Optrics Insider Optrics Insider

Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss DeepFake Lite using Anthony Bourdain's voice in a new documentary on his life, the "Summer of Sam" Microsoft Print Nightmare and the latest Kaseya Ransomware Attack update.



For more IT tips go to:

> www.OptricsInsider.com



Timecodes:

> 0:00 - Intro

> 0:19 - Today's 3 topics

> 0:33 - Topic 1: Deep Fake Lite

> 7:35 - Topic 2: Microsoft Print Nightmare

> 11:12 - Topic 3: Kaseya Update

> 14:20 - Closing remarks



More on DeepFake Lite:

> A Haunting New Documentary About Anthony Bourdain

> Voice clone of Anthony Bourdain prompts synthetic media ethics questions



More on Microsoft PrintNightmare / "Summer of SAM" - HiveNightmare / Print Spooler CVE-2021-34481:

> Windows Elevation of Privilege Vulnerability (CVE-2021-36934)

> Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34481)



More on how Kaseya obtained a "universal decryptor key" for the REvil ransomware and is delivering it to clients:

>  Kaseya obtains REvil decryptor, starts sharing it with afflicted customers


---

Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message

Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the Punk Spider search engine for website vulnerabilities, the tech support scam that got Jim Browning's Youtube channel deleted and the Olympic broadcaster who announced his password while on the air.
Timecodes:

> 0:00 - Intro

> 0:21 - Today's 3 topics

> 0:40 - Topic 1: Punk Spider

> 4:34 - Topic 2: Irony, Thy Name is Jim

> 8:27 - Topic 3: What is Your Olympic Password?

> 11:03 - Closing remarks

More on Punk Spider:

> A Controversial Tool Calls Out Thousands of Hackable Websites

More on Jim Browning getting his Youtube channel deleted:

> Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam


So to prove that anyone can be scammed, I was convinced to delete my @YouTube channel because I was convinced I was talking @YouTubeCreators support. I never lost control of the channel, but the sneaky s**t managed to get me to delete the channel. Hope to recover soon. pic.twitter.com/ygmt2CDlR1

— Jim Browning (@JimBrowning11) July 26, 2021

Learn more about KnowBe4 by going to:

> KnowBe4 Security Awareness Training

Find out what percentage of your employees are Phish-prone:

> Start Your Free Phishing Security Test

Download a copy of the Social Media Red Flags PDF here:

> https://www.optricsinsider.com/recommends/social-engineering-red-flags/

Find out which of your users take the bait and reply to a spoofed email:

> Find out now how many of your users take the bait and reply to a spoofed email

Find out how vulnerable your network is against Ransomware and cryptomining attacks:

> How vulnerable is your network against RANSOMWARE and CRYPTOMINING attacks?

Find out which of your users are vulnerable to a social media phishing attack:

> Don't get hacked by social media phishing attacks! Find out which of your users are vulnerable now!

Learn more about the Red Flags of URLS here:

> It's Not Only About the URL

Learn more about Curricula Security Awareness Training here:

> www.Optrics.com/Partners/Curricula.aspx



---

Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message

Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the printer driver nightmare zero day vulnerability, SonicWall's VPN appliance is under attack and Kaseya's recent ransomware attack.

Timecodes:

- 0:00 - Intro

- 0:19 - Today's 3 topics

- 0:40 - Topic 1: Printer Driver Zero Day

- 06:09 - Topic 2: SonicWall VPN Vulnerability

- 10:38 - Topic 3: Kaseya VSA Hack

- 17:04 - Closing remarks

Print Nightmare Zero Day:

> PrintNightmare, Critical Windows Print Spooler Vulnerability

> CVE-2021-1675: Incomplete Patch and Leaked RCE Exploit

Ways to keep the computers in your network updated:

> ManageEngine Desktop Central

Good tool to keep your personal computers updated:

> CCleaner

SonicWall Warns of Active Attacks Against VPN Appliances:

> Urgent Security Notice: Critical Risk to Unpatched End-of-Life SRA & SMA 8.x Remote Access Device

Got $70M spare change?

> IT for service providers biz Kaseya defers decision about SaaS restoration following supply chain attack

> Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Autonomous Cars Hacked Scene - The Fate of the Furious:

> www.youtube.com/embed/GGhLykstBmA


---

Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message

Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss  the Dell Bios Connect vulnerability, the 1 billion  records that were leaked from CVS Health, Western Digital's MyBook  remote factory reset issue and the Zero Trust cybersecurity framework.



For more IT tips go to:

> www.OptricsInsider.com



Timecodes:



0:00 - Intro 

0:19 - Today's 4 topics 

0:42 - Topic 1: Dell Bios Connect Vulnerability 

4:14 - Topic 2: CVS Health Leak 

10:48 - Topic 3: Western Digital MyBook Remote Factory Reset 

15:10 - Topic 4: Zero Trust 

21:15 - Closing remarks



Dell BiosConnect Vulnerability:

> Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models via Dell Remote OS Recovery and Firmware Update Capabilities

> DSA-2021-106: Dell Client Platform Security Update for Multiple Vulnerabilities in the BIOSConnect and HTTPS Boot features as part of the Dell Client BIOS

> Dell SupportAssist contained RCE flaw allowing miscreants to remotely reflash your BIOS with code of their creation



WD My Book Live and My Book Live Duo getting a remote factory reset - all data appears gone:

> Important Announcement About Your WD My Book Live Product: WDC-21008

> Recommended Security Measures for WD My Book Live and WD My Book Live Duo



Zero Trust cybersecurity - moving from hard shell / soft center to NoTrustForYou!:

> Executive Order on Improving the Nation’s Cybersecurity 

> https://en.wikipedia.org/wiki/Zero_trust_security_model

> What is Zero Trust? A model for more effective security

> Embrace Proactive Security with Zero Trust



Need help with your network security? We can help! Contact us at:

> www.Optrics.com


---

Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message

Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss what is bigger - 26 million or 8.4 billion, open redirect, the recent Akamai CDN outage and PoE powered can of spam to stop spam..

Timecodes:

0:00 - Intro

0:21 - Today's 4 topics

0:55 - Topic 1: Which is Bigger 26 Million or 8.4 Billion?

8:01 - Topic 2: Open Redirects

12:11 - Topic 3: Akamai CDN Outage

13:24 - Topic 4: PoE Powered Can of Spam

19:07 - Closing remarks

Hackers Stole Nearly 26 Million User Login Credentials for Sites Like Amazon, Google, Facebook between 2018 and 2020:

> Nameless malware that stole 1.2 TB of private data

> https://twitter.com/troyhunt/status/1402358364445679621?s=21

Password Manager Options Mentioned:

> PSafe

> ManageEngine Password Manager Pro

> RoboForm

Google Meet Open Redirects and Why Phishers Love Them:

> Open redirects ... and why Phishers love them

Akamai experienced an outage for one of its Prolexic DDoS services (Routed 3.0) with approximately 500 customers using this service:

> Akamai Provides Prolexic DDoS Service Impact Update (Status: Resolved)

PoE-powered can of spam to stop Ad spam:

> https://twitter.com/danielhepper/status/1403624545010003970


---

Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message

Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss why JBS paid $11 million in ransom (and it wasn't to get their data back), how the Fastly outage knocked the Internet offline and Zoll's defibrillator dashboard vulnerability advisory.

For more IT tips go to:

> www.OptricsInsider.com

Timecodes:

0:00 - Intro

0:20 - Today's 3 topics

0:57 - Topic 1: JBS Pays Ransom

7:02 - Topic 2:  Fastly Outage

15:12 - Topic 3: Zoll advisory

20:56 - Closing remarks

JBS Paid $11M Ransom to Prevent Attackers from Leaking Stolen Data:

>  JBS USA Cyberattack Media Statement - June 9

Fireside Chat with Unitrends and their All-in-One Backup and Recovery Solutions:

> https://www.youtube.com/watch?v=-Gpr6_jmpes

Fastly CDN Outage Knocked Portions of the Internet Offline: 

> Fastly -  Summary of June 8 outage

Not the only one - Cloudflare also had a recent outage:

>  Cloudflare Pages Build Delays - Incident Report for Cloudflare

ICS Medical Advisory (ICSMA-21-161-01) ZOLL Defibrillator Dashboard:

>  ICS Medical Advisory (ICSMA-21-161-01)

The Wolf Starring Christian Slater | HP Studios:

> https://www.youtube.com/watch?v=ZUP4ib5FzGs

HP Wolf Security - A New Breed of Endpoint Security | Security | HP:

> https://www.youtube.com/watch?v=ACXhdzOoEic

Grey's Anatomy: A Cyber Attack:

> https://www.youtube.com/watch?v=xFUkzzAXXYg

Grey's Anatomy: Bad Guys Asking 5k Bitcoins Bailey asks Jackson for Money Season 14 Episode 8:

> https://www.youtube.com/watch?v=JGSSY-pnKXs


---

Send in a voice message: https://podcasters.spotify.com/pod/show/optrics-insider/message