Take 1 Security Podcast: Episode 3

START CONTENT

• There was an issue with the Marriott website that exposed reservations and payment information. It’s now been fixed

• Police are now using a new radar to see into peoples’ homes without a warrant

• Security budgets are reportedly going up due to the mega-breaches in 2014

  • Also leading to higher pay for CIOs

  • Anecdotally, I’d say it’s a pretty good time to be in infosec

• A new security startup, PFP Cybersecurity, uses power consumption to detect malware

  • Meant initially to be used for SCADA type systems

• The US hacked North Korean computers back in 2010

  • This is reportedly the reasons we were so sure they hacked Sony

  • Recently leaked documents from Snowden show heavy offense

• Snowden recently talked to Schneier at Harvard about a number of things

  • The NSA is becoming increasingly offensively oriented vs. defensive

  • The NSA supposedly uses compromised systems as jump points

  • Snowden said most NSA hackers are junior enlisted with limited skills

• Russia reportedly hacking for geopolitical gain, not just money

• Millions of gas stations could be at risk of shutdown

  • The Automated Tank Gauges can be remotely accessed by attackers

  • Could be manipulated to cause alerts

  • Potentially could be used to stop the flow of fuel

• Microsoft gave Charlie Hebdo data to FBI in 45 minutes

• Starwood hack based on bad passwords

  • Bad passwords, password re-use, and a brute forcing tool

  • Account harvesting is rough: user enumeration, weak passwords, and lack of account lockout

• Flash has another major exploit. Update your stuff.

• People continue to be worried that the President’s crackdown on hackers could hurt security professionals

  • Congress is meeting on the 27th of January to discuss breach notification

• The wireless in around 2 million cars is highly vulnerable to attack

• A polish company has created Mouse-Box, which is an entire computer inside of a mouse enclosure

END CONTENT

Notes

1. Sorry about the noise part way through. My girl walked in and started unpacking groceries. But when I say one take, I mean one take.

Related posts:

1. 10 Behaviors That Will Reduce Your Risk Online

2. A 3-Tiered Approach to Securing Your Home Network

3. My RSA 2019 Summary

4. How I Knew Stadia (And Similar Products) Would Fail