T1SP: Episode 29

[ Subscribe to the Podcast: iTunes | Android | RSS ]

News


* [ ] Apple calls out FBI on iPhone decryption case
* [ ] Trump calls for a boycott of Apple, from an iPhone
* [ ] Judge Rules FBI Must Reveal Malware It Used to Hack Over 1,000 Computers
* [ ] Wow. Someone hacked @linuxmint’s website and replaced ISOs with backdoored version today http://blog.linuxmint.com/?p=2994
* [ ] This affects a universally used library (glibc) at a universally used protocol (DNS). Generic tools that we didn’t even know had network surface (sudo) are thus exposed, as is software written in programming languages designed explicitly to be safe. ~ Dan Kaminsky
* [ ] Mint Forum Hacked, website compromised, fake downloads posted
* [ ] TeslaCrypt now targeting Joomla sites as well as WordPress
* [ ] Hollywood Hospital pays 17K to decrypt files; hope they cleaned up afterwards otherwise they’ll be paying rent
* [ ] Patch your vServer; RCE flaw
* [ ] Power grid honeypot by MalCrawler


Ideas, updates, and discussion


* [ ] The San Bernadino health department changed the iCloud password (at the FBI’s request) after having the device for just a few hours
* [ ] The FBI didn’t have the other two phones, which were destroyed
* [ ] The implications for data security if US companies are told the government must be able to get in is that US citizens will soon be told that they cannot create, purchase, or use tech that is locked down in this way
* [ ] There’s another way to the iPhone data: https://threatpost.com/delicate-hardware-hacks-could-unlock-shooters-iphone/116388/ via @IOActive


Tools, talks, and projects


* [ ] Bitquark is releasing some subdomain research; will be added to SecLists
* [ ] Log.io web interface for looking at log files | http://www.tecmint.com/linux-server-log-monitoring-with-log-io/
* [ ] Lobotomy: Automate Android assessment and reversing | https://n0where.net/android-security-toolkit-lobotomy/
* [ ] SSLyze: https://n0where.net/fast-and-full-featured-ssl-scanner-sslyze/
* [ ] SELKS: Full NSM with Suricate and rule manager | https://www.stamus-networks.com/downloads/


Announcements


* [ ] I’ll be at the IOAsis at RSA next week; come by and say hello


Miscellaneous


* [ ] War-games movie prompted Reagan to take cybersecurity action | http://www.nytimes.com/2016/02/21/movies/wargames-and-cybersecuritys-debt-to-a-hollywood-hack.html


[ Subscribe to the Podcast: iTunes | Android | RSS ]

Notes


* The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.