Cybersecurity: Amplified And Intensified

Episode 24 - Where is the risk?

August 09, 2021 Shiva Maharaj/Eric Taylor/Brian Weiss/Robert Nelson
Cybersecurity: Amplified And Intensified
Episode 24 - Where is the risk?
Chapters
0:00
Intro
0:11
Kaseya NDA
5:06
SolarWinds Orion breach used to read Prosecutors' emails
7:36
No privacy with metadata
8:51
Voice assistants are always recording and sending telemetry data
10:23
Politicians compromised by technology
11:30
Vince Crisler of Dark Cubed called it on Tuya
12:40
Compromised hardware and beacons
14:35
Chinese companies are not accountable
15:35
Manufacturing and immigration to bring down the cost of domestic manufacturing
16:40
Life has a cost, not a value
17:15
If China can do it, why can't we?
18:44
Podesta and senior Senators are registering as lobbyists for Huawei
19:17
A forgotten thing called PATRIOTISM
20:18
Ransomware updates with Eric (Conti and Lockbit 2.0)
22:15
Unauthorized access should equal a breach
23:47
The world is desensitized to ransomware
24:45
Education is better than a tool
26:12
Vendors steal your ideas with Partner Advisory Boards
27:18
Vendors charge you to make their products better
30:31
Hive Nightmare/Serious SAM vendor failures
39:58
Vendor security illusions
40:58
Pay for a result, not a service
43:00
Make an impact with what you do
44:10
Trust but verify
46:26
Push your vendors to be better
50:30
Security should be more important than convenience
51:10
New features are just unidentified vulnerabilities
53:19
Zero knowledge is limited
54:15
FBI Managed Security Services
54:33
Closing
Cybersecurity: Amplified And Intensified
Episode 24 - Where is the risk?
Aug 09, 2021
Shiva Maharaj/Eric Taylor/Brian Weiss/Robert Nelson

On this episode we dig into where responsibility and accountability, compromised hardware beaconing, Senators lobbying for APT's, defining a breach with two words, how much should you have to push your vendors security development, zero knowledge and more.

Eric Taylor | LinkedIn 
Twitter: barricadecyber 
www.barricadecyber.com 

Shiva Maharaj | LinkedIn 
Twitter: kontinuummsp 
www.kontinuum.com   

Brian J. Weiss | LinkedIn
Twitter: bweiss805
www.itech-solutions.com 

Robert Nelson | LinkedIn
Twitter: techplanet4u
techplanetnow.com  


BARRICADE CYBER
Ransomware Remediation Services, Incident Response and Penetration Testing.

KONTINUUM
IT support that's actually supportive.

FASTMAIL
Your data is for you, no one else. That includes your email, calendars, contacts, notes, and files!

Show Notes Transcript Chapter Markers

On this episode we dig into where responsibility and accountability, compromised hardware beaconing, Senators lobbying for APT's, defining a breach with two words, how much should you have to push your vendors security development, zero knowledge and more.

Eric Taylor | LinkedIn 
Twitter: barricadecyber 
www.barricadecyber.com 

Shiva Maharaj | LinkedIn 
Twitter: kontinuummsp 
www.kontinuum.com   

Brian J. Weiss | LinkedIn
Twitter: bweiss805
www.itech-solutions.com 

Robert Nelson | LinkedIn
Twitter: techplanet4u
techplanetnow.com  


BARRICADE CYBER
Ransomware Remediation Services, Incident Response and Penetration Testing.

KONTINUUM
IT support that's actually supportive.

FASTMAIL
Your data is for you, no one else. That includes your email, calendars, contacts, notes, and files!

Shiva Maharaj:

This is the cybersecurity amplified and intensified podcast. Mr. Robert, what are we talking about today,

Robert Nelson:

sir? Well, you know, the one thing that kind of caught my eye in, which I thought was kind of weird, and I don't use Kaseya was this a sign of NDA? So basically, your RMM tool infects you and encourage you and entails you, they'll help you get out of it. If you promise not to tell anybody, the way I understood that.

Eric Taylor:

Yeah, there's not a speculation on that, exactly what this comes out. But here, there was some Reddit posts around it where, you know, if you wanted to decrypter from Kaseya, you had to sign an NDA. And it looks like since the original posting that both the MSP that was affected, and the end client for the network to be decrypted. Both parties had to sign the NDA.

Robert Nelson:

Oh, does anybody what did the NDA say that I won't disclose I was infected. And I won't disclose that I'm

Eric Taylor:

a customer all the above maybe just the simple fact. I mean, it's all pure speculation. I haven't seen the NDA being posted on the Internet at all though. If anybody's listening and or watching on YouTube, or one of the social media platforms, and you got it, please let it send it to us. We would love to see it. But Eric loves clicking on random links from strangers vs. Oh, gosh. Especially your only fans page.

Robert Nelson:

Let's two that's two birds with one stone here.

Eric Taylor:

That's right, sir. That's right. Don't

Brian J. Weiss:

you think that part of the NDA is to not share the NDA?

Eric Taylor:

Yes, like Fight Club?

Shiva Maharaj:

You know, I think the whole NDA thing is really built to keep that number at about 1500. And customers that were affected. I don't think the SE wants that number going up. And DNA helps with that. So

Eric Taylor:

I was kind of curious, then I think is already I really know what the answer is. But what you what your guys's thoughts are, is there going to be potential backlash on it say for actually releasing a decrypter making people sign an NDA. But those companies who have already got with a firm like ours, or another incident response firm and has talked to reavell paid for the decryption? And now Kaseya is just giving it away for free? Is there going to be potential recourse for those customers who are end user customers that went on alone?

Shiva Maharaj:

I think there's always recourse, it really depends how much money you want to spend on the legal side of things. And it also depends on if they can prove Kaseya paid for the decrypter. Now, if Kaseya did not pay for the decrypter. And it was given to them. I don't see the need for an NDA. Maybe you need for a hold harmless agreement, but not necessarily an NDA. I

Eric Taylor:

don't think NDA is can really protect them in that type of fashion.

Shiva Maharaj:

A lot of people will just take it at face value and think they can't say anything. Exactly.

Robert Nelson:

A lot of people don't understand that. They're just gonna say, Oh, I signed an NDA. I can't talk, which is fine. Everybody counsel on that?

Eric Taylor:

Well, Brian, you're famous for a lot of NDA is what do you think?

Robert Nelson:

Can you talk about on what's

Brian J. Weiss:

the first role of an NDA is you can't talk about it. I mean, I look at this, as you know, for msps, this is technically a supply chain attack for us, right, one of our tools, were using mn you know, the vendor, you know, in my opinion, from what I've been hearing, could have done a lot better job helping out our channel through this than they did you know, as we experienced, other vendors were the ones who kind of took the lead on this giving msps direction, and then they get a hold of a of a decrypter key that could ultimately make all of this pain go away for those that still have pain, which I'm sure everyone does. Trust me. I've been there. And then they're almost using the same playbook is the threat actors, where it's like, hey, we've got this way to decrypt your information for you, we could do it in five minutes, send you the key, but you have to, you know, it's a quid pro quo, you have to do this for us. Before we do this for you.

Shiva Maharaj:

Are you calling to say a ransomware? group?

Brian J. Weiss:

They're I mean, in a sense, they are holding back something that, you know, we need to remedy jump on

Shiva Maharaj:

the fence here, buddy, you got to say yes or no,

Brian J. Weiss:

I'm not obviously, they're not a ransomware group, but they're using similar tactics to try to get what they want from msps. Right.

Shiva Maharaj:

That is a very interesting thought. And I have not thought about that. But I don't disagree with you, quite honestly.

Brian J. Weiss:

So I mean, I don't know who their PR person was, or as probably their legal team that said, we have to have this and it needed to be thought through a little bit more, in my

Robert Nelson:

opinion, since we're on the subject who can say is something else just popped in my mind? What's the deal I keep hearing with it Glendale that if you got to, if you have like a one year agreement with them, it auto renews at three years if you don't tell them within 30 days of the renewal,

Shiva Maharaj:

and you have to pay above publicly listed price at 3%. uptick and you even do I didn't realize you could do that. I mean this if this is legal, and this to me seems like a really great concept where you can auto renew somebody for longer than your initial term and most states they don't allow that. But this is gonna say we're talking about the day Our tip of the spear at monkey and they can do whatever it is they feel like but you know not to beat up on Kaseya too much.

Robert Nelson:

Well, you want to talk about solar wind,

Shiva Maharaj:

you know, the solar winds breach was in the news again this morning where federal prosecutors were targeted by that attack

Robert Nelson:

loyal to that only three of our email accounts compromised I think are 27.

Shiva Maharaj:

I did not see how many were compromised, but they said high value, prosecutor, prosecutor email accounts, whatever that means. So I'm assuming that's the state, the US Attorney for districts,

Robert Nelson:

one has to wonder how much information actually translates email? I think a lot. I think everything is email quite honest, I would have I would have thought maybe some things would have been encoded or somehow changed after the pedestrian, Hillary Clinton's compromise and stuff like that, because there was a lot of security stuff that was slid around, you know, passed back and forth that I would think they stopped.

Shiva Maharaj:

Yeah, but those are email accounts that were not under the control of, or non DOJ email accounts, right. This is talking about solar winds, Orion being used to help reach federal prosecutor accounts. And again, solar winds is the gift that keeps on giving. Right? Do

Robert Nelson:

you think inside one of these email accounts, they would actually talk about somebody they have on the inside of a criminal organization maybe mentioned them by name or something like that? I mean, Could these accounts be you have that value that, that we have people now whose lives are at risk? If their identity gets out?

Shiva Maharaj:

I think you have to look at the way Russia and China are thought to operate, they will collect everything and put it into a big funnel, put it into a database index that they may not need it today, but 510 15 years from now, the data is there. Again, I don't know what the opsec for the DOJ is or would be for something like this, it'd be one of those things. So

Robert Nelson:

for eight years, today, you decided to run for president the data is there,

Shiva Maharaj:

which is not unlike anything else, you know, it's just different, you know, now it's ones and zeros as opposed to a VHS or Betamax recording of something.

Brian J. Weiss:

Well, I mean, the government has lost the ability to redact that information before it hits the public now, like they tend to like to do,

Robert Nelson:

right. So they've lost, they've lost the ability to protect that. Because even if they put out their own version, with the redacted part, and everything in it becomes very easy to match with a clean version that's out there on the internet. Yeah, here's the redacted version, here's the clear version,

Shiva Maharaj:

you can have a redacted version, you can have a non redacted version, and then floating around somewhere as a third version. That's probably the truth.

Eric Taylor:

But that brings up a question that I had a little bit ago is like how, how. So you got these companies that we deal with that always say that, Oh, well, you're you're we just have your metadata. We just have anonymized data. But really, how anonymized is it? I mean, we have a case in point that I'll bring up for those who are not watching this on the video, you know, where us Catholic Church had one of his bishops had it's de automized, or the time, whatever optimized, the optimized, thank you, and they were able to go back and find it, you know, Link him to Grindr.

Shiva Maharaj:

I don't think anything is anonymous. And once those metadata I mean, Eric, come on this is your wheelhouse, wheelhouse ride for IR metadata is a thread you pull on to unravel everything. So unless it's truly anonymized, there's probably no way around it. Any of these subscription sites, you got credit cards, you got IP addresses, I don't think he was savvy enough to run a VPN.

Eric Taylor:

I don't know if the VPN would have even covered it. I mean,

Shiva Maharaj:

well, if he's putting his if he's putting his image on there, and his GPS lock data, there's not much you can really hide

Eric Taylor:

exactly, because I think from the little bit that I've been able to decipher and go through everything was done on a mobile device.

Shiva Maharaj:

So are you making upon there because of Grindr?

Eric Taylor:

No, I was just saying, I mean, whether you have you know, Apple or Google devices in your wheelhouse there, they're collecting data, they're sending it back to Apple, they're sending it back to Google.

Shiva Maharaj:

Let me let me ask you a question here. And Robert, Brian, this is to you as well. I mean, you guys are using Alexa Siri Cortana and any other version of the AI deliver a child?

Robert Nelson:

everywhere, everywhere, everywhere. I make my life easier when I work.

Shiva Maharaj:

And those things are recording 24 seven to be able to identify you saying hey, FBI do this for me. Absolutely. But I

Robert Nelson:

have my beatings in which I won't accuracy. I lay my phone on my desk and me and the person or I will not an immunity. I leave my phone on the desk and me and the person walk outside way from our front of office,

Shiva Maharaj:

but that's the world we live in here today. Right? Everything is connected. And the telemetry data going back to Microsoft, Apple or any vendor out there is going to get people in trouble one way or the other. I think it's good

Robert Nelson:

to catch people. It's going to catch people Lying shiver as people will and then they'll have, they'll get court orders to pull that data in and be able to compare and know that you're lying. But

Shiva Maharaj:

they've already been doing that and getting the quarters for,

Robert Nelson:

but it's going to get more and more, it's going to get more and more down at a local level. As it good as people start realizing it, not everybody realizes that they are, but it's starting to get that I was gonna

Brian J. Weiss:

jump in real quick. I think it's kind of a double edged sword, right? I mean, I think people need to be held more accountable. We just had a, you know, corruption hit our local politics here locally with the legalization of marijuana, you had all these drug dealers that are like, I don't want to lose my business. So they're trying to get into it legally. They hire lobbyists, they funnel money into local politicians, pockets, the FBI is now investigating it, the guy that was getting the most money committed suicide last year. I mean, it's, you know, people, elected officials need to be held accountable, right in it, because they just lie too much. But on the flip side, you know, the wrong people get that info, like another country, or a big tech company, that is a special interest themselves and uses that information to swayed elected officials themselves to get bills passed, you know, that's where it's being used the wrong way, in my opinion, corruption,

Robert Nelson:

or there's the misuse of technology or whatever I mean, anything done outside of the law, I guess could be defined as production.

Shiva Maharaj:

So a few months ago, Eric, and I did an interview with Vince kressler, over at dark cubed. And for those of you that don't know who he is former seaso of the White House, built the first civilian SOC at the White House and helped to put together a lot of what DHS was using, I guess in the early 2000 10s. And he was seriously concerned about to you, which is on the screen here. And they manufacture everything from simply safe to Schneider Electric. And they have basically produced everything IoT we have in our houses, have you guys read this article, or any of these? saying the

Eric Taylor:

buying and selling

Robert Nelson:

What are we supposed to do you either use the tech or you don't use the tech, I've never bought a refrigerator that's connected to the internet. But I know many people who who do

Eric Taylor:

and didn't like your your LG refrigerator telling you, you need to go buy some more milk and bread

Robert Nelson:

out, somebody sent me a message saying if I don't send them a Bitcoin, they're gonna burn my house down or destroy my refrigerator, either

Brian J. Weiss:

all your foods gonna go bad in 24 hours.

Robert Nelson:

And I've locked the doors that you've got 24 hours, or you're gonna lose everything.

Shiva Maharaj:

I think the issue here that that needs to be addressed is the fact that people are putting all kinds of devices on their home networks, office networks, without considering who's manufacturing and what is calling home. As you can see here, dark, you've found out that these things are going back to Chinese servers a surprise. But Why isn't anyone talking about this? Everyone's talking about software to help protect the software to help protect that Eric, your IR? What can you do with software, if the hardware is inherently compromised? Not much.

Eric Taylor:

I mean, there's a lot of times where you do have, you can try to helpfully separate the software from the hardware. You know, so don't take the super micro incident, for example, you have either a Windows or Linux as for VMware that's running on top of the the hardware, so now the software will run fine. But the hardware may be beginning back on their management platform, which is what it was doing. So you know, if you had I forget what super micros version of the comparison for Dells, I drag or live overs, BMC has, but the management interface and equipment was essentially was beaconing back and sending that data back over. So I mean, you got to, you know, take the stance, like dark cubed is taking in some of the other people that are in the industry and look at that beaconing data and find out exactly what what is actually communicating and really go with zero trust not only only allowing certain MAC addresses to actually show up and connect, but filter and monitor those MAC address art caches and connections to see what it's actually doing.

Brian J. Weiss:

Well, my thought on it is we've got into the old age discussion of security versus convenience, right. So we've got all these people wanting all these devices, including me for convenience, and you're naturally giving up some sort of security. It's even worse when these devices have chips made in other countries that have

Shiva Maharaj:

a device that's every single device even that pretty little datto behind you.

Brian J. Weiss:

Yes. Yeah, exactly. So I think really, ultimately what what needs to happen is kind of What we see in our industry now, it's like, there's got to be like bug bounty programs, there's got to be these firewall companies that are seeing this traffic from these IoT devices reporting it to these to these, you know, vendors holding them responsible or accountable.

Shiva Maharaj:

How are we going to hold you accountable Chinese company in China? Well, there

Brian J. Weiss:

aren't their supply chain. They're a supply chain vendor for a vendor in the US that selling us products. Right. Okay, so

Shiva Maharaj:

you spank the vendor here and say, Hey, you guys should not use them. So what they go to the factory down the block.

Brian J. Weiss:

So well, this kind of gets back to our previous president who was trying to bring things back to the US for manufacturing and create a lot of incentives around that. Right. Okay, it's what needs to happen. Look,

Shiva Maharaj:

I love getting political. And I'm happy we have Robert on here for this one. Mortal Kombat 10.

Robert Nelson:

Today I'm trying to figure out who is gonna who's gonna do these manufacturing jobs when you've got almost a million people or previous president allowed to die. And they are those people have to move into the your service industry. So now and people aren't creating children like they used to. So do your part.

Brian J. Weiss:

We've got immigrants coming into the country that I'm sure would love a manufacturing job.

Robert Nelson:

Now that would be that we that would definitely be a way of doing it. We used to have a good flow of immigration in here.

Shiva Maharaj:

I'm sorry. Whose Native American, you're back where you're at? Gotcha. Okay. Hello. We're all let's talk about, let's talk about bringing manufacturing back for a second, we get the consumers to agree to pay 10 times the price, they pay for something right now, because we have the insurance companies, we have the lawyers that have put a cost on human life, not a value, we got all that who's actually going to do the manufacturing,

Eric Taylor:

I think it was just the general consensus of Robert and Brian to be able to use some of the other immigrants maybe from south of the border that's coming in by droves to put them in the manufacturing plants.

Shiva Maharaj:

I'm more going along the lines of the training for these people. The trades have been suffering for talent for the last 20 years, because everyone was sold a bag of goods go get a degree.

Eric Taylor:

Yeah, go get a bet. Go get a degree and now you're working at Starbucks or Dunkin?

Brian J. Weiss:

I mean, I guess my my answer to that is if China can do it, why can't we?

Robert Nelson:

Well, China has forced labor camps. We don't have yet. But if I need, if I need labor, they have a way of acquiring it. Maybe we could bring back the Japanese internment camps.

Brian J. Weiss:

Now. I said that as a joke, because why wasn't the headline as we're moving all our manufacturing over to China, this is how we're able to get it cheaper. Right? It's not because, you know, they devalued their own dollar. They, you know, they if they were in the US, they'd be breaking countless labor laws, without without a treat their staff. So you know, we, you know, ultimately exploited China's resources. And now we're feeling the brunt of that right now. They have control of things that I

Robert Nelson:

totally agree with you. But it's that we were passively allowing it to happen. So we could get a $29 DVR. And I'm a big TV so we could raise our standard, our perceived standard of living, could be raised. We allow that to happen. You know, the last what was Curtis Mathis was the last television manufacturer in the United States and they finally couldn't be formed to compete,

Shiva Maharaj:

but everybody wants cheap prices, right?

Robert Nelson:

Everybody wants cheap prices, it didn't come and complain with the quality's bad.

Shiva Maharaj:

Now, Eric, I have a webpage here shared with you want to throw it up? Absolutely. This goes back to the infamous Mr. Podesta that Robert mentioned earlier today, himself and a lot of former senior senators have registered to become lobbyists for highway. What do you guys think about that?

Robert Nelson:

That is unfortunately the way it's done. And Bobby is our biggest or the biggest thing we've got to fight in this country in our political process and mafia because that's all it is is legalized bribery. Let's go to and we're sitting there watching it half Don't

Shiva Maharaj:

you think that former senators should have this little thing called patriotism and not try to lobby to bring Chinese MSS in I'm sorry, highway,

Robert Nelson:

it's

Eric Taylor:

not gonna happen. They are just like everybody, the vast majority of Americans is, you know how we're gonna put money back into our pocket, right? So it's all about you know, how am I going to take care of my family do what I gotta do and the whole no money is the root of all evil is what's gonna boil down to it until we get to a place like freakin star track where money is not a, you know, a is a commodity. It's not, you know, a necessity. Everybody's doing things for the good of other people. You're trying to be optimistic. I would love for that to The reality one day, I don't think it's going to be in any of our lifetime or our kids lifetimes. But until you get to that, quote unquote utopia, where, like I said, you know, the currency is different. It's not based off a monetary value of some sort, you're going to have this

Shiva Maharaj:

speaking about monetary value. Eric, what are you seeing in the ransomware side of the fence these days,

Eric Taylor:

thanks for slow, we still have a couple players out there, we got locked at 2.0 Coffee starting to ramp up a little bit, there's a couple couple other ones, but they're, they're laying really, really low right now. Um, you know, we, you shared up an article just a little bit ago that I'll bring up on the screen for those who are watching the live stream, but we've got what looks like I'm gonna say I agree about 80% with this article, and I disagree with it about 20% um, you know, where ransomware games are losing interest in the extortion sites. And to a degree that is true. So the main point of this whole extortion site was to make companies feel ashamed and a up is I owe llama healthcare or I'm a this aroma that and now my name, and all this information is posted up there. These companies don't care. Like you. And I have seen it. We've even gone on LinkedIn and Twitter, you know, bashing companies, like you're in the insurance business, and you did no disclosure, and you're in California in New York, and you haven't said enough, right? They don't care. They don't know, they're in their

Shiva Maharaj:

defense, they don't have to, because nothing happens to them. I know, that's not the right way to look at it. But that's the fact of the matter.

Eric Taylor:

And I think, I think that's what the whole point of the name is Shane was supposed to be was to force something to happen, like, Look, if you don't pay, you're going to get out there. And then the government's going to freakin know that you're in municipalities, you know, your competition, all that. So you would think that there would be fine starting to get incited on businesses who, you know, got their name and information leaked, as a proof of a breach.

Shiva Maharaj:

Hey, Brian, when you went through your incident, was there any law requiring you to disclose no?

Brian J. Weiss:

Well, and to be fair, there is no data exfiltration no evidence that any data exfiltration happened?

Shiva Maharaj:

So here's my problem with that. And that's the easy out that a lot of states are giving people if there's no indication of data exfiltration it's not a breach. Personally, I think of breaches just unauthorized access. Yeah.

Brian J. Weiss:

I mean, I used to call them breaches, right? And then all of a sudden, you're like, don't call them breaches anymore. We have to call them incidents, you know, it's only a breach if information has been stolen. And I would agree that, you know, it's it's semantics on how you're using that word?

Eric Taylor:

No, I think it's a real clear derivation. I mean, a breach is unauthorized access, you know, but you have data exfiltration data left, whether it's, you know, pictures of your high school and your two year old, or it's all your cloud banking, routing them. I mean, data is data.

Brian J. Weiss:

What I meant by semantics is, it's not a long enough sentence. Is it a security breach of sensitive data? Or where they've actually seen your data? And they have a copy of it? Or is it a security breach to gain? See to control?

Shiva Maharaj:

How about just unauthorized access? Yeah, there you go. unauthorized access to arts forget the sentence.

Eric Taylor:

Yeah. But yeah, I mean, this was the name of shame sites was to be approved of, you know, unauthorized access exfiltration of data. And, you know, hopefully, they would see these things as a greater threat and issue for the business versus pain, you know, whatever they had to, but even the folks that are getting put up on the name and shame site, they're not getting any backlash, like I said, from local municipalities, or government entities or anything like that. People just become immune.

Robert Nelson:

They have it didn't take them long, but they become immune to everybody says, Okay, how do we get how do we fix this? Help us get it fixed. Let's move on. You just don't see a lot of you just don't like you said you don't see a lot of complaining about

Eric Taylor:

that's, you know, I was part of the problem. Yeah, I would get on these meal name and shame sites. And I'm like, oh, look who's been breached, look who's been breached, look has been breached, you know, and all I was doing was adding to the noise and helping these, I think desensitize most people, because everybody now really thinks, man, not only by my actions, but all of us. vendors, right. Yeah, that this is just something that's going to happen. So it's like, oh, let me give you a hug. You got breached? I'm sorry. They're there.

Shiva Maharaj:

A lot of these vendors, if you look at their social media, it's all about Hey, use our product to stop you from getting breached. Doesn't matter what the vendor is back to the matter. It's not going to stop the breach. You know what's gonna stop the breach education and doing a few things really well. So you become less of a soft target and they move on to the next guy.

Brian J. Weiss:

You know, this reminds me of his follow the vendors getting rich off of making masks.

Shiva Maharaj:

Yeah, that's pretty much the same thing. But you mean the manufacturers in China because we don't we don't produce? Well, actually one plug sorry. Robert has a buddy friend colleagues, someone he knows that actually manufactures masks down there in Florida though, kudos to him, factoring domestic,

Robert Nelson:

they jumped, they jumped into it really early.

Eric Taylor:

And they make a really good mess. I still even have like mine. They either order like three sets of like 20. And mine, let's make it like

Shiva Maharaj:

ninja.

Eric Taylor:

I know. But But

Brian J. Weiss:

I mean, what what I'm getting into is the desensitization, right? I mean, we've got over half of America, that is now probably completely fine with going into another lockdown. Right? And we've got a lot of Americans now that just think security incidents or breaches are normal. So they just let them happen. And, and there's no one fighting back, say no, this shit, this does not need to happen because of XYZ. based on the data, we should be doing things, other things to solve this issue. Right?

Shiva Maharaj:

So how much of this do you put on the vendor? Because you're on a lot of partner advisory boards more so than i am

Brian J. Weiss:

i'm i'm pressuring vendors left and right to talk about security when I go into a partner advisory board meeting, and they're talking about roadmap, updates that have to do with convenience and efficiency. I'm like, Where's the security? Right? You know, I've got a couple of vendors I work with that I know, are focusing on security, but I'm pushing them even more, you know, for other things, especially.

Shiva Maharaj:

Are they given you the illusion of security? And be careful you answer this because I do have a follow up?

Brian J. Weiss:

I don't believe it until I see it. Right. And, and yeah, I I speak up. I you know, I'm that thorn in their side that they're probably like, Oh, great. Here's another comment from Brian around security. And we're not there yet. Right? I I'm that guy. I try to keep I try to be nice about it. I'm not a grumpy arsehole so that, you know, they, hey, that's training so that we can have conversations without them getting defensive or offensive, right?

Shiva Maharaj:

How about a conversation about just doing the right thing. And I'm going to go into a little detail here. I don't want to go into too much, because I don't want to throw the vendor under the bus. But I think it's something to talk about. I have been asking for a certain type of security to be added to a product by a vendor, we all well, three of us use here. They kept glad handing me saying yeah, we'll get to it. We'll get to it. Brian asks for it once and they send me an email at like five o'clock one Friday evening saying, Hey, can we have a meeting in the middle of August about this? We have another partner that asked for this. So you know what? Yes, I do. Help me, help me understand how you got them to move on that

Robert Nelson:

you didn't ask for it to?

Brian J. Weiss:

I guess you could say that. I'm a lobbyist who doesn't have self interest, but interest for the protection of everyone else out there.

Shiva Maharaj:

So I'm one of the good guys load of horseshit I've ever fucking heard.

Eric Taylor:

Spoken like a true political lobbyist.

Brian J. Weiss:

I mean, my I guess my self interest is feeling more secure. Right? I got to sleep at night. There's it's definitely a dance you got to do. There's politics involved in our industry with vendors, you know, it said,

Shiva Maharaj:

Well, what walk the walk me through that, because I really want to understand this. This is something I think every product in that space should have. And only one has it that I know, how did you get them to bite on this? Because I spoke to that person about it. And some of their subordinates never, not no movement.

Brian J. Weiss:

I guess I need to figure out what the magic. I mean, I've just been extremely involved with that vendor. Maybe they realize that if they need they want to make me happy. I don't know. I mean, when I first started getting involved with this vendor, I would fly to their headquarters and meet with individual department leads talking about the different things that

Shiva Maharaj:

do they care about? Or do they just brain dump you for free?

Brian J. Weiss:

Definitely no payments?

Shiva Maharaj:

That's not that I'm not helping.

Brian J. Weiss:

But but there is, you know, expenses covered, right? I mean, obviously, you know, I'm not gonna pay they're willing to do go that far. But I don't know that I'd want to be paid by them. Because then I feel like I owe them something, then it's all of a sudden, a quid pro quo. Right?

Shiva Maharaj:

Here's where I take a little bit of issue with that now with you. But with that our contract with this vendor states any idea we give them becomes theirs at no cost they can do with it as they wish

Robert Nelson:

I really don't want some pretty good deal.

Shiva Maharaj:

Oh, it's fantastic for the for and they're probably not the only one. Let's be honest here. However, I have a serious problem with all these vendors trying to brain dump me and then making me pay for their services. It's not my job to make them more secure. It's not my job to make them better. It is quid pro quo. I give you payment. Give me the product you sold me.

Eric Taylor:

Let's see. Here's where I will do a little bit of pushback. It is I guess, at least from my That allows it is at least I believe my job to hold their feet to the fire when it comes to security, especially when I'm using it. Yeah, this is why we I left other partners. This is why I continue to leave partners. And look for partners who, at least this week are as being a little bit more conscious on security, you know, do I feel sometimes like I'm, you know, just changing my underwear and putting on a new product? Yeah. But you know, as soon as I've realized that there, there's a glaring hole there, and they're not going to fix it. I've kind of dumped it right.

Shiva Maharaj:

Let me ask you a question. Last week or two weeks ago, we were in our private Zoom Room, dealing with hive nightmare. How many AV platforms did we test it on? And how many worked? And let's throw in a managed SOC. We'll leave them nameless for now.

Eric Taylor:

Alright, so let's get some let's get some clear or some some context. Yeah. So in the mitigation steps for Sam the hive nightmare, there is a step in the mediation where you're taking VSS admin and you're purging all shadow copies on a workstation or a server. Anybody who deals with ransomware knows that's like step two, maybe three. And their standard operating procedure is that command to delete delete any and all shadow copies off of a workstation to make sure you can't restore from that is a de facto operation. So we take Microsoft bleeping computer and a couple other ones, we're saying run this command to it, you know, after you make your ACL changes, run this command and make sure you get rid of any of the persistence and go forward. Well, one of the EDR Is that me and shiver us said, No, no, sir. You're not running this command. Because it is a known vector is a known IOC indicators are compromised for ransomware. And it got me thinking I was like, You know what? That's actually correct. So we started going down the rabbit hole and saying, Okay, let's throw on let me spin up about 10 VMs. in Azure, Yo, I'm

Shiva Maharaj:

throwing up, you know, the EDR we use I'm throwing, you know, various other EDR out naming and shaming, because I don't want people to get popped because they use a shits bender.

Eric Taylor:

Yeah, you know, I don't want to, you know, oh, NES or anything like that, like, Oh, well, this is a possible possibility with that type of thing. So, you know, I don't want to do any, it wouldn't be a zero day by any means. But it's, these are just things that need to be discussing who caught it, though. Yeah, I mean, so yeah. So we'll get to that. But um, you know, we're throwing up other ones, and nobody else is catching this command. Right. So I started going back and, you know, started talking to and just, you know, as she was saying, CrowdStrike, with Overwatch caught this

Shiva Maharaj:

actually, just, I did three tests for CrowdStrike CrowdStrike, with Overwatch, CrowdStrike, with just EDR and the standard CrowdStrike, it seems we're just saying standard CrowdStrike. Because there's nothing standard about them, there's good,

Eric Taylor:

but they they caught it. And they don't let any variation of that run. And like I had to go back to my old dos 3.1 days and figure out how to run VSS admin just for the C drive and purge that stuff off of there, just so I can be able to customize the mitigation steps. So our proper EDR will not friggin throw a hissy fit. It's good. I like that. But you know, when you're tait, like I said, well, you're taking these indicators of ransomware, or breach or data, extra trade or whatever indicator it is, and your EDR is allowing that to go through. I don't give a rat's butt. If because 30 seconds later, you know, another command didn't run or another command or it didn't run that was part of the IOC chain, you got to look at each individual indicator as its own identity in its own thread, not looking at the whole thing, because unless you've got a way to roll back those changes, your there's no recovering, you know, it's like, Okay, I'm going to break in your front door, and I'm going to be able to get like 80% of the way before you realize I'm in there and then try to shut me off at the knees. You know, when but top of half of my body's already in.

Brian J. Weiss:

I've got a couple questions. Number one. Well, a statement here, I guess. I mean, the last thing I do is rely on VSS. I mean, it's there for convenience, in my opinion, but I've got a backup solution in place to prevent me from needing to care about it as much, right. So that's one thing. The other thing too to understand is that, from what I've learned, anyway, and I'm constantly learning is I've noticed there's kind of two methods that Sox look for threats. You're either building the perfect mousetrap where you're dealing with a sim and a ton of alerts, and you are tagging or things like that, hey, if this command runs, alert me, that's part of building the mousetrap, right? You're looking for these playbooks, these individual things that might happen in a playbook. Getting alerted for them, right? And then but but the problem with that is, is threat actors live off the land. So a lot of the things they do, we also do as msps. So you're gonna end up with more false positives with that type of threat hunting, right? Which isn't a bad thing. You want to have as much information as you want. But are you going to be as quick right to, to, you know what I mean? And that's where you could get into an argument versus the other method of actually correlating events together to understand there's a threat that are that are happening in real time, right. So there's there's definitely two schools of thought out there. I think, ultimately, we should have

Shiva Maharaj:

the best of both worlds. Here's my issue with that a VSS delete all is rarely ever used by an MSP.

Brian J. Weiss:

And that's a fair point.

Shiva Maharaj:

Okay. Yeah. And take out redundancy, backup and everything else. That's just part that is a legitimate part of a adversaries playbook to delete whatever they can in the backup side, any VSS command that is run should be flagged, not necessarily stopped, but should be flagged by any halfway decent EDR system.

Brian J. Weiss:

Now, let me ask you this with those recent articles, how many msps are now going to have clearing VSS on all machines to help remove persistence, though, before those articles,

Shiva Maharaj:

how many msps could have prevented an incident by flagging for those same commands,

Eric Taylor:

how many msps are actually monitoring to see if those things are being run and flagging right now, I can always guarantee 98% of a Mart.

Shiva Maharaj:

You know, the problem here is that we can make excuses for vendors as much as we want. Or we can hold their feet to the fire as much as we want something like a VSS Shadow Copy needs to be logged. And there was one provider I used. And they claimed they did not see the command because CrowdStrike stopped it. Well. If your agent was looking at my system, they should have at least seen the command.

Brian J. Weiss:

Yeah. And that's true, because I know what vendor you're talking about. I use so foce, and we're doing some we're looking at potentially doing some testing, you know, and in the beginning, I found that so full stop something. But it also showed up as an alert in their system. So maybe they've got an API integration issue with CrowdStrike, who knows

Shiva Maharaj:

they're not integrator, the CrowdStrike this particular vendor, but I don't want to go into too much detail because I like the product. I like the people behind it. They don't want to shit on them, their product by virtue of what it is should have seen it not necessarily stopped it, they should have seen it. Now

Brian J. Weiss:

it to me, it sounds like the gap there is really the API, they're missing an API integration into CrowdStrike.

Shiva Maharaj:

No, that's not a gap. That is that technique for that vendor needs to be part of a string to be identified as opposed to a loan action. Well,

Brian J. Weiss:

I guess what I meant for it to automatically log in their system. That's not to say they shouldn't have still seen the alert.

Shiva Maharaj:

Question. If I ran that across that entire client at the same time with an RMM. And that agent is on the computer. Seeing Hey, VSS delete, all here, VSS delete, all here. These are all the computers in this state that should have like something that's not a Hey, CrowdStrike did it so it's okay, we don't need to worry. Yeah, you're saying their own agent should detect it regardless. Yeah, and have to be really careful. Because if I say what the functionality that agents is, it's gonna, it's gonna say who these guys are. And I don't as I said, I don't want to throw them under the bus. I just don't like the response I got and myself having to follow up with this one particular person over and over. And it was them ignoring it, because they don't want to deal with it, because they know they fucked up. So

Brian J. Weiss:

So let's talk about that a bit. Because maybe that's part of the magic on how we're having this discussion. Now with this other vendor is I've seen that happen with other vendors, where they've kind of brushed it off. And that's all that's ultimately where I feel like I have to be a thorn in their side. And in some cases, that's part of what's nice about being in a partner advisory board, call on other partner advisory board members to help join the you know,

Shiva Maharaj:

the fight, if you will, I'm gonna go out on a limb here and say most of those partners on partner advisory boards are fucking idiots but I say this with peace and love and we're not asking you to comment Brian cuz you're on most of them. We don't want you to get into trouble and and you are excluded from being that asshole because just as I'm your asshole, you are our as well. So, you know,

Brian J. Weiss:

I I won't say that. They're idiots. I do question the value of certain some members on boards that I'm on and what they're actually

Shiva Maharaj:

there for group think they are there for confirmation bias. Yeah, that's exactly what they are there for. And it is what it is. I mean, I gave up on trying to help vendors. If you want to take my money, you helped me

Brian J. Weiss:

well, and here's an example. You know, in kind of going back to my earlier point, when I go to these meetings, and I feel like we're talking about the wrong thing. I'm pushing some of the larger vendors that I'm part of PhDs with to actually create like a security subcommittee in the partner advisory board,

Shiva Maharaj:

I did that with your little CMMC group, you know whose idea that was, it's that I spoke to, and I spoke to Ryan said, hey, let's set this up. I did four meetings with that group. And I dipped, because I knew it wasn't going to go anywhere. And I guarantee you, that group is still not going anywhere.

Brian J. Weiss:

We're moving as fast as CMMC is moving. Yeah, dude, come on.

Shiva Maharaj:

I've already done I've already done my self assessment. I've already put my my packet in how many people in that group have done that? Well,

Brian J. Weiss:

yeah, I mean, to maybe, yeah, the main reason I'm holding off is because I want automation. So I'm letting some wheels turn a little more before I jumped into that,

Shiva Maharaj:

that automation you're waiting on has openly said he's not going down that rabbit hole, because that's not his area of operation.

Brian J. Weiss:

I don't know what you're talking about. But

Shiva Maharaj:

I'll go offline on that. Yeah, another vendor I like for now.

Brian J. Weiss:

So but yeah, you're right. I mean, ultimately, it comes down to holding the vendors feet to the fire, I can call you out. shivah. For if you're gonna just walk away from a vendor because they brush you off, we got to be that thorn in their side and not let that happen.

Shiva Maharaj:

Dude, they're not paying me for that.

Brian J. Weiss:

I'm paying them. Yeah, I mean, there's got to be a point in time where I'm a

Shiva Maharaj:

capitalist, you want you want the benefit of me, pay me because I want the benefit of you as a vendor, so I pay you for your product. I'm not here to raise the tide, like other people in the gas channel, I'm here to find vendors that match what I want or exceed what I want. Now, I've tried with that vendor. But again, they didn't want to get out of their own way. Because they know it best I can put my time into things that make me and my clients better. And my friends, my colleagues and people I care about, or I can keep chasing the dragon with them.

Brian J. Weiss:

You're right, there is a point where you it's it's a lost cause. Right. So you have to determine that at some point.

Eric Taylor:

Yeah, I mean, to show us by that, you know, an MSP will be partnered with, you know, half a dozen to a dozen, you know, channel partners, you know, Brian, you're probably the only person that I know, that does this, that, you know, you want to be on the product Advisory Board of each and every one of your partners. I mean, unless a company gets to about your relative size of team members inside of that organization, the small guys you know, we're we just don't have the time to be on all these flippin calls and doing all that. Like, don't get me wrong, I would love to, to some degree with certain vendors. I would love to be on the product advisory board. I know for a fact I will cause so much problems, they will hate me. It's like okay, how much time am I really going to spend on this not being compensated, being that grumpy Marshal, they are trying to get stuff done just to be a last call.

Shiva Maharaj:

I think to dovetail off what Eric's talking about here. I think collectively, including Robert here, even though he's very quiet and not chatting with us because he's like, you guys are just fucking idiots. Anyway. I think whatever I do, I want to make an impact. And if I am seeing I'm putting the effort in and it's not being reciprocated pocket, dude, I'll move on. Like I tried with cell phones MTR I saw their soft, I saw the cell phones MTR system break and miss things. I had a call with their analysts, this analyst had the balls and the fortitude to tell me that since they tweaked their detections, there would be none for two weeks straight. And I said that doesn't sound right. There's always going to be detections. It's whether or not it's going to be a false positive. The stutter. He's like, No, no, you had zero detections. I said, fuck it, I moved on. A month later, I had a call with the head of their sock. And he himself told me that analysts never should have said that it was an error on their side, they should have fixed Am I supposed to stay with Sophos and help them build that and fix that? I mean, a company as big as sophus know, any company any, any partner centric partner first bullshit company.

Eric Taylor:

So we'll we'll take we'll go down this path. So an international company like Sophos No, I mean, being able to bring a potential problem up to them and that nature, yes, definitely do it. But you know, the quote unquote, smaller folks, I mean, all of us were part of rocket, cyber, you know, that was a small company using both internal and external, you know, code developers, but we were with it because we thought to our core, we thought that Billy was trying to build something in

Shiva Maharaj:

our best interest in his best interest because it's never ours. But we thought our interests aligned. Yep, I want to be fair to him his his interest, and his history shows he builds good products to sell it. I was along for the ride for the good product,

Brian J. Weiss:

but that's not the story. He told me. Just to be fair, he told me he was in it for the long haul, which I guess he is if he's gonna sell to a company like Kaseya because they probably got him on a 10 year contract.

Shiva Maharaj:

Now all their founders exit within 18 months. Really? No one could look at it agent. Wow.

Brian J. Weiss:

So So yeah. So then what do you Call me wasn't true. Maybe he got into the space and realized what did I get myself into,

Eric Taylor:

we were alone, you know, having, you know, independent calls and group calls where, you know, we were trying to get this product to work, we just couldn't get it to frickin interface, we couldn't get to interface with certain third party integrations and stuff like that. So it just became a world train, Royal friggin nightmare. So something the smaller, the smaller companies I, I want to help I want to I'm more forgiving, and more as I mean, as forgiving. As long as it's not a mission critical item, you know, to the safety and security of my clients on my internal team. But you know, I'm a little bit more forgiving, and patient and things of that nature and trying to help them build out that stuff. But you know, when you go with an international company, like datto, or connectwise, or pistoia, or whatever, yeah, my patients and willing to help is very minimal when I think that it's not being reciprocated, though, you know, I think it's pretty cool that you know, that Brian had the ability to fly out to certain vendors and quote, unquote, channel vendors to the space. And while he may not got paid an hourly rate of a compensation, he wasn't, you know, he got his travel comp. So I mean, that's, that's kind of cool. I don't know, many channel vendors that would actually do that, in a non conference type of way.

Shiva Maharaj:

One of the cool things about the Brian effect, as we will now call it is, he got that vendor to have this conversation that we're scheduled to have in two or three weeks. And that's something that will raise the tide of all their customers who use that product. But

Brian J. Weiss:

Eric brought up a good point that I was kind of taking for granted. And you know, that I've got a team under me, I'm not as wrapped up in the day to day, right. And so I've got time to spend on this. Now, I am sacrificing spending time on my business to spend time on my vendors. But I see long term paying off for the business, but it is kind of a philanthropy. You know, I used to do a lot of nonprofits I ran nonprofits in its data with time

Shiva Maharaj:

on profits are not really nonprofit, because the people that work at nonprofits make a decent wage, for the most part,

Brian J. Weiss:

all of the nonprofits I was part of were volunteer run boards. So there is a distinction, right? I mean, it was all around education, typically more helping the local community. But what what happened is I had my security incident, and I immediately put a stop to all that, because I realized I need to focus on my business.

Shiva Maharaj:

I have a question for you here. And it's it's a loaded question. Are you putting so much time into making your vendors better? Because and I want to phrase this nicely said, I come at this with good intent, or once in my life, because you want to stave off the possibility of yourself having another incident?

Brian J. Weiss:

That's part of my feeling. Yeah, I mean, I, I either, I mean, I've switched so many tools since 2018. But a deal, you know, finding a vendor that I thought was gonna solve an issue, they don't I talked to him about it, I realized they're smoking mirrors, they're, you know, they're not going to improve it, they care less. And then I'm moving on to another tool. You know, it's hard because a lot of the really good tools out there are really in the enterprise space, but they're very clunky to use from an MSP standpoint. And and the other thing I'm trying to do is build a business that can run itself. So if we're so reliant on our vendors, the last thing I want to do is step away from my business, knowing that we're working with vendors that are you're giving my team a hard time. So yeah, you know, I feel like there is a true partnership in our channel between msps and vendors, whether or not the vendor treats it as a partnership, you know, or the MSP for that matter ultimately determines how successful they are. Or can be,

Shiva Maharaj:

I listen, I get where you're coming from. I have a fundamental disagreement there. Because we go to these guys for being the experts in what they're selling us. And all too often in the MSP community security is an afterthought for a lot of these vendors. I know, I don't again, this episode is not about naming and shaming. I know Eric has been a numerating certain things at certain vendors, as recent as yesterday, and they're agreed, yes, and should never be an issue not in today's world of how cybersecurity needs to be.

Brian J. Weiss:

Yeah, so So my answer to that is that I have a different outlook. I don't see vendors as experts, I see them like you and me trying to figure things out. Just like I don't see politicians as experts. They're normal people who got there pretty much by who they know. And so what I do judge is the actions they take and whether or not it's for the better good of their partners or the better good of the company. And where that gets tricky that I found with a lot of vendors is that I'm, we're all kind of unicorns hear msps in the sense that we care so much about security, we stand out right what are we like maybe the top 5% of msps out there.

Shiva Maharaj:

Now, I would say I'm not saying I'm part of that group, because I'm just an asshole that likes to talk shit. The security minded msps are probably, I'd say half a percent to 1% of the MSP community. I don't think there are nearly enough msps focusing on security to match the threat landscape today and not dealing with what the MSP market was even three, four or five years ago.

Brian J. Weiss:

Yeah. So you take that small percentage, and then you go to a company who has a huge partner base, and and you're plugging away saying you need to focus on this, when it only affects a small percentage of your partners. That's where I get the head, buddy.

Shiva Maharaj:

That's not easy. That's the wrong story. It's not affecting only a small percentage of your partners, only a small percentage of your partners have identified the need that needs to be fixed. I had with a vendor of ours that we all use where they could not identify, they could not see what I saw.

Brian J. Weiss:

Yeah, so the perceived value isn't there for their general partner base right there, their general partner base would be, why are you spending time adding this, I want to see XYZ added instead, because they're caring more about convenience than security. Exactly. And so that's, that's where I'm butting heads with some of these big vendors, saying you need to actually invest money into security, even if you're not going to see a return on it, or a large part of your partner base be happy about it. It needs to, it almost needs to be its own investment, its own roadmap, right, you've got a roadmap for features that are conveniences to make your product better and easier to use. You've got a separate roadmap with a separate budget, that set aside for security, making sure you're spending full time on that.

Shiva Maharaj:

I agree. But I disagree with the structure of that. Because features are just new vulnerabilities that have not been identified by guys like Eric. So you need to have what they need to do is bolster their dev sec ops the while something is being coded brought to life, you've got an Eric or version of Eric banging away at it to find the holes and plug them now that's that's

Brian J. Weiss:

definitely fair, that can't be completely separate. They got to interact. That's kind of where I'm at with that. It's It's so yeah, anything, you know, we've mentioned to say on here, I know we're not bashing but I've taken the stance that anything owned by Kaseya. I'm not touching with a 10 foot pole.

Shiva Maharaj:

Are you a loser? No. Have you ever been

Brian J. Weiss:

I was until my incident. And after that, I started looking into my vendors and found out that at that time in 2018, all of the it glue employees could see my client data. Well, if you ask

Shiva Maharaj:

him near, he will tell you that the Department of Homeland Security says it glue and Kaseya is completely safe.

Brian J. Weiss:

So anyway, I immediately left them after that. And I tricked the tier one guy into admitting it in the sense that I was literally trying to import data into it glue, and I wasn't seeing the import, you know, so he was helping me with that. Finally, it worked. And I and I and I said, Can you see that? It worked? He goes, Yeah, I can see it work now. And I was like, so you can see my data in there Can Can you verify under this client, what you see there for me just to make sure that, you know, it worked properly. And he verified everything. And I was just

Shiva Maharaj:

like, wow, you know, dude, that is every MSP vendor out there. They're not the only one,

Brian J. Weiss:

you're talking unless it's unless it's zero knowledge, right.

Shiva Maharaj:

But there is no zero knowledge vendor in the MSP space. Now, if

Brian J. Weiss:

you hold the encryption key to your data, do you not not for all of them, but for credit, you know, we're we're having a discussion with a vendor about adding that PSA.

Shiva Maharaj:

Yeah, everything's in there. Now they can see whatever they want, even if the RMM is somewhat redacted. It's all plain text in the PSA. So there's no real and you have that SSO between PSA and RMM. So there's no real zero knowledge and that that's my problem, right? But, you know, maybe we should do a nother Episode One day on common data models. That way, you have one set of data, everything's being accessed from there, and it's not floating around. And that's my issue with this part of the industry. But I know Eric's gonna jump I gotta jump soon. Anything else you guys want to wrap up on

Eric Taylor:

now? Like always good conversation, good to have a lot of these discussions and be able to explore them and it wasn't 100% ransomware or was crapping on a vendor so it was a good show?

Shiva Maharaj:

Yeah, no, I listen, I anything that can push us for because I think that's what you need to raise the tide as the thought leaders in our community like to say okay, you too can get FBI managed security services now. Anyway,

Eric Taylor:

thanks again for everybody who has tuned in thanks again to Robert for being able to participate in today's call please go to our website and to amplified and intensified calm. Please subscribe to the podcast. Please give us a rating on your favorite podcast. Let us know how are you doing? If you're on social media, please do the same. And leave a comment down below. Tell us what you like what you don't like and let us know how we may not be able to do it better. We probably won't listen. But hey, at least we know you're there participating right until next time. Thanks again to Mr. Brian Weiss with AI tech solutions. Mr. shivah from continuum and my name is Eric and I say thank you.

Shiva Maharaj:

Thanks again for joining us for the cybersecurity amplified and intensified podcast.

Intro
Kaseya NDA
SolarWinds Orion breach used to read Prosecutors' emails
No privacy with metadata
Voice assistants are always recording and sending telemetry data
Politicians compromised by technology
Vince Crisler of Dark Cubed called it on Tuya
Compromised hardware and beacons
Chinese companies are not accountable
Manufacturing and immigration to bring down the cost of domestic manufacturing
Life has a cost, not a value
If China can do it, why can't we?
Podesta and senior Senators are registering as lobbyists for Huawei
A forgotten thing called PATRIOTISM
Ransomware updates with Eric (Conti and Lockbit 2.0)
Unauthorized access should equal a breach
The world is desensitized to ransomware
Education is better than a tool
Vendors steal your ideas with Partner Advisory Boards
Vendors charge you to make their products better
Hive Nightmare/Serious SAM vendor failures
Vendor security illusions
Pay for a result, not a service
Make an impact with what you do
Trust but verify
Push your vendors to be better
Security should be more important than convenience
New features are just unidentified vulnerabilities
Zero knowledge is limited
FBI Managed Security Services
Closing