Play Podcast
START CONTENT
- There was another SQL Injection bug found in SEO by Yoast
- It required admins to click a malicious link
- Was patched quickly
- It’s the plugins that make WordPress vulnerable
- Attackers are targeting gamers for ransomware
- Virlock is one version of ransomware that not only locks the screen, but infects files
- It’s also polymorphic, so it changes itself every time it runs
- TeslaCrypt goes after gamers, which seems super smart because they are often addicted
- The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition
- I get asked a lot about what to do about this kind of stuff
- Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them
- Assume the worst, even though it’s probably not that bad
- US industrial systems attacked 245 times between October 2013 and September 2014
- Most attacks were against Critical Manufacturing and Energy
- Biggest vectors were spear phishing and port scanning
- CloudFlare aims to defeat DDoS with Virtual DNS
- They want to proxy DNS before it hits customer name server
- The CIA supposedly tried to hack Apple hardware
- The article has come under extreme scrutiny
- Going to be on the Security Weekly podcast with Pau
- Hillary Clinton’s email account dram
- OpenSSL is getting an audit
- Bout time
- Wikimedia is suing the NSA over surveillance
- Spoofing the boss is the best way to phish someone, evidently
- Had a great time at CactusCon in Phoenix
- Did a talk with Jason and saw Dave’s keynote
- Dave’s keynote was about struggling with the basics, not APT
- He asked when a major breach was NOT a dumb mistake
- Someone’s looking to make a Snowden Phone
- Looks like I’ll be on the Security Weekly podcast with Paul
- Going to talk about IoT security and my our OWASP project
END CONTENT
Play Podcast
Notes
- Comments welcome on content and format, as usual.
