October 11, 2021 • 28 mins
Welcome to the Security Chipmunks podcast where we talk about the development of cybersecurity skills. To stay up to date in today's world you need to be resilient, that’s why as Advanced Persistent Chipmunks we keep chipping away at it.
Cybersecurity Awareness Month
https://www.cisa.gov/cybersecurity-awareness-month
Twitch Suffers Data Breach Divulging How Much revenue Its Biggest Streamers Make
Epik Breach
https://techcrunch.com/2021/09/17/epik-website-bug-hacked/
https://en.wikipedia.org/wiki/2021_Epik_data_breach
https://www.dailydot.com/debug/anonymous-new-epik-leak/
Deep dive Facebook Outage
https://blog.cloudflare.com/october-2021-facebook-outage/
Goodbye Https Everywhere
https://www.eff.org/deeplinks/2021/09/https-actually-everywhere
uBlock Origin
https://github.com/gorhill/uBlock
Library Extension
https://www.libraryextension.com/
Azure Network Security Dashboard
https://techcommunity.microsoft.com/t5/azure-network-security/introducing-the-network-security-dashboard-for-azure-security/ba-p/2779842
Socials
- Join our Chipmunk community Discord server: https://discord.gg/9yfWP6evYQ
- Follow us on Twitter: https://twitter.com/SecChipmunk
- You can find us online at: https://securitychipmunks.com
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Unknown (00:01):
Thank you.
Edna Jonsson (00:05):
Welcome to Security Chipmunks Podcast.
My name is Meg Sedna-Johnson,and I'm here with my co-hosts,
Neil Smalley and PatrickLowther.
Say hello, Neil.
Neil Smalley (00:17):
Hello, Neil.
Edna Jonsson (00:19):
And hello, Patrick.
Patrick Lowther (00:21):
Hey, guys.
How's it going?
Edna Jonsson (00:23):
Very good.
How are you?
Patrick Lowther (00:24):
Doing good.
I love the dad jokes.
I love them.
Edna Jonsson (00:34):
You haven't said one yet.
Well,
Patrick Lowther (00:38):
I think that's what we'll do now.
Neil and I will just kind ofalternate them.
Sounds good to me.
Edna Jonsson (00:47):
You're going to share the dad jokes?
Patrick Lowther (00:50):
Yeah, just spread them around.
Spread the wealth.
There you
Edna Jonsson (00:54):
go.
So, I don't know if you noticedor knew this, but it is
Cybersecurity Awareness Month.
And I heard somebody say thatit is now a cybersecurity advent
calendar.
Facebook went down.
Yeah, Facebook.
Patrick Lowther (01:17):
So far, it's been a very interesting week,
hasn't it?
Seven days in, and this ain'tlooking so hot.
Edna Jonsson (01:32):
Yep, and then Twitch went down.
Well, It didn't go down.
Sorry.
It got hacked.
It's still up.
but somebody else has all ofthe data that was a big big hack
too
Patrick Lowther (01:49):
yeah yeah it's kind of interesting like I
started kind of going through alittle bit of the breach like on
some of the sites that I postedon and there's a lot of stuff
in there I'm like whoa so whoknows if it's all accurate or up
to date or what but
Edna Jonsson (02:10):
yeah well one thing that I found interesting
They had how much they werepaying people for streaming on
that platform.
And the top 80 streamers onTwitch all make a million
dollars or more a year just forstreaming.
(02:30):
I was blown away by that.
Neil Smalley (02:33):
Cybersecurity chipmunk streams when?
Patrick Lowther (02:37):
Exactly.
Yeah.
Our goal, we'll shoot for top150, and we'll split half a
million a month somehow, guys.
We'll do that.
Edna Jonsson (02:54):
We'll figure it out.
Neil Smalley (02:57):
Sounds good.
Edna Jonsson (03:00):
Yeah, so also was linked to their entire code
base.
So they involuntarily becameopen sourced.
And also all of their red teamtoolings and the tools that
allows them to pick up things inhacks to grab their code and
(03:23):
stuff.
So their tools for grabbingcode that gets leaked was a lot.
also leaked.
Neil Smalley (03:32):
Yeah, like the stuff that scans for secrets and
stuff that shouldn't be out inpublic and whatnot.
I think we talked about that alittle bit last episode with the
GitHub secrets stuff.
Patrick Lowther (03:44):
Yeah, we did.
Do you think their toolingfired off when this latest stuff
was posted?
Edna Jonsson (03:53):
That's a good question.
It
Neil Smalley (03:54):
depends on if they are monitoring the places that
things like this could post likewell this particular in
particular was posted on 4chanso I guess it depends on if
they're monitoring 4chan or notbut
Patrick Lowther (04:09):
do you think well I mean I haven't had a
chance to break down into thetools yet but I know a lot of
people they have custom toolingto monitor like their github and
like their git repositories forthings like that so I'm
wondering if that's kind of likewhat the tooling's meant for
Neil Smalley (04:29):
I think it's meant more towards that.
I know there are supposedlysome threat feeds that claim to
monitor things like 4chan orcertain dark web forums and not,
but that's a whole other ballof wax.
Edna Jonsson (04:45):
It's a good stuff.
Neil Smalley (04:47):
Well, aside from Twitch employees having to deal
with it.
Edna Jonsson (04:53):
Yeah, it's high alert days there for sure.
Neil Smalley (04:58):
Speaking of hack Are
Edna Jonsson (05:00):
we talking about the Russian hackers and the Iowa
Brain Cooperative?
Neil Smalley (05:05):
I'm talking about the Epic Breach.
Edna Jonsson (05:08):
Oh, yes, the Epic Breach.
There's too many hacks, Neil.
Neil Smalley (05:14):
There's just too many.
There's been a bunch.
Edna Jonsson (05:16):
Yes.
You can't just say the hack andexpect me to know which one
you're talking about.
Neil Smalley (05:22):
There was a book that I was starting to read.
I think it's like Cyber Crisisor something by Eric Cole.
He was talking about like Iguess he regularly talks to like
news people or reporters orwhatnot and they don't care
unless it's like over so manyhundred thousand people affected
these days because there's likeso many of these days that
(05:43):
people pay attention news cyclewise unless it's like a huge
number.
And even then it's like onlylast like a day or so.
The overwhelm is real.
Patrick Lowther (05:52):
That reminds me of dealing with HIPAA
guidelines for reporting somesecurity breach involving HIPAA
data.
You could get away with so manyrecords per breach without
having to report to the OCR oranybody like that.
(06:13):
I'm like, that seems kind ofshady.
Just
Neil Smalley (06:17):
a little bit.
Patrick Lowther (06:18):
We've only lost five less than the number we're
required to report, so we'regood.
Neil Smalley (06:27):
Yeah, you kind of wonder if people smudge that
number just just a tad like ohwe lost one of our things we
don't know if it got stolen
Patrick Lowther (06:36):
or not well so it's funny like in the HIPAA
world even with a lost like alost laptop you have to still
declare that to like your statereporting body and then say yes
we had these safeguards in placeso things like you know full
(06:59):
disk encryption and all thatgood stuff so
Neil Smalley (07:02):
that uh confidentiality of the cia triad
Patrick Lowther (07:06):
exactly
Neil Smalley (07:08):
yeah it was interesting i had somebody ask
me like uh so encryption what'sthe most important thing i need
to know i'm like well thequickest thing that will be
useful to you for schoolpurposes is going to be like cia
triad like if you know whatyou're trying to do then that'll
help you know what you want tobe using and so i think the cia
triad really kind of coverscovers that.
Patrick Lowther (07:33):
It's kind of interesting.
As I was going through learningabout that for studying for the
SecPlus and the various CompTIAcerts, you kind of think, when
am I ever going to really usethis?
But where that really comesdown to helping you out is when
(07:54):
you have to take that and relateit to either employees that
aren't technical or, uh, Clevels, you know, or like even
like in your job, as you goabout like supporting people,
you know, you can kind ofexplain why you're making things
happen for them.
(08:14):
Um, so it's, it's kind ofinteresting that we came up on
this subject because, um, I wasactually just talking about the
CIA triad, uh, triangle andstuff like that with, uh, a
co-worker.
Neil's leveraging the Facebookdown to use the listening to
(08:40):
listen on me there.
I guess so.
Good intelligence.
Ad data.
Neil Smalley (08:50):
It's all interconnected now.
Do you have Amazon's new droneand robot in your house now,
Patrick?
No, I do not.
Okay.
Yeah.
Cause that would make life alot easier for me.
Edna Jonsson (09:05):
Do you want to hack him?
No,
Neil Smalley (09:08):
I'm just saying instead of like doing the, the
IntelliSense ad stuff, you coulddo the, the, uh, the ring
connected, uh, drone thatAmazon's coming out with.
And then it also has likebasically a Amazon show on
wheels.
So it just a greater, an evengreater, uh, surveillance
(09:32):
network that's now available toAmazon.
I was going to hack it so hecan trip me down the stairs with
it.
Somehow, I don't think I wouldneed a robot to do
Patrick Lowther (09:48):
that.
Between my dogs and the robot,I'm down for it.
Pretty much.
Edna Jonsson (09:55):
I'm going to pivot back to the Epic Reach.
For those that are notfamiliar, Epic was a web hosting
company and also domainregistrar.
And it was very heavily used bythe far right, neo-Nazis and
(10:16):
extremists in that regard.
So some of their customers havebeen Gab, Parlers, 8chan, and
the Oath Keepers.
And so this data breach was...
they didn't have very goodcybersecurity policies in place
because their data was just inplain text, completely available
(10:38):
to everybody to see once theygot it.
And when the hack washappening, the CEO of Epic, Rob
Monster, he was going on, goinginto prayer.
He was saying that like, If youread the data, then you're
(11:05):
going to be cursed.
So all of the data that ishacked will be cursed.
The drives will burst intoflames, so all kinds of stuff
like that.
The group behind this hack isinteresting.
They were called hackers onEstradiol.
And so if you know aboutEstradiol, you kind of know what
(11:27):
that group might So it's...
I don't know.
I thought it was interesting.
Patrick Lowther (11:36):
You know, it's kind of funny that we're talking
about this.
Did you know that Rob Monsteris the cousin of Rob Zombie?
Edna Jonsson (11:47):
No.
Patrick Lowther (11:49):
I'm just messing, but...
There's my dad joke.
Oh, no.
Neil Smalley (12:00):
Oh, no.
Edna Jonsson (12:00):
It's like, what?
Neil Smalley (12:03):
Good egg delivery, too.
Just on par with my dad jokeseverywhere.
Edna Jonsson (12:12):
so it's really good to be able to know what's
happening in cyber security stayup to date so you can talk with
your customers about it andexplain to them why certain
procedures are important so youcan share like oh this happened
(12:32):
to Facebook this happened toTwitch or this happened to
another company I don't knowthese stories are good to know
about so you can educate yourcustomers about it.
Neil Smalley (12:47):
Yeah, that's why I like things like case studies
on companies' websites.
It makes it easy for me to goand then give an example to
people who are like, what can Iactually do with this?
Or what might this actuallyhelp me with?
Edna Jonsson (13:02):
Yes.
Patrick Lowther (13:03):
So on the same theme of keeping up to date on
the events so you can relate itto everybody, do you guys...
follow like any of the postdata mess ups like say
Cloudflare had a pretty good BGPwrite up on what happened with
(13:24):
Facebook and where theytheorized happened and then
Facebook came out with like afluff piece we'll say about what
happened with their data andhow they dropped the routes and
everything like that do you guyskeep up on those like the deep
dive analysis or anything
Neil Smalley (13:41):
a little bit I glanced at the Cloudflare one I
was probably most interested injust watching the uh
visualizations of their BGProutes disappearing off the
interwebs?
Edna Jonsson (13:53):
I will admit that I have that open as a tab on my
Chrome browser.
I intend to read it.
I have not gotten to it yet.
But I do sometimes jump intoreading the deep dives into
incidents.
Patrick Lowther (14:13):
I always love the deep dive stuff because I'm
an engineering...
person by nature.
I love knowing nitty-grittydetails on how something works
and what cascading failurehappened because of this, this,
and this and what steps they'regoing to take to re-engineer the
process to resolve it.
I'm always a big fan of thathappening.
Neil Smalley (14:39):
I actually have a few more books for my reading
list now thanks to that I've gotthe one with the mountain goat,
I think.
The Riley one with the mountaingoat.
I think it's just plain oldBGP.
And then I've got another...
(15:00):
Another one on Q as well.
That's just like DNS in generaland really digs into that
stuff.
So I'm planning to dig a littlebit deeper on my understanding
on that stuff.
It's definitely good stuff tolearn about.
Edna Jonsson (15:26):
For sure.
Neil Smalley (15:27):
Of course, the BGP book, a lot of the BGP books
that are available seem a bitdated, but I'm not sure how much
actually has changed since the2000s.
Yeah,
Patrick Lowther (15:43):
BGP's been around for a long time, but I
mean, it's one of those thingskind of like, if it ain't broke,
don't fix it.
But obviously in this case,it's kind of maybe broken.
Neil Smalley (15:55):
I guess it's probably not technically a code
It's probably like a gazelle orsomething on the cover.
I don't know.
I know a little bit about abunch of animals, but I'm not
familiar with all the differentcovers, but it looks like some
sort of long-horned safarianimal.
Anyway, it came out in 2002, sothere's probably some stuff
(16:15):
that could be better served byreading some of the more current
Cisco.
There's quite a few differentCisco ones to read, but for a
good an overview.
The O'Reilly stuff is prettygood.
Patrick Lowther (16:30):
Yeah, I actually really like O'Reilly
books.
So when I was coming up as atechnical person, I usually
picked up a nice hard copy ofwhatever I was trying to learn
at the time.
So I still have my PHP O'Reillybook, my Asterix, which has the
(16:52):
starfish on the cover.
Neil Smalley (16:54):
There you
Patrick Lowther (16:55):
go.
Yeah.
Network Warrior is probably byfar the most used O'Reilly book
I've ever used.
Neil Smalley (17:05):
It's on my reading list.
It's also on my shelf.
But I'm studying more of thestuff I need directly for the
test at the moment.
But it's definitely on my to-dolist.
Patrick Lowther (17:16):
There's actually, as we talk about it,
Humble Bundle has a pretty goodops bundle, like cybersecurity
and ops, um, humble bundle fromO'Reilly.
So it has things like Jenkins,Prometheus, uh, Kubernetes, uh,
(17:37):
database reliability stuff inthere.
So whole bunch of like good,uh, resources to get you up to
date on that.
Edna Jonsson (17:46):
So for sure.
All right.
So I just want to remind ourlisteners that, uh, go change
your passwords for Twitch andother platforms that you may
have been hacked and turn onmulti-factor authentication.
(18:07):
And these companies are goingto make you aware of
Cybersecurity Month with theadvent calendar.
Patrick Lowther (18:17):
You know what?
Has anybody been giving awayswag for Cybersecurity Month?
Because one of the best thingsabout conventions and cons and
like CTFs and everything likethat in person at least would be
like some prizes and like a lotof the vendors will give away
like socks and you know what I'mrunning low on socks so I'm
(18:37):
trying to I got resources I needsome socks
Neil Smalley (18:41):
gotcha yeah I'm not sure on that
Edna Jonsson (18:43):
one MongoDB on TikTok will give you socks if
you DM them
Neil Smalley (18:51):
do I have to have a TikTok account though
Edna Jonsson (18:53):
yes you have to send them a message through the
Neil Smalley (18:57):
platform.
So I don't know what everyoneelse uses in terms of browser
extensions, but one I've beenusing for well over a decade is
called HTTPS Everywhere.
So that's made by the...
Freedom Foundation?
Yeah, that thing.
(19:18):
EFF.
I always say EFF, so it's likemost acronyms, if I only say the
acronym, I forget the originalmeaning.
Edna Jonsson (19:28):
It's the Electronic Frontier Foundation,
not the Freedom.
Neil Smalley (19:31):
There we go.
You'd think they would renameit to Freedom, but Frontier
Foundation.
Yeah, so anyway, they've beenmaking this extension for over a
decade now and so what it doesis anytime you request a website
and you didn't request it likewith HTTPS it automatically
(19:51):
redirects you to that if thesite has that somehow because
for a while there a lot of sitesand things didn't really have
HTTPS or if they did you had tolike specifically type it in and
just like redirect youautomatically so you end up like
doing a lot of stuff insecurelyand so like you know, a decade
(20:13):
ago before you had things likeHTTPS everywhere.
You could just sit in a coffeeshop and see my password going
over the wire.
So that was kind of a big deal.
Anyway, so basically they'rephasing it out because they're
like, okay, you know, we havethings like Let's Encrypt and
like most of the web is prettymuch on HTTPS now.
(20:37):
So they're phasing it out.
And like other browsers haveused HTTPS redirects for years
at this point and there's waysto turn it on natively in
Firefox Chrome Engine Safari nowand so they give you
instructions on how to do thatand so I will have to do that
(21:00):
because they're going to bedoing away with my favorite
extension basically so sad tosee it go but it's also good in
terms of security that we're nowseeing such widespread usage.
Yeah.
Yeah.
Patrick Lowther (21:19):
Do you guys leverage uBlock Origin or
anything like that within yourbrowser?
I
Neil Smalley (21:25):
do.
Patrick Lowther (21:26):
Nice.
That's another good one that Ilike to use for cutting ads and
also blocking cookies and things
Neil Smalley (21:35):
like that.
I think it's at this point theway the web is currently It's
simply just not safe orconvenient to experience the web
without an ad blocker thesedays.
If you try to go to anyrun-of-the-mill site, typically
these days you have all thesedifferent pop-ups and stuff that
(21:57):
make it completely unusablewithout an actual ad blocker.
It's quite startling.
If you've been on an ad blockerfor a while, then going and
trying the web without it, it'squite alarming.
Patrick Lowther (22:11):
Yeah.
Yeah, I really really agree withthat and one of the best things
I like about you black originis the ability to add the custom
list and also the Lists thatare pre-loaded for you seem to
really cut down on the amount ofgarbage ads that you see Also,
(22:36):
it works on YouTube.
So
Neil Smalley (22:38):
Gotcha.
Yep another one.
I I just simply have to shoutout is library extension it lets
me set my local library andthen if I'm on Amazon or
anywhere else it'll show me ifthere are any copies available
at my local library rather thanhaving to buy it the book so if
(22:59):
you're trying to save money andstudy up it's a really cool
extension
Patrick Lowther (23:06):
so you're saying it will tell you if a
e-book is available from toborrow from your library local
library?
Neil Smalley (23:14):
Yes.
Patrick Lowther (23:15):
That's awesome, man.
I like that.
Very cool.
Neil Smalley (23:20):
Physical ebook, you know, pretty much just about
any format.
Audiobook, etc.
Edna Jonsson (23:30):
Very cool.
Neil Smalley (23:31):
I know we talk about Azure a lot.
I'm curious if you actually hada chance to use this feature.
It only really was announcedback on the 23rd.
So there's now a networksecurity dashboard for the Azure
Security Center.
And so basically it looks likeit's under Security Center,
(23:51):
Workbooks, and then there's nowa Network Security Dashboard
option.
Patrick Lowther (23:56):
Yeah, so a little secret about the world of
Azure is they don't releaseanything just blindly to the
public.
So that's a feature that's beenin private preview and then a
limited expansion to a publicpreview.
And to get in on that, there'sactually a link you can go to on
(24:20):
Microsoft to request to haveyour tenant added to the private
security features so you canget more real-time feedback on
these things.
So with that said, my privatetenant that I have, I run within
that group, and so I'veactually been playing around
with some of the newer stuffthat's coming out.
(24:42):
And a lot of it's prettyinteresting.
So like what that actually doesis it helps you visualize the
data better that you're seeingwithin your environment since it
is a dashboard.
So you're going to have lots ofpretty graphs.
What you'll be able to see withit is like an overview of your
(25:02):
total network security and likeany of the resources for your
subscriptions that you have inthere.
Right.
And so things like, you haveexposed ports.
So if you have exposed ports onthose IPs that you have, you'll
be able to see that.
So it kind of gives you a headsup to say, oh, wait, hey,
(25:24):
that's not in compliance withhow I want this set up.
So you can actually go back anduse that to tweak your security
posture over Azure there.
What else?
There's a ton of stuff in thisthing.
Neil Smalley (25:38):
Anything that makes my life easier.
Patrick Lowther (25:39):
Exactly.
Then, boy, let me tell youabout ARM templates.
Neil Smalley (25:46):
ARM templates?
Patrick Lowther (25:47):
Yes.
Azure resource templates.
Basically what it is, it's aJSON file that you can define.
Oh,
Neil Smalley (25:55):
so like CloudFormation or something like
that for AWS?
Patrick Lowther (26:00):
Yeah.
So Azure and AWS, you canactually just do both Terraform
on.
Okay, that makes sense.
So yeah, and so you canactually use terraform or ash
arm templates to like basicallyestablish a baseline in code of
(26:21):
how you want your things set upso it's actually pretty slick
and what that dashboard you knowcan do is let you know that oh
hey wait i have something messedup in my code so i can actually
go back and tweak it to bringwithin you know compliance so
yeah like once once you getstarted with uh like the
(26:43):
automation of things within thecloud.
It's a deep rabbit hole you cango into and it's super fun.
At least I think it's fun.
Then again, I'm also kind oflike a nerd who likes doing that
stuff.
Neil Smalley (26:57):
Yeah, for sure.
Good stuff.
Edna Jonsson (26:58):
Yeah, very cool.
Neil Smalley (27:00):
Of course, Azure has its own training for the
network stuff, for example.
I was looking at their networksecurity ninja training earlier.
Patrick Lowther (27:09):
Yes, yes.
It's very good.
Speaking of that, They've justrolled out a new certificate for
you networking folks out there.
Cool.
Yeah, it's the Azure NetworkEngineer certification, I think.
Yes, Azure Network EngineerAssociate.
That is the new certificatethat they've just rolled out.
(27:32):
Like I'm talking, I think theyjust rolled it out middle of
September.
So it's really brand new.
And if anybody's interested init, it's the AZ-700.
is what it is.
Very cool.
Edna Jonsson (27:45):
All right.
So yeah, that's pretty cool.
Thank you.
I
Neil Smalley (27:49):
think that's about all we have for the show today.
Edna Jonsson (27:51):
All right.
Thank you.
Thank you all.
Neil Smalley (27:55):
Yep.
Edna Jonsson (27:56):
Glad to have you.
All
Neil Smalley (27:57):
right.
All right.
Edna Jonsson (27:59):
Keep listening.
See
Neil Smalley (27:59):
you next time.
Edna Jonsson (28:00):
And make sure you join our Discord.
Patrick Lowther (28:03):
Keep listening.
Tell your friends.
Spread the word.
So
Speaker 03 (28:06):
thanks for listening to the Security Chipmunks.
And remember, if it seemsoverwhelming, just just keep
chipping away at it.
Thank you.
Edna Jonsson (00:05):
Welcome to Security Chipmunks Podcast.
My name is Meg Sedna-Johnson,and I'm here with my co-hosts,
Neil Smalley and PatrickLowther.
Say hello, Neil.
Neil Smalley (00:17):
Hello, Neil.
Edna Jonsson (00:19):
And hello, Patrick.
Patrick Lowther (00:21):
Hey, guys.
How's it going?
Edna Jonsson (00:23):
Very good.
How are you?
Patrick Lowther (00:24):
Doing good.
I love the dad jokes.
I love them.
Edna Jonsson (00:34):
You haven't said one yet.
Well,
Patrick Lowther (00:38):
I think that's what we'll do now.
Neil and I will just kind ofalternate them.
Sounds good to me.
Edna Jonsson (00:47):
You're going to share the dad jokes?
Patrick Lowther (00:50):
Yeah, just spread them around.
Spread the wealth.
There you
Edna Jonsson (00:54):
go.
So, I don't know if you noticedor knew this, but it is
Cybersecurity Awareness Month.
And I heard somebody say thatit is now a cybersecurity advent
calendar.
Facebook went down.
Yeah, Facebook.
Patrick Lowther (01:17):
So far, it's been a very interesting week,
hasn't it?
Seven days in, and this ain'tlooking so hot.
Edna Jonsson (01:32):
Yep, and then Twitch went down.
Well, It didn't go down.
Sorry.
It got hacked.
It's still up.
but somebody else has all ofthe data that was a big big hack
too
Patrick Lowther (01:49):
yeah yeah it's kind of interesting like I
started kind of going through alittle bit of the breach like on
some of the sites that I postedon and there's a lot of stuff
in there I'm like whoa so whoknows if it's all accurate or up
to date or what but
Edna Jonsson (02:10):
yeah well one thing that I found interesting
They had how much they werepaying people for streaming on
that platform.
And the top 80 streamers onTwitch all make a million
dollars or more a year just forstreaming.
(02:30):
I was blown away by that.
Neil Smalley (02:33):
Cybersecurity chipmunk streams when?
Patrick Lowther (02:37):
Exactly.
Yeah.
Our goal, we'll shoot for top150, and we'll split half a
million a month somehow, guys.
We'll do that.
Edna Jonsson (02:54):
We'll figure it out.
Neil Smalley (02:57):
Sounds good.
Edna Jonsson (03:00):
Yeah, so also was linked to their entire code
base.
So they involuntarily becameopen sourced.
And also all of their red teamtoolings and the tools that
allows them to pick up things inhacks to grab their code and
(03:23):
stuff.
So their tools for grabbingcode that gets leaked was a lot.
also leaked.
Neil Smalley (03:32):
Yeah, like the stuff that scans for secrets and
stuff that shouldn't be out inpublic and whatnot.
I think we talked about that alittle bit last episode with the
GitHub secrets stuff.
Patrick Lowther (03:44):
Yeah, we did.
Do you think their toolingfired off when this latest stuff
was posted?
Edna Jonsson (03:53):
That's a good question.
It
Neil Smalley (03:54):
depends on if they are monitoring the places that
things like this could post likewell this particular in
particular was posted on 4chanso I guess it depends on if
they're monitoring 4chan or notbut
Patrick Lowther (04:09):
do you think well I mean I haven't had a
chance to break down into thetools yet but I know a lot of
people they have custom toolingto monitor like their github and
like their git repositories forthings like that so I'm
wondering if that's kind of likewhat the tooling's meant for
Neil Smalley (04:29):
I think it's meant more towards that.
I know there are supposedlysome threat feeds that claim to
monitor things like 4chan orcertain dark web forums and not,
but that's a whole other ballof wax.
Edna Jonsson (04:45):
It's a good stuff.
Neil Smalley (04:47):
Well, aside from Twitch employees having to deal
with it.
Edna Jonsson (04:53):
Yeah, it's high alert days there for sure.
Neil Smalley (04:58):
Speaking of hack Are
Edna Jonsson (05:00):
we talking about the Russian hackers and the Iowa
Brain Cooperative?
Neil Smalley (05:05):
I'm talking about the Epic Breach.
Edna Jonsson (05:08):
Oh, yes, the Epic Breach.
There's too many hacks, Neil.
Neil Smalley (05:14):
There's just too many.
There's been a bunch.
Edna Jonsson (05:16):
Yes.
You can't just say the hack andexpect me to know which one
you're talking about.
Neil Smalley (05:22):
There was a book that I was starting to read.
I think it's like Cyber Crisisor something by Eric Cole.
He was talking about like Iguess he regularly talks to like
news people or reporters orwhatnot and they don't care
unless it's like over so manyhundred thousand people affected
these days because there's likeso many of these days that
(05:43):
people pay attention news cyclewise unless it's like a huge
number.
And even then it's like onlylast like a day or so.
The overwhelm is real.
Patrick Lowther (05:52):
That reminds me of dealing with HIPAA
guidelines for reporting somesecurity breach involving HIPAA
data.
You could get away with so manyrecords per breach without
having to report to the OCR oranybody like that.
(06:13):
I'm like, that seems kind ofshady.
Just
Neil Smalley (06:17):
a little bit.
Patrick Lowther (06:18):
We've only lost five less than the number we're
required to report, so we'regood.
Neil Smalley (06:27):
Yeah, you kind of wonder if people smudge that
number just just a tad like ohwe lost one of our things we
don't know if it got stolen
Patrick Lowther (06:36):
or not well so it's funny like in the HIPAA
world even with a lost like alost laptop you have to still
declare that to like your statereporting body and then say yes
we had these safeguards in placeso things like you know full
(06:59):
disk encryption and all thatgood stuff so
Neil Smalley (07:02):
that uh confidentiality of the cia triad
Patrick Lowther (07:06):
exactly
Neil Smalley (07:08):
yeah it was interesting i had somebody ask
me like uh so encryption what'sthe most important thing i need
to know i'm like well thequickest thing that will be
useful to you for schoolpurposes is going to be like cia
triad like if you know whatyou're trying to do then that'll
help you know what you want tobe using and so i think the cia
triad really kind of coverscovers that.
Patrick Lowther (07:33):
It's kind of interesting.
As I was going through learningabout that for studying for the
SecPlus and the various CompTIAcerts, you kind of think, when
am I ever going to really usethis?
But where that really comesdown to helping you out is when
(07:54):
you have to take that and relateit to either employees that
aren't technical or, uh, Clevels, you know, or like even
like in your job, as you goabout like supporting people,
you know, you can kind ofexplain why you're making things
happen for them.
(08:14):
Um, so it's, it's kind ofinteresting that we came up on
this subject because, um, I wasactually just talking about the
CIA triad, uh, triangle andstuff like that with, uh, a
co-worker.
Neil's leveraging the Facebookdown to use the listening to
(08:40):
listen on me there.
I guess so.
Good intelligence.
Ad data.
Neil Smalley (08:50):
It's all interconnected now.
Do you have Amazon's new droneand robot in your house now,
Patrick?
No, I do not.
Okay.
Yeah.
Cause that would make life alot easier for me.
Edna Jonsson (09:05):
Do you want to hack him?
No,
Neil Smalley (09:08):
I'm just saying instead of like doing the, the
IntelliSense ad stuff, you coulddo the, the, uh, the ring
connected, uh, drone thatAmazon's coming out with.
And then it also has likebasically a Amazon show on
wheels.
So it just a greater, an evengreater, uh, surveillance
(09:32):
network that's now available toAmazon.
I was going to hack it so hecan trip me down the stairs with
it.
Somehow, I don't think I wouldneed a robot to do
Patrick Lowther (09:48):
that.
Between my dogs and the robot,I'm down for it.
Pretty much.
Edna Jonsson (09:55):
I'm going to pivot back to the Epic Reach.
For those that are notfamiliar, Epic was a web hosting
company and also domainregistrar.
And it was very heavily used bythe far right, neo-Nazis and
(10:16):
extremists in that regard.
So some of their customers havebeen Gab, Parlers, 8chan, and
the Oath Keepers.
And so this data breach was...
they didn't have very goodcybersecurity policies in place
because their data was just inplain text, completely available
(10:38):
to everybody to see once theygot it.
And when the hack washappening, the CEO of Epic, Rob
Monster, he was going on, goinginto prayer.
He was saying that like, If youread the data, then you're
(11:05):
going to be cursed.
So all of the data that ishacked will be cursed.
The drives will burst intoflames, so all kinds of stuff
like that.
The group behind this hack isinteresting.
They were called hackers onEstradiol.
And so if you know aboutEstradiol, you kind of know what
(11:27):
that group might So it's...
I don't know.
I thought it was interesting.
Patrick Lowther (11:36):
You know, it's kind of funny that we're talking
about this.
Did you know that Rob Monsteris the cousin of Rob Zombie?
Edna Jonsson (11:47):
No.
Patrick Lowther (11:49):
I'm just messing, but...
There's my dad joke.
Oh, no.
Neil Smalley (12:00):
Oh, no.
Edna Jonsson (12:00):
It's like, what?
Neil Smalley (12:03):
Good egg delivery, too.
Just on par with my dad jokeseverywhere.
Edna Jonsson (12:12):
so it's really good to be able to know what's
happening in cyber security stayup to date so you can talk with
your customers about it andexplain to them why certain
procedures are important so youcan share like oh this happened
(12:32):
to Facebook this happened toTwitch or this happened to
another company I don't knowthese stories are good to know
about so you can educate yourcustomers about it.
Neil Smalley (12:47):
Yeah, that's why I like things like case studies
on companies' websites.
It makes it easy for me to goand then give an example to
people who are like, what can Iactually do with this?
Or what might this actuallyhelp me with?
Edna Jonsson (13:02):
Yes.
Patrick Lowther (13:03):
So on the same theme of keeping up to date on
the events so you can relate itto everybody, do you guys...
follow like any of the postdata mess ups like say
Cloudflare had a pretty good BGPwrite up on what happened with
(13:24):
Facebook and where theytheorized happened and then
Facebook came out with like afluff piece we'll say about what
happened with their data andhow they dropped the routes and
everything like that do you guyskeep up on those like the deep
dive analysis or anything
Neil Smalley (13:41):
a little bit I glanced at the Cloudflare one I
was probably most interested injust watching the uh
visualizations of their BGProutes disappearing off the
interwebs?
Edna Jonsson (13:53):
I will admit that I have that open as a tab on my
Chrome browser.
I intend to read it.
I have not gotten to it yet.
But I do sometimes jump intoreading the deep dives into
incidents.
Patrick Lowther (14:13):
I always love the deep dive stuff because I'm
an engineering...
person by nature.
I love knowing nitty-grittydetails on how something works
and what cascading failurehappened because of this, this,
and this and what steps they'regoing to take to re-engineer the
process to resolve it.
I'm always a big fan of thathappening.
Neil Smalley (14:39):
I actually have a few more books for my reading
list now thanks to that I've gotthe one with the mountain goat,
I think.
The Riley one with the mountaingoat.
I think it's just plain oldBGP.
And then I've got another...
(15:00):
Another one on Q as well.
That's just like DNS in generaland really digs into that
stuff.
So I'm planning to dig a littlebit deeper on my understanding
on that stuff.
It's definitely good stuff tolearn about.
Edna Jonsson (15:26):
For sure.
Neil Smalley (15:27):
Of course, the BGP book, a lot of the BGP books
that are available seem a bitdated, but I'm not sure how much
actually has changed since the2000s.
Yeah,
Patrick Lowther (15:43):
BGP's been around for a long time, but I
mean, it's one of those thingskind of like, if it ain't broke,
don't fix it.
But obviously in this case,it's kind of maybe broken.
Neil Smalley (15:55):
I guess it's probably not technically a code
It's probably like a gazelle orsomething on the cover.
I don't know.
I know a little bit about abunch of animals, but I'm not
familiar with all the differentcovers, but it looks like some
sort of long-horned safarianimal.
Anyway, it came out in 2002, sothere's probably some stuff
(16:15):
that could be better served byreading some of the more current
Cisco.
There's quite a few differentCisco ones to read, but for a
good an overview.
The O'Reilly stuff is prettygood.
Patrick Lowther (16:30):
Yeah, I actually really like O'Reilly
books.
So when I was coming up as atechnical person, I usually
picked up a nice hard copy ofwhatever I was trying to learn
at the time.
So I still have my PHP O'Reillybook, my Asterix, which has the
(16:52):
starfish on the cover.
Neil Smalley (16:54):
There you
Patrick Lowther (16:55):
go.
Yeah.
Network Warrior is probably byfar the most used O'Reilly book
I've ever used.
Neil Smalley (17:05):
It's on my reading list.
It's also on my shelf.
But I'm studying more of thestuff I need directly for the
test at the moment.
But it's definitely on my to-dolist.
Patrick Lowther (17:16):
There's actually, as we talk about it,
Humble Bundle has a pretty goodops bundle, like cybersecurity
and ops, um, humble bundle fromO'Reilly.
So it has things like Jenkins,Prometheus, uh, Kubernetes, uh,
(17:37):
database reliability stuff inthere.
So whole bunch of like good,uh, resources to get you up to
date on that.
Edna Jonsson (17:46):
So for sure.
All right.
So I just want to remind ourlisteners that, uh, go change
your passwords for Twitch andother platforms that you may
have been hacked and turn onmulti-factor authentication.
(18:07):
And these companies are goingto make you aware of
Cybersecurity Month with theadvent calendar.
Patrick Lowther (18:17):
You know what?
Has anybody been giving awayswag for Cybersecurity Month?
Because one of the best thingsabout conventions and cons and
like CTFs and everything likethat in person at least would be
like some prizes and like a lotof the vendors will give away
like socks and you know what I'mrunning low on socks so I'm
(18:37):
trying to I got resources I needsome socks
Neil Smalley (18:41):
gotcha yeah I'm not sure on that
Edna Jonsson (18:43):
one MongoDB on TikTok will give you socks if
you DM them
Neil Smalley (18:51):
do I have to have a TikTok account though
Edna Jonsson (18:53):
yes you have to send them a message through the
Neil Smalley (18:57):
platform.
So I don't know what everyoneelse uses in terms of browser
extensions, but one I've beenusing for well over a decade is
called HTTPS Everywhere.
So that's made by the...
Freedom Foundation?
Yeah, that thing.
(19:18):
EFF.
I always say EFF, so it's likemost acronyms, if I only say the
acronym, I forget the originalmeaning.
Edna Jonsson (19:28):
It's the Electronic Frontier Foundation,
not the Freedom.
Neil Smalley (19:31):
There we go.
You'd think they would renameit to Freedom, but Frontier
Foundation.
Yeah, so anyway, they've beenmaking this extension for over a
decade now and so what it doesis anytime you request a website
and you didn't request it likewith HTTPS it automatically
(19:51):
redirects you to that if thesite has that somehow because
for a while there a lot of sitesand things didn't really have
HTTPS or if they did you had tolike specifically type it in and
just like redirect youautomatically so you end up like
doing a lot of stuff insecurelyand so like you know, a decade
(20:13):
ago before you had things likeHTTPS everywhere.
You could just sit in a coffeeshop and see my password going
over the wire.
So that was kind of a big deal.
Anyway, so basically they'rephasing it out because they're
like, okay, you know, we havethings like Let's Encrypt and
like most of the web is prettymuch on HTTPS now.
(20:37):
So they're phasing it out.
And like other browsers haveused HTTPS redirects for years
at this point and there's waysto turn it on natively in
Firefox Chrome Engine Safari nowand so they give you
instructions on how to do thatand so I will have to do that
(21:00):
because they're going to bedoing away with my favorite
extension basically so sad tosee it go but it's also good in
terms of security that we're nowseeing such widespread usage.
Yeah.
Yeah.
Patrick Lowther (21:19):
Do you guys leverage uBlock Origin or
anything like that within yourbrowser?
I
Neil Smalley (21:25):
do.
Patrick Lowther (21:26):
Nice.
That's another good one that Ilike to use for cutting ads and
also blocking cookies and things
Neil Smalley (21:35):
like that.
I think it's at this point theway the web is currently It's
simply just not safe orconvenient to experience the web
without an ad blocker thesedays.
If you try to go to anyrun-of-the-mill site, typically
these days you have all thesedifferent pop-ups and stuff that
(21:57):
make it completely unusablewithout an actual ad blocker.
It's quite startling.
If you've been on an ad blockerfor a while, then going and
trying the web without it, it'squite alarming.
Patrick Lowther (22:11):
Yeah.
Yeah, I really really agree withthat and one of the best things
I like about you black originis the ability to add the custom
list and also the Lists thatare pre-loaded for you seem to
really cut down on the amount ofgarbage ads that you see Also,
(22:36):
it works on YouTube.
So
Neil Smalley (22:38):
Gotcha.
Yep another one.
I I just simply have to shoutout is library extension it lets
me set my local library andthen if I'm on Amazon or
anywhere else it'll show me ifthere are any copies available
at my local library rather thanhaving to buy it the book so if
(22:59):
you're trying to save money andstudy up it's a really cool
extension
Patrick Lowther (23:06):
so you're saying it will tell you if a
e-book is available from toborrow from your library local
library?
Neil Smalley (23:14):
Yes.
Patrick Lowther (23:15):
That's awesome, man.
I like that.
Very cool.
Neil Smalley (23:20):
Physical ebook, you know, pretty much just about
any format.
Audiobook, etc.
Edna Jonsson (23:30):
Very cool.
Neil Smalley (23:31):
I know we talk about Azure a lot.
I'm curious if you actually hada chance to use this feature.
It only really was announcedback on the 23rd.
So there's now a networksecurity dashboard for the Azure
Security Center.
And so basically it looks likeit's under Security Center,
(23:51):
Workbooks, and then there's nowa Network Security Dashboard
option.
Patrick Lowther (23:56):
Yeah, so a little secret about the world of
Azure is they don't releaseanything just blindly to the
public.
So that's a feature that's beenin private preview and then a
limited expansion to a publicpreview.
And to get in on that, there'sactually a link you can go to on
(24:20):
Microsoft to request to haveyour tenant added to the private
security features so you canget more real-time feedback on
these things.
So with that said, my privatetenant that I have, I run within
that group, and so I'veactually been playing around
with some of the newer stuffthat's coming out.
(24:42):
And a lot of it's prettyinteresting.
So like what that actually doesis it helps you visualize the
data better that you're seeingwithin your environment since it
is a dashboard.
So you're going to have lots ofpretty graphs.
What you'll be able to see withit is like an overview of your
(25:02):
total network security and likeany of the resources for your
subscriptions that you have inthere.
Right.
And so things like, you haveexposed ports.
So if you have exposed ports onthose IPs that you have, you'll
be able to see that.
So it kind of gives you a headsup to say, oh, wait, hey,
(25:24):
that's not in compliance withhow I want this set up.
So you can actually go back anduse that to tweak your security
posture over Azure there.
What else?
There's a ton of stuff in thisthing.
Neil Smalley (25:38):
Anything that makes my life easier.
Patrick Lowther (25:39):
Exactly.
Then, boy, let me tell youabout ARM templates.
Neil Smalley (25:46):
ARM templates?
Patrick Lowther (25:47):
Yes.
Azure resource templates.
Basically what it is, it's aJSON file that you can define.
Oh,
Neil Smalley (25:55):
so like CloudFormation or something like
that for AWS?
Patrick Lowther (26:00):
Yeah.
So Azure and AWS, you canactually just do both Terraform
on.
Okay, that makes sense.
So yeah, and so you canactually use terraform or ash
arm templates to like basicallyestablish a baseline in code of
(26:21):
how you want your things set upso it's actually pretty slick
and what that dashboard you knowcan do is let you know that oh
hey wait i have something messedup in my code so i can actually
go back and tweak it to bringwithin you know compliance so
yeah like once once you getstarted with uh like the
(26:43):
automation of things within thecloud.
It's a deep rabbit hole you cango into and it's super fun.
At least I think it's fun.
Then again, I'm also kind oflike a nerd who likes doing that
stuff.
Neil Smalley (26:57):
Yeah, for sure.
Good stuff.
Edna Jonsson (26:58):
Yeah, very cool.
Neil Smalley (27:00):
Of course, Azure has its own training for the
network stuff, for example.
I was looking at their networksecurity ninja training earlier.
Patrick Lowther (27:09):
Yes, yes.
It's very good.
Speaking of that, They've justrolled out a new certificate for
you networking folks out there.
Cool.
Yeah, it's the Azure NetworkEngineer certification, I think.
Yes, Azure Network EngineerAssociate.
That is the new certificatethat they've just rolled out.
(27:32):
Like I'm talking, I think theyjust rolled it out middle of
September.
So it's really brand new.
And if anybody's interested init, it's the AZ-700.
is what it is.
Very cool.
Edna Jonsson (27:45):
All right.
So yeah, that's pretty cool.
Thank you.
I
Neil Smalley (27:49):
think that's about all we have for the show today.
Edna Jonsson (27:51):
All right.
Thank you.
Thank you all.
Neil Smalley (27:55):
Yep.
Edna Jonsson (27:56):
Glad to have you.
All
Neil Smalley (27:57):
right.
All right.
Edna Jonsson (27:59):
Keep listening.
See
Neil Smalley (27:59):
you next time.
Edna Jonsson (28:00):
And make sure you join our Discord.
Patrick Lowther (28:03):
Keep listening.
Tell your friends.
Spread the word.
So
Speaker 03 (28:06):
thanks for listening to the Security Chipmunks.
And remember, if it seemsoverwhelming, just just keep
chipping away at it.
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
Cardiac Cowboys
The heart was always off-limits to surgeons. Cutting into it spelled instant death for the patient. That is, until a ragtag group of doctors scattered across the Midwest and Texas decided to throw out the rule book. Working in makeshift laboratories and home garages, using medical devices made from scavenged machine parts and beer tubes, these men and women invented the field of open heart surgery. Odds are, someone you know is alive because of them. So why has history left them behind? Presented by Chris Pine, CARDIAC COWBOYS tells the gripping true story behind the birth of heart surgery, and the young, Greatest Generation doctors who made it happen. For years, they competed and feuded, racing to be the first, the best, and the most prolific. Some appeared on the cover of Time Magazine, operated on kings and advised presidents. Others ended up disgraced, penniless, and convicted of felonies. Together, they ignited a revolution in medicine, and changed the world.