loader from loading.io

Welcome! DNS Hijacking through New Browser Protocols and more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Technology News Commentator

Release Date: 06/13/2020

Learn how to protect yourself online - featuring tips on haveibeenpwned, AI demos and 2FA/MFA authentication. show art Learn how to protect yourself online - featuring tips on haveibeenpwned, AI demos and 2FA/MFA authentication.

Craig Peterson - America's Leading Technology News Commentator

First up, I have some sobering news. Almost all of our personal information has likely been stolen at one point or another. This could include our names, addresses, phone numbers, email addresses, and even passwords. Cybercriminals are constantly searching for vulnerabilities in systems where this information is stored, and unfortunately, they often find them. However, there are steps we can take to protect ourselves. One tool that can help is called "haveibeenpwned." It's a website where you can check if your email address has been compromised in any data breaches. If it has been compromised,...

info_outline
The Truth About ChatGPT and A.I. - Discover the Secrets of Internet Anonymity and Protect Your Privacy show art The Truth About ChatGPT and A.I. - Discover the Secrets of Internet Anonymity and Protect Your Privacy

Craig Peterson - America's Leading Technology News Commentator

Welcome to this week's episode of The AI Revolution! In this episode, join us as we explore the world of Artificial Intelligence and its potential to revolutionize business and life. We'll discuss how to use AI for free, what it can do well, and when and where you should never use it. We'll also talk about how to generate emails, blog posts, and content for Facebook, Twitter, LinkedIn, Instagram, and YouTube live! Tune in now to learn more about how AI is transforming the world. Discover the Secrets of Internet Anonymity and Protect Your Privacy The best way to protect yourself from...

info_outline
Protect Your Business and Home from the Most Dangerous Cyber Threats - Uncover the Risks and Steps You Can Take to Stay Secure show art Protect Your Business and Home from the Most Dangerous Cyber Threats - Uncover the Risks and Steps You Can Take to Stay Secure

Craig Peterson - America's Leading Technology News Commentator

Cyber security is no longer an option for small business owners – it's a necessity. Cyber threats are rising, and small businesses must stay ahead of the curve to protect their data and networks from malicious actors. This show will uncover the most dangerous cyber threats to small businesses and what steps you can take to stay secure. Ransomware Attacks Ransomware attacks are one of the most dangerous cyber threats to small businesses. Ransomware is malicious software (malware) that's typically delivered via malicious links or email attachments. Once installed on a network, the...

info_outline
Artificial Intelligence Search Engines You Can Use For Free Today - Robot Kicked Out of Court - CNET and BuzzFeed Using AI show art Artificial Intelligence Search Engines You Can Use For Free Today - Robot Kicked Out of Court - CNET and BuzzFeed Using AI

Craig Peterson - America's Leading Technology News Commentator

Artificial Intelligence Search Engines You Can Use For Free Today Robot Kicked Out of Court CNET and BuzzFeed Using AI Biden Signs Go-Ahead to Use Child Labor to Make E-Car Batteries The Biden administration has issued a 20-year ban on new mining claims in the upper Midwest's famed Iron Range, and it is turning to foreign supply chains as it pushes green energy projects. The move comes as the U.S. continues to rely on foreign suppliers for critical minerals used in wind turbines and electric vehicles. The ban is part of a broader effort by the White House to reduce reliance on imported...

info_outline
A Step-by-Step Guide to Clearing Your Browser History and Wipe Away Your Online Footprint - Generation Z is the least cyber secure - Security and the Electric Vehicle Charging Infrastructure Failing US show art A Step-by-Step Guide to Clearing Your Browser History and Wipe Away Your Online Footprint - Generation Z is the least cyber secure - Security and the Electric Vehicle Charging Infrastructure Failing US

Craig Peterson - America's Leading Technology News Commentator

A Step-by-Step Guide to Clearing Your Browser History and Wipe Away Your Online Footprint The process for clearing your Internet browser history can vary depending on your browser. However, here are the general steps for removing your browser history on some popular browsers… Generation Z is the least cyber secure because they are the most tech-savvy generation but also the least experienced in cyber security.  They are likelier to take risks online, such as clicking on suspicious links or downloading unknown files and are less likely to use strong passwords or two-factor...

info_outline
ChatGPT's Technology Will Be Part of Everything This Year - How AI chatbot ChatGPT changes the phishing game - Microsoft Looking to Invest $10 billion More show art ChatGPT's Technology Will Be Part of Everything This Year - How AI chatbot ChatGPT changes the phishing game - Microsoft Looking to Invest $10 billion More

Craig Peterson - America's Leading Technology News Commentator

ChatGPT's Technology Will Be Part of Everything This Year ChatGPT is a new text-generation tool trained on 40GB of Reddit's data. It can generate long passages of text virtually indistinguishable from human-written prose, which could have enormous implications for everything from customer service chatbots to fake social media accounts. The company behind ChatGPT is also working on ways to detect if the text was generated by ChatGPT or a human—though some experts worry about how bad actors could misuse this technology. The technology has generated random plot descriptions for video games to...

info_outline
Google Ads Were Weaponized - Identifying Criminals Using Cell Phone Location Data - WhatsApp Was Hacked By an Israeli Company – US Supreme Court Allows WhatsApp to Sue NSO Group - Identity Thieves Bypassed Experian Security to View Credit Reports show art Google Ads Were Weaponized - Identifying Criminals Using Cell Phone Location Data - WhatsApp Was Hacked By an Israeli Company – US Supreme Court Allows WhatsApp to Sue NSO Group - Identity Thieves Bypassed Experian Security to View Credit Reports

Craig Peterson - America's Leading Technology News Commentator

Google Ads were weaponized in a way that made them appear like any other ad – Allowed hackers to infect computers with malware via a single click. Hackers have weaponized Google Ads to spread malware to unsuspecting users by disguising them as regular ads. They do this by cloning the official websites of popular software products, such as Grammarly, Audacity, μTorrent, and OBS, and distributing trojanized versions of the software when users click the download button. This tactic allows hackers to infect users' computers with malware through a single click. Google Ads, also known as Google...

info_outline
The Newest Artificial Intelligence Is About to Change Your Life! And It's Code Red for Google. show art The Newest Artificial Intelligence Is About to Change Your Life! And It's Code Red for Google.

Craig Peterson - America's Leading Technology News Commentator

Artificial Intelligence is changing the world. Right Now! In just a few years, it's possible that you might be chatting with a support agent who doesn't have a human body. You'll be able to ask them anything you want and get an answer immediately. Not only that, but they'll be able to help you with things like scheduling appointments, making payments, and booking flights—without any human intervention necessary. This is just one of the many ways that Artificial Intelligence will change our lives this year. We will see more businesses using AI technology to make their processes more efficient...

info_outline
Ring Cameras Hacked - LastPass finally admits crooks stole your info - How to use Password Managers - Which are the best for you? show art Ring Cameras Hacked - LastPass finally admits crooks stole your info - How to use Password Managers - Which are the best for you?

Craig Peterson - America's Leading Technology News Commentator

Privacy… Ring Cameras Hacked in 'Swatting' Scheme Critics and researchers say the Ring cameras are used to surveil gig economy drivers and delivery people and that they give law enforcement too much power to survey everyday life. The pair would hack people's Yahoo email accounts, then their Ring accounts, find their addresses, call law enforcement to the home with a bogus story, and then stream police's response to the call. Often, they would harass the first responders at the same time using Ring device capabilities. ++++++++ LastPass finally admits: Those crooks who got in? They did steal...

info_outline
Slave Labor in China - Apple Moves Out - Spyware posing as VPN apps - Darknet markets generate millions in revenue by selling stolen personal data - Voice-scamming site “iSpoof” seized show art Slave Labor in China - Apple Moves Out - Spyware posing as VPN apps - Darknet markets generate millions in revenue by selling stolen personal data - Voice-scamming site “iSpoof” seized

Craig Peterson - America's Leading Technology News Commentator

Craig Peterson  Insider Show NotesDecember 5 to December 11, 2022 China… Apple Makes Plans to Move Production Out of China In recent weeks, Apple Inc. has accelerated plans to shift some of its production outside China, long the dominant country in the supply chain that built the world’s most valuable company, say people involved in the discussions. It is telling suppliers to plan more actively for assembling Apple products elsewhere in Asia, particularly India and Vietnam, they say and looking to reduce dependence on Taiwanese assemblers led by Foxconn Technology Group. After a year...

info_outline
 
More Episodes

Welcome!

Craig discusses how your DNS is being hijacked by new browser protocols known as DNS over HTTPS (DoH.)

For more tech tips, news, and updates visit - CraigPeterson.com

---

Read More:

Using The New Chrome Secure DNS Settings To Browse Privately Is Easy

---

Automated Machine Generated Transcript:

Far too many ISP are watching where we're going and even changing our location, that URL you type in might not take you where you think you should be going.

[00:00:17] Hi everybody. Craig Peterson here. Thanks for joining me. We're here every week with all kinds of great information, keeping up to date on the latest in technology. And of course. Because I'm a security guy, a lot about security, and that's kinda what we're going to talk about right now. We all have internet service providers, whoever they are.

[00:00:40]In fact, the internet service providers even have internet service providers because they have to connect with other networks in order to get you where you want to go online. It's a strange world out there. And one of the things that the internet does and frankly has to do in order to get you to that location you want to go, is it uses something called the domain name system.

[00:01:07] Oh, you might call it the domain name service as well. But the idea behind this is to allow you to type in a URL or click on a link and that link then takes you to the correct site. Now you might be wondering what's this all about, I'm not going to get into the guts of the internet. That's not what I do.

[00:01:29] That's not my job. That's not going to affect me. Oh, my, it does because the domain name service was designed many years ago to solve a problem, but it did not consider another problem that was being created in his stead. What we've ended up with is. You guessed it, another problem, the DNS system allows you to type in that I address.

[00:01:58] And then it goes to your internet service provider and says, Hey, I want to go to google.com. Give me the address. And then. The internet service provider goes and talks upstream, finally finds out what the address for Google is. It's just like if you sent a piece of email and you addressed it to Craig Peterson in the Northeast United States, now it might get to me because some of these postal workers are very driven and they really want to help out.

[00:02:27] Right. But what are the odds that mail would actually end up in my mailbox? You know, not very good. Is it, so you have. To have a street address or maybe appeal, box number to send that true that to, maybe a rural route number as well. Who knows? Right? Depends on where you're at. If you're overseas, a military duty it's even different, but on the internet, Everything has to come down to these numbers.

[00:02:53] It's called the internet protocol, IPV four, and IPV six. Now you don't have to know all of that because all you have to do is type in google.com. Right. We already established that as an easy way to get to Google. However, Behind the scenes what's happening is that some of these internet service providers are actually intercepting your computer's requests to get to Google.

[00:03:21] And then what they're doing with that intercept is changing it sometimes. So they'll look and see, is there a site called google.com? Oh no, there's not. All right. Great. Yes. So then they send you to yet another site that's not Google. And they try and upsell you there'll be Ads all over it. There may be their own little search engine thing.

[00:03:44] That's come up on the screen that allows you to hopefully find the real google.com. On top of it all, not only are these internet service providers who were paying by the way, not only are they intercepting our DNS requests, but frequently they are also being intercepted by the bad guys. Here's what's happening there.

[00:04:09] You have a router in your home, a router in your small business. Now that router is where all of your data goes to. And from the internet now, obviously in bigger businesses, we'll set up multiple routers, multiple sites. We'll probably run a protocol called BGP that lets me route everything in between.

[00:04:30] Right? So if we have a failure, we can failover and everything just continues on. It's just wonderful. But in all of these cases, that router is a central point for all of your data going out to the internet. So what happens when a bad guy gains control of that router? And we're seeing this happen more and more now, because when was the last time you went ahead and made a change to the firmware on your router on that firewall box?

[00:05:06] Right? It probably never, most of us never touch it. We buy it, we set it and we forget it. Right. We, Ron Popeil the thing. But that's not what we need to be doing in this day and age this day and age, we're looking at the internet of things. We're looking at hundreds, maybe thousands, ultimately, of pieces of hardware in our homes.

[00:05:29] It's going to be embedded in our clothing. It's already in some of the shoes we have purses. We have. All of those devices need updates. Now that's one of the reasons we advise people to get rid of those big-box retail devices that they have like a link SIS box or who knows what, and that they're using at the network edge.

[00:05:54] We advise them to get something that's way more professional that has longterm support for it. And, you know, for my clients, we always use it. The Cisco gear. There's a whole new line that we've had great success with called them. Rocky go, you can look it up online. I'd be glad to help you with that. And then the next sec pop from that is Rocky.

[00:06:16] And then you get into the Cisco, but here's what's happening. You have not updated the firmware in your router slash firewall. Now, many times you cannot update the firmware because it is out of revision. So you bought this hardware three, four or five, six years ago as we were working just fine. Has given you the wifi.

[00:06:41] Everything is just hunky Dory. It's wonderful. And you've never thought twice about changing that firmware. And in fact, the manufacturer hasn't bothered to release updates to fix the latest, major bug security problem in their firmware. So do you see where I'm going here now? Here's what happens if you put all of this into a pot, let's stir it up.

[00:07:04] I know it's a little confusing, but here's what comes out in the end. When we take it out of the oven, the bad guys, they update the firmware. On your rudder slash firewall. That's a worst-case scenario. They actually updated and they set it up to send all of their data to Russia. All of your data, I should say to Russia or China, but what we're seeing right now is a DNS attack where they are routing all of your intranet DNS requests to them and their server. So here's what happened. Imagine you're sitting in front of your computer and you type in your bank, maybe it's TD bank.com, bank of america.com. Whatever it is. Remember your browser does not know how to get to TD bank. It doesn't know how to get to the Bank of America.

[00:07:58] So what does it do? It then sends a request out to the internet saying, Hey, what's the internet address for TD bank what's happened now? Is it sends a packet out to the internet? Hopefully to your internet service provider, but it gets intercepted. And now that packet goes to the bad guys and the bad guys say, Oh, TD bank.

[00:08:26] Yeah. Yeah. There, you know that part of town you never wanted to go into, you know, on the other side of the tracks where it's kind of dark and greasy and yeah. There's a lot of muggings and stuff. That's where TD bank is. Oh yeah. Go over there. So they will return the wrong address for TD bank. And now your browser ends up on their website, could even be a dark web website and all of your data, everything you're typing in is now being captured by them.

[00:08:58] So we have now both Firefox and Chrome who are doing something called HTTPS. DNS over HTTPS is, of course, is encryption. So it is now sending the requests for DNS encrypted end to end. That is great for consumers, usually. However, It does break security systems. So both Google and Mozilla have jumped on board here a little prematurely, but that's what's happening right now with your DNS.

[00:09:37] And what you should do is going to be based on your environment and what you're doing. Check people tell you, Hey, stick around. We're going to talk about insider threats. I bet you didn't know how prevalent they are and how they're occurring. You're listening to Craig Peterson.com. Stick around. We'll be right back.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553