Take 1 Security Podcast: Episode 5
Unsupervised Learning8 Feb 2015

Take 1 Security Podcast: Episode 5



START CONTENT


* Anthem, the second largest healthcare company, had a major breach


* They lost around 80 million socials, addresses, emails, etc., which is roughly double the Target breach
* There’s speculation that it was China, trying to penetrate government, but it’s early
* Watch for phishing scams related to it
* The megabreaches continue…weee!

* A WordPress plugin called FancyBox had a serious compromise in it last week, which affected thousands of websites


* If you’re going to run WordPress, understand that Plugins are the best way to get yourself hacked
* Specifically, the type of plugins that handle user input and do something with it that affects the site’s output
* Image manipulation plugins have been particularly vulnerable, usually to XSS

* There was another critical Flash vulnerability this week


* Like I said last week, and the week before, there’s a first time for everything

* Three bug hunters at HP received the 125,000 prize for finding a major vulnerability in Internet Explorer


* Because they work for HP they couldn’t take the cash, and instead donated it to charity

* Microsoft released Outlook for iOS last week, which looks pretty slick


* Unfortunately it is riddled with security flaws
* Recommendation: wait for a few updates, and for them to get a security assessment


END CONTENT


Play Podcast

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(532)

Unsupervised Learning: No. 72

Unsupervised Learning: No. 72

Apple fixed tons of bugs, hacking smart TVs over DVB-T, gift card bots, handgun AIs, Uber manipulations, AI vs. jobs, how to read more, cloud secret management, OPSEC and phishing, links, projects, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

3 Apr 20171h 3min

Unsupervised Learning: No. 71

Unsupervised Learning: No. 71

Half of Android devices haven't been patched in over a year, Tavisclosure, NEST camera flaws, senate vs. privacy, electronics ban, bad Let's Encrypt certs, Moodle SQLi, infosec venture capital drying up, IBM employees heading into the office, Twitter going paid model, Google killing Talk, Quiet spaces, Age of the influencer, AI vs. jobs, tools, aphorisms, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Mar 201742min

Unsupervised Learning: No. 70

Unsupervised Learning: No. 70

Russians at it again, Microsoft and Adobe updates, PoS breaches, US-CERT throws TLS shade, epilepsy tweet stalking, Tesla's billion, lip-reading AI, autonomous BMWs, Fiber Lasers, taxing robots, Green Zones and Red Zones, AI disruption of healthcare, discovery, recommendations, and aphorisms, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

20 Mar 201724min

Unsupervised Learning: No. 69

Unsupervised Learning: No. 69

The Vault7 CIA dump, Russian shenanigans, Dahua, Verifone, mandatory genetic testing, Wordpress, atomic storage, Google Kaggles, presenting at HouSecCon, fasting research, data wars, chaos, voice interfaces, tools, projects, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Mar 201727min

Unsupervised Learning: No. 68

Unsupervised Learning: No. 68

Amazon's S3 outage, Uber greyballing, fooling AI, DNS RATs, automating human jobs, suicide and ML, post-work IQ and creativity, greatness vs. imperfection, media choice, tools, projects, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Mar 201737min

Unsupervised Learning: No. 67

Unsupervised Learning: No. 67

CloudBleed, SHA1-1, White House Leaks, Planets, Satellites, Drones vs. Eagles, InfoSec Jobs, ExFil, IQ and Creativity in a Post-work World, Weaponized Narrative, Security Tools, Tons of Great Links, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Feb 201731min

Unsupervised Learning: No. 66

Unsupervised Learning: No. 66

My recap of RSA 2017, Google's zero-trust implementation, Trump domain hacked, robots doing your taxes, the IoT Security train analogy, the future of authentication, toolswatch best tools of 2016, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

21 Feb 201729min

Unsupervised Learning: No. 64

Unsupervised Learning: No. 64

Tax phishing, Microsoft SMB vulnerability, Cellebrite tools released, Computer interfaces, Centrism, Mobile 2.0, new projects, more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Feb 201722min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
shifter
rss-impressions-2
elektropodden
fornybaren
smart-forklart
nasjonal-sikkerhetsmyndighet-nsm
rss-alt-som-gar-pa-strom
rss-alt-vi-kan
teknologi-og-mennesker
kunstig-intelligens-med-morten-goodwin
rss-snakk-om-sikkerhet
rss-bouvet-bobler
rss-digitaliseringspadden
rss-teams-cast-away
rss-bits-and-bytes-for-advokater