Take 1 Security Podcast: Episode 3
Unsupervised Learning25 Tammi 2015

Take 1 Security Podcast: Episode 3



START CONTENT


* There was an issue with the Marriott website that exposed reservations and payment information. It’s now been fixed
* Police are now using a new radar to see into peoples’ homes without a warrant
* Security budgets are reportedly going up due to the mega-breaches in 2014


* Also leading to higher pay for CIOs
* Anecdotally, I’d say it’s a pretty good time to be in infosec

* A new security startup, PFP Cybersecurity, uses power consumption to detect malware


* Meant initially to be used for SCADA type systems

* The US hacked North Korean computers back in 2010


* This is reportedly the reasons we were so sure they hacked Sony
* Recently leaked documents from Snowden show heavy offense

* Snowden recently talked to Schneier at Harvard about a number of things


* The NSA is becoming increasingly offensively oriented vs. defensive
* The NSA supposedly uses compromised systems as jump points
* Snowden said most NSA hackers are junior enlisted with limited skills

* Russia reportedly hacking for geopolitical gain, not just money
* Millions of gas stations could be at risk of shutdown


* The Automated Tank Gauges can be remotely accessed by attackers
* Could be manipulated to cause alerts
* Potentially could be used to stop the flow of fuel

* Microsoft gave Charlie Hebdo data to FBI in 45 minutes
* Starwood hack based on bad passwords


* Bad passwords, password re-use, and a brute forcing tool
* Account harvesting is rough: user enumeration, weak passwords, and lack of account lockout

* Flash has another major exploit. Update your stuff.
* People continue to be worried that the President’s crackdown on hackers could hurt security professionals


* Congress is meeting on the 27th of January to discuss breach notification

* The wireless in around 2 million cars is highly vulnerable to attack
* A polish company has created Mouse-Box, which is an entire computer inside of a mouse enclosure


END CONTENT

Play Podcast

Notes


* Sorry about the noise part way through. My girl walked in and started unpacking groceries. But when I say one take, I mean one take.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Jaksot(532)

News & Analysis | NO. 351

News & Analysis | NO. 351

Cloudflare vs. CAPTCHA, Exchange 0-Day, NSA Leaker Sponsor: Zerofox: Download the External Cybersecurity GuideBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

3 Loka 202217min

News & Analysis | NO. 350

News & Analysis | NO. 350

Infowar Audit, Zoom Reflections, SF CamerasBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Syys 202215min

News & Analysis: NO. 349

News & Analysis: NO. 349

Uber Hacked, GTA Leak, Goodbyes Listen to JJAgha's comments on Relentless Iterations and What He Expects from a Modern SIEM: https://panther.com/resources/podcasts/compass-ciso-jj-agha-on-relentless-iterations-and-what-he-expects-from-a-modern-siem/ Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

20 Syys 202214min

News & Analysis | NO. 348 | Spearmishing, Patreon Security, and Triple-Threat Ransomware

News & Analysis | NO. 348 | Spearmishing, Patreon Security, and Triple-Threat Ransomware

Spearmishing, Patreon Security, and Triple-Threat Ransomware Sponsored by JupiterOne: https://www.jupiterone.com/unsupervisedlearningBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Syys 202223min

Metagaming: An Interview with Andrew Ringlein

Metagaming: An Interview with Andrew Ringlein

In today’s standalone episode I’m going to talk with Andrew Ringlein about some interesting new gaming ideas I’ve not seen anywhere else. He's releasing them in a new game called Rifters, and we chat through the concepts themselves and how they manifest in his new release.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Syys 202253min

News & Analysis | NO. 347

News & Analysis | NO. 347

TikTok Hack, Cloudflare Kiwi, Google OSS Bounty Sponsored by: Keeper Security http://keepersecurity.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Syys 202215min

News & Analysis | NO. 346

News & Analysis | NO. 346

🗞️ Unsupervised Learning NO. 346 | Twitter Whistle, LastPass Plex, Satellite PhonesBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

29 Elo 202219min

News & Analysis | NO. 345

News & Analysis | NO. 345

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Elo 202216min