Preview Mode Links will not work in preview mode

Thanks for joining us! Let me know if there are any topics you'd like us to cover by sending an email to me at craigpeterson . com!

Dec 18, 2018

Craig is on the Jim Polito show as he discusses with Jim the Equifax breach and the new bug that left your Microsoft account wide open to hackers.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

A Bug Left Your Microsoft Account Wide Open To Complete Takeover

Equifax Breach Was Just As Infuriating And Dumb As You Thought, New House Report Finds

---

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 12/18/2018

Big Data Dirty Little Secret Ties To Government - Microsoft Vulnerability

Craig Peterson: 0:00
Hey, good morning, everybody. Craig Peterson here. This morning I was talking to Jim Polito about security and safety online. The report came out from Congress what happened with the Equifax hack? We talked about that I gave away a dirty little secret here about our government and kind of another type of spying operation that's been going on. And we started out by talking about another major ability over Microsoft, although this one was finally closed after being at least wide open for five months for at least five months. So anyhow, I hope you guys are having a great week. I am so looking forward to Christmas next week. I hope you guys are to having a great year whether you celebrate Christmas or not, and I will be back tomorrow as well. So here we go with Jim

Unknown 0:54
Here he is the man myth and legend by he's actually from the future or you know, he's a machine and he's masquerading as a man. It's part of that whole matrix thing. Here is our friend Craig Peterson Good morning, sir.

Unknown 1:12
Hey, good morning. And greeting to our robot overlords.

Unknown 1:19
I do love the Matrix movies. It's great, but it scared the Matrix. And of course, the Terminator movies. They all scare the heck out of me. So before the machines take over

Unknown 1:32
what's going on with Microsoft and your Microsoft account? Like my office documents, my outlook emails, which just happens to be two programs that I use,

Unknown 1:48
the hackers could have gotten in there, or did they get in there? Craig? What's the story?

Unknown 1:54
Yeah, there's a lot to worry about this year. And if the FBI has out some new warning about some different types of scams going on. You got to be careful if you're buying gift card we can talk about that ticket scams oh my gosh, what's going on this year, but Microsoft gave us a special kind of a pre Christmas precipice here they laugh consumer a series of different vulnerabilities your account if you have Microsoft accounts, everything from your Office documents your Outlook email yeah pretty much wide open to hacking and there was this whole calc takeover thing you know I'm shaking my head gives you think that these companies would know better and this is a very big problem but if this is a little bit complicated but basically what happened is the security researcher was able to take over our Microsoft domain what are their sub domains success office.com and he was able to trick the applications to ask off success at office calm the Microsoft applications on potentially millions of people's computers trick them into sending all of the users confidential information to him now he reported it to Microsoft in June they finally fix that but he never took control of the domain but he received any and all data coming to it's going from it and again it's you know we've got these large complex systems and everybody silos so that the office people you know you're working on on word I'm working on best you're working on that you're working on the authorization you're working on the lock in your and those teams don't have any oversight because the whole system is just so powerful complex How can somebody know everything about everything this is just frankly bound to happen and and that's where my Christmas present comes in. Jim

Unknown 4:11
yeah and early I'll take

Unknown 4:12
it a week early Sure. Okay. We finally finished that special report on what to do to freeze your credit freeze your information so the bad guys you know they almost certainly already have all of your termination check back yeah but because they have all of that and because of the new tax law there are new ways now to protect your credit your personal you know my whole personal side of it that you didn't have before they're absolutely free so I'm going to play around this yeah but I finally got this report all finished we're sending it out this week so I'm going to send out an email keep an eye out for the probably Thursday and you're going to love this is it step by step what do you do how do you do it how do you stop the bad guys now from using your stolen information and as usual absolutely free and absolutely I think very very useful it just took us like two weeks to get it together but that's my Christmas present or or Hanukkah Happy holidays or wanna call it

Unknown 5:29
What about festival yeah yes that's right

Unknown 5:35
favorite

Unknown 5:35
yeah

Unknown 5:37
so that's something that if you are on Craig Peterson's list you will get and at the end of this segment I'm going to give you a number I recommend that you text My name to that number Craig will know where you're coming from and then he will provide you with that information and then as you go forward folks who have already registered with Craig they'll get it anyway way so any won't sell your name you won't exploit you and standard data and text rates apply that's a nice little that's a nice little early present now the folks at Equifax which don't they happen to be the gift that keeps on giving speaking of the Now there were in a holiday and Christmas motif

Unknown 6:27
there remember they had their the folks who do credit rating and they had a big data breach and once again Craig Peterson to the rescue for listeners to the show as to what to do but there's a new report by house investigators Congress as to

Unknown 6:49
the breach and it's actually worse than we thought it was right again why is it every time there's one of these hacks data breaches every time I'm we hear about it it gets worse

Unknown 7:03
yeah yeah this is the House Oversight and Government Reform Committee and they released on Monday and 96 page long report and this is just absolutely astounding to me because I have clients that have come to me and they say hey Craig Can you help us out

Unknown 7:27
because they lost just credit cards just credit cards and the Payment Card Industry if you accept credit cards now requires you to sign this document that is almost 250 pages printed out yeah and and they say hey we lost some of these credit cards were getting fined and that they they ended up settling some of the fines but I had one company come to me Jim and the fines were in the millions of dollars because his face on how many credit cards you have accepted over the years okay yeah but this company so very very big deal What do you think you know Equifax is fines were what do you think you know how many people got fire people went to jail

Unknown 8:19
now folks the whole Equifax thing and and as I said Craig Peterson did a lot to help people to protecting and you're still recommending that people freeze their credit. Right?

Unknown 8:33
Yeah, that's the only way around this and you know it really is ok. But here's what

Unknown 8:39
I want to get. I want to get to your points. Are you freezing credit. But

Unknown 8:44
how many people got fired? Zero? Maybe maybe one and he was the intern every other Tuesday who came in from Columbia University finds.

Unknown 9:00
I don't know a $5 for every person who was hacked because that's what you had to pay wasn't it originally to freeze your credit or $1? I don't know

Unknown 9:13
yeah, basically that's what it was it was Equifax has to offer free credit reporting services right and then they offered a free credit freeze but that was only one of the agencies you've got a freezer that all three major agency right

Unknown 9:30
right

Unknown 9:30
so yeah and you're right about the intern basically nobody I'm at upper level got fired on that was absolutely

Unknown 9:38
crazy credible.

Unknown 9:40
It's incredible. So here's There are five key findings. First of all of our house report says it was entirely preventable. There was a lack of accountability management they had complex and entirely outdated IT systems. These are a little legacy systems been around a long time and they hadn't bothered to update anything that was essential here. They were unprepared to support affected customers. You you remember we talked about this, what they sent them from these weird email addresses. The sites weren't working and here's the worst one right. But in terms of animal Equifax, a wild over 300 security certificates to expire, including 79 security certificates for monitoring the business critical domains. And they did not renew an expired digital certificate for 19 months. This one important 119 months which left Equifax without visibility on the X filtration of data during the attack. And other words that the data was being stolen was being pulled out of echo fact they didn't notice they couldn't know

Unknown 11:01
employee. They didn't keep their certificates up today. Can you imagine that?

Unknown 11:08
I mean, I mean, like a company. Okay. It's one thing if you have to say to me, Tim, did you update your antivirus? Did you do this? Do you have the latest software for your Wi Fi? And for this? It's one thing if you you know, that's me. Now we're talking about a corporation

Unknown 11:29
that what do they do? These are the crowded guys, they have everything. You and I we don't even do business with them. Right. When was the last time you said that factor check because of that wonderful service?

Unknown 11:43
Because you're doing a great job.

Unknown 11:45
Yeah, yeah. Are you kidding me? And the laws that we have in place allow for all kinds of exceptions for them where they can do just tons of stuff that would if you and I were collecting some of this data, we will being serious trouble that the federal government can't even collect it. And you know what Jim Bakker the deep dark secret here to end this foldable discussion. Yes the deep dark secret is the federal government cannot collect information certain information on our that citizens. And so what did we do we want to the Five Eyes apparently we went to the UK we went to Australia and said, Hey, can you spire Trump for us? That's what it was like happens because we can't do it. Here's the dirty little secret you don't want. They go they go to these data aggregation providers. They go to companies like Equifax and they say hey, has Jim done this or that? Who are they talking to? What's he been buying? What are the trends in his Spencer's look like and these data aggregators have everything, what kind of car you drive, how old it is, if it's registered, if they even have your photo and your driver's license information, depending on the stage you're in, and the federal government uses them to track

Unknown 13:05
and so are they really incentivized to come clamping down on these data aggregators? No, we're not

Unknown 13:14
trying

Unknown 13:15
a little dirty secret for Christmas

Unknown 13:18
a little dirty secret. Now, here's another gift for everyone. If you text My name to this number

Unknown 13:25
855-385-5553. That's 855-385-5553

Unknown 13:33
standard data and text rates apply. Craig Peterson will get back to you with all of this information. Plus more you'll be honest list when there's a big hack when there's a big problem, he will reach out to you and don't worry again because he won't sell your name to anyone and won't give it to hackers. And again, standard data and tax rates apply. Craig, thank you so, so much. Hey, a very, very Merry Christmas to you, sir.

Unknown 14:02
Hey to you, too. I'm looking forward to listening to you on Tuesday. All right. Oh, wait a minute.

Unknown 14:07
And Happy Happy Boxing Day. Okay. Yeah, I know very. My Canadian friend. Happy boxing. Say Craig. Everybody. Craig Take care.

Unknown 14:18
Bye bye. All right, don't go anywhere

Unknown 14:22
and as you heard I finally have a document ready about what to do and I don't know we might want to turn it into a whole course for people so it's step by step you know screen instruction and helping them out but anyways it is finally available make sure you're on my list http://CraigPeterson.com/subscribe and take care. Talk to you tomorrow.

---

Don't miss any episode from Craig. Visit http://CraigPeterson.com/itunes. Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We're really hitting it out of the park. This will be a great year! 

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553