Take 1 Security Podcast: Episode 5
Unsupervised Learning8 Helmi 2015

Take 1 Security Podcast: Episode 5



START CONTENT


* Anthem, the second largest healthcare company, had a major breach


* They lost around 80 million socials, addresses, emails, etc., which is roughly double the Target breach
* There’s speculation that it was China, trying to penetrate government, but it’s early
* Watch for phishing scams related to it
* The megabreaches continue…weee!

* A WordPress plugin called FancyBox had a serious compromise in it last week, which affected thousands of websites


* If you’re going to run WordPress, understand that Plugins are the best way to get yourself hacked
* Specifically, the type of plugins that handle user input and do something with it that affects the site’s output
* Image manipulation plugins have been particularly vulnerable, usually to XSS

* There was another critical Flash vulnerability this week


* Like I said last week, and the week before, there’s a first time for everything

* Three bug hunters at HP received the 125,000 prize for finding a major vulnerability in Internet Explorer


* Because they work for HP they couldn’t take the cash, and instead donated it to charity

* Microsoft released Outlook for iOS last week, which looks pretty slick


* Unfortunately it is riddled with security flaws
* Recommendation: wait for a few updates, and for them to get a security assessment


END CONTENT


Play Podcast

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Jaksot(532)

News & Analysis | NO. 344

News & Analysis | NO. 344

Blackhat/DEFCON, TikTok Lockdown, MailChimp Breach… Sponsor: JupiterOne https://www.jupiterone.com/unsupervisedlearning  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

17 Elo 202213min

News & Analysis | NO. 343

News & Analysis | NO. 343

UL NO. 343 | Emergency Hack, Chinese Cobalt Strike, Solana Drainage Sponsor: ZeroFox https://www.get.zerofox.com/ti-guideBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

8 Elo 202212min

News & Analysis | NO. 342

News & Analysis | NO. 342

NK Hackers, TikTok Influence, Amazon Police… Sponsor: Hyperproof. Security, Compliance, and Risk Management leaders need to be able to articulately advocate for their programs to gain collaboration from their peers, support from their leadership, as well as budget and headcount.In this Hyperproof guide, you'll see how to gain active and passive support for your various security initiatives, and you'll get tips and talking points you can use in executive conversations to gain support and drive urgency. info.hyperproof.io/getting-to-yes-ebookBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

2 Elo 202211min

News & Analysis | NO. 341

News & Analysis | NO. 341

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

25 Heinä 202215min

News & Analysis | NO. 340 | SF Surveillance, APTs vs. Journalists, TikTok Changes…

News & Analysis | NO. 340 | SF Surveillance, APTs vs. Journalists, TikTok Changes…

SF Surveillance, APTs vs. Journalists, TikTok Changes… Sponsored by Jupiter One.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

18 Heinä 202221min

News & Analysis | NO. 339

News & Analysis | NO. 339

Lockdown Mode, Paid Pentagon Bounty, China's IP Threat… Sponsors: Cerby.com, CrowdSec.netBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Heinä 202219min

Sponsored Lunch Interview: Keeper Security

Sponsored Lunch Interview: Keeper Security

I had the opportunity to sit down with Zane Bond from Keeper Security. We spent around 40 minutes talking about Keeper's products, the problems they solve, and how they think about the password problem. Learn more at keepersecurity.com.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Heinä 202233min

News & Analysis | NO. 338 | Deepfake Interviews, China Leak, Hacker Services…

News & Analysis | NO. 338 | Deepfake Interviews, China Leak, Hacker Services…

This week's sponsor: Storyblok: Upgrade the Security of Your CMSBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

5 Heinä 202220min