Optrics Insider Optrics Insider
-
- Technology
The Optrics Insider is a regular podcast hosted by our very own Scott Young & Shaun Sturby, which highlights topics of interest to I.T. people, whether it be regarding the latest security vulnerabilities as well interesting (and sometimes funny) things that are happening in the industry. So if you are an IT Manager, IT Admin, CIO or interested in I.T. be sure to check out our podcast!
-
Optrics Insider - DeepFake Lite, Microsoft Print Nightmare & Kaseya Ransomware Update
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss DeepFake Lite using Anthony Bourdain's voice in a new documentary on his life, the "Summer of Sam" Microsoft Print Nightmare and the latest Kaseya Ransomware Attack update.
For more IT tips go to:
> www.OptricsInsider.com
Timecodes:
> 0:00 - Intro
> 0:19 - Today's 3 topics
> 0:33 - Topic 1: Deep Fake Lite
> 7:35 - Topic 2: Microsoft Print Nightmare
> 11:12 - Topic 3: Kaseya Update
> 14:20 - Closing remarks
More on DeepFake Lite:
> A Haunting New Documentary About Anthony Bourdain
> Voice clone of Anthony Bourdain prompts synthetic media ethics questions
More on Microsoft PrintNightmare / "Summer of SAM" - HiveNightmare / Print Spooler CVE-2021-34481:
> Windows Elevation of Privilege Vulnerability (CVE-2021-36934)
> Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34481)
More on how Kaseya obtained a "universal decryptor key" for the REvil ransomware and is delivering it to clients:
> Kaseya obtains REvil decryptor, starts sharing it with afflicted customers
---
Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message -
Optrics Insider - Punk Spider, Irony Thy Name is Jim & What is Your Olympic Password?
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the Punk Spider search engine for website vulnerabilities, the tech support scam that got Jim Browning's Youtube channel deleted and the Olympic broadcaster who announced his password while on the air.
Timecodes:
> 0:00 - Intro
> 0:21 - Today's 3 topics
> 0:40 - Topic 1: Punk Spider
> 4:34 - Topic 2: Irony, Thy Name is Jim
> 8:27 - Topic 3: What is Your Olympic Password?
> 11:03 - Closing remarks
More on Punk Spider:
> A Controversial Tool Calls Out Thousands of Hackable Websites
More on Jim Browning getting his Youtube channel deleted:
> Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam
So to prove that anyone can be scammed, I was convinced to delete my @YouTube channel because I was convinced I was talking @YouTubeCreators support. I never lost control of the channel, but the sneaky s**t managed to get me to delete the channel. Hope to recover soon. pic.twitter.com/ygmt2CDlR1
— Jim Browning (@JimBrowning11) July 26, 2021
Learn more about KnowBe4 by going to:
> KnowBe4 Security Awareness Training
Find out what percentage of your employees are Phish-prone:
> Start Your Free Phishing Security Test
Download a copy of the Social Media Red Flags PDF here:
> https://www.optricsinsider.com/recommends/social-engineering-red-flags/
Find out which of your users take the bait and reply to a spoofed email:
> Find out now how many of your users take the bait and reply to a spoofed email
Find out how vulnerable your network is against Ransomware and cryptomining attacks:
> How vulnerable is your network against RANSOMWARE and CRYPTOMINING attacks?
Find out which of your users are vulnerable to a social media phishing attack:
> Don't get hacked by social media phishing attacks! Find out which of your users are vulnerable now!
Learn more about the Red Flags of URLS here:
> It's Not Only About the URL
Learn more about Curricula Security Awareness Training here:
> www.Optrics.com/Partners/Curricula.aspx
---
Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message -
Optrics Insider - Print Driver Zero Day, SonicWall VPN Vulnerability & Kaseya Hacked
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the printer driver nightmare zero day vulnerability, SonicWall's VPN appliance is under attack and Kaseya's recent ransomware attack.
Timecodes:
- 0:00 - Intro
- 0:19 - Today's 3 topics
- 0:40 - Topic 1: Printer Driver Zero Day
- 06:09 - Topic 2: SonicWall VPN Vulnerability
- 10:38 - Topic 3: Kaseya VSA Hack
- 17:04 - Closing remarks
Print Nightmare Zero Day:
> PrintNightmare, Critical Windows Print Spooler Vulnerability
> CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit
Ways to keep the computers in your network updated:
> ManageEngine Desktop Central
Good tool to keep your personal computers updated:
> CCleaner
SonicWall Warns of Active Attacks Against VPN Appliances:
> Urgent Security Notice: Critical Risk to Unpatched End-of-Life SRA & SMA 8.x Remote Access Device
Got $70M spare change?
> IT for service providers biz Kaseya defers decision about SaaS restoration following supply chain attack
> Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software
Autonomous Cars Hacked Scene - The Fate of the Furious:
> www.youtube.com/embed/GGhLykstBmA
---
Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message -
Optrics Insider - Dell Vulnerability, CVS Health Leak, WD MyBook Remote Factory Reset & Zero Trust
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the Dell Bios Connect vulnerability, the 1 billion records that were leaked from CVS Health, Western Digital's MyBook remote factory reset issue and the Zero Trust cybersecurity framework.
For more IT tips go to:
> www.OptricsInsider.com
Timecodes:
0:00 - Intro
0:19 - Today's 4 topics
0:42 - Topic 1: Dell Bios Connect Vulnerability
4:14 - Topic 2: CVS Health Leak
10:48 - Topic 3: Western Digital MyBook Remote Factory Reset
15:10 - Topic 4: Zero Trust
21:15 - Closing remarks
Dell BiosConnect Vulnerability:
> Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models via Dell Remote OS Recovery and Firmware Update Capabilities
> DSA-2021-106: Dell Client Platform Security Update for Multiple Vulnerabilities in the BIOSConnect and HTTPS Boot features as part of the Dell Client BIOS
> Dell SupportAssist contained RCE flaw allowing miscreants to remotely reflash your BIOS with code of their creation
WD My Book Live and My Book Live Duo getting a remote factory reset - all data appears gone:
> Important Announcement About Your WD My Book Live Product: WDC-21008
> Recommended Security Measures for WD My Book Live and WD My Book Live Duo
Zero Trust cybersecurity - moving from hard shell / soft center to NoTrustForYou!:
> Executive Order on Improving the Nation’s Cybersecurity
> https://en.wikipedia.org/wiki/Zero_trust_security_model
> What is Zero Trust? A model for more effective security
> Embrace Proactive Security with Zero Trust
Need help with your network security? We can help! Contact us at:
> www.Optrics.com
---
Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message -
Optrics Insider - Which is Bigger 26M or 8.4B? Open Redirects, Akamai Outage & PoE Powered Spam
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss what is bigger - 26 million or 8.4 billion, open redirect, the recent Akamai CDN outage and PoE powered can of spam to stop spam..
Timecodes:
0:00 - Intro
0:21 - Today's 4 topics
0:55 - Topic 1: Which is Bigger 26 Million or 8.4 Billion?
8:01 - Topic 2: Open Redirects
12:11 - Topic 3: Akamai CDN Outage
13:24 - Topic 4: PoE Powered Can of Spam
19:07 - Closing remarks
Hackers Stole Nearly 26 Million User Login Credentials for Sites Like Amazon, Google, Facebook between 2018 and 2020:
> Nameless malware that stole 1.2 TB of private data
> https://twitter.com/troyhunt/status/1402358364445679621?s=21
Password Manager Options Mentioned:
> PSafe
> ManageEngine Password Manager Pro
> RoboForm
Google Meet Open Redirects and Why Phishers Love Them:
> Open redirects ... and why Phishers love them
Akamai experienced an outage for one of its Prolexic DDoS services (Routed 3.0) with approximately 500 customers using this service:
> Akamai Provides Prolexic DDoS Service Impact Update (Status: Resolved)
PoE-powered can of spam to stop Ad spam:
> https://twitter.com/danielhepper/status/1403624545010003970
---
Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message -
Optrics Insider - Why JBS Paid $11M in Ransom, Impact of the Fastly Outage & the Zoll Vulnerability
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss why JBS paid $11 million in ransom (and it wasn't to get their data back), how the Fastly outage knocked the Internet offline and Zoll's defibrillator dashboard vulnerability advisory.
For more IT tips go to:
> www.OptricsInsider.com
Timecodes:
0:00 - Intro
0:20 - Today's 3 topics
0:57 - Topic 1: JBS Pays Ransom
7:02 - Topic 2: Fastly Outage
15:12 - Topic 3: Zoll advisory
20:56 - Closing remarks
JBS Paid $11M Ransom to Prevent Attackers from Leaking Stolen Data:
> JBS USA Cyberattack Media Statement - June 9
Fireside Chat with Unitrends and their All-in-One Backup and Recovery Solutions:
> https://www.youtube.com/watch?v=-Gpr6_jmpes
Fastly CDN Outage Knocked Portions of the Internet Offline:
> Fastly - Summary of June 8 outage
Not the only one - Cloudflare also had a recent outage:
> Cloudflare Pages Build Delays - Incident Report for Cloudflare
ICS Medical Advisory (ICSMA-21-161-01) ZOLL Defibrillator Dashboard:
> ICS Medical Advisory (ICSMA-21-161-01)
The Wolf Starring Christian Slater | HP Studios:
> https://www.youtube.com/watch?v=ZUP4ib5FzGs
HP Wolf Security - A New Breed of Endpoint Security | Security | HP:
> https://www.youtube.com/watch?v=ACXhdzOoEic
Grey's Anatomy: A Cyber Attack:
> https://www.youtube.com/watch?v=xFUkzzAXXYg
Grey's Anatomy: Bad Guys Asking 5k Bitcoins Bailey asks Jackson for Money Season 14 Episode 8:
> https://www.youtube.com/watch?v=JGSSY-pnKXs
---
Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message