Firewalls Don't Stop Dragons Podcast

How to Keep Ransomware at Bay

Listen Later

Just when you thought it couldn’t get worse, the bad guys say “hold my beer”. The REvil gang has managed to pull off what appears to be the biggest ransomware infection ever through a clever supply chain attack on a company you’ve never heard of called Kaseya. Kaseya is what we call a Managed Service Provider, or MSP. They manage software and IT functions for lots of small-to-medium sized businesses, so that those companies don’t have to. But this also gives MSP’s a very privileged security position, making it a prime target for bad guys wanting to infect a lot of companies with a single hack. Today I’ll catch you up on this ongoing horror show and give you some tips on how to avoid becoming a ransomware victim yourself.

In other news: Kaspersky Password Manager (KPM) was found to have a bad bug making its generated passwords a lot easier to crack; I’ll tell you about how some Brazilian iPhone thieves came up with a clever way to hack your accounts; Google has delayed FLoC and blocking of third-party cookies for at least two years; a Microsoft exec tells the US Congress about how law enforcement and intelligence agencies make thousands of gag-order-restricted demands for data every year; a research group discovers that an old cell phone encryption standard was intentionally weakened to allow easier cracking; Microsoft’s PrintNightmare bug is still not fully patched and the back story is a comedy of errors; and with hurricane season upon us, I’ll point you to some great tips on preparing for power outages.

Article Links
  • A popular password manager screwed up, but there’s an easy fix https://mashable.com/article/kaspersky-password-manager-security-bug 
  • Brazilian iPhone thieves demonstrate importance of responsible password practices https://appleinsider.com/articles/21/07/07/brazilian-iphone-thieves-demonstrate-importance-of-responsible-password-practices 
  • Why Google Can’t Bring Itself to Make the Internet Respect Your Privacy https://www.inc.com/jason-aten/why-google-cant-bring-itself-to-make-internet-respect-your-privacy.html 
  • Microsoft exec: Targeting of Americans’ records ‘routine’ https://apnews.com/article/government-and-politics-technology-business-ed50baf4ffb09ca50cda9b8a262c54ad 
  • Bombshell Report Finds Phone Network Encryption Was Deliberately Weakened https://www.vice.com/en/article/4avnan/bombshell-report-finds-phone-network-encryption-was-deliberately-weakened 
  • PrintNightmare official patch is out – update now? https://nakedsecurity.sophos.com/2021/07/07/printnightmare-official-patch-is-out-update-now/ 
  • Up to 1,500 businesses infected in one of the worst ransomware attacks ever https://arstechnica.com/gadgets/2021/07/up-to-1500-businesses-infected-in-one-of-the-worst-ransomware-attacks-ever/ 
    • Further Info
    • Microsoft PrintNightmare patch: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527 
    • CISA, FBI share guidance for victims of Kaseya ransomware attack https://www.bleepingcomputer.com/news/security/cisa-fbi-share-guidance-for-victims-of-kaseya-ransomware-attack/ 
    • Ransomware Defense: Top 5 Things to Do Right Now https://threatpost.com/ransomware-defense-top-5-tips/167536/ 
    • How to prepare for a power outage: https://firewallsdontstopdragons.com/how-to-prepare-for-power-outage/ 
    • How to safely download software: https://firewallsdontstopdragons.com/how-to-safely-download-software/ 
    • Sign up for the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/ 
    • Become a Patron! https://www.patreon.com/FirewallsDontStopDragons 
    • Would you like me to speak to your group about security and/privacy? http://bit.ly/Firewalls-Speaker
    • Generate secure passphrases! https://d20key.com/#/ 
      • ...more
      View all episodesView all episodes
      Download on the App Store
      Firewalls Don't Stop Dragons PodcastBy Carey Parker
      • 4.9
      • 4.9
      • 4.9
      • 4.9
      • 4.9

      4.9

      64 ratings

      More shows like Firewalls Don't Stop Dragons Podcast

      View all
      Freakonomics Radio by Freakonomics Radio + Stitcher

      Freakonomics Radio

      32,005 Listeners

      WSJ What’s News by The Wall Street Journal

      WSJ What’s News

      4,339 Listeners

      Making Sense with Sam Harris by Sam Harris

      Making Sense with Sam Harris

      26,327 Listeners

      Security Now (Audio) by TWiT

      Security Now (Audio)

      2,010 Listeners

      Risky Business by Patrick Gray

      Risky Business

      372 Listeners

      Click Here by Recorded Future News

      Click Here

      418 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      8,046 Listeners

      Your Undivided Attention by The Center for Humane Technology, Tristan Harris, Daniel Barcay and Aza Raskin

      Your Undivided Attention

      1,603 Listeners

      Techlore Surveillance Report by Techlore

      Techlore Surveillance Report

      105 Listeners

      The Ancients by History Hit

      The Ancients

      3,282 Listeners

      Hard Fork by The New York Times

      Hard Fork

      5,511 Listeners

      The Rest Is History by Goalhanger

      The Rest Is History

      15,271 Listeners

      Closed Network Privacy Podcast by Simon Walsh

      Closed Network Privacy Podcast

      20 Listeners

      The Peter Zeihan Podcast Series by Peter Zeihan

      The Peter Zeihan Podcast Series

      401 Listeners

      The 404 Media Podcast by 404 Media

      The 404 Media Podcast

      386 Listeners