Take 1 Security Podcast: Episode 4
Unsupervised Learning2 Feb 2015

Take 1 Security Podcast: Episode 4



START CONTENT


* Ghost bug in PHP could affect millions of servers


* Flaw is in glibc, which is extensively by all Linux distributions
* Patch and reboot using yum or aptitude

* The US Army Released DShell, a malware forensics tool


* This is an interesting trend where we see tons of formerly secret groups flock to Github. Great to see

* Reddit released its first transparency report last week


* Says it received 55 requests for user information
* Says it complied with 64% of state and federal requests
* Says it received 218 requests for content removal, and complied with 31 percent of those
* I am pleased to see them releasing these numbers, and I hope more organizations do the same

* The GHCQ was using a program called BADASS to collect data leaked by games such as Angry Birds


* Luckily it only affected the 11 people still playing that game

* Russian dating site, Topface, got hacked for 20 million usernames
* The FBI busted up a Tom Clancy book plot in New York City


* The plan was to get information about wall street trading algorithms and hopefully destabilize the markets
* All they managed to do was embarrass themselves by commenting on how they couldn’t recruit young women

* China is demanding to be able to build backdoors into any code sold to its banking sector


* Some people call this news, but with China we just call this Wednesday

* Apple released a Yosemite update that fixed Thunderstrike, among other things
* Anonymous and Lizard Squad are going after each other


* Anonymous is the famous hacking group known for all sorts of things
* Lizard Squad is known for taking down the XBox and Playstation networks around Christmas time
* Anonymous DDoS’d the Lizard Squad website, and then Twitter suspended a couple of their handles
* Interesting to see these groups going after each other

* BMW and the internet of things is in the news, with BMW owners receiving an automatic push to around 2 million cars


* A vulnerability was present that could allow attacks to spoof cell towers and possibly control onboard systems
* BMW pushed a patch that ensures all such communications go over HTTPS
* It’s interesting that, like printers, cars are likely to become a primary IoT platform just because there are so many of them
* The key is to figure out what normal things exist in the world today en mass, and then imagine those things being connected
* Printers, cars, furniture, clothing, etc. It’s the regular stuff that makes it interesting because of how much attack surface they represent, and how prevalent the perspective they’ll offer into our daily lives



END CONTENT

Play Podcast

Notes


* Intro is from Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(531)

North Korea Strategy to “Infiltrate” Foreign Companies

North Korea Strategy to “Infiltrate” Foreign Companies

KnowBe4 accidentally hired a North Korean state actor who tried to install info-stealing malware on their devices. They caught it in time, but it shows how good North Korean hackers are at pretending to be IT staff. | Bill Toulas | MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

10 Sep 20243min

How To Find Great People to Work With - UBI & Talent Distribution

How To Find Great People to Work With - UBI & Talent Distribution

This reminds me of a very similar lesson I learned when hiring in cybersecurity over 20 years: exposing people to training and encouragement makes the stars stand out, but it doesn’t turn everyone into stars. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

8 Sep 20249min

Ambition & UBI - Why People Are Working Less

Ambition & UBI - Why People Are Working Less

The idea that Universal Basic Income (UBI) reduces the need to work isn't new, but recent studies show it doesn't lead to better jobs or more education. Instead, people just work less. | by Alex Howlett | MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Sep 20247min

UL NO. 448: TSA SQLi, NYT Github, NK RPM, NVIDIA Mystery...

UL NO. 448: TSA SQLi, NYT Github, NK RPM, NVIDIA Mystery...

Becoming Attention, Weighting on OpenAI, Ozempic and Aging?, and more... ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Sep 202422min

Google Current State A Waste of Money & Talent

Google Current State A Waste of Money & Talent

Google is slowly getting rid of all the best things it has. The main thing Google is growing is its graveyard. Such a colossal waste of money and talent. Their failures should be studied for centuries as an example of what happens when you don’t lead with UX-focused product management, rather than “throw shit at wall”-focused engineering. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

4 Sep 20242min

How China is Winning The Energy War

How China is Winning The Energy War

China is installing record amounts of solar and wind energy, adding 10 gigawatts of wind and solar capacity every two weeks, which is like building five large nuclear power plants weekly. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

2 Sep 20242min

AI The Creative Workflow & The Dangers of Groupthink

AI The Creative Workflow & The Dangers of Groupthink

A new study shows that while generative AI like ChatGPT makes individual stories more creative and engaging, it also makes them more similar to each other. | by Ben Dickson | MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

31 Aug 20245min

UL NO. 447: Sam Curry on Bug Bounty Careers, Slack Data Exfil, The Work Lie

UL NO. 447: Sam Curry on Bug Bounty Careers, Slack Data Exfil, The Work Lie

Stopping Chinese AI/Robot imports, Substrate for political platforms, sun vs. smoking, and more... Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

31 Aug 202432min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
rss-impressions-2
shifter
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
fornybaren
rss-alt-vi-kan
rss-alt-som-gar-pa-strom
smart-forklart
rss-snakk-om-sikkerhet
teknologi-og-mennesker
kunstig-intelligens-med-morten-goodwin
rss-bouvet-bobler
i-loopen
pedagogisk-intelligens
rss-digitaliseringspadden