Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland... - SWN #379

Speaker 20s - 31.1s

It's the Security Weekly News, and it's episode 379. It's Friday the 19th of April 2024. We've got Windows 95, Cheat Lab, Last Pass, Kubernetes, Sandworm, Bloom Tech, Frontier 9-11, or I'm sorry, 911 PRODUCT. That's a very different thing. Aaron Layland and more on this edition of the Security Weekly News.

Speaker 331.86s - 43.7s

This is a Security Weekly ORG production for security professionals by security professionals. Please visit security weekly.com forward slash ORG subscribe to subscribe to all the shows on our network.

Speaker 243.72s - 49.16s

forward slash subscribe to subscribe to all the shows on our network.

Speaker 053.3s - 53.66s

It's the show that keeps you up to date on the latest security news twice a week.

Speaker 257.04s - 60.52s

Your trusted source for accurate security information and expert analysis. It's time for the Security Weekly News.

Speaker 364.2s - 107.92s

Created in 2005 and hosted by Security Industry Veterans ORG, Paul Security Weekly ORG is your source for in-depth coverage of the latest vulnerabilities, exploits, and security research. Our weekly security news discussion dives deep into the security issues we face today and potential solutions in a fun and lively atmosphere. Each week we bring on guests from the security community to learn about their journey and discuss topics relevant to their work and research.You can also subscribe to our show by visiting security weekly.com forward slash subscribe or look for Paul Security Weekly in your favorite podcast catcher. We've recorded a ton of content over the years, so we created Spotify playlist featuring some of our favorite episodes, including interviews with Marcus Random, John McAfee, and Chris Roberts PERSON, to name a few. You can find them at Securityweekly.com forward slash starter packs.

Speaker 2111.12s - 1519.98s

All right, it's the Security Weekly News from the island of Elba. I'm Doug White PERSON. Please don't forget to hit that like and subscribe button for that deep feeling of satisfaction of, well, liking and subscribing. I mean, it's like an addiction. All right. Well, you may recall me mentioning the classic star trek.com game on the BBS ORG or not. I mean, I've often mentioned that classic moment.It's an oldie bit of goody. It's a fun game that erases your floppy disk if you run it. You know, it's like, oh, Star Trek WORK_OF_ART, I'll run that. And then it wiped your, it didn't wipe your hard drive because that didn't exist at the time, but it wiped your floppy disk. Classic.Don't know who wrote it. Could be anybody. But just to remind you that some things never go out of style, a new info stealer, which has been linked to Redline, which is, of course, the classic Info Steeler PRODUCT, claims to be a cheat tool called Cheat Lab PRODUCT. Now, if you don't know what a cheat tool is, it's when you play video games and you just really can't figure out how to get the safe open or whatever, and you finally just say,I need a cheat. It's also cheat code so that you can get them for games and, you know, and bump up your money or whatever kind of thing like that. But this one, Cheat Lab PRODUCT promises a free download if you get your friends to install it as well. Hmm. Well, one thing is people are always looking for game cheat codes. And there's been plenty of these kind of things filled with malware on wear ORG's sites forever. I mean, if you've ever searched for a cheat code, you know that half the linksare some kind of malware. But this is a nice new one, apparently. So basically, Redline ORG, which has been around for a while, is an info stealer. So Redline ORG can harvest passwords, cookies, auto fill info, wallet info, pretty much anything that's on the system. But this new one uses Lua PRODUCT bytecode, which is hard to spot. And it also uses just in time compilation. So that means that you've got a file with bytecode in it, which looks like garbage. And then, you know, when it's needed,poof, it compiles it right there on the fly. And that means it's hard to see. The new malware does use the same command and control servers as redline, but the new malware isn't redline, apparently, and it behaves somewhat differently. The malware itself is a zip file, which is an MSI ORG installer inside of it, that unloads compiler.exe and lua51.d. DL, so like area 51, 51, I don't know. But it also drops a readme.com, which contains more Lua byte code that will be compiled. So this is how they get around all your Microsoft Defender ORG kind of products because itbasically isn't anything until it is. The CheatLab PRODUCT installer tells the victim while it's installing that you'll get a free, fully licensed version of this tool if you'll just get somebody else to sign up. And it even has all this fancy pop-up windows. It has a license code in it and says the full version will be unlocked as soon as you get someone else to install it. Doesn't seem like that that actually does anything according to article.It basically just looks like you know, you get it. You want to use the full version, of course. And it may you know, you get it. You want to use the full version, of course, and it may not even give you the cheat code you want. But basically, since it's all uncompiled bytecode, it's really hard to detect. Now, once it's installed, like if you actually run it, it phones home, sends screenshots of the active window and system information, and then it waits for commands to execute to be sent from the command and control.So I guess my point here is not about gamers trying to cheat as much as it's about warning all your people about this and warning them often that this kind of thing goes on, because lots of people have been infected this way, and a lot of people have been infected with wares in general. But when people are trying to figure out how to get that magic door to open, you know what, or how to get more hit points, they do tend to act fast. So they immediately search and go, oh, here's one. And they download it and run it.And now it's too late, especially if they go ahead and get somebody else to install it as well. So it's a big problem. Well, last pass again. Yeah. We've had a lot of last past stories, which is starting to worry me somewhat. This time, LastPass is warning of a campaign, which is targeting their users with a crypto chameleon. Crypto chameleon, if you aren't familiar with, it is a fishing kit, which is focused on cryptocurrency theft. Now, this kit was first spotted this year being used to target federal communications or FCC employees using a custom crafted OCTA ORG sign-on page. Mobile security company lookout saidthat the campaign is using this fishing kit is also targeting Binance, Coinbase, Kraken ORG, and Gemini using pages, which impersonate Okda, Gmail, iCloud, Outlook, or, you know, just about anything, because all they got to do is put up a page and then get you to go to the login screen, and that's it. They're also targeting the artist formerly known as Twitter, which we now call X, Yahoo, and AOL ORG.LastPass ORG found that their services had been recently added to this fishing site and was being hosted at a site called Help dash lastpass.com as a domain. One of the tactics that they were using in this was a call from an 888 number which claimed that your unauthorized access to your last pass account was occurring and that you could block this unauthorized access by pressing one or two. I'm not sure why it's one or two,but I didn't listen to the message. But that basically when you did that, it triggered a follow-up call to your number to resolve the issue. And the second call comes from a spoofed number with the caller posing as a last pass employee. They then send an email from support at last pass, which links to the fake last pass site. So a spoofed email is a bunch of social engineering constructs in one operation. Now, of course, if you go to that last pass site, it asks you to enter your master password.So this is the password you're supposed to never, ever give anyone or use anywhere else, it's so forth and so on. And, you know, of course, if you enter your master password for last pass, well, you know, the rest of that story. Apparently, the site has been taken down as of today, but it's likely this is going to get used over and over again. And this whole package is very versatile. It targets all kinds of different operations. So you might want to have that talk again with people about how to effectively use vaults, but how also to never, never, never, never answer the telephone or give out informationlike this. I think that's the lesson. Just don't answer the phone. I told my parents not to answer the phone unless they specifically knew the number or it was in their contact list. Let them leave a message.But seriously, you may want to put something out about this kind of thing because as companies have switched to password vaulting, it becomes a huge dire threat because if that password vault is compromised, they may be able to get into your systems as well. So it's not just a personal thing. Social engineering, like Rust PRODUCT, never sleeps. Well, speaking of crypto, another crypto mining campaign is using five vulnerabilities in open metadata to infect environments, and in particular, Kubernetes environments, according to Microsofton Wednesday. I really like saying Kubernetes PRODUCT. It's just a nice word, right? Sounds like something you order in a restaurant. Everyone looks at you admiringly. Like, genre la Kubernetes, if you play.You're in a perfect tuxedo with an English NORP oval cigarette and an icy Sapphire martini, later, Baccarra PRODUCT. Damn, if this network were any good, we would have had a sharp cut flashback right there. I'm sorry, where was I? Oh, yeah, Kubernetes PRODUCT. Say it three times, and George Lazenby PERSON will appear and punch you in the face.Okay, I'm sorry, I'm sorry. Back on track, back on track. Kubernetes, it's what's for dinner tonight. Okay, somebody stopped me, a bucket of water or something. Okay, one more. Kubernetes environments have been targeted by this per Microsoft intelligence report and said that the attackers used the five recently disclosed vulnerabilities in the open source metadata management platform to deploy crypto miners on Kubernetes PRODUCT clusters since the beginning of this month. Now, I mean, obviously, Kubernetes PRODUCT clusters can be pretty powerful. So being able to dump your crypto miners there is a pretty good idea. Now, if you aren't familiar with open metadata, it basically enables you to manage all kinds of different metadata in your systems across multiple data sources in a central repository.So it's a useful tool. But compromising this can allow lateral movements, since it's connected to just about everything on the cluster, the attackers download a crypto mining related malware payload from a server in China GPE, which hosts other tools. So prior to deployment of the crypto miners, the attacker sends ping requests to out-of-band application security testing domains, which is probably to determine a network connectivitybetween the target and the attacker without creating a lot of suspicious traffic that might get noticed because probably nobody's seeing this stuff. They then reconn the environment with inquiry things like the network, the hardware configuration, the operating system, system version, and active users. They also read the environment variables of the open metadata workload, which may have credentials and connection strings in it, which can assist in lateralmovement. Then they install the malware and include a, this is like, there's a sad note that gets installed literally. And it tells, it talks about how poor they are and how their families are desperate and they need to buy a car and all this kind of stuff. So please allow them to continue crypto mining on your system. And it even includes a Monero ORG wallet, which would allow you to make donations to them because you feel so sorry for the hackers.I mean, talk about virtual instant Stockholm syndrome. Somebody robs you to an alley and directs you to their help Glenn buy an eight ball fundraiser. I, you know, I'm like, really? I mean, anytime anybody's gotten one of my systems, I did not feel, you know, benevolent towards them, even if they told me a sad sob story. Anyway, the blog entry linked in the story includes indicators of compromise, and it did say that they found this due to the attacker setting off alarms and defender for containers alerts. The vulnerabilities are in open metadata versions prior to 1.3.1. It is patched.open metadata versions prior to 1.3.1. It is patched. But the advice that they give from Microsoft ORG is that you should patch, obviously. Use strong authentication and replace default credentials if you're exposing your platform of the internet. I'm going to correct Microsoft ORG there and say, you need to do all these things and replace default credentials. I don't care where you're running it. Don't leave default credentials in place. So do those things regardless. Sandworm is a well-established military-aligned attacker from good old Russia. And there was an attack on a Texas GPE water facility that has beenattributed to them. Now, Mandiant published a report on the matter and said, quote, no other cyber gang has played a more central role in shaping and supporting Russia GPE's military campaign against the Ukraine than sandworm. I was like, wait, what? Is this Texas GPE that's in Texas, or is it like Georgia and, you know, there's a Georgia in Central Asia? I think it's Texas GPE, you know, like Austin and Dallas, not like Texas, USSR GPE. Well, anyway, the story finally winds around to telling us about Muleshoe, Texas GPE, which really sounds like it's probably a Texas, Texas. You know, I mean, yeah, I said that right. Muleshoe GPE. It sounds like that place where you run out of gas and end up in a castle at a party doing the time warp.Actually, that's a lot more likely to happen in Windsor, England GPE than it is to happen in Muleshoe, Texas. But Mule Shoes FAC where you run out of a gas and end up in the middle of a cannibal clan or something like that. I mean, who am I, Toby Hooper PERSON? Anyway, a telegram account called Cyber Army of Russia Reborn posted a video that claims to show hackers manipulating settings on the Muleshoe GPE, Texas facility, the water facility on their human machine interface, or HMI is what they call it in the ICS world. Local officials later confirmed that the attack did happen and that it caused atank to overflow, but it did not interrupt water delivery. Mandiant ORG said that the cyber army of Russia GPE reborn was one of several front personas or hacktivist identities affiliated with sandworm. And we all know that Russia GPE has been interfering in our elections. They've been interfering in our infrastructure. They've been doing all kinds of stuff. Now, this likely means, though, this latest one, that Russian, Chinese NORP, and Iranian attackers are all targeting U.S. water supplies and infrastructures in recent days. I mean,this is the kind of terrorism that makes people uncomfortable. But my own take on this is that maybe these are test runs. You know, I mean, why on earth would a nation state be targeting the water supply in Muleshoe, Texas GPE? You want to target Dallas and you find out that Muleshoe GPE uses the same kind of ICS stuff that they have there. And I don't know, I'm just making this up. So don't quote me. And I don't know that Dallas has the same thing they have in Muleshoe GPE, but could be, right?So you go after the weakest link, the lowest hanging fruit, test everything out and go, wow, that worked. And then you can target who you really want. So maybe it's a practice run or a beta test, or maybe they're just targeting places like that to piss people off. I don't know. But honestly, making people in places like mule shoe angry is usually a bad idea, at least in Colorado GPE. I mean, we had places like that in Colorado, too, and then, you know, they don't just get mad. They, like, load all their weapons up, getting an old pickup truck and come hunt you down. And if they have to paddle their pickup truckacross the Bering Strait LOC, hey, they're doing it. So don't mess with those guys. They get, they get really frustrated. And, you know, and they're maybe cannibals. That's always a bad thing. The U.S. Consumer Financial Protection Bureau, which is called the CFPB, has issued a fine to a coding boot camp company called BloomTech ORG for allegedly deceptive business practice. And I had never heard of this company at all, but I was interested in it because we do get people all the time asking for recommendations on coding boot camps and things. Now, Bloom Tech ORG claims on its website, which I went and looked at, that it will help students land their, quote, dream job in tech companies like Amazon, Cisco, and Google ORG.Okay, nothing new there. I mean, but honestly, the minute I start seeing people talk about shortcuts to dream jobs, I usually tend to immediately go, scam. I mean, my dream job is being Keith Richard Guitar Tech ORG and drug tester, but I doubt I can get that with a one-week boot camp or even a six-month retraining course. But CFPB ORG said that they took action against Bloom Tech ORG and its CEO for not disclosing the true cost of its loans to studentsand allegedly claiming over-optimistic hiring rates for the graduates. Imagine that. A for-profit school taking advantage of people. No way. Right. Way. Well, anyway, BloomTech ORG was formally changing your name a lot also applied. Bloomtech changed their name, but they were originally called the Lambda School ORG, which a pretty cool name. It sounds like someplace that, you know, Dr. X would be working. But Bloom Tech used to be BloomTech changed their name, but they were originally called the Lambda School ORG, which a pretty cool name. It sounds like someplace that, you know, Dr. X PERSON would be working.But BloomTech used to be called Lambda School and has been around since about 2017. They offer, according to their website, six to nine month vocational programs in science and engineering with a focus on computer technology. Now, the complaint said that Bloom Tech ORG and its CEOs sought to drive students toward income share loans that were marked as risk-free. Oh, boy, this is like, how many red flags can you have? But they carried significant finance charges in many of the same risk as other credit products. And if you don't know what this all means, and of course, a lot oftimes students who are seeking to improve their lives and or get out of poverty or all kinds of stuff often don't know what any of this stuff means, so maybe pass it along. But an income share loan basically means that they loan you the tuition, right? So they say, we'll loan you the tuition, but we get a cut of your income. So this is the old music agent kind of approach, right? You get these agents come up when you're playing after you come off stage and they go, hey, you want to sign this document.I'll help you get some gigs. And then you notice that you've just agreed to pay 10% of your income for the rest of your life. This wasn't that bad, but it was pretty bad. Apparently, there was a $4,000 finance charge to use the loan. So they just charge you this $4,000 up front. And then the students could end up paying up to $30,000 their income to Bloom Tech ORG to settle the loanfor taking this six to nine month course. The school claimed hiring rates were between 71 and 86% for graduates, but the actual rate was closer to 30% to 50%, which was disclosed to investors in a private report. An example was cited where the CEO claimed that one cohort, you know, like a starting group of students, had a 100% higher rate, but later clarified in another private report that there was only a single student in that cohort, but I guess they did get a job.Now, as of this morning, that 86% job placement claim was still on their website. I went and looked. And one of their examples on the cover page was a testimonial from a student who said, I went from a stay-at-home mom to Amazon engineer in six months. Okay. Of course, they didn't tell you anything about this person's background. So maybe they were a stay-at-home mom who also had, you know, like a lot of advanced degrees in computer science from previously. But the CEO said on X that they accepted the penalty but denied the allegations. The sanctions from the U.S. GPE government said that the students don't have to pay any income share loan payments if they didn't get a job in the past year. They did have to cancel the thousands of dollar finance charge for students who graduated more than 18 months ago and don't work a job making more than $70,000 a year. And current students must be allowed to drop their loans and withdraw or be able to use a third party loan in lieu of theincome share loan. BloomTech and the CEO have agreed to pay into some kind of victim's relief fund, and the CEO is now barred from any kind of student lending for a decade. I mean, look, I'm a big fan of caveat, mTOR. Don't get me wrong. I mean, you know, I mean, let the buyer beware.But education institutions should have to be honest and forthcoming with potential students, especially regarding loans. This is a very common practice in the United States GPE where there's all sorts of these for-profit academies. They rack you up a huge bill and you end up paying, and they're always targeting people who are probably the most vulnerable parts. Please always read the fine print or get somebody to help you before you sign anything involving money or anything else for that matter. Telco Giant Frontier Communications informed the Security and Exchange Commission ORG, they are the SEC in the United States GPE, that certain systems were shut down following an attack, another infrastructure attack.The incident was found on 14th of April and a third party gained unauthorized access to the portion of their IT environment. Frontier ORG said they immediately initiated their incident response protocols and took steps to contain the incident, which including shutting down certain systems. This resulted in an operational disruption. They said the attack was likely a cybercrime group who gained access to various data stores, which included personally identifiable information. They said they have contained the incident and restored core IT environments, and they're in theprocess of restoring the normal business environment. They said law enforcement had been notified that the incident will likely not have a material impact on its financial condition and so forth. They did not, however, in this SEC ORG document, disclose what sort of attack it was, but everything pointed to ransomware. They do have a notice on their website that informs visitors. They're having technical issues with their internal support systems. Frontier ORG, if you aren't familiar with it, is based in Dallas, Texas GPE, and provides broadband internet, computer tech support, and digitaltelevision to residential and business customers across the United States and also provides old landline phone services apparently as well. So if you're a frontier customer and you're actually able to see this, now you know. In the United States, 911 PRODUCT, 911, I keep on to say 9-11, 911 services for emergencies. A lot of places that's 9-99 and so forth, but in the U.S. GPE it's 911. Four U.S. GPE states have been experiencing widespread outages of their 911 lines, which have affected emergency calls in South Dakota, Nebraska, Nevada, and Texas GPE.It's like the Texas news today. Most of the lines were down for one to two hours, but services were gradually restored. This is pretty bad. I mean, this is very chaotic, and we did some test exercises in the Northeast with this 911 PRODUCT outages to see what the backup plans were. A lot of different systems were reported from mobile phone failures, busy signals, you name it. They've not yet identified a cause for the disruption,but the Del Rio Police Department ORG, also in Texas GPE, said the issue was caused by an outage with a major cellular carrier, but did not name the carrier. The South Dakota Department of Public Safety ORG, band name called it, said there was a 911 disruption and urged people to text issues to 911 PRODUCT instead of trying to call and ask people not to test dial 911. Apparently people were, you know, oh, is it working?You know, just in case, don't call 911 PRODUCT. They track the calls. They'll come to your house. If you just call them and hang up, they often dispatch officers. Just letting you know. The Las Vegas Metro Police Department ORG reported an outage affecting 911 calls from landlines,and their non-emergency phone line was down as well and urged people to use a mobile device or text 911 PRODUCT instead. That lasted about two hours. I wonder how many things people tried to call into 911 in Las Vegas in two hours with. I'd love to listen to those calls, right? Do you think she's dead, sir?Don't roll her up in a rug. Not a good idea. But anyway, all this occurred, ironically, during the National Public Safety Telecommunicators Week. Hmm, maybe this is more testing of our infrastructure. So if you want to cause public chaos,you take down public services like water, then make 911 PRODUCT unavailable, and then you unleash the Kraken, which is, I guess, like a massive drone army. We need to work on this infrastructure thing, folks. I mean, it worries me a lot when I see nation states doing this. It's like, what is this a prep for? And I'm not even that, like, you know, conspiratorial, but it makes me worry. It's making me go gray, I think. Or that could be all that gin.I'm not sure. All right. I'll see if I can read this. Javara PERSON and pro de cedezio, or de crete de re. And that young and brave fellow described in that opera is Aaron Leland PERSON. Hi, Aaron.

Speaker 01520.66s - 1526.46s

Ooh, love the passion on the show today. You can tell you're an educator, caring about the education.

Speaker 21528.2s - 1533.82s

Well, maybe, or maybe I'm just hoping to, you know, they're cutting me out of all the nasty loans I was going to make for students.

Speaker 11534.5s - 1536.08s

Well, let's not get into that.

Speaker 21536.08s - 1540.44s

But, yeah, loans for students should be tax-free no matter what.

Speaker 11540.6s - 1544.24s

Come on down to dugsloans.com ORG, where prices are insane.

Speaker 21544.56s - 1546.02s

Doug PERSON's given tax-free loans

Speaker 11546.02s - 1551.7s

students. Don't cut that eye, please. Okay, right, today's article with inspiration and quotes from the

Speaker 21551.7s - 1558.22s

Hagger News. Love the Hagger News ORG. AI co-pilot launching innovation rocket, but beware of the

Speaker 11558.22s - 1563.48s

darkness ahead. Literally only picked this because of the title. Such a cool title. No idea of it's

Speaker 21563.48s - 1565.12s

written by Manor Machine ORG.

Speaker 11570.78s - 1873.16s

Actually, Hocene ORG, because it's that cool. Okay. Artificial Intelligence, AI to Friends, has rapidly become a cornerstone of technological innovation. It offers solutions and possibilities that were once only found in the realm of science fiction. Oh, yes, it was. However, the swift adoption and integration of AI into various systems has outpaced the development of security measures. This has left AI systems and the systems created by AI vulnerable to sophisticated attacks. And as we continue to rely on AI, like me all day, every day, love it. For various tasks, it's crucial to understand the potential risks and work towardsmitigating them. Machine learning, they call it a double-edged sword, which forms the core of many AI systems, has the ability to process and learn from the vast amounts of data. This makes it incredibly powerful, but it also makes it susceptible to manipulation. A little bit about a talk I did five years ago. Rewind. I should pull it out again.It's probably not changed. Hackers can exploit this vulnerability to feed misleading data to the machine learning algorithms, causing the AI to perform erroneously or even maliciously. This is, just like Doug today, this is a significant concern that needs to be addressed as we continue to integrate AI systems into our lives. Right, GitHub ORG co-pilot and its security flaws. They talk about this.GitHub co-pilot powered by OpenAI ORG's codex is an AI tool that suggests code snippets to developers significantly improving their productivity. That's what they say anyway. However, studies have shown that a significant portion of the code generated by co-pilot may contain security flaws. No shock.These flaws include vulnerabilities to SQL injection. When are they ever going to go away? Never. So easy to get rid. And buffer overflow attacks, not so easy to get rid. Which are common in attack vectors for hackers,as we all know. The imperative of secure coding is to mitigate the risks associated with AI tools like co-pilot. Developers must adopt secure coding practices. It's like you talk about like DevOps and then DevSecOps ORG and everybody still calls themselves DevOps and nobody cares about the SEC ORG, do they? Or at least only retrospectively.Such a nightmare. DevSecOps ORG, that's where it's at, remind everybody. So they need to understand the mechanisms behind AI's code suggesting capabilities and continuously update their security measures in line with the evolution of AI. This includes implementing strict input validation. I'll say it again, strict input validation. Sec'll say it again, strict input validation,secure management of dependencies, regular security assessments, and a thorough review of AI suggested code. So from my viewpoint, AI tools like GitHub ORG copilot represent a significantly forward in coding efficiency.Maybe the code will write his own code. However, they also underscore the ever-present need for vigilance in secure coding practices. Developers must not solely rely on the capabilities of AI. They need to enhance their understanding of potential vulnerabilities and maintain a proactive approach to security. So, implementing strict input validation. Of course, right. I'm not going to go through all that, but I've gone through it.I won't go through it again. So as AI continues to evolve, it's crucial for developers and security professionals to stay informed and educated on the latest security threats and best practices. That's why you listen to Dr. Doug PERSON and the other shows. This is not just about safeguarding our individual systems, but alsoabout protecting our digital infrastructure as a whole. The future cybersecurity lies in our ability to adapt and respond. Of course it does. Right. So pull directly from the article, and you can go to the article, there's bits in it about understanding the vulnerabilities, elevating secure coding practices,adapting the secure development lifecycle SDLC, and continues vigilant and improvement, mostly what I just talked about. But get over the articles in the show notes, as always. So in conclusion, while AI brings numerous benefits and advancements, it also introduces new challenges and vulnerabilities as we continue to integrate AI in their systems, we must prioritize security, prioritize security, and adopt a proactive approach to mitigating potential risks. This will ensure that we can reap the benefits of AI. So much bad press about AI at the minute, about it hitting a boom-bust cycle.I don't know. It can only get better, although we're going to have about a million data centers, planet of data centers with GPUs and stuff. Okay, back to Dr. John PERSON in the studio while I run off to watch IMAX for the June 2, that's where I'm going. And I'm going to leave you away, quote,once men turned their thinking over the machines and the hope that this would set them free, but that only permitted other men with machines to enslave them. Frank Herbert PERSON, Dune PERSON, peace out,party people and back to Doug PERSON. Yay,

Speaker 21873.52s - 1888.44s

thank you for a Frank Herbert PERSON quote. Always makes my day. I thought that plant was getting ready to maybe chomp you or something. It kept moving. No, the one behind you,that big one. It kept wiggling and wiggling. Oh, you're going to bite it back. Okay. This is what Aaron does when we're not watching.

Speaker 11888.7s - 1890.7s

Attack of the plants. Attack the plants.

Speaker 21891.08s - 1894.88s

Yeah, it's like a cat. That's what my cat does. Chomp plants.

Speaker 11895.08s - 1895.84s

Thanks, Aaron.

Speaker 21896.04s - 2073.56s

You're welcome. And finally, if you ever played Wing Commander, maybe you didn't, but it was a classic computer game back in the day. It was one of the things that was interesting that came out of it was in Wing Commander 3 PRODUCT and the testing of Windows 95 PRODUCT. Yes, Windows 95. So when the world was young, there was this dreadful thing called Windows 3.0 that begat Windows 3.1 PRODUCT. These were shell gooey systems that sat on top of DOS, which was a text-based operating system, much like Linux PRODUCT.Now, Win95 was the first OS that Microsoft ORG did that was an actual OS and not just a GUI shell laying on top of DOS. They wanted to test it as much as possible before they released it, unlike things today where they just release it and say, hey, you know, you guys figure it out. where they released it, unlike things today where they just release it and say, hey, you know, you guys figure it out. But the story goes that a manager, they had so few resources at Microsoft ORG for testing this stuff that one of their managers went to a local game store, which they used to have stores like that that just sold software. I mean, they still, they still kind of do, you know, like GameStop ORG and stuff like that. But basically, it was like those places whereyou could rent movies, you know, that on VHS tapes that have been recorded over by this guy named Morton, his girlfriend, Rihanna PERSON, and they returned it. They returned the wrong tape. And your whole childhood was scarred for life because you thought you were going to see something, you know, G-rated. Yeah. And you learn something. But, you know, anyway. So what happened was the Microsoft ORG manager went down there and bought one of every product they had for sale, and then they had all their team members install these products on Windows 95and run them like normal users to see what would happen. And they found out that in the game, and this was a very interesting thing, because it ended up affecting all the Microsoft ORG products going forward. In that game, it was a keyboard game. So they didn't have mice or anything back then.It was literally a keyboard-driven game. And there was a cloaking device you could get for your ship. And you activated it by pressing Control C. And in the Windows 95 PRODUCT version, that didn't actually work because the key combo was in use for Control C. And in the Windows 95 version, that didn't actually work because the key combo was in use for Control C PRODUCT and you couldn't use the cloaking device. So the key combo worked in DOS, but it didn't work in Windows 95 PRODUCT. And when I had that game, I played it in DOS. I never hadWindows 95 PRODUCT on much of anything except as a joke. But they ended up having to tweak the Control C handler so that it was only installed when a clipboard paste operation was active and not in use otherwise. And that particular handler approach has persisted to, I guess, till today. But that made the Control C PRODUCT command work in the game. And you could get your cloaking device engaged and you could sneak past a kill Rothy.Yeah. good times. All right, well, that's the news. Thank you, Aaron, and we will see you next time on the Security Weekly News.