Take 1 Security Podcast: Episode 19
Unsupervised Learning16 Nov 2015

Take 1 Security Podcast: Episode 19



Topics for this episode:

News and analysis


* [ ] A couple of months into my job with IOActive
* [ ] Paris Attacks: resilience vs. prevention
* [ ] Updating the OWASP IoT Project (no longer the Top 10) It’s an umbrella project.
* [ ] Adding to the IoT project the SCADA Top 10 List (read the list), and Nabil Ouchn is going to be project leader on that project
* [ ] Pentagon farms coding to Russia
* [ ] Crypto email service pays ransom, gets taken out anyway
* [ ] Blackout Europe shows vulnerabilities in LTE. Forced leak of location within 2-KM radius. Were also able to block LTE and force 3G or 2G.
* [ ] Onapsis talks SAP HANA vulnerabilities. They’re config issues, and aren’t patchable, and include: remote file writes, remote directory deletions, moving files to where they can be access remotely, remote command execution, and remote python execution. To fix, you have to upgrade to the latest version and reconfigure your system. Also two issues with the database that allow HTTP RCE and SQL RCE.
* [ ] TPP : how did we even get an agreement that was secret in the first place. Forget the details. This should never be allowed to happen again
* [ ] Linux ransomware now hitting websites (broken by Brian Krebs)
* [ ] Linux.Encoder.1 has a predictable key for its ransomware, and a tool was released to decrypt victims’ systems. Good to know that even attackers make dumb encryption implementation mistakes.
* [ ] Visio smart tracking turned on for 10 million users. Here was the pitch “revolutionary shift across all screens that brings measurability, relevancy and personalization to the consumer like never before!”
* [ ] Ring-0 theory of devops: history of the o-ring. Small thing that everything else depends on. for serial tasks you need A players to have an A process. As you lower the whole thing tumbles down
* [ ] The Chinese Great Cannon: so we know about the Great Firewall, now learn about the Great Cannon
* [ ] Must read article: What ISIS Really Wants, by the Atlantic
* [ ] Two must follows: Gunnar Peterson, and Benedict Evans. Gunnar is brilliant in security, and Benedict works for Adresesen Horowitz


Updates and announcements


* Hit me up at IOActive if you have any security consulting needs.


Notes


* The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.
* It’s better to listen via iTunes or with the player embedded above, but you can also download the sound file directly.

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Avsnitt(532)

UL NO. 408: OpenAI Coup Theory, SEC vs. SolarWinds Analysis, Deepfake D&D Summaries

UL NO. 408: OpenAI Coup Theory, SEC vs. SolarWinds Analysis, Deepfake D&D Summaries

My Theory Of What Happened At OpenAI, A New Ransomware Tactic, Analysis Of What The SEC Case Will Do To Cybersecurity, Live David Attenborough Narration, And More… Read the episode here. 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Nov 202335min

UL NO. 407: OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI

UL NO. 407: OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI

Extremist groups using AI for propaganda, NYC restaurant bots, Wegovy and Cannabis studies, my favorite collections of GPTs… 📢Sponsored by Moonlock — cybersecurity wing of MacPaw. Developers of Moonlock Engine, the antimalware tech in CleanMyMac X. 📢Sponsored by Automox - AI-powered modern IT automation is here. Learn more at automox.com. Read the episode here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Nov 202340min

OpenAI's New Releases Are a Watershed Moment for Human Creativity—and Prompt Injection

OpenAI's New Releases Are a Watershed Moment for Human Creativity—and Prompt Injection

Making it trivial to create and share AI Agents that connect to real-word APIs will have a drastic impact on Information Security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Nov 20233min

Why I'm Not Getting the New Humane AI Pin

Why I'm Not Getting the New Humane AI Pin

Why I should be super excited by the Humane AI pin, but I'm not.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Nov 20233min

UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

DOJ and Pentagon emails hacked by Russians, OpenAI's DevDay announcements, when DeepMind thinks we'll see AGI, and more… 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

10 Nov 202328min

UL NO. 404: ServiceNow Widget Flaws, North Korean Infiltrators, and the New Top-performing Prompt String…

UL NO. 404: ServiceNow Widget Flaws, North Korean Infiltrators, and the New Top-performing Prompt String…

In this edition we dive into North Korean IT Infiltration, the top performing prompt technique, Google's traffic optimization, American sick day increases, ServiceNow's Widget problem, the US murder rates, and more Read online here: https://danielmiessler.com/p/ul-no-404-servicenow-widget-flaws-north-korean-infiltrators-new-topperforming-prompt-stringBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Okt 202326min

UL NO. 403: Signal Investigates Rumored Zero-Day Bug, AI Predicts New COVID-19 Strains, Dwindling US-China Scientific Collaboration...

UL NO. 403: Signal Investigates Rumored Zero-Day Bug, AI Predicts New COVID-19 Strains, Dwindling US-China Scientific Collaboration...

In This Edition We Look Into Signal's Investigation Into A Rumored Zero-Day Bug, How Harvard And Oxford Researchers Are Using AI To Predict New COVID-19 Strains, The Dwindling Collaboration Between American And Chinese Scientists, And The European Commission's CSAM Detection Bypass View this week's podcast online at https://danielmiessler.com/p/403Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

16 Okt 202328min

UL NO. 402: Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…

UL NO. 402: Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…

Israel analysis, a genetic data breach, active exploits against critical vulnerabilities, and a brilliant conversation between two writers about creativity 📢 Sponsored by Kolide: Concerned about data breaches and hacks? 🔒 Discover Kolide, the device trust solution that secures your company's devices and credentials, making phishing attempts useless to hackers. See it in action at www.kolide.com/unsupervisedlearning View today's episode online here: https://danielmiessler.com/p/402Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Okt 202326min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
bilar-med-sladd
market-makers
skogsforum-podcast
rss-racevecka
rss-elektrikerpodden
developers-mer-an-bara-kod
natets-morka-sida
rss-technokratin
rss-laddstationen-med-elbilen-i-sverige
mediepodden
ai-sweden-podcast
rss-uppgang-och-fall
solcellskollens-podcast
hej-bruksbil
rss-it-sakerhetspodden
har-vi-akt-till-mars-an
teknikveckan
rss-badfluence