loader from loading.io

Security Tools You Can and Should Use plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Release Date: 10/16/2020

Google FLoC, AI Gemini, and Election Integrity: Protecting Digital Democracy show art Google FLoC, AI Gemini, and Election Integrity: Protecting Digital Democracy

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Welcome to today's episode where we dive into the rapidly evolving world of technology and its impact on privacy, history, democracy, and consumer behavior. Join us as we explore the implications of Google FLoC cookies on online privacy, the dangers posed by AI Gemini in altering historical narratives, the role of technology in ensuring election integrity, and the influence of platforms like Temu on the online shopping experience. Google FLoC Cookies: Understand how Google's FLoC technology is reshaping online privacy and targeted advertising. Dangers of AI Gemini Changing History: Discover...

info_outline
Solar Storm Apocalypse? Myth or Reality? Protect Your Grid (and Life) show art Solar Storm Apocalypse? Myth or Reality? Protect Your Grid (and Life)

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Have you ever considered the impact of a powerful solar storm or an unexpected Electromagnetic Pulse (EMP) on our way of life? This article dives deep into the resilience of our electric grid in the face of these potential threats, exploring the concerning "what ifs." Solar Flares and EMPs: Disrupting Our Connected World Solar Flares: These are massive eruptions of energy from the sun's surface. A powerful enough solar flare can induce electrical currents in our power grids, potentially causing widespread blackouts and damage to transformers. Electromagnetic Pulses (EMPs): These are bursts of...

info_outline
eSIM Exposed: Safeguarding Mobile Privacy & Combatting Hacks show art eSIM Exposed: Safeguarding Mobile Privacy & Combatting Hacks

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

  Chris's $10,000 smartphone hack is just one instance of a concerning trend of cyberattacks. Today, we're delving deep into eSIM technology, a game-changer in mobile privacy and security. Cybersecurity Concerns: The rise in hacking incidents highlights the urgent need for robust cybersecurity measures, especially in the mobile space. eSIM Technology: Exploring the intricacies of eSIMs reveals both their potential and the security challenges they present. Online Privacy: With eSIMs becoming more prevalent, understanding their impact on online privacy is crucial for users. Combatting...

info_outline
Disappear Online: Expert Tips for Digital Cleansing! show art Disappear Online: Expert Tips for Digital Cleansing!

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

  In today's digital age, our online presence can become cluttered and overwhelming, affecting not just our digital identity but also our cybersecurity and privacy. Let's delve into the expert secrets of digital cleansing to ensure a safer and more secure online journey: Understanding Digital Clutter: Learn how digital clutter impacts your life and why it's essential to tidy up your online presence. Cybersecurity Concerns: Uncover the risks posed by unchecked emails, unused accounts, and shares, and how they can compromise your cybersecurity. The Importance of Online Privacy:...

info_outline
Defend Your Digital Domain: Transforming Home Networks for Cybersecurity show art Defend Your Digital Domain: Transforming Home Networks for Cybersecurity

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Hey there! Is your home Wi-Fi a potential cyber threat? Let’s bolster your network's defenses! Here's what you'll find in this guide: Privacy Concerns: Understand the risks associated with a vulnerable home network and the importance of safeguarding your personal information. Wi-Fi Security: Learn how to secure your home Wi-Fi network to prevent unauthorized access and protect your devices. Smart Devices: Explore the security challenges posed by smart devices and how to mitigate these risks effectively. Network Segregation: Delve into the concept of dividing your home network for...

info_outline
Unlocking the Secrets of Online Privacy: Cracking the Code to Secure Chats show art Unlocking the Secrets of Online Privacy: Cracking the Code to Secure Chats

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Have you ever paused mid-message, wondering who might be lurking in the digital shadows? I've delved deep into the realms of online privacy, spam prevention, encryption, and the intricacies of organizing your digital life to keep your conversations secure. Join me on this thrilling journey through cyberspace as we unravel the secrets of safeguarding your chats. Here's what you'll discover in our expedition: Privacy in the Digital Age: Uncover the nuances of online privacy and learn how to navigate the digital landscape confidently. Combatting Cyber Threats: Dive into the world of...

info_outline
Defend Your Inbox: The Ultimate Plus Addressing Privacy Solution! show art Defend Your Inbox: The Ultimate Plus Addressing Privacy Solution!

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Hey there! Ever find yourself drowning in a sea of spam emails? πŸ“§ Fret not! I've got the perfect solution to not only declutter your inbox but also fortify your online privacy and cybersecurity. πŸ›‘οΈ Introducing the ultimate guide to digital clean up, with a focus on plus addressing for enhanced privacy and organization. No more sifting through unwanted emails – this guide is your ticket to a streamlined and secure email experience. πŸ“₯ Here's what you'll find in this comprehensive guide: Privacy Reinforcement: Learn how plus addressing can act as a shield, allowing you to...

info_outline
Online Advertising Transformed: Google's Move Beyond Cookie Dependency show art Online Advertising Transformed: Google's Move Beyond Cookie Dependency

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Hold onto your hats, tech enthusiasts! πŸŽ©πŸ’» Get ready for a seismic shift in the digital landscape as Google bids farewell to cookies, ushering in a new era where privacy is more than just wishful thinking. Say goodbye to the cookie craze! πŸͺ🚫 In my latest deep dive, "Digital Clean Up: Navigating Google's Game-Changing Shift in Online Advertising," I'm unraveling the intricacies of this groundbreaking move and what it means for all of us navigating the vast realms of the internet. πŸŒπŸ” Here's what you can expect in this enlightening journey: Advertising Evolution: Explore...

info_outline
Crack the Code: Mastering Windows Security and Digital Clean-Up Tactics show art Crack the Code: Mastering Windows Security and Digital Clean-Up Tactics

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

In the fast-paced world of technology, your Windows device needs the ultimate defense against cyber threats. I've revamped the guide, diving deep into the realms of anti-virus protection, cybersecurity, and online privacy. Here's your roadmap to a digitally clean and secure future: Windows Defender vs. Norton vs. Malwarebytes: Uncover the strengths and limitations of each superhero in the battle against cyber villains. The War Against Malware: Arm yourself with knowledge on the latest malware trends and the tools to combat them effectively. Guarding Your Cyber Fortress: Explore...

info_outline
Boost Online Privacy: A Cyber Spring Clean show art Boost Online Privacy: A Cyber Spring Clean

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Is your digital realm resembling a messy attic? Files overflowing like forgotten knick-knacks, an inbox resembling a confetti blizzard, and social media feeds choked with digital dust bunnies? Fear not, fellow data denizens, for spring cleaning season has arrived – and this year, we're reclaiming our online peace of mind! But unlike dusting cobwebs and decluttering drawers, taming our digital wilderness requires a different arsenal. Forget brooms and vacuum cleaners – we're talking AI-powered assistants, data-detective hounds, and even a digital shredder for those long-dormant devices...

info_outline
 
More Episodes

Craig discusses one of the security tools he uses and why you should use it too.

For more tech tips, news, and updates, visit - CraigPeterson.com

---

Trojan Malware Targets Trump Supporters

Nmap 7.90 released: New fingerprints, NSE scripts, and Npcap 1.0.0

Tyler Technologies finally paid the ransom to receive the decryption key

5G in the US averages 51Mbps while other countries hit hundreds of megabits

Apple’s T2 security chip has an unfixable flaw

Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance

Android Ransomware Has Picked Up Some Ominous New Trick

---

Automated Machine-Generated Transcript:

Craig Peterson: [00:00:00] Remember everybody, don't open those email attachments.  I'm going to talk about a new tool released out there that if you're involved with security, you probably need it. So here we go.

Hi everybody. Craig Peterson here.

 I want to talk right now about this great tool that I've been using for decades now, I think. It's called Nmap. Now it's something that I cover. In my cybersecurity mastery course, but it's something you can do to learn a lot about yourself online. There are YouTube videos about it and many others. But the idea behind Nmap is to be able to check and see what's on your network and not just what's on your network, it'll also tell you about what that particular device is, and it just does a whole bunch of things for threat management. It'll check ports. Some of this stuff can go so far as to actually try and break into the systems. Now, Nmap isn't designed to do that. It really is using fingerprints to figure out the operating system that's in use, which is really handy.

Particularly for the internet of things devices that might be attached to your network.

This is great for home use, as well.

If you're a little bit of a techie, they have new protocol libraries. They've got payloads. Now that they've added for host discovery, port scanning version detection, which is really important to make sure that you have the latest version of different software on your systems. So you're not running something outdated.

 They've fixed a whole bunch of bugs. They've got some different improvements and code quality improvements. But one of the biggest things is that they're using a new driver for raw packet capturing and sending out on the windows side and the Unix side it's been stable forever, but on the windows side, there's never been a really great way to do this.

There's something called WinPCap, but that driver has not been updated in the last seven or eight years. It doesn't always work on windows 10. It's using deprecated Windows APIs.

I know this is a lot of. TLAs write three-letter acronyms for everybody out there.

But bottom line, there is a new driver that lets software like Nmap send and receive its own packets it creates.

Normally if you are writing just regular old software where you would open a network connection to a server and then speak whatever protocol you wanted to. You would ask the operating system, Hey, open up a TCP session on port 82, this web server, and so on that remote server. Obviously, I had to get them an IP address, ultimately on that far server.

There's a web server and it's listening for requests on port 80. That TCP session requires five packets going back and forth, and then it's established, and then you send your get requests. So it would be like getting space HTTPS slash one dot one or whatever it might be. Whatever version of the HTTP protocol you're trying to use space. then the file you want and the server name. Then the remote server responds. It goes back and forth. There are a lot of packets that are exchanged between your computer and the remote computer, whether it's a web server remotely, or might be a file server remotely could be almost anything remotely.

There's a lot going on if you're trying to do diagnosis on the network, if you're trying to figure stuff out, you want to get down to that level. Really.

Remember I said, though, that the initial TCP session took five packets in order to set it up. That takes quite a bit of time in internet time because those packets have to go back and forth.

Google, in fact, came up with a new version of the protocol that requires less handshaking going on.

Software like Nmap that is going to connect to that web server itself wants to see all of the packets. It does not want the operating system to be sitting there, setting up the connections, and sending the data back and forth. It wants to do it.

 That's the whole idea behind the raw packet capturing and creating is all about. On, the Unix world, which includes Linux, Mac OOS, solarise BSD they've had great packet capture. Code running forever, but this is brand new for Windows. So if you've tried it before and it didn't always work, try it again. Nmap N M A P online, just do a search for it, or you can download it from the Nmap.org, N M A P.org.

As I said, this is one of the tools we teach and answer questions about in my cybersecurity mastery course, because it's just so important. So Nmap is basically a command-line type program, but there's something called Zenmap that you can get as well as right there on the Nmap.org site that gives you a graphical front end.

If you would like to tinker you probably we should grab it and download it. It's already compiled. Although you can get the source code for you can also check signatures, GPG, signatures, and SHA one hash is for the different releases they've got install, guides, everything. They try and make it very easy for you.

The idea is once you have it there on your computer, You can then go ahead and run the latest release, which is right there on the homepage again. Nmap that's November Mike Alpha, Papa N M A P.org. You can just download it from right there and you're off and running. It is very handy.

So you run it against your network. It's gonna come back now and show you a whole bunch of information that you need on your network. So there are penetration testing uses, Nmap defense, of course, uses Nmap. There's a bunch of stuff.  Password audits, vulnerability, scanners, just all kinds of stuff that you can use right there. On the Nmap.org site. This is going to take you off-site.

Now, if you're on a Unix distribution, like a Linux distribution, You can just grab RPMs for your distribution, whatever it might need be. If you're on a Mac, I think brew has it use brew. That's what I use all of the time for managing third-party software. Like this open-source stuff. It'll just download and install it for you, which is really cool.

Use the least concept of least privilege. Which is what you really want to do.

They've got a, they've got a reference guide that's showing you absolutely everything.

There's an SSH service that it discovered on this machine. It's going to tell you which version of SSH it is. It's going to tell you what the operating system is. It's going to give you a key that you can use now to distinctly or uniquely, I should say, I say, identify what it is.

 I'm looking right now at a scan and it's showing me there's an SSH service. That's what I use in order to connect remotely to a computer and do command line stuff. It's showing me that there is an open Apache server, which is a web server. And it even tells me the version it's HTTPD protocol, a 2.2 0.14 running Ubuntu. Very handy stuff, because you can then feed this into other tools to know.

Is it up to date? Do I need to do updates? In fact, this Nmap stuff is used as the basis for the code that uses. Cause we'll use Nmap, it'll do scans, it'll find stuff and create a database. Then we take that database back.

If you have us do an audit for you, for instance, you give us the database. We don't even have to run the software. You just run it. It does all of his scans, puts it in a database. You send the database back to us in a zip file. We run it into a whole bunch of process software that lets us know exactly what's going on and also compares the versions.

Check it out. Nmap. November Mike alpha, Papa dot org. Absolutely valuable tool for everybody.

Hey, we're going to talk about paying ransoms when we get back in and what Tyler technologies did and why. So stick around.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553