hmm something like that cellophane shrink-wrap clear plastic I mean the only thing I know that ever came in saw faint like that was mm-hmm so next up on the show notes two years and four scorn'd Equifax to be fine 700 million dollars in data breach settlement settlement so this drops two days ago and link is in the show notes go here share my screen Equifax will pay up to seven hundred million dollars in fines and monetary relief to customers over the 20-17 data breach at the credit reporting Bureau that affected nearly a hundred and fifty million people the proposed settlement which is subject to approval by federal court so this is not approved yet was announced Monday by the company the Federal Trade Commission the Consumer Financial Protection Bureau 48 states District of Columbia and Puerto Rico so it is a full-blown settlement across like everything oh really it is not a lot no all things considered no it's not no really isn't yeah because if we do a hundred so that's why I brought this up so I have I have a sub article it talks about that why it's not enough really yeah well here here's something that's interesting if you take 700 million so we'll just take 700 and divide that by 150 million you basically have that's I can't do the math on this hangout 700 there's 700 million and divide that by stop all right calculators are fun get rid of this but essentially if he's yeah 700 million and then divide that by 150 million which is for how many people were actually affected by the breach that equates to four point six dollars per record rich whoa no no no no and did don't I didn't don't forget that out of out of that settlement breakdown mm-hmm let me see here what was the no what was the number that they're gonna pay 700 million is the proposed at this time only 300 of that is going towards the settlements mmm-hmm so let's hat so it's up to it's up to 300 million I heard less necks I heard like the yes you fpb you said you're like 590 of that 425 million 425 425 million is going to the CES PBE with which we want we want to be get into what the fuck they're gonna do with the money but you know they said up $2 right it was up to it was up to 300 million it was gonna be it was gonna be 40s for that settlement account well jackets govern agencies so you know hookers and blow no it's actually going to go to to an account that's controlled by Congress oh yes the hookers and blow okay so yeah yeah they're really really getting sent to the fuckin wood chipper on that yeah Equifax also has agreed to pay a hundred seventy five million dollars to the states and a hundred million to CFPB and civil penalties so none of this money none of this is getting settled in towards actually helping people that were affected by the breach it's all gone all right but most is going to other agencies that work just to get to this point but wait no there's more so the amount yeah there really is more here this is a really fucked up part if that's not fucked up enough of the the amount that's being designated for victims you can claim up to $200,000 or sorry 20,000 atutor for their twenty thousand dollars in damages that you had to expend to secure your credit or anything like that but the reporting and documentation required that is very onerous so good luck getting you know much of that if not more yep so it yeah so two years have gone by and they still haven't figured out and part of my French a fuckin solution to this and granted biggest breach of all time I also wouldn't have any fucking idea but like where to start but there are a couple things where it's like really guys come on this is what you guys are thinking yeah and keep in mind with the credit bureaus again I used to work for Experian for those who don't know pretty much their only real cost for your for your identification it's keep lights on it that they make so much money doing this shit I'm not joking it's they have your information by default they sell it out to all these data warehouse or some more and yeah it's more to make sure the other results are fast but they don't have to buy it you have to tell you money to get your information they have it already mm-hmm yeah so shrug this is probably gonna keep being a developing story within the next future or the foreseeable future that I can tell and I can see this pissing off a lot of people but I also think people are gonna see some people are gonna see 700 million dollars that's almost a billion dollars but in all honesty when they're not and just not doing any of the math or look into it any further to be like hey this money is actually not going to actual people it's going to government agencies what the hell yeah yeah so so so now so now when I see these a so like like for example the any other stuff like Facebook the pay five billion mmm you think you think any of those people you think any other people are gonna see a dime of that hell no mm-hmm yeah even with Cambridge analytical like that breach like that that it's all it's all going and a lot of it's even like going overseas well overseas being like into Europe and stuff like that like that's where a lot of companies are getting hit but like I won't go to the actual users it will go somewhere else where you can't touch it so someone and this is very your own is to say but someone else is profiting off of your hard off of a breach that you might have been a part of so yes especially because you didn't keep receipts and all the hoops that you have to jump do in order to get you know righteous in terms of this in terms of Equifax or any sort of credit breach or anything like that I it's this is a cluster like I'd like I've been on the cast with you guys for like a year and that was like the first thing that I brought up was a thousand yes 15 that's like 10 years in your time mm-hmm what am I like a reverse Benjamin Button here no you are a Benjamin Button you've just lived a long time and now you're getting really young now so I'm just gonna go way down I'm gonna I'm gonna start shrinking I'll eventually be your height in like twenty years Israel that's what I'm hoping for do you buy it I'm waiting for him to get down to my like four foot two frame is really is not four foot too by the way and I am NOT eight foot whatever he said but I know a bunch of guys go be a dybbuk on who tower over me well yeah you and I are close to the same I got a couple inches on you but that's about it man shows up Sam was even told yeah mmm six six seven or some crazy crap yeah the president of our of the company that I work at he's like six eight so it's like hey dude it's like oh it's just how everyone else feels uh it's nuts but yeah Equifax this is gonna be an issue I freaking love it well at least I got content now for like the foreseeable future yeah yeah but I mean there's like I said just not a damn thing anybody could do about it because hey those uh government entering entities that were acting on behalf all agree that's good enough yep they probably just don't it's two years later they probably just are so done with this that they don't want to deal with it anymore because look at Congress right now Congress is literal and I don't want to jump so far into politics but it's a cluster so they're not focused on cyber keeping your information secure they want your next vote for this coming election next year like they are just like this is the whole run-up to that they don't care they want everything off their plate so they can start focusing on this and this sounds like a rush job to me so company comes to you with their own settlement and you say okay yeah nah like we thought we thought long and hard about our penance is like US government ever been in your best interest come on I could name a couple times that I can't discuss few and far between no huh well how about if I tell you off cast how about that I know Jack yes I know there are stuff that we don't know about that probably with is within our best interests but honestly from what we see in the public sector I don't we see that in the public sector the fact that they need to keep it hidden is weird like all the good stuff is hidden from us that means nothing is good is happening in the public sector black rant over Israel you're back go ahead go through the other stuff yeah so I have a couple on here so bypassing silence by a parent to be a benign package so uh let's see silence I kill you I kill you I kill you I I heard my whole apartment echo from doing that yes the amount of twelve-year-old enthusiasm was just raining so what this researcher did they reverse down silence and we're able to actually and this is a really really nice write-up it's got that we can it does have chicken or at least chicken head they were able to get down to kind of the scoring that silence does with and there at least one of their modules and we're able to find that if they were to inject into some of their code enough information that made it look like you know PC base games and stuff like that that their code could still execute malicious code could still execute whenever they're running it against silence and silence would whitelist these different gaming you know different games so that alone was pretty cool because yeah so about a third of the way down the page they have like the scoring and so they were able to find the actual like scoring mechanism which is stupid and then the write-ups really nice but what is really kind of fun here is not only were they they able to do that so silence now says aka blackberry oh yeah we fixed it so what they did to fix it what is the let me see weird isn't here so what is the solution our response to this vulnerability and they're saying it's not an overwhelming well Manor ability only affected one blah blah blah what is the solution is the solution is threefold first we have added anti tampering controls to the parser in order to detect feature manipulation and prevent prevent them from impacting the model score second we have strengthened the model itself to detect when certain features become proportionally overweighted lastly we have removed features and the model that were most susceptible to tampering so all they're saying they did was we're trying to prevent you from looking at our code 1 & 2 the stuff you disclosed to us we built it into the model so that specific thing will not happen anymore yeah we fixed it quote-unquote yeah I've got the video pulled up right now and essentially what's happening here is he's basically just created a whole nother like fire oh my gosh that's hilarious just create a whole nother fire it's almost like create another file off of it from another file yeah that passes through copy into that that is so funny enough of that gaming type of crap in there that he was talking about that it passes right past silence and so if you're an attacker like what do you do in this situation you know and capric oh I'm not talking about you I'm talking about like real attack what does a real attacker do in this situation from a testing perspective if you do not have silence to actively test against well what do you do if you are a real attacker not a red team not having more responsibilities what do you do in this situation if you find this information out and now you have proof of concept and yeah okay so games probably aren't the only Avenue that I can go down what do you do as an attacker you start looking for more ways and like what else isn't looking for what will give me a positive score yes yeah what gives me a positive score within their stuff if I just but positive score so how are you gonna get that if you don't have silence to actively attack against and you have a target that you want to hit who are you gonna hit before that target so some Oh somebody small yes so I mean for me this is only a city of Baltimore probably I mean everybody that that I that I T that whole IT department I feel Oh bad form it sucks to be them but you know Paco well I mean I don't I I won't say that to the whole department I will say that to the upper echelon well not necessarily to the guys actually doing the low level work there's a lot the guys who were unfortunately put in this situation due to poor management decisions who are having to you know accept the grant of a lot of blame well I'm it come it comes down to it comes down to the way that the budget worked out which was we're going to rob Peter to pay Paul and instead when you keep robbing people there's nobody there's nobody getting paid yep exactly but yeah I but back on the silent side I definitely see this as yeah okay so yeah you mix the guys from these specific games you know that you were whitelisting but in the same sense now they're gonna start looking as to what else you're whitelisting and start incorporating that and yes they will hit the smaller contenders before they actually hit their actual targets now yeah because on a smaller target you know no harm no foul they yep yeah my first thing would be looking at being like what kind of text files I could very like other like images text files stuff like that I don't know those might not be white listed because those are kind of known avenues but then doing something with a low bow yeah also I don't want to give a lot of ideas give it away get away I like that yeah I mean exactly I have not you know attacked silence though it's one of those systems that I definitely really want to attack in the future even though I'm like blue team I still really want to want to attack it just because I just don't like them it's like it's like they're a competitor to me no I mean third they're not like that's the thing just I mean McAfee had their report well I think it's two years ago now where they completely ripped apart and it's like you know blackberry acquired them easily because they weren't worth shit and I just do not like them I think they are completely inferior they keep claiming AI and anybody with a clue knows AI currently does not exist they were one of the biggest for airport advertising you know for advertising to the c-suites like I just don't like them well you can also throw CrowdStrike in there as well for the advertiser oh I agree yeah crawling strike oh and we have the biggest crowd strike opponent no proponent net yeah now arriving but yeah I hate airport advertising I just despise that I think it out strikes advertising at airports yeah that yeah public yeah like last for you they had they were they overtook everyone even Barracuda for airport advertising no yes when I joined but thank you I'd to see you on Ricky yeah it a anytime that you show up it's a good day yeah I I tell I don't say things like that Jack but I'll say that to you are we still why yeah yeah but but yeah yeah so there was there's a guy at work his name's Chuck he knows of you guys he worked for binary he's trying to argue for vision dude can we take this off air oh thank you to compete CrowdStrike envision that was all I liked gonna go into the program either I'm obviously a crowd strike fan but I know visions and good product so yeah no yeah but I still don't want to like straight you know make this into an infomercial for my company so oh your court now no I said I don't want to make this an infomercial for my company that company I work silence yeah we're talking about silence and my like I've been ripping them left and right because I just think I mean because what the vast majority companies I have respect for even if I'm in competition with them I at least respect them silence I was one of those that just pisses me off consistently you know the lacan fee report two years ago were they brought silence out and they were like completely lying in regard to what they do you know locally offline stuff like that you know and then the airport advertising that is a huge annoyance to me but yeah I'm I don't remember there was the AV Wars two or three years ago oh yeah we're like silence like like Battle Royale shit yeah yeah and that's where McAfee like took a completely offensive you know posture and like took silence and what's and completely you are Sh near face it was it was beautiful too we wish Jack would because Jack has a beautiful face you only want to do that because you want to know why I look like cuz you know cuz I'm still gonna choke you out in the elevator no no no I'm choking Israel you might be helping Jack's optimal like condition yeah Jack yeah no Jack hasn't threatened to put me out right because he knows I probably I get up on him I'd say that Oh dare bleh oh you wanna roll I'm good wait what you did yeah I had yeah I hit California pretty bad and I had yeah the all the stuff removed the juices the cartilage yeah cuz because it's essentially like juices and like scar tissue right yeah yeah I had them remove it and clean it up because there's nothing like going to a job interview for a position like what I have and what we do and having ears that look like you've been or Udall bald in a alley yes yeah condition and we should probably take the rest of that offline yeah we can tell you yeah everything I say can be taken offline hey I know I am a habitual line step I always happen I keep what should be online versus offline you know and keep so hey for you folks listen at home we say offline we actually send each other snail mail other pens I've got a pigeon sitting on whoa really like guys actually so I've been driving to all your homes and all this stuff and like you guys actually send mail send mail and in sometimes hotel and carrier pigeons yeah Ravens yep I dropped frickin smoke signals and you guys said you couldn't see them what I'm sorry you are south of Mason wait shit what's the cult mason-dixon line yeah Macy's line yeah yeah yeah the Bible yeah that's a lot easier yeah yeah I'll try to do that one yes silence is a company that is I'm not going to say vaporware but they took their road show on the road tuned it specifically for that road show and in reality could not compete in the market with even the old school AV products yeah and honestly like it's that ad that's not just my opinion that is we we Pio seated for 12 months they let us POC the product at my past company hey all right Ricky real quick I hear sirens in the background do you need to take cover no sir okay okay good yeah getting louder and are we doing this [Laughter] yeah dude look Jack Jack is of he's a brown-skinned man we don't want we don't want police I just had a really freaking good tan so purple like and Willie want like his is like Jack dude I totally know you're a guy but are you like did that somehow manifest that you're that chick that like great yeah okay like there's some dudes that are black they're so black they're like purple or blue which color you know what I mean no dude you are completely dying within every single thing you say right no no I'm not no I'm not that do from the data Jackson love will never do without you I'm not almost purple or blue or something well thank you about them like I said that do did I Janet Jackson love will never do yeah so I went to school with a guy that was super ultra black I mean he was black Lee like Wesley Snipes or darker and they called him crispy which I later learned was a negative word yes oh yeah I didn't know it at the time everybody just called him crispy wait what or all time but yeah but also who who called him crispy like who was allowed to say that other black dudes I'm a black people okay this race was for each other yeah we all fucked with each other about race yeah it was and it is always in a humorous context and everybody was in on the joke there was no nobody had ill intent it didn't get like that it was just fucking with people like you would about neighborhoods or sports fandom and stuff like that yeah I was I mean because I am definitely not allowed to call anybody crispy so just to put that out there never cold crispy oh thank you I've been looking for this day all my life oh you do I'm talking about yeah in New York apparently love his track will call him crispy all the time out there I've always seen some conservative black folks who call the other side all craft of some I only remember the fucking terms but they're those all sorts of insults going back and forth you mean shines shine is one of them yes the soft or term that's like in some African language that uh cata y-wing what what what shine though that's a what shoeshine that's called no no no it's not that it's not no oh I can I can describe it but you know just go off here with that ya know right means like lettering blacks that I think yeah interesting cata and I don't know which language that comes from one of the African languages and the hotels use that phrase a lot wait what what what was it a contact a cut I made me mispronouncing it it's something that uncle hotep he uses that term fairly frequently okay I like him and I like hotel Jesus yeah they're cool dudes yeah yeah what's the Romans no but it's on my list yes I like to do that guy but he's got some ideas that I don't think I'm historically accurate yeah all right speaking of taking things off air let's finish up the show notes real quick before we get ourselves out in the foot you are on the evil Mario's who added even though evil kinome or no I'm a girl okay this is a this is a new variant of spyware that's out there it might be it has it has nor has it been confirmed and it was a part of that Russian Lake loser stand and it targets specifically the gnome desktop fucking surprise but it is a script that that the end user has to run or in a self-extracting tarball okay what is this no it is why where that targets the gnome desktop interface yeah so looking at it as as as like I used know like all over the place yep well why you cinema so no so so so unless you've unless you've used on are dedicated sources and you know uncompressed self-extracting tarballs you should be just fine what I would on like is eventually these these features just taking screenshots but it gives itself away by constantly pinging the what was there an initial entry point there is no initial entry point it turns out that an earlier version of this was actually uploaded a virus total sample but uh but the but the right there I assume it's something that somebody goes out downloads yes become infected so right say it's a manipulated source file yes okay phishing attack yeah but I mean but I mean if you know red teamers we're able to get their hands on it you could have all kinds of juicy information you know a shark this tar ball yeah yeah it's so access to their files my expense report is within this tar file in and so much of that like the tar balls and stuff that I get I just use a script to extract it you go ahead and run you can go ahead and run that script if you want to but it XS see yeah I'm sorry you cinnamon so yeah but yeah but yeah so so it could take screenshots of desktop you can exit rate files if you want to wait this sounds more and more than spyware to me and and there was one file that was partially it was a module in there those was a module in there but it wasn't written yet that something teams and they think it's uh you know you're not at home sidetrack has his anal glands extracted what and the like dogs need you know sometimes they get I don't know a buildup of juices a little backed up so man do you do this this on a nightly basis or like a weekly bonus oh no we take them to the vet who does it yeah I came home today and it was just like just this WAAFs Mel coming from him I just walked back into our living area and I told my wife I'm like Christ what is it going on with the dudes blood hole we need that example classic I cast material yeah it is definitely something yes sorry Israel I I know Ricky I'm sorry jack that sounds more like more than spyware to me though anal glands yes we get it yeah extract glands it's it's a brand new I am so glad you said it not me yeah free ern hey no biometrics Oh No anyway I mean honestly like I know a lot like I don't but there's a lot of people who use No so I know yeah I know yeah it's definitely an a TV by default if you're legit I'm just kidding I just I just prefer the menu to the other desktop managers there's a lot to use I know nomes a classic oh so no begrudging to anybody that uses no I'm just and honestly to you know think about it like Kali uses no yep you know I I know but you know a lot of people coming up and the Ennis in the industry use no and a lot of them don't necessarily realize that they're using that you know because they're kind of entry yep so if if if people on the if people use Kali they're listening to this try xfce yep so change your desktop manager it's fairly easy within Kali the menu is a little bit more intuitive it's easier to find things others who you Callie might might be able to speak a little bit more on this I know some people use it as their primary desktop which I absolutely don't recommend but some people do and they use it all the time I I have a secondary laptop that has Cowley on it but my primary never my work work laptop Adrian you might use Kelly as your primary desktop and just because of what you do not primary desktop but I could play my primary that top is oh it again yeah okay honestly like I use Kali probably a hundred percent for about four years and it was not necessarily on the hacking side cuz I had the hack inside down it was to you know or net just fully learn Linux yeah like I wanted that died Lee the best way know no I completely punished myself but I mean Kali was what I knew because I'd use it from backtrack all the way up you know and so yeah yeah yeah I think we all yeah we're completely in an insecure we're all and I just have the role I mean back in the day I use frickin DSL like if anybody remembers damn small Linux I mean like it was I don't know six seven Meg and I use a guy for lightweight linux installs yeah like DSL back in the day like I would pop like Best Buy systems and completely compromised every system on the showroom floor I'm sorry for anybody who's listening I am completely outside of any thing you timeline you could ever think of but I would use DSL to compromise and reset every password on everything my windows 20 years ago didn't need to be DSL what I mean it it was just yeah it was any OS you had available you know particularly with Windows you would just oh yeah race the admin password yeah yeah just blanket yeah and I think to this like it's been a while since I did it last time I actually did live was like two years ago so like sticky sticky keys still works right yeah I think so but for people that are curious about you know the these smaller Linux installs hit Jack up he's the guy for that yeah look at Ricky oh my gosh you've never looked better like what your completely black you have a amazing tan right now like that's like I've wish I were seen what say I was pasty probably I don't know hell Tian mi I'm not you can mom tan how about me I've ever been in my life and essentially I look like recycled paper yeah yeah I guess yeah yeah so you're like you know a slight brownish color you know maybe between like white and beige who's that age or ham oh yeah no I'm fully like you know a Mexican that has come over us health of the border oh that's good info like I know I know I know some ice guys like we can take care of that if if you're okay hey so back to Cali being a primary desktop how'd you like that transition so what we did when I was on the pen test side and I'm still I'm still purple team so we do pen test at my company my team's responsible for that we just had to prove out blue keep and why it needed to be patched but we had a I had just a box a box with Callie in it was a headless box with Callie installed on it then I had a drop box with Callie on it look at that facial hair I mean that's good stuff looking at me shoulder screen we did it so I've got my podcast bike up there I got my green screen if I need it it's all it's all hooked hey honestly I'm really looking for that green screen and seem I'll definitely you know better version of you I can't wait to a time when you come up here and you give me more than a minute notice you know I'm here like do I hang out that's good stuff yeah I honestly did not even think about it like because I thought I was gonna be busy like the entire day and then all of a sudden I'm like holy crap like I'm here and you know I have my son my wife here and it's like ah crap like I think I was knocking noise or something yeah but I'm like who around here and so I started like you know pinging people to see who's up and about and yeah next time I will definitely give you more notice yes yes think of me first I am your usual partner you you give me no money though like the the people give me money who help like finance my my my life my no air conditioning you know those people come first though you know what I have not had a you ever you have a hammock but it probably is not designed like a ship if it was designed like a ship I would definitely give you a lot of credit on that I don't know what the well on the video when she was describing it she runs a company that makes them she called it a amok haha okay goes you know our new hummocks or I'm like Oh mock what language is this that's called like California oh really yeah oh no it's not don't shut up Israel dude honestly come on I'm at California I never heard anyone from California calling a hummock bullshit I mean not bullshit on that you are from California but you do not live in California I lived there for what 25 years so yeah and Californians color a hammock yeah everyone I talked to called it a hammock I hope but I kind of feel like it is what was that 90's movie that all my co-workers reference I never had what clueless sir like yeah was it clueless yeah they see – is hot is I have no clue who Stacey Stacey so good lady she's a black lady I want to say she was she in clueless was that what she was in or yeah she was in clueless I didn't know she was conservative but she is a smokin hot woman regardless of her color she is just legit smoking I don't know if she still is but whatever that's I saw a picture of a fairly recent one and it appears she yes she's still pretty hot yeah all right so I fit the liberty and background okay we'll do this and then well there so here is a link and I'll put it in the show notes because this is funny as hell but there are all the different ways to say ain't a make em up Mike and if you would balk what what the hell come on who pronounces hammock as other what yes yeah so the one that wins is ham Mick and then there's ham mock I mean I've always heard I might say I say hammock yeah but that's what I say I think I've heard people say ham ham Mick right but if you say it quickly it's still hammock it's in the show notes oh my gosh all right so went through evil gnome we'll just run through these real quick so Facebook to pay five billion over privacy violations we kind of covered this a little bit when we're doing our five billion be with a be down I'd be Billy oh yeah so Facebook will be paying five billion fine to resolve a government probe into its privacy practices and we'll boo say Kurds on user data US Federal Trade Commission and the social media company said on Wednesday wait when's today yeah so Democrats are pissed off because it's not more than five million Republicans are happy because said they're not happy because it's not more than five million billion billion okay yeah and Republicans are happy because it's the largest find in history you know why is this breakdown on party line okay what the no what the fuck because I put in fucking Equifax gets 700 million has the largest data breach in history yeah yeah and Evan Connor beetle again and now we have five billion on the base tonight Facebook is a drop in the bucket and now there's a button to the founders describe how Facebook takes your data what they do with it do you guys remember when Facebook was down I don't know a couple of weeks ago no insulin was down Facebook was no Twitter Ricky I'm gonna throw a shape at you I can't even do that anymore that's how Facebook sucks so what what I noticed was there were pictures that people had that were where they couldn't load because Facebook was having issues right yep but it it's a I generated little cat eyes for the pictures so it would say child smiling yes we're family yes that that gives you a small insight as to the day of data they are tagging and being able to then manipulate and use for advertising purposes listen one of their founders talked about how they designed it to be as addictive as possible and you can follow it follow that same line of thought for YouTube yeah YouTube's algorithm is generated to keep you on there as long as possible through anger not yes happiness absolutely said this thing called Twitter I can I can give two shits about Twitter in most social networks I'm not on it very frequently I watched my you know how your phone can tell you how long you spend on apps yeah I probably spend less than a day on all the social media sites and that's just yes which is that is really good I do want to throw something out there I have it as the key worded thing in my Twitter if you use Twitter use the key word muting you all actually potentially like Twitter if you use the keyword muting you know because then it mutes out anything that includes those keywords that you have like mentioned you know so for me I mean I have my small list I don't know if I mean I'm sure there's like some huge huge list out there but essentially like I see nothing political yeah like Donald Trump conservative liberal progressive socialist yes I'm exactly like that oh yeah like all that stuff I the the people I follow on Twitter like the reason I am on Twitter is to follow you know security minded individuals and so I don't care what their political stance is if they have something in regard to security to say I want to see that so I viewed it al all everything that has a new politics with everybody and Twitter's actually kind of nice because I imagine InfoSec Twitter will be less chatty yeah I mean lasers yes no it really is and like stuff still comes up and I have to tweak it from time to time but for the most part I am very happy with Twitter announce school would you mind yeah now I'll throw it over in the side notes okay yeah appreciate that yeah we were talking me and uh Steve one of my peers at work we were talking about InfoSec Twitter and how it just becomes so toxic lately and you don't they don't talk security anymore and honestly it's not like a lately I mean that this has been over the last two years oh yeah yeah it's been a while it started like right when I came the cast is my favorite it's been built honestly it started with Trevor like Trevor started all of it I'm pretty sure Trevor started all of it that little bastard I think Trevor kind of lit a fire under it but I believe it existed prior to that yes I have a I am so surprised at the amount of people who an InfoSec twitter thanks Islands is a good answer to speech violence is a good oh well that's bullshit well yes of course it is yeah I'm surprised on how many people back that yeah as a guide like works for me that also agrees that you know he said his wife would only bail him out of jail ever if he punched the Nazi what and so I go who's a Nazi that that's the point where I would have been more fervent and finding my campaign in and Wow yeah so tell me who's a Nazi I'm pretty sure jack is a Nazi yeah tight but like I wanted Jack was supporting me on something because I look like him wait what subscribe yes Jack we applied to somebody was your great and said and said somebody's kind of negativity and then do it you actually mean that or is oh you just of Adrienne because he looks like you or something like that Oh God we're both tall Oh both men over than that we don't look much alike he I don't know I think you're missing like one key part there yeah a B because Jack already really really really loves me uh I think Jack and Adrienne look quite a bit alike Chet what do you think Jack may may have win oh yes I follow yes because they thought what have Carwin leaves okay cuz cuz I Jack some uh some like shit this week so you know I I just want to really make up for it but Jack apparently is not listening so okay what what what else we got on the note side you can see the easy all right so we all right next up we've got sim swap lawsuit against et goes forward did did we hit face book hits has five billion yeah we hit it okay so obvious one up there so this is a lawsuit against AT&T for their failure to protect someone's account with a sim swap attack yeah so they actually got hit twice I believe I kind of glanced the article earlier but um so the only real reason why SMS is a bad effect is a bad use for a second authentication is because of sim swaps which are semi complicated to perform but they're not super hard it's basically relying upon good social engineering with someone at the phone company and knowing who the phone company is which can be can be trivial to difficult the family are working with so a lot of companies you know I seen with t-mobile more like someone else still put a security password on there or mandate they have to go into a store with it with a driver's license to actually get a replacement SIM and even in some cases of those those gets er committed because some CSA is pressured into doing it actually which is a really failure if those are if they even sent second you know methods prevent someone from hijacking the account well okay so a judge is actually permanence lawsuit to go forward they dismissed ATS motion to quash which is a good thing because now if AT&T which means now others as well other telco providers in the US will also if this suit is successful they will feel the same heat they'll have the same potential for damages should someone else fall victim to a sim swap attack was actually in damages potentially because this guy actually had a cryptocurrency stole stolen from him because of this sim swap and then let's take a second attack that cost something worse – oh my god so yeah that's that's always the big weak link and we honestly if we could fix that problem then hey SMS is easy to implement and becomes a fairly viable second factor but of course there's always better yes I know that mm-hmm you said there was a sax factor what no he did not say that second factor oh all right I mean you can think whatever you done c8 that dude because I figured you said there's a sex factor and I mean there probably is somewhere I think you're the only one I heard that Ricky which yeah I certainly was not yeah you were yeah I think I think you're flying alone there Ricky but I think he heard it too every second seven seconds what's that family guys get to talk about you know a guy thinks about sex with a woman every seven is it seven seconds no no no like that no like a white man only thinks about sex with a black man every 20 minutes and he bangs this drum yeah it's a family ice kit so whatever it's all great Ricky we we know the road you're going down we get it don't you mean pull out okay so I'm I'm feeling right now so back to that did shit you guys completely threw me off what I was thinking yes yes that is 100% confirmed okay so since well that happens with a boatload of people damn it you completely threw me off whatever I was thinking you really yeah Matt congratulations I talked about sex and it flustered Israel to the point you can't think about the topic he was this now yeah if it was between you a jack I mean damn it okay so everybody has a SIM card yeah I do now wait what they do you know yeah LTE made them they switched which did LTE yeah oh I didn't know anyway who switched LTE know who dries and switch to using SIM cards when LTE came around yeah most ICC IDs are kind of old old hat now most of them still use SIM cards or ECM else print was the only one they didn't use it now no Sprint does because they run off of smite a few other networks yeah spike his booty like but yeah Verizon like I thought there they were so sweet CDM edema yes Sprint and Verizon about CDMA AT&T and I watch it yeah it is okay but yeah because most overseas uses GSM but most of the most of the 4G LTE stuff tends to operate trans band like you can pretty much go on internet work if you have whoa trans BAM oh so we are retaining trans nothing well nothing probably thing right now at 5g is new standards so every like every eight or 10 years the organization call it's like the I see three years like that comes together in two sizes standards and every G is actually some other one no I Triple E it's it's it's a always right I can't reverse I see through it now but it's it's Organization for riders and they decide new standards and a new standard is five gene which I believe is finalized but I don't think anyone actually uses it yet or has a stable network yet so 4G is still the current standard in 4G it's been out since like I think what 2010 yeah there's are more bands to it it just keeps getting better and better well that woman anymore bands is good because again as anyone knows what radios you know every frequency operates differently in with different environment conditions so yeah I mean more vans as good but they haven't like increase the security in regard to the bands right well the security is a lot of security is actually you talk about to 2g and 3G actually where the so early early implementations of the wireless protocol like to G and 1g basically the radio truck or the handset trusted the tower now it's a two-way trust where they actually have keys on both the handset and the tower and they trust each other they actually go through a key exchange when they when they first talk to each other do you say yes I am who I say I am and if one of them fails if they're using the full authentication they'll drop the connections basically in that all down there yeah yeah times you have to ask stupid questions to get a smart answer now that yeah but that's the thing but the intercepts the the man man in the Middle's that we used to use like is it still a what they do know what they do is they send they have a special box that will basically hijacks the connection to downgrade your connection to the old yeah that's how they wire job or what the difficulty of a government agency wants to wiretap don't else happen at the tower basically they'll just accept the tower is the transmission point it still has to go through cable to a distribution center is its power buddy could just just tap in there but I have a power about 500 feet away I could tap into it and I want to so bad but the ramifications of that are pretty extreme yeah Vera but but that's what I'm saying with the new standards like are are like do they still work well again again yeah yeah standard the standards don't matter in these cases because oh they have it they have an IDF at the actual tower or a substation where they because again once it once it hits the tower it basically goes through an IP network so once it's there though they'll have a tap there somewhere like if you guys should go look at Verizon or AT&T Teen Center they will have him a room that the staff there cannot get into because the FBI will get into it or the or the or the NSA logo in there and that's where they actually intercept our communications was all there or if you isn't in the band yet vulnerable 'ti is in the way that that band in packets move through their network correct unless you're a truly bad boy den that's when they deployed a stingray on you yeah yeah and and that's what I'm saying yes can we still throw out a stingray I mean because we we all you know I think necessarily everybody but we have access to stingray technology technology like we so do that on the so a lot of towers and substations were upgraded the government obviously has a line into all the major cell phone carriers all the major phone lines yeah so while they may have upgraded it made a little harder for a normal person to do it yeah when I say a little harder it would be fairly extreme for a normal person well to know how to tap into calls there's easier ways to do it where you don't have to go to a cell phone tower you know you hit the phone directly yeah where you pay someone at the phone company to do it for you kind of thing you have an insider sure well I mean honestly the instructor sends insider side like that's getting more difficult like used to it was a lot easier yeah yeah it was so easy like it was like here here I bought you a new phone why don't you go ahead and use this yeah oh dude I used to have a black box that we used to do a little bit of free be back in the tape and you can tap right into somebody's house line it was fun yeah make long-distance calls you know all that good stuff yeah that's don't have a butt set I set off Amazon for a few bucks as you can see I'm an old man I know do my age sure so though over here do I look more younger yes okay cool yes because you're black and black never crack Asian women too and this isn't you know we're getting a little bit racial are but legitimately Asian women at 40 look like they're 20 and they stay that way until they hit about 80 and they look like a hundred twenty-five holy crap um I almost want to share like there was this video honestly my mom shared it and like some of her friends on Facebook it was a 72 year old woman Asian woman who was dancing with her grandson and this woman what like she did not look like she was 72 she was it was kind of like his real ballet stuff woman that didn't look yeah dude we are talking 72 at that point you should be like done but at 72 she was like up on point on top of her grandson's head non-sexual thank you let's keep it there whoo and she was like like moving and she was up on point you know like one toe all the way like it was freakin nuts like was she lightning snail trails on his head no shit like right like white people Mel trails like I like I'm sorry like white evil yes it was like white people sorry bro unfortunately I'm one of those white people um but why people I'm sorry we just do not age as well as honestly anyone else like everyone else ages hotter percent better than us you know why it's the stress of running Empire the Sun constantly to try to tan hey yeah yeah yeah yeah I mean like like that the pastoral redheads but they tan yeah the fastest people mighty from their friend of my up that you know she's like they got to go up to the pool to work on their tan and I'm like you realize that the more that you tan the more the time you spend in the Sun the older you're gonna look well and it's just a fact and like put you like you know gives you the higher like potency yeah yeah yeah that's like why do that like you know suntan lotion everything like I don't care what color you are white black yellow whatever color you are looking like yeah you you can get freaking skin cancer and yeah one of my friends said has melanoma he's got to get surgically removed it's right on his nose really yeah because like like meat beam I was not around a lot of black individuals and I just kind of thought because I wasn't around a lot of black people that you know black people didn't like you know get skin cancer didn't burn did you also think they had magic powers I mean and and I am a cracker like I will accept that yes but you know I only learnt that man a couple of years ago I didn't know what the term cracker meant oh my god right really [Laughter] I grew up around I went to school my neighborhood was full of blacks and Hispanics and people just said the word I didn't know what it meant to me mom let's cracker mean no I just accepted it as like just a jab like I thought it meant like white like a cracker you know I had no idea what it meant so later in life I learned what it meant and I'm like oh shit that's a pretty strong word to call someone I mean yes no I mean I call my son a cracker I have wife a cracker I mean it because soon you're abusive yeah I know I but in the same sense I have been friends with a lot of black people and there are all that that makes it all okay no but there are certain terms that I am NOT allowed to say to black people that I'm like you know if you are allowed to say it within your culture like I should be allowed to say it within my culture it's probably an offline conversation yeah that's I think any kind of n-word pass I think I think it's probably a little too hot for you to wait and and and and I was not taking it like inward side but crack what do we have to finish up yeah we are well it's a great day today on the podcast thank you folks okay beside Trek the conversation like eight times fourteen and call Israel racist in a roundabout way I love you all I love all my children a puppet form so I know it the bsd devil Oh what I let's get back on track folks and then we go off air what is on the show notes we are all finished so take it away Adrian so that we can take this conversation offline play the dumpster fire yeah yeah right everybody thank you very much for joining see you next Wednesday have a great night

One Reply to “Irongeek Cast 128: Horseshoes and Russian Escapades”

Leave a Reply

Your email address will not be published. Required fields are marked *