Take 1 Security Podcast: Episode 8
Unsupervised Learning3 Mar 2015

Take 1 Security Podcast: Episode 8



START CONTENT


* New SSL attack called FREAK


* Has to do with falling RSA back to a deprecated and weak level
* Requires the client and server are both vulnerable
* The solution is to patch
* Many orgs will also want to note which servers were vulnerable
* The lesson is that you don’t reduce security to increase it
* Backdoors x time = regret

* Using Ruby’s Open-URI could be dangerous


* open-uri monkeypatches kernel.open
* open(params[:url]) can execute |ls

* Hilary Clinton used a personal email address and did not store correspondence on government servers for her entire 4 years as Secretary of Defense


* This seems highly suspect
* First you’re putting that data at risk in a personal system
* Second you’re obviously trying to hide your conversations

* Facebook can access your account without your password
* Google no longer encrypting Lollipop by default


* Was one of the main selling points for 5, and now it’s gone
* They said it was simply a driver issue

* DLink routers have a remote command injection bug


* Could allow DNS hijacking and other attacks

* ISIS has threatened some members of the Twitter team for disabling their accounts


* This really puts a point on public presence for me
* I’m a strong proponent of the belief that the way to avoid attack is to avoid being a target, not to be hard to attack once people want to
* This works for personal attacks, not for countries obviously

* There has been some major fraud happening with people connecting stolen cards to ApplePay


* The issue isn’t a security problem with ApplePay, but rather with standard bank / card security issue

* Up to 18.8 non-Anthem customers exposed in the Anthem breach


* This is in addition to the 80 million actual anthem customers

* GoPro vulnerability on its website exposes customer Wi-fi passwords


* Expect more of this

* Uber took over 5 months to issue a breach notification


* There was a breach of driver names and license numbers that they just now disclosed

* Seagate NAS vulnerability allows unauthorized root access


* This raises the cloud storage issue I blogged about last week



END CONTENT

Play Podcast

Notes


* Sorry about my voice on this one. I’m a bit sick. :(

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(531)

Unsupervised Learning: No. 51

Unsupervised Learning: No. 51

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 51 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

31 Okt 20161h

Unsupervised Learning: No. 50

Unsupervised Learning: No. 50

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 50 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

24 Okt 201637min

Unsupervised Learning: No. 49

Unsupervised Learning: No. 49

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 49 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

18 Okt 201647min

Unsupervised Learning: Episode 46

Unsupervised Learning: Episode 46

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter [ Click here to get the full companion newsletter with complete show notes from this episode. ] [ Click here to get the full companion newsletter with complete show notes from this episode. ] Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Sep 201630min

Unsupervised Learning: Episode 45

Unsupervised Learning: Episode 45

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter [ Click here to get the full companion newsletter with complete show notes from this episode. ] [ Click here to get the full companion newsletter with complete show notes from this episode. ] Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

19 Sep 201657min

Unsupervised Learning: Episode 44

Unsupervised Learning: Episode 44

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter [ Click here to view the full companion newsletter with complete show notes from this episode. ] [ Click here to view the full companion newsletter with complete show notes from this episode. ] Subscribe to the Podcast via: iTunes | Android | RSS | NewsletterBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Sep 201634min

Unsupervised Learning: Episode 43

Unsupervised Learning: Episode 43

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter News Internet disinformation service for hire [ Link ] Rob Fuller (@mubix) has found a way to pull credentials from a locked machine using a USB dongle and Responder [ Link ] Yelp starts new bug bounty with HackerOne, offers up to 15K […] -- :: Unsupervised Learning: Episode 43 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Sep 201642min

Unsupervised Learning: Episode 42

Unsupervised Learning: Episode 42

[ Subscribe to the Podcast: iTunes | Android | RSS ] InfoSec news and articles Dropbox hacked 68 million accounts Back in 2012 Malware infected all Eddie Bauer stores in U.S. and Canada All 350 stores in North America Wicked iPhone vulnerability called Trident (3 0days) All you need to do is follow a link, […] -- :: Unsupervised Learning: Episode 42 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

1 Sep 20161h 4min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
rss-impressions-2
shifter
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
fornybaren
rss-alt-vi-kan
rss-alt-som-gar-pa-strom
smart-forklart
rss-snakk-om-sikkerhet
teknologi-og-mennesker
kunstig-intelligens-med-morten-goodwin
rss-bouvet-bobler
i-loopen
pedagogisk-intelligens
rss-digitaliseringspadden