Play Podcast
START CONTENT
- Twitch, a game streaming service owned by Amazon, was hacked last week
- Passwords, emails, usernames, addresses, phone numbers, dates of birth
- Amazon bought them last year for almost 1 billion dollars
- Bar Mitzvah attack on TLS
- Requires that you can sniff traffic
- Basically an RC4 problem
- Solution is to remove it from your supported algorithms
- GitHub Has been hit by a massive DDoS attack
- Apparently from China
- CSRF vulnerability found in a wind turbine
- Allowed you to pull usernames and passwords
- Also allowed the password to be changed for the default user, which had admin access
- CSRF vulnerability exposes Hilton customer accounts
- There was an account rotation issue where you could gain access to their account as long as you could guess their 9-digit username
- Snowden says IT workers now the targets of spies
- They’re not going after their information, but to use them for access to networks
- Premera hacked on same day as Blue Cross (January 29th)
- Same story: encryption, know your network, etc.
- Also same story: health data is harder to clean up from because it involves PII that cannot easily be changed
- More speculation around these attacks is that they’re data gathering for larger attacks on government networks
- Apple Acquires FoundationDB
- Fast NoSQL database probably to be used for its increasing entry into the services market
- Researchers use heat to breach air-gapped systems
- Everyone knows that an airgap is the best defense
- Ben-Gurion University came out with BitWhisper
- Now bidirectional using malware on both systems that controlled heat creation and detection
- Only 8-bits per hour
- BioCatch, Zumigo, Alibaba release tools to identify users
- I used to work with a technology called BioPass
- Uses what you do with your mouse, scrolling, how you smile via selfie, compares habits, your current location, etc. Similar to existing fraud detection just with more data points
- Really cool tech, needs to be used with the right authentication level
- Korea investing 5B in IoT and Smart Cars
- Bring Your Own IoT
- Recording audio and video are getting increasingly easy
- Sensitive meetings might become dead zones soon, and perhaps even sensitive work areas
- Some people will say that we already have this risk, but they key is the ease with which it can be done
END CONTENT
Play Podcast
Notes
- I skipped a week due to travel in Asia.