Take 1 Security Podcast: Episode 3
Unsupervised Learning25 Tammi 2015

Take 1 Security Podcast: Episode 3



START CONTENT


* There was an issue with the Marriott website that exposed reservations and payment information. It’s now been fixed
* Police are now using a new radar to see into peoples’ homes without a warrant
* Security budgets are reportedly going up due to the mega-breaches in 2014


* Also leading to higher pay for CIOs
* Anecdotally, I’d say it’s a pretty good time to be in infosec

* A new security startup, PFP Cybersecurity, uses power consumption to detect malware


* Meant initially to be used for SCADA type systems

* The US hacked North Korean computers back in 2010


* This is reportedly the reasons we were so sure they hacked Sony
* Recently leaked documents from Snowden show heavy offense

* Snowden recently talked to Schneier at Harvard about a number of things


* The NSA is becoming increasingly offensively oriented vs. defensive
* The NSA supposedly uses compromised systems as jump points
* Snowden said most NSA hackers are junior enlisted with limited skills

* Russia reportedly hacking for geopolitical gain, not just money
* Millions of gas stations could be at risk of shutdown


* The Automated Tank Gauges can be remotely accessed by attackers
* Could be manipulated to cause alerts
* Potentially could be used to stop the flow of fuel

* Microsoft gave Charlie Hebdo data to FBI in 45 minutes
* Starwood hack based on bad passwords


* Bad passwords, password re-use, and a brute forcing tool
* Account harvesting is rough: user enumeration, weak passwords, and lack of account lockout

* Flash has another major exploit. Update your stuff.
* People continue to be worried that the President’s crackdown on hackers could hurt security professionals


* Congress is meeting on the 27th of January to discuss breach notification

* The wireless in around 2 million cars is highly vulnerable to attack
* A polish company has created Mouse-Box, which is an entire computer inside of a mouse enclosure


END CONTENT

Play Podcast

Notes


* Sorry about the noise part way through. My girl walked in and started unpacking groceries. But when I say one take, I mean one take.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Jaksot(532)

UL NO. 408: OpenAI Coup Theory, SEC vs. SolarWinds Analysis, Deepfake D&D Summaries

UL NO. 408: OpenAI Coup Theory, SEC vs. SolarWinds Analysis, Deepfake D&D Summaries

My Theory Of What Happened At OpenAI, A New Ransomware Tactic, Analysis Of What The SEC Case Will Do To Cybersecurity, Live David Attenborough Narration, And More… Read the episode here. 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Marras 202335min

UL NO. 407: OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI

UL NO. 407: OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI

Extremist groups using AI for propaganda, NYC restaurant bots, Wegovy and Cannabis studies, my favorite collections of GPTs… 📢Sponsored by Moonlock — cybersecurity wing of MacPaw. Developers of Moonlock Engine, the antimalware tech in CleanMyMac X. 📢Sponsored by Automox - AI-powered modern IT automation is here. Learn more at automox.com. Read the episode here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Marras 202340min

OpenAI's New Releases Are a Watershed Moment for Human Creativity—and Prompt Injection

OpenAI's New Releases Are a Watershed Moment for Human Creativity—and Prompt Injection

Making it trivial to create and share AI Agents that connect to real-word APIs will have a drastic impact on Information Security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Marras 20233min

Why I'm Not Getting the New Humane AI Pin

Why I'm Not Getting the New Humane AI Pin

Why I should be super excited by the Humane AI pin, but I'm not.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Marras 20233min

UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

DOJ and Pentagon emails hacked by Russians, OpenAI's DevDay announcements, when DeepMind thinks we'll see AGI, and more… 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

10 Marras 202328min

UL NO. 404: ServiceNow Widget Flaws, North Korean Infiltrators, and the New Top-performing Prompt String…

UL NO. 404: ServiceNow Widget Flaws, North Korean Infiltrators, and the New Top-performing Prompt String…

In this edition we dive into North Korean IT Infiltration, the top performing prompt technique, Google's traffic optimization, American sick day increases, ServiceNow's Widget problem, the US murder rates, and more Read online here: https://danielmiessler.com/p/ul-no-404-servicenow-widget-flaws-north-korean-infiltrators-new-topperforming-prompt-stringBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Loka 202326min

UL NO. 403: Signal Investigates Rumored Zero-Day Bug, AI Predicts New COVID-19 Strains, Dwindling US-China Scientific Collaboration...

UL NO. 403: Signal Investigates Rumored Zero-Day Bug, AI Predicts New COVID-19 Strains, Dwindling US-China Scientific Collaboration...

In This Edition We Look Into Signal's Investigation Into A Rumored Zero-Day Bug, How Harvard And Oxford Researchers Are Using AI To Predict New COVID-19 Strains, The Dwindling Collaboration Between American And Chinese Scientists, And The European Commission's CSAM Detection Bypass View this week's podcast online at https://danielmiessler.com/p/403Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

16 Loka 202328min

UL NO. 402: Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…

UL NO. 402: Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…

Israel analysis, a genetic data breach, active exploits against critical vulnerabilities, and a brilliant conversation between two writers about creativity 📢 Sponsored by Kolide: Concerned about data breaches and hacks? 🔒 Discover Kolide, the device trust solution that secures your company's devices and credentials, making phishing attempts useless to hackers. See it in action at www.kolide.com/unsupervisedlearning View today's episode online here: https://danielmiessler.com/p/402Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Loka 202326min