Take 1 Security Podcast: Episode 9
Unsupervised Learning9 Maalis 2015

Take 1 Security Podcast: Episode 9



START CONTENT


* Sorry about the audio last week; wireless headsets don’t compare to the Yeti
* The CIA is focusing on cyberespionage in its new management
* Anthem is refusing an audit by the OIG office–an org that audits health care groups that provide services to federal employees


* Nothing says I’m guilty like refusing an audit
* Reminds me of the Russians refusing the crash investigation in Game of Cards

* There’s been a possible credit card breach at the Mandarin Oriental hotel chain


* The incident was reported by Brian Krebs

* Three people were indicted in the Epsilon hack


* Resulted in around 1 billion email addresses being stolen

* Dave Aitel thinks junk hacking is a waste


* Basically hacking your blender or whatever
* In my opinion he’s missing the point that most conferences are like this
* I think there’s a hierarchy of talks


* Create new defense tool based on new defense idea
* Create new defense idea
* Create new attack tool based on new attack idea
* Create new attack idea
* Create new tool for existing attack or defense idea
* Describe existing attack or defense idea


* Microsoft has reported it’s vulnerable to FREAK as well, making it even more serious


* FREAK has proved to be less alarming than previous SSL vulns simply because of the difficulty of attack



END CONTENT

Play Podcast

Notes


* I think I’m going to standardize the intro and outro so that I only end up recording the actual story content each week.
* Any recommendations on what else you’d like to see would be appreciated.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Jaksot(532)

NO. 361 | GPT++, Apple Security, CISA Cuba…

NO. 361 | GPT++, Apple Security, CISA Cuba…

GPT++, Apple Security, CISA Cuba…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Joulu 202212min

NO. 360 | NEWS, ANALYSIS & DISCOVERY SERIES

NO. 360 | NEWS, ANALYSIS & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

5 Joulu 202213min

Erkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIES

Erkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIES

In this standalone episode we’re doing a sponsored interview with Erkang Zheng of Jupiter One. So JupiterOne is a special company to me. I just built a vuln management program at Robinhood based around them, and I believe so much in their vision that I’m looking to actually become an advisor. I mention this because when I fanboy for something, like Apple, or whoever, I want you to know that I’m fanboying and/or have a relationship with them. Or that I want to. The interview here talks mostly about concepts, however, and not so much specific features. But I just wanted to mention my orientation to the company prior to starting. I’m speaking with Erkang Zheng who is the founder and CEO of the company, and as you can hear we have a similar take on many of the problems currently in security. So with that, here’s Erkang Zheng. — Start a JupiterOne Account for FreeBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

3 Joulu 202227min

NO. 359 | THE NEWS, ANALYSIS & DISCOVERY SERIES

NO. 359 | THE NEWS, ANALYSIS & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Marras 20229min

Scott Kuffer of Nucleus Security | SPONSORED INTERVIEW SERIES

Scott Kuffer of Nucleus Security | SPONSORED INTERVIEW SERIES

In this standalone episode we’re doing a sponsored interview with Scott Kuffer, co-founder and COO of Nucleus Security. I was already excited by this vendor just based on the research I did to allow them to be a sponsor, but the conversation with them really made me think they’re approaching the vulnerability management problem the right way. Namely, by tackling a lot of the non-technical problems using technical solutions rather than obsessing over vuln prioritization. If you are in the VM space or are about to be in it, you will love this conversation. And with that, here’s Scott Kuffer with Nucleus Security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Marras 202247min

NO. 358 | NEWS, ANALYSIS, & DISCOVERY SERIES

NO. 358 | NEWS, ANALYSIS, & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Marras 202214min

NO. 357 | NEWS, ANALYSIS, & DISCOVERY SERIES

NO. 357 | NEWS, ANALYSIS, & DISCOVERY SERIES

NSA Languages, GPT-4 Hype, Chinese AirDrop…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Marras 202212min

NO. 356 | NEWS, ANALYSIS & DISCOVERY SERIES

NO. 356 | NEWS, ANALYSIS & DISCOVERY SERIES

Sponsored by JupiterOne: jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Marras 202211min