loader from loading.io

Welcome! What you can look for to determine if you are under attack plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Release Date: 09/04/2020

 Hunter Biden and Computer Repair Shops plus more on this Tech Talk with Craig Peterson Podcast show art Hunter Biden and Computer Repair Shops plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig gets into some detail about why Hunter Biden's laptop that he took to a shop and never picked up is now in the hands of the FBI/DOJ and the things he did wrong when he took it in for service -- and no -- it has nothing to do with Russia. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Yeah, I'm sure you heard about Hunter Biden, and what happened with his computer when he took it in for repairs? How about your computer? We'll be getting into that right away, right off the top. And then...

info_outline
 Data Privacy and Computer Repair plus more on this Tech Talk with Craig Peterson Podcast show art Data Privacy and Computer Repair plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig continues his explanation about computer repairs and what you can and must do to protect your data and privacy. Back up your data! Also, the proper way to destroy old disks. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Do you know, what's on your computer? Do you know what they do with it? At some of these repair shops that you take your computer when it gets slow and something breaks? When you're just trying to figure it out? What the heck is happening here, man? We've got an...

info_outline
Continuation of The Considerations Surrounding Privacy and Computer repair plus more on this Tech Talk with Craig Peterson Podcast show art Continuation of The Considerations Surrounding Privacy and Computer repair plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig continues his explanation of what you need to do if you have to take your computer to a shop to be repaired. This segment covers encryption. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] We're going to talk right now a little bit more about removing that personal data before you send it in for repair and a couple of other things that you need to know about your rights when it comes to repairs. Hey, you're listening to Craig Peterson. Thanks for joining us today. Next up is probably...

info_outline
DHS and FBI Warning about Election Hacking plus more on this Tech Talk with Craig Peterson Podcast show art DHS and FBI Warning about Election Hacking plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig explains why DHS and the FBI are warning us about Election Hacking and why it individual State Website Security is the culprit. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] We've talked about the potential here of hackers getting into our election systems and what are they going to be able to do?  No, I've never been really big on this, but now FBI and DHS, well they're both disagreeing with me. Hey everybody. Welcome back. You're listening to Craig Peterson. I've talked about...

info_outline
IRS and Data Aggregators plus more on this Tech Talk with Craig Peterson Podcast show art IRS and Data Aggregators plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses how the IRS gets around collecting data on US Citizens.  They buy the information from these private Data Aggregators like our friends at Equifax - who by the way collect tons of information on you without your permission (you have no say in what information they collect) and then sell it! For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson (2): [00:00:00] Coming up in this hour, we're going to talk about the IRS. Yes. Investigated for using location data without a warrant. We're going to...

info_outline
Data Aggregators and Biometric Databases plus more on this Tech Talk with Craig Peterson Podcast show art Data Aggregators and Biometric Databases plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

In this very busy segment, Craig addresses a number of tech issues that are in the news right now. First off BEC scams.  Business Email Compromises are also commonly known as Spear Phishing scams and target executives.  In the past, many came from outside the US but this has changed.  Next, he discusses what happened with Excel and the loss of some Covid data.  Then he explains why the IRS is looking at Cryptocurrency on people's tax returns. So let's get into it! For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated...

info_outline
Dangers of Biometric Databases and CLEAR's new focus plus more on this Tech Talk with Craig Peterson Podcast show art Dangers of Biometric Databases and CLEAR's new focus plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses CLEAR and why what they are doing now is NOT a good idea. These biometric databases can be hacked just like any other database.  The Danger is - there is no way to guarantee 100% security of your data and if it gets hacked -- You can't change your biometrics! For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson (2): [00:00:00] Hey, who has your biometric information? Is it really a problem? You've got your phone, you unlock with your face or your, maybe your fingerprint, your thumbprint....

info_outline
IRS investigating Cryptocurrency Cheaters, BEC on the Rise, Covid Contact tracing issues plus more on this Tech Talk with Craig Peterson Podcast show art IRS investigating Cryptocurrency Cheaters, BEC on the Rise, Covid Contact tracing issues plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

In this very busy segment, Craig addresses a number of tech issues that are in the news right now. First off BEC scams.  Business Email Compromises are also commonly known as Spear Phishing scams and target executives.  In the past, many came from outside the US but this has changed.  Next, he discusses what happened with Excel and the loss of some Covid data.  Then he explains why the IRS is looking at Cryptocurrency on people's tax returns. So let's get into it! For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated...

info_outline
AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Computer Repair, Hunter Biden's Laptop and Scully's Tweet  show art AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Computer Repair, Hunter Biden's Laptop and Scully's Tweet

Craig Peterson - America's Leading Security Coach

Welcome! Good morning, everybody. I was on WTAG this morning with Jim Polito.  We got into a lengthy discussion about Hunter Biden and the legitimacy of the emails and how to tell, also about computer repair shops and then a little about Steve Scully's tweet and his lies about it. Here we go with Jim. For more tech tips, news, and updates visit - ---  Automated Machine Generated Transcript: Craig Peterson: [00:00:00] That is a dead give away and these news agencies such as Fox who have seen both emails, I'm sure dug into it because they said these emails were legitimate because we...

info_outline
AS HEARD ON NH Today WGIR-AM 610: Election Security and Federal Warning about Nation-State Actors accessing Vulnerabilities show art AS HEARD ON NH Today WGIR-AM 610: Election Security and Federal Warning about Nation-State Actors accessing Vulnerabilities

Craig Peterson - America's Leading Security Coach

Welcome, Good Monday morning, everybody. Craig Peterson here. You will find here a different host this morning on NH Today. Jack Heath has moved on to another radio group. I was on with Scott Spradlin. We discussed election security in the light of revelations by the FBI and DHS about Nation-State Actors accessing our election systems through known vulnerabilities. Here we go with Scott.  These and more tech tips, news, and updates visit. -  ---  Automated Machine Generated Transcript: Craig Peterson: How vulnerable are the web pages where these final tallies are as well. So...

info_outline
 
More Episodes

Welcome!

Craig discusses the signs that you may be under attack and what to do about it.

For more tech tips, news, and updates visit - CraigPeterson.com

---

Read More:

Musk says that Neuralink implants are close to ready for human testing

---

Automated Machine-Generated Transcript:

Craig Peterson: [00:00:00] So what's the first sign that you are about to get hit by ransomware? that's what we're going to talk about right now. We're going to go through some of these signs.  What does it mean to you as a business? You've got a hundred, 200 employees or maybe more, maybe less. This could be bad.

Hey Craig, Peterson here. Thanks for joining me. I appreciate the time you're spending with me today. I have really been enjoying it. Of course on WGAN are going to be continuing after that top of the hour. So make sure you stay with us, but we've got a whole other hour left. So what is going on here when somebody is trying to break in we're generically calling this ransomware because that is frankly.

One of the major attack vectors that we're seeing right now is the whole ransomware attack.  What does that mean to you? So that's exactly where we're going. You should be seeing some signs. So let's talk about the signs that I have seen. One is that your email is weird. No. I know that's not a great definition.

But that's what I always hear. So something weird is going on with our email. Craig, would you bring your team in and have a look at this for us? We're not quite sure what, and it might be that there are emails that are being received by your clients or maybe your vendors.  You're trying to straighten it out.

What's what, when what, and he can't quite figure it out. So that's a very common one. We get called in on to do some research and try and find out what is going on.  So there's number one. Another one is if you're in that a hundred to 250 employee range that we're working with a lot if you have an active directory server and for some reason, Logins are failing.

So the concept behind this is Microsoft. Once again, took some technology, Kerberos technology, let's steal it and use it and mess it up while we're at it and create it, this whole active directory concept, which is a major hack. It's just Microsoft. But anyway, yeah. The idea is you have an active directory server and that server can provide file servers.

It can provide DNS, it can give you your DHCP or internet addresses. It can put everything together in one place, including log-ins, access control, lists. All kinds of things that will really help your network. So don't get me wrong here. I think you should be using active directory if you have a Microsoft based network. You really should. Because you're going to be much better off than if you try and maintain a hundred desktops manually. Okay. There really is no choice in this, but if you're, we're starting to see log-in failures, people are saying, yeah, I'm trying to log in. I can't get in what's going on.

Okay. That's a sign. If you're getting VPN connections, failing and your VPN server just isn't working right. So those are the very basics. So let's get into a little bit more detail here. If you go on to your active directory server, it is going to show multiple log-in failures. That's a very big deal here.

If you're seeing three login fails in a row, particularly from your remote desktop servers, you might be in trouble. A remote desktop is one of the ways. The bad guys are getting in because there are a number of known vulnerabilities in them.  Most people, again, haven't patched them up and businesses just didn't have time to prepare for the whole COVID-19 thing.

So they sent people home and their systems weren't set up. So keep an eye. If you have an active directory server, keep an eye on it.  The log-in errors you might be having. If you're using a remote desktop.  Particularly if you're exposing the server directly to the internet, it's a very big problem.

Bruce brute force attacks, Bruce force a very big deal here. Because we're seeing these all of the time, you should be keeping an eye on your firewall and your firewall should be logging. In fact, if you're a regulated industry, it has to be logging and you have to have an accurate time source. So if you have all of this data and it's logging it and it's alerting you.

That there are a lot of attacks underway. that might be a sign that ransomware is heading your way and you turn well better, make sure that you have everything patched up. Okay.  That's just a really good idea. The bottom line also. You should look for your brute force attacks, not just on your firewall, but again, on your remote desktop system.

Once they're inside your network, the bad guys are going to start looking for passwords, password files, various types of zip files, doc files, word texts, all of those sorts of things. Nowadays, they are running. Basically shell scripts. Microsoft came out with what they call power shell yet another rip-off.

And, they didn't do a particularly good job on it and it is particularly vulnerable and that's a bad thing.  A lot of those PowerShell attacks that are underway are non-disc resident. They are memory resident, which means that none of your antivirus software is going to catch any of it. Okay. A very big deal there.

Also, keep an eye on phishing emails. These things have been coming in for a long time. Some of them have very strange domain names, keeping high out with your analysis tools. Again, hopefully, you've got a whole integrated system. That's looking at all of this stuff, these new domains that are coming into your network, do you flag them?

Does your firewall have the ability to flag them? So all of a sudden you're seeing a bunch of people going to xyz.com and no one's ever gone there before. You should have a flag for that, because oftentimes what's happening is the bad guys have some software that's trying to exfiltrate trying to take your data out of your network.

To use against you.  That's where open DNS can come in. very well handy. Cisco umbrella. That's what we use there. The free version or inexpensive versions for home. Check it out. Cisco umbrella. I think it's an umbrella.com but Cisco umbrella and that will help dramatically. With the exfiltration of data with phishing domains, et cetera, stopping them from being nasty, next time, or this is on an article, dark reading, and he's got a lot of good information in here.

recently adding some things, taking some things. Yeah. I'm using my actual experience As to what's happening up here. But. Questions that are really being raised about a particular machine.  This is from an incident response manager. My name is Peter McKenzie saying. questions that everyday users aren't normally asking, is this a Mac or Windows?

What's the domain and company name? What kind of admin rights is the computer? Yeah, if you're getting those coming into your help desk, you may have a big bloom, frankly. Okay. Also, security tools that aren't being used by your security people. So keep an eye out for that. There are a number of pieces of security software that I teach people how to use that are going to really help you with digging into everything.

But to have a look at the few of them that are out there, things like process hacker, IO bit, and PC Hunter. So they're legitimate tools, but not being used by just a regular user. So keep an eye on what's running on the machines. Timestamps can be very weird. So keep an eye on that. Some VPN servers do have information about the time of the source of the VPN.

So if all of a sudden you're seeing time connections that are coming in a really weird time zones like Russia, China, wherever it might be. There's another sign. The ransomware might be on the way in, if not in already.  Then traffic, all of a sudden goes up. You have a huge spike going to somewhere. I don't know the internet.

Maybe you can trace it to the dark web. Maybe you can't, but questionable places. Now keep an eye out for that. Unusual DNS requests. A very good thing to watch out for, but again, that's why you use Umbrella. It will keep tabs on those and it'll stop better than 90% of these bad guys from being able to install software that can call home.

And that's very important. You may not be able to tell a tour site. I teach this again. You can use Tor and the onion network in order to hide your identity to a degree it's none of this is absolutely perfect again, but the bad guys use it and they use it a whole lot. So what we do with our clients is we block these TOR entrance/exit sites, these onion network sites. So that bottom line, the bad guys just can't get in. They can't do anything about it.  I think that's really important to do That is your top sign that you're about to get hit with ransomware and they all revolve around keeping an eye out for what's going on in your network.

What you should be doing, what you shouldn't be doing when it comes to your security software.  If you own a business, if you're C level responsible for some of this stuff, make sure you get some training, make sure your people get some training because a lot of these attacks are actually based on ignorance.

That's where people don't know that you should not be clicking on that type of email. People don't know how to determine whether or not a URL is a legitimate URL either. Now we have all kinds of pieces of training for security that we provide to our clients and the tracks who's doing what and helps to meet all of the regulations, whether it's HIPAA or you name it.

But if you don't have anything really simple little quiz training, you can do. Is available online for free from Google. Now, this is just a, it's a few questions, but it helps to educate users about fishing. You can find it online. Just go to phishing quiz, all one-word fishing. P H I S H I N G phishing quiz dot with Google.

Dotcom and you can take that quiz. It's very simple to do. It's fun. I got a hundred door, And, they have emails and it acts kinda like Gmail for reading the emails and shows you what you should be looking for in order to catch some fishing. Going on with your email. So check that out again.

The phishing quiz dealt with google.com. It's at a minimum and, your MSSP or managed security services provider should be providing you with training for all of your employees and tracking it to and giving you reports to make sure that you are compliant with all of the regulations out there. thanks for sticking with me here for the first hour.

We're going to be back here on WGAN after the top of the hour. Of course, news and everything else. Make sure to join me every Wednesday, the morning at about seven 30 with Matt Gagnon, as we discuss the latest tech news out. There and visit me online. Craig peterson.com. If you missed any part of today's show, you'll find it right there in your favorite podcast app.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553