Wireshark 3.6.0 Released https://isc.sans.edu/forums/diary/Wireshark+360+Released/28076/ Google Cloud Security Report https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf Zoom Patch https://explore.zoom.us/en/trust/security/security-bulletin/ Slack DNSSEC Experience Reports https://slack.engineering/what-happened-during-slacks-dnssec-rollout/
Phishing Pages Hiding Itself Using Dynamically Adjusted IP Based Allow List https://isc.sans.edu/forums/diary/Phishing+page+hiding+itself+using+dynamically+adjusted+IPbased+allow+list/28070/ Trickbot Phishing Checks Screen Resolution to Evade Researchers https://www.bleepingcomputer.com/news/security/trickbot-phishing-checks-screen-resolution-to-evade-researchers/ QNAP QVR Patch https://www.qnap.com/de-de/security-advisory/qsa-21-51 CronRAT Malware Hiding in cron https://sansec.io/research/cronrat
This is something filmed in April of 2019. It was on the heels of a conversation with Hawking, Sagan, Tesla and Einstein. That interview is in the book "Backstage Pass to the Flipside 3" - this one is reproduced in the new book "Tuning into the Afterlife." There's a number of unusual concepts covered in this session, talking to Stephen Hawking about how to access a "slice of time." The story that I'm referring to was told by the actor Hank Azaria on the Stephen Colbert show - prefaced by the "funniest thing I ever heard." He said it was during a table read, and Harry Shearer, the comedian and many voices on the show, was waiting for Hawking who was an hour late to the table read. Harry said "The man has no sense of time." I asked how he was able to know what the punchline to Shearer's joke was, since he wasn't in the room when he said it. Hawking talks about the akashic records as "floppy disks" that retain all the events from a slice of time and refers to them as mathematical numbers (like sequences, like algorithms, like CGI on a computer screen is all 1s and 0s.) At one point Jennifer mentions the physicist Michio Kaku and a violin - something she's not aware of but recently, years after this was filmed, Kaku came out with this latest book about string theory. All I can do is ask questions and report as best I can. Certainly we're going to get some of these answers wrong - but it's worth noting that some of them we get right. I mean - that I ask the right question at the right time to get a mind bending response. Enjoy. Tuning into the Afterlife is out on Audible, Kindle, Paperback and Hard Cover via Amazon.
On today's episode of Hacking the Hustle, Benji Sklar interviewed Hrish Lotlikar, the co-founder and CEO of SuperWorld, a virtual real estate platform where users can buy virtual plots of land, share in revenue generated by user activity, and personalize the real world by adding anything anywhere in augmented reality. Hrish's career has spanned from real estate investment banking on Wall Street, to Silicon Valley and Hollywood with many years spent living and working internationally. This episode is great for learning about the intersection of augmented reality, virtual real estate, and the future of the metaverse.
Jason Haddix, world renowned bug bounty researcher, shares his story and valuable advice that has helped many aspiring pentesters and bug hunters.Jason shares his story of starting in IT, becoming a pentester, to helping a top bug bounty company in the beginning stages. Jason's advice includes learning resources, and career advice that he has shared with many aspiring cybersecurity professionals over the years. Jason being a top ranked bug hunter is well known for his bug bounty methodology which he has presented at numerous conferences and events to help others learning bug bounty._______________________GuestJason HaddixOn Linkedin | https://www.linkedin.com/in/jhaddix/On Twitter | https://twitter.com/Jhaddix______________________HostPhillip WylieOn ITSPmagazine
We've got an interesting topic today, and one that's not that widely discussed, parental burnout. The concept has been around since the 80s, but not something that's really been talked about here in Australia, so we're joined by psychologist and family coach Helene Gatland to tell us more. Mel's 9 year old daughter hacked her work and personal IG accounts, so we're talking about managing kids and social media. And Evie Farrell has found out everything we need to know about travelling safely to Fiji. See omnystudio.com/listener for privacy information.
Mona Shtaya joins host Yara Hawari to discuss the highly invasive mass surveillance of Palestinians by the Israeli regime in light of recent hacking and spying reports. They explore the impact of such tactics on the work of activists and human rights defenders as well as the consequences on Palestinians' daily lives.Support the show (https://al-shabaka.org/donate)
Are you struggling to close deals, but you aren't sure why? You may be using the wrong charisma style! McCall Jones is a former singer and actress turned coach and founder of Charisma Hacking, a set of business systems designed to help entrepreneurs build a fanbase that buys into what they are selling. Join McCall Jones and Host Dan Lesniak as they discuss… ∙ True vs. false faces ∙ The 3 keys to connecting with and converting people ∙ Understanding your authority, compassion, and entertainment styles ∙ Why popular sales scripts may not be working for you …and much more! You won't want to miss these tips for gaining authority, making sales, and entertaining your audience. QUOTES TO SHARE
YARA Rule for OOXML Maldocs: Less False Positives https://isc.sans.edu/forums/diary/YARA+Rule+for+OOXML+Maldocs+Less+False+Positives/28066/ Zero-Day Windows Installer Exploit https://www.bleepingcomputer.com/news/security/malware-now-trying-to-exploit-new-windows-installer-zero-day/ VMWare VCenter Vulnerability and Patch https://www.vmware.com/security/advisories/VMSA-2021-0027.html
In June 2018, we began interviewing five of the people responsible for audio in Half-Life: Alyx from Valve Corporation. The Audio in Half-Life: Alyx introduces you to each person involved in the creation of sounds in the game, and highlights their individual roles for bringing the game to life. Mike Morasky wrote the music for Half-Life: Alyx. Roland Shaw made audio for the creatures and monsters, and for all of the physics objects like matchboxes and lockers and footsteps. Dave Feise did the ambiences, UI sounds, and some of the tools like the Combine fabricator and the hacking puzzles. Emily Ridgway wrote and processed the dialog from the Combine soldiers, and designed the speakers that float alongside a player's ears on Valve's VR Index headset. Lakulish Antani co-invented Steam Audio, a tool for game developers to make environments and the objects in them react with realistic sound. All of the source audio for this documentary is available to patrons of Level with Emily. The source audio includes seven interviews with Mike Morasky, four interviews with Roland Shaw, four interviews with Dave Feise, three interviews with Emily Ridgway and three interviews with Lakulish Antani. Level with Emily Reese would like to thank Mike Morasky for this incredible opportunity and experience, and to Lakulish Antani, Dave Feise, Emily Ridgway, and Roland Shaw for the conversations, and to Valve for allowing it all to happen. Thank you to Nick Marinelli for transcription, to Nick and Chase Bethea for their feedback, and to producer Sam Keenan. PLAYLIST composed by Mike Morasky for Half-Life: Alyx unless noted Chapter 01 00:42 Exposing Hostile 07:58 Triple Laser Phaser from Portal 2 08:35 Cara Mia Addio from Portal 2 09:07 Scanning Hostile Biodats Chapter 06 1:22:00 What Did It Taste Like 1:24:42 Vapor Trail by The Crystal Method from Vegas 1:25:20 Apprehension and Evasion by Kelly Bailey from Half-Life 2 1:26:25 Adrenaline Horror by Kelly Bailey from Half-Life 1:27:10 Echoes of a Resonance Cascade from Half-Life 1:28:28 B3PbIBONACHOCTb 1:29:12 Substation 1:30:21 Level-5 Anti-Civil Activities 1:32:24 Charger 1:35:44 Bozeman by Steel Pole Bath Tub from The Miracle of Sound in Motion 1:36:24 The Good Times by Steel Pole Bath Tub from Unlistenable 1:37:04 The Good Times by Steel Pole Bath Tub from Unlistenable 1:38:40 Quaranta Giorni 1:39:59 Quaranta Giorni 1:40:46 Quaranta Giorni 1:41:45 Terin #6 1:42:34 Terin #6 1:43:43 Quaranta Giori 1:44:32 Overload Protocol 1:45:43 Trans Human Crossfire 1:47:16 Extract. Resonate. Isolate. 1:48:11 A Gentle Docking 1:48:48 A Gentle Docking 1:49:59 Coetaneous (strings only)* 1:50:53 EMC2* 1:52:25 Music from the Vault* 1:53:07 Coetaneous (piano only)* 1:54:03 Coetaneous (for commentary)* 1:54:57 Lightning Dog 1:55:21 Lightning Dog 1:56:16 Lightning Dog 1:56:38 Lightning Dog 1:57:06 Rabid Lightning 1:57:24 Rabid Lightning 1:58:08 Rabid Lightning 1:58:50 Rabid Lightning 1:59:23 Sunset Vault 1:59:59 Sunset Vault 2:00:35 Sunset Vault 2:01:27 Sunset Vault 2:01:45 Xenfestation Control 2:01:51 Xenfestation Control 2:0219 Jeff 2:03:15 Elevatormuzik 2:03:35 Trash Compactor Waltz 2:04:25 Outbreak is Uncontained 2:05:40 Cauterizer 2:06:41 Scanning Hostile Biodats 2:08:40 Let Me Talk To Your Super-Advisor 2:10:51 Beasts of Prey 2:11:41 Beasts of Prey Chapter 07 2:12:14 Valve Alyx 2:13:39 Hacking by David Feise 2:18:49 Icosahedron 2:19:58 Half-Life: Alyx Credits *not part of the Official Sountrack
Simple YARA Rules for Office Maldocs https://isc.sans.edu/forums/diary/Simple+YARA+Rules+for+Office+Maldocs/28062/ Retailers Urged to Patch Magento https://www.theregister.com/2021/11/22/ncsc_magento_updates_black_friday_reminder/ PoC of CVE-2021-42321: pop mspaint.exe on the target https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398 BeC Via Exchange Flaws https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html Windows Priv. Escalation PoC https://github.com/klinix5/InstallerFileTakeOver PHP deserialize vulnerablity in CloudLinux Imunity360 https://blog.talosintelligence.com/2021/11/vulnerability-spotlight-php-deserialize.html
On this week's episode, Kevin interviews military spouse and top AirBnB host, Kaitlyn Dannhardt. Kaitlyn talks about working together to build a team and building her real estate portfolio while on TDY or PCSing. Listen up to hear about how Kaitlyn and her husband continue to find success in short term rentals and how you can get started – and how you can even do it from afar!"I wanna give people that permission to try it out; get your feet wet; have a trial run. You don't have to be perfect – you're not going to be. Accept that and accept that it's a learning experience and then have fun!"-Kaitlyn DannhardtHere are 5 Key Takeaways from this episode:Pivoting When Things Don't Work Out As PlannedWhat Makes a Competitive AirBnB Home?Kaitlyn's AirBnB Deal BreakdownTax Incentives of AirBnBsAirBnB Systems to Facilitate SuccessHonorable Mentions & Useful LinksThe Disciplined Pursuit of LessConnect with KaitlynEmailReady to take the next steps in your Military Real Estate Investing journey? Watch our Masterclass and claim your EPIC reward for action. Tap here to register today!Are you looking for a loan for your next project? Look no further! Check out ADPI Financial Services for all of your residential and commercial lending needs!No Time...No Worries! Get all the info you need now by texting DEAL to 33777Get your 13-Week Action Journal using this special offer just for our faithful podcast listeners! Helpful ResourcesConnect with the ADPI: Facebook | Instagram | YouTubeReady to TAKE ACTION and begin building your cash-flowing real estate empire? Don't go it alone! Check out our exclusive education and coaching products designed for self-starters like the Military Real Estate Investing Academy Thinking bigger? ADPI's exclusive Military Multifamily Academy and Mastermind Waitlist is open now! Sign up to reserve your slot in the most comprehensive, affordable, and educational multifamily real estate course on the web! Please Subscribe, Rate, & Review on Apple PodcastsThanks for tuning in to this week's episode of the Active Duty Passive Income Podcast! If the information shared in these weekly interviews has inspired you to pursue your dreams of financial independence, please do me a personal favor and head over to Apple Podcasts, subscribe to our show, and leave us a 5-star review.Support the show (https://www.patreon.com/adpi)
This week, leading functional medicine expert, Dr. Will Cole, sits down with Lola Priego - founder and CEO of Base, a first-of-its-kind health lab and tracker that uses data science paired with at-home testing to help people feel, look and be their best. Learn about the best lab biomarkers that pinpoint the root causes of what's actually going on with your body, telling you what you need to do for issues like anxiety, hormone balance, stress and sleep. Learn more: www.drwillcole.com get-base.com/willcole code WILLCOLE for 20% off your first month! Produced by Dear Media.
Hikvision Security Cameras Potentially Exposed to Remote Code Execution https://isc.sans.edu/forums/diary/Hikvision+Security+Cameras+Potentially+Exposed+to+Remote+Code+Execution/28056/ Detecting PAM Backdoors https://isc.sans.edu/forums/diary/Backdooring+PAM/28058/ Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem https://dl.acm.org/doi/pdf/10.1145/3460120.3484768 CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/
In the spirit of Thanksgiving Tom and Camille highlight the work their guests are doing that they are thankful for — including ethical considerations of AI, why the race for AI is one of most important for humankind, and how academia and the cyber security industry can work together. The conversation covers: - Leading thoughts on AI - Ethical considerations of AI - Cyber security and digital manufacturing technologies - Why the relationship between academics and the cyber security industry matters ...and more. Don't miss it! The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation. Here are some key take-aways: - AI is one of the most important races in humankind right now, coming second will not be an option. - Human ethics needs to be taken into consideration when developing AI. AI is built on systems and structures in society. These systems have racist structures which means we need to be careful AI doesn't perpetuate inequality. - Digital manufacturers are working on the ability to detect data hacks as they transmit data all over the world. - Academics and the data security industry need to make sure they are engaging with each other to understand future trends. Some interesting quotes from today's episode: “When it comes to certain technologies like Artificial Intelligence, coming in second place can't happen. You know, there's such a first mover's advantage. This is one of the reasons why Vladmir Putin said “whoever masters AI's gonna master the world.” So that race, yes, brings out the best in us, but in some cases, if we don't win, it's going to have an impact on our economy.” Will Hurd, former Congressman and undercover CIA officer “When we ask or think about, you know, who is this responsible to? I think the first question is really where is the greatest impact going to be felt? And to figure that out, I always start by asking or thinking about, you know, in which context will this technology we use be deployed? And who are the communities and users who might be impacted?.” Chloe Autio, Intel alumni and Advisor and Senior Manager, the Cantellus Group “The data security issues, the ability to sort of get in there and, and hack any of that and modify any of that is just sort of stop and stop and step back and think about that and you're like, “Holy cow! There's so many places this could go wrong now. Right. And how do I secure all of this?” Tim Simpson, Paul Morrow Professor of Engineering Design and Manufacturing at Penn State Links to full episodes with each guest: Will Hurd: A Former CIA Officer and Congressman's Thoughts on Cybersecurity, AI and More (Part 1) Chloe Autio: What That Means with Camille: Responsible AI Tim Simpson: Ensuring Security in 3D Printing and Additive Manufacturing Jason Fung: What That Means with Camille: Offensive Research, aka Hacking
Joe Brinkley—or The Blind Hacker as he is most commonly known in the InfoSec community—shares his story of overcoming a disability to achieve his dream job in cybersecurity.Joe is not only a very talented pentester, but a community contributor, speaker, mentor, and Innocent Lives Foundation Ambassador. Joe shares his story and advice on getting started in cybersecurity._______________________GuestJoe "The Blind Hacker" BrinkleyOn Linkedin | https://www.linkedin.com/in/brinkleyjoseph/On Twitter | https://twitter.com/TheBlindHackerOn YouTube | https://www.youtube.com/user/brinkleyjm______________________HostPhillip WylieOn ITSPmagazine
This is one of those unusual podcasts where again, no plan, just chatting with Jennifer. And in this case, a dog came through that I knew 30 years ago - that I walked for three years for my then boss Robert Towne, Oscar winning screenwriter. Hira was a unique pet - treated me like a vassal, had a persona that I can remember thinking "this isn't a dog. This is like a person who allows me to walk with him, rather than walk him." Robert and Hira had a terrific bond, even though Robert had other dogs before and since. Some years ago, when I was talking to Robert about my research, he told me he was a skeptic, didn't believe in any version of there being an afterlife. And so, as a proof of concept, I scheduled a conversation with Jennifer and our mutual friend Ed Taylor, who passed away, but knew Robert from college. He came through clear as a bell, and towards the end of the interview, I asked if I could "speak to Hira." Jennifer had no idea who that was - but realized it was a dog. We had a detailed conversation with him - and have since then numerous times. Hira recalls so many events with specificity that I could not know, it forced Robert to say to me "I was convinced my whole life that the afterlife didn't exist, and now I'm convinced it does. What happened?" Experience happened. Hira is only known to Robert - and not to me, really. But Robert and him spent time together, he credits Hira with Robert writing "Chinatown" because of the way he used to smell the air on Catalina. He credits Hira with his writing "Greystoke: Tarzan" - because he realized how sentient of a being Hira was. So the idea that Hira would "come through" because he wanted to speak to us about "how to communicate with animals" is mind bending. I didn't invite him, wasn't thinking about him - nor was Jennifer. Luana Anders, our moderator on the flipside, the person with the clipboard, knew Hira. And here he is - giving us new information about "how to speak with your pet no longer on the planet." It's mind bending, and I know it's accurate because I've been doing this work for ten years. It's fine for people to dismiss it, ignore it, even laugh about it - it doesn't change the fact that I've been getting new information from animals no longer on the planet during many of my filmed sessions. There are a few examples in the documentary "Hacking the Afterlife" on Gaia, and in the book "Architecture of the Afterlife." Anyone can do the same - doesn't need a medium (it helps) doesn't need a hypnotherapist (it helps) or me giving them a guided meditation. Our loved ones are not gone, and our pets are not gone either.
Grab your FREE copy of The Biohacker's Guide To Upgraded Energy (just help with s/h) now at https://biohackersguide.com/free-guide Mail your letters sharing your biohacking stories, health questions, and donations to: Anthony DiClementi PO Box 7151 Deerfield, IL 60015 Listen to our Top 100 health and fitness podcast The Biohacking Secrets Show at http://BiohackerRadio.com - Learn more about our one-on-one Biohacker Coaching program www.BiohackerCoaching.com - Grab your free copy of The Biohacker's Guide to Upgraded Energy and Focus (just help with s/h) https://biohackersguide.com/free-guide - Subscribe to our free email newsletter www.biohackersguide.com/energycrash - Subscribe to The Biohacking Secrets Show podcast https://podcasts.apple.com/us/podcast/the-biohacking-secrets-show/id1139825099 Join Our Uncensored Telegram Channel for VIP Biohacking Content You Can't Get On Social Media https://t.me/joinchat/GFCs4ezgCQ4vHi3S
DDS Protocol Implementation Vulnerabilities https://us-cert.cisa.gov/ics/advisories/icsa-21-315-02 Siemens TCP/IP Flaws https://www.forescout.com/blog/new-critical-vulnerabilities-found-on-nucleus-tcp-ip-stack/ Netgear UPNP Stack Based Buffer Overflow https://blog.grimm-co.com/2021/11/seamlessly-discovering-netgear.html
Edie Clark is an incredible Remote Video Creator and Video Editor. She offers consultations, video strategy, remote video creation, and video editing services to entrepreneurs interested in growing their online presence by marketing their businesses using videos and YouTube. Edie helps clients who wish to outsource their needs as well as those interested in learning how to do things on their own. In this episode, I sit down with Edie to talk about what it takes to succeed on Youtube, to generate leads from your channel, and how to grow from your mistakes. Edie is a wealth of knowledge for service based creators (or really any creator) who are looking to generate leads from their channel. Join the Money and Youtube Clubhouse room on Fridays: https://www.clubhouse.com/club/talking-youtube-by-vidiq Join our Facebook Group: http://t.ly/Nl9T Get vidIQ to blow up your channel at womeonofyoutube.com/vidiq Follow Desiree at http://t.ly/GbY4 Connect with Edie at https://www.youtube.com/c/VirtuallyINSync1 Time Stamps: 00:00 - Podcast topic intro 02:22 - Meet Edie 04:55 - The challenges Edie has faced 08:39 - Targeting your audience correctly 11:28 - Hacking the search mystery 15:55 - How Edie generates income with Youtube 22:55 - The most important thing you should be doing 24:55 - The greatest mistakes creators are making 29:40 - Rapid fire fun --- Send in a voice message: https://anchor.fm/womenofyoutube/message
Emotet Returns https://isc.sans.edu/forums/diary/Emotet+Returns/28044/ GitHub Improves npm Security https://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/ Intel CPU Debug Vulnerability https://www.ptsecurity.com/ww-en/about/news/positive-technologies-discovers-vulnerability-in-intel-processors-used-in-laptops-cars-and-other-devices/ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html Home Router Vulnerability Listing https://modemly.com/m1/pulse
This week on the podcast we interviewed former Stanford marketing lecturer and best-selling author Nir Eyal. We invited Nir to share his extensive knowledge and some of the research he conducted to write his book, Indistractable, and our conversation led to some incredible time-saving tips for email marketing that you can also apply to your life and business. So if you're struggling to find the time for email marketing (or anything that matters to you) and want to know how to eliminate distraction and finally get it done, THIS. IS.IT. Ready for the penny to finally drop? Because honestly, this is a-mazing stuff! SOME EPISODE HIGHLIGHTS: (3:12) Did a member of the British Royal Family really hold a door open for Nir? (6:41) What even is 'distraction'? (11:38) What are the triggers that drive us to distraction? (13:09) The 4 strategies to becoming indistractable. (13:36) Why recognising and mastering internal triggers is important. (15:42) Taking responsibility of your emotional states. (19:00) Does accountability work? (23:36) Do consequences and incentives matter? (25:49) Why time-boxing is better than running your life on a to-do list. (31:20) Subject line of the week with Nir Eyal. What even is 'distraction'? When it comes to email marketing, one of the biggest things that stop course creators, membership owners, and coaches and consultant from getting it done is time. We say we'll get something done, but then we don't. Why don't we follow through? We claim we get distracted, but what even is 'distraction'? Nir started us off by looking at the word distraction and its opposite, which is the word traction. Traction is any action that pulls you towards the things you do with intent and moves you closer to your values to help you become the kind of person you want to become. So dis-traction is any action that pulls you further away from your values. Anything can be a distraction if it's not what you plan to do with your time. And yes, that includes those work-related things that make us feel we're being productive! And according to Nir, this is the most dangerous form of distraction - the one that tricks you into prioritising the easy and the urgent at the expense of the important work you have to do to move your business, your career, and your life forward. This means that all the things that we typically call 'distracting' (like checking social media or playing a video game) can be traction, as long as we do them according to our values and schedules. What are the triggers that drive us to distraction? Nir explains there are two kinds of triggers: External triggers. These at the 'calls to action' that come from our outside environment - the things that others ask us to do. Internal triggers. These are uncomfortable emotional states that we seek to escape from, like fearfulness, uncertainty, boredom, loneliness, stress, anxiety, etc. People tend to blame external triggers for distraction. But did you know they only account for 10% of the time we get distracted? The other 90% of the time we get distracted because of something that happens inside of us - it's because of our internal triggers. When we experience uncomfortable emotional states we look for distractions to take our minds off them. Mind-blowing, right? The 4 strategies to becoming indistractableNir explained there are 4 steps to becoming indistractable, and all of them need to be in place if you want them to work! The 4 steps are: Mastering internal triggers. Making time for traction. Hacking back the external triggers in our environment. Preventing distraction with pacts. This is where we use a pre-commitment device to stop us from getting distracted. Why recognising and mastering internal triggers is importantSo the first step to becoming indistractable is to master your internal triggers. That's because unless you know what to do when you experience emotional discomfort, you're...
Microsoft Emergency Update fixes AD Authentication Problems https://support.microsoft.com/en-us/topic/november-14-2021-kb5008601-os-build-14393-4771-out-of-band-c8cd33ce-3d40-4853-bee4-a7cc943582b9 Using Copy Paste to Change Microsoft AD Password https://isc.sans.edu/forums/diary/Changing+your+AD+Password+Using+the+Clipboard+Not+as+Easy+as+Youd+Think/28036/ Parking Pages Used to Distrbute Malware https://blog.netlab.360.com/zhatuniubility-malware-uses-namesilo-parking-pages-and-googles-custom-pages-to-spread/ Blacksmith Revives Rowhamer https://comsec.ethz.ch/research/dram/blacksmith/
Today's guest is Gary Hibberd, AKA "The Professor of Communicating Cyber" for the Cyberfort Group. Gary has worked in cybersecurity for over 35 years, spending much of that time in highly regulated industries. We get into some areas that we've not covered all that much on the podcast before, such as the impact of branding and marketing on cybersecurity, and how organizations might be missing a trick if they're not talking to their marketing teams about how they're keeping their customers' data safe. We also talk about the work that Gary does for his charity, Gamers Beat Cancer. Plus, if you haven't seen it already, he shared his experiences for our recent e-book on mental health and burnout.The wonderful Tazin Khan is also back, and she opens the show with a thoughtful discussion on how experts aren't always the best teachers, and how we can best create community and representatives that can help our mission as an industry.
Edwin Robbe had a troubled life, but found excitement and purpose by joining an audacious community of hackers. Then the real world caught up with his online activities. By Huib Modderkolk. Help support our independent journalism at theguardian.com/longreadpod
Not So Fake FBI E-Mails https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-incident-involving-fake-emails https://isc.sans.edu/forums/diary/External+Email+System+FBI+Compromised+Sending+Out+Fake+Warnings/28034/ https://twitter.com/spamhaus/status/1459450061696417792 Reversing Obfuscated Maldoc with BASE64 https://isc.sans.edu/forums/diary/Obfuscated+Maldoc+Reversed+BASE64/28030/ Zoom Updates https://explore.zoom.us/en/trust/security/security-bulletin/ VMWare VCenter Update https://www.vmware.com/security/advisories/VMSA-2021-0025.html Windows User Profile 0-Day LPE https://halove23.blogspot.com/2021/10/windows-user-profile-service-0day.html
On Oct 28, Facebook announced a rebranding and spoke about its ambitions for becoming a Metaverse company. We did an episode on this last week, and this week, we're going to look at a few possible implications. Will our houses get smaller? WTF is a virtual world builder? Will NFTs finally make sense? All this and more and Chuck and Tony put on their speculative hats... Or should we say headsets. Add one part news, one part bad jokes, one part Wikipedia research, one part cult references from spending too much time on the internet, one part Wodehouse quotes, and one part quality puns, and you get Simblified. A weekly podcast to help you appear smarter, to an audience that knows no less! Your four hosts - Chuck, Naren, Srikeit and Tony attempt to deconstruct topics with humour (conditions apply). Fans of the show have described it as "fun conversations with relatable folks", "irreverent humour", "the funniest thing to come out of Malad West" and "if I give you a good review will you please let me go". Started in 2016 as a creative outlet, Simblified now has over 200 episodes, including some live ones, and some with guests who are much smarter than the hosts. Welcome to the world of Simblified! You can contact the hosts on: Chuck: twitter.com/chuck_gopal / instagram.com/chuckofalltrades Naren: twitter.com/shenoyn / instagram.com/shenoynv Tony: twitter.com/notytony / instagram.com/notytony Srikeit: twitter.com/srikeit / instagram.com/srikeit
Eric Taylor, formerly known as "Cosmo The God," began hacking at age 12 and by age 15 he was leaking the social security numbers of celebrities and high profile politicians, only to find himself face-to-face with the FBI SWAT team. In this episode of Cybercrime Radio, Eric joins host Hillarie McClure to share his story about how he became "Cosmo The God," why he wasn't financially motivated when leaking the SSNs of Joe Biden and Kim Kardashian alike, and why the entire experience made him reform and become a cybersecurity ally. For more on cybersecurity, visit us at https://cybersecurityventures.com
Social Engineering expert Chris Hadnagy entrepreneur, DEFCON Social Engineering Village, and Innocent Lives Foundation founder shares his story.Chris shares story of being recruited by Offensive Security, discovering his talent and interest for social engineering. Chris has authored multiple books on social engineer, founded the DEFCON Social Engineering Village, and the Innocent Lives Foundation. Chris runs his own business as well as hosts a social engineering conference. Listen as Chris shares his intriguing story._______________________GuestChris HadnagyOn Linkedin | https://www.linkedin.com/in/christopherhadnagy/On Twitter | https://twitter.com/humanhacker______________________HostPhillip WylieOn ITSPmagazine
In Memory of Alan Paller. Cyber Security Industry Titan and SANS Institute Founder https://www.sans.org/press/announcements/alan-paller-cyber-security-industry-titan-and-sans-institute-founder-passes-away/ https://isc.sans.edu/forums/diary/In+Memory+of+Alan+Paller/28026/
On today's program, we take a look at a group of Hackers for Jesus. And a new study by the Hartford Institute says COVID has led to both innovation and conflict in America's churches. We begin today with more news from the Southern Baptist Convention. There's a quick, easy, and FREE way you can support this podcast, and that is to give us a rating on your podcast app. The more ratings we get, the more attention we get from search engines, and that helps new listeners find us. And, by the way, when you give us a rating, leave us a comment, too. I read them all. The producers for today's program are Rich Roszel and Steve Gandy. We get database and other technical support from Cathy Goddard, Stephen DuBarry, and Casey Sudduth. Writers who contributed to today's program include Anne Stych, Steve Rabey, Bob Smietana, and Shannon Cuthrell. Special thanks to Religion UnPlugged for contributing material for this week's program. Until next time, may God bless you.
On this weeks episode we blab about the following Games and topics: Whatcha Been Playing? Forza Horizon 5 COD: Vanguard Guardians of the Galaxy News:Cross Platform / PC / Misc. Elden Ring: FromSoftware Reveals 15 Minutes Of Gameplay Elden Ring test keys are selling for hundreds on eBay EA (Ubisoft) says NFTs will be an "important part about the future of our industry" Ubisoft employees launch petition seeking public support for improved working conditions Amazon says will take "remediation steps" against New World players who "egregiously exploited" coin duplication bug Back 4 Blood gets single-player, offline progression next month, new expansion in 2022 Valve has delayed Steam Deck into next year PlayStation PlayStation-exclusive Spider-Man finally arrives in Marvel's Avengers later this month Hacking group claims to have hit a major PS5 milestone Nintendo Nintendo says it will "improve and expand" Nintendo Switch Online Xbox Halo Infinite battle passes will run you $10 and can be swapped at will PSA's: Epic Games Store Freebies: Tiny Tina's Assault on Dragon Keep and Rogue Company Season Four Epic Pack Free 4 All: Pixel 6 Pro Help support the show: - Subscribe to our Twitch channel http://twitch.tv/geekoholics - Use our Epic Creator Code: GEEKOHOLICS when purchasing items in Fortnite or buying games on the Epic Games Store - Please review the show (bit.ly/geekoholics) on Apple Music, Apple Podcasts and to share with your friends. Reviews help us reach more listeners, and the feedback helps us to produce a better show. Join our Discord server: CLICK HERE Don't forget to follow our Social Media Feeds to keep up to date on our adventures: Youtube TwitterInstagram Facebook Thanks for listening and have a great weekend! You can reach me on Twitter @RicF
Have you ever thought about taking a break from social media and or the use of your PC, laptop or mobile phone? We discuss how being plugged into the grid has altered our lives in a negative manner. My guest is Nakia "Bones" Cole. Please - Go To Apple Podcast And Like, Share, Subscribe and Rate The Show.
Ein Horrorszenario für alle Kryptoinvestoren: den Zugang zur Wallet zu verlieren. Das Start-Up ReWallet zieht alle Register, um dabei zu helfen, die Wallet zu knacken. Im Gespräch mit Ana erzählt Gründer Bruno Krauss, welche Hacking-Tools er dafür einsetzt, wie hoch die Chance liegt, so eine Wallet zu knacken und wo auch er an Grenzen stößt.
Shadow IT Makes People More Vulnerable to Phishing https://isc.sans.edu/forums/diary/Shadow+IT+Makes+People+More+Vulnerable+to+Phishing/28022/ PaloAlto Networks GlobalProtect VPN CVE-2021-3064 https://www.randori.com/blog/cve-2021-3064/?i=2 Citrix ADC/Gateway/SD-WAN WANOP Patch https://support.citrix.com/article/CTX330728 HPE Aruba Breach https://www.arubanetworks.com/support-services/security-bulletins/central-incident-faq/
This is our Wednesday show, the time of the week when we niche down to a single topic. Today we spoke about the revolution within agriculture otherwise known as vertical farming.Alex and Natasha spoke to Hardware editor Brian Heater, who recently wrote a TC-1 about Bowery Farming spanning over 11,000 words and topics such as the taste of sustainable turnips and produce sections at grocery stores. The core of his multi-part exploration, though, was built around a question: Can Bowery Farms bring the newest and most innovative technologies to bear on civilization's oldest and most optimized industry?As a result, our episode went down a lot of tasty rabbit holes. We spoke about the current state of vertical farming, the challenges that come with commercialization and our struggling climate, and if your local dairy farm is actually thinking about adding a robot to their staff.There was more to chew on, including the balance between sustainability and profit, how to think about carbon footprints, the commercialization of vertical farming today, and how some folks are spending $30 on a strawberry. We had lovely time and will have Brian back on the pod.Here's the TC-1 if you're interested:Bowery Farming is forcing us all to look up at the future of vertical agriculture (3,500 words/14 minutes) — explores the evolution of vertical farming, it's expansion in Japan and how Bowery Farming was started to bring indoor farming to the masses in the United States.Hacking lettuce for taste and profit (2,500 words/10 minutes) — evaluates how Bowery collects data from its farms in order to optimize flavor while also potentially expanding its produce line into new categories like strawberries and turnips.Can LEDs ultimately replace the sun? (2,100 words/8 minutes) — investigates two of the most important questions about Bowery Farming: Can it develop a competitive moat with its technology (which it dubs BoweryOS) and just how much environmental benefit can the company derive from its farms?The voracious fight for your salad bowl (3,000 words/12 minutes) — looks at the extremely competitive nature of the produce section at the grocery store and how Bowery intends to build a brand with consumers while finding a route to profitability.The Equity team will be back Friday morning with our weekly roundup. Our hearts go out to Mary Ann who will return to us in due time, and our general ire is reserved for Danny. Because we are still smarting from his divorcing of us for Lux.
A conversation with my former boss at Salesforce on how the corporate world can set you up for success and confidence as an entrepreneur. And, ways to "hack" entrepreneurship by acquiring existing companies and improving your chances of success.Time Stamps: [1:40] Aaron's eclectic professional background and how he leveraged it to prepare for entrepreneurship [5:38] Why being told you can't succeed can be a major opportunity [7:30] How Aaron leveraged his time in the corporate world to learn as much as possible for entrepreneurship [9:25] You wear a lot of hats as an entrepreneur, and developing a broad business acumen will serve you well [10:25] Becoming a CEO while still working full-time [13:25] What made you become an entrepreneur? [15:00] Why corporate experience is something to soak up [17:10] Advice for the person working full-time that wants to become an entrepreneur and needs to balance priorities [20:15] Choosing the business you start [22:53] Founding Vertical Profits and “entrepreneurship-hacking” [27:15] Ways to acquire a company without “throwing a bag of money on the table” and what to look for [33:10] Removing the barrier of entry to entrepreneurship [35:30] Stat: how many businesses are put up to sell in the US every year [36:30] How to find a business for sale if you're busy AF and things to be aware of [41:26] Negotiation and cordial, amenable ways to do it [44:38] How people can work with Aaron and Vertical Profits (in an advisory capacity) [46:14] Re-use the same strategy and use the first acquisition as a “platform company” [47:52] Upsides of going the acquisition route --Let's connect!Connect with Aaron:LinkedInEmail: email@example.comConnect with Alessia:Claim your FREE coaching call exclusively for Corporate Dropout listeners! alessiacitro.com/dropoutInstagram: @corporatedropoutofficial and @alessiacitro__TikTok: @alessiacitro__ Show Support:If you enjoy this podcast please Rate, Review, Subscribe and SHARE this out at Apple Podcasts at The Corporate Dropout Podcast Big shout out to our team that makes this show possible!If you are looking to start your own podcast or join the network, hit up @upstarterpods on Instagram!
Microsoft November 2021 Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+November+2021+Patch+Tuesday/28018/ Adobe Patches https://helpx.adobe.com/security.html BusyBox Vulnerabilities https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
Very special episode for you this week! I wanted to share an excerpt from the book I've been writing called, "Hack Your Health". I'll explain the name and why I started writing this book but in this particular excerpt, I share my tips for hacking your hunger while on a weight loss journey so you can reach your goal and not go crazy hungry in the process! Time Stamps: (1:25) Managing Hunger (1:40) Why I Wrote This Book (3:05) Diving Into The Book (7:37) Macro Hacks (11:37) Meal Timing (12:56) Protein (14:15) Sleep (15:20) Recap (17:30) Follow the Journey! ---------------------------- Join the Free Facebook Group "Hack Your Health" ---------------------------- Follow Us on Instagram! @fitnessshaman @dalalovesdumbbells @dldnation ---------------------------- Apply for DLDNation's Online Fitness and Nutrition Coaching Specialization Course and Take the Next Step in Your Business Journey! ---------------------------- If You're Ready to Make an Even BIGGER Impact, Apply for the Next Level Coaching Academy! ---------------------------- We have helped over 3,000 people transform their lives through sustainable health! If you want to be the next, click here to apply for coaching! ---------------------------- Check out our website for freebies, amazing client results, and more! DLDNation.com
(Ab)Using Security Tools & Controls for the Bad https://isc.sans.edu/forums/diary/AbUsing+Security+Tools+Controls+for+the+Bad/28014/ Targeted Attack Campaign Against ManageEngine ADSelfService Plus https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge/ Image-Scaling Attacks in Machine Learning https://www.usenix.org/system/files/sec20fall_quiring_prepub.pdf
Is Colin buried yet? Missing cups and containers oh my… Weekend email stories… Kenyans win NYC marathon... Oldest hiker record on Appalachian trail… Action packed Sundays… Subscribe to the YouTube Channel… Email to Chewingthefat@theblaze.com Subscribe www.blazetv.com/jeffy / Promo code jeffy… #ShaveHeadSaveHuman Eaten by piranhas escaping bees… Eternals weekend… Tiger King has cancer… Most Prescribed Drugs… New weight loss plant / drug… Hacking issues… Military and China… Biden / DOJ / FBI / Family… Haitian Kidnapping.. Mandate freeze… Pfizermectin… Night of the Long Fart… Learn more about your ad choices. Visit megaphone.fm/adchoices
Decyprting Cobalt Strike Traffic With Keys Extracted From Process Memory https://isc.sans.edu/forums/diary/Decrypting+Cobalt+Strike+Traffic+With+Keys+Extracted+From+Process+Memory/28006/ XMount for Disk Images https://isc.sans.edu/forums/diary/Xmount+for+Disk+Images/28002/ More Proactive SIMs https://medium.com/telecom-expert/more-proactive-sims-f8da2ef8b189 Thunderbird Update https://www.mozilla.org/en-US/security/advisories/mfsa2021-50/
October 2021 Forensic Contest Answers and Analysis https://isc.sans.edu/forums/diary/October+2021+Forensic+Contest+Answers+and+Analysis/27998/ CVE-2021-43267: Remote Linux Kernel Heap Overflow in TIPC Module https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/ Cisco Patches https://tools.cisco.com/security/center/publicationListing.x The Security Risk of Lacking Compiler Protection in WebAssembly https://arxiv.org/abs/2111.01421
Gitlab CVE-2021-22205 Exploited (and often not patched) https://www.rapid7.com/blog/post/2021/11/01/gitlab-unauthenticated-remote-code-execution-cve-2021-22205-exploited-in-the-wild/ New Proxy Shell Exploits Seen Against Exchange https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html Blackmatter Shutting Down Again https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-moves-victims-to-lockbit-after-shutdown/ Android 0-Day Patched https://source.android.com/security/bulletin/2021-11-01