Welcome!
Craig discusses Why hackers have resorted to Cybersquatting to ply their trades. Listen in to find out.
For more tech tips, news, and updates visit – CraigPeterson.com
—
Read More:
iOS 13.7 launched today with a new system for battling the pandemic
Hackers are exploiting a critical flaw affecting >350,000 WordPress sites
The accidental notary: Apple approves notorious malware to run on Macs
Most IoT Hardware Dangerously Easy to Crack
55% of Cybersquatted Domains are Malicious or Potentially Fraudulent
Feds Can’t Ask Google for Every Phone in a 100-meter Radius, Court Says
The Hidden Cost of Losing Security Talent
—
Automated Machine-Generated Transcript:
Craig Peterson: [00:00:00] Hey, how good are you at spelling and or typing? If you’re like the rest of America, in fact, around the world, you may not be the best at either one of them. You know what the bad guys are taking advantage of that.
Hey everybody. Craig Peterson here. Thanks for joining us today. I have had a busy week as we’ve been answering emails, getting the new website ready to go up and it’s just been absolutely crazy.
We’ve got more training coming out too. More training on the website and emails. We’re going to be sending you these little two to three minutes to read emails. That’ll keep you up to date on things. The number one thing that I hear comments on listeners is they really appreciate the little bit of learning that they get from the radio show and my appearances on the radio and everything else on with Matt in the morning on, of course, Wednesday mornings about seven 30, but that seems to be the number one thing and including the email.
I’m going to do more of it. You asked for it, you’re going to get it. We’re going to do more of all of that. The training, keeping it simple, helping you out. We’ll be doing some, some webinars stuff. Just all the way across the board. Yeah. Because we have some serious problems out there and it’s getting worse and worse. And I don’t see it getting any better.
We just got news of another hack that happened. and it happened over on the Biden campaign. Man alive. It wasn’t a hack-hack. What’s a hack, I don’t know. It’s hard to say what a hack is nowadays because frankly, I count ransomware as a hack. It’s something that somebody did that they weren’t supposed to do, that they shouldn’t have done, et cetera. That’s a hack and that’s what just happened to the Biden campaign.
Apparently the Kremlin hit about 200 political targets, including a key Biden campaign Alie. Apparently this hacking attempt was caught by Microsoft. Most of them are not, and they were able to gather some information about hackers. Microsoft was able to link them to the Kremlin as the most likely suspect.
And they were able to take all of that evidence and give it over to the FBI. So good for them. We had that happened last time too, remember Hillary Clinton’s campaign. It happened exactly the same way for years later, Democrats again, the same way. Remember that whole thing, the DNC emails now turns out it was probably the Russian hackers that managed to get them and leaked all of those emails online ahead of the 2016 presidential election.
They really want to shake things up. Obviously they don’t want Trump. Trump’s been very hard on them, harder than president Biden. Would be certainly harder than President Obama ever was. Trump’s been very hard in Russia and very hard on China. They just want to really stir things up in a very big way.
They apparently the Russians attempted to breach the systems at this Washington based strategy and communications firm called S K D K or S K D Knickerbocker whose been working for very hand in glove with Joe Biden’s campaign, according to the daily beast. These attacks took place over the past two months. Ultimately they were unsuccessful. So that’s really good news here. So maybe they did learn something from the last hack. This is the same method that was used back in 2016 to gain access to a very high, official, if you will, within the Hillary Clinton campaign.
So here we go. Apparently this firm is “well defended.” So there’s been no breach. We’ll see how that happens.
We just had an instance this week. In fact, a company that we helped out a little bit, we moved them from just regular consumer network gear. We moved them up to some semi-professional network gear for their small business and it looks like they might actually have some contacts with the department of defense.
And DOD is very particular about your security. I hope the Biden campaign is too. Cause this wasn’t directly against the Biden campaign. This was against a consulting firm that they were working with.
I want to remind everybody. These types of hacks for lack of a better term are typically phishing events. They’ll send an email that looks legitimate and is a very simple plea asking for some information. In the April or March timeframes, actually, we usually see that email is going around talking about, Oh, and the W2 information, 10 99 information and pretending to be the CFO or the accountant, et cetera.
Now, this isn’t the first time Microsoft has sorted the suspected Russian government hacking, and we’ve thrown to them many times for our clients as well, including in emails. Apparently, that’s what this was. This was an email. This was a phishing email designed to try and get somebody to click on a link or answer a question.
Microsoft’s saying they’ve identified over 120 new targets of the Kremlin’s cyber spying. They have found them out apparently by suing the notorious hacker group known as Fancy bear. That’s the group over there in Russia that is run out of the Kremlin. Microsoft’s saying their legal actions led to the seizure of 70 command and control servers.
Now, this is where I talked again on my show here a few weeks ago. This is where your home computer comes in. This is where your small business computer or even your large business computer comes in. And that is they will compromise it. They will install some software on it that allows them to remotely control it and then use your computer to send out these phishing emails, to send out emails that have attached to them either directly or indirectly, ransomware, et cetera.
We just had a big ransomware thing just this week as well. I don’t know if you heard about this one. But my gosh it’s just happened, but again and again, this particular one. Hit this massive a company called Equinix, I should say. Equinix runs all kinds of data centers for businesses.
Now it’s saying that this ransomware hit their internal systems and what it did is exactly what I’ve been warning you guys about. It doesn’t just take a hold of your computer and encrypt all of the data. no. What this did is it grabbed the data. It could get its hands on Equinix’s internal computers and sent it up to the bad guy’s computer. So they now had copies of some or all of their data. And then it does the encryption trick. Now Equinix is saying that their data is centers and service offerings, including their managed services, are fully operational.
Now knock on wood. My company has never had this happen to us. but again, we’re smaller. We use much better software than most companies out there.
We don’t have all of the details on this, but this is a very big deal. Equinix is publicly-traded. The company traded on the NASDAQ stock exchange. It has around 8,000 employees. It just bought 13 more data centers. This is really something. And by the way, bought them for $750 million, three-quarters of a billion. So this is a big company and it happens to them. It can happen to you.
I started all of this out by asking if you were a good speller and how good a typer you are? There’s another way the bad guys get to you. We’ve been talking right now about phishing and phishing sites.
We were talking about how phishing is being used to get you to go to a website. oftentimes that URL that you’re going to will look almost legitimate. It might be instead of microsoft.com, it might be Microsoft dot something else, or it might be a misspelling or a common typo for the URL for that website that you’re trying to go to.
Apple, PayPal, banks are being targeted by cyber squatters. Now they’re taking advantage of the pandemic according to a study that just came out. In a single month, cybersquatters have registered almost 14,000 domain names. More than half of them went on to host malicious software. That is a very big deal.
That’s according to Palo Alto networks, and that is being quoted in Dark Reading. But what these cybersquatters are up to is that they put up a website that has a URL that’s very similar to a legitimate URL out there. When you go there, they are going to try and trick you into doing something. Now, the study says that basically 55% of these Cybersquatter domains are malicious or potentially fraudulent.
So it’s not like somebody buying a domain saying, I’m going to, I’m going to buy it, Apple tart, because people type that in by accident when they’re trying to go to Apple and maybe I can get Apple to buy it from me, or maybe I can use it as a parody site, et cetera. No. they are leading to malicious content more than 70% of the time.
So be very careful about the brand. A good example that they’ve done that has been shut down recently is secure dash Wells Fargo. This is a domain using the Wells Fargo brand, targeting the bank’s customers and getting them to click through and use phishing to steal sensitive information. Be very careful when you’re out there typing things in or clicking on links, because many of them, it turns out 50-55% of them are malicious and 70% of them are trying to fake you into giving up your own personal information.
Hey coming back. We’ve got a very interesting little article by Timothy Lee here in ARS Technica about a court order against the feds and local police departments. So we’ll tell you about that. When we get back.
Stick around, you’re listening to Craig Peterson right here on WGAN and Wednesday mornings at seven 30 with Matt.
—
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text:
855-385-5553
