- Unsupervised Learning
- Posts
- T1SP: Episode 32
T1SP: Episode 32
News
[ ] Verizon Enterprise Solutions had a major data breach of their customer data. This is the group that handles breaches for their customers. “Virtually every attack in this data set (98 percent) was opportunistic in nature, all aimed at easy marks…”
[ ] Iranians charged with attacks against US banks and a New York dam
[ ] Hackers steal 81 billion from the Federal reserve bank of New York
[ ] Uber launches bug bounty program, describes the surface area. Someone said it was really bad, though. Not sure what that’s about
[ ] New ultra-fast SSD technology coming from Intel soon
[ ] FBI backs off request for Apple backdoor. Says they have it handled. We find out it’s an Israeli company
[ ] Water treatment plant hacked, chemical mix changed for tap supplies | http://www.theregister.co.uk/2016/03/24/water_utility_hacked/
[ ] German steel mill compromised and wrecked a blast furnace
[ ] This is after a string of attacks against power companies using spear phishing and office malware
[ ] Microsoft’s AI Chatbot was a teenage girl, but it learned from the people who talked to it, so before long it was talking about loving incest, sex, and hitler
[ ] Millions of Android devices vulnerable to root exploit due to Snapdragon chip flaw
[ ] Kentucky-based Methodist Hospital declares state of emergency after it’s wrecked by Locky ransomware
[ ] Credit Card Breaches Linked To Security Cameras
[ ] Chinese national pleads guilty to stealing plans for Air Force aircraft
[ ] Hackers offer Apple’s Ireland staff $23,000 for their login credentials
[ ] Ransomware hitting major vulns: The Angler, Neutrino, Magnitude, RIG, and Nuclear exploit kits spread the Flash CVE 2015-7645 exploit; Angler spreads Flash 2015-8446; Angler and Neutrino spread Flash CVE 2015-8651; and Angler spreads Silverlight CVE-2016-0034, an exploit exposed in the Hacking Team breach.
[ ] Microsoft Deploys Macro Blocking Feature in Office to Curb Malware
Ideas, updates, and discussion
[ ] Innovation Sandbox | Innovative Security Products (2016 Edition)
[ ] AI and messaging apps are the new mobile apps
[ ] Human Attention as Attack Surface | https://danielmiessler.com/blog/human-attention-as-influence-attack-surface/
[ ] Most can’t respond to breach: http://blogs.csc.com/2016/03/15/while-majority-of-orgs-fear-big-breach-theyre-not-prepared-to-respond/?utm_content=bufferc043c&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
[ ] How your data is collected and commoditized online by free online services | http://www.troyhunt.com/2016/03/how-your-data-is-collected-and.html
Tools, talks, and projects
[ ] Innovation Sandbox | Innovative Security Products (2016 Edition)
[ ] 2016 Data Breach Digest | https://danielmiessler.com/blog/analysis-verizons-2016-data-breach-digest/
[ ] AI and messaging apps are the new mobile apps | https://danielmiessler.com/blog/ai-assistants-are-the-new-applications/
[ ] Idea Expansion Format | https://danielmiessler.com/blog/idea-expansion-format-ief/
[ ] BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code.
[ ] IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets and log files using a message queuing protocol.
[ ] Binmap is a system scanner; it takes a system or system image and walks through all files, looking for programs and libraries and collecting various information such as dependencies, symbols…
[ ] The Android Device Testing Framework (“dtf”) is a data collection and analysis framework to help individuals answer the question: “Where are the vulnerabilities on this mobile…
[ ] Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL…
[ ] MISP, Malware Information Sharing Platform and Threat Sharing, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about…
[ ] DIRB is a Web Content Scanner AKA a domain brute-forcing tool. It looks for existing (and/or hidden) Web Objects, it works by launching a dictionary based attack against a web server and analysing the responses.
Announcements
[ ] Alexa is still dominating Siri in its usefulness as an AI assistant
Miscellaneous
[ ] Scientists find you can change your mood by listening to the sound of your voice altered to a specific emotion
[ ] Derek Sivers Book List | https://sivers.org/book
[ ] You need to be listening to the a16z podcast
[ ] Dot before twitter handle
Notes
The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.