Take 1 Security Podcast: Episode 10
Unsupervised Learning16 Mar 2015

Take 1 Security Podcast: Episode 10



Play Podcast

START CONTENT


* There was another SQL Injection bug found in SEO by Yoast


* It required admins to click a malicious link
* Was patched quickly
* It’s the plugins that make WordPress vulnerable

* Attackers are targeting gamers for ransomware


* Virlock is one version of ransomware that not only locks the screen, but infects files
* It’s also polymorphic, so it changes itself every time it runs
* TeslaCrypt goes after gamers, which seems super smart because they are often addicted

* The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition


* I get asked a lot about what to do about this kind of stuff
* Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them
* Assume the worst, even though it’s probably not that bad

* US industrial systems attacked 245 times between October 2013 and September 2014


* Most attacks were against Critical Manufacturing and Energy
* Biggest vectors were spear phishing and port scanning

* CloudFlare aims to defeat DDoS with Virtual DNS


* They want to proxy DNS before it hits customer name server

* The CIA supposedly tried to hack Apple hardware


* The article has come under extreme scrutiny

* Going to be on the Security Weekly podcast with Pau
* Hillary Clinton’s email account dram
* OpenSSL is getting an audit


* Bout time

* Wikimedia is suing the NSA over surveillance
* Spoofing the boss is the best way to phish someone, evidently
* Had a great time at CactusCon in Phoenix


* Did a talk with Jason and saw Dave’s keynote
* Dave’s keynote was about struggling with the basics, not APT
* He asked when a major breach was NOT a dumb mistake

* Someone’s looking to make a Snowden Phone
* Looks like I’ll be on the Security Weekly podcast with Paul


* Going to talk about IoT security and my our OWASP project



END CONTENT

Play Podcast

Notes


* Comments welcome on content and format, as usual.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(531)

Unsupervised Learning: No. 57

Unsupervised Learning: No. 57

This week’s topics: Russia gave us attribution for Christmas, the NSA is shedding talent, the evilest ransomware, how to raise someone's IQ in 2 minutes, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Des 201629min

Unsupervised Learning: No. 56

Unsupervised Learning: No. 56

Gooligan, Korean Game Hacking Law, DoubleFlag Experian Hack, Georgia Tech Attribution Research, Amazon's re:Invent Conference Highlights, recommended links, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

5 Des 201614min

Unsupervised Learning: No. 55

Unsupervised Learning: No. 55

Biowarfare defenses, AI advances, mergers and acquisitions, Facebook and censorship, IoT definitions, the philosophy of Westworld, and more...Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Nov 201624min

The Difference Between Threats, Threat Actors, Vulnerabilities, and Risks

The Difference Between Threats, Threat Actors, Vulnerabilities, and Risks

My essay that clearly separates the differences between the core infosec terms of threat, threat actor, vulnerabilty, and risk.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Nov 20165min

The Difference Between Existentialism, Nihilism, and Absurdism

The Difference Between Existentialism, Nihilism, and Absurdism

For centuries there have been people who believe there is no intrinsic meaning in the universe. Here I’ll summarize the three major branches of this belief, and how each proposes we deal with the situation.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Nov 20168min

Stop Being Proud of Complexity

Stop Being Proud of Complexity

An essay on how complexity often communicates the exact opposite of its desired effect.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Nov 20163min

Unsupervised Learning: No. 54

Unsupervised Learning: No. 54

Britain's new surveillance law, CRISPR biotech, the Army's new Phaser, NIST's new IoT Security guidelines, ML-based facial recognition, and more...Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

21 Nov 201614min

Unsupervised Learning: No. 52

Unsupervised Learning: No. 52

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 52 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Nov 201640min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
tomprat-med-gunnar-tjomlid
energi-og-klima
rss-impressions-2
shifter
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
fornybaren
rss-alt-vi-kan
rss-alt-som-gar-pa-strom
smart-forklart
rss-snakk-om-sikkerhet
teknologi-og-mennesker
kunstig-intelligens-med-morten-goodwin
rss-bouvet-bobler
i-loopen
pedagogisk-intelligens
rss-digitaliseringspadden