Take 1 Security Podcast: Episode 10
Unsupervised Learning16 Maalis 2015

Take 1 Security Podcast: Episode 10



Play Podcast

START CONTENT


* There was another SQL Injection bug found in SEO by Yoast


* It required admins to click a malicious link
* Was patched quickly
* It’s the plugins that make WordPress vulnerable

* Attackers are targeting gamers for ransomware


* Virlock is one version of ransomware that not only locks the screen, but infects files
* It’s also polymorphic, so it changes itself every time it runs
* TeslaCrypt goes after gamers, which seems super smart because they are often addicted

* The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition


* I get asked a lot about what to do about this kind of stuff
* Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them
* Assume the worst, even though it’s probably not that bad

* US industrial systems attacked 245 times between October 2013 and September 2014


* Most attacks were against Critical Manufacturing and Energy
* Biggest vectors were spear phishing and port scanning

* CloudFlare aims to defeat DDoS with Virtual DNS


* They want to proxy DNS before it hits customer name server

* The CIA supposedly tried to hack Apple hardware


* The article has come under extreme scrutiny

* Going to be on the Security Weekly podcast with Pau
* Hillary Clinton’s email account dram
* OpenSSL is getting an audit


* Bout time

* Wikimedia is suing the NSA over surveillance
* Spoofing the boss is the best way to phish someone, evidently
* Had a great time at CactusCon in Phoenix


* Did a talk with Jason and saw Dave’s keynote
* Dave’s keynote was about struggling with the basics, not APT
* He asked when a major breach was NOT a dumb mistake

* Someone’s looking to make a Snowden Phone
* Looks like I’ll be on the Security Weekly podcast with Paul


* Going to talk about IoT security and my our OWASP project



END CONTENT

Play Podcast

Notes


* Comments welcome on content and format, as usual.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Jaksot(532)

News & Analysis | NO. 321

News & Analysis | NO. 321

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-321/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

9 Maalis 202214min

Sponsored Conversation: Ev Kontsevoy from Teleport

Sponsored Conversation: Ev Kontsevoy from Teleport

In this sponsored conversation, I talk with Ev Kontsevoy of Teleport. In this series I have organic conversations with entrepreneurs as if having lunch with them and hearing about the product for the first time. They give their pitch, and I dig deeper with questions. Teleport, in my own words, is a way of rethinking how people access and use computing resources. It's a policy-based system that controls who can do what across your entire infrastructure using a central access plane. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Maalis 202240min

Andrew Ringlein's 5 Crypto Accelerators in Gaming and Business

Andrew Ringlein's 5 Crypto Accelerators in Gaming and Business

This standalone episode is a conversation with my friend Andrew Ringlein on the topic of how crypto is best thought of as a set of accelerators for business, with gaming being the initial flagship. We talk about Andrew's 5 principles that accelerate gaming companies adopting crypto first, and then look at how those same concepts will soon be adopted by all types of businesses. We also discuss legitimate doubts around crypto in general, and discuss why we think the concepts are more durable (and inevitable) than the technology.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Maalis 20221h 5min

News & Analysis | NO. 320

News & Analysis | NO. 320

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-320/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Helmi 202218min

News & Analysis | NO. 319

News & Analysis | NO. 319

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-319/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Helmi 20228min

News & Analysis | NO. 318

News & Analysis | NO. 318

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-318/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Helmi 202211min

News & Analysis | NO. 317

News & Analysis | NO. 317

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-317/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Helmi 202214min

News & Analysis | NO. 316

News & Analysis | NO. 316

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-316/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

31 Tammi 202212min