Get the podcast on Apple Podcasts
×

DanielMiessler

search
Login Become a Member Subscribe

Take 1 Security Podcast: Episode 3


Created/Updated: December 17, 2019

take-1-itunes

START CONTENT

  • There was an issue with the Marriott website that exposed reservations and payment information. It’s now been fixed
  • Police are now using a new radar to see into peoples’ homes without a warrant
  • Security budgets are reportedly going up due to the mega-breaches in 2014
    • Also leading to higher pay for CIOs
    • Anecdotally, I’d say it’s a pretty good time to be in infosec
  • A new security startup, PFP Cybersecurity, uses power consumption to detect malware
    • Meant initially to be used for SCADA type systems
  • The US hacked North Korean computers back in 2010
    • This is reportedly the reasons we were so sure they hacked Sony
    • Recently leaked documents from Snowden show heavy offense
  • Snowden recently talked to Schneier at Harvard about a number of things
    • The NSA is becoming increasingly offensively oriented vs. defensive
    • The NSA supposedly uses compromised systems as jump points
    • Snowden said most NSA hackers are junior enlisted with limited skills
  • Russia reportedly hacking for geopolitical gain, not just money
  • Millions of gas stations could be at risk of shutdown
    • The Automated Tank Gauges can be remotely accessed by attackers
    • Could be manipulated to cause alerts
    • Potentially could be used to stop the flow of fuel
  • Microsoft gave Charlie Hebdo data to FBI in 45 minutes
  • Starwood hack based on bad passwords
    • Bad passwords, password re-use, and a brute forcing tool
    • Account harvesting is rough: user enumeration, weak passwords, and lack of account lockout
  • Flash has another major exploit. Update your stuff.
  • People continue to be worried that the President’s crackdown on hackers could hurt security professionals
    • Congress is meeting on the 27th of January to discuss breach notification
  • The wireless in around 2 million cars is highly vulnerable to attack
  • A polish company has created Mouse-Box, which is an entire computer inside of a mouse enclosure

END CONTENT

Notes

  1. Sorry about the noise part way through. My girl walked in and started unpacking groceries. But when I say one take, I mean one take.

DanielMiessler
© Daniel Miessler 1999-2023


Security, Tech, and Society in 10 Minutes
20 hours of reading and analysis condensed into a 10-minute summary every Monday morning.


Join 55,000+ readers who see the patterns in the noise.