zero-day

In an episode with perhaps the most SEO-friendly title in TechStuff history, we learn about how someone used an AI-generated version of YouTuber MrBeast to advertise a scammy deal, how the FTC alleges that Amazon used a secret algorithm to fix prices and squash competition, and how Facebook Messenger users proved that Meta's tool for AI-generated stickers might need a bit more work.

See omnystudio.com/listener for privacy information.

• Apple has quietly removed support for Postscript in macOS Ventura over security concerns with the outdated interpreter language.
• China has formally accused the NSA of hacking and maintaining access to Huawei servers since 2009, based on documents from Edward Snowden.
• A misconfigured Azure Shared Access Signature token resulted in 38TB of sensitive internal Microsoft data being exposed, including employee backups with passwords.
• The Signal messaging platform has added a post-quantum encryption protocol called PQXDH, combining its existing X3DH with the believed quantum-resistant CRYSTALS-Kyber system.
• A zero-day iOS exploit chain was used to target Egyptian presidential candidate Ahmed Eltantawy, redirecting his traffic to install spyware after visiting a non-HTTPS site.
• Steve gave an update on the status of his forthcoming ValiDrive USB validation utility, explaining delays due to challenges working at the USB level under Windows.
• A blog post argued that the complexity of modern web browsers has made it impossible to create competitive new browsers from scratch.
• An emailer claimed to have a mathematical algorithm that can generate truly random numbers.
• Another emailer asked whether encrypting and deleting a hard drive could substitute for overwriting with random data.
• There was an explanation of how public key encryption can be used bidirectionally for both encryption and authentication.
• Listener questions whether all stolen LastPass vaults will eventually be decrypted.

Show Notes - https://www.grc.com/sn/SN-941-Notes.pdf

Hosts: Steve Gibson and Ant Pruitt

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• joindeleteme.com/twit promo code TWIT
• GO.ACILEARNING.COM/TWIT
• Melissa.com/twit

• Apple has quietly removed support for Postscript in macOS Ventura over security concerns with the outdated interpreter language.
• China has formally accused the NSA of hacking and maintaining access to Huawei servers since 2009, based on documents from Edward Snowden.
• A misconfigured Azure Shared Access Signature token resulted in 38TB of sensitive internal Microsoft data being exposed, including employee backups with passwords.
• The Signal messaging platform has added a post-quantum encryption protocol called PQXDH, combining its existing X3DH with the believed quantum-resistant CRYSTALS-Kyber system.
• A zero-day iOS exploit chain was used to target Egyptian presidential candidate Ahmed Eltantawy, redirecting his traffic to install spyware after visiting a non-HTTPS site.
• Steve gave an update on the status of his forthcoming ValiDrive USB validation utility, explaining delays due to challenges working at the USB level under Windows.
• A blog post argued that the complexity of modern web browsers has made it impossible to create competitive new browsers from scratch.
• An emailer claimed to have a mathematical algorithm that can generate truly random numbers.
• Another emailer asked whether encrypting and deleting a hard drive could substitute for overwriting with random data.
• There was an explanation of how public key encryption can be used bidirectionally for both encryption and authentication.
• Listener questions whether all stolen LastPass vaults will eventually be decrypted.

Show Notes - https://www.grc.com/sn/SN-941-Notes.pdf

Hosts: Steve Gibson and Ant Pruitt

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• joindeleteme.com/twit promo code TWIT
• GO.ACILEARNING.COM/TWIT
• Melissa.com/twit

It's 2023 - are you able to keep your systems patched? Richard talks to Sami Laiho about the emerging patching crisis. Sami talks about how MFA and user security have improved enough that they are no longer the primary path of exploitation for ransomware. Today, the main way to get breached is through unpatched computers. But patches are risky and can occasionally cause downtime - so we control when patches are installed and (hopefully) test extensively. Is it worth it? Is it better to be down for an hour due to a lousy patch versus down for months due to a breach? It's time to talk to leadership about a change of tone around patches - and get moving faster!

Links:

• Microsoft Authenticator
• Windows Autopatch
• Center for Internet Security
• Sami Laiho Website

Recorded May 10, 2023

Turnschuh-Admins, die im Neuland EDV machen – die IT-Sicherheit in Deutschland hatte mal ein leicht verstaubtes Image. Doch auch das hat sich geändert, seitdem mal wieder ein frischer Wind über den großen Teich geweht ist. Cybersecurity trägt die amerikanische Kultur im Namen – statt trockenem Feature-Function-Fucking wird eine Story erzählt hinter der eine Vision steckt. Die Defender des Cyberspace sind da!

In dieser Folge hat Patrick einen echten Defender eingeladen: Andre Julkowski, Commercial Sales Director bei Cybereason, um mit ihm tief in die Welt der Cybersecurity einzusteigen. Vom Superbowl und amerikanischer Unternehmenskultur, über sprachkonstruiertes Denken und Kybernetik, hin zu MITRE ATT&CK und Kanarienvögeln in Honigtöpfen. Mit KI-gesteuerten Sensoren auf Compiler-Ebene, die 9,8 Petabyte pro Tag analysieren, gibt es keine bösartige Operation im Cyberspace mehr, die noch vor XDR gefeit ist.

---

0:00 Rückbank-Punk (Intro)

0:50 Andre Julkowski – der Defender

1:30 Superbowl LVI (2022) Werbespot

2:22 Coolness in die IT-Sicherheit bringen

3:22 Vision, Story & die Eule

5:07 Kulturelle Unterschiede USA-DE & sprachkonstruiertes Denken

7:56 Storytelling im Marketing und amerikanische Unternehmenskultur

9:20 Kybernetik/Regelungstechnik – Cyberspace – Cybersecurity

10:32 XDR, MITRE ATT&CK & 100% Sicherheit?

11:33 Legacy Infrastruktur, Endpoint Security/Protection, Zero-day & Antivirus

12:49 Verhaltensbasierter Next-Gen Antivirus & Post-Breach EDR

14:36 XDR – Bigger Picture in der Cyberinfrastruktur

15:45 Verhaltens-Lernen im Cyberspace Mensch/Maschine

17:26 KI-gesteuertes sensorbasiertes Netzwerk – Datenkrake

19:39 Malicious Operation Flex

20:37 Kanarienvögel in Honigtöpfen

21:57 Oh Gott, ist das heiß (Outro)

---

Patrick Buchholz | Kulturtechnologe & web3 Raumzeit Künstler | Linktree

Andre Julkowski | Commercial Sales Director | LinkedIn

David Friedrich | Sound Design & Audio-Engineering | Website

---

Quellen und weitere Informationen

Jan Claas van Treeck, PhD | Techtheoretiker, Professor an der Hochschule Fresenius Hamburg | LinkedIn

Patrick Buchholz | Cyberspace Defender, Distribution & Channel Manager bei Cybereason | Linktree

David Friedrich | Sound Design & Audio-Engineering | LinkedIn

***In order to get the breaking cyber news to you guys FAST we are posting these right after the live broadcast! If you prefer your news more filtered, keep an eye out for the edited posting tomorrow!***

In today's podcast, PreVeil's compliance manager, Noël Vestal, discusses how using Zero-Trust end-to-end encryption helps fight the Zero-Day attacks that are all the rage today, and why having trusted vendors is crucial to help implement compliance standards, especially when a government contract is on the line.

Compliance takes hard work, even with vendors there to help, but knowing who to trust makes all the difference.

Links:

•  Google Chrome Bug Actively Exploited as Zero-Day
•  Apple Rushes Out Patches for 0-Days in MacOS, iOS

Special Guest: Noël Vestal, Compliance Manager at PreVeil
Host: Craig Petronella
Co-Hosts: Blake, Erin, & BJ

Support the show - Call 877-468-2721 or visit https://petronellatech.com

Please visit YouTube and LinkedIn and be sure to like and subscribe!

NO INVESTMENT ADVICE - The Content is for informational purposes only, you should not construe any such information or other material as legal, tax, investment, financial, or other advice. Nothing contained on our Site or podcast constitutes a solicitation, recommendation, endorsement, or offer by PTG.

Support the Show

Please visit https://compliancearmor.com and https://petronellatech.com for the latest in Cybersecurity and Training and be sure to like, subscribe and visit all of our properties at:

• YouTube PetronellaTech
• YouTube Craig Petronella
• Podcasts
• Compliance Armor
• Blockchain Security
• LinkedIn
• Call 877-468-2721 or visit https://petronellatech.com

In this episode we talking about the widely exploited Microsoft Exchange Zero-Day and company culture around patch management. 

Follow the Podcast on Social Media! Links Below 
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: Coming Soon!

Affiliate Links:
NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902

Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today