Podcasts about Dirty COW

In our inaugural episode, we sit down with Tanya Janca, founder of WeHackPurple, to discuss her expertise in solving for Race Condition vulnerabilities during her career as both a software engineer and application security professional. We spend some time talking through the most common types of Race Conditions, review a few real-world hacks and vulnerabilities, and present actionable tips security and technology teams can make to solve this class of vulnerability.  About our Guest: Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.Founder: We Hack Purple (Academy, Community and Podcast), WoSEC International (Women of Security), OWASP DevSlop, OWASP Victoria, #CyberMentoringMonday Resources: About the vulnerabilities discussed: The Starbucks infinite credit race condition: https://www.schneier.com/blog/archives/2015/05/race_condition_.html (https://www.schneier.com/blog/archives/2015/05/race_condition_.html) The Gitlab ‘merge any pull request’ race condition: https://www.cvedetails.com/cve/CVE-2019-11546/ (https://www.cvedetails.com/cve/CVE-2019-11546/) The Dirty Cow vulnerability: https://dirtycow.ninja/ (https://dirtycow.ninja/) with the research paper: http://www.iiisci.org/journal/CV$/sci/pdfs/SA025BU17.pdf (http://www.iiisci.org/journal/CV$/sci/pdfs/SA025BU17.pdf) The Spurious DB race condition, impacting all major operating systems: https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html (https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html) Tools discussed: Safe Rust race condition guarantees: https://doc.rust-lang.org/nomicon/races.html#data-races-and-race-conditions (https://doc.rust-lang.org/nomicon/races.html#data-races-and-race-conditions) GoLang race detector: https://blog.golang.org/race-detector (https://blog.golang.org/race-detector) Testing race conditions on REST APIs: https://github.com/TheHackerDev/race-the-web (https://github.com/TheHackerDev/race-the-web) Links for Tanya: Tanya's book Alice and Bob Learn Application Security: https://www.amazon.com/dp/1119687357/ (https://www.amazon.com/dp/1119687357/) https://shehackspurple.ca/ (https://shehackspurple.ca) https://twitter.com/shehackspurple (https://twitter.com/shehackspurple) https://www.youtube.com/shehackspurple (https://www.youtube.com/shehackspurple)   https://dev.to/shehackspurple (https://dev.to/shehackspurple) https://medium.com/@shehackspurple (https://medium.com/@shehackspurple)  https://www.youtube.com/shehackspurple (https://www.youtube.com/shehackspurple)   https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.twitch.tv%2Fshehackspurple&data=02%7C01%7CTanya.Janca%40microsoft.com%7C07d4df77a23e4530bbec08d606f82846%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636704060233537602&sdata=M1gR%2BErMWUyDGu0OxeFWXP1XcgsPEloCVKdraOmaLm4%3D&reserved=0 (https://www.twitch.tv/shehackspurple) https://www.linkedin.com/in/tanya-janca (https://www.linkedin.com/in/tanya-janca) https://github.com/shehackspurple/ (https://github.com/shehackspurple/) https://www.slideshare.net/TanyaJanca/ (https://www.slideshare.net/TanyaJanca/) Tanya mentioned she’s also a professional musician, you can find her...

In modern stacks, a large chunk of applications run in container environments such as docker and systemd-nspawn. However, these applications are not built for security. The security community has proven it again and again that privilege escalation attacks are very serious with attacks such as Dirty Cow and CVE-2016-3135. A way to tackle the problems of running applications with a low privilege user without that application being able to interact with other running applications is to use *user namespaces*. Using user namespaces you can hide process id's to the applications and provide a more sandboxed environment. Alex wanted to the distribution of multiplatform applications easy which led him to sandboxing and namespaces, today he maintains the "chroot on steroids" project *bubblewrap* which is a sandbox platform for running sandboxed applications in different namespaces. Alex is also a long time user of Linux, with 20 years working for Redhat. He started to code on the commodore 64 and has been a developer ever since. In school he got introduced to Solaris and jumped deeper and deeper into Linux rabbit hole. Working on Linux allows Alex to work from home in the suburbs of Stockholm and work on programs that get used by a global user base. In this episode, we talk about how it has been to work on sandboxed desktop applications and how flatpak has grown. So far there a has been a handful of different CVE's for bubblewrap that we talk about. Flatpak has gotten bigger and bigger and "flathub" has come to see the light , flathub is a place where all Linux users can get sandboxed desktop applications. Flathub is running on a stable Rust backend, Alex picked Rust to be the backend as one of his first larger Rust projects. We of course talk about how Rust is becoming more part of our daily lives as more and more applications are being ported to it, like librsvg journey from being written in C to now being a rust code base, as well as libraries being written in Rust. If you are maintaining an application with a graphical user interface and you target an audience that is running Linux on the desktop, we recommend that you get your application on flathub. Here is a guide on how you can do that: https://github.com/flathub/flathub/wiki/App-Submission This podcast was made possible with running zoom with flatpak: $ flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo $ flatpak install flathub us.zoom.Zoom $ flatpak run us.zoom.Zoom External links: https://github.com/containers/bubblewrap https://flathub.org/home https://en.wikipedia.org/wiki/Slirp https://github.com/rootless-containers/slirp4netns https://podman.io/ https://github.com/GNOME/librsvg https://blogs.gnome.org/alexl/ https://twitter.com/gnomealex https://lkml.org/lkml/2016/3/9/555 https://lwn.net/Articles/657744/ https://blog.firosolutions.com/

The Battle of the Tech Giants? The reality behind the AT&T/Time Warner merger? Also, AI made encryption, Alternative 3, and much, much more... Special Guest: N/A Stories of the Week: --Random Access: Zcash is LIVE!, Vine is shutting down, the Dirty Cow and Rowhammer exploits, the AT&T/Time Warner merger, Mozilla Firefox's new engine Project Quantum.--"The Microsoft October Event" Link: tcrn.ch/2fgi3Ck First Choice:--"The Apple October Event" Link: tcrn.ch/2eSAz0V Game Talk:--"Max Stirner, Lara Croft, and Zomia Offline Games" Link: zog.ninja HackSec:--"Jerry Kaplan on Triangulation" Link: pca.st/BWDr--"AI-based Encryption" Link: tcrn.ch/2dPhFKF The Climax:--"Happy Halloween" APPENDIX:--"Agorist Hosting" Link agoristhosting.com/--"Roberts & Roberts Brokerage" Link: rrbi.co --"CryptoCompare" Link: www.cryptocompare.com/--”Sovryn Tech Solutions” Link: solutions.zog.ninja --”Libreboot X200” Link: bit.ly/1FI57ew--"Worldwide Torrents" Link: worldwidetorrents.eu----------------------------------------------------------------------------------------Make easy monthly donations through Patreon: patreon.com/sovryntechAnd you can tip me at: sovryntech.tip.meSovryn Tech is powered by Namecheap! Get a website today with Bitcoin!Donate with Bitcoin! BTC: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d Donate with PayPal! Link: donate.zog.ninjaDonate with our Amazon Wish List! Link: wishlist.zog.ninja----------------------------------------------------------------------------------------You can e-mail the show at: bbs@sovryntech.com----------------------------------------------------------------------------------------You can also visit our IRC channel on Freenode: #SovNetOr just go to: irc.zog.ninja ----------------------------------------------------------------------------------------sovryntech.comtwitter.com/sovryntechsteamcommunity.com/id/ninjaprogram

The Battle of the Tech Giants? The reality behind the AT&T/Time Warner merger? Also, AI made encryption, Alternative 3, and much, much more... Special Guest: N/A Stories of the Week: --Random Access: Zcash is LIVE!, Vine is shutting down, the Dirty Cow and Rowhammer exploits, the AT&T/Time Warner merger, Mozilla Firefox's new engine Project Quantum.--"The Microsoft October Event" Link: tcrn.ch/2fgi3Ck First Choice:--"The Apple October Event" Link: tcrn.ch/2eSAz0V Game Talk:--"Max Stirner, Lara Croft, and Zomia Offline Games" Link: zog.ninja HackSec:--"Jerry Kaplan on Triangulation" Link: pca.st/BWDr--"AI-based Encryption" Link: tcrn.ch/2dPhFKF The Climax:--"Happy Halloween" APPENDIX:--"Agorist Hosting" Link agoristhosting.com/--"Roberts & Roberts Brokerage" Link: rrbi.co --"CryptoCompare" Link: www.cryptocompare.com/--”Sovryn Tech Solutions” Link: solutions.zog.ninja --”Libreboot X200” Link: bit.ly/1FI57ew--"Worldwide Torrents" Link: worldwidetorrents.eu----------------------------------------------------------------------------------------Make easy monthly donations through Patreon: patreon.com/sovryntechAnd you can tip me at: sovryntech.tip.meSovryn Tech is powered by Namecheap! Get a website today with Bitcoin!Donate with Bitcoin! BTC: 1AEiTkWiF8x6yjQbbhoU89vHHMrkzQ7o8d Donate with PayPal! Link: donate.zog.ninjaDonate with our Amazon Wish List! Link: wishlist.zog.ninja----------------------------------------------------------------------------------------You can e-mail the show at: bbs@sovryntech.com----------------------------------------------------------------------------------------You can also visit our IRC channel on Freenode: #SovNetOr just go to: irc.zog.ninja ----------------------------------------------------------------------------------------sovryntech.comtwitter.com/sovryntechsteamcommunity.com/id/ninjaprogram

Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Follow us on Twitter: https://www.twitter.com/securityweekly

Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more! Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, Keith and Paul interview Brent Dukes! Brent is a hacker, and Director of Information Security for an established manufacturing company. He joins Keith and Paul this week to talk about WAF’s, Pentesting, Burp Suite, and more! In the Application Security News, Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Keith and Paul interview Brent Dukes! Brent is a hacker, and Director of Information Security for an established manufacturing company. He joins Keith and Paul this week to talk about WAF’s, Pentesting, Burp Suite, and more! In the Application Security News, Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41 Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Follow us on Twitter: https://www.twitter.com/securityweekly

This week, what happens when support won't change your password, Gmail glitch Phishing Attacks, stopping the Infiltration of Things, Make-A-Wish website serves a Cryptojacking Script, Instagram exposes user passwords, and DirtyCOW is back in backdoor attack targeting Drupal Web Servers! Jason Wood from Paladin Security joins us for expert commentary to discuss how Ford is eyeing the use of customers personal data to boost profits!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode197 Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, what happens when support won't change your password, Gmail glitch Phishing Attacks, stopping the Infiltration of Things, Make-A-Wish website serves a Cryptojacking Script, Instagram exposes user passwords, and DirtyCOW is back in backdoor attack targeting Drupal Web Servers! Jason Wood from Paladin Security joins us for expert commentary to discuss how Ford is eyeing the use of customers personal data to boost profits!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode197 Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Mailing bombs, Gmail glitch Phishing Attacks, Stopping the Infiltration of Things, Make-A-Wish website serves a Cryptojacking Script, Instagram exposes user passwords, and DirtyCOW is back in backdoor attack targeting Drupal Web Servers! Jason Wood from Paladin Security joins us for expert commentary to discuss how Ford is Eyeing the Use of Customers Personal Data to Boost Profits! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode197 Visit http://hacknaked.tv to get all the latest episodes!

Cisco accidentally released Dirty Cow exploit code, Apache Struts Vulnerabilities, Zero Day exploit published for VM Escape flaw, Spam spewing IoT botnet infects 100,000 routers, and some of these vibrating apps turn your phone into a sex toy! Full Show Notes: https://wiki.securityweekly.com/Episode582 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, we welcome Corin Imai, Senior Security Advisor for DomainTools! She joins Paul and the crew to talk about DNS, phishing tools, and tease what DomainTools has in store for 2019! In our Technical Segment, we welcome back Eyal Neemany, Senior Security Researcher at Javelin Networks to talk about securing remote administration, remote credentials, why Jump Servers aren’t as good, and he shows that you have to connect to remote machines using AD! In the Security News, Cisco accidentally released Dirty Cow exploit code, Apache Struts Vulnerabilities, Zero Day exploit published for VM Escape flaw, Spam spewing IoT botnet infects 100,000 routers, some of these vibrating apps turn your phone into a sex toy, and more on this episode of Paul's Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/Episode582 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly 

This week, we welcome Corin Imai, Senior Security Advisor for DomainTools! She joins Paul and the crew to talk about DNS, phishing tools, and tease what DomainTools has in store for 2019! In our Technical Segment, we welcome back Eyal Neemany, Senior Security Researcher at Javelin Networks to talk about securing remote administration, remote credentials, why Jump Servers aren’t as good, and he shows that you have to connect to remote machines using AD! In the Security News, Cisco accidentally released Dirty Cow exploit code, Apache Struts Vulnerabilities, Zero Day exploit published for VM Escape flaw, Spam spewing IoT botnet infects 100,000 routers, some of these vibrating apps turn your phone into a sex toy, and more on this episode of Paul's Security Weekly!   Full Show Notes: https://wiki.securityweekly.com/Episode582 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Cisco Security Bulletins https://tools.cisco.com/security/center/publicationListing.x Ruby Deserialization https://www.elttam.com.au/blog/ruby-deserialization/ Ouch Newsletter: Am I Hacked? https://www.sans.org/security-awareness-training/resources/am-i-hacked Jonathan Sweeny: Smart Contract Botnets https://www.sans.org/reading-room/whitepapers/covert/botnet-resiliency-private-blockchains-38050 https://www.sans.org/reading-room/whitepapers/warfare/tearing-smart-contract-botnets-38650

Cisco Security Bulletins https://tools.cisco.com/security/center/publicationListing.x Ruby Deserialization https://www.elttam.com.au/blog/ruby-deserialization/ Ouch Newsletter: Am I Hacked? https://www.sans.org/security-awareness-training/resources/am-i-hacked Jonathan Sweeny: Smart Contract Botnets https://www.sans.org/reading-room/whitepapers/covert/botnet-resiliency-private-blockchains-38050 https://www.sans.org/reading-room/whitepapers/warfare/tearing-smart-contract-botnets-38650

Cisco accidentally released Dirty Cow exploit code, Apache Struts Vulnerabilities, Zero Day exploit published for VM Escape flaw, Spam spewing IoT botnet infects 100,000 routers, and some of these vibrating apps turn your phone into a sex toy! Full Show Notes: https://wiki.securityweekly.com/Episode582 Follow us on Twitter: https://www.twitter.com/securityweekly

Raymond Evans - CTF organizer for nolacon and Founder of CyDefe Labs     @cydefe CTF setup / challenges of setting up a CTF. Beginners & CTFs Types tips/tricks Biggest downfalls of CTF development   https://www.heroku.com/ www.exploit-db.com   BrakeSec DerbyCon     @dragosinc dragos.com   DNS Enumeration: https://github.com/nixawk/pentest-wiki/blob/master/1.Information-Gathering/How-to-gather-dns-information.md   DNS Tools: https://dnsdumpster.com/ https://tools.kali.org/information-gathering/theharvester   DNS Tutorial https://www.youtube.com/watch?v=4ZtFk2dtqv0 (A cat explains DNS)   https://pentestlab.blog/tag/dns-enumeration/       DNS Logging detailed DNS queries and responses can be beneficial for many reasons. For the first and most obvious reason is to aid in incident response. DNS logs can be largely helpful for tracking down malicious behavior, especially on endpoints in a DHCP pool. If an alert is received with a specific IP address, that IP address may not be on the same endpoint by the time someone ends up investigating. Not only does that waste time, it also gives the malicious program or attacker more time to hide themselves or spread to other machines.   DNS is also useful for tracking down other compromised hosts, downloads from malicious websites, and if malware is using Domain Generating Algorithms (DGAs) to mask malicious behavior and evade detection.   NOTE: However if a Microsoft DNS solution (prior to server 2012) is in use, according to Microsoft, “Debug logging can be resource intensive, affecting overall server performance and consuming disk space. Therefore, it should only be used temporarily when more detailed information about server performance is needed.” From Server 2012 forward DNS analytic logging is much less resource intensive. If the organization is using BIND or some DNS appliance, it should have the capability to log all information about DNS requests and replies.   How difficult has that become with the advent of GDPR and whois record anonymization?     Join our #Slack Channel! Email us at bds.podcast@gmail.com or DM us on Twitter @brakesec #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

Paul reports on a flaw found in Dirty COW patch, Apache Software security updates, more hacks in 2018, and a MailSploit e-mail spoofing flaw! Jason Wood joins us to give expert commentary on a Federal Data Breach Legislation, and more on this episode of Hack Naked News!Full Show Notes: https://wiki.securityweekly.com/HNNEpisode152 Visit http://hacknaked.tv for all the latest episodes!

Paul reports on a flaw found in Dirty COW patch, Apache Software security updates, more hacks in 2018, and a MailSploit e-mail spoofing flaw! Jason Wood joins us to give expert commentary on a Federal Data Breach Legislation, and more on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode152 Visit http://hacknaked.tv to get all the latest episodes!

Paul reports on a flaw found in Dirty COW patch, Apache Software security updates, more hacks in 2018, and a MailSploit e-mail spoofing flaw! Jason Wood joins us to give expert commentary on a Federal Data Breach Legislation, and more on this episode of Hack Naked News! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode152 Visit http://hacknaked.tv to get all the latest episodes!

Paul reports on a flaw found in Dirty COW patch, Apache Software security updates, more hacks in 2018, and a MailSploit e-mail spoofing flaw! Jason Wood joins us to give expert commentary on a Federal Data Breach Legislation, and more on this episode of Hack Naked News!Full Show Notes: https://wiki.securityweekly.com/HNNEpisode152 Visit http://hacknaked.tv for all the latest episodes!

US-Fluglinien verbieten "smarte" Koffer "Smarte" Koffer kennen ihr Gewicht, verraten ihren Aufenthaltsort und laden bei Bedarf Handys. Für all das ist ein Lithium-Ionen-Akku eingebaut. Doch werden solche Stromspeicher beschädigt, können sie Feuer fangen. Daher haben Alaska Airlines, American Airlines und Delta angekündigt, ab dem 15. Januar solche Koffer nicht mehr einzuchecken – es sei denn, der Fluggast entfernt zuvor den Akku. Linux-Patch Dirty Cow erneut gepatcht Der im Oktober vergangenen Jahres von den Linux-Kernelentwicklern veröffentlichte Patch für die Sicherheitslücke "Dirty Cow" hat diese zwar geschlossen, dafür jedoch einen neuen Bug in den Kernel-Code geschleust. Das haben Forscher der IT-Sicherheitsfirma Bindecy während einer Analyse des Dirty-Cow-Patches herausgefunden und auf den Namen Huge Dirty Cow getauft. Nun wurde der geflickte Code noch einmal nachgebessert. Nach dem holperigen Patch-Prozess der ursprünglichen Dirty-Cow-Lücke bleibt nun zu hoffen, dass sich mit dem aktuellen Patch keine neuen Fehler eingeschlichen haben. Unplattbare Räder aus dem 3D-Drucker Autos sollen bald Reifen bekommen, die nie mehr platt werden können. Geht es nach der Vision des französischen Autozulieferers Michelin, werden Fahrzeugreifen künftig auf ganz neue Art mit dem 3D-Drucker produziert – und zwar nicht mehr nur aus Kautschuk beziehungsweise Petroleum-basierten Kunststoffen, sondern aus einem umweltfreundlicheren Material. Vor allem aber wird das Rad nicht mehr mit Luft gefüllt, sondern in einer Einheit aus Reifen und Felge hergestellt. NASA-Sonde Voyager 1 zündet Triebwerke erstmals nach 37 Jahren Die NASA hat erfolgreich Ergänzungstriebwerke von Voyager 1 gezündet, die seit 37 Jahren nicht mehr genutzt worden sind, um die am weitesten von der Erde entfernte Sonde auszurichten. Ab Januar soll Voyager 1 komplett auf die Ergänzungstriebwerke umsteigen, bis den für sie nötigen Heizungen die Energie ausgeht. Dann soll die Sonde auf ihre eigentlichen Triebwerke zurückwechseln und zwei bis drei Jahre länger in der Lage sein, ihre Antenne zur Erde auszurichten. Diese und alle weiteren aktuellen Nachrichten finden sie auf heise.de

This week’s Dumteedum comes from Bye Bye Steve! On this week’s episode we have calls from Lord Louise who’s got issues with Brookfield Luke Hannington who’s playing grown ups Genevieve who’s says cowgate is true to life Bill Gallagher who’s disappointed in the High Courts of Chancery Kosmo who’s feeling uncovered and Emily Thomas who has a plot prediction See acast.com/privacy for privacy and opt-out information.

Episode #111 Episode consacré à la vulnérabilité Dirty COW   The post Dirty COW appeared first on NoLimitSecu.

AT&T Data Security analysts discuss the AT&T CyberSecurity Conference, IoT devices as proxies for crimes, SSHowDowN, data leaked from pagers, Dirty Cow, and the Internet Weather Report.. Originally recorded October 26, 2016.

1. Je s’appelle root : le jour où les objets zombies ont éteint plusieurs services web Résumé de la situation Ce qui s’est passé Non, 1234 n’est pas un password suffisant. Même pour un objet connecté. Un pace maker est déjà hackable... "Dirty COW” s’exporte sur Android ! 2. La délivrance : des infos sur la Nintendo NX Switch Enfin ! Annonce de la Switch de Nintendo Mais on a PAS vu de vrais jeux… Sous le capot : Tegra Inside, quelle puissance et quelle autonomie pour la Switch ? Pas de rétrocompatibilité. Touch or not touch ? La 3DS toujours pas morte ? Et toujours des rumeurs… même après la Révélation... Ni têtes blondes ni têtes blanches, quelle cible pour la Switch ? Quelles ventes ? Des investisseurs blasés ? Alors ? Hot or not ? "Take my money Nintendo !" 3. Et aussi… Le 100% autonome pour les Tesla Tesla veut contrôler votre usage de "ses" véhicules. Déjà qu’on peut plus réparer son tracteur tranquille ! Vers la fin de la “propriété” des objets ? Prochains MacBook Pro : touch ID & barre OLED. Tu tempères toujours nos ardeurs Guillaume ? Les annonces du chinois Xiaomi : MiX sans bordure designé par Philippe Starck (mais qu’est-ce qu’il a bien pu dessiner compte tenu du design de l’appareil ? Le choix des couleurs ?) Le Mi Note 2 avec écran incurvé (compatible 4G européenne, très joli mais à ce stade, ce n’est même plus de la copie, on espère en tout cas que les batteries ne vont pas se mettre à flamber) Le Mi VR (mièvre ou pas ? ah ah ah !) Que penser du fait que Samsung désactive ses Note 7 de manière forcée ? Et que penser de ceux qui voudraient utiliser leur Note 7 malgré tout ? En attendant, on ne sait toujours pas ce qui s’est passé. AT&T rachète Time Warner pour 108 milliards de dollars (dont une dette de 20 milliards ? fichtre) : la diversification des activités des Telecom est impressionnante ! Un risque pour la neutralité du net ? Quand Microsoft voulait racheter Facebook pour 24 milliards de $ Microsoft va bien, merci. Et c’est pas grâce au grand public... Lecture numérique : Amazon propose un Kindle dédié aux mangas Bientôt le live sur Instagram ? Cloud Gaming encore, Shadow propose un PC joueur pour 30€/mois. Mais sans jeux… Le LG G6 fera-t-il l’impasse sur la modularité ? (oui : le G5 était modulaire. Si si !) Une imprimante dans votre sac à main ? Bonjour Zuta,le robot qui écrit mieux que toi ! Bonus : GPP : Black Mirror Saison 3 sur Netflix, 6 épisodes de dystopie à bing watcher en toute quiétude ! Et le premier épisode est une version de "Peeple World" ! Ulrich : Les annonces Razer Cédric : ah bah si bonus ! :-) Second tome du livre de Bruce Benamran : Prenez-le temps d’y penser - tome 2 avec de la mécanique c :P antique Guillaume Vendé : Le porte-biberon pour smartphone relayé par Guillaume Promé Participants : Ulrich Rozier (@ulrichrozier) Cédric Tamboise (@cedsib sur Twitter) Guillaume Poggiaspalla, sur "Machines de jeux" et sur la Nintendo Switch Présenté par Guillaume Vendé (@guillaumevende sur Twitter) et sur Facebook avec une nouvelle page dédiée à mes activités en podcast ; dans un podcast (streetcast) plus intimiste : "La voix de Guillaume"

Kurt and Josh discuss Dirty COW, the big IoT DDoS, and Josh can't pronounce Mirai or Dyn.

Fjerde utgave av Chelsea Supporters Norways podkast, med Svein Ballo, Henning Christensen, Eirik Havdahl, Jon Are Hellevangsdal og Christopher H. Sandøy, tatt opp på The Dirty Cow i Oslo sentrum. Fourth edition of Chelsea Supporters Norway's podcast, with Svein Ballo, Henning Christensen, Eirik Havdahl, Jon Are Hellevangsdal and Christopher H. Sandøy, recorded at The Dirty Cow in central Oslo.

Fjerde utgave av Chelsea Supporters Norways podkast, med Svein Ballo, Henning Christensen, Eirik Havdahl, Jon Are Hellevangsdal og Christopher H. Sandøy, tatt opp på The Dirty Cow i Oslo sentrum. Fourth edition of Chelsea Supporters Norway's podcast, with Svein Ballo, Henning Christensen, Eirik Havdahl, Jon Are Hellevangsdal and Christopher H. Sandøy, recorded at The Dirty Cow in central Oslo.