Artwork

เนื้อหาจัดทำโดย Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดเตรียมโดย Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik หรือพันธมิตรแพลตฟอร์มพอดแคสต์โดยตรง หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่อธิบายไว้ที่นี่ https://th.player.fm/legal
Player FM - แอป Podcast
ออฟไลน์ด้วยแอป Player FM !

Episode 83 - The Super Spreader Amateur Hour

49:56
 
แบ่งปัน
 

Manage episode 308066577 series 2706360
เนื้อหาจัดทำโดย Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดเตรียมโดย Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik หรือพันธมิตรแพลตฟอร์มพอดแคสต์โดยตรง หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่อธิบายไว้ที่นี่ https://th.player.fm/legal

This Week in InfoSec (11:00)

With content liberated from the “today in infosec” Twitter account

23rd November 2011: It was reported that Apple took over 3 years to fix the iTunes installer vulnerability which the FinFisher remote spying Trojan exploited.

Apple Took 3+ Years to Fix FinFisher Trojan Hole

https://twitter.com/todayininfosec/status/1331028461612392448

20th November 2000: eBay cancelled a listing for Kevin Mitnick's Bureau of Prisons inmate ID card due to uncertainty about his right to sell it. This was after an initial claim it was a prohibition from committing a "violent felony" and profiting from it.

eBay pulls Kevin Mitnick trinkets: Taking a firm stand against "violent felons"

https://twitter.com/todayininfosec/status/1329940298399703042

Rant of the Week (18:50)

SSL keys, sFTP passwords and more exposed after someone broke into GoDaddy Managed WordPress using 'compromised password'

GoDaddy has admitted to America's financial watchdog that one or more miscreants broke into its systems and potentially accessed a huge amount of customer data, from email addresses to SSL private keys.

In a filing on Monday to the SEC, the internet giant said that on November 17 it discovered an "unauthorized third-party" had been roaming around part of its Managed WordPress service, which essentially stores and hosts people's websites.

GoDaddy’s chief information security officer Demetrius Comes said his company "immediately began an investigation with the help of an IT forensics firm and contacted law enforcement."

Those infosec sleuths, we're told, found evidence that an intruder had been inside part of GoDaddy's website provisioning system, described by Comes as a "legacy code base," since September 6, gaining access using a "compromised password."

GoDaddy’s latest rebranding is a break from its sexist past

Billy Big Balls of the Week (28:36)

Huge fines and a ban on default passwords in new UK law

The government has introduced new legislation to protect smart devices in people's homes from being hacked.

Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more than 12,000 attacks in a single week.

Default passwords for internet-connected devices will be banned, and firms which do not comply will face huge fines.

Industry News (34:36)

Sky Slow to Fix Bug in Routers

GoDaddy Announces Data Breach

Teen Accused of Stealing Bitcoin Worth $36.5M

Multiple Bugs Enable Eavesdropping on 37% of Android Phones

Apple Sues “State-Sponsored” Spyware Firm NSO Group

Malicious JavaScript Loader is a Multi-RAT Dispenser

YouTube Live Crypto Scams Made Nearly $9m in October

UK Introduces New Cybersecurity Legislation for IoT Devices

Ukrainian Cops Bust Mobile Device Hacking Group

Tweet of the Week (43:09)

https://twitter.com/sociosploit/status/1462440968658079763

https://twitter.com/Raspberry_Pi/status/1463803587180511233?s=20

Come on! Like and bloody well subscribe!

  continue reading

189 ตอน

Artwork
iconแบ่งปัน
 
Manage episode 308066577 series 2706360
เนื้อหาจัดทำโดย Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik เนื้อหาพอดแคสต์ทั้งหมด รวมถึงตอน กราฟิก และคำอธิบายพอดแคสต์ได้รับการอัปโหลดและจัดเตรียมโดย Host Unknown, Thom Langford, Andrew Agnes, and Javvad Malik หรือพันธมิตรแพลตฟอร์มพอดแคสต์โดยตรง หากคุณเชื่อว่ามีบุคคลอื่นใช้งานที่มีลิขสิทธิ์ของคุณโดยไม่ได้รับอนุญาต คุณสามารถปฏิบัติตามขั้นตอนที่อธิบายไว้ที่นี่ https://th.player.fm/legal

This Week in InfoSec (11:00)

With content liberated from the “today in infosec” Twitter account

23rd November 2011: It was reported that Apple took over 3 years to fix the iTunes installer vulnerability which the FinFisher remote spying Trojan exploited.

Apple Took 3+ Years to Fix FinFisher Trojan Hole

https://twitter.com/todayininfosec/status/1331028461612392448

20th November 2000: eBay cancelled a listing for Kevin Mitnick's Bureau of Prisons inmate ID card due to uncertainty about his right to sell it. This was after an initial claim it was a prohibition from committing a "violent felony" and profiting from it.

eBay pulls Kevin Mitnick trinkets: Taking a firm stand against "violent felons"

https://twitter.com/todayininfosec/status/1329940298399703042

Rant of the Week (18:50)

SSL keys, sFTP passwords and more exposed after someone broke into GoDaddy Managed WordPress using 'compromised password'

GoDaddy has admitted to America's financial watchdog that one or more miscreants broke into its systems and potentially accessed a huge amount of customer data, from email addresses to SSL private keys.

In a filing on Monday to the SEC, the internet giant said that on November 17 it discovered an "unauthorized third-party" had been roaming around part of its Managed WordPress service, which essentially stores and hosts people's websites.

GoDaddy’s chief information security officer Demetrius Comes said his company "immediately began an investigation with the help of an IT forensics firm and contacted law enforcement."

Those infosec sleuths, we're told, found evidence that an intruder had been inside part of GoDaddy's website provisioning system, described by Comes as a "legacy code base," since September 6, gaining access using a "compromised password."

GoDaddy’s latest rebranding is a break from its sexist past

Billy Big Balls of the Week (28:36)

Huge fines and a ban on default passwords in new UK law

The government has introduced new legislation to protect smart devices in people's homes from being hacked.

Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more than 12,000 attacks in a single week.

Default passwords for internet-connected devices will be banned, and firms which do not comply will face huge fines.

Industry News (34:36)

Sky Slow to Fix Bug in Routers

GoDaddy Announces Data Breach

Teen Accused of Stealing Bitcoin Worth $36.5M

Multiple Bugs Enable Eavesdropping on 37% of Android Phones

Apple Sues “State-Sponsored” Spyware Firm NSO Group

Malicious JavaScript Loader is a Multi-RAT Dispenser

YouTube Live Crypto Scams Made Nearly $9m in October

UK Introduces New Cybersecurity Legislation for IoT Devices

Ukrainian Cops Bust Mobile Device Hacking Group

Tweet of the Week (43:09)

https://twitter.com/sociosploit/status/1462440968658079763

https://twitter.com/Raspberry_Pi/status/1463803587180511233?s=20

Come on! Like and bloody well subscribe!

  continue reading

189 ตอน

ทุกตอน

×
 
Loading …

ขอต้อนรับสู่ Player FM!

Player FM กำลังหาเว็บ

 

คู่มืออ้างอิงด่วน