The Security box, podcast 9: Typosquatting and more

Hello folks,

The RSS feed has the podcast. Due to the length of the show notes, it is not going to fit in those notations.

I hope you enjoy the program as much as I have putting it together for you. Next week, we’ll be returning to a Wednesday schedule.

Welcome to the security box, podcast 9. This week, I think we’ll change gears a little bit and talk about the Internet in a different type of light. We’ll also have news, notes, commentary, and I believe the fix to comments left by callers is solved with an app I already give info for. If you can use the dial in number, you may use it, but turns out, not everyone may be able to use it. The days of Voice Mail services may be over. Lets get started!

Topic:

Have you ever made a mistake while typing a web site address in to your address bar? You have? Well, you’re not alone. While it is human to make mistakes, actors know this now more than ever. The term is called typosquatting when an actor picks up these types of misspelled domains and utalize it to do lots of things to you. Consequently, in “This Week in Security News” for the week ending September 4, 2020: there is an article talking about Typosquatting in it.

• 55% of Cybersquatted Domains Are Malicious or Potentially Fraudulent (Darkreading 9/2/20 read 9/4/20) came in just in time for this week in Security News and fits right in to this discussion. Lots of numbers here and Typosquatting is only the beginning.
• The most popular brand websites that hackers use for typosquatting campaigns is an article from Cyberscoop.
  

  The most imitated websites that credential-stealing, financially-motivated hackers have resorted to mimicking include Wells Fargo, Netflix, Facebook, and
  Microsoft, according to new Palo Alto Networks research published Tuesday.

  There may be differences between this one and the other article in this discussion, but both are worth the read.

News, notes, and more

• Tik Tok can’t keep out of the headlines. According to the latest, they removed the typical adds for diet pills and the like because a security company told them what they were about. TikTok scrubs ads promoting diet pills, fake apps after Tenable report is the article and should be read if you can’t get enough of this rediculousness. Did they not learn from my blog post from last podcast? Oh boy.
• This week in the Security landscape, news ending September 4, 2020 covers stuff that might be of interest, but if you take a look at it, what is it you want braught up?

Other things:

• Have you ever thought of your building on the Internet? Podcast 337 had an article I got from Sans News Bites that talked about hackers using things like elevators for DDOS attacks.
  

  one of the biggest topics I think you’ll want to get your paws on is buildings being connected to the Internet. I’m not kidding! I’ve got a blog post with the article of the same name: Hackers are hijacking smart building access systems to launch DDoS attacks and this is definitely something to think about.

• From the same podcast, we’ve got the best thing ever. A dumb criminal on how Not! to get caught on crimes. I changed the show notes a little bit and decided to go after the original article.
  

  Also on the podcast, we’ve got a dumb criminal award for the podcast. If you’re going to commit a crime, you want to try and hide like a lot of America’s Most Wanted’s criminals did. Thats why they were hard to catch, and eventually, a lot of them were caught. Booter Boss Busted By Bacon Pizza Buy is the link to Brian Kreb’s coverage of this.

  Have fun with this one!

Have something you want to contribute? Please feel free to do so by email, imessage, or voice. The choice is yours! The file has all of the contact info on how to get ahold of me throughout the program. Thanks so much for listening, and we’ll see you next week!