ISC StormCast for Thursday, August 22nd 2019
KAPE vs. Commando VM: Red vs. Blue https://isc.sans.edu/forums/diary/KAPE+Kroll+Artifact+Parser+and+Extractor/25258/Attacks against Exposed
142: Mercedes secret sensors, smart cities, and ransomware runs riot
Darknet Diaries host Jack Rhysider joins us to discuss how cities in Texas are being hit by a wave of ransomware, how Mercedes Benz has installed a tracker in your car (but not for the reason you think), the...
China criticizes Twitter and Facebook. Silence expands internationally. A popular Ruby library was backdoored.
China says Twitter and Facebook are restricting its freedom of speech. The Silence criminal gang has expanded internationally. Google, Mozilla, and Apple are blocking the Kazakh government’s root certificate. A popular Ruby library was backdoored after a developer’s account...
S2 Ep5 – Phishing, eavesdropping voice assistants and quick fire questions
This week on the Naked Security podcast we discuss whether big tech companies are spying on you and the latest phishing scams.
Do you have a quesiton? Let us know and we’ll answer them next week.
With Anna Brading, Ben Jones...
No Spoilers – BSW #140
This week, we welcome Jessica Johnson and Amber Pedroncelli to discuss Hacker Halted and the Global CISO Forum! In the Leadership and Communications segment, 3 Traits Of Successful Entrepreneurs, 4 Ways To Gain Power And Use It For Good,...
ISC StormCast for Wednesday, August 21st 2019
Guildma Malware is Now Using Facebook and YouTube as Update
SN 728: The KNOB is Broken
• Last Tuesday was another busy and important patch Tuesday• And speaking of Patch Tuesday... 3rd-Party A/V Strikes Again!• Kaspersky facilitates independent web tracking• So, what the heck is "CTF" ??• 23 Government agencies in Texas were hit with...
Risky Business #552 — Guest host Alex Stamos on all the week’s security news
In this week’s show Patrick Gray and Alex Stamos discuss all the week’s news, including:
Confirmed: 30 companies affected by CapitalOne attacker
China info-ops booted off Twitter, Facebook
Real deal Bluetooth bugs
Apple re-introduces kernel bug, jailbreaks...
Chinese information operations on Twitter and Facebook. iOS jailbreak released. Adult websites leak information.
Twitter and Facebook shut down Chinese information operations. A jailbreak for the latest version of iOS is out. Facebook may have known about the “view as” bug. Vulnerabilities in Google’s Nest cams are patched. Instagram gets a data abuse...
HNN #230 – August 20, 2019
This week, 61 impacted versions of Apache Struts let off security advisories, a hacker publicly releases Jailbreak for iOS version 12.4, Chrome users ignoring warnings to change breached passwords, an unpatchable security flaw found in popular SoC boards, and...
The Dark Data – ASW #73
This week, in the Application Security News, HTTP/2 Denial of Service Advisory with seven vulns that affects the protocol implemented by several vendors, SSH certificate authentication for GitHub Enterprise Cloud works well with tools like Sharkey and BLESS, Polaris...
DtSR Episode 359 – Mind the Diversity Gap
This week, in the 2nd of two installments recorded live at Black Hat 2019, Alyssa Miller joins Rafal live to talk about some of the talks she's giving, and takes us back in time. Highlights from this week's show...
ISC StormCast for Tuesday, August 20th 2019
iOS 12.4 Jailbreak Released after Reindruced Vulnerability form 12.2 https://github.com/pwn20wndstuff/Undecimus/releasesSHA2-Signed
It Gets Really Hot! – PSW #616
This week, we welcome Tony Punturiero, Community Manager at Offensive Security, to talk about the journey of turning from a Blue Teamer to a Red Teamer, and kick starting an InfoSec community! In the Security News, BlackHat USA 2019...
ISIS claims Kabul massacre. Huawei gets a temporary break. Texas governments hit by ransomware. Hy-Vee warns of point-of-sale attack.
ISIS claims responsibility for Kabul massacre. Huawei gets another temporary reprieve. Local governments in Texas sustain ransomware attacks. Georgia hopes to combat cyberattacks with training. Google cuts a data sharing service. Bulletproof VPN services purchase residential IPs. Smartphones could...
#073 – Bernard Harguindeguy: Identity Is The Keystone
Bernard Harguindeguy is the Chief Technology Officer & General Manager Intelligence from Ping Identity. Bernard joined Ping in June 2018 through the acquisition of Elastic Beam, where he was the CEO and founder. His work at Elastic Beam revolutionized...
Biometric Security Data Breach, Critical Windows Vulnerabilities, FBI Data Harvesting
You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technology…with your host, Tom Eston. In episode 82 for August 19th 2019: The BioStar2 biometric security data breach, wormable vulnerabilities in Microsoft Windows,...
ISC StormCast for Monday, August 19th 2019
Large Number of VoIP System Vulnerabilities Released https://www.sit.fraunhofer.de/en/cve/Confidential Company Documents
The Difference Between Data, Information, and Intelligence
The terms intelligence, information, and data are thrown around pretty loosely in most tech circles, and this inevitably leads to people confusing and/or conflating them. What follows is a simple explanation of how the related terms are different from...
Unsupervised Learning: No. 190
There are some seriously nasty Windows RDP bugs out there. If you have RDP facing the internet, make sure you're patched. And try to get to VPN as soon as possible. MoreA huge survey of firmware security has found...
Ready or Not, Here Comes FIDO: How to Prepare for Success
Planning and Preparation Are Key to Successfully Adopting FIDO Standards for “Simpler, Stronger Authentication”
read more
Amazon, Microsoft, May be Putting World at Risk of Killer AI, Says Report
Amazon, Microsoft and Intel are among leading tech companies that could spearhead a global AI arms race, according to a report that surveyed major players from the sector about their stance on lethal autonomous weapons.
read more
The Joy of Six… critical security patches: Cisco small biz switches open to hijacking via web UI
Turn it on, download these fixes, crank it up – and rip the KNOB off Cisco has emitted a fresh round of software updates to address security holes in its network switches and controllers.…
New FISMA Report Shows Progress, Gaps in Federal Cybersecurity
No major incidents mixed with continuing gaps in implementation paint an improving, but still muddy, picture of cybersecurity in the federal government.
A botnet has been cannibalizing other hackers’ web shells for more than a year
Neutrino botnet is hijacking servers by taking over other hackers' PHP and Java web shells.
