A frank discussion of technology, security, and privacy in plain language
SecureWV/Hack3rcon Training Nov. 2-5: Conference (Virtual): Nov. 6-8 CFP is Open Call for Sponsors is Open https://www.securewv.org/ Wild West Hackin’ Fest (WWHF) training at SecureWV - Training Nov. 2-5 https://wildwesthackinfest.com/wwhf-at-secure-wv/?fbclid=IwAR0_digf-c99HVprsLlXfFX9kt-CBFQYvkTQhU5_5XU2DiceYJJlOSDVsx0
Topics General SecureWV/Hack3rcon announcements Training: Wild West Hackin’ Fest (WWHF) training at SecureWV https://wildwesthackinfest.com/wwhf-at-secure-wv/?fbclid=IwAR0_digf-c99HVprsLlXfFX9kt-CBFQYvkTQhU5_5XU2DiceYJJlOSDVsx0
Jailed Huawei executive will learn her fate Monday as China demands her release https://edition.cnn.com/2018/12/09/tech/meng-wanzhou-hearing-huawei-tensions/index.html?utm_medium=social&utm_source=twCNNi&utm_content=2018-12-10T04%3A36%3A43&utm_term=link&fbclid=IwAR3uqDqBw2s6DmaZJXzbLVk0rvH1yCaWKlwrWT5-xR6rxutGekGg6eOO9OU Marriott Announces Starwood Guest Reservation Database Security Incident http://news.marriott.com/2018/11/marriott-announces-starwood-guest-reservation-database-security-incident/ Diabetics Are Hacking Their Own Insulin Pumps - CNBC [Raspberry Pi Artificial Pancreas] https://www.reddit.com/r/raspberry_pi/comments/a3lxdx/diabetics_are_hacking_their_own_insulin_pumps/ Making a Ransomware Payment? It May Now Violate U.S. Sanctions https://www.bleepingcomputer.com/news/security/making-a-ransomware-payment-it-may-now-violate-us-sanctions/ Specially designated nationals and blocked persons list https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx
We talk with Amanda Berlin about the plans for the upcoming Derbycon Mental Health Workshop
Facebook wants to hide secret inaudible messages in TV ads that can force your phone to record audio
This week we talk to 304Geeks president and con organizer Benny Karnes about SecureWV 2018Hack3rCon 9.
This week we talk with Amanda Berlin about 50 FREE things you can do to improve the security of most environments
Upcoming Conferences ShmooCon 2018 - January 19-21, 2018 at the Washington Hilton in Washington, DC http://shmoocon.org/ BSidesNYC January 20, 2018 https://bsidesnyc.org http://www.securitybsides.com/ THOTCON 0x8 - May 4-5, 2018 https://thotcon.org/ SOLD OUT DerbyCon Sponsorships will open up the first week in March. Call for Trainers (CFT), Call for Papers (CFP), and Call for Workshops (CFW) opens on April 1st, 2018 Call for Trainers opens on March 1st and close on April 14th, 2018 Call for Papers (CFP) and Call for Workshops (CFW) opens April 1st, 2018 and end on July 1st, 2018 Ticket Sales: May 5th (Derby Day), 2018 at 1:00PM ET DerbyCon training dates: October 3rd and 4th, 2018 DerbyCon conference dates: October 5th – 7th, 2018 https://derbycon.com The podcast RSS and iTunes Feed RSS: https://audioboom.com/channels/4914568.rss iTunes: pcast://audioboom.com/channels/4914568.rss Patreon https://www.patreon.com/rebootitpodcast Stories Security bod uncovers 15-year-old macOS zero-day flaw https://www.theinquirer.net/inquirer/news/3023615/security-bod-uncovers-15-year-old-macos-zero-day-flaw North Korean Hackers Hijack Computers to Mine Cryptocurrencies https://www.bloomberg.com/news/articles/2018-01-02/north-korean-hackers-hijack-computers-to-mine-cryptocurrencies Mirai botnet co-authors plead guilty in US court https://www.theinquirer.net/inquirer/news/3023120/mirai-botnet-co-authors-plead-guilty-in-us-court Mirai: Student behind IoT malware used it in Minecraft server protection racket, claims Krebs https://www.theinquirer.net/inquirer/news/3002896/mirai-student-behind-iot-malware-used-in-minecraft-server-protection-racket-claims-krebs Former Rutgers student admits to creating code that crashed internet http://www.nj.com/education/2017/12/rutgers_student_charged_in_series_of_cyber_attacks.html Plea Agreement Full Text: https://www.documentcloud.org/documents/4327738-Paras-Jha-Plea.html We Need a New FUD http://daveshackleford.com/?p=1081 Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes https://krebsonsecurity.com/2018/01/serial-swatter-swautistic-bragged-he-hit-100-schools-10-homes/ Shame: Richard 'Rick' Fisher Hayes http://attrition.org/errata/shame/richard_hayes/ Massive child porn site is hiding in plain sight, and the owners behind it https://sijmen.ruwhof.net/weblog/1782-massive-child-porn-site-is-hiding-in-plain-sight-and-the-owners-behind-it ';--have i been pwned? - Check if you have an account that has been compromised in a data breach https://haveibeenpwned.com/
Upcoming Conferences ShmooCon 2018 - January 19-21, 2018 at the Washington Hilton in Washington, DC http://shmoocon.org/ THOTCON 0x8 - May 4-5, 2018 https://thotcon.org/ SOLD OUT BSidesNYC January 20, 2018 https://bsidesnyc.org http://www.securitybsides.com/ The podcast RSS and iTunes Feed RSS: https://audioboom.com/channels/4914568.rss iTunes: pcast://audioboom.com/channels/4914568.rss Patreon https://www.patreon.com/rebootitpodcast Stories Bitcoin Price Now Down 15% from All-Time High https://www.coindesk.com/17k-breached-bitcoin-price-now-down-15-from-all-time-high/ Coinbase halts Bitcoin Cash transactions amidst accusations of insider trading https://www.theverge.com/2017/12/20/16800940/coinbase-bitcoin-cash-fork-insider-trading-probe U.S. blames North Korea for 'WannaCry' cyber attack https://www.reuters.com/article/us-usa-cyber-northkorea/u-s-blames-north-korea-for-wannacry-cyber-attack-idUSKBN1ED00Q Facebook’s Latest Facial Recognition Tools Introduce New Privacy Concerns http://www.slate.com/blogs/future_tense/2017/12/19/facebook_announces_new_facial_recognition_features.html But this is OK: https://www.citylab.com/equity/2017/12/why-privacy-activists-are-wary-of-those-new-airport-face-scans/548975/?utm_source=SFFB iPhone slowdown blamed on controversial fix for aging batteries https://www.slashgear.com/iphone-slowdown-blamed-on-controversial-fix-for-aging-batteries-19512365/ Apple under fire as it admits it DOES deliberately 'smooth out' the performance of older iPhones to keep them running as their batteries age http://www.dailymail.co.uk/sciencetech/article-5199917/Apple-admits-DOES-deliberately-slow-older-iPhones.html?ito=social-twitter_mailonline Alteryx - Amazon S3 breach https://www.upguard.com/breaches/cloud-leak-alteryx
APT, IoT Botnets, Ransomware, and Other Things That Go Bump In The Night
Raw and unedited DerbyCon Podcasters Meet-up held in my hotel room at the Hyatt again this year. Thanks to Bryan Brake of the Brakeing Down Security Podcast for organizing and Jerry Bell of the Defensive Security Podcast for recording.
Everything You Wanted to Know About SecureWV/Hack3rcon but Was Afraid to Ask
Amanda and I talk about hacker summer camp, Marcus Hutchins, Salesforce firing two employees who gave Defcon talk, and more.
In this episode we talk about social engineering, Roomba maps, microchipped employees, Snopes in trouble, and more
This week we talk about AlphaBay and Hansa dark web markets shut down, pacemaker data admissible in court, and more.
This week Amanda and I talk about the U.S. government's move to ban Kaspersky Lab from government computer, Snapchat Maps, and more...