Take 1 Security Podcast: Episode 5
Unsupervised Learning8 Helmi 2015

Take 1 Security Podcast: Episode 5



START CONTENT


* Anthem, the second largest healthcare company, had a major breach


* They lost around 80 million socials, addresses, emails, etc., which is roughly double the Target breach
* There’s speculation that it was China, trying to penetrate government, but it’s early
* Watch for phishing scams related to it
* The megabreaches continue…weee!

* A WordPress plugin called FancyBox had a serious compromise in it last week, which affected thousands of websites


* If you’re going to run WordPress, understand that Plugins are the best way to get yourself hacked
* Specifically, the type of plugins that handle user input and do something with it that affects the site’s output
* Image manipulation plugins have been particularly vulnerable, usually to XSS

* There was another critical Flash vulnerability this week


* Like I said last week, and the week before, there’s a first time for everything

* Three bug hunters at HP received the 125,000 prize for finding a major vulnerability in Internet Explorer


* Because they work for HP they couldn’t take the cash, and instead donated it to charity

* Microsoft released Outlook for iOS last week, which looks pretty slick


* Unfortunately it is riddled with security flaws
* Recommendation: wait for a few updates, and for them to get a security assessment


END CONTENT


Play Podcast

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(541)

Unsupervised Learning: Episode 35

Unsupervised Learning: Episode 35

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] The hack of Mossak Fonseca has been tied to a breach of their wordpress install through a plugin called Revolution Slider, leading to the ...

11 Huhti 201627min

5 Increasingly Effective Ways to Achieve Immortality

5 Increasingly Effective Ways to Achieve Immortality

[ Subscribe to the Podcast: iTunes | Android | RSS ] — I think a lot about how to become immortal. More than I should, probably. Many think it’s a waste of time. Everyone dies, and it’s foolish to ...

7 Huhti 201613min

Unsupervised Learning: Episode 33

Unsupervised Learning: Episode 33

News [ ] Panama Papers leak [ ] Hackers targeting major US law firms [ ] Ubuntu has some kernel vuln patches out [ ] 50 million turkish citizens have their information dumped online [ ] Microsoft mak...

7 Huhti 201637min

T1SP: Episode 32

T1SP: Episode 32

[ Subscribe to the Podcast: iTunes | Android | RSS ] News * [ ] Verizon Enterprise Solutions had a major data breach of their customer data. This is the group that handles breaches for their custom...

28 Maalis 201636min

T1SP: Episode 31

T1SP: Episode 31

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] FBI saying it will force Apple to hand over source code and signing ability if they don’t comply | http://thehackernews.com/2016/03/fbi-ap...

14 Maalis 201632min

My Response to Sam Harris on the Apple Encryption Debate

My Response to Sam Harris on the Apple Encryption Debate

[ Subscribe to the Podcast: iTunes | Android | RSS ] [ UPDATE: Much credit to Sam for engaging in the conversation. I’m not sure how people claim he’s closed on this topic when he is clearly open to ...

28 Helmi 201636min

T1SP: Episode 29

T1SP: Episode 29

[ Subscribe to the Podcast: iTunes | Android | RSS ] News * [ ] Apple calls out FBI on iPhone decryption case * [ ] Trump calls for a boycott of Apple, from an iPhone * [ ] Judge Rules FBI Must Rev...

23 Helmi 201619min

T1SP: Episode 28

T1SP: Episode 28

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] Major Cisco ASA buffer overflow; patch now [ ] Critical patches for Windows and Flash [ ] The FBI is officially investigating Hillary Clin...

15 Helmi 201642min