Topics for this episode:
News and analysis
- Sonar framework
- Schneider Electric SCADA issues revealed at DEFCON
- Ashley Madison hack, extortion will become more common, passwords added to SecLists
- Hackers attack PR firm and manipulate stocks
- Uber is quadrupling their security staff in 2015
- Android vulnerabilities lately
Ideas and commentary
- Business-based hacking: extortion-based hacking, ransomware, prediction-based hacking, PR releases, etc. Find the leverage, then execute the hack
- My problem with threat intelligence
- Optimal playlists for getting work done: baroque, no words, medium volume, 60 beats per minute
- Ambient sound as two-factor, which goes to my idea of continuous authentication
- How standardization and insurance will change security
- Miller (mlr) is like sed, awk, join, cut, and sort, but for name:index data such as CSV
- Participation in the OWASP IoT Project, Sasa Zdjelar is going to work on an IOT disposition project, Digicert is possibly working on a secure updates project, and we welcome others to add to the mix
Updates and announcements
- Vegas conferences: two talks, Blackhat Arsenal, DEFCON talk on IoT Attack Surface Areas, Caparser release
- If you’re into IoT, be sure to check out Craig Smith’s podcast at IoT Weekly, and Bruce Sinclair’s IoT podcast as well
- SecLists has been reorganized, go check it out
- Kali Linux 2.0 is out: new kernel, based on debian, rolling release, go get it
Notes
- The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.