The Security Box, podcast 195: What Are .env Files and why should I care?
This has got to be one of the longest podcasts I’ve ever done in any capacity tech or otherwise. I know I’ve had longer music shows, but those are different.
We did a great job with structure, although I did forget one thing but quickly rectified that when we started the segment, so it wasn’t that bad.
Our contest is open to outsiders who want to participate, feel free!
Here is the RSS if you need it.
Here is the 278.32mb file if you need it.
I guess I really didn’t know where we were in time, as I looked and one of the files was 1 hr 10 minutes, I knew about the hour 20, but we got in to our topic and we had a great discussion which is what I want.
Affiliates may not play the entire program, but we got in to erata in our 4th hour and people can listen via podcast if they wish.
If you want show notes, I’ve got you!
See you next time!
Hello folks, welcome to podcast 195 of the security box. Let’s start off with a set of questions that came out of something we did not cover as part of last week’s box. If you listen via the podcast, please submit your guesses before the answers are revealed. I’ll personally give you credit where credit is due, and we can work out what you will get upon correct answers. The questions are: What 8 companies, 1 of which was part of the big ticket master breach were attacked? What small time actor group took responsibility for these 8 company attacks?which two companies disputed the hack? Finally, what was the most recent company that came out with confirming they were part of the actors fiasco? We also are going to cover the news, the landscape, Lastpass’ recent fiasco that can happen to anyone and more. Our topic this week will be the talking about environment files that are used to store secrets including keys, usernames and passwords. Apparently these files, known as .env files are wide open and can be taken for use. Enjoy the program and thanks so much for listening!
Our Scam of the Week
Kelly, formerly Kelly Services has been targeting users who know the JRN’s work. Kelly informed the JRN that this scam has been going around in this form for at least 5 months. The first report came from TSB’s participant, Preston Gaylor. The second came from another subscriber who assists me in another capacity. Please read this blog post titled New scam from work provider, Kelly (formerly Kelly Services) for complete details on this. We link to the official web site where you too, can alert them about this scam. The representative informed me that they have over 500 copies of this and asked about the version that is going around. We’ll be discussing this as part of the program, don’t worry!
Our Question
If you intend to play, please do not look at the answers given below. We also are linking to sources of further reading too.
Our Question
What 8 companies, 1 of which was part of the big ticket master breach were attacked? What small time actor group took responsibility for these 8 company attacks?which two companies disputed the hack? Finally, what was the most recent company that came out with confirming they were part of the actors fiasco?
The Answer: Skip if you intend to participate and win
Answer: Snowflake, Anheuser-Busch, State Farm, Mitsubishi, Progressive, Neiman Marcus, Allstate, and Advance Auto Parts. Progressive and Mitsubishi disputed the threat actor’s claims while Advance Auto Parts recently came out with details of their breach.
Sources from the blog:
- Live Nation confirms breach at Ticketmaster
- Advance auto parts confirms breach, numbers don’t match
- Snowflake’s breach may be bigger than we think, let’s add yet another company to the mix
The links lead to our blog, where you can read more.
Lastpass needs a break here, this can happen to anyone
This can happen to anyone. While people want to jump ship because of this most recent outage, I don’t blame them. It turns out, it was because of their chrome extension that somehow went completely ape and could have sent a DDOS attack. I don’t want to go that far, but it was a 12-hour outage if not longer. I recently had to sign in and I was successful, and this happened on Thursday, June 6, 2024. This can happen to anyone, lastpass had a bad extension causing havoc is the blog post that leads to the story. I believe this could happen to anyone.
Other News
- This is crazy, more snowflake news: “We aren’t going to require MFA”
- 23andMe now being investigated for the 2023 breach
- Exposed tokens equals getting owned
- Google sends large check, google avoids jury trial
- We thought TikTok was bad, News Break seems to be worse
Christie’s notifies people of ransomware attack, ransomhub takes them and Frontier telecom
What are .env files and why should I care?
Why should I care about .env files in the first place? Our main topic discusses this and it isn’t a good thing if you don’t. The JRN tried to take paragraphs that disclosed information which supports why it is a bad idea for this file to be in the open and we also tried to take data that showed what these files contain. Websites exposing over a million secrets, leaving visitors at risk is the blog from Cybernews that we’ll take from to lead this discussion.
Supporting the podcast
If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.
Internet Radio affiliates airing our program
Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!