Take 1 Security Podcast: Episode 5
Unsupervised Learning8 Feb 2015

Take 1 Security Podcast: Episode 5



START CONTENT


* Anthem, the second largest healthcare company, had a major breach


* They lost around 80 million socials, addresses, emails, etc., which is roughly double the Target breach
* There’s speculation that it was China, trying to penetrate government, but it’s early
* Watch for phishing scams related to it
* The megabreaches continue…weee!

* A WordPress plugin called FancyBox had a serious compromise in it last week, which affected thousands of websites


* If you’re going to run WordPress, understand that Plugins are the best way to get yourself hacked
* Specifically, the type of plugins that handle user input and do something with it that affects the site’s output
* Image manipulation plugins have been particularly vulnerable, usually to XSS

* There was another critical Flash vulnerability this week


* Like I said last week, and the week before, there’s a first time for everything

* Three bug hunters at HP received the 125,000 prize for finding a major vulnerability in Internet Explorer


* Because they work for HP they couldn’t take the cash, and instead donated it to charity

* Microsoft released Outlook for iOS last week, which looks pretty slick


* Unfortunately it is riddled with security flaws
* Recommendation: wait for a few updates, and for them to get a security assessment


END CONTENT


Play Podcast

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(541)

A Conversation with Michael Brown About Designing AI Systems

A Conversation with Michael Brown About Designing AI Systems

In this episode of Unsupervised Learning, I sit down with Michael Brown, Principal Security Engineer at Trail of Bits, to dive deep into the design and lessons learned from the AI Cyber Challenge (AIx...

22 Aug 202550min

UL NO. 494:  STANDARD EDITION | AI Finds a P1, I Missed Chartbeat So I Made My Own, XBow Open-Sources Their AI Bot, and more...

UL NO. 494:  STANDARD EDITION | AI Finds a P1, I Missed Chartbeat So I Made My Own, XBow Open-Sources Their AI Bot, and more...

You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danie...

21 Aug 20251h 38min

A Conversation With Sarit Tager from Prisma Cloud

A Conversation With Sarit Tager from Prisma Cloud

➡ Prevent Risk At The Source with Cortex Cloud: https://www.paloaltonetworks.com/cortex/cloud/application-security In this sponsored conversation, I speak with Sarit Tager, VP of Product Management at...

29 Jul 202525min

UL NO. 489: STANDARD EDITION | My personal toolchain updates, Google tracking through DuckDuckGo, Anthropic’s Pentagon Deal, Grok4 NSFW, Substack Crushes WSJ, and more...

UL NO. 489: STANDARD EDITION | My personal toolchain updates, Google tracking through DuckDuckGo, Anthropic’s Pentagon Deal, Grok4 NSFW, Substack Crushes WSJ, and more...

UL NO. 489: STANDARD EDITION | My personal toolchain updates, Google tracking through DuckDuckGo, Anthropic’s Pentagon Deal, Grok4 NSFW, Substack Crushes WSJ, and more... You are currently listening t...

17 Jul 202522min

UL NO. 488: STANDARD EDITION | Google Granting Confusing Access to Gemini, A New Favorite Creator, Russia's new Autonomous Drones, Claude Code Madness and Neovim Config, and more...

UL NO. 488: STANDARD EDITION | Google Granting Confusing Access to Gemini, A New Favorite Creator, Russia's new Autonomous Drones, Claude Code Madness and Neovim Config, and more...

UL NO. 488: STANDARD EDITION | Google Granting Confusing Access to Gemini, A New Favorite Creator, Russia's new Autonomous Drones, Claude Code Madness and Neovim Config, and more... You are currently ...

10 Jul 202530min

UL NO. 487: STANDARD EDITION: Iranian Critical Infra Attacks, Insane Recent Productivity, A Chinese Mosquito Drone, Marcus's Response to Our AI Debate, "Context Engineering" Ain't It, and more...

UL NO. 487: STANDARD EDITION: Iranian Critical Infra Attacks, Insane Recent Productivity, A Chinese Mosquito Drone, Marcus's Response to Our AI Debate, "Context Engineering" Ain't It, and more...

UL NO. 487: STANDARD EDITION: Iranian Critical Infra Attacks, Insane Recent Productivity, A Chinese Mosquito Drone, Marcus's Response to Our AI Debate, "Context Engineering" Ain't It, and more... You ...

2 Jul 202541min

An AI Debate with Marcus Hutchins

An AI Debate with Marcus Hutchins

Marcus and I debate AIs capabilities from nearly polar opposite ends. He thinks it's basically autocomplete, and I think it's the most important tech we've ever built as humans. It was a fantastic, an...

26 Jun 20252h

UL NO. 486 STANDARD EDITION: Fully Automated AI Malware (Binary and Web), My Debate with Marcus Hutchins on AI and more

UL NO. 486 STANDARD EDITION: Fully Automated AI Malware (Binary and Web), My Debate with Marcus Hutchins on AI and more

UL NO. 486: STANDARD EDITION: Fully Automated AI Malware (Binary and Web), My Debate with Marcus Hutchins on AI, The 'Did You Notice?' Psyop, The METR AI Metric for Longterm Tasks, and more... You are...

26 Jun 202555min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
elektropodden
shifter
nasjonal-sikkerhetsmyndighet-nsm
smart-forklart
fornybaren
pedagogisk-intelligens
rss-heis
rss-vi-leser-dommer-om-personvern
rss-fish-ships
rss-bouvet-bobler
rss-ki-praten
rss-alt-som-gar-pa-strom
rss-ai-forklart
rss-for-alarmen-gar
rss-kvantespranget