Take 1 Security Podcast: Episode 3
Unsupervised Learning25 Tammi 2015

Take 1 Security Podcast: Episode 3



START CONTENT


* There was an issue with the Marriott website that exposed reservations and payment information. It’s now been fixed
* Police are now using a new radar to see into peoples’ homes without a warrant
* Security budgets are reportedly going up due to the mega-breaches in 2014


* Also leading to higher pay for CIOs
* Anecdotally, I’d say it’s a pretty good time to be in infosec

* A new security startup, PFP Cybersecurity, uses power consumption to detect malware


* Meant initially to be used for SCADA type systems

* The US hacked North Korean computers back in 2010


* This is reportedly the reasons we were so sure they hacked Sony
* Recently leaked documents from Snowden show heavy offense

* Snowden recently talked to Schneier at Harvard about a number of things


* The NSA is becoming increasingly offensively oriented vs. defensive
* The NSA supposedly uses compromised systems as jump points
* Snowden said most NSA hackers are junior enlisted with limited skills

* Russia reportedly hacking for geopolitical gain, not just money
* Millions of gas stations could be at risk of shutdown


* The Automated Tank Gauges can be remotely accessed by attackers
* Could be manipulated to cause alerts
* Potentially could be used to stop the flow of fuel

* Microsoft gave Charlie Hebdo data to FBI in 45 minutes
* Starwood hack based on bad passwords


* Bad passwords, password re-use, and a brute forcing tool
* Account harvesting is rough: user enumeration, weak passwords, and lack of account lockout

* Flash has another major exploit. Update your stuff.
* People continue to be worried that the President’s crackdown on hackers could hurt security professionals


* Congress is meeting on the 27th of January to discuss breach notification

* The wireless in around 2 million cars is highly vulnerable to attack
* A polish company has created Mouse-Box, which is an entire computer inside of a mouse enclosure


END CONTENT

Play Podcast

Notes


* Sorry about the noise part way through. My girl walked in and started unpacking groceries. But when I say one take, I mean one take.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Jaksot(532)

NO. 355 | NEWS & ANALYSIS SERIES

NO. 355 | NEWS & ANALYSIS SERIES

Critical TLS, Liz Russia, AI Sweater… Sponsor: Keeper Security | Protect employee passwords in minutes with Keeper — the award-winning password manager that is secure, easy to set up, and easy to use. Keeper works out-of-the-box with identity, MFA, and SIEM solutions including Okta, Azure AD, Ping Identity, G Suite, YubiKey and many others…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

31 Loka 202213min

Why Everyone Needs a Blog | THE IDEA SERIES

Why Everyone Needs a Blog | THE IDEA SERIES

People used to be defined by where they work, and now they’re defined by their knowledge, capabilities, and opinions.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Loka 20224min

Creativity Comes From Idleness | THE IDEA SERIES

Creativity Comes From Idleness | THE IDEA SERIES

A few years ago I figured out why we’re so creative in the shower…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Loka 20222min

AI Art Will Push the Top 1% to Human Artists | THE IDEA SERIES

AI Art Will Push the Top 1% to Human Artists | THE IDEA SERIES

https://danielmiessler.com/blog/ai-art-push-1-percent-human-artists/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

25 Loka 20224min

NO. 354 | THE NEWS & ANALYSIS SERIES

NO. 354 | THE NEWS & ANALYSIS SERIES

China Controls, TikTok Tracking, Infra Sabotage…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

24 Loka 202218min

Humiliation is Deadly | THE IDEA SERIES

Humiliation is Deadly | THE IDEA SERIES

Exploring a status game model for understanding negative behavior. https://danielmiessler.com/blog/humiliation-is-deadly/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

21 Loka 202211min

NO. 353 | THE NEWS & ANALYSIS SERIES

NO. 353 | THE NEWS & ANALYSIS SERIES

🗞️ Caffeine Phishing, Cyber Labeling, Kamikaze Drones… Sponsor: Panther Security https://panther.com/ul22Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

17 Loka 20229min

News & Analysis | NO. 352

News & Analysis | NO. 352

CISA Assets, Contractor Hack, China CVEs… Sponsored by: Jupiter One @ jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Loka 202213min