T1SP: Episode 25
Unsupervised Learning19 Jan 2016

T1SP: Episode 25



[ Subscribe to the Podcast: iTunes | Android | RSS ]

News


* [ ] TrendMicro node.js server listening on localhost can execute commands; exposed to the internet
* [ ] SSH backdoor found in Fortinet firewalls
* [ ] SSH client vulnerability
* [ ] Australia’s Cybercrime Online Reporting Network (ACORN) received over 39K reports of criminal activity in 2015
* [ ] Hyatt names 250 hotels hit by malware, includes the one for DerbyCon
* [ ] Web sense rebranding as Forepoint, acquires Intel’s firewall business
* [ ] Twitter might be ending its 140 character limit
* [ ] Major vulns still being found in Health and Fitness mobile apps
* [ ] Angler exploit kit continues to evade detection
* [ ] LostPass attack is a phishing email attack that works against LastPass (showed at Shmoocon this weekend)
* [ ] Virus just took down the Melbourne Health computer system
* [ ] Lastpass has found a workaround for the LostPass attack
* [ ] A bit match fixing problem has been found in Tennis
* [ ] Trustwave is being sued by Affinity for supposedly missing an second hack that was going on while they were there to fix an initial hack


Ideas, updates, and discussion


* [ ] IR is messy and dangerous; assume compromise; assume continued compromise; be extremely careful saying that things were contained; if you’re not Mandiant you’re probably not doing a great job
* [ ] Smartphone encryption and the gun debate: same coin? ISIS supposedly has its own encryption app. What next, make murder illegal?


Tools, talks, and projects


* [ ] FIR – Fast Incident Response Management Platform
* [ ] DIVA damn insecure and vulnerable Android app
* [ ] Kill Chain for Kali Linux 2.0 : recon, weaponization, delivery, exploit, installation, c2, actions
* [ ] EZ-Wave: exploiting Z-Wave networks using SDR
* [ ] GoPhish: open source phishing framework
* [ ] V3n0m SQLi scanner
* [ ] VScan : uses NSE scripts to find vulns
* [ ] SleepyPuppy Burp Extension
* [ ] DBDAT — Database Assessment Tool — https://github.com/foospidy/DbDat


Announcements


* [ ] Speaking at AppSec Cali next week (Tuesday) on ATM
* [ ] Shmoocon hiring list: http://www.room362.com/2016/01/2016-shmoocon-hiring-list.html


Miscellaneous


* [ ] Great security news source: https://security.didici.cc/news
* [ ] Thanks to Tripwire for giving a shoutout to the podcast on Twitter


[ Subscribe to the Podcast: iTunes | Android | RSS ]

Notes


* The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(532)

UL NO. 422: To Survive AI, We Must Become Creators

UL NO. 422: To Survive AI, We Must Become Creators

Fabric Threat Models, An AI Worm, GitHub Auto-blocks, Long Covid IQ, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedN:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

6 Mar 202420min

A Conversation With Ismael Valenzuela About AI and Threat Intelligence

A Conversation With Ismael Valenzuela About AI and Threat Intelligence

In this sponsored standalone episode I speak with Ismael Valenzuela, VP of Threat Research and Intelligence at Blackberry Cylance. We discuss: Modern Threat Intelligence The shifting attention of attackers GenAI attacks How defenders are adapting to AI attacks And many other topics Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

4 Mar 202445min

UL NO. 420: APTs using ChatGPT, Bugs Putin, The good side of AI jobs loss?, AI Monitoring Culture, AI patents, and more…

UL NO. 420: APTs using ChatGPT, Bugs Putin, The good side of AI jobs loss?, AI Monitoring Culture, AI patents, and more…

APTs using ChatGPT, Bugs Putin, The good side of AI jobs loss?, AI Monitoring Culture, AI patents, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

25 Feb 202423min

UL NO. 419: Problem Quality, 0-Day Spyware, LOTL, Ollama + OpenAI

UL NO. 419: Problem Quality, 0-Day Spyware, LOTL, Ollama + OpenAI

Two new agent types, Ollama's new API structure, $7 Trillion for chips, American satisfaction, and more… Read the episode online here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Feb 202430min

UL NO. 418: DEFCON Moves, AnyCloudDesk, Ransomware Learnings, My Top AI Projects

UL NO. 418: DEFCON Moves, AnyCloudDesk, Ransomware Learnings, My Top AI Projects

My favorite 2 AI projects, US spending habits, and your security program is sh*t… 📢Sponsored by Kolide Kolide ensures that if a device isn't secure, it can't access your apps. Zero Trust auth for Okta that drives your Devices to 100% compliance.  Watch a DemoBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

8 Feb 202427min

UL NO. 417: NSA's Broker Buys, AI-Assisted Attacks, Companies Only Want Killers

UL NO. 417: NSA's Broker Buys, AI-Assisted Attacks, Companies Only Want Killers

Companies Demand AI, Breach Overload, More Tech Layoffs, Chip Investment, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

8 Feb 202423min

A Conversation with Shil Sircar from BlackBerry Data Science

A Conversation with Shil Sircar from BlackBerry Data Science

In this episode of Unsupervised Learning, we talked to Shil Sircar. Shil is the Senior VP of Engineering and Data Science at BlackBerry, and we talked about: - Machine Learning in Cybersecurity - The Evolution from ML to Generative AI - Predictive vs. Generative Models - Preventive AI in Cybersecurity - The Cylance AI Platform - Attacker vs. Defender Dynamics - Temporal Advantage in Threat Detection - Synthetic Malware Generation - Behavioral Analysis for Cybersecurity - And the Future of AI in Cybersecurity So with that, here's our conversation with Sil Sircar… Dive deeper here: Product Page: CylanceAI by BlackBerry Blog: Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats Blog: AI in Cybersecurity: Hype vs. Help Video: As Cyberthreats Have Evolved, So Has the Need for AI Video: Real-world performance is the ultimate test for predictive AI Predictive AI in Cybersecurity: What Works and How to Understand It Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

29 Jan 202437min

UL NO. 416: Tracking AI Agent Activity, 400 SF Cameras, AI Sleeper Agents…

UL NO. 416: Tracking AI Agent Activity, 400 SF Cameras, AI Sleeper Agents…

Benign AI's "Many Eyes", OpenAI's Pentagon partnership, AI voice scams, Zuckerberg all-in on AGI, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

24 Jan 202423min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
energi-og-klima
tomprat-med-gunnar-tjomlid
shifter
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
smart-forklart
rss-alt-som-gar-pa-strom
pedagogisk-intelligens
rss-digitaliseringspadden
elektropodden
rss-heis
i-loopen
kunstig-intelligens-med-morten-goodwin
rss-snakk-om-sikkerhet
rss-alt-vi-kan
rss-plateprat
rss-fjorsilkebris-podcast