T1SP: Episode 25
Unsupervised Learning19 Jan 2016

T1SP: Episode 25



[ Subscribe to the Podcast: iTunes | Android | RSS ]

News


* [ ] TrendMicro node.js server listening on localhost can execute commands; exposed to the internet
* [ ] SSH backdoor found in Fortinet firewalls
* [ ] SSH client vulnerability
* [ ] Australia’s Cybercrime Online Reporting Network (ACORN) received over 39K reports of criminal activity in 2015
* [ ] Hyatt names 250 hotels hit by malware, includes the one for DerbyCon
* [ ] Web sense rebranding as Forepoint, acquires Intel’s firewall business
* [ ] Twitter might be ending its 140 character limit
* [ ] Major vulns still being found in Health and Fitness mobile apps
* [ ] Angler exploit kit continues to evade detection
* [ ] LostPass attack is a phishing email attack that works against LastPass (showed at Shmoocon this weekend)
* [ ] Virus just took down the Melbourne Health computer system
* [ ] Lastpass has found a workaround for the LostPass attack
* [ ] A bit match fixing problem has been found in Tennis
* [ ] Trustwave is being sued by Affinity for supposedly missing an second hack that was going on while they were there to fix an initial hack


Ideas, updates, and discussion


* [ ] IR is messy and dangerous; assume compromise; assume continued compromise; be extremely careful saying that things were contained; if you’re not Mandiant you’re probably not doing a great job
* [ ] Smartphone encryption and the gun debate: same coin? ISIS supposedly has its own encryption app. What next, make murder illegal?


Tools, talks, and projects


* [ ] FIR – Fast Incident Response Management Platform
* [ ] DIVA damn insecure and vulnerable Android app
* [ ] Kill Chain for Kali Linux 2.0 : recon, weaponization, delivery, exploit, installation, c2, actions
* [ ] EZ-Wave: exploiting Z-Wave networks using SDR
* [ ] GoPhish: open source phishing framework
* [ ] V3n0m SQLi scanner
* [ ] VScan : uses NSE scripts to find vulns
* [ ] SleepyPuppy Burp Extension
* [ ] DBDAT — Database Assessment Tool — https://github.com/foospidy/DbDat


Announcements


* [ ] Speaking at AppSec Cali next week (Tuesday) on ATM
* [ ] Shmoocon hiring list: http://www.room362.com/2016/01/2016-shmoocon-hiring-list.html


Miscellaneous


* [ ] Great security news source: https://security.didici.cc/news
* [ ] Thanks to Tripwire for giving a shoutout to the podcast on Twitter


[ Subscribe to the Podcast: iTunes | Android | RSS ]

Notes


* The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(532)

UL NO. 430: The Courage to be Disliked

UL NO. 430: The Courage to be Disliked

How I use local AI models, MI5 vetting research students, the first AI deepfake racism attack, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

3 Mai 202430min

UL NO. 429: Build Your Career Around Problems

UL NO. 429: Build Your Career Around Problems

Stanford's State of AI, Peter Thiel vs. Tyler Cowen, China Taiwan Hacking Prep, GenZ Outperforming, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Apr 202421min

UL NO. 428: Reason to Fear; Reason to Build.

UL NO. 428: Reason to Fear; Reason to Build.

AI Propaganda, Speaking Events, analhttps://www.linkedin.com/in/danielmiessleryze_presentation Pattern, Guarding Your Energy Reserves, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

23 Apr 202416min

UL NO. 427: AI's Predictable Future

UL NO. 427: AI's Predictable Future

Israeli identity reveal, deepfaked content summaries, Altman/Ive device, wealthy kids, Cowen v. Haidt, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

10 Apr 202421min

UL NO. 425: The Efficient Security Principle

UL NO. 425: The Efficient Security Principle

US drone combat, extract ideas from any book, Pinker writing analysis, Flipper reversal, GPT-5 updates, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Mar 202421min

UL NO. 424: Raising Security's Floor

UL NO. 424: Raising Security's Floor

Insane Video Deepfakes, Devin Gets Slack Access, New Fabric Patterns, AI Application Interfaces, Let Grow, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

21 Mar 202426min

A Conversation with Jason Meller of Kolide/1Password

A Conversation with Jason Meller of Kolide/1Password

In this sponsored conversation, I speak with Jason Meller. Jason is the founder of Kolide, which has just recently been acquired by 1Password. We discuss: - Kolide's acquisition by 1Password- The synergy between Kolide and 1Password- The challenge of password management- The concept of device trust and zero trust- The limitations of MDM solutions- Engaging end-users in security remediation- The philosophy behind Kolide's approach- The importance of human-friendly security solutions- Future plans for Kolide under 1Password- The potential for broader application of Kolide's technology Jason and I see a lot of things the same, and I really enjoyed this conversation and think you will too. kolide.com/unsupervisedlearningBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

19 Mar 202421min

UL NO. 423: AI is Becoming Like Reading

UL NO. 423: AI is Becoming Like Reading

Google AI Espionage, My macOS UI, Cloudflare AI Firewall, Midnight Blizzard, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Mar 202420min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
energi-og-klima
shifter
tomprat-med-gunnar-tjomlid
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
smart-forklart
rss-alt-som-gar-pa-strom
fornybaren
kunstig-intelligens-med-morten-goodwin
rss-snakk-om-sikkerhet
rss-alt-vi-kan
rss-bouvet-bobler
teknologi-og-mennesker
rss-digitaliseringspadden
i-loopen
rss-polypod