Take 1 Security Podcast: Episode 10
Unsupervised Learning16 Mars 2015

Take 1 Security Podcast: Episode 10



Play Podcast

START CONTENT


* There was another SQL Injection bug found in SEO by Yoast


* It required admins to click a malicious link
* Was patched quickly
* It’s the plugins that make WordPress vulnerable

* Attackers are targeting gamers for ransomware


* Virlock is one version of ransomware that not only locks the screen, but infects files
* It’s also polymorphic, so it changes itself every time it runs
* TeslaCrypt goes after gamers, which seems super smart because they are often addicted

* The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition


* I get asked a lot about what to do about this kind of stuff
* Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them
* Assume the worst, even though it’s probably not that bad

* US industrial systems attacked 245 times between October 2013 and September 2014


* Most attacks were against Critical Manufacturing and Energy
* Biggest vectors were spear phishing and port scanning

* CloudFlare aims to defeat DDoS with Virtual DNS


* They want to proxy DNS before it hits customer name server

* The CIA supposedly tried to hack Apple hardware


* The article has come under extreme scrutiny

* Going to be on the Security Weekly podcast with Pau
* Hillary Clinton’s email account dram
* OpenSSL is getting an audit


* Bout time

* Wikimedia is suing the NSA over surveillance
* Spoofing the boss is the best way to phish someone, evidently
* Had a great time at CactusCon in Phoenix


* Did a talk with Jason and saw Dave’s keynote
* Dave’s keynote was about struggling with the basics, not APT
* He asked when a major breach was NOT a dumb mistake

* Someone’s looking to make a Snowden Phone
* Looks like I’ll be on the Security Weekly podcast with Paul


* Going to talk about IoT security and my our OWASP project



END CONTENT

Play Podcast

Notes


* Comments welcome on content and format, as usual.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Avsnitt(532)

NO. 361 | GPT++, Apple Security, CISA Cuba…

NO. 361 | GPT++, Apple Security, CISA Cuba…

GPT++, Apple Security, CISA Cuba…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Dec 202212min

NO. 360 | NEWS, ANALYSIS & DISCOVERY SERIES

NO. 360 | NEWS, ANALYSIS & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

5 Dec 202213min

Erkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIES

Erkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIES

In this standalone episode we’re doing a sponsored interview with Erkang Zheng of Jupiter One. So JupiterOne is a special company to me. I just built a vuln management program at Robinhood based around them, and I believe so much in their vision that I’m looking to actually become an advisor. I mention this because when I fanboy for something, like Apple, or whoever, I want you to know that I’m fanboying and/or have a relationship with them. Or that I want to. The interview here talks mostly about concepts, however, and not so much specific features. But I just wanted to mention my orientation to the company prior to starting. I’m speaking with Erkang Zheng who is the founder and CEO of the company, and as you can hear we have a similar take on many of the problems currently in security. So with that, here’s Erkang Zheng. — Start a JupiterOne Account for FreeBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

3 Dec 202227min

NO. 359 | THE NEWS, ANALYSIS & DISCOVERY SERIES

NO. 359 | THE NEWS, ANALYSIS & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Nov 20229min

Scott Kuffer of Nucleus Security | SPONSORED INTERVIEW SERIES

Scott Kuffer of Nucleus Security | SPONSORED INTERVIEW SERIES

In this standalone episode we’re doing a sponsored interview with Scott Kuffer, co-founder and COO of Nucleus Security. I was already excited by this vendor just based on the research I did to allow them to be a sponsor, but the conversation with them really made me think they’re approaching the vulnerability management problem the right way. Namely, by tackling a lot of the non-technical problems using technical solutions rather than obsessing over vuln prioritization. If you are in the VM space or are about to be in it, you will love this conversation. And with that, here’s Scott Kuffer with Nucleus Security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Nov 202247min

NO. 358 | NEWS, ANALYSIS, & DISCOVERY SERIES

NO. 358 | NEWS, ANALYSIS, & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Nov 202214min

NO. 357 | NEWS, ANALYSIS, & DISCOVERY SERIES

NO. 357 | NEWS, ANALYSIS, & DISCOVERY SERIES

NSA Languages, GPT-4 Hype, Chinese AirDrop…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Nov 202212min

NO. 356 | NEWS, ANALYSIS & DISCOVERY SERIES

NO. 356 | NEWS, ANALYSIS & DISCOVERY SERIES

Sponsored by JupiterOne: jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

7 Nov 202211min

Populärt inom Teknik

uppgang-och-fall
rss-racevecka
elbilsveckan
bilar-med-sladd
market-makers
bosse-bildoktorn-och-hasse-p
rss-laddstationen-med-elbilen-i-sverige
skogsforum-podcast
rss-technokratin
developers-mer-an-bara-kod
natets-morka-sida
hej-bruksbil
mediepodden
rss-veckans-ai
ai-sweden-podcast
rss-uppgang-och-fall
bli-saker-podden
rss-it-sakerhetspodden
rss-snacka-om-ai
rss-badfluence