2024-09-23 - Plane Talk

Ralph

Besides that one particular one that's juicy. I don't think there's that many others.

Corey

I think there's another one that's juicy. But I look through a different lens than you guys do.

Ralph

That is definitely true. Yeah. But that's why we like you here.

Kelly

Because you like that's a feature, not a bug.

Ralph

Yeah.

Corey

Thank you.

Ralph

Oh, there's some good ones under nation state that I didn't see. Big whale. Big whales.

Alex

I haven't even looked through the list yet.

Ralph

Notable follow ups, Nothing. We get rid of the crowd strike now.

Kelly

Yeah, that's been shoved below. I could probably just delete that at this point. I think that's fizzled for now.

Corey

Wait till the lawsuits come that it'll pop back up again.

Ralph

That'll be when it's fine.

Kelly

It's a living document. The show notes.

Wade

Hi, Ralph.

Corey

Why are you giving us the finger?

Jason

Oh, I'm in deep thought.

Alex

Thinking about.

Jason

I'm just reading about all these news articles right now.

Ryan

Just.

Jason

Just soaking it all up.

Ralph

Good.

Corey

You'll have lots to say.

Jason

Yeah, I will. I'm. I'm also trying to quantify how we got voted as a finalist and. Hey, hey, hey.

Kelly

We were waiting till later. Oh, I guess we can talk about it now.

Jason

No, we don't.

Wade

Your office is haunted and you're spoiling the entire show up in the pre show.

Alex

What?

Ryan

Why?

Alex

Office is haunted. I missed this.

Wade

Just listen.

Jason

Oh, yeah, right.

Ralph

Then a kid did scream.

Jason

Fine, I'll go on Amazon and order another motor.

Wade

Just give me. Just give me your Amazon login. I'll do it for you.

Jason

Oh, yes. I got some hard drives you probably want anyway.

Wade

Yeah, I want to see your Amazon card. I bet you it's. Bet you Ralph's Amazon card is a gold mine of fun little things that no one knows exist but you want spicy.

Corey

Hey, speaking of spicy, who's MCing today? Corey.

Wade

I can do it. Ralph did it last week. Ralph beatboxes all freestyle. And I'll take this train right off the tracks into the ditch.

Ralph

That's where it always goes.

Corey

Hey, that's mixed metaphors there.

Wade

No, there's ditches next to trains.

Jason

I mean, what would you rather crash in, a train or a plane?

Wade

Train. 100%.

Ryan

I say. I say train because I have done plane. It just changes it up, so might as well cross that one off.

Alex

You've crashed.

Wade

Alex.

Corey

It's not a bingo card.

Ryan

I know.

Jason

It's.

Ryan

What is life if not a bingo card? Like, it just makes.

Alex

It makes the experience this a small Plane, Alec.

Jason

Yeah.

Kelly

So now we want to know more.

Alex

I want to know all about it.

Wade

Yes.

Ryan

No, it was a small plane. I was 2. Basically, like the maintenance on it was a little bad, so one of the pistons just like shot out. The engine ripped through kind of the oil line and everything too. So hydraulic throughout. And planes don't glide as well as you think they do, especially when they're covered in like oil. So it was just kind of a controlled descent into a farm field. And then they had to basically like take me in the car seat and just like chuck it out because they couldn't get me out of the car seat again. Everything's covered in oil, so it just basically the. It's like, okay, screw getting them out of the car seat. Just pull the whole thing, toss it and go.

Jason

So do you, do you remember any of this or is this.

Ryan

People are like, no. You were two. You don't remember this? I'm like, I remember traumatic enough.

Wade

Your brain wrote all of that to long term storage.

Ryan

Yeah, it goes into long term storage. So it's like, yeah, I remember that.

Wade

Well, that's good. Fun.

Ryan

Details.

Corey

Disaster.

Wade

Good job surviving. Yeah. Turns out two year olds have soft bones. Good for crashing planes.

Ryan

Yeah, I always like that as like a plane conversation during turbulence. And I go, no, don't, don't worry. Like, statistically speaking, I won't be in a second one.

Wade

Lightning can't strike twice. Come on.

Jason

That's. That's what I love about like statistics. Someone's like, well, you know, if you've won the lottery once, you can't win again. And the truth is it's exact same odds. Your odds don't change. You're not more or less likely to.

Wade

Do any Gambler's fallacy is that you get different odds the next time. Cause you've lost so many times.

Jason

I can't lose again because, you know, I'm already this many times. Yeah. That's why whenever you're in Vegas, you never let them win. You keep playing until you win.

Wade

Yes.

Ralph

I was wondering where Ralph's pants went that way.

Wade

Always bring Ralph with you when you go to Vegas. Honestly, Ralph definitely has good advice to suspense.

Jason

It makes it more fun. For sure. I. I did see, I. I don't know where I read or why this article ended up in my feed, but it was, in essence, it was the safest place to be in a plane during a plane crash. And what they did to like figure this out is they crashed a plane and they did it in Mexico. Right. Because The US Was like, hell no. They flew it and they jumped out of the plane right before it crashed and they landed it in, what do you call it, like a salt lake bed. Not in the United States. It was in Mexico. And you know, they saw all the different, like, you know, did all this analysis on it. Anyways, being in the back of the plane was where you wanted to be. First class was not where you wanted to be in this particular.

Alex

Oh yeah, like you've never seen a plane like back into a mountain. Front end first.

Wade

Yeah.

Ben

You don't see planes. They're ended. Usually.

Wade

Yeah, yeah.

Ben

No, I say usually. There was that Delta one that clipped the back end of a plane on the Runway.

Jason

Oh, yeah, no, yeah, they took the whole wing off. I mean, just like he backed into me.

Wade

He backed into me. It's physically impossible.

Jason

I hope you got it. Sure.

Kelly

All right, let's go.

Wade

Welcome to Black Hills Information securities. Talking about news. It's September 23, 2024 and you're listening to the award nominated podcast. Talking about news.

Ryan

Facts.

Kelly

These are facts.

Ralph

They must not have never watched us.

Wade

That's not what's happening. Explain the sands thing to me.

Kelly

Well, apparently somebody nominated this podcast that you are watching or listening to right now for an award with. With sans difference makers. What do they call it? Difference makers.

Wade

It doesn't say if the difference is good or bad.

Ralph

Okay, that's a good point. That's a good point.

Wade

Okay, that's just a difference maker. They're like Black Hills Information Security. Talk about news has made the worst impact imaginable. But it has made a difference.

Jason

It made some kind of difference.

Ralph

I like to think we're the Jerry Springer of cyber news. Right. Like you never really know what's going to happen.

Jason

Where's Steve?

Wade

Yeah, I mean, maybe, but also I feel like we also have like there. If we were really the Jerry Springer of talking about news, I feel like we would have like so many bad jokes about pagers that have already just fallen out of our brain.

Ralph

Pagers. Okay. Montel, will you take Montel?

Wade

You take Montel.

Ralph

We need a sight.

Wade

Whoever makes the most politically incorrect pager pun will be nominated for the making a difference bad award. Yeah, I mean, who knows? I guess vote for us if you care. I don't really know what this is. I didn't know as somebody didn't know this award existed before we were nominated. I say it's really important. It makes a huge difference. Yeah.

Kelly

There is voting open to the community, but you have to provide them with Your email, you click this big vote now button and then even to see the category nominees for. You know, we're not the only category. There's other categories here, but there's Podcast.

Wade

Of the Year, which we did not get. I will say one thing.

Ralph

No, no, that is. That is what we got.

Jason

Yeah. That's what we're getting nominated for.

Wade

Okay.

Ralph

There's a. There's an acceptance ceremony and everything. We have to all fly to dc. I'm not even joking. I'm not even joking. That's real.

Wade

Okay. No one believes you. But the one thing I will warn everyone, if you're going to vote, you should expect that email to be sent sans marketing communications from now until the end of time. So, yeah, just keep that in mind.

Ryan

And do not run the. Do not run the nomination and the voting through Burp Suite or anything to try and create like a thousand entries. Like, we don't want to get disqualified. We know you. We know you. Someone out there, like, I can vote 3,000 times easily.

Jason

Like, I'm not going to mention any names, but that used to be my favorite ctf. Every year, they would do the annual security awareness training and the ctf, the un, the unspoken CTF was the first person who could discover how to do the training without doing the training. And then you would send it right up to everyone else how to do the training without doing the training.

Wade

That is true. And I know for a fact, one year, a particular person on the team spent more time bypassing the security training than it would have taken to just do the security training. But you know what? That's hackers.

Jason

That's what you do when you. When you give hackers security training. They're going to hack it.

Kelly

So that's your life.

Jason

Yes. Very fun stuff.

Wade

All right, let's talk about the news. Let's. Let's get out, stop tooting our own horns, and talk about the news.

Kelly

Real news.

Wade

Yeah, the one I already mentioned, I feel like it's the hottest story is the pager thing. I mean, this hit mainstream news everywhere. For those that aren't in the know, basically, Israel worked to set up a company that made pagers. It was a completely legitimate company that you could buy pagers from. They put bombs in all the pagers, or at least the pagers that were going to this particular customer, that being Hezbollah, and then remotely detonated them all at the same time. There was also a little bit of psyop action happening where they kind of convinced Hezbollah that their communications were being monitored and that they should Use pagers. So it was kind of like really, really long term supply chain attack, but like an actual kinetic supply chain attack, not like a. Oh, this version of Jquery is outdated. But like a pager blew up. Unfortunately the pagers did injure lots of children and non combatants. So I guess we'll try to stay away from the, let's stay away from the political and like ethical things here and more. Just try to stick to the like logistics and security outcomes of it.

Ralph

So what, what is pager? What do pagers run on? Like? I like is network.

Jason

They run on batteries. They use a cell.

Ralph

Should they run on batteries? No shit. I met, I meant the network.

Wade

How like, you mean like communications?

Ralph

I can't believe you would say that. Yeah, this is, I had no clue. I remember, I remember pagers, but I've never used one in my life. Right. And if there's still communications going across it, right. There's still something but. And then even then you're going to have to get on a phone to call someone after you get.

Alex

Scrubs out here. It might be worth pointing out like why they were using the pagers. So the reason they were using the pagers was because the way the pager system worked is it's basically a broadcast system. So those messages that are sent to the pagers, they're just broadcast out like across the entire cellular network in whatever area. And you can pick up the pager messages with like a software defined radio or other hardware. So that would be the, like, they're. The reason they were using these was to try and combat things like their phones being tapped. So they would have to call back the number that paged them on some phone. But the number, the phone that they call back from is not going to be known by the people who are monitoring their communications. So they'd have to monitor like every pay phone or every whatever phone in a certain area as opposed to just tapping, you know, one individual's phone.

Jason

So I, I just wanted to be known. This was not a hack, right?

Ryan

Yeah, this was, they were, they were packed.

Wade

Yeah, it kind of was a hack because they convinced Tesbola to use.

Jason

Oh no, they hacked their mind, that's for sure.

Wade

Yeah, but it wasn't. No, yes, you're right. It wasn't a supply chain hack. Like Jquery had a bad piece of code in it. This is a literal kinetic supply chain attack. And I actually wanted to ask people like, should we be saying it's a supply chain attack? Because in one sense it's more Accurate. But I feel like it's kind of mixing like a very aggressive kinetic attack to something that just happens on GitHub and no one really cares about it.

Alex

I think they had to literally get in the physical supply chain. Whether it was intercepting these things when they were manufactured, whether it was. Whether they were intercepting them at some point along the.

Jason

Or they were manufacturing them, you know.

Alex

Whatever it was, they had to intercept them physically at some point and put.

Wade

Oh no, they made them. They literally. It's. It was like an anom or anom scenario where they literally were running a pager manufacturing company.

Ben

From what I understand from listening to another group talk about this, and they were doing research live on the air, was that they went ahead and they picked up the name of a, of a company that no longer actually existed and just given up their domain name that was in Hungary and went ahead and set up the whole thing. They went ahead and paid a company out in Taiwan for the rights to go ahead and make these pagers, which. These pagers were originally made in like 2014 or something like 10, 15 years ago that had known exploits in it and then went ahead and set. Set everything up as a legitimate type company, all in the course from like 2020 to now.

Jason

This was a long con, for sure.

Wade

Yeah, it's a long con. It's. I feel like, I mean, honestly, the thing for me that I guess, like, ethically, I don't want to get too deep in the weeds on like, who's a terrorist, who's not a terrorist, what's allowed against terrorists, you know, war and rules and Geneva Conventions or whatever. But I will say, like, it seems crazy to me because how many. How could you possibly control the scope like, of who is going to have these pagers at any given time? Like, it is crazy.

Ralph

And that's why a bunch of people got hit.

Jason

Right.

Ralph

And that's the same thing with the walkie talkies they had, which is exactly the same thing with.

Wade

They're making them like, I guess just because it's sold to a known doesn't.

Jason

Necessarily mean they're going to be a NOM network. Right. They could have, anyone could have bought that phone, but mostly criminals were buying that phone because it appealed to them. And then they built this whole, you know, kind of situation where they got them to all buy in. I mean, it took a while. So everyone who was buying them was. I mean, for the most part, it.

Wade

Was word of mouth. Yeah, yeah. Amongst a certain group.

Jason

Yeah, exactly. And so, I mean, it really became A very targeted attack. You know, not to say that there wasn't, you know, other things, but monitoring.

Wade

Versus explosives, two different things. Right. If I was going to choose between having my phone monitor my communications, which, by the way, I assume, which is why they got.

Ryan

And blow.

Jason

They got pagers because they were worried about monitoring. But what they didn't realize, long term, they were just given bombs instead.

Wade

Totally.

Ralph

Can we get a map of payphones located? Like, how many pay phones are actually out there? Right. You couldn't run an attack.

Wade

2,600 has entered the chat.

Jason

There might be a lot more in other countries.

Ralph

Yeah, that's what I'm assuming.

Wade

But I mean, I don't think it's necessarily pay phones. I think it's just attribution.

Alex

It doesn't have to be a page.

Wade

Whether it's a. Yeah. Whether it's a. I mean. Yeah. Whether it's someone else's cell phone, a pay phone, a landline, you can't tell. Yeah, it's decentralized, basically. I mean, it's centralized, but then the actual communications are decentralized. I mean, arguably the whole pager thing was a false red herring anyway.

Jason

Oh, yes.

Wade

They just convinced them that pagers were better, even though they're not. Which I guess we should get out there. That out there, pagers are not better. Communications on cell phones are not just always monitored. They can be secured.

Jason

So, like, it's funny, because they ended up targeting them because they were getting pagers and no one else was getting pagers.

Wade

Right, Right.

Jason

Like, they got the thing. Regardless of the security ramifications of whether a pager is more secure or less secure, they ended up all having pagers and no one else really had pagers. So they ended up just being an easy target to actually get them in a supply chain, which I thought is wild, but the craziest part of the fallout. Think about it this way, right? Everyone's pager just blew up on them. Now they assume all of their devices electronic are just bombs. Right. Because they have no way of knowing at this point. And so now they've wrecked their communications for months. Right.

Ralph

They didn't assume the walkie talkies were.

Jason

Yes, well, yeah.

Ryan

And then after the walkie talkies, they were like, okay, dispose of anything that has a radio in it, has a.

Jason

Any way to.

Ryan

Has a. Has a lithium battery in it. And anything that is connected to a network. And it's like, okay, so what are.

Wade

They using cans of beans?

Jason

With, like, the.

Ryan

The guy that. The guy that maintains the carrier pigeons. Is like, I told you so, like, this is.

Wade

I mean, landlines, I guess, but what's.

Ralph

That new mesh network thing?

Ryan

Mesh.

Ralph

Mesh. Tastic mesh.

Ryan

But those have the same type of batteries, so.

Jason

Yes, but if you could dig in.

Ralph

It'S simple enough to build it. Go ahead, Kelly.

Corey

I was just going to say there's more to the story than just what's happening in that neck of the woods and the world, believe it or not, around the coffee cooler here in Florida, or coffee pot, water cooler. Common Americans are kind of afraid of this. Now, I can't tell you how many people have said, oh, my goodness, the phone in my pocket could blow up at any time. And I know there's some FUD going on, but I think the story does speak to Americans to think about. Do I dare say what's in their pockets?

Ryan

Yeah, no, you're right.

Wade

I mean, I will say there was. What was it? The Samsung Galaxy.

Ralph

Samsung. Yeah, that's what I was gonna say.

Wade

Samsung Galaxy Note 7. So this is. I don't know if everyone remembers this, but it was banned. They would literally be like, if you have this device, you are not allowed on a plane because it had a defect. It was not a terrorist. It was not an intentional thing, but it was a defective battery that could explode spontaneously.

Jason

Are not designed to explode like this. Okay.

Wade

No, they put explosives in them.

Ralph

Yes.

Jason

They removed pieces of where the battery was and put explosives in place. Right. So, you know, don't think that now your phone could be a bomb. It doesn't. You know, there's a big island, you know, of. Of difference between the two. Right.

Ben

Lithium batteries can heat up. They can. They can catch on fire, but they are not noted for exploding.

Wade

Yes, yes, that is true. That is a good point.

Corey

But we're all in the know there's a lot of people who are already Luddites and fear technology, and this just fuels that fear.

Wade

Well, I guess, honestly, it's kind of funny because the psy Ops, or whatever you want to call it, that targeted specifically those kinds of people that are, like, afraid to purchase a normal device for whatever reason and feel the need to use pagers. And now you've put yourself in a list of three or five hundred people that are using this product, which means you can be targeted. They're not going to be able to build at scale 10 billion iPhones or however many are built a year, millions, at least to that spec, or to be like, remotely detonated. So it's like, it's kind of funny how using stuff that's so specialized to one organization or one, like, group of people makes you targetable, whereas using stuff that's generic and everyone uses makes you harder to target. It's like blending in, right? It's, you know.

Ryan

Yeah.

Wade

I don't know.

Jason

I mean, that's the big message here from like a. At least that I took from this, is that what they did is they tried to make their communications more secure, and all they did was just identify themselves. So they're not blending in the noise totally. Right. And so if you want to stay in the noise, they just needed to keep using phones. Right. Regardless of that, the fact that they turned them into bombs. But if you think about it, if everyone was using pagers, if they were more ubiquitous, it would have been a lot harder for them to take this attack off, because now they'd have to individually identify, and that becomes a much different process.

Wade

Yeah, yeah. I mean, either way, I guess, like, you know, we. It's an interesting thing to think about. It's not the first time this type of supply chain attack has occurred, but it is the first time it's been kinetic. And to my knowledge of being. I mean, I guess, you know, there's been NSA revelations, you know, Snowden revealed that, you know, people could be intercepting like Cisco devices and putting wiretaps or other things or hard drives, like backdoored software for security purposes has been a long thing. You know, I'm sure it's been actively still being done at the NSA or at other intelligence organizations, but this is the first time, to my knowledge, that it was used as a kinetic with the intent to harm a physical person, not security. But stuxnet didn't kill anyone. I mean, I could be wrong, but I'm pretty sure it just broke a bunch of centrifuges and didn't actually kill anyone. Yeah.

Ben

Ben from Casey brings up a very good point that the medical context in hospitals, et cetera, they still are having a lot of pagers out there just because of the reception and the ease of use of them.

Wade

Very true, very true. But I don't. I think that they're probably not using special, you know, specialized hardware or whatever. They're probably just using, like, 1980s hardware. I mean, maybe. I have no idea. That's a good question. If you work in the medical industry and you know a lot about pagers, feel free to come on the show.

Ryan

I've intercepted a lot of the pager, A lot of the pager comms that you know in the medical field. So, yeah, they use it And a lot of times it's the. A lot of times the communications are between just kind of decentralized things. Like there's a. There's an ambulance coming in with, like, a critical patient. They just send out a page that says, you know, hey, we're, you know, trauma coming in. Yeah, because they don't. They don't have the special. The specialized, like, okay, well, we need to load up like this come. This hospital special app in order to type out a message saying, we're coming in now. They just use the pager network for that. So you see a lot. Yeah, I forgot.

Wade

I forget what it was. But I listened to a podcast a couple of years ago talking about why are pagers still used. And I think the biggest thing is like. So there are, like, practical reasons. The batteries last forever, like weeks or months. It's not something you have to worry about charging people, like having a separate device that's like, if this goes off, I need to wake up now and go do something. Or if this, you know, versus, like, people let their phones die or have notifications issues or other things. It's like, it's kind of takes advantage of human nature in a way that, like, the people who use pagers for the medical industry, no, when that pager goes off, it matters. Versus, like, if it was just an app on their phone, it'd be much easier to ignore or, you know, displace or whatever. So we're confused.

Alex

Other apps.

Wade

Yeah, yeah, exactly. So, like, I think arguably hospitals could totally just provide people with their own dedicated phones. And that's probably where it will go. Right. Over time is like, there's going to be some replacement for pagers that is like. And I think in this podcast that I can't find, they had like, a beta test for, like, you know, some phone device that was designed to be a pager replacement. But I mean, these things are bricks and they last for months battery wise. So that's a selling point for medical people. Like, don't have to worry about charging it.

Ben

But anyway, just think, though, now you. When you watch hackers, during that one sequence, when this pager goes off, he says, I'm blowing up, man. It's got a whole new meaning.

Ralph

Oh, and Mike wins. All right. You won the.

Jason

Working on that one for a while, but it still sounded good.

Wade

Let's talk about the recaptcha fish, because this is a really interesting one I think Michael wanted to talk about, and I'm sure it's on everyone else's radar too. Yeah, the Theme was like third party phishing, right? That's the theme, yeah.

Alex

So I first learned about this from a post that John Hammond made on X sometime last week. And basically the fish, it looks like a captcha, like a typical captcha that you would see to verify you're a human on a website. But instead of entering a code or like clicking on all the crosswalks, you click the verify button and it. Or actually you don't even, you don't even have to click the verify button. I just actually just ran this earlier on my own computer so I could see exactly how it worked. As soon as you open up the page, it copies a command like a whole string of text to your clipboard and it gives you instructions to just open up the run box from your Start menu. Like press Windows key R and run the Open the Run box and then press Control V to paste in that text. So when you paste it in, the beginning of the text is a command that executes whatever payload on your computer. In this case, it's an HTA file that it downloads from the server and executes on your computer. But following that command, then there's some text that you see in the run box that says like, you know, human verification, verified or whatever. So that was a pretty cool portion of it in and of itself because I thought this was a very novel way to get a payload executed and get around a lot of the problems that we face whenever we're executing payloads like Mark of the Web, actually being able to download the payload, all kinds of controls around, different file types, all sorts of stuff like that. But then just like maybe a day or so after he made this post on X, there was an actual real world phishing attack that used the exact same technique. And it actually looked like they were using the proof of concept that he built. I think they were actually using something different because it turns out other campaigns have actually used this technique before. But a really cool thing about this attack that happened was the way that they carried out sending these messages. So the attackers created issues on GitHub repositories. So they had all these bot accounts that created all these issues on the GitHub repositories. And the issue would say, there's a vulnerability in your project and click this link. And the link was to say, like GitHub scanner.com to, you know, see more information about it. And then you would go there and you would get this captcha fish. But they used GitHub's own infrastructure to send all the messages. So they'd create an issue on your GitHub repository and then you'd get this email that, that came from GitHub.com and looked very legitimate. And then they would go back and they would delete the issue that they had created to kind of COVID their track. And you just had this email that looked like very legitimate. I got one of the emails from one of my repositories on GitHub. I know somebody else bhis too. Yeah. So it's just altogether a very interesting attack chain and a very interesting technique for bypassing things like EDR and getting a payload executed in a novel but very simple way. Like very simple where you just someone opens up the run box and pastes in a command.

Wade

Yeah, I mean I think it's a really cool technique. I guess the one like question I have is like do we know. I mean it was info stealers. So I'm wondering like do we know the impact. Do we know like how much people actually fell for this? I guess we'll find out later in the info stealer feeds. But like it's kind of scary to think about. Like we know the developer angle is particularly weak of like I think most developers initial gut reaction would be like I'm scared. What did my code do wrong? They're not, they're not going to be thinking straight necessarily when they're reading this email. They're going to be like oh God, what did I do? Or oh, this is. This. I don't, this is annoying. I will say, you know, to make a joke, most developers just ignore pull requests and issues. So.

Jason

So that, that's, that's. I don't know why. It probably didn't work that well.

Wade

Yeah, it probably didn't work. No. Here's what.

Jason

All they had to do was just talk crap about their code and say how bad it was. That would really get there. You know, get them.

Wade

Your code has been analyzed and it's bound to be less than a 7 gr.

Jason

Did you use AI for this? It is horrible.

Corey

Well Corey, to your point, usually we complain about our end users and people who can't read an email or are subjected to a phishing attack. Now it seems like they're, they're coming after more of the security analysts and the developers. They've upped their game a little bit for sure.

Wade

I mean, I think, I mean it's, it's like most developers. It's a good angle. Right. A lot of developers have. This whole open source world is very decentralized and very much relies on People that aren't necessarily getting paid or compensated or have security tools or whatever and are just like contributing code. But a lot of that code is run on production servers, so it's Getting tokens or GitHub things really would be impactful to most organizations. It'd be like a kind of a third party to a third party then in. But it would definitely be a good angle.

Jason

Also, developers, I think, are the few people who are going to open up that terminal or even know where it's at. Right. I mean, I guess the command, you know, the windows are right, but still, it's just kind of interesting to just pretty much be like, hey, I got this command, you should run just to keep going. You could probably mold that around anything, right? So any way to stop something. So any kind of like, hey, we had a check that's failing. And before you can go any further to get this coupon or to get this gift card, you need to run this command on the computer to validate you're a human or whatever.

Wade

Yeah, I mean, this dovetails with the Lazarus Group article, Brian, if you have that one laying around. So Lazarus Group recently has been targeting developers as well, kind of using an old technique that we already knew about, but basically they're posing as employees of Capital One using fake job interviews, luring developers into job interviews, and then telling them they have to download software to do the job interview. So it's like they're actually posing as the people hiring from Capital One, not posing as the candidates this time. So it's kind of flipped on its head, but it's targeting the applicant this time instead of the company itself. So I guess it's, you know, again, not necessarily anything groundbreaking from like a technical perspective, but does show, like, I think they're targeting scenarios where people typically have their guard down. Right. Like if you're interviewing for a job, you're going to be like, all right, I want to do whatever I want to. Whatever I have to do to get this job, I'm going to do it. And that's the situation where Lazarus Group is taking advantage here. So.

Ryan

Yeah. And it's increasing the game for social engineering as well, because it's not just sending the random emails. You get all that security awareness training saying, like, be suspicious of random emails. But these Lazarus Group, they're engaging in conversations, they're setting up things that have deadlines, that sense of urgency. So the developers maybe, you know, may normally be smart enough to do the, okay, I'm going to do some code review security checks on this thing. But no, they've set up that sense of urgency and they're really like time boxing them and making it harder for individuals to recognize that threat. Yeah.

Jason

I mean, especially if they're using like a recruiter or something and being like, hey, this is a great job and then working through that process and then targeting the people they want and then being like, you know, offering a good opportunity and then by the time they're all through, they're like, oh, this has got to be legitimate. They're not even checking anything.

Wade

Things totally. Exactly. And it's the whole like shadow it thing. Right. Like maybe the emails and stuff didn't come directly from Capital One domains, but like there's so many teams, there's so many companies, there's so many different ways companies hire through other third parties. Like there's so many steps to the.

Ralph

Hiring this website where you can download the executable.

Wade

Yeah, yeah, exactly.

Ralph

And another thing to point is like when you become higher up in a company and organization, when you're looking at. At least it's. It's been true for me for like staff and principal positions usually these tests seem to be a bit more prevalent. Like I have had to do way more tests, way more like, hey, run through all this code this, download this, try this than lower level positions because they're trying to technical aspect of you, which I find kind of weird.

Wade

I kind of wonder like, should we have. I mean, I'm thinking we might already have something close to it, but like, do we have like OPSEC for job seekers? Like should we do like a webcast? Should we do like a webcast on OPSEC for job seekers? Like, I guess, guess.

Ralph

You know, Jason, A little bit, right.

Wade

I feel like, honestly like what we'd be advising people is like what, just use a VM for each job application that has like a limited contained, you know, scope of like a GitHub or. I don't know.

Ralph

But could you imagine as, as an interviewer though, if you were to. Then if they were to screen share with you and you realize that they're doing something in a vm, you're definitely going to think they're cheating in a way.

Wade

Really?

Ralph

Yeah, yeah. Like if you say I was interviewing you for an IR position and you're on the voice chat and then you're in and they're like, all right, share your screen and do some like digital forensics or do some memory analysis to this while we watch you and you notice it's a VM or in some Way like that. How do you know that person is now controlling the vm and why are they doing it in the virtual? It would, it would.

Wade

I mean, that's really easy. You just be like, open notepad and type hello.com.

Ralph

You would hope, but I. It's. Once again, it's like, it's the whole interviewing thing, right? It's pretty hard at some. It's hard to go through. And usually there are malicious actors that will interview for you or provide you answers. I've seen people being fed answers during interviews and stuff like that, where they take a second, you can see they're reading something over here, and then they answer your question. So I think that would add to the sketchiness of it.

Wade

That's pretty funny. It's funny. Yeah.

Ryan

I was going to say, you know, this article also, like, kind of hooks back to, like, the importance of threat intelligence. When we talked about that last, you know, last week, is. That's a growing space. But here is where, you know, like, Capital One has people impersonating them on LinkedIn. Like, yeah, I know there are tools that will absolutely light up those alerts going, hey, someone says they're a recruiter on LinkedIn. Yeah, yeah, capital One. And they're, they're sending out all these job requests. So, I mean, it's one of the things that hopefully, like from this, Capital One really, you know, steps up their threat intelligence game. But that's one of the things that from our story last, you know, last week, they did have MasterCard invested in that and said, you know, threat intelligence is going to become a thing. And, you know, even from here, it shows that, you know, one of the ways that this can be defended against is for, you know, companies like Capital One to, you know, have that intelligence and be able to smack down those, you know, domains that are spun up representing, you know, misrepresenting the company and, you know, LinkedIn profiles that are misrepresenting the company, just, you know, get on top of threat intelligence, smack them down.

Corey

Alex, did I hear you say LinkedIn?

Ralph

Oh, that's a good segue to another great news article. So you didn't know. Go for it, Kelly. Go for it.

Wade

Oh, no.

Corey

Go for it. Wait, I think you're teeing that one up.

Ralph

Okay. LinkedIn stealing all your data and training their AI bot.

Jason

What? Oh, my God.

Ralph

LinkedIn turned on a feature that is a opt. It's a opt out. So, which means you have to go and turn it off.

Wade

Off.

Ralph

It is in your settings and already turned on where they are. Training their bot with your data. There was a big stink about it this week and I believe the CEO of LinkedIn did state something about it. And I think the overall was they, they kind of did this wrong. Maybe they should have told users, but honestly, it's because we caught them. To tell you the truth, if we never caught them, they wouldn't have said anything.

Ben

Correct.

Ralph

The setting. The setting is a little bit hidden. It did take me a second to find it. I believe it's you go to LinkedIn, you go to your profile, you go to Settings, Settings and privacy, and then it's under data privacy, then it's data for generative AI improvement.

Wade

Isn't everything on LinkedIn already AI generated? Like I've not.

Ralph

That's exactly what I said.

Wade

Interaction. Okay, here's the LinkedIn thing.

Ben

On top of it that bothered me the most is the fact that it says, can LinkedIn and its affiliates. So it's not just LinkedIn that's taking this data, it's LinkedIn's affiliate.

Ralph

They're selling this data.

Wade

Yeah.

Ben

And then at the bottom it says the setting controls of training generative AI models used to create content. When this setting is on LinkedIn and its affiliates may use your personal data you create on LinkedIn for that purpose. It's creepy. It's one thing that they'd be doing it for themselves. It's another thing that they're saying, oh, we're just giving it to everybody else also to train their AI.

Ralph

Reddit's already doing it. I know everyone else is doing it.

Wade

Any AI that's trained on LinkedIn data is going to be the most long winded, unnecessarily formal. It's going to be like, hello, thank you for reading my message. I am a developer based out of Uzbekistan. I would like to talk to you. This is not AI generated. Yeah, I mean, whatever. This is the norm. Let's talk about. To dovetail this, we also talked about Slack.

Jason

Ralph.

Wade

Tell me about Slack and Disney and how that's going.

Ralph

Ooh, you want me to go on it or who wanted to talk about it?

Wade

I said ralph, but ralph's. Oh, Ralph.

Ryan

Yeah.

Ralph

No, I didn't hear ralph.

Jason

They dropped.

Wade

Okay, so there's okay. To give everyone a little bit of context. Slack uses their data for AI generation. That's the connection. But also they were breached. Slack's Disney was. Disney's Slack was breached. Yeah, Slack was breached.

Jason

It was like terabytes and terabytes of data that got leaked online. All kinds of like sensitive or should be sensitive conversations of them, you know, talking about stuff that's not very friendly customer facing at all. Right. And Disney is definitely dropping that.

Wade

Oh yeah.

Ryan

Oh boy.

Ralph

Honestly.

Wade

So what are they switching to? That's the question I have.

Ralph

That is for debate, but it's so hard to use. No one can extract the data from it.

Wade

But hold on, is there an actual news article that confirming that they're switching or did you just make that up, Ralph?

Corey

No, there's news articles.

Jason

No, no, they said that they are dumping Slack for sure. They publicly announced.

Wade

They didn't say where they're going.

Jason

They did not say where they're going. No, because why would you tell your adversary what the next thing to target is?

Wade

Okay, so I guess stay tuned, we'll see where they're going next.

Jason

They're. Honestly, they're probably going to. I don't know, they build their own teams. I don't know.

Wade

It has to be teams. Teams.

Ralph

There's nothing else. What's left?

Wade

Yeah, I mean, Matrix self hosted. Matrix self hosted. Yeah.

Jason

Here's the Most of these chat platforms, most of these large chat platforms and this is the reason why this attack happened. Right. They do not secure the data. Right. Outside of the, outside of the tenant. Right. So if you get access to it, you have access to everything. Right. It's kind of like a free for all. And the reason why, there's a couple of reasons why, but the biggest one is search. Right. So that you can ingest all this data for either training AI or just doing a search for something that someone mentioned three years ago. Okay.

Ralph

This is what happened to Uber too.

Jason

Yes. As soon as you get access to that, it is a feast of information out there. And putting all this together with no controls in place, there's no actual data encryption. Sure. I can't like listen outside. I have to get access. Right, but once you're in there, you have access to everything pretty much. And so you know, the data governance is just a nightmare with these platforms.

Ralph

There's controls you can put into. There's controls you can put into place to Section.

Jason

But not. But, but not.

Ralph

Not if they get. Right.

Jason

No, no, no.

Wade

But not from Slack.

Jason

Slack still has access to all of that data. Right?

Ralph

So yeah, but it wasn't Slack that got infected, right? They had a malicious insider.

Wade

There's. There's no app that scales where that isn't the case. So they're going to jabber.

Ralph

If you remember the dude who gave gave them access. Right. Even got ousted by the actual attackers at the End of the day, like they said, this is the exact guy.

Wade

Who gave us access to.

Ralph

It was an insider threat and they didn't lock down their internal communications enough so that guy could go and read all these other chats, which is a super common occurrence. Like go into your Slack right now and search password and hopefully you don't see anything.

Wade

Well, you know what? Okay, you know what the actual crown jewel is? It's all the custom emojis.

Ralph

That's the crown jewel.

Wade

I want to go into the Disney data breach and see all the custom emojis they had in Slack, because I guarantee you, a company with a bunch of illustrators, there had to be some interesting options.

Corey

So, Corey, I want to go back to your common thread there. That was AI and the use of AI. So back to LinkedIn just for a quick second here. One of the things we fail to realize is we don't have any sort of private legislation on AI regulation or data collection yet. But I do want to add, we do have three states that have data collection and AI governance laws. We've got California, Illinois and Maryland. But to your point about all these companies using this technology just basically vacuuming up data and we just don't know what they're doing with it. Which leads me to our next article to talk about the FTC report. And I know you guys are all dying to talk about regulations, aren't you?

Ralph

I read it. I read it. I won't lie to you. I read it.

Wade

I like the ftc. I like the ftc. The FTC is like the, you know, they're on our side, arguably.

Ralph

Lina Khan is on fire, man. That's all I'm going to like. She's all over the place. She is awesome. So pretty much the FTC came out with this report saying how all these huge companies are pretty much violating, not like sort of skirting around coppa, which is, I believe, the Child Online Privacy Protection Act. Right, Yep. So they're harvesting all this Data. So Twitter, YouTube, Snapchat, TikTok, and they're saying, hey, we don't actually have children on our Pro on our sites, but they do. And then they're using that to now feed into the AI. So children's data, not just your own data, not just your own. Slack is feeding the AI monster as well.

Corey

Yeah, it's not just children's data.

Wade

Oh, yeah, it's everyone. But the children's stuff is explicitly bam. So that's like why they're going after that angle. Like they're allowed to just Monitor our data.

Ralph

Yeah. If you remember, wasn't it Google was who got caught with a COPPA act hardcore back in the day, and it was millions and millions. I can't remember the exact, the exact amount, but it was because Google was giving away pretty much Gmail to students for free and then collecting that data and using it to sell ads. Right.

Wade

I will say unless defined scale, it's not going to matter. Because if from the perspective of capitalism, if the fine is, you know, it's just part of the cost of doing business and all you have to do is factor it in on your accounting and as long as you pay the fine as part of the business unit, then that's just the cost of doing business. It's like, you know, UPS in New York City just gets thousands of dollars in parking tickets. They don't try to park, they just get parking tickets and pay them. And it's more efficient than actually waiting and parking properly.

Corey

So, Corey, that's a really good point. One of the things that that report highlights is the incentives for these large tech companies to actually collect data. And they list nine companies in there, the usual suspects, meta, Reddit, that sort of thing. But basically they're saying the reason why they're so concerned about this massive data grab is it actually, well, it hurts our children. It creates anti competitive environment. Because once you're sucked into a system, if you're part of a social media platform, you're less inclined to try a different one. It creates these walled gardens, like I mentioned, it's anti competitive and most of all important, it doesn't actually protect consumers. So if you get a chance to read the report, it's actually very interesting. Even if you just read the executive.

Wade

Summary, all we have to do is give the kids pagers. Not too soon.

Corey

Let me add one thing to this though. In one of our previous news casts, we were talking about the Chevron doctrine. Do you remember that? That was where the Supreme Court was trying to limit the powers of regulatory agencies under the Chevron doctrine. And interestingly enough, this report falls under section 5 of FDC. Unfair deceptive trade practices. So with the Chevron doctrine being talked out at the Supreme Court over the summer, we could see this go to court and sit there for, oh, I don't know, another 10 years.

Wade

I mean, like, what? Listen, back when I was a kid, all you had to do is lie about your age. Are they exempt? Like, if I lie about my age, are they exempt from like. Or is it their job to figure out how old I actually am? Based on how many Spider man videos I watch on YouTube, not in the United States. So I mean kids out there are just going to be like, I just have to say I'm 18 now. I mean I think most apps force you to be at least 13, right. To use them. Like I think discord.

Jason

So don't ask me how I know this, but if you sign up for an Instagram account, right. If you go, hey, I'm going to make a new Instagram account or whatever it may be, it will ask you your birthday. Now if you are under 18, you can have an Instagram account, but if you are over 18, you have to submit a government issued ID to have an account.

Wade

Oh, interesting. Yes, because they can't have. Yeah.

Corey

Oh, go ahead, Corey.

Wade

I was going to say they can't have a bunch of driver's licenses for people that don't. Don't have driver's license or their kids. And they don't, they shouldn't be having kids. Driver's license.

Jason

Yes. They can't. Yeah. I mean they wouldn't have, it'd be like an idea of some sort. But anyways, I thought was kind of interesting and that is after using a real cell phone, a real email, all the real stuff. But they still wanted a government issue id.

Wade

Yeah, I mean interesting. The whole bot thing is.

Corey

Yeah, the sweet spot is Coppa is 13. Ralph, you mentioned people getting driver's licenses. 15, 16. But then if you're 18, you've got to submit that government issued ID. So what are we doing between 13 and 15?

Jason

Yeah, that's the other thing too.

Ralph

The throw another good book out there, the Anxious Generation. I read it because I'm a newly new father and it's had a great review. The childhood is causing an epidemic of mental illness. So pretty much it's about how kids get pulled in with social media and everything like that and how everything's built to be addictive and really get them on it as much as possible. And there's a couple really key things that they want the legislators to do and one of them is raise that age of 13. Like why, why is it 13? Why nothing else is 13. Like the, the average age they actually suggest is 16. Three more years I don't think is that much.

Ben

The only reason I can think of them picking 13 and this is just being a Jew is 13 is in Judaism when somebody is considered an adult, the bar bot mitzvah age. That's the only reason why I could see that they, that they picked that age out of Anything else?

Wade

I'm trying to. I'm Googling around right now, trying to even find the demographics for, like, popular apps. Like, how many under 13s. Like, technically it would be zero, right? Like, objectively, no, you have to sign.

Ralph

A waiver over, like, under 13. YouTube. You can be under 13. Then you get put into, like, child YouTube, which is still, like, super weird. Which is, I mean, just finding.

Wade

Yeah, just finding some statistics. It says here 85% of children ages 2 through 12 say they watch YouTube. Now, I'm assuming they don't have their own accounts, they're using their parents account. But you got to wonder, like, the whole data governance thing is so confusing where it's like, well, if it's. If it's my account, but I give a kid access to watch on my account as YouTube kids or whatever. Is my account now part of COPPA, or is it like. I don't know, it's so weird, like, the whole thing of, like, what accounts have what restrictions. I do not. I do not envy the developers who have to set all this up on their side of, like, okay, what app is a kid app? Or, you know, what, what ages different apps are allowed to use. All that stuff. Pretty crazy.

Ben

I've got a little bit of insight into that because I set up a Google account for. For my child, a Gmail account, and I could use that if I set that up for him for things like YouTube, et cetera, et cetera. And it does fall, not directly underneath my account, but it falls under control of my account.

Ryan

Yeah.

Ben

Where I could go ahead and set all the parental permissions for him for what he can watch.

Wade

Right.

Ben

Can't watch, et cetera. There is, but it's. It's very. It's very weird how you set, set. It was very simple, but very weird how it got set up so well.

Wade

So to bring up some interesting comments from chat, people are saying you don't need an account to watch YouTube, which is a good point. But I will say, I know from experience that if, even if you don't have an account, let's say you're watching in a completely new browser as you continue to watch YouTube, it will build, like an algorithm for you, even if you're unauthenticated. So, like, you don't have an account in the traditional sense, but you do have, like, some preferences that the algorithm has decided for you. So it's like, I don't know where that governance would kick in, whether it's when you have an account or just when they're Building recommendations for you or whatever. Obviously, they don't ask your age.

Ralph

No, there is age limited on some videos where they won't let you watch it because they claim it as violent or whatever. Like.

Wade

Right. But it doesn't. Is that 18 plus or is there like 13 plus as well?

Ralph

Probably just 18. I'm trying to think of the last video. Like, yeah, I watched where you need to log in. I'm like, I gotta log in.

Ryan

All right. I want to say that for YouTube, they have the. The account in like the age block, because I. I reset up my kids and it asked for, like, what age block are you in? And it makes recommendations based on that. You know, so it may go. It's like, okay, well, you know, if you're in that age from, you know, 8 to 12, there are certain videos that are tailored for you. And then beyond that, they go, okay, well, you're. If it's rated T for teens, effectively, then, you know, blocks that out.

Wade

All right, last article.

Corey

Let's talk about one more thing, Corey.

Wade

We've.

Ralph

I.

Corey

Here's my recommendation. I gotta throw. Gotta throw it on the pile here. We should all have story time with Uncle Wade as he reads us. Anxious generation.

Ralph

Oh, my God. Right?

Ben

It's.

Wade

It's like, I give a lot of anxiety to Wade.

Ralph

It is.

Wade

All right, let's talk about Kaspersky, also known as Ultra av.

Jason

Ultra.

Wade

What they do now, I honestly don't know how to even react to this, but it's.

Ralph

I put it in the chat, Ryan.

Wade

Yeah, yeah. It's nothing. Basically. Starting Thursday, Russian cybersecurity company Kaspersky deleted its AV software from customers computers across the US and automatically replaced it with Ultra AV's antivirus solution. So basically, they were. The US government added Kaspersky to the entity list, which is national security concerns. And this is kind of their exit. So I guess the question is, what the hell is Ultra av? Is the real question. Owned by Pango Group. Everyone knows who that is. Everyone knows. Huge Penguins. Pangos. Yeah. I mean, this is so sketchy. I mean, they did send an email. As part of our commitment to providing you with top tier service will be able to maintain through Ultra av. Is it malware? We don't know if it's malware, but it's called Ultra av, which no one's heard of, and it's made by a company called Pango Group, so you can make your own decision.

Ralph

The leading provider of digital consumer security solutions, our product portfolio includes everything your customers need.

Jason

Oh, my God. Are we watching the video he's got the voice.

Ralph

That's the description of Pango Group.

Wade

A good metric for AVs is. Is it Windows Defender? If it's not, you shouldn't be using it.

Ralph

Oh.

Wade

Like, I mean, genuinely, Windows Defender is the best.

Ralph

I was writing malware. I was writing malware in VS code, and it caught me and deleted it while I was writing it. And I was like, this is bullshit.

Wade

Windows Defender, it's like a movie.

Jason

It's like precog. It, like, goes for, like, when you.

Wade

Were born and kills you.

Jason

So you can't write malware.

Wade

Yeah, I mean, the two things, two, like, I guess I'll just make some blanket statements on av. Number one, if you don't know how it got on your computer, it's malicious.

Ralph

Looking at you, McAfee, that's a fact.

Wade

If it came with a computer, if Kaspersky installed it on its way out of the country, if you know it came with another app, whatever it is, if you didn't. If it. If you didn't put it on your computer, it's malicious, number one. So that applies to Ultra av. So please nuke that. Also, you don't need a separate AV program. Use common sense in Windows Defender. You'll be fine. You know, just like, don't be dumb and you'll be fine. But, yeah, I mean, I think you'll.

Ralph

Have ultravpn installed as well. Did you see that? It's like, you want to watch Netflix in Vietnam and have those special movies. You're good. Ultra. Ultravpn also installed.

Wade

Right.

Ralph

Right alongside.

Wade

Okay, can we, like, can we just predict next week that Ultra AV gets added to the entity list? Like, next week they're going to be like, and you're on the list, too. Get out. And then it's going to be like, what's going to be the next one?

Ryan

Maybe. Yeah, that'll be interesting because I think next week is the 30th, and that's where they say in the article that it's like, Kaspersky is just not going to provide support for their product anymore. They're like, we're just done. And if you have any questions about Ultra av, go talk to Ultra av. Just stop talking to us. Like, just.

Jason

I think it's funny. And this goes back to kind of what Cor is saying just about antivirus in general is that, like, we live kind of in a different time. Right? And a lot of these products are kind of on their way out in the sense of not keeping up with, you know, Actual detections of current threats, you know, and static analysis has kind of moved, you know, a long ways away from where we're at as far as actually needing to be in kernel and all the other things. And so it is kind of interesting just to see some of these products as they kind of end their life, you know, and other things have kind of moved in place that are actually able to detect, you know, more malicious or, you know, advanced threats.

Wade

So totally don't use av if you, you know, if you feel like you need it, just don't click that link.

Ryan

I looked at one of the links somebody posted for like the transition to ultra AV and it says like you're subscription also includes like the vpn, a password manager and they do everything.

Jason

I was looking at their website, they're kind of.

Ryan

They just switched your product without telling you. And then it's like, oh, by the way, would you like to store your passwords with us and would you like us to provide identity, staff protection?

Jason

These companies that exist, they just like pop up out of nowhere and they're like, we are a top tier antivirus company now. You should install.

Wade

I can't wait. I cannot wait to see people analyzing all this. Like it's just going to be like it's an open source bitward and password manager that they branded. It's like, I mean it's insane. There is a generation or a whole target user of people that will be like, well it popped up on my computer so I use it. Like that's their whole.

Ralph

The best thing. Pango Group doesn't even own pangogroup.com. there's a Pango Group real estate that owns Pango Group.

Jason

No, they're Pango dude.

Wade

They don't have that kind of money. They spent all their money convincing Kaspersky to like Trojan their software under their computer.

Ralph

Watch, we hear Pango Group gets, gets totally owned. And then the threat actors went after the wrong Pango Group.

Wade

Bingo. Real estate. Real estate is going to be your own. Yeah, I mean I honestly there's also. We kind of glossed over this, but I guess maybe we should get into the technical discussion of why would a program have the privileges to just nuke itself and install another program on your computer without your consent?

Jason

Well, no, it was in the consent when the first time you installed it. So you consented to reinstall by installing.

Wade

This program, you consent to us installing any other programs we feel like on your computer?

Jason

Yeah, I mean in essence it probably says something, something along those lines for your safety.

Ralph

Yeah, Actually Lazarus.

Wade

Yeah, I mean seriously, like I would if you somehow are running also that the last question. Then we'll close this. How many people can there possibly be in the US using Kaspersky? And who are.

Ralph

They're government contractors. Who?

Jason

Government contractors. I mean, back in the day, that.

Wade

Used to be the thing you did, right?

Jason

You got your computer, you're like, well, I need antivirus. Everyone needs ant. You gotta, you gotta install it, right? So it was like it was a thing for a while. And you know, Windows used to be a lot more, more dominant than it is today. And you know, that used to be the thing, but now it's kind of evolved and you know, Microsoft put it in their product and you know, it's not that bad.

Wade

True. That's a good point. I'm serious.

Corey

One of our friends in the chat mentioned Lenovo. I'll just leave that there.

Wade

Yeah, these like bloatware deals are. I mean, I. We don't know all the negotiations happen behind closed doors.

Alex

The only.

Wade

I mean, but they've got to be exchanging big, big, big stacks of cash for this.

Jason

Oh yeah. Just like immediately get a million customers.

Wade

Who doesn't want that?

Jason

Right?

Wade

Yeah, you can literally buy a million customers or buy a billion customers or whatever like it is. I'm sure the contract negotiations for this kind of stuff is wild.

Ralph

We could have done it. We should have done it. And we just installed Clam AV on everything.

Jason

I know. All I'm thinking is, is like Broadcom just entered the chat. I mean this is their whole company.

Wade

Oh, how many AVs can we buy in a month? Let' do this.

Ben

Pango Company. I was just doing a quick little bit of research. Pango Company's website is pango holding company.com they claim to have been around for 20 plus years. The date that Pango holding company git.com was created. 1 12, 2024.

Wade

Well, that's impressive. They've even been around for a year. Almost a year.

Ralph

Is Pango Group also owned by some Russian too?

Ben

Their mailing address is in Iceland.

Corey

Neither confirm nor deny.

Ralph

Yeah, that's pretty close to Russia if you ask me.

Wade

Let's look up the who is registration date for ultrasecureav.com.

Jason

Is that the actual website?

Wade

I think it's just Paul co Ultra Secure AV. Let's see. Was originally registered July 17th.

Ben

Again, they say that they've been around for 20 plus years.

Wade

They've been around for 20 plus years. Don't question the fact, honestly. Let's go back through the wayback machine and see if we can find a North Korean text on the page. This investigation will continue offline. Thank you for coming to the news. We will talk to you all next week. Thank you for coming. And have a nice, happy pizza mess.

Kelly

Before, before we sign off. We've got something coming up in a few weeks. Wild West Hacking Fest.

Jason

Oh, I forgot about that.

Ralph

I forgot.

Kelly

And that week we're not going to be on on Monday. We're going to be on on Wednesday. And it's going to be a little bit later than usual. So heads up.

Ralph

A little bit later.

Kelly

Live from Wild West Hacking Fest. I don't like.

Wade

I'm scared.

Ralph

Don't worry, we'll have walkie talkies by then.

Wade

Okay, that makes better.

Ralph

No pages. No pages.

Jason

Weird reason.

Kelly

All right, thanks, everybody.