Play Podcast START CONTENT * There was another SQL Injection bug found in SEO by Yoast * It required admins to click a malicious link * Was patched quickly * It’s the plugins that make WordPress vulnerable * Attackers are targeting gamers for ransomware * Virlock is one version of ransomware that not only locks the screen, but infects files * It’s also polymorphic, so it changes itself every time it runs * TeslaCrypt goes after gamers, which seems super smart because they are often addicted * The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition * I get asked a lot about what to do about this kind of stuff * Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them * Assume the worst, even though it’s probably not that bad * US industrial systems attacked 245 times between October 2013 and September 2014 * Most attacks were against Critical Manufacturing and Energy * Biggest vectors were spear phishing and port scanning * CloudFlare aims to defeat DDoS with Virtual DNS * They want to proxy DNS before it hits customer name server * The CIA supposedly tried to hack Apple hardware * The article has come under extreme scrutiny * Going to be on the Security Weekly podcast with Pau * Hillary Clinton’s email account dram * OpenSSL is getting an audit * Bout time * Wikimedia is suing the NSA over surveillance * Spoofing the boss is the best way to phish someone, evidently * Had a great time at CactusCon in Phoenix * Did a talk with Jason and saw Dave’s keynote * Dave’s keynote was about struggling with the basics, not APT * He asked when a major breach was NOT a dumb mistake * Someone’s looking to make a Snowden Phone * Looks like I’ll be on the Security Weekly podcast with Paul * Going to talk about IoT security and my our OWASP project END CONTENT Play Podcast Notes * Comments welcome on content and format, as usual.
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
Play Podcast START CONTENT * There was another SQL Injection bug found in SEO by Yoast * It required admins to click a malicious link * Was patched quickly * It’s the plugins that make WordPress vulnerable * Attackers are targeting gamers for ransomware * Virlock is one version of ransomware that not only locks the screen, but infects files * It’s also polymorphic, so it changes itself every time it runs * TeslaCrypt goes after gamers, which seems super smart because they are often addicted * The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition * I get asked a lot about what to do about this kind of stuff * Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them * Assume the worst, even though it’s probably not that bad * US industrial systems attacked 245 times between October 2013 and September 2014 * Most attacks were against Critical Manufacturing and Energy * Biggest vectors were spear phishing and port scanning * CloudFlare aims to defeat DDoS with Virtual DNS * They want to proxy DNS before it hits customer name server * The CIA supposedly tried to hack Apple hardware * The article has come under extreme scrutiny * Going to be on the Security Weekly podcast with Pau * Hillary Clinton’s email account dram * OpenSSL is getting an audit * Bout time * Wikimedia is suing the NSA over surveillance * Spoofing the boss is the best way to phish someone, evidently * Had a great time at CactusCon in Phoenix * Did a talk with Jason and saw Dave’s keynote * Dave’s keynote was about struggling with the basics, not APT * He asked when a major breach was NOT a dumb mistake * Someone’s looking to make a Snowden Phone * Looks like I’ll be on the Security Weekly podcast with Paul * Going to talk about IoT security and my our OWASP project END CONTENT Play Podcast Notes * Comments welcome on content and format, as usual.
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
Nyd den ubegrænsede adgang til tusindvis af spændende e- og lydbøger - helt gratis
Dansk
Danmark