Take 1 Security Podcast: Episode 6

  • Ukrainian banks hacked for up to 1 Billion dollars

    • Evidently installed malware on bank admin machines using phishing

    • Not sure they have an FDIC

    • As if the Ukraine didn’t have enough problems

  • 10 million password project

    • Mark Burnett posted 10 Million password combinations

    • Went through a long explanation of why he was doing it

    • I’ve broken them up and put them in the SecLists project

  • Jeb Bush leaks personal data

  • Anthem may have been Heartbleed

    • Could have been China, but who knows

    • Reminder about talking about things without information

    • It’s best to just leave it alone

  • HP released Home Security Systems report

    • We found 10/10 systems vulnerable to account harvesting

  • DARPA Dark Web Search Engine

    • Stuff not indexed by Google

    • Tor services, etc.

  • Obama creating new threat intelligence agency

    • Unified organization for tracking threats

    • Looking to partner with private industry as well

  • Anthem and Cyberinsurance

    • Up to 200M in cyberinsurance

    • Probably won’t cover it, but it’ll be a good test of usefulness

  • Facebook lets you pick who manages your account when you die

  • Facebook threat sharing program

  • Uber lost and found database was online with personal data in it

    • Basically, if you lose something in a car, they know who you are, and they keep your stuff for you

    • But they had the database exposed online


Related posts: