AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Play Podcast
START CONTENT
* Twitch, a game streaming service owned by Amazon, was hacked last week
* Passwords, emails, usernames, addresses, phone numbers, dates of birth
* Amazon bought them last year for almost 1 billion dollars
* Bar Mitzvah attack on TLS
* Requires that you can sniff traffic
* Basically an RC4 problem
* Solution is to remove it from your supported algorithms
* GitHub Has been hit by a massive DDoS attack
* Apparently from China
* CSRF vulnerability found in a wind turbine
* Allowed you to pull usernames and passwords
* Also allowed the password to be changed for the default user, which had admin access
* CSRF vulnerability exposes Hilton customer accounts
* There was an account rotation issue where you could gain access to their account as long as you could guess their 9-digit username
* Snowden says IT workers now the targets of spies
* They’re not going after their information, but to use them for access to networks
* Premera hacked on same day as Blue Cross (January 29th)
* Same story: encryption, know your network, etc.
* Also same story: health data is harder to clean up from because it involves PII that cannot easily be changed
* More speculation around these attacks is that they’re data gathering for larger attacks on government networks
* Apple Acquires FoundationDB
* Fast NoSQL database probably to be used for its increasing entry into the services market
* Researchers use heat to breach air-gapped systems
* Everyone knows that an airgap is the best defense
* Ben-Gurion University came out with BitWhisper
* Now bidirectional using malware on both systems that controlled heat creation and detection
* Only 8-bits per hour
* BioCatch, Zumigo, Alibaba release tools to identify users
* I used to work with a technology called BioPass
* Uses what you do with your mouse, scrolling, how you smile via selfie, compares habits, your current location, etc. Similar to existing fraud detection just with more data points
* Really cool tech, needs to be used with the right authentication level
* Korea investing 5B in IoT and Smart Cars
* Bring Your Own IoT
* Recording audio and video are getting increasingly easy
* Sensitive meetings might become dead zones soon, and perhaps even sensitive work areas
* Some people will say that we already have this risk, but they key is the ease with which it can be done
END CONTENT
Play Podcast
Notes
* I skipped a week due to travel in Asia.
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode