Take 1 Security Podcast: Episode 18

Topics for this episode:

News and analysis

• Sonar framework

• Schneider Electric SCADA issues revealed at DEFCON

• Ashley Madison hack, extortion will become more common, passwords added to SecLists

• Hackers attack PR firm and manipulate stocks

• Uber is quadrupling their security staff in 2015

• Android vulnerabilities lately

Ideas and commentary

• Business-based hacking: extortion-based hacking, ransomware, prediction-based hacking, PR releases, etc. Find the leverage, then execute the hack

• My problem with threat intelligence

• Optimal playlists for getting work done: baroque, no words, medium volume, 60 beats per minute

• Ambient sound as two-factor, which goes to my idea of continuous authentication

• How standardization and insurance will change security

• Miller (mlr) is like sed, awk, join, cut, and sort, but for name:index data such as CSV

• Participation in the OWASP IoT Project, Sasa Zdjelar is going to work on an IOT disposition project, Digicert is possibly working on a secure updates project, and we welcome others to add to the mix

Updates and announcements

• Vegas conferences: two talks, Blackhat Arsenal, DEFCON talk on IoT Attack Surface Areas, Caparser release

• If you’re into IoT, be sure to check out Craig Smith’s podcast at IoT Weekly, and Bruce Sinclair’s IoT podcast as well

• SecLists has been reorganized, go check it out

• Kali Linux 2.0 is out: new kernel, based on debian, rolling release, go get it

Notes

1. The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Related posts:

1. Preparing to Release the OWASP IoT Top 10 2018 (Updated: Released)

2. Those Bashing Smart Locks Have Forgotten How Easy it is to Pick Regular Ones

3. The Differences and Similarities Between IoT and ICS Security

4. Responding to Rob Graham’s “Your Threat Model is Wrong” Post