☑ Every Sunday I put out a curated list of the most interesting stories in infosec, technology, and humans. You can sign up for it here.
- Sorry about the audio last week; wireless headsets don’t compare to the Yeti
- The CIA is focusing on cyberespionage in its new management
- Anthem is refusing an audit by the OIG office–an org that audits health care groups that provide services to federal employees
- Nothing says I’m guilty like refusing an audit
- Reminds me of the Russians refusing the crash investigation in Game of Cards
- There’s been a possible credit card breach at the Mandarin Oriental hotel chain
- The incident was reported by Brian Krebs
- Three people were indicted in the Epsilon hack
- Resulted in around 1 billion email addresses being stolen
- Dave Aitel thinks junk hacking is a waste
- Basically hacking your blender or whatever
- In my opinion he’s missing the point that most conferences are like this
- I think there’s a hierarchy of talks
- Create new defense tool based on new defense idea
- Create new defense idea
- Create new attack tool based on new attack idea
- Create new attack idea
- Create new tool for existing attack or defense idea
- Describe existing attack or defense idea
- Microsoft has reported it’s vulnerable to FREAK as well, making it even more serious
- FREAK has proved to be less alarming than previous SSL vulns simply because of the difficulty of attack
- I think I’m going to standardize the intro and outro so that I only end up recording the actual story content each week.
- Any recommendations on what else you’d like to see would be appreciated.