kristen: we ask experts questions everyday at 3:00 to get answers in real-time. today, we will help you get into the holiday spirit but they look at asian american led businesses and is offering a fabulous holiday sale. we will dive into major new headline about omicron. stanford announced it is moving classes online for two weeks after the holiday break. it is mandating boosters. a reporter from the stanford daily will be telling us about the reaction to the latest threat the in person learning. do you know about the latest

cybersecurity threat? the white house sent a letter to ceos telling them that cyber is the most dangerous weapon in the world amid revelations a software used by some of the biggest companies has a biggest flaw that can be exploited by bad actors to hurt us. joining us is curtis simpson. thank you for joining us. >> think of her having me. kristen: there is a critical flaw discovered in widely used software called log four-j. the general public ethic very little about it. >> it is interesting and complex. i will try to stay away from the complex. what is interesting is it is a

piece of software created 20 years ago used by other software and devices. it is fundamentally used by those software and devices to record logs of things that happened through that software and device. for example, in the case of minecraft, you've got specific logs occurring that take record of specific chats and things that are happening in relation to the game itself. it writes that to a file and does are the things behind the scenes. 20-year-old software that has been used, baked into -- from many manufacturers for decades. kristen: so, which companies? the minecraft server is one of them. what other computing devices? or, is it everything? >> it is everything. you are hearing about this so

rapidly because it is impacting a widespread breath of devices. we have seen a solid one third of our customers are already seeing attacks through different devices. we are seeing smartphones, printers, time keeping devices, smart cameras. software servers, computing devices in general. one of the most challenging things is it is pieces of like -- minecraft is highly vulnerable and is ultimately the reason we all know about this. another example is a piece software used by most colleges, it has been in place since 1990's. i was using this in college. i was helping my daughter use this software today.

this is everywhere. consumer grade devices, consumer devices, iot devices, smart devices, you name it, we are seeing it. kristen: what can hackers do iff all of these devices are vulnerable? what are the potential outcomes should someone exploit that? >> what makes this so dangerous is how easy it is to exploit. the minecraft example requires you drop a piece of code into a chat window. what we saw spread across you to quickly, based on what minecraft is, you can take control of the minecraft server. the possibilities go much further. it ultimately allows any hacker -- attacker, anyone can become an attacker to take advantage of this.

you can watch a five minute youtube video and learn how to exploit this device which could allow you to steal from ed buck -- devices on the network, shut the device down. this is as bad as it sounds sous because not only of the proliferation but i have not seen an attack this easy to execute at scale. the problem is, this is likely to escalate quickly, we are going to see ransomware attack's spread rapidly. how this will be used will be nor to get -- be door into our houses. kristen: are we seeing evidence that nationstates are using this to exploit us? >> we are. we are seeing nationstates take advantage of this rapidly. criminal organizations taking advantage of this.

it is not just us, i have been on industry calls and the industry is seeing this across the board. bad actors move quickly. kristen: banking, water systems, weapons, that is all possible, right? what can we do. i know the homeland security secretary said he is working quickly to address this, but what are the solutions? >> first, this is the responsibility of our solution providers and service providers. those who are manufacturing the devices to issue actions. software updates are the answer here, primarily. there's a couple of things you can do here. if you are prompted to update your television, software on your computer, often we will disregard those messages, but we have to pay attention this time.

if we hurt our kids talking about minecraft, make sure they are playing the latest update. specifically because a lot of our kids running minecraft servers will be looking for the latest features to come out. whether or not they want to bother the update, this feature is going to be log4j, which is not interesting needs to be applied. keep checking. when you open those gifts under the christmas tree, assume they may be vulnerable and look for updates immediately. if it was my kids, i would be opening the package. and resealing it. kristen: how was this discovered? >> this was discovered through traditional research. unfortunately, it flew under the radar across the industry. this became as prolific as it

was for two reasons. it was announced by the company or foundation that has ultimately created the software. they disclosed last week this was vulnerable. we also started to see what was happening in the minecraft community, which brought this to bear. kristen: i final question,stion, was the failure? where does this point us to estimate the nation needs to do in the future? >> this points to a lot of things and there is no one single action. it shows we have a very complicated landscape. complicated supply chain. we have to take security seriously. as you mentioned, this is seriously one of the most if not the significant threat facing all nations. we've got to take steps to make

sure we are protected online. all of those recommendations we have been talking about are more important than ever. it is important people are taking a step back and learning as much as they can about some of the devices on their own network like your home router. if you can spend time learning about the tech in your environment, learn about your home router and follow guides online to improve the security of that device. kristen: curtis thank much for your time. >> thanks for having me. kristen: we will be back with a contributor to the stanford daily newspaper to talk about

kristen: as universities wrap up the fall semester, troubling signs the omicron variant may disrupt hopes for a normal semester. today, stanford university announced two changes. when students and staff return after the holidays. joining us is the newsroom director of the student newspaper at stanford, emma talley. >> thank you for having me. kristen: you just filed your report, i saw. give us the details. there are two major components, right? >> first and foremost, the two weeks of our winter quarters will be held virtually as far as classes go. students will be allowed to return to classes and student housing, but classes will be held virtually on zoom. the second announcement to come

out of that email we got today is that students will be required to receive their booster shot for their covid vaccine. the university previously announced in april that students would be required to be fully vaccinated with two shots before coming back to campus. now, we also require the booster. kristen: how are students reacting to this news? is there surprise, disappointment? are people happy? >> mixed emotions. a few people have felt deja vu from last year because stanford told us emphatically we would be returning for winter quarter, but we would be in person, but three days before instruction was set to begin, they canceled and said you cannot come back. we are doing the quarter online.

there is fear and apprehension among students that something like tech -- something like that could happen again. we had fall quarter in person and things felt normal. i think there is apprehension that things will regress. kristen: hopefully this time it is truly two weeks. the plan is after mlk day, you are back on campus. that depends on what is happening. have there been cases at stanford? i know there have been, but any notable outbreaks? >> there was a slight surgesurgu after thanksgiving break. we had those two weeks after thanks having break. we saw a bump. nothing too intensely concerning. i think the highest was 30 cases. nothing like we are seeing at cornell with hundreds of cases

or harvard with hundreds of cases. it was a big concern coming back from break and anecdotally you hear of outbreaks at certain residences, but the university did a good job of keeping that under control and quarantining people. we have strategies, we are required to test twice a week. lots of different things to catch those cases. >> you do asymptomatic testing of everybody twice a week? >> once a week. all students are required to test once a week. kristen: in the common areas, are you still required to mask? >> yes. kristen: do students adhere to that? >> in my experience, absolutely. there is good compliance, people's -- people don't seem to mind. kristen: universities differ in

their experiences. m.i.t. does twice a week resting -- twice a week testing. uc berkeley, if you are vaccinated you do not have to test at all. do students generally find what you have now is adequate? >> we are required to test once a week. there was concern at the beginning of the year that it was overkill. especially among vaccinated students. i think now we are glad that they are catching it, it is not that big of an inconvenience. and are take-home tests, you test in your dorm room and drop it off at a dropbox. kristen: if you're late, do they cut off your access? >> if you do not test for a certain period of time, i am not sure what that period of time is, i think it is two weeks to a

month, you will get warnings and ultimately you will be -- from dining halls. kristen: at least got to finish the fall quarter in person. a lot of universities have had to move online to do finals. cornell had 900 cases? >> we are on the quarter system. cornell and harvard are on the semester system. their semesters end weeks later than ours. most if not all of our students left before december 11 when campus housing closed for the winter. kristen: the university is requiring students be boosted before the end of january. will they be offering clinics? >> there's a lot of different places to get vaccinated. or, to get the booster.

stamford health care has a lot of different clinics as well as the cvs down the street. a bunch of different pharmacies offer boosters and vaccines. kristen: your vaccination rate is, what, 99%? >> 98%. kristen: what is the university advising you guys to do after break to minimize -- >> their recommending we definitely get the booster over winter break while we are home. i got my tuesday. i am excited. i am ready to go. they are also requiring we take a test before returning to campus and continue the normal strategies. masking, no large gatherings, be careful if traveling, good hygiene and sanitation. we are also required to test,

either rapid test. if we test positive, we are told not to return to campus until we can isolate and quarantine. kristen: the strategy sounds sound. thank you for joining us. >> think you for having me. kristen: we reached out to ucs to see what they are doing. at this point, boosters are not mandated. they are recommended. you see campuses -- we will be right back to tell you about how yo

kristen: remember when crazy rich asians was a surprise hit? a lot of people, including the film plus director, -- goal tiles. to make sure asian recommend --

it started with entertainment and has moved into art, social impact and business. its latest effort comes in time for the holidays, encouraging people to shop local and shop asian american. aeneas are the founders of two small businesses. ok. gotcha. nice to heavy. tell us about your businesses. nona, you have an asian food line? >> an asian food line which is my name, we have ramen, noodles, stirfry starter kits we sell as pressure sores. kristen: indian lentil soup. tomato type basil soup. teriyaki ramen. you have a pad thai, which i actually made before the show. do we have that video? i like to embarrass myself.

while we look at me preparing it, tell us how you came up with these flavors and your cooking background. >> i grew up in singapore. as a child, i would go with my dad to the -- right by my place for in singapore, you have centers where there are little stores that sell only one dish. i would stand there and just watch for i would watch the -- make his own dish. fried noodles in a bigc wok. fast-forward to a decade ago, i wanted to re-create the flavors from my childhood and wanted to create asian flavors for everyone in the u.s. we have taco night, pizza night,

we should have noodle night and make it easy for families to stirfry or make rom and not home. kristen: where else can you find coconut lime chicken bone broth? unique flavors. you have, -- why the number? >> 8 is pronounced -- but it pays homage to my heritage. i am chinese american and it represents auspicious -- it is a very lucky number. kristen: you definitely have asian inspired flavors. you tell me how you come up with them well i.e.. >> -- while i eat. >> i do a cleanse after the super bowl. all of the gluttony after

holiday eating, we wanted something sweet and crunchy that would not blow our diets. when i could not find healthy granola was with refined sugars and oils my set out to make my own using low sugar ingredients. your t -- you are tasting my -- in plea used -- >> i have activated charcoal. not only are they delicious, clean out of the bag with milk or yogurt, they have great benefits. kristen: the black cocoa is delicious. cinnamon chai. you are both supported by gold house? it has -- to american communities. how did that help you. >> first and foremost, it is the

people. especially in the time of covid, we are isolated. this has been really awesome in not just getting our brand elevated to wider audience. being connected to like-minded people who were out to help better the food industry or better the industry while supporting each other, i think has been tremendously hello. kristen: we are showing folks the website. the products featured in the gold house holiday sale. can you speak generally to what folks can find on the gold house holiday website? are there special offers? >> we have a 25% discount gold house holiday website. it is such an opportunity for u

to meet other industries that are not the food industry. not only did i get to meet erica, i met other founders who might be in fashion, beauty, wellness, sex wellness, all kinds of industries. it has been so good to meet other great entrepreneurs who are trying to build our dreams. kristen: erica and nona. nona. n congratulations to both of you. do not go away. we will chat on facebook live. hey, i just got a text from my sister. you remember rick, her neighbor? sure, he's the 76-year-old guy who still runs marathons, right? sadly, not anymore. -what, you mean-- -mhm. -just like that. -wow. so sudden. um, we're not about to have

the "we need life insurance" conversation again, are we? no, we're having the "we're getting coverage so we don't have to worry about it" conversation. so you're calling about the $9.95 a month plan -from colonial penn? -i am. we put it off long enough. we are getting that $9.95 plan, today. (jonathan) is it time for you to call about the $9.95 plan? i'm jonathan from colonial penn life insurance company. sometimes we just need a reminder not to take today for granted. it could be the death of someone you know or a health scare. that's why today could be a great day to call for free information about colonial penn's $9.95 plan. if you're age 50 to 85, you can get guaranteed acceptance whole life insurance starting at just $9.95 a month. there are no health questions so you can't be turned down for any health reason. this is permanent coverage. just pay your premiums for lifelong security. the $9.95 plan is colonial penn's number one most popular whole life plan. options start at just $9.95 a month.

that's less than 35 cents a day. your rate can never go up. it's locked in for life. don't put it off. take the first easy step. call today for free information. and you'll also get this free beneficiary planner, so call now. (soft music) ♪ ♪ hello, colonial penn? kristen: thank you for getting

answers today. we are here every way day at 3:00 answering you tonight, several developing stories as we come on the air. covid and this new variant. now spreading at an alarming rate. what they're seeing already in new york city. the news from florida tonight. dr. jha is standing by here. the other major headline, the cdc panel recommending that americans choose the pfizer or moderna vaccine over johnson & johnson if possible, because of concerns over rare blood clots. and that new variant, omicron, now in at least 39 states, as i mentioned, new york city seeing a dramatic spike in daily cases. broadway shows closing again. reports some restaurants closing, too, because too many workers are sick. dr. fauci and dr. jha on all of this tonight. and what president biden said just a short time ago about the omicron variant, his warning now to americans.