Take 1 Security Podcast: Episode 4

Take 1 Security Podcast: Episode 4



START CONTENT


* Ghost bug in PHP could affect millions of servers


* Flaw is in glibc, which is extensively by all Linux distributions
* Patch and reboot using yum or aptitude

* The US Army Released DShell, a malware forensics tool


* This is an interesting trend where we see tons of formerly secret groups flock to Github. Great to see

* Reddit released its first transparency report last week


* Says it received 55 requests for user information
* Says it complied with 64% of state and federal requests
* Says it received 218 requests for content removal, and complied with 31 percent of those
* I am pleased to see them releasing these numbers, and I hope more organizations do the same

* The GHCQ was using a program called BADASS to collect data leaked by games such as Angry Birds


* Luckily it only affected the 11 people still playing that game

* Russian dating site, Topface, got hacked for 20 million usernames
* The FBI busted up a Tom Clancy book plot in New York City


* The plan was to get information about wall street trading algorithms and hopefully destabilize the markets
* All they managed to do was embarrass themselves by commenting on how they couldn’t recruit young women

* China is demanding to be able to build backdoors into any code sold to its banking sector


* Some people call this news, but with China we just call this Wednesday

* Apple released a Yosemite update that fixed Thunderstrike, among other things
* Anonymous and Lizard Squad are going after each other


* Anonymous is the famous hacking group known for all sorts of things
* Lizard Squad is known for taking down the XBox and Playstation networks around Christmas time
* Anonymous DDoS’d the Lizard Squad website, and then Twitter suspended a couple of their handles
* Interesting to see these groups going after each other

* BMW and the internet of things is in the news, with BMW owners receiving an automatic push to around 2 million cars


* A vulnerability was present that could allow attacks to spoof cell towers and possibly control onboard systems
* BMW pushed a patch that ensures all such communications go over HTTPS
* It’s interesting that, like printers, cars are likely to become a primary IoT platform just because there are so many of them
* The key is to figure out what normal things exist in the world today en mass, and then imagine those things being connected
* Printers, cars, furniture, clothing, etc. It’s the regular stuff that makes it interesting because of how much attack surface they represent, and how prevalent the perspective they’ll offer into our daily lives



END CONTENT

Play Podcast

Notes


* Intro is from Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(532)

UL NO. 408: OpenAI Coup Theory, SEC vs. SolarWinds Analysis, Deepfake D&D Summaries

UL NO. 408: OpenAI Coup Theory, SEC vs. SolarWinds Analysis, Deepfake D&D Summaries

My Theory Of What Happened At OpenAI, A New Ransomware Tactic, Analysis Of What The SEC Case Will Do To Cybersecurity, Live David Attenborough Narration, And More… Read the episode here. 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Nov 202335min

UL NO. 407: OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI

UL NO. 407: OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI

Extremist groups using AI for propaganda, NYC restaurant bots, Wegovy and Cannabis studies, my favorite collections of GPTs… 📢Sponsored by Moonlock — cybersecurity wing of MacPaw. Developers of Moonlock Engine, the antimalware tech in CleanMyMac X. 📢Sponsored by Automox - AI-powered modern IT automation is here. Learn more at automox.com. Read the episode here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Nov 202340min

OpenAI's New Releases Are a Watershed Moment for Human Creativity—and Prompt Injection

OpenAI's New Releases Are a Watershed Moment for Human Creativity—and Prompt Injection

Making it trivial to create and share AI Agents that connect to real-word APIs will have a drastic impact on Information Security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Nov 20233min

Why I'm Not Getting the New Humane AI Pin

Why I'm Not Getting the New Humane AI Pin

Why I should be super excited by the Humane AI pin, but I'm not.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Nov 20233min

UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

DOJ and Pentagon emails hacked by Russians, OpenAI's DevDay announcements, when DeepMind thinks we'll see AGI, and more… 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

10 Nov 202328min

UL NO. 404: ServiceNow Widget Flaws, North Korean Infiltrators, and the New Top-performing Prompt String…

UL NO. 404: ServiceNow Widget Flaws, North Korean Infiltrators, and the New Top-performing Prompt String…

In this edition we dive into North Korean IT Infiltration, the top performing prompt technique, Google's traffic optimization, American sick day increases, ServiceNow's Widget problem, the US murder rates, and more Read online here: https://danielmiessler.com/p/ul-no-404-servicenow-widget-flaws-north-korean-infiltrators-new-topperforming-prompt-stringBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Okt 202326min

UL NO. 403: Signal Investigates Rumored Zero-Day Bug, AI Predicts New COVID-19 Strains, Dwindling US-China Scientific Collaboration...

UL NO. 403: Signal Investigates Rumored Zero-Day Bug, AI Predicts New COVID-19 Strains, Dwindling US-China Scientific Collaboration...

In This Edition We Look Into Signal's Investigation Into A Rumored Zero-Day Bug, How Harvard And Oxford Researchers Are Using AI To Predict New COVID-19 Strains, The Dwindling Collaboration Between American And Chinese Scientists, And The European Commission's CSAM Detection Bypass View this week's podcast online at https://danielmiessler.com/p/403Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

16 Okt 202328min

UL NO. 402: Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…

UL NO. 402: Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…

Israel analysis, a genetic data breach, active exploits against critical vulnerabilities, and a brilliant conversation between two writers about creativity 📢 Sponsored by Kolide: Concerned about data breaches and hacks? 🔒 Discover Kolide, the device trust solution that secures your company's devices and credentials, making phishing attempts useless to hackers. See it in action at www.kolide.com/unsupervisedlearning View today's episode online here: https://danielmiessler.com/p/402Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Okt 202326min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
shifter
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
smart-forklart
rss-alt-som-gar-pa-strom
rss-snakk-om-sikkerhet
i-loopen
kunstig-intelligens-med-morten-goodwin
rss-bouvet-bobler
teknologi-og-mennesker
pedagogisk-intelligens
rss-digitaliseringspadden
rss-alt-vi-kan
rss-heis