Difference between revisions of "Episode456"

From Security Weekly Wiki
Jump to navigationJump to search
Line 25: Line 25:
  
 
#[http://www.bankinfosecurity.com/could-ftc-play-bigger-role-in-card-security-a-8966] Could FTC Play Bigger Role in Card Security?
 
#[http://www.bankinfosecurity.com/could-ftc-play-bigger-role-in-card-security-a-8966] Could FTC Play Bigger Role in Card Security?
 +
#[https://www.youtube.com/watch?v=zsjZ2r9Ygzw&feature=youtu.be] Jon Oliver talks about encryption

Revision as of 18:47, 17 March 2016

Paul's Stories

  1. Vulnerability Scanners Turn Up Mostly False Positives - AHHHHHHHHHHHHHHHHHHH!!!!!!!
  2. Ironic: CCTV systems slide open a backdoor into your biz network - Okay, yea we knew this. What do we DO about it?
  3. Surprise! You have mystery PCs - We’ll have to set up a special system that only does network scanning and let it run until it finishes — probably a few months to scan every IP address. Uhm, there are better ways to accomplish this.
  4. Attackers Packing Malware Into Powershell - Yup, we've known about this for a while.
  5. Threat Intelligence's Big Data Problem - Threat Intelligence and big data, go buzzwords!
  6. "Even Sex Toys Aren’t Safe From Hackers - Okay, but what is the risk of hacking sex toys?
  7. It is time to prioritize security for Internet of Things and wearables
  8. Hotel light control hack illuminates lamentable state of IoT security - I love how they tied the IP address to the room number! A cunning p

lan!

  1. Amazon goes after patent so you can pay by selfie - Facial recognition to pay for stuf

f? Will it work?

  1. LinkedIn Being Used To Prime Phishing Targets - Well, yea, we've done it for years.
  2. One of the Celebgate hackers pleads guilty to phishing iCloud and Google logins - Yea, usually its not even this sophisticated.
  3. Home Depot To Pay $19.5 Million In Data Breach Settlement - Do you thi

nk this really hurt Home Depot?

  1. "Safari - Things got hacked, software is vulnerable. The end.
  2. "SSH Honeypots (Ab)used as Proxy - Honeypots are great, but you have to monitor them closely and be certain they
are not being abused. This is a neat little hack.
  1. Defence In Depth For Web Applications - Look defending web applications, or even software applications, is hard. However, the pro

cess is well-defined: 1) Before you write software do threat modeling 2) Train developers on security 3) developers do static analysis 4) QA does dynamic scanning 5) security teams implement a RASP.

Jeff's Stories

  1. [1] Could FTC Play Bigger Role in Card Security?
  2. [2] Jon Oliver talks about encryption