Paul's Security Weekly #543

Hosts

Paul Asadoorian
Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .

Larry Pesce
Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.

Interview: - 6:00PM-6:45PM

Tech Segment: - 6:45-7:45PM

https://www.endgame.com/blog/technical-blog/detecting-spectre-and-meltdown-using-hardware-performance-counters

Security News - 7:45PM-8:30PM

Paul's Stories

1. Daniel Miessler on My Writings about IoT Security
2. Prosecutors Say Mac Spyware Stole Millions Of User Images Over 13 Years - Disgusting The indictment, filed in US District Court for the Northern District of Ohio's Eastern Division, went on to say that Durachinsky developed a control panel that allowed him to manipulate infected computers and view live images from several machines simultaneously. The indictment also said he produced visual depictions of one or more minors engaging in sexually explicit conduct and that the depiction was transported across state lines. He allegedly developed a version of Fruitfly that was capable of infecting Windows computers as well. Prosecutors are asking the court for an order requiring Durachinsky to forfeit any property he derived from his 13-year campaign, an indication that he may have sold the images and data he acquired to others.
3. Fingerprinting Digital Documents
4. Skype finally getting end-to-end encryption
5. Apple Set To Patch Yet Another macOS Password Security Flaw
6. Wi-Fi Alliance launches WPA3 protocol with new security features
7. FTC Fines IoT Toy Vendor VTech for Privacy Breach
8. 147 Security Vulnerabilities Reported in ICS Mobile Applications

Larry's Stories

Jeff's Stories

Jack's Stories

Keith's Stories

Correction of last weeks story: According to Daniel Miessler’s blog post, it looks like I mismatched the Intel vulnerabilities for the architectures they affect.

• https://danielmiessler.com/blog/simple-explanation-difference-meltdown-spectre/