Take 1 Security Podcast: Episode 4
Unsupervised Learning2 Feb 2015

Take 1 Security Podcast: Episode 4



START CONTENT


* Ghost bug in PHP could affect millions of servers


* Flaw is in glibc, which is extensively by all Linux distributions
* Patch and reboot using yum or aptitude

* The US Army Released DShell, a malware forensics tool


* This is an interesting trend where we see tons of formerly secret groups flock to Github. Great to see

* Reddit released its first transparency report last week


* Says it received 55 requests for user information
* Says it complied with 64% of state and federal requests
* Says it received 218 requests for content removal, and complied with 31 percent of those
* I am pleased to see them releasing these numbers, and I hope more organizations do the same

* The GHCQ was using a program called BADASS to collect data leaked by games such as Angry Birds


* Luckily it only affected the 11 people still playing that game

* Russian dating site, Topface, got hacked for 20 million usernames
* The FBI busted up a Tom Clancy book plot in New York City


* The plan was to get information about wall street trading algorithms and hopefully destabilize the markets
* All they managed to do was embarrass themselves by commenting on how they couldn’t recruit young women

* China is demanding to be able to build backdoors into any code sold to its banking sector


* Some people call this news, but with China we just call this Wednesday

* Apple released a Yosemite update that fixed Thunderstrike, among other things
* Anonymous and Lizard Squad are going after each other


* Anonymous is the famous hacking group known for all sorts of things
* Lizard Squad is known for taking down the XBox and Playstation networks around Christmas time
* Anonymous DDoS’d the Lizard Squad website, and then Twitter suspended a couple of their handles
* Interesting to see these groups going after each other

* BMW and the internet of things is in the news, with BMW owners receiving an automatic push to around 2 million cars


* A vulnerability was present that could allow attacks to spoof cell towers and possibly control onboard systems
* BMW pushed a patch that ensures all such communications go over HTTPS
* It’s interesting that, like printers, cars are likely to become a primary IoT platform just because there are so many of them
* The key is to figure out what normal things exist in the world today en mass, and then imagine those things being connected
* Printers, cars, furniture, clothing, etc. It’s the regular stuff that makes it interesting because of how much attack surface they represent, and how prevalent the perspective they’ll offer into our daily lives



END CONTENT

Play Podcast

Notes


* Intro is from Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(532)

A Conversation with Jason Kikta from Automox

A Conversation with Jason Kikta from Automox

In this sponsored episode of Unsupervised Learning, we talked to Jason Kikta. Jason is the CISO and Senior VP of Product at Automox, and our conversation covered: - Endpoint Management- IT and Security Overlap- Patching Strategies- Cloud-Based Solutions- Configuration Drift- Policy Articulation- Automation and AI- IT Operations Challenges- Future Product Features- and other topics. You can check out Automox at: https://automox.com.  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Jan 202445min

UL NO. 415: It's Raining 9+ CVEs, 40% Job Loss from AI, Invisible Prompt Injection…

UL NO. 415: It's Raining 9+ CVEs, 40% Job Loss from AI, Invisible Prompt Injection…

[updated: apologies, we had the wrong audio file initially] Taiwan chooses democracy, 10,000 hours debunked, Data/Display/AI/AR, and much more… 📢Sponsored by Automox: Brace yourself for any IT calamity with Automox! 🛡️ Tune into the Autonomous IT podcast and join experts discussing Patch Tuesday insights, mitigation strategies, and CVE remedies. Connect with IT pros and stay ahead of the game. 🎧 Listen now on Spotify, Apple, or your favorite podcast platform! Read today's episode hereBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

19 Jan 202421min

UL NO. 414: LastPass Settings Upgrade, Boosting ChatGPT Output, AI Adding Societal Transparency

UL NO. 414: LastPass Settings Upgrade, Boosting ChatGPT Output, AI Adding Societal Transparency

ChatGPT prompting upgrades, CrewAI agent framework, people down on Democracy… 📢 Sponsored by Kolide: Concerned about data breaches and hacks? 🔒 Discover Kolide, the device trust solution that secures your company's devices and credentials, making phishing attempts useless to hackers. See it in action at www.kolide.com/unsupervisedlearning View today's episode online here: https://danielmiessler.com/p/ul-414Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

10 Jan 202425min

UL NO. 413: 7 Things to Expect from AI in 2024+, Xi Going Stalin, SSH's Terrapin…

UL NO. 413: 7 Things to Expect from AI in 2024+, Xi Going Stalin, SSH's Terrapin…

Xi purges detractors, my thoughts on chaos and 2024, my predictions for what we'll build with AI in 2024, macro D, and much more… Read online here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Jan 202424min

A Conversation with Gabe Bernadett-Shapiro on AI

A Conversation with Gabe Bernadett-Shapiro on AI

👥 This conversation is between Daniel Miessler, founder of Unsupervised Learning, and Gabriel Bernadett-Shapiro, an expert on AI Safety and Threat Intelligence.  🧠 TOPICS 00:00:00 Intros 00:04:50 Acels vs. Decels/Boomers 00:08:10 Accelerationists' Optimism for AGI 00:11:02 AGI vs. ASI Discussion 00:14:22 AI Development Debate 00:18:45 Data Retrieval with LLMs 00:27:21 Bottom-Up Automation Strategy 00:34:56 Data Availability Problem Solving 00:42:07 Threat Intel Task Automation 00:49:32 Auto Analyst Tool Demo 01:02:14 Applying AI to Threat Intelligence   🔎 Gabe: X:   / gabeincognito   LinkedIn:   / gabebs     🔎 Daniel: Web: danielmiessler.com X:   / danielmiessler.com   LinkedIn: www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

21 Des 202337min

UL NO. 412: OpenAI's Prompt Guide, My Neovim Overhaul, The UL Character Sheet, And…

UL NO. 412: OpenAI's Prompt Guide, My Neovim Overhaul, The UL Character Sheet, And…

Also: Ubiquity Cross-Pollination, Passcode Laws, China's AI Influence Network, Bodycam Shenanigans, And One Year Independent!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

20 Des 202329min

UL NO. 411: ChatGPT Repeat Vuln, A UL AI Course!, Revenge Code Deletion

UL NO. 411: ChatGPT Repeat Vuln, A UL AI Course!, Revenge Code Deletion

Sneaky ChatGPT Data Leaks, A New Ground-Based Telescope, Companies Leaving Austin, More… 📢Sponsored by Automox: Brace yourself for any IT calamity with Automox! 🛡️ Tune into the Autonomous IT podcast and join experts discussing Patch Tuesday insights, mitigation strategies, and CVE remedies. Connect with IT pros and stay ahead of the game. 🎧 Listen now on Spotify, Apple, or your favorite podcast platform! Read today's episode hereBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Des 202319min

UL NO. 410: The Immigration/Identity Security Risk, Super Soldier Pentagon Talk, Okta&Me Updates, Teachable Agents

UL NO. 410: The Immigration/Identity Security Risk, Super Soldier Pentagon Talk, Okta&Me Updates, Teachable Agents

Meta bans AI-generated Political Ads, Google's new RETVec Anti-spam tool, a casual convo on Super Soldiers, and more… 📢Sponsored by Kolide🔒 Secure your world with device trust – manage all OS, empower employees to fix their own security issues. Say goodbye to vulnerable credentials. 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Des 202325min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
shifter
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
smart-forklart
rss-alt-som-gar-pa-strom
rss-snakk-om-sikkerhet
i-loopen
kunstig-intelligens-med-morten-goodwin
rss-bouvet-bobler
teknologi-og-mennesker
pedagogisk-intelligens
rss-digitaliseringspadden
rss-alt-vi-kan
rss-heis