Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:00
Cyber Security today is brought to you
0:02
by the generous support of our sponsor
0:04
boasts around security. You. Can get
0:06
their twenty Twenty Four State of Cyber
0:08
Security were to support at both Iran
0:10
security.com and is a link you can
0:12
follow in the show. Notes: Security.
0:17
Controversy over a new Microsoft
0:19
tool and new open source
0:22
threat Intelligence service and more.
0:24
wagon. The Cyber Security Today
0:26
is Monday, May twenty seventh.
0:29
Twenty funny for I'm Howard
0:31
Solomon, contributing reporter on Cyber
0:33
Security for Tech News day.com.
0:39
It's Memorial Day in the
0:41
Us to Us listeners. Thanks.
0:44
For tuning in and I hope you're having
0:46
a great weekend. As.
0:48
You can tell by my voice I was
0:50
a bit under the weather when this podcast
0:53
was recorded. There's.
0:55
Controversy about a proposed Windows
0:57
tool Microsoft announced last week.
0:59
It's. Called recall. It's.
1:02
An option for computers using
1:04
Microsoft Copilot a I chat
1:06
bot. It takes periodic snapshots
1:08
of users screens so they
1:10
can recall or search for
1:13
something that they might have
1:15
seen but can't remember where.
1:17
As outlined in an article by Dark
1:20
Reading. Recall. Stores
1:22
data encrypted on individuals
1:24
pcs, Windows, Administrators
1:26
can disable recall in a
1:29
group or mobile Device management
1:31
policy. Although. The data
1:33
is encrypted. The risk he that
1:35
information stored by recall will be
1:38
a target for hackers because it
1:40
could save screenshots of passwords and
1:42
other sensitive data. On
1:44
the other hand, many I T
1:47
administrators already use I T behavior
1:49
or monitoring applications that also kept
1:52
your keystrokes and other actions of
1:54
employees. That. Could also be found
1:56
by hackers. Those. Applications
1:58
however. me. Have better security
2:01
than recall. I. D
2:03
Administrators or have to think
2:05
carefully about using recall. The.
2:09
Open Source Security Foundation has
2:11
started an Open Source Threat
2:14
Intelligence mailing list for developers.
2:17
Called. Siren. It's.
2:19
A secure environment for sharing
2:21
tactics, techniques, procedures, and indicators
2:24
of compromise. List
2:26
members will get email notifications about
2:29
emerging threats which may be relevant
2:31
to software projects that use open
2:33
source components. Your. Highness
2:35
All rest of the Sands Institute
2:38
notes that the best threat intelligence
2:40
comes from appears in your area
2:42
as interest and not from commercial
2:45
threat intel sources. I.
2:48
T Administrators who oversee courtroom
2:50
technologies should note the following:
2:53
A serious vulnerability has been
2:56
sound in Justice. Eady Solutions
2:58
Digital Audio Visual Recording Software.
3:02
According. To researchers at Rapid seven.
3:04
You need to be on version
3:07
Eight Point three aid of a
3:09
J A vs as you are.
3:12
An earlier version has been compromised
3:14
with malware. Beware.
3:17
Of Sake anti virus website set
3:20
up by Crux. According
3:22
to researchers that collects there are
3:24
phoney web sites pretending to be
3:26
a vast did defender. Malware
3:28
bytes and collects. The
3:30
goal is to trek consumers into
3:32
downloading what they think is free
3:35
or trial security software. Instead.
3:38
They install malware that
3:40
records keystrokes that uses
3:42
hunters like passwords. Copies.
3:44
Data installs a coin miner, or
3:47
does other nasty things. Unfortunately,
3:49
the internet has no way of
3:51
presenting threat actors from creating look
3:53
alike web sites using a company's
3:55
name unless the company has previously
3:57
registered the U R L. So.
4:00
Oh. Don't be fooled if
4:02
you get an email or text message purporting
4:05
to be from any brand name from. And
4:07
if you're using a search engine
4:10
to find a don't automatically click
4:12
on the first return, especially if
4:14
it's labeled sponsored or advertisement. Always.
4:17
Double check on links before clicking
4:20
on them. And. Also, beware
4:22
of sake web sites offering the
4:24
new Windows version of the Ark
4:27
browser. Researchers. That
4:29
malware bytes say victims Using their search
4:31
engine and looking for the Ark browser
4:33
may be tracked if they click on
4:35
the first link they see. Sake!
4:38
Returns list the real
4:40
art browsers website. But.
4:43
What victims click on is not
4:45
that you Rl. It's a
4:47
sake, you are al within the ad.
4:50
Again, if a search result is tagged,
4:52
sponsored or advertiser, he could be a
4:55
phony. In.
4:57
January voters in New Hampshire received
4:59
automated phone calls that sounded like
5:01
President Biden telling them there was
5:04
no need to vote in the
5:06
state's primary election. The.
5:08
Man behind the scam was
5:10
charged last week with sell
5:12
any voter suppression and misdemeanor impersonating
5:14
a candidate. On. Top
5:17
of that, the Federal Communications Commission
5:19
has recommended he pay a six
5:21
million dollar sign. The.
5:23
Telecom Company than actually transmitted the
5:26
phone calls has also been charged
5:28
by the Fcc with violating regulations.
5:32
And finally, Google has issued another
5:34
security update this month for the
5:36
Chrome browser. Windows, And
5:38
Mac users who beyond a version that
5:41
starts with one twenty five. And
5:43
Nz in one, one, three. That's
5:47
it for now. Links to
5:49
details about news mentioned in
5:51
this podcast episode or in
5:53
the text version Ad Tech
5:55
News day.com Follow Cyber Security
5:57
Today on Apple Podcasts the
5:59
modify for at Us to
6:01
your flash briefing on your
6:03
smart speaker. Thanks
6:06
for listening. I'm Howard Solomon.
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More