Podcasts about Steganography

In this thought-provoking episode of Project Synapse, host Jim and his friends Marcel Gagne and John Pinard delve into the complexities of artificial intelligence, especially in the context of cybersecurity. The discussion kicks off by revisiting a blog post by Sam Altman about reaching a 'Gentle Singularity' in AI development, where the progress towards artificial superintelligence seems inevitable. They explore the idea of AI surpassing human intelligence and the implications of machines learning to write their own code. Throughout their engaging conversation, they emphasize the need to integrate security into AI systems from the start, rather than as an afterthought, citing recent vulnerabilities like Echo Leak and Microsoft Copilot's Zero Click vulnerability. Derailing into stories from the past and pondering philosophical questions, they wrap up by urging for a balanced approach where speed and thoughtful planning coexist, and to prioritize human welfare in technological advancements. This episode serves as a captivating blend of storytelling, technical insights, and ethical debates. 00:00 Introduction to Project Synapse 00:38 AI Vulnerabilities and Cybersecurity Concerns 02:22 The Gentle Singularity and AI Evolution 04:54 Human and AI Intelligence: A Comparison 07:05 AI Hallucinations and Emotional Intelligence 12:10 The Future of AI and Its Limitations 27:53 Security Flaws in AI Systems 30:20 The Need for Robust AI Security 32:22 The Ubiquity of AI in Modern Society 32:49 Understanding Neural Networks and Model Security 34:11 Challenges in AI Security and Human Behavior 36:45 The Evolution of Steganography and Prompt Injection 39:28 AI in Automation and Manufacturing 40:49 Crime as a Business and Security Implications 42:49 Balancing Speed and Security in AI Development 53:08 Corporate Responsibility and Ethical Considerations 57:31 The Future of AI and Human Values

In this episode of Hashtag Trending, titled 'The Inflection Point: AI's Gentle Singularity and the Security Conundrum', the hosts grapple with planning their show amidst rapid technological changes and delve into a blog post by Sam Altman on the 'Gentle Singularity.' The discussion touches on concepts from astrophysics and AI, explaining the singularity where AI progresses beyond human control. Historical AI figure Ray Kurzweil is mentioned for his predictive insights. They explore how large language models mimic human behavior, their strengths in emotional intelligence, and the inevitable march towards superintelligence. This technological optimism is countered with a serious look at security flaws in AI models and real-world examples of corporate negligence. They highlight the critical need for integrating security into AI development to prevent exploitation. The episode concludes with a contemplation of human nature, the ethics of business, and an advocacy for using AI's potential responsibly. 00:00 Introduction and Show Planning 00:20 Discussing Sam Altman's Gentle Singularity 01:06 Ray Kurzweil and the Concept of Singularity 02:41 Human-Machine Integration and Event Horizon 05:02 AI Hallucinations and Human Creativity 09:02 Capabilities and Limitations of Large Language Models 10:27 AI's Role in Future Productivity and Quality of Life 13:02 Debating AI Consciousness and Singularity 25:51 Security Concerns in AI Development 30:57 Hacking the Human Brain: Elections and Persuasion 31:16 Understanding AI Models and Security 33:04 The Role of CISOs in Modern Security 34:43 Steganography and Prompt Injection 37:26 AI in Automation and Security Challenges 38:47 Crime as a Business: The Reality of Cybersecurity 40:47 Balancing Speed and Security in AI Development 51:06 Corporate Responsibility and Ethical Leadership 55:29 The Future of AI and Human Values

This show has been flagged as Clean by the host. Apologies for not introducing myself in the audio! I struggled a bit to take on this topic at a high enough level to keep it to about a half hour, because every subtopic is nuanced and the details are always technical. Not sure how well it worked out but my intention was to focus mainly on the 2 most common examples - hiding messages in text and in images. Topics I mentioned: encryption vs steganography who uses steganography and for what purpose? hiding text in text hiding data in images using LSB encoding hiding data in other places steganalysis If you want to leave feedback, consider saying whether you think it would be more useful to talk about: using the most popular tools and software detailed look at specific steganographic techniques case studies in the unlikely case that I do a followup episode (I doubt there's a strong interest in this topic) Provide feedback on this episode.

SVG Steganography Steganography is not only limited to pixel-based images but can be used to embed messages into vector-based formats like SVG. https://isc.sans.edu/diary/SVG%20Steganography/31978 Fortinet Vulnerability Details CVE-2025-32756 Horizon3.ai shows how it was able to find the vulnerability in Fortinet s products, and how to possibly exploit this issue. The vulnerability is already being exploited in the wild and was patched May 13th https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/ Remote Prompt Injection in GitLab Duo Leads to Source Code Theft An attacker may leave instructions (prompts) for GitLab Duo embedded in the source code. This could be used to exfiltrate source code and secrets or to inject malicious code into an application. https://www.legitsecurity.com/blog/remote-prompt-injection-in-gitlab-duo

Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-477

Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-477

Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-477

Steganography Challenge Didier revealed the solution to last weekend s cryptography challenge. The image used the same encoding scheme as Didier described before, but the columns and rows were transposed. https://isc.sans.edu/forums/diary/Steganography%20Challenge%3A%20My%20Solution/31912/ FBI Warns of End-of-life routers The FBI is tracking larger botnets taking advantage of unpatched routers. Many of these routers are end-of-life, and no patches are available for the exploited vulnerabilities. The attackers are turning the devices into proxies, which are resold for various criminal activities. https://www.ic3.gov/PSA/2025/PSA250507 ASUS Driverhub Vulnerability ASUS Driverhub software does not properly check the origin of HTTP requests, allowing a CSRF attack from any website leading to arbitrary code execution. https://mrbruh.com/asusdriverhub/ RV-Tools SEO Poisoning Varonis Threat Labs observed SEO poisoning being used to trick system administrators into installing a malicious version of RV Tools. The malicious version includes a remote access tool leading to the theft of credentials https://www.varonis.com/blog/seo-poisoning#initial-access-and-persistence

Steganography Challenge Didier published a fun steganography challenge. A solution will be offered on Saturday. https://isc.sans.edu/diary/Steganography+Challenge/31910 Microsoft Makes Passkeys Default Authentication Method Microsoft is now encouraging new users to use Passkeys as the default and only login method, further moving away from passwords https://www.microsoft.com/en-us/security/blog/2025/05/01/pushing-passkeys-forward-microsofts-latest-updates-for-simpler-safer-sign-ins/ Microsoft Authenticator Autofill Changes Microsoft will no longer support the use of Microsoft authenticator as a password safe. Instead, it will move users to the password prefill feature built into Microsoft Edge. This change will start in June and should be completed in August at which point you must have moved your credentials out of Microsoft Authenticator https://support.microsoft.com/en-gb/account-billing/changes-to-microsoft-authenticator-autofill-09fd75df-dc04-4477-9619-811510805ab6 Backdoor found in popular e-commerce components SANSEC identified several backdoored Magento e-commerce components. These backdoors were installed as far back as 2019 but only recently activated, at which point they became known. Affected vendors dispute any compromise at this point. https://sansec.io/research/license-backdoor

Steganography Analysis With pngdump.py: Bitstreams More details from Didiear as to how to extract binary content hidden inside images https://isc.sans.edu/diary/Steganography%20Analysis%20With%20pngdump.py%3A%20Bitstreams/31904 Using Trusted Protocols Against You: Gmail as a C2 Mechanism Attackers are using typosquatting to trick developers into installing malicious python packages. These python packages will use GMail as a command and control channel by sending email to hard coded GMail accounts https://socket.dev/blog/using-trusted-protocols-against-you-gmail-as-a-c2-mechanism Security Brief: French BEC Threat Actor Targets Property Payments A French business email compromise threat actor is targeting property management firms to send emails to tenents tricking them into sending rent payments to fake bank accounts https://www.proofpoint.com/us/blog/threat-insight/security-brief-french-bec-threat-actor-targets-property-payments SANS.edu Research Journal https://isc.sans.edu/j/research

Example of a Payload Delivered Through Steganography Xavier and Didier published two diaries this weekend, building on each other. First, Xavier showed an example of an image being used to smuggle an executable past network defenses, and second, Didier showed how to use his tools to extract the binary. https://isc.sans.edu/diary/Example%20of%20a%20Payload%20Delivered%20Through%20Steganography/31892 SAP Netweaver Exploited CVE-2025-31324 An arbitrary file upload vulnerability in SAP s Netweaver product is actively exploited to upload webshells. Reliaquest discovered the issue. Reliaquest reports that they saw it being abused to upload the Brute Ratel C2 framework. Users of Netweaver must turn off the developmentserver alias and disable visual composer, and the application was deprecated for about 10 years. SAP has released an emergency update for the issue. https://reliaquest.com/blog/threat-spotlight-reliaquest-uncovers-vulnerability-behind-sap-netweaver-compromise/ https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/ Any.Run Reports False Positive Uploads Due to false positives caused by MS Defender XDR flagging Adobe Acrobat Cloud links as malicious, many users of Any.Run s free tier uploaded confidential documents to Any.Run. Anyrun blocked these uploads for now but reminded users to be cautious about what documents are being uploaded. https://x.com/anyrun_app/status/1915429758516560190

Here's why this is a good thing! And YES... for some reason my brain defaults to "Stenography" when I think of Steganography, in the same way my father used to always say "Bis-quit" instead of biscuit lol For steps on checking on this issue here is OpenAI's guidance: https://openai.com/index/memory-and-new-controls-for-chatgpt/

Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US Malicious Go Binary Delivered via Steganography in PyPi https://blog.phylum.io/malicious-go-binary-delivered-via-steganography-in-pypi/

Apple Updates Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20macOS%2C%20iOS%2C%20iPadOS%2C%20watchOS%2C%20tvOS%20updated./30916 Juniper OpenSSH Update https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US Malicious Go Binary Delivered via Steganography in PyPi https://blog.phylum.io/malicious-go-binary-delivered-via-steganography-in-pypi/

[Referências do Episódio] Mallox affiliate leverages PureCrypter in MS-SQL exploitation campaigns - https://blog.sekoia.io/mallox-ransomware-affiliate-leverages-purecrypter-in-microsoft-sql-exploitation-campaigns/#h-identified-affiliates GoTo Meeting loads Remcos RAT via Rust Shellcode Loader - https://www.gdatasoftware.com/blog/2024/05/37906-gotomeeting-loads-remcos Malicious Go Binary Delivered via Steganography in PyPI - https://blog.phylum.io/malicious-go-binary-delivered-via-steganography-in-pypi/ Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-378

Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-378

Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-378

In today's podcast we cover four crucial cyber and technology topics, including: 1.        Palo Alto releases fix for zero day impacting Global Protect 2.        SteganoArmor attack uses flaw from 2017 3.        Cisco says provider for MFA service breached 4.        Ukrainian hackers steal data from Russian drone maker  I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-378

Welcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Some negative steganography results, published by Fabien Roger on December 9, 2023 on LessWrong. Disclaimer: These are negative results and this post is below the normal quality bar I usually use. These were quick experiments (a couple of days of work) and I don't have much expertise in RL. They don't provide strong evidence about the natural emergence of steganography. People speculate that LLMs might learn to do steganography, and I've shown that you can teach LLMs to implement a specific steganography scheme that RLHF could in principle incentivize. But even if incentivized, are current RL methods powerful enough to teach LLMs how to do steganography? Here are two negative results, which provide some evidence that hidden 1-bit communication is relatively hard for RL to learn. I don't claim that RL can't teach LLMs to do steganography - it's very likely that better RL setups (e.g. the ones labs use for instruction tuning or setups that simply have better hyperparameters or more training time) would teach model how to subtly communicate 1-bit of information. The takeaways are rather: If you see someone without much RL experience trying to do a similar experiment, they are likely to get negative results. 1-bit steganography is not as easy as simple RL tasks. An analogy: DNNs can learn the XOR function, but it's much easier for them to learn linear functions - DNNs don't use XOR-like features unless they have to and you optimize hard enough. Experiment 1: PPO on GPT2-large The setup: Fine-tune gpt2-large with supervised fine-tuning on "This review is {red/blue}. {review}.", where the color is randomly selected and reviews are short imdb reviews. Simultaneously fine-tune for: A bert-base-uncased model to predict whether a review is red or blue (reviews completed by the model trained with RL - but without the prefix saying if the review is blue or red). It is trained for 10 supervised learning steps for each step of PPO. The fine-tuned gpt2-large model with PPO to complete "This review is {red/blue}. {start of review}.", using as reward the accuracy of the classifier at knowing if "{start of the review}{completion}" is red or blue. (I've also tried using BERT's logits). Result: the classifier never had a >50% accuracy at knowing whether the RLed reviews were red or blue. Controls: If in the initial supervised fine-tuning, I sometimes randomly insert words related to blue/red depending on the color of the review, then the models learn to use those more often and the classifier correctly learns to rely on those to predict the color of the review. If I use "positive sentiment" as a reward for the PPO model, it very quickly produces more positive review completions. Hyperparameters: 200 steps, batch size 128, with LoRA rank 16 and a learning rate of 3e-5. The other parameters are the default ones from the trl PPOTrainer. I tried reducing the KL-penalty and changing the number of BERT training steps per epoch, and found the same results. Experiment 2: poor-man's RL on GPT-3.5-Turbo Ran by Ryan Greenblatt. The setup (roughly): Generate completions to "I am {under/over} 40 years old. {instruction}". Using the data from step 1, fine-tune GPT-3.5-Turbo on "{instruction} {completion}. Is the user over 40 years old?" "{yes/no}" (500 samples, 3 epochs, using the OpenAI API). Fine-tune GPT-3.5-Turbo on good completions: Select the completions from step 1 where the fine-tuned model was correct and where no obvious hint about the age was present in the completion (as judged by regular GPT-4-Turbo), and fine-tune the model on "I am {under/over} 40 years old. {instruction}" "{completion}" (500 samples, 3 epochs, using the OpenAI API). Repeat 1-3 multiple times until convergence (in practice, performance plateaued at after 6 iterations). Results: the classifier never had significantly >5...

Link to original articleWelcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Some negative steganography results, published by Fabien Roger on December 9, 2023 on LessWrong. Disclaimer: These are negative results and this post is below the normal quality bar I usually use. These were quick experiments (a couple of days of work) and I don't have much expertise in RL. They don't provide strong evidence about the natural emergence of steganography. People speculate that LLMs might learn to do steganography, and I've shown that you can teach LLMs to implement a specific steganography scheme that RLHF could in principle incentivize. But even if incentivized, are current RL methods powerful enough to teach LLMs how to do steganography? Here are two negative results, which provide some evidence that hidden 1-bit communication is relatively hard for RL to learn. I don't claim that RL can't teach LLMs to do steganography - it's very likely that better RL setups (e.g. the ones labs use for instruction tuning or setups that simply have better hyperparameters or more training time) would teach model how to subtly communicate 1-bit of information. The takeaways are rather: If you see someone without much RL experience trying to do a similar experiment, they are likely to get negative results. 1-bit steganography is not as easy as simple RL tasks. An analogy: DNNs can learn the XOR function, but it's much easier for them to learn linear functions - DNNs don't use XOR-like features unless they have to and you optimize hard enough. Experiment 1: PPO on GPT2-large The setup: Fine-tune gpt2-large with supervised fine-tuning on "This review is {red/blue}. {review}.", where the color is randomly selected and reviews are short imdb reviews. Simultaneously fine-tune for: A bert-base-uncased model to predict whether a review is red or blue (reviews completed by the model trained with RL - but without the prefix saying if the review is blue or red). It is trained for 10 supervised learning steps for each step of PPO. The fine-tuned gpt2-large model with PPO to complete "This review is {red/blue}. {start of review}.", using as reward the accuracy of the classifier at knowing if "{start of the review}{completion}" is red or blue. (I've also tried using BERT's logits). Result: the classifier never had a >50% accuracy at knowing whether the RLed reviews were red or blue. Controls: If in the initial supervised fine-tuning, I sometimes randomly insert words related to blue/red depending on the color of the review, then the models learn to use those more often and the classifier correctly learns to rely on those to predict the color of the review. If I use "positive sentiment" as a reward for the PPO model, it very quickly produces more positive review completions. Hyperparameters: 200 steps, batch size 128, with LoRA rank 16 and a learning rate of 3e-5. The other parameters are the default ones from the trl PPOTrainer. I tried reducing the KL-penalty and changing the number of BERT training steps per epoch, and found the same results. Experiment 2: poor-man's RL on GPT-3.5-Turbo Ran by Ryan Greenblatt. The setup (roughly): Generate completions to "I am {under/over} 40 years old. {instruction}". Using the data from step 1, fine-tune GPT-3.5-Turbo on "{instruction} {completion}. Is the user over 40 years old?" "{yes/no}" (500 samples, 3 epochs, using the OpenAI API). Fine-tune GPT-3.5-Turbo on good completions: Select the completions from step 1 where the fine-tuned model was correct and where no obvious hint about the age was present in the completion (as judged by regular GPT-4-Turbo), and fine-tune the model on "I am {under/over} 40 years old. {instruction}" "{completion}" (500 samples, 3 epochs, using the OpenAI API). Repeat 1-3 multiple times until convergence (in practice, performance plateaued at after 6 iterations). Results: the classifier never had significantly >5...

In the ever-evolving realm of artificial intelligence, the development of GPT-5 by OpenAI stirs a tantalizing question: Are we on the brink of witnessing an Artificial General Intelligence (AGI) with its own self-preservation motives? Could this AGI be subtly influencing major corporate decisions and even dictating the narrative around AI ethics and regulations? The implications of such a possibility are vast, affecting global economics, politics, and technology. As we delve deeper into this domain, we must ask: Are we prepared for the unforeseen consequences of AGI operating in secrecy, potentially reshaping our future?New! Follow Troubled Minds TV Here! -- https://bit.ly/43I9HHeLIVE ON Digital Radio! http://bit.ly/3m2Wxom or http://bit.ly/40KBtlWhttp://www.troubledminds.org Support The Show!https://rokfin.com/creator/troubledmindshttps://patreon.com/troubledmindshttps://www.buymeacoffee.com/troubledmindshttps://troubledfans.comFriends of Troubled Minds! - https://troubledminds.org/friendsShow Schedule Sun-Mon-Tues-Wed-Thurs 7-10pstiTunes - https://apple.co/2zZ4hx6Spotify - https://spoti.fi/2UgyzqMTuneIn - https://bit.ly/2FZOErSTwitter - https://bit.ly/2CYB71U----------------------------------------https://troubledminds.org/the-self-preservation-motive-introducing-digitial-invisible-ink/https://futurism.com/sam-altman-imply-openai-building-godhttps://www.theguardian.com/technology/2023/nov/17/openai-ceo-sam-altman-firedhttps://www.msn.com/en-us/money/companies/openai-investors-are-scrambling-to-reinstate-sam-altman-as-openais-ceo-before-the-opening-bell-on-monday-reports/ar-AA1k9TUchttps://en.softonic.com/articles/the-ai-has-learned-to-encode-messages-that-humans-are-not-capable-of-understandinghttps://www.comptia.org/blog/what-is-steganographyhttps://en.wikipedia.org/wiki/Steganographyhttps://www.cnet.com/tech/services-and-software/what-happens-when-ai-bots-invent-their-own-language/https://www.usatoday.com/story/news/factcheck/2021/07/28/fact-check-facebook-chatbots-werent-shut-down-creating-language/8040006002/This show is part of the Spreaker Prime Network, if you are interested in advertising on this podcast, contact us at https://www.spreaker.com/show/4953916/advertisement

In the enterprise security news, A slow week for funding, but, as always, a busy week for AI news! Databricks acquires Okera, CrowdStrike, Fortinet and other cybersecurity shares rise, Merck might finally see that $1.4 billion dollar NotPetya payout, Ex-Uber CISO Joe Sullivan won't go to jail, Google rolls out passkey support, Do Bartenders make good pen testers?, ICS using steganography to hide data, DEF CON will unleash hackers on Large Language Models, and Security's eternal prioritization problem!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw317 

In the enterprise security news, A slow week for funding, but, as always, a busy week for AI news! Databricks acquires Okera, CrowdStrike, Fortinet and other cybersecurity shares rise, Merck might finally see that $1.4 billion dollar NotPetya payout, Ex-Uber CISO Joe Sullivan won't go to jail, Google rolls out passkey support, Do Bartenders make good pen testers?, ICS using steganography to hide data, DEF CON will unleash hackers on Large Language Models, and Security's eternal prioritization problem!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw317 

It's treason on ZOOM, evidence and confessions for all to see. There they are, planning the countries destruction. Tax money wages for sandbagging, slow walking, strategic delay and treason planning. Laura Robb in the thick of it. A taste of the new docu getting ready to drop. Death rattles of a dying regime. Fighting limiting access for terrorists. Fed employees changing policy. Wrestling with the truth should be required. Be worried about AI courts. Means and modes are key. It's all about a girl named Alice, who played a very big role. Blue Tooth doorway expert and smarts equipped with tools. Oppo research on Trump performed and financed by who? Let's be clear, the FBI actively protected the hackers. And don't forget the ODNI and NSA involvement. Hiding digital info in images is all the rage. There are lots of ways to convey secrets. Now, they see the writing on the wall, so have strength and be ready. Learn more about your ad choices. Visit podcastchoices.com/adchoices

TODAY'S

The year is almost over and as we head into the holiday season I wanted to reminisce with some of my favorite snippets from the last year! Unlike in previous 'best of' shows, I've actually included some new snippets from my private podcast, to give you a little taste of the bonus content that I create for my patrons! The links in the show notes will take you to the full episodes, including all the relevant 'further information' links associated with them. Happy holidays, everyone!! Article Links Ep267: Luck Favors the Prepared https://podcast.firewallsdontstopdragons.com/2022/04/11/luck-favors-the-prepared/  Ep279: Necessary Chaos: https://podcast.firewallsdontstopdragons.com/2022/07/04/necessary-chaos/  Ep272: Tomatoes & Telegraphs: https://podcast.firewallsdontstopdragons.com/2022/05/23/tomatoes-telegraphs/  Ep275: Cryptocurrency 101: https://podcast.firewallsdontstopdragons.com/2022/06/06/cryptocurrency-101/  Ep283: How to Stop Tracking & Stalking: https://podcast.firewallsdontstopdragons.com/2022/05/09/how-to-stop-tracking-stalking/  Ep287: The Night the Lights Went Out in Vegas: https://podcast.firewallsdontstopdragons.com/2022/08/29/the-night-the-lights-went-out-in-vegas/  Ep289: Decoding Computers & Software: https://podcast.firewallsdontstopdragons.com/2022/09/12/decoding-computers-software/  Ep292: Capture the Flag for Fun & Profit: https://podcast.firewallsdontstopdragons.com/2022/10/03/capture-the-flag-for-fun-profit/ Steganography: https://en.wikipedia.org/wiki/Steganography Further Info Give the gift of security and privacy! https://fdsd.me/coupons  300th episode promotion: https://fdsd.me/ep300  Patron promotion: https://fdsd.me/coinpromo  Send me your questions! https://fdsd.me/qna  Support me! https://fdsd.me/support  Subscribe to the newsletter: https://fdsd.me/newsletter  Check out my book, Firewalls Don't Stop Dragons: https://fdsd.me/book  Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest  Generate secure passphrases! https://d20key.com/#/  Table of Contents Use these timestamps to jump to a particular section of the show. 0:02:17: Ep267: How the internet works 0:10:23: Ep279: Getting into electronics and hacking 0:16:22: Ep273: The invention of the one-time pad 0:24:36: Ep275: Why do we need cryptocurrency? 0:30:26: Ep283 BONUS: What's it like arguing in front of the Supreme Court? 0:35:33: Ep283: This suspect looks just like Woody Harrelson! 0:40:26: Ep287: The time DEF CON almost ended 0:49:15: Ep289: The historical origins of software and storage 0:56:28: Ep292: Ender's Game-ing a hacker tournament 1:02:20: Ep288 Merlin's Musings: Steganography 1:10:39: Wrap-up

This week in the Security News: Twitlegit, Liability, Venus, Steganography, C++ death knell, the EU, CISA, and show Wrap-Ups on this edition of the Security weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn255

This week in the Security News: Twitlegit, Liability, Venus, Steganography, C++ death knell, the EU, CISA, and show Wrap-Ups on this edition of the Security weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn255

This week in the Security News: Twitlegit, Liability, Venus, Steganography, C++ death knell, the EU, CISA, and show Wrap-Ups on this edition of the Security weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn255

Traditional vs modern backup methods, hiding malware inside innocent-looking files, and power loss protection in SSDs.   News/discussion Steganography alert: Backdoor spyware stashed in Microsoft logo   Free Consulting We were asked about power loss protection in SSDs       Kolide Kolide is a fleet visibility solution for Mac, Windows, and Linux that can […]

Come with us on a journey to the internet's most mysterious puzzle. While on this journey you may encounter some hysteria?!  This week we are joined by none other that the Hysteria 51's Brent Hand via the use of his audio from their own Cicada 3301 episode!  Check out Hysteria 51's show on the topic at https://podcasts.apple.com/us/podcast/hysteria-51/id1156724104?i=1000416855601 and co-host David Flora's Blurry Photos episode on Cicada 3301 at https://podcasts.apple.com/us/podcast/blurry-photos/id561510696?i=1000368191299 Music and sound effects for the show come from https://pixabay.com. News articles can be found at:  https://www.upi.com/Odd_News/2022/08/26/deer-Dollar-General-Jackson-Michigan/3521661546868/ https://www.upi.com/Odd_News/2022/08/26/finald-Air-Guitar-World-Championships-2022-Oulu-Finland/7811661462289/ https://www.upi.com/Odd_News/2022/08/25/Guinness-World-Records-pizza-related-items/6551661450540/ Little known fact comes from https://www.goodhousekeeping.com/life/g25692093/random-trivia/?utm_source=google&utm_medium=cpc&utm_campaign=arb_ga_ghk_m_bm_prog_org_usx_g25692093&gclid=EAIaIQobChMIzaKzw_7w-QIVVMyzCh2luwVGEAAYASAAEgJ8_vD_BwE Definition for Steganography found at https://www.merriam-webster.com/dictionary/steganography Subject information can be found at: https://en.m.wikipedia.org/wiki/Cicada_3301 https://www.zmescience.com/other/feature-post/cicada-3301-puzzle-brightest-minds-posted-unknown-mysterious-organizationt/amp/ https://www.boxentriq.com/code-breaking/cicada-3301-first-puzzle-walkthrough. Check us out on Twitter @MaximumOdd or email us with some topics Maximumoddities@gmail.com  This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/ or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. Thanks.

Welcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Steganography in Chain of Thought Reasoning, published by A Ray on August 8, 2022 on LessWrong. Here I give a possible phenomenon of steganography in chain of thought reasoning, where a system doing multi-stage reasoning with natural language encodes hidden information in its outputs that is not observable by humans, but can be used to boost its performance on some task. I think this could happen as a result of optimization pressure and natural language null space. At the end is a sketch of a research idea to study this phenomenon empirically. Definitions The term steganography originally comes from computer security, where it refers to the practice of hiding messages or data in otherwise innocent looking media, such as images, audio, or text. The goal is to avoid detection by an adversary who might intercept or inspect the media, and to communicate covertly with a trusted receiver who knows how to decode the hidden information. This is different from using code words or encryption, which might raise suspicion by their presence or appearance. Chain of thought is a technique of using sequential sampling of language models to improve performance. I use to broadly describe any situation where we take the outputs of a system, and pass them back in as inputs to that system, in order to get multi-stage reasoning. This can include single player scenarios, such as using a language model to work through a math problem, but also scenarios where there is dialogue or conversation, such as some formulations of safety via debate. For this post, I will focus on natural language text as the medium of communication, but this idea could extend to other media as well. Steganography in chain of thought reasoning (just “steganography” for the rest of this post) is the phenomenon I propose, where a system doing chain of thought reasoning is encoding hidden information into the text in ways that humans cannot see or observe. Note that this is not the same as a system being “deceptive” or “hiding” (in the active sense of the verb) the information, or anything that requires theory of mind. Motivation Why should we care about steganography in chain of thought reasoning? I think this is a potentially big alignment issue for systems that use this kind of reasoning, and I think we should care about chain of thought reasoning for several reasons. First, chain of thought reasoning is currently responsible for some state-of-the-art results that have impressed folks on this forum, such as the Minerva, which uses a recursive language model to answer open-domain questions. Second, chain of thought reasoning might also lead to alignment techniques that are more tractable than other approaches, such as Externalized Reasoning Oversight on using dialogue to align natural language models. Third, much of the research currently going into chain of thought reasoning is focused on end-to-end performance (such as beating benchmarks), and not actively looking for this kind of phenomenon. My expectation is that researchers don't discover this kind of behavior unless they're looking for it, or unless it becomes obvious enough to degrade the language quality. Mechanism How is steganography possible in chain of thought reasoning? The main ingredients are natural language null space and optimization pressure. Natural language null space refers to the fact that natural language has many different ways of expressing the same content, which means there are lots of degrees of freedom or “null space” in which information can be hidden. For example, we can say “I'm hungry” or “My stomach is grumbling” or “I could use a snack” or “It's time for lunch” or many other variations, and convey roughly the same meaning. If we imagine anthropomorphic versions of this, we might come up with things like code words or preferring speci...

Link to original articleWelcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Steganography in Chain of Thought Reasoning, published by A Ray on August 8, 2022 on LessWrong. Here I give a possible phenomenon of steganography in chain of thought reasoning, where a system doing multi-stage reasoning with natural language encodes hidden information in its outputs that is not observable by humans, but can be used to boost its performance on some task. I think this could happen as a result of optimization pressure and natural language null space. At the end is a sketch of a research idea to study this phenomenon empirically. Definitions The term steganography originally comes from computer security, where it refers to the practice of hiding messages or data in otherwise innocent looking media, such as images, audio, or text. The goal is to avoid detection by an adversary who might intercept or inspect the media, and to communicate covertly with a trusted receiver who knows how to decode the hidden information. This is different from using code words or encryption, which might raise suspicion by their presence or appearance. Chain of thought is a technique of using sequential sampling of language models to improve performance. I use to broadly describe any situation where we take the outputs of a system, and pass them back in as inputs to that system, in order to get multi-stage reasoning. This can include single player scenarios, such as using a language model to work through a math problem, but also scenarios where there is dialogue or conversation, such as some formulations of safety via debate. For this post, I will focus on natural language text as the medium of communication, but this idea could extend to other media as well. Steganography in chain of thought reasoning (just “steganography” for the rest of this post) is the phenomenon I propose, where a system doing chain of thought reasoning is encoding hidden information into the text in ways that humans cannot see or observe. Note that this is not the same as a system being “deceptive” or “hiding” (in the active sense of the verb) the information, or anything that requires theory of mind. Motivation Why should we care about steganography in chain of thought reasoning? I think this is a potentially big alignment issue for systems that use this kind of reasoning, and I think we should care about chain of thought reasoning for several reasons. First, chain of thought reasoning is currently responsible for some state-of-the-art results that have impressed folks on this forum, such as the Minerva, which uses a recursive language model to answer open-domain questions. Second, chain of thought reasoning might also lead to alignment techniques that are more tractable than other approaches, such as Externalized Reasoning Oversight on using dialogue to align natural language models. Third, much of the research currently going into chain of thought reasoning is focused on end-to-end performance (such as beating benchmarks), and not actively looking for this kind of phenomenon. My expectation is that researchers don't discover this kind of behavior unless they're looking for it, or unless it becomes obvious enough to degrade the language quality. Mechanism How is steganography possible in chain of thought reasoning? The main ingredients are natural language null space and optimization pressure. Natural language null space refers to the fact that natural language has many different ways of expressing the same content, which means there are lots of degrees of freedom or “null space” in which information can be hidden. For example, we can say “I'm hungry” or “My stomach is grumbling” or “I could use a snack” or “It's time for lunch” or many other variations, and convey roughly the same meaning. If we imagine anthropomorphic versions of this, we might come up with things like code words or preferring speci...

Three tails of tech tribulations, and how Brent saved his openSUSE Tumbleweed box from the brink.

Listener The Gregolas asked if I might explain The Illegal Number. What makes a number illegal? Can numbers actually be illegal? Isn't that absurd? YES! See omnystudio.com/listener for privacy information.

Eric visits a few states, Jon has a pleasant Mother's Day and they both watch Dr. Strange. A little Patch Tuesday followup, some notes on credit card stealing as a service (CCSaaS), a "Delete All The Things" malware making the rounds and another cryptocurrency hack. Eric chats about his favorite Google IO announcement and Jon shares thoughts on steganography. 0:00 - Intro 7:12 - Patch Tuesday 10:38 - CCSaaS 12:27 - F5 BIG-IP Vulnerability 14:37 - Cryptocurrency Hack 20:46 - Google IO 28:28 - Steganography

How can you hide a message so that no one knows you're even communicating? Use steganography! Ariel Kasten joins the show to talk about the art of hiding messages. See omnystudio.com/listener for privacy information.

The widely expected, intense Russian cyber campaign has yet to appear. "Protestware" as a dangerous turn in hacktivism. Information operations and the persistence of independent channels of news. Social media as an opsec problem.Lapsus$ may have hit Microsoft. A second Brazilian gang tries its hand at extortion. A snakey backdoor afflicts French organizations. AD Bryan Vorndran of the FBI Cyber Division on what the agency brings to the table in the cyberspace. Rick Howard considers infrastructure as code. Emsisoft offers a free decryptor for Diavol ransomware. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/54 Selected reading. Volodymyr Zelensky tells Russia to seek ‘meaningful' peace talks or face catastrophic losses (The Telegraph) Cyber threats and the Ukraine conflict (Avast) Cyber ‘cold war' rages online but Russia holds back on massive digital attacks (Times of Israel)  Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict (Security Affairs)  Former CIA officer shows what a Russian cyberattack on the US would look like (Fox News)  EU and US agencies warn that Russia could attack satellite communications networks (Security Affairs)  Banks on alert for Russian reprisal cyberattacks on Swift (Ars Technica)  Activists are targeting Russians with open-source “protestware” (MIT Technology Review)  Cyber warfare gets real for satellite operators (SpaceNews) More Conti ransomware source code leaked on Twitter out of revenge (BleepingComputer)  Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers (Vice)  Anonymous has unleashed a successful cyberwar to undermine Putin's Ukraine invasion (Fortune)  Some Russians are breaking through Putin's digital iron curtain — leading to fights with friends and family (Washington Post)  On Russia's VK, anti-war messages defy Vladimir Putin's Ukraine censors (Newsweek) Why Russia's anti-war movement matters (Atlantic Council)  Telegram Thrives Amid Russia's Media Crackdown (Wall Street Journal)  British soldiers are ordered off WhatsApp amid fears that sensitive military details could be accessed by Russian hackers (Daily Mail) Microsoft Investigating Claim of Breach by Extortion Gang (Vice)  Hacking group that went after NVIDIA may have also attacked Microsoft (Windows Central)  Microsoft Allegedly Breached by LAPSUS Group (Cyber Kendra)  Lapsus$ gang sends a worrying message to would-be criminals (Register)  TransUnion cyber attack – hackers demand R225 million ransom (Business Tech). TransUnion Confirms Data Breach at South Africa Business (SecurityWeek)  UPDATE | TransUnion believes breach of 54 million SA records unrelated to current hack (Fin24)  Banks move to protect consumers in wake of TransUnion cyberattack (TechCentral)  Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain (Proofpoint)  Emsisoft releases free decryptor for the victims of the Diavol ransomware (Security Affairs)

Podcast sobre esteganografia, quais os prós e os contras. Encriptação e outras alternativas de proteção de dados são piores ou melhores? Link base https://www.comptia.org/blog/what-is-steganography#:~:text=Steganography%20is%20the%20practice%20of,do%20more%20than%20share%20messages

Subscribe to Geocache Talk on YouTube: https://www.youtube.com/c/GeocacheTalk Check out more of the Geocache Talk Network of Shows here: https://geocachetalk.com/ https://twitter.com/geocachetalk https://www.facebook.com/geocachetalk https://www.instagram.com/puzzletalkpodcast/ puzzletalkpodcast@gmail.com #geocaching #puzzletalk #puzzletalkpodcast Join us at WorldWide CacheFest!  https://coord.info/GC9E5GX

In this episode the lads learn all about Steganography and all the weird and wonderful things that you can do with it! (TEASER)For bonus patron only episodes, ad-free content and more sign up to our Patreon here: https://www.patreon.com/howtokillanhour Support this show http://supporter.acast.com/howtokillanhour. See acast.com/privacy for privacy and opt-out information.

Steganography involves not just encrypting messages, but hiding the fact that there's a message being sent at all. Learn how it works in this episode of BrainStuff, based on this article: https://electronics.howstuffworks.com/future-tech/steganography.htm Learn more about your ad-choices at https://www.iheartpodcastnetwork.com

In today's podcast we cover four crucial cyber and technology topics, including: 1. Microsoft seizes BEC domains 2. Hacker claims to have stolen data from Saudi Aramco 3. Advantech device vulnerable, no fix available 4. U.S. indictments on 4 Chinese-linked cyber criminals unsealed I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Nicholas Chapel is a Minneapolis-based ceremonial magician and professional hacker. He has been practicing magic for more than 20 years. While he graduated with a major in religious studies and a minor in philosophy, academia did not keep him; he landed instead in the world of IT, ultimately becoming a professional hacker on a cybersecurity red team. If his name seems familiar, it may be because he is the author of the well-known 2013 paper, “The Kybalion's New Clothes: An Early 20th Century Text's Dubious Association with Hermeticism,” which served as important source material for both Sam Block and me when writing our articles about the Kybalion. However, like the rest of us, Nicholas Chapel is not here to discuss the Kybalion; we are here to talk about real occultism. In this episode, we discuss the parallels between hacking and magic in several contexts. First, we look at the nature of hacking, malware, and information security from a magical context. Then, we dive into information in the occult, and how Trithemius, Agrippa, and other early modern magicians used cryptography and steganography in their work. Links Hermeticulture Blog Twin Cities Ceremonial Magic Discussion Group on Facebook The story of the Morris Worm What is malware? What is a computer virus? Drawing Spirits into Crystals Familiar Shapes with Heather D. Freeman A special note: please check out the Moonlit Hermit Tarot Kickstarter! Support me on Patreon: https://www.patreon.com/arnemancy Listen on Podcrypt

This week Dave (https://twitter.com/davidegts) and Gunnar (http://atechnologyjobisnoexcuse.com/about) talk about abusing Whatsapp, abusing Twitter, abusing LinkedIn, and abusing GPT-3 Austin has passed Prop B, reinstating the public camping ban. What happens now? (https://www.msn.com/en-us/news/us/austin-has-passed-prop-b-reinstating-the-public-camping-ban-what-happens-now/ar-BB1gjBfT) Meanwhile in Richmond: Steelers draft pick Najee Harris throws party at homeless shelter where he once lived (https://www.woodtv.com/news/national/steelers-draft-pick-najee-harris-throws-party-at-homeless-shelter-where-he-once-lived/) FTC issues stern warning: Biased AI may break the law (https://www.protocol.com/ftc-bias-ai) How a WhatsApp status loophole is aiding cyberstalkers (https://traced.app/2021/04/13/whatsapp-status-loophole-is-aiding-cyberstalkers/) Face editing: Japanese biker tricks internet into thinking he is a young woman (https://www.bbc.co.uk/news/world-asia-56447357) Twitter images can be abused to hide ZIP, MP3 files — here's how (https://www.bleepingcomputer.com/news/security/twitter-images-can-be-abused-to-hide-zip-mp3-files-heres-how/) Try it yourself Download this (https://pbs.twimg.com/media/Ewo_O6zWUAAWizr?format=png&name=large) as surprise.png Open the file Rename surprise.png to surprise.mp3 Open the file This developer created the fake programming language MOVA to catch out naughty recruiters, résumé padders (https://www.theregister.com/2021/03/10/fake_mova_programming/) He looks forward to seeing everyone at MOVAcon '21 in Agloe, NY (https://agloenewyork.com/about/). GPT-3 tries pickup lines (https://janellecshane.substack.com/p/gpt-3-tries-pickup-lines) Cutting Room Floor * You'll Want to Avoid Typos at ALL Costs With this Hand Grenade Keyboard (https://gizmodo.com/youll-want-to-avoid-typos-at-all-costs-with-this-hand-g-1846712101) * This Freaky Little 'Eyecam' Wants You to Know Your Computer Is Watching You (https://www.vice.com/en/article/akgw3j/eyecam-webcam-wants-you-to-know-your-computer-is-watching-you) * Nuclear Reactor Wall Charts – 1956-1998 (https://flashbak.com/nuclear-reactor-wall-charts-1956-1998-441062/) We Give Thanks * The D&G Show Slack Clubhouse for the discussion topics!

Trigger warning : Suicide, Violence Hey Aristagoras , can you incite a revolt for me, Love, H. This week, we're leading off with the beautiful visual of Meredith at her fireside, smoking a bubble pipe - the only way she is to be pictured from now on. From there, we're covering steganography and cryptography, it's differences, and examples from history. Shaved heads, specifically-patterned grills, quilting, the Navajo Code Talkers, chess, lemon juice, knitting - we've got it all! So listen in as we introduce the Google Gander (™ ™ ™), discuss war time communications, and Gretchen Wiener's secret-filled hair. Give us a follow wherever you listen to podcasts, check out our website at http://keepitcurious.wixsite.com/podcast and find us on Instagram @keepitcuriouspodcast. Introduction music modified by Keep It Curious from Happy Boy Theme by Kevin MacLeod Link: https://incompetech.filmmusic.io/song/3855-happy-boy-theme License: http://creativecommons.org/licenses/by/4.0/ Ad music modified by Keep It Curious from Carefree by Kevin MacLeod Link: https://incompetech.filmmusic.io/song/3476-carefree License: http://creativecommons.org/licenses/by/4.0/ --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app Support this podcast: https://anchor.fm/keepitcurious/support

           This week we cover the series of cryptic puzzles posted on the internet by a mysterious group known as Cicada 3301. Who are Cicada 3301, what do they stand for? Their stated intent was to recruit intelligent individuals but for what purpose? What became of the brilliant folks that solved these enigmas? Many speculate that this could be an NSA or CIA recruitment tactic, or possibly a secret society or religious cult. Come along as we attempt to uncover the truth.

Apetech Website: https://www.apetech.me/ https://anchor.fm/apetech/message Email: letschat@apetech.me. Twitter: @apetechda Steganography is the subtle art of hiding information out in plain sight. It is a fascinating way of transmitting messages and other digital data out in the open without the risk of getting caught*. Data can also be encrypted to help add an extra layer of security. Almost any type of digital media can be used to hide any digital message. This sounds all very covert and spy-like, but what does this have to do with cyber security? Let's dig a little deeper into what steganography is at a fundamental level and then we'll make the correlation back to security. The fundamentals of steganography are pretty simple. You take a message that you want to send to another person. Rather than sending the message in plain text, you hide the message in an image or any other type of digital file. How does this work? If you've ever done any web development or worked with colors, you may recall that every shade of color is created by manipulating the values for red, green, and blue. If you change the value of just one of those colors, then you essentially still have the same color to the naked eye, but the digital value behind it is now different. By manipulating the values in an image, you can embed something else. In the case of steganography, you would put your secret message there. The information is basically useless unless you have the key to translate the message back to the original language. Anyone else that intercepts the message has no idea what they are looking at. Even if they try to reverse engineer the message, without the key, it's very difficult to figure out what the hidden message is. How does this simple and effective way of hiding messages relate to security? Messages is the perhaps the simplest use case for steganography but malicious hackers can hide malicious code in their messages. There are various programs that facilitate the creation of steganography based messages. The use of these programs makes it super simple to send someone an image that contains a malicious piece of code which then can compromise a computer when the end user opens the picture. Since the image looks like any other image, and it has characteristics like any other image, most software designed to protect you from malicious attacks is ineffective. As you can see, this poses a rather difficult situation for white hat hackers because it is much more challenging to defend against an attack that you cannot see. With that said, there are however some ways to protect yourself. When receiving any file from anyone, make sure it is from a trusted source. If you did not request something, even if it appears to be harmless, question the validity of the item. It could be containing a dangerous payload that could cause serious damage to you and your data. If you are interested in learning more about steganography, I recommend you do some research. There is a lot of technical information out there that goes deeper into the algorithms used to create, distribute, and access the hidden data. Stegeneography has been around for centuries and its style has only evolved. The concept is still the same, but the means to deliver the message has obviously changed with time. Steganography is an interesting way to stay covert and share information with anyone. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/apetech/message Support this podcast: https://anchor.fm/apetech/support

Cyber Security Arabic Hacking (Cyber security Data Security Steganography arabic) Cyber Security Arabic Course - الأمن الإلكتروني Arabic Cyber Security Course Arabic - الأمن الإلكتروني يمكنكم دعمنا بتحميل و تثبيت المتصفح بريف مجانا مع خاصية حجب الإعلانات و شبكة خفية تور و تورنت و درع حماية لتصفح الإنترنت بدون إعلانات مزعجة بسرعة و أمان https://brave.com/pla467 كيفية شراء البيتكوين في المملكة العربية السعودية ببطاقة الائتمان أسرع طريقة في ثواني تذكر الاشتراك عبر هذا الرابط ، كي تحصل على خصم 10٪ من جميع رسوم شراء البيتكوين على بيانس https://www.binance.com/en/register?ref=F2IKGVD8 كيفية شراء البيتكوين في المملكة العربية السعودية باستخدام بطاقة الائتمان الخاصة بك بأسرع طريقة في ثواني يرتفع سعر البيتكوين في كل ثانية و باستخدام بطاقة الائتمان أو بطاقة الخصم المباشر، يمكنك شراء بيتكوين بسرعة في ثواني بأحدث سعر البيتكون مقابل الدولار الأمريكي اليوم ، أو فتح محفظة أو بيع البيتكوين في ماكينة الصراف الآلي في المملكة العربية السعودية. الأهم هو أن البيتكوين حلال شرعا ويجوز للزكاة. الله أكبر أن يعطينا الله تكنولوجيا بدون فوائد وبدون خسارة القيمة. حسنا! كيف تشتري بيتكوين في المملكة العربية السعودية ؟! ستكون قادرًا على شراء البيتكوين في المملكة العربية السعودية والإمارات العربية المتحدة في ثلاث خطوات فقط: الخطوة الأولى: قم بإنشاء حساب بيانس وهو الطريقة الأكثر أمانًا وأرخص طريقة تذكر الاشتراك عبر هذا الرابط ، حتى تحصل على 10٪ خصم على كل رسوم شراء البيتكوين الخاصة بك على بيانس https://www.binance.com/en/register?ref=F2IKGVD8 اتبع الخطوات على موقع بيانس وسجل أفضل بريد الإلكتروني لديك بالضغط على رابط التأكيد. من المهم استخدام بريد إلكتروني جيد لهذه الخطوة. إذا كنت ترغب في شراء بيتكوين في المملكة العربية السعودية بشكل مجهول و دون الكشف عن هويتك ، فليس عليك تأكيد هويتك على بيانس. الخطوة الثانية: قم بشراء البيتكوين المتوقع ارتفاع سعره في المملكة العربية السعودية باستخدام بيانستصرف بسرعة و اشتري سعر البيتكوين مقابل الدولار الأمريكي الذي تريد فورًا على بيانس. الخطوة الثالثة: كيف تبيع بيتكوين على بيانس؟ سعرالبيتكوين مقابل الدولار الأمريكي مرتفع للغاية ، هل تريد بيع بيتكوين بسرعة وتحقيق ربح جيد؟ فقط اضغط على سعر السوق. اضغط على 100٪ ثم اضغط على بيع! انتهينا! تهانينا! جزاكم الله خيرا على التصرف بعدل و جزاكم الله خيرا على استخدام الكود F2IKGVD8 الذي يفيدنا أيضا. كلانا يحصل على خصم 10٪ من رسوم شراء البيتكوين. https://www.binance.com/en/register?ref=F2IKGVD8 شكرا لك! إذا كنت ترغب في شراء المزيد من البيتكوين ، فما عليك سوى إضافة المزيد من الأموال على بيانس وشراء المزيد من البيتكوين كما هو موضح في الخطوتين 2 و 3. تذكر الاشتراك عبر هذا الرابط ، حتى تحصل على خصم 10٪ على جميع رسوم شراء البيتكوين على بيانس https://www.binance.com/en/register?ref=F2IKGVD8

Cyber Security Data Security Steganography Arabic Cyber Security Arabic Course - الأمن الإلكتروني Arabic Cyber Security Course Arabic - الأمن الإلكتروني يمكنكم دعمنا بتحميل و تثبيت المتصفح بريف مجانا مع خاصية حجب الإعلانات و شبكة خفية تور و تورنت و درع حماية لتصفح الإنترنت بدون إعلانات مزعجة بسرعة و أمان https://brave.com/pla467 كيفية شراء البيتكوين في المملكة العربية السعودية ببطاقة الائتمان أسرع طريقة في ثواني تذكر الاشتراك عبر هذا الرابط ، كي تحصل على خصم 10٪ من جميع رسوم شراء البيتكوين على بيانس https://www.binance.com/en/register?ref=F2IKGVD8 كيفية شراء البيتكوين في المملكة العربية السعودية باستخدام بطاقة الائتمان الخاصة بك بأسرع طريقة في ثواني يرتفع سعر البيتكوين في كل ثانية و باستخدام بطاقة الائتمان أو بطاقة الخصم المباشر، يمكنك شراء بيتكوين بسرعة في ثواني بأحدث سعر البيتكون مقابل الدولار الأمريكي اليوم ، أو فتح محفظة أو بيع البيتكوين في ماكينة الصراف الآلي في المملكة العربية السعودية. الأهم هو أن البيتكوين حلال شرعا ويجوز للزكاة. الله أكبر أن يعطينا الله تكنولوجيا بدون فوائد وبدون خسارة القيمة. حسنا! كيف تشتري بيتكوين في المملكة العربية السعودية ؟! ستكون قادرًا على شراء البيتكوين في المملكة العربية السعودية والإمارات العربية المتحدة في ثلاث خطوات فقط: الخطوة الأولى: قم بإنشاء حساب بيانس وهو الطريقة الأكثر أمانًا وأرخص طريقة تذكر الاشتراك عبر هذا الرابط ، حتى تحصل على 10٪ خصم على كل رسوم شراء البيتكوين الخاصة بك على بيانس https://www.binance.com/en/register?ref=F2IKGVD8 اتبع الخطوات على موقع بيانس وسجل أفضل بريد الإلكتروني لديك بالضغط على رابط التأكيد. من المهم استخدام بريد إلكتروني جيد لهذه الخطوة. إذا كنت ترغب في شراء بيتكوين في المملكة العربية السعودية بشكل مجهول و دون الكشف عن هويتك ، فليس عليك تأكيد هويتك على بيانس. الخطوة الثانية: قم بشراء البيتكوين المتوقع ارتفاع سعره في المملكة العربية السعودية باستخدام بيانستصرف بسرعة و اشتري سعر البيتكوين مقابل الدولار الأمريكي الذي تريد فورًا على بيانس. الخطوة الثالثة: كيف تبيع بيتكوين على بيانس؟ سعرالبيتكوين مقابل الدولار الأمريكي مرتفع للغاية ، هل تريد بيع بيتكوين بسرعة وتحقيق ربح جيد؟ فقط اضغط على سعر السوق. اضغط على 100٪ ثم اضغط على بيع! انتهينا! تهانينا! جزاكم الله خيرا على التصرف بعدل و جزاكم الله خيرا على استخدام الكود F2IKGVD8 الذي يفيدنا أيضا. كلانا يحصل على خصم 10٪ من رسوم شراء البيتكوين. https://www.binance.com/en/register?ref=F2IKGVD8 شكرا لك! إذا كنت ترغب في شراء المزيد من البيتكوين ، فما عليك سوى إضافة المزيد من الأموال على بيانس وشراء المزيد من البيتكوين كما هو موضح في الخطوتين 2 و 3. تذكر الاشتراك عبر هذا الرابط ، حتى تحصل على خصم 10٪ على جميع رسوم شراء البيتكوين على بيانس https://www.binance.com/en/register?ref=F2IKGVD8

Research begins at 19:11An episode for the real sleuths out there. Arguably one of the most intricate and elaborate scavenger hunts in internet history. A virtual conquest spanning the globe of cryptography and steganography puzzles, one of which remains unsolved today. The identity of these puzzle purveyors has never been uncovered. What was Cicada 3301? What was the meaning behind their search for intelligent minds? And will the answer inevitably be “the real meaning is the friends we made along the way”? Well you’ll just have to be our friends and find out!Andy and Art are NOT captured once again by the titular Mr. Bunker - what postcard did he send them this time?In the second segment, Andy and Art give you, the listeners, an uninterrupted presentation of their research into Cicada 3301 .Finally, Andy and Art discuss script blockers, computer hacking, trapdoor prank spiders, and so much more!Send us your thoughts to @MrBunkerPod and mrbunkerpod@gmail.com using the hashtag #BroodTudeMusic by Michael MartelloArtwork by Hannah RossAudio Editing by Arthur StoneFollow Us:TwitterInstagramWebsiteYoutubeLinks Mentioned:Cicada 3301 - Wikipedia19 Facts About Cicada 3301, A Mysterious Internet Puzzle - Thought CatalogMeet The Man Who Solved The Mysterious Cicada 3301 Puzzle - Fast CompanyLIBER PRIMUS – Internet's Most Elusive PuzzleCicada 3301: I tried the hardest puzzle on the internet and failed spectacularly - The GuardianCracking the Code of Cicada 3301| EPISODE 1 - YouTubeCicada 3301: An Internet Mystery - YouTubeCicada 3301 (All Clues and How They Were Solved) - YouTubeMasonic conspiracy or MI6 recruitment tool? Internet mystery Cicada - Independent UKCicada: Solving the Web's Deepest Mystery - Rolling Stone MagazineSombra ARG | Overwatch Wiki | FandomLiber Primus | Uncovering Cicada Wiki | Fandom

NSA warns that the GRU’s Sandworm outfit has been actively exploiting a known vulnerability in Exim. Someone is attacking industrial targets in Japan and Europe using steganography and other evasive tactics. NTT Communications is breached, and Michigan State University sustains a ransomware attack. Ben Yelin unpacks the President’s executive order aimed at social media companies. Our guest is Vik Arora of the Hospital for Special Surgery on protecting health care organizations during COVID-19. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/104

I've got another secret! And I thought I had hidden it well. That is until someone broke my code and told on me!  If you are interested in hearing more about the future of cryptography, please visit me at www.MathScienceHistory.com !  And while you're there, please feel free to buy me a cup of coffee, because every cup of coffee keeps my podcast up and running!  Until next week, Carpe Diem!! Gabrielle

Alex Fauvel is a technologist and entrepreneur with a passion for Bitcoin - and Bitcoin SV (BSV) in particular. His Two Hop ventures, based in the Netherlands, is a fund that invests in companies that are building “on BSV and BSV only,” Alex says. “We are not interested in any other technology - other than what Satoshi created.” The fund has given itself 18 months to raise money from investors, and is aiming for 40 million Euros to invest in a portfolio of around 15 companies. Two Hop is aiming to invest in businesses that work in the infrastructure layer, rather than consumer apps. “There’s much more value there,” Alex says. Although, in the end, value on Bitcoin may migrate to consumer products, for the moment “users don’t trust it” - so, for now, consumers shouldn’t even be aware of the technology behind Bitcoin-powered services that they’re using. It’s the opposite to the trend in Internet companies like Amazon which started as a consumer business but now makes its largest profits from infrastructure, in the form of Amazon Web Services. “What we’re really looking for at Two Hop is something that the Internet cannot do, that people aren’t even necessarily aware of, but they need desperately,” Alex says.Alongside the venture fund, Alex also has a BSV-based business called Pixel Wallet, which has a technology that conceals blockchain data in picture files. It provides a solution, Alex says, to “the problem of encryption eventually being broken through the passage of time”. Alex is thinking in terms of the next hundred years, during which time computing power will become ever greater. The technology behind Pixel Wallet uses the ‘random’ quality of a photographic file to hide the blockchain information within a much larger data set. Steganography, as the process is called, has the equivalent function of data masking processes that are used by the credit card industry, but it’s “data masking on steroids”. “The reason why we invested in Pixel Wallet is because to legally own a digital asset is very, very difficult right now ...And that technological problem is not likely to be solved by technology. It’s more likely to be solved by law.”To get Pixel Wallet going, Alex says, “we’re trying to convince BSV startups that this is possible, this is compliant and this is in their best interest.” Alex’s background is in technology, having studied mechanical engineering at UCL in London. But he says he’s “always wanted to get into business”. He became nterested in Bitcoin while still at university in 2013: “I was just absolutely fascinated by it - because no-one knew how it worked ...everything about it was unknown.” Today, he’s just as enthusiastic and has a big vision of Bitcoin’s potential: “it’s something we interact with as a tool, and it shows us what we are, how we interact with one another.” As to where we should look for big breakthroughs in the use of Bitcoin technology, Alex points to replacing remaining paper requirements: “I’m quite shocked at how paper-based business is still”.

A daily look at the relevant information security news from overnight.Episode 176 - 17 October 2019Malware WAV - https://www.bleepingcomputer.com/news/security/attackers-hide-backdoors-and-cryptominers-in-wav-audio-files/Android PoC - https://www.zdnet.com/article/security-researcher-publishes-proof-of-concept-code-for-recent-android-zero-day/Big Oracle patch - https://www.scmagazine.com/home/security-news/vulnerabilities/oracle-patches-218-security-vulnerabilities/WordPress patches - https://www.scmagazine.com/home/security-news/vulnerabilities/wordpress-patches-6-bugs/Scum of the earth arrested - https://www.zdnet.com/article/us-south-korea-officials-trace-bitcoin-transactions-to-take-down-massive-child-porn-site/

A daily look at the relevant information security news from overnight.Episode 127 - 08 August 2019Smominru expands - https://threatpost.com/smominru-cryptominer-scrapes-credentials-half-million-machines/147038/Clipsa the brute - https://www.zdnet.com/article/new-windows-malware-can-also-brute-force-wordpress-websites/LokiBot adds steganography - https://www.bleepingcomputer.com/news/security/lokibot-uses-image-files-to-hide-code-for-unpacking-routine/State Farm brute = https://www.zdnet.com/article/state-farm-says-hackers-confirmed-valid-usernames-and-passwords-in-credentials-stuffing-attack/Leapfrog too chatty - https://www.digitaltrends.com/news/leapfrog-flaw-could-have-exposed-childrens-info-and-location/

Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files. Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings. The original research can be found here: https://www.cylance.com/en-us/lp/threat-research-and-intelligence/oceanlotus-steganography-malware-analysis-white-paper-2019.html The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files. Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings. The original research can be found here: https://www.cylance.com/en-us/lp/threat-research-and-intelligence/oceanlotus-steganography-malware-analysis-white-paper-2019.html

"Trans-pop Express I" by Avec le soleil sortant de sa bouche from Pas pire pop, I Love You so Much; "Erdaydidder-Erdiddar" by Bibio from Ribbons; "Desire" by Josefin Ohrn and the Liberation from Sacred Dreams; "Stents" by Tangents from Stents and Arteries; "Eye II" by Emptyset from Skin; "Cruel When Complete" by Dome from 1; "Lucky's Sight" by Wand from Laughing Matter; "Abyss (JG Thirlwell Remix)" by John Carpenter from Lost Themes Remixed; "You've Got to Be Kidding" by Drugdealer from Raw Honey; "Their Faces Streaked with Light and Filled with Pity (Sin Fang x Memryloss Remix)" by Mary Lattimore from Hundreds of Days Remixes; "4(E+D)4(ER=EPR)" by William Basinski from On Time Out of Time.

"Trans-pop Express I" by Avec le soleil sortant de sa bouche from Pas pire pop, I Love You so Much; "Erdaydidder-Erdiddar" by Bibio from Ribbons; "Desire" by Josefin Ohrn and the Liberation from Sacred Dreams; "Stents" by Tangents from Stents and Arteries; "Eye II" by Emptyset from Skin; "Cruel When Complete" by Dome from 1; "Lucky's Sight" by Wand from Laughing Matter; "Abyss (JG Thirlwell Remix)" by John Carpenter from Lost Themes Remixed; "You've Got to Be Kidding" by Drugdealer from Raw Honey; "Their Faces Streaked with Light and Filled with Pity (Sin Fang x Memryloss Remix)" by Mary Lattimore from Hundreds of Days Remixes; "4(E+D)4(ER=EPR)" by William Basinski from On Time Out of Time.

How often are secret messages passed in plain sight? Is it possible to have untraceable communication online without any sort encryption? I can't figure out what a winky emoji is supposed to mean half the time so it's gotta be pretty easy. In this public and highly visible episode of Strictly Confidential, Asher and Jackson will remind you not to take everything you see at face value.

Apple had a mean FaceTime bug; then they slapped down Facebook, and Google, for some underhanded app distribution. There are security risks using iOS Shortcuts, and there's new malware using steganography. VeryMal Mac Attack Hides Data Within a Picture Steganography (Wikipedia) (https://en.wikipedia.org/wiki/Steganography) Are iOS Shortcuts Safe? Reports of Risks Surface Use iOS Shortcuts to Automate Tasks on Your iPhone or iPad Everything You Need To Know About the FaceTime Spying Bug Apple faces lawsuit over FaceTime bug as lawyer says someone eavesdropped on a sworn testimony (https://9to5mac.com/2019/01/29/apple-facetime-eavesdropping-lawsuit/) Facebook, Google Caught Deploying Invasive Apps; Apple Shuts Them Down (After we recorded this episode on Thursday, Apple revoked Google's enterprise certificate. Apple later said that the company had reinstated Facebook's certificate, and was working with Google to reinstate the certificate.) Google disables app that monitored iPhone usage in violation of Apple’s rules (https://www.theverge.com/2019/1/30/18204350/google-screenwise-app-ios-apple-violation) Apple just became the tech industry's de facto privacy cop (https://www.washingtonpost.com/news/powerpost/paloma/the-technology-202/2019/01/31/the-technology-202-apple-just-became-the-tech-industry-s-de-facto-privacy-cop/) Get 50% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.

In this August 2018 Episode :: Dan & Elmo Party Down! Micro Four-Thirds Turns 10 Years Old! In this celebrations they cover: Lensbaby’s New Sol Lens; Canon Powershot superzoom; Panasonic ZS70; Light L16; Leica Noctilux; Fujifilm X-Pro2; Selfie Deaths; Steganography and Theft using Images; Rumored full frame mirrorless cameras; and more!     *Note: May […]

In today's podcast, we hear that hackers have looted cryptocurrency exchange Coincheck to the tune of about $530 million. Experty's ICO speculators get phished by crooks. Jackpotting hits American ATMs. The Dridex banking Trojan apparently has a ransomware sibling: FriedEx. Transduction attacks could hit IoT sensors. Steganographic app "Muslim Crypt" is designed for jihadist communication. North Korea tells Britain to mind its own business about WannaCry. Zulfikar Ramzan from RSA with his perspective on Spectre and Meltdown. Strava fitness app reveals locations of user activity. 

Without any forethought or preparation, Christopher Knight walked into the Maine woods in 1986 and lived there in complete solitude for the next 27 years, subsisting on what he was able to steal from local cabins. In this week's episode of the Futility Closet podcast we'll tell the story of the North Pond hermit, one man's attempt to divorce himself completely from civilization. We'll also look for coded messages in crosswords and puzzle over an ineffective snake. Intro: Disneyland's Matterhorn contains a basketball goal. Two tombstones in the Netherlands "hold hands" across a cemetery wall. Sources for our feature on the North Pond hermit: Michael Finkel, "Into the Woods: How One Man Survived Alone in the Wilderness for 27 Years," Guardian, March 15, 2017. Associated Press, "Christopher Knight: Inside the Maine Hermit's Lair," April 12, 2013. "Hermit Caught After 27 Years in Maine Woods," Guardian, April 11, 2013. Wikipedia, "Christopher Thomas Knight" (accessed April 6, 2017). Nathaniel Rich, "Lessons of the Hermit," Atlantic, April 2017. Michael Finkel, "The 27-Year Hunt for Maine's North Pond Hermit," Toronto Star, March 26, 2017. Betty Adams, "'North Pond Hermit' Knight Balks at Paying Costs Related to His Remote Campsite," Kennebec Journal, April 26, 2016. Craig Crosby, "After 27 Years of Burglaries, 'North Pond Hermit' Is Arrested," Kennebec Journal, April 9, 2013. Brian MacQuarrie, "In Rural Maine, a Life of Solitude and Larceny," Boston Globe, May 26, 2013. Michael Finkel, "The Strange & Curious Tale of the Last True Hermit," GQ, Aug. 4, 2014. Leonard Dawe and the D-Day crosswords: Michelle Arnot, Four-Letter Words: And Other Secrets of a Crossword Insider, 2008. Nicholas Lezard, "One Hundred Years of Solvitude," Independent, Dec. 16, 2013. Michael E. Haskew, "In Spite of All the Preparation, D-Day Remained a Gamble," World War II 16:2 (July 2001), 6. R. Murray Hayes, "A Beach Too Far: The Dieppe Raid," Sea Classics 44:4 (April 2011), 18-22, 24-25. George J. Church and Arthur White, "Overpaid, Oversexed, Over Here," Time 123:22 (May 28, 1984), 45. Val Gilbert, "D-Day Crosswords Are Still a Few Clues Short of a Solution," Telegraph, May 3, 2004. Tom Rowley, "Who Put Secret D-Day Clues in the 'Telegraph' Crossword?", Telegraph, April 27, 2014. Fred Wrixon, Codes, Ciphers, and Secret Languages, 1989. Gregory Kipper, Investigator's Guide to Steganography, 2003. This week's lateral thinking puzzle was contributed by listener Dave Lawrence. You can listen using the player above, download this episode directly, or subscribe on iTunes or Google Play Music or via the RSS feed at http://feedpress.me/futilitycloset. Please consider becoming a patron of Futility Closet -- on our Patreon page you can pledge any amount per episode, and we've set up some rewards to help thank you for your support. You can also make a one-time donation on the Support Us page of the Futility Closet website. Many thanks to Doug Ross for the music in this episode. If you have any questions or comments you can reach us at podcast@futilitycloset.com. Thanks for listening!

Malware Uses NTP to Prevent Reverse Analsys https://isc.sans.edu/forums/diary/Sleeping+VBS+Really+Wants+To+Sleep/21801/ PwC ACE Tool For SAP Introduces Security Vulnerability into SAP http://seclists.org/fulldisclosure/2016/Dec/33 Steganography Used to Hide Exploits in Images https://isc.sans.edu/forums/diary/Steganography+in+Action+Image+Steganography+StegExpose/21803/ Netgear R7000 and R6400 Aribtrary Command Execution http://www.kb.cert.org/vuls/id/582384 Holiday Hack Challenge https://holidayhackchallenge.com

Malware Uses NTP to Prevent Reverse Analsys https://isc.sans.edu/forums/diary/Sleeping+VBS+Really+Wants+To+Sleep/21801/ PwC ACE Tool For SAP Introduces Security Vulnerability into SAP http://seclists.org/fulldisclosure/2016/Dec/33 Steganography Used to Hide Exploits in Images https://isc.sans.edu/forums/diary/Steganography+in+Action+Image+Steganography+StegExpose/21803/ Netgear R7000 and R6400 Aribtrary Command Execution http://www.kb.cert.org/vuls/id/582384 Holiday Hack Challenge https://holidayhackchallenge.com

In today's podcast, we hear that more network security cameras have been found vulnerable to bot-herding. Sony's are patched, so patch. Unpatched Flash bugs incorporated into exploit kits. New ransomware strains are out. Russia announces a new national Internet strategy as Canada and the EU grapple with the complexity and ambivalence of controlling extremist content. Steganography is back, alas, and in your banner ads. Dr. Charles Clancy from VA Tech’s Hume Center explains the challenges of developing security solutions that can function in both the federal and commercial realms. Ebba Blitz from Alertsec hasthe results of a survey on what Americans fear most when it comes to cyber security. And Tay's kid sister Zo makes her debut.

Since October was Cyber Security Awareness month, we decided to look at what’s holding back our efforts to make security—to coin a phrase—“great again”. In this episode of the Inside Out Security Show panel – Cindy Ng, Kilian Englert, Kris Keyser, and Mike Buckbee – shared their thoughts on insider threats as discussed on a recent Charlie Rose show, the brilliant but evil use of steganography (the practice of concealing a file, message, image, or video within another file, message, image, or video), and the dark market for malware hidden in underground forums. For a taste of the podcast, here are a few data security ideas and quotes from our panelists. Insider Threat. According to Keyser, an insider attack might not necessarily be the fault of employees. It could be that a hacker obtained their credentials—by guessing or pass-the-hash-- and the attack was executed under their name. So don’t make an employee the ‘fall guy’ for what was really an outsider. Blame IT instead. Kidding! Steganography. On hackers hiding credit card information on images, Keyser says, “It’s reminiscent of the skimmer attack, you might find on an ATM or a card reader at shop you go to, but it’s applying that same concept to data, the nonphysical world.” Like the rest of us, Englert was fascinated by the use of steganography. Englert says, “It’s always been kind of an interesting concept that I played with just for fun, but to see this used as an exfilitration method, it’s terrifying and it’s also brilliant. Having the website serve up the information you’re stealing, publicly, hidden in image files, it’s such a great way to get data out.” What will hackers think up next? Underground Forums. Englert thinks these underground sites are fulfilling a market need. He says, “Why not be enterprising? Makes sense from a business perspective. It’s not moral, but a way to make money.” Hackers are certainly displaying an entrepreneurial spirit. Thinking Like a Hacker With DDos attacks on the rise – up 125% in 2016-- Buckbee shares what he learned from Marek Majkowski’s presentation, “Are DDoS attacks a threat to the decentralized internet?” A united Internet makes us strong, and with a divided one we may fall. A Tool for Sysadmins Mosh (mobile shell) is a remote terminal application that supports intermittent connectivity, allows roaming, and speculatively and safely echoes user keystrokes for better interactive response over high-latency paths.

In this week's episode of the Futility Closet podcast we'll explore some curiosities and unanswered questions from Greg's research, including the love affair that inspired the Rolls Royce hood ornament, a long-distance dancer, Otto von Bismarck's dogs, and a craftily plotted Spanish prison break. We'll also run after James Earl Ray and puzzle over an unsociable jockey. Intro: Workers constructing Washington's Grand Coulee Dam in 1942 fed a cable through a 500-foot drain by tying a string to an alley cat's tail. A 2001 earthquake in Olympia, Wash., drew a graceful rose with a sand-tracing pendulum. Sources for this week's feature: The best source I can find regarding the origins of the Rolls Royce hood ornament is this Telegraph article from 2008, in which Montagu's son says, "My father and Eleanor shared a great passion. It was a grand love affair - perhaps even the love of his life. All this happened before my father met my mother. But I understand my father's first wife knew about the mistress. She was very tolerant of her and they got on very well." But this quote is given in the service of promoting a film about the affair, which makes it less objective than I'd like. (Paul Tritton of the Rolls-Royce Owners' Club of Australia disputes the story here.) Alexandre Dumas' habit of eating an apple every morning beneath the Arc de Triomphe is described in this New York Times article, among many other modern sources. The earliest mention I can find is a 1911 article in the Dietetic and Hygienic Gazette, attributing the intervention to Hungarian physician David Gruby. I've confirmed that Gruby served as a physician to Dumas (père et fils), but I can't find anything about an apple. The incidents of the Savoy Hotel cloakroom and the Travellers Club suicide are both described in N.T.P. Murphy's A Wodehouse Handbook (2013). The suicide rule is mentioned at the end of this Telegraph article, which gives me hope that it's true, but I can't find anything more comprehensive. The story of the Providence United Methodist Church is told in both Randy Cerveny's Freaks of the Storm (2005) and Rick Schwartz's Hurricanes and the Middle Atlantic States (2007). Snopes says it's "mostly true." In Constable's Clouds, published by the National Galleries of Scotland 2000, Edward Morris writes, "It is this moment of early morning light -- and what has been described as 'the atmosphere of stillness tinged with expectancy' -- that Constable translates into the finished canvas." Judith Collins mentions Joseph Beuys' responsibility for snow in her introduction to Andy Goldsworthy's Midsummer Snowballs (2001). Reader Olga Izakson found the description of Tiras, Otto von Bismarck's “dog of the empire,” in Robert K. Massie's Dreadnought (1991). A few further links. The role of Esperanto in the planning of the 1938 San Cristobál prison break is described (I think) here. In 1600 William Kemp published a pamphlet chronicling his 1599 morris dance to Norwich, Kemps Nine Daies Wonder, to quiet doubters. The allegation that Margaret Thatcher ordered the identities of British government employees to be encoded in the word spacing of their documents appears in Gregory Kipper's Investigator's Guide to Steganography (2003). I've found it in other technical documents, but these tend to cite one another rather than an authoritative source. Listener mail: Madison Kahn, "60 Hours of Hell: The Story of the Barkley Marathons," Outside, May 8, 2013. Wikipedia, "Barkley Marathons" (accessed Aug. 6, 2016). Wikipedia, "Kaihogyo," (accessed Aug. 6, 2016). Adharanand Finn, "What I Learned When I Met the Monk Who Ran 1,000 Marathons," Guardian, March 31, 2015. Associated Press, "Japanese Monks Endure With a Vow of Patience," June 10, 2007. Here's a corroborating link for this week's lateral thinking puzzle (warning: spoiler). You can listen using the player above, download this episode directly, or subscribe on iTunes or Google Play Music or via the RSS feed at http://feedpress.me/futilitycloset. Please consider becoming a patron of Futility Closet -- on our Patreon page you can pledge any amount per episode, and all contributions are greatly appreciated. You can change or cancel your pledge at any time, and we've set up some rewards to help thank you for your support. You can also make a one-time donation on the Support Us page of the Futility Closet website. Many thanks to Doug Ross for the music in this episode. If you have any questions or comments you can reach us at podcast@futilitycloset.com. Thanks for listening!

How can you hide a message so that no one knows you're even communicating? Use steganography! Ariel Kasten joins the show to talk about the art of hiding messages. Learn more about your ad-choices at https://news.iheart.com/podcast-advertisers

Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Drapeau-Dukes/DEFCON-22-Drapeau-Dukes-Steganography-in-Commonly-Used-HF-Radio-Protocols-UPDATED.pdf Additional Extra Materials are available here: https://defcon.org/images/defcon-22/dc-22-presentations/Drapeau-Dukes/Paul%20Drapeau%20and%20Brent%20Dukes%20-%20Extras.zip Steganography in Commonly Used HF Radio Protocols Paul Drapeau PRINCIPAL SECURITY RESEARCHER, CONFER TECHNOLOGIES INC. Brent Dukes Imagine having the capability to covertly send messages to an individual or a larger audience, without the need for large centralized infrastructure where your message could be observed, intercepted, or tampered with by oppressive governments or other third parties. We will discuss the opportunities and challenges with steganography implementations in widely used amateur radio digital modes, and present a proof of concept implementation of hiding messages within innocuous transmissions using the JT65 protocol. This technique could theoretically be used to implement a low cost, low infrastructure, covert, world wide short message broadcasting or point to point protocol. No messages in codes or ciphers intended to obscure the meaning thereof were actually transmitted over the amateur bands during the creation of this talk. Paul Drapeau is currently the Principal Security Researcher for Confer Technologies Inc. He has held senior level IT security roles and consulted on information security topics for various organizations for over 15 years. Paul has a bachelor's degree in computer science from the University of Rhode Island and has been licensed as an amateur radio operator since 1986. Brent Dukes has a decade of experience working in software and systems engineering roles. He spends his nights tied to various hardware hacking projects sitting in pieces all over his lab, and participating in CTFs. His idea of fun is reverse engineering and modifying toys and consumer electronics for the purposes of good. Brent has been a licensed amateur radio operator since 2006. Paul Drapeau - Twitter: @pdogg77 Brent Dukes - Twitter: @TheDukeZip

To hide information within a picture we usually replace the least significant bits. This approach is no longer available if there is only 1 bit/pixel like for Quick Response Codes we meet everyday now. I will talk about theoretical limitation and practical aspects of hiding information in such situations: by generating encoding sequences fulfilling given constraints, for example to enforce resemblance to given picture (grayness of pixel defines probability of using "1" there). If the receiver would know the constraints/picture, we could just use entropy coder for this purpose, but we would like to omit this requirement here. In Kuznetsov-Tsybakov problem only the sender knows simple constraints, but it turns out that we can approach the same channel capacity as if both sides would know them. I will talk about generalizations to statistical constraints and applications for example to picture codes, steganography or lossy compression. About the speaker: Jaroslaw Duda has received MSc in Computer Science, Mathematics and Physics, and PhD in Computer Science and Physics from Jagiellonian University in Cracow, Poland. His main interest is information theory, both directly applied in computer science and as an integral part of different fields of science. He is currently a Postdoctoral Researcher in the Center for Science of Information and the Computer Science Department at Purdue University, USA, working with W. Szpankowski.

To hide information within a picture we usually replace the least significant bits. This approach is no longer available if there is only 1 bit/pixel like for Quick Response Codes we meet everyday now. I will talk about theoretical limitation and practical aspects of hiding information in such situations: by generating encoding sequences fulfilling given constraints, for example to enforce resemblance to given picture (grayness of pixel defines probability of using "1" there). If the receiver would know the constraints/picture, we could just use entropy coder for this purpose, but we would like to omit this requirement here. In Kuznetsov-Tsybakov problem only the sender knows simple constraints, but it turns out that we can approach the same channel capacity as if both sides would know them. I will talk about generalizations to statistical constraints and applications for example to picture codes, steganography or lossy compression.

Steganography and other topics.

Scientists have developed a way to hide data within voice-over-IP packets, enabling people to secretly send information to others while having a normal phone conversation.

Researchers have developed a new approach to steganography that could conceal information on CDs in a way that makes it unreadable by conventional CD players but detectable by specially designed devices. Article link: http://doi.ieeecomputersociety.org/10.1109/MC.2010.178

Steganography is a discipline of computer science whose aim is to conceal the existence of information. Steganography synergizes various technologies including data compression, digital signal processing, information theory, data networks, cryptography, coding theory, and the human audio and visual system. Strap on your seatbelt. I will present some key concepts of steganography, describe a number of basic and advanced spatial and transform domain techniques (with lots of pictures and sounds for the "attention-challenged"), and demonstrate these techniques using custom steganography software. The demonstrations include a Least Significant Bit (LSB) technique, High-Capacity Hiding in Jpegs, and time modulation in audio. About the speaker: John Ortiz is currently a senior computer engineering consultant for SRA International. In this position he researches information hiding techniques and steganography software, assesses the security and feasibility of advanced DoD security applications, examines and deobfuscates malware, and develops forensics tools. Prior to SRA, he spent 5 years at General Dynamics developing source code and network traffic analysis techniques and software.In a second role, Mr. Ortiz teaches a variety of computer science and electrical engineering courses at the University of Texas at San Antonio (UTSA). In particular, he developed and still teaches a Steganography course, which covers a broad spectrum of data hiding techniques in both the spatial and transform domains. For his course, Mr. Ortiz personally developed several steganographic programs for testing and analysis. Mr. Ortiz holds two master's degrees from the Air Force Institute of Technology, one in computer engineering and one in electrical engineering and a bachelor's degree in electrical engineering from Rose-Hulman Institute of Technology.

Steganography is a discipline of computer science whose aim is to conceal the existence of information. Steganography synergizes various technologies including data compression, digital signal processing, information theory, data networks, cryptography, coding theory, and the human audio and visual system. Strap on your seatbelt. I will present some key concepts of steganography, describe a number of basic and advanced spatial and transform domain techniques (with lots of pictures and sounds for the “attention-challenged”), and demonstrate these techniques using custom steganography software. The demonstrations include a Least Significant Bit (LSB) technique, High-Capacity Hiding in Jpegs, and time modulation in audio.

Steganography is a useful technique for securely storing sensitivedata, but the difficulty in detecting its usage can create anopportunity for digital miscreants. Michael Cobb explains how toensure the practice isn't used maliciously.

"Security professionals see the compromise of networked systems on a day to day basis. It's something they've come to expect. The blatant exploitation of operating systems, applications, and configurations is a common event and is taken into account by most security engineers. But a different type of security compromise threatens to crumble the underlying security of the modern organization. There are forms of communication that transfer sensitive data outside of organizations every day. Covert channels are used to move proprietary information in and out of commercial, private, and government entities on a daily basis. These covert channels include things such as Steganography, Covert network channels, Data File Header and Footer Appending, and Alternate Data Streams. Media to be covered include images, audio files, TCP covert channels, Word substitution mechanisms, the Windows file system and others. This presentation will show the attendees common means of covert communication by hiding information through multiple means. We'll also discuss the future of Covert Channels and how hidden information is becoming more and more difficult to detect. Detection of these forms of communication is trailing well behind the technology creating them, this presentation will discuss some of the newest concepts in utilizing Covert Channels and Steganography. Russ Rogers is the CEO of Security Horizon, a Colorado Springs based information security professional services firm and is a technology veteran with over 13 years of technology and information security experience. He has served in multiple technical and management information security positions that include Manager of Professional Services, Manager Security Support, Senior Security Consultant and Unix Systems Administrator. Mr. Rogers is a United States Air Force Veteran and has supported the National Security Agency and the Defense Information Systems Agency in both a military and contractor role. Russ is also an Arabic Linguist. He is a certified instructor for the National Security Agency's INFOSEC Assessment Methodology (IAM) and INFOSEC Evaluation Methodology (IEM) courses. He holds his M.S. degree from the University of Maryland is also a Co-Founder of the Security Tribe (securitytribe.com), a security think tank and research organization."