Take 1 Security Podcast: Episode 3
Unsupervised Learning25 Tammi 2015

Take 1 Security Podcast: Episode 3



START CONTENT


* There was an issue with the Marriott website that exposed reservations and payment information. It’s now been fixed
* Police are now using a new radar to see into peoples’ homes without a warrant
* Security budgets are reportedly going up due to the mega-breaches in 2014


* Also leading to higher pay for CIOs
* Anecdotally, I’d say it’s a pretty good time to be in infosec

* A new security startup, PFP Cybersecurity, uses power consumption to detect malware


* Meant initially to be used for SCADA type systems

* The US hacked North Korean computers back in 2010


* This is reportedly the reasons we were so sure they hacked Sony
* Recently leaked documents from Snowden show heavy offense

* Snowden recently talked to Schneier at Harvard about a number of things


* The NSA is becoming increasingly offensively oriented vs. defensive
* The NSA supposedly uses compromised systems as jump points
* Snowden said most NSA hackers are junior enlisted with limited skills

* Russia reportedly hacking for geopolitical gain, not just money
* Millions of gas stations could be at risk of shutdown


* The Automated Tank Gauges can be remotely accessed by attackers
* Could be manipulated to cause alerts
* Potentially could be used to stop the flow of fuel

* Microsoft gave Charlie Hebdo data to FBI in 45 minutes
* Starwood hack based on bad passwords


* Bad passwords, password re-use, and a brute forcing tool
* Account harvesting is rough: user enumeration, weak passwords, and lack of account lockout

* Flash has another major exploit. Update your stuff.
* People continue to be worried that the President’s crackdown on hackers could hurt security professionals


* Congress is meeting on the 27th of January to discuss breach notification

* The wireless in around 2 million cars is highly vulnerable to attack
* A polish company has created Mouse-Box, which is an entire computer inside of a mouse enclosure


END CONTENT

Play Podcast

Notes


* Sorry about the noise part way through. My girl walked in and started unpacking groceries. But when I say one take, I mean one take.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Jaksot(532)

News & Analysis | NO. 344

News & Analysis | NO. 344

Blackhat/DEFCON, TikTok Lockdown, MailChimp Breach… Sponsor: JupiterOne https://www.jupiterone.com/unsupervisedlearning  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

17 Elo 202213min

News & Analysis | NO. 343

News & Analysis | NO. 343

UL NO. 343 | Emergency Hack, Chinese Cobalt Strike, Solana Drainage Sponsor: ZeroFox https://www.get.zerofox.com/ti-guideBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

8 Elo 202212min

News & Analysis | NO. 342

News & Analysis | NO. 342

NK Hackers, TikTok Influence, Amazon Police… Sponsor: Hyperproof. Security, Compliance, and Risk Management leaders need to be able to articulately advocate for their programs to gain collaboration from their peers, support from their leadership, as well as budget and headcount.In this Hyperproof guide, you'll see how to gain active and passive support for your various security initiatives, and you'll get tips and talking points you can use in executive conversations to gain support and drive urgency. info.hyperproof.io/getting-to-yes-ebookBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

2 Elo 202211min

News & Analysis | NO. 341

News & Analysis | NO. 341

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

25 Heinä 202215min

News & Analysis | NO. 340 | SF Surveillance, APTs vs. Journalists, TikTok Changes…

News & Analysis | NO. 340 | SF Surveillance, APTs vs. Journalists, TikTok Changes…

SF Surveillance, APTs vs. Journalists, TikTok Changes… Sponsored by Jupiter One.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

18 Heinä 202221min

News & Analysis | NO. 339

News & Analysis | NO. 339

Lockdown Mode, Paid Pentagon Bounty, China's IP Threat… Sponsors: Cerby.com, CrowdSec.netBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Heinä 202219min

Sponsored Lunch Interview: Keeper Security

Sponsored Lunch Interview: Keeper Security

I had the opportunity to sit down with Zane Bond from Keeper Security. We spent around 40 minutes talking about Keeper's products, the problems they solve, and how they think about the password problem. Learn more at keepersecurity.com.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Heinä 202233min

News & Analysis | NO. 338 | Deepfake Interviews, China Leak, Hacker Services…

News & Analysis | NO. 338 | Deepfake Interviews, China Leak, Hacker Services…

This week's sponsor: Storyblok: Upgrade the Security of Your CMSBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

5 Heinä 202220min