loader from loading.io

Trojan Worm Infecting Republicans through Phishing Scam plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Release Date: 10/16/2020

AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Computer Repair, Hunter Biden's Laptop and Scully's Tweet  show art AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Computer Repair, Hunter Biden's Laptop and Scully's Tweet

Craig Peterson - America's Leading Security Coach

Welcome! Good morning, everybody. I was on WTAG this morning with Jim Polito.  We got into a lengthy discussion about Hunter Biden and the legitimacy of the emails and how to tell, also about computer repair shops and then a little about Steve Scully's tweet and his lies about it. Here we go with Jim. For more tech tips, news, and updates visit - ---  Automated Machine Generated Transcript: Craig Peterson: [00:00:00] That is a dead give away and these news agencies such as Fox who have seen both emails, I'm sure dug into it because they said these emails were legitimate because we...

info_outline
AS HEARD ON NH Today WGIR-AM 610: Election Security and Federal Warning about Nation-State Actors accessing Vulnerabilities show art AS HEARD ON NH Today WGIR-AM 610: Election Security and Federal Warning about Nation-State Actors accessing Vulnerabilities

Craig Peterson - America's Leading Security Coach

Welcome, Good Monday morning, everybody. Craig Peterson here. You will find here a different host this morning on NH Today. Jack Heath has moved on to another radio group. I was on with Scott Spradlin. We discussed election security in the light of revelations by the FBI and DHS about Nation-State Actors accessing our election systems through known vulnerabilities. Here we go with Scott.  These and more tech tips, news, and updates visit. -  ---  Automated Machine Generated Transcript: Craig Peterson: How vulnerable are the web pages where these final tallies are as well. So...

info_outline
Trojan Worm Infecting Republicans through Phishing Scam plus more on this Tech Talk with Craig Peterson Podcast show art Trojan Worm Infecting Republicans through Phishing Scam plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses a new Phishing Scam that is targeting Republicans with a legitimate email but that adds an attachment with a nasty trojan payload.   For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hi, everybody. We're going to be talking about some new Trojan malware that targets Trump supporters. Some new tools that are out there. Ransomware being paid by one of the country's biggest online providers right here. Hey everybody. I'm Craig Peterson. Today we are going to with no...

info_outline
Security Tools You Can and Should Use plus more on this Tech Talk with Craig Peterson Podcast show art Security Tools You Can and Should Use plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses one of the security tools he uses and why you should use it too. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Remember everybody, don't open those email attachments.  I'm going to talk about a new tool released out there that if you're involved with security, you probably need it. So here we go. Hi everybody. Craig Peterson here.  I want to talk right now about this great tool that I've been using for decades now, I think. It's called Nmap. Now it's something that I...

info_outline
Ransoming Local and State Governments plus more on this Tech Talk with Craig Peterson Podcast show art Ransoming Local and State Governments plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses why State and Local governments are getting ransomware and who is actually at fault. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hey, Tyler technologies, you might not have heard of them, but you've almost certainly use them. And we'll tell you why they got nailed by these human-operated ransomware pieces that are floating around there as part of phishing expeditions. Here we go. Hey, thanks for joining me. This is Craig Peterson of course. Tyler technologies, you might not...

info_outline
5G Speeds and What is Really going on plus more on this Tech Talk with Craig Peterson Podcast show art 5G Speeds and What is Really going on plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses 5G and explains how it works why what you may have heard about 5G speeds might have a bit misleading. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Are you as excited about five G as I am? I got some good news and I got some bad news and we're going to explain 5g here because five G, isn't five G, isn't five G.  Why is Europe so much faster? Hey everybody. Thanks for tuning in. You're listening to Craig Peterson. five G held open a couple of different promises. One of the big promises of five G was...

info_outline
 Uncovering the Mystery of Disk Encryption plus more on this Tech Talk with Craig Peterson Podcast show art Uncovering the Mystery of Disk Encryption plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig helps to unravel the mystery behind disk encryption and tells you what you need to know. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hey, welcome back in this hour, we are going to be talking about security, hardware, security. You might not be aware of it. we're going to be talking about trusted platforms and hardware, encryption, and keys because this is the only thing that's really going to protect you.  Thanks for listening. I'm Craig Peterson. Let's talk about that security....

info_outline
Apple's T2 Vulnerabilities plus more on this Tech Talk with Craig Peterson Podcast show art Apple's T2 Vulnerabilities plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses the vulnerabilities in Apple's T2 Chip. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hey, if encryption has been really messing you. I'm trying to figure out how do I make these things safe? What is data at rest? What is Data-in-flight? How come we have disc encryption at the hardware level? What does it mean to have a TPM, the T2  what's Apple doing that's what we're talking about right now. Hi everybody. Craig Peterson here. Welcome back. So glad to have you.  I...

info_outline
Using TPM to Secure Windows and Linux Operating Systems plus more on this Tech Talk with Craig Peterson Podcast show art Using TPM to Secure Windows and Linux Operating Systems plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses the uses of TPM in securing Windows and Linux For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] We're going to delve now into the idea behind keeping your data safe on your disks and what are the different regulations about it? Cause there's a few right now that you need to know about. Hi everybody. Welcome back, Craig Peterson  We're talking today, at least this hour about security because of a major security problem that was announced this week, about Apple's security chip,...

info_outline
Business PCI Compliance and Android Ransomware plus more on this Tech Talk with Craig Peterson Podcast show art Business PCI Compliance and Android Ransomware plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses PCI DSS Compliance in businesses and the increasing problem with Android ransomware. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] If you have a business that takes credit cards if you. Ever go into a business or use a business online that takes credit cards. There are some special rules that you need to follow called the PCI standards. We'll talk about it. Hi, welcome back. This is Craig Peterson here. Verizon. I'm not sure if you've seen these before, but Verizon has...

info_outline
 
More Episodes

Craig discusses a new Phishing Scam that is targeting Republicans with a legitimate email but that adds an attachment with a nasty trojan payload.  

For more tech tips, news, and updates, visit - CraigPeterson.com

---

Trojan Malware Targets Trump Supporters

Nmap 7.90 released: New fingerprints, NSE scripts, and Npcap 1.0.0

Tyler Technologies finally paid the ransom to receive the decryption key

5G in the US averages 51Mbps while other countries hit hundreds of megabits

Appleā€™s T2 security chip has an unfixable flaw

Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance

Android Ransomware Has Picked Up Some Ominous New Trick

---

Automated Machine-Generated Transcript:

Craig Peterson: [00:00:00] Hi, everybody. We're going to be talking about some new Trojan malware that targets Trump supporters. Some new tools that are out there. Ransomware being paid by one of the country's biggest online providers right here.

Hey everybody. I'm Craig Peterson. Today we are going to with no exception, get into some of the things that you need to know. Some of the things that you might not really be aware of, you've always wanted to know, but I'm here to explain it to you. This is the sort of stuff I like to do, and I've done pretty well for many years.

So let's get right into this malware.  We've talked about phishing before and for a quick introduction for the rest of you guys, phishing is where someone is trying to get you to do something and they are just trying to trick you into it.

So you might be familiar with some of the old phishing staff, the Nigerian Prince scam nowadays, they've gotten much more sophisticated, try and get you to click on a link to do that something. So they might be phishing so they can put a Bitcoin miner on your computer.

They might be phishing to do something malicious, maybe. very malicious right now. There are some bad guys out there who are phishing Trump supporters. Here's what they're doing.

They're taking legitimate emails that have been sent out by other Trump supporters. Some of these political action committees. That is really single focused on one thing or another, and they'll be supporting a candidate that supports their, so there's these PACs on both sides of the aisle and all the way in between. All right.

The biggest problem, if you ask me about DC is, that's where the money goes and so that's where all the attention goes.

So you're online. You're looking at your email and you see an email that has a subject line that starts with forward. I got to point out in case you weren't aware of it, subject lines that start with forward, like FWD colon, or re R E colon, as in regards to. Those subject lines tend to attract a lot of attention. The only subject line that tracks more attention is if someone has your name in that subject line.

So these emails that are being sent out by, we're not sure who yet have. Forward or re: up in the subject line and, we'll talk a little bit more about what is in that subject line. So there are things like breaking President,  Trump, suspends funding to the WHO that is one of the most common ones they're using right now.

Of course, we're looking at President Trump and he's been calling the world health organization corrupt and seen an email like this would get you to open it. Wouldn't it? You know what, frankly, between you and me, so would people on the other side of the aisle, right? Cause they want to hear what's Trump doing this time.

So the idea, yeah, it is it's political. Another one is an email with a subject line that says stand with Trump again, that's definitely targeted at Republicans who want to open it because they want to stand with President Trump. And they're also using something called display name spoofing.

If you look at emails, you receive, you'll see, it says it's from so and so. Well, that's not necessarily who it's actually from there's some spoofing you can do there and a lot of these guys are doing it. There are ways to block phishing. Phishing, by the way, it's used a lot by ransomware. That's not what this is. We'll get into what this is exactly a minute.

But you've got to have some really great stuff in place. Hey, if you're interested in it. our friend of mine, Guy, he had sent me a thing on LinkedIn this week about that's a really great little ransomware checklist. It goes through the basics of what you should be doing to protect yourself against ransomware.

And if you want me to. I'll dig it up for you and send it off. Just email me@craigpeterson.com and in the subject line put ransomware.  I'll notice that.  I will, I'll send it to you. Just send it to me@craigpeterson.com. And it's a great little checklist on ransomware, and it's telling you should be doing things if you are a system administrator like looking for specially signed DNS records and other things that are going to help identify the reality of who they're talking to. Very important. DMark is one of those types of tools.

Now they are also using hijacked legitimate, the email addresses, and they'll use those to send out these emails. So they'll take an email from a PAX, a legitimate email. They will forward it, quote-unquote to you. It looks like a foreword for all intents and purposes. It is, and it has all of the links in it that the original email had and all of those links, some, the original email will work and they'll take you to the places that you expect to go to. The problem with this one is that they have a word document attached. Not that having a word document attached isn't necessarily a huge problem. We've had problems in the past where it was effectively a drive-by download. Sometimes you did not even have to open the email in order to get the infection nowadays unless you have very out of date software nowadays, you do have to open it.

So if you get that email, you click on the attachment. You open the attachment. That's when the real pain starts, because inside that attachment is a Microsoft word document that has something inside of it called the downloader. So you open up that document down comes EmoTet and once Emotet is on your system, that's when it all hits the fan.

What happens with EmoTet is really nasty. It starts to try and spread within your network. It scans for open services. I'm looking at a whole chart here on EmoTet which is known as S zero three six seven. It'll start to scan ports on all of the systems on your network, on your own system. It uses the most common ports that you might think of port 80, 80, 84, 43.

In one instance, it has used. port four, four, five, which is an SMB exploitation. SMB is windows file sharing. So it uses a number of different types of attacks here to go after services that are available on your network, on your computer, and on your network. And then it spreads laterally and it starts to scan other machines.

This is where EmoTet is different than some of the others. It acts like a worm. And that's the very first piece of malware I had. That's what got me going on cybersecurity. Cause back then, I'm pretty much, nobody had even heard of a worm before.

What a worm is for those that don't know. Is it some piece of software that gets onto one computer and tries to crawl through other computers all the way out?

Now you can see where the problem comes in because it now will try using all of these different protocols, try and get onto another computer. Now we can get on another computer as simple as getting onto your file server.

Are you using the VPN in your business operation? A lot of our people are at home. This is one of the real dangers of VPNs. VPNs do not make you safer. Don't think that they make you safer because in almost no cases, do they help with the safety. What's gonna happen with the VPN, if you're connected, is something like EmoTet or some of these others that spread like worms are going to try and crawl through your VPN to the other side.

 You say, Oh, we've got a firewall quote, unquote, in the other side, We've got a SonicWall, we've got whatever it might be.

Is that configured to stop a worm from crawling through and getting into other machines? And you might say, Yes. Yes, of course, it is. We block out all other servers that user at home only has access to the file server and their own computer acting as a file server isn't that just hunky Dory. The problem is it has access to the file server. Your typical ransomware even is going to start pulling files off of the file server, sending them over to Eastern Europe for examination to see if they can use it for extortion or to see if they want to use it for ransom, just hold the encrypted and hold your data ransom. All of that stuff can happen over your VPN. Just as if you're sitting there locally at the office.

Remember that you've got to have all of your security, not just in the office, not just maybe at the edge of the firewall, but everywhere.

We're setting up systems now, that one packet will be examined five times as it flows through different firewalls within the organization. So that someone who's sitting there working on something is going to have to go in and out of firewalls just to get to that server.

It's not just the packets that are examined nowadays. We're talking about having the data examined, completely reassembling the streams, and looking at it and looking at it all very closely.

Hey, you're listening to Craig Peterson stick around because we will be right back.  We're going to be talking about a new scanning tool release and what that's all about. So stick around.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553