Podcasts about uefi

Specification that defines a software interface between an operating system and platform firmware

  • 135PODCASTS
  • 255EPISODES
  • 58mAVG DURATION
  • 1WEEKLY EPISODE
  • Nov 29, 2022LATEST

POPULARITY

20152016201720182019202020212022


Best podcasts about uefi

Latest podcast episodes about uefi

Cyber and Technology with Mike
29 November 2022 Cyber and Tech News

Cyber and Technology with Mike

Play Episode Listen Later Nov 29, 2022 8:01


In today's podcast we cover four crucial cyber and technology topics, including: 1.        Europol wraps on campaign shutting down fake goods sites, and illegal sharing 2.        Acer flaw could allow bypass of crucial security feature3.        Twitter CEO reveals new end-to-end encryption plan 4.        META fined 275 million USD over 2021 data leak I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Firewalls Don't Stop Dragons Podcast
Best & Worst Gifts for 2022

Firewalls Don't Stop Dragons Podcast

Play Episode Listen Later Nov 21, 2022 76:01


Black Friday is just around the corner, which marks the unofficial launch of the holiday shopping season. As you're considering what gifts to give to your loved ones this year, I want to make sure you're thinking about the privacy and security aspects. To that end, I have updated my annual Best and Worst Gift Guide and I will go over the highlights in this episode for my Tip of the Week. But I also have a special new gift idea this year: security and privacy coupons that you can download and give to your loved ones! In the news: USPS tells customers to avoid using the big blue mailboxes for gifts and important letters during the holiday season; Google pays nearly $400M fine to 40 states who sued over location tracking; Medibank refuses to pay ransom for data and criminals are starting to leak sensitive medical records online; TransUnion reports a data breach; FBI director warns that TikTok is a national security risk; Lenovo laptops are exposed to UEFI malware risks (update now); a mysterious company with government ties and a history of spying has become a root certificate authority; the British government is scanning its citizens devices looking for vulnerabilities in hopes of fixing them; almost 50% of all Mac malware can be traced to a single, security application; Apple apps are sending tons of analytics data to Apple even when analytics are disabled; I answer a listener question (Dear Carey) about the best Mastodon clients, in the wake of the Twitter collapse. Article Links [Lifehacker] Avoid Using Blue Mailboxes During the Holidays, USPS Warns https://lifehacker.com/avoid-using-blue-mailboxes-during-the-holidays-usps-wa-1849773201 [The Hacker News] Google to Pay $391 Million Privacy Fine for Secretly Tracking Users' Location https://thehackernews.com/2022/11/google-to-pays-391-million-privacy-fine.html [CPO Magazine] Medibank Refuses Ransom Payments, Hackers Leak Stolen Health Data to Dark Web https://www.cpomagazine.com/cyber-security/medibank-refuses-ransom-payments-hackers-leak-stolen-health-data-to-dark-web/ [BGR] TransUnion data breach compromises financial information of consumers https://bgr.com/tech/transunion-data-breach-compromises-financial-information-of-consumers/ [USA TODAY] FBI director says TikTok poses national security threat, and he's 'extremely concerned' https://www.usatoday.com/story/tech/2022/11/16/tiktok-poses-national-security-threat-fbi/10709987002/ [Ars Technica] Lenovo driver goof poses security risk for users of 25 notebook models https://arstechnica.com/information-technology/2022/11/lenovo-patches-secure-boot-vulnerabilities-that-imperil-25-notebook-models/ [The Washington Post] Mysterious company with government ties plays key internet role https://www.washingtonpost.com/technology/2022/11/08/trustcor-internet-addresses-government-connections/ [Bleeping Computer] British govt is scanning all Internet devices hosted in UK https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/british-govt-is-scanning-all-internet-devices-hosted-in-uk/amp/ [Tom's Guide] Almost 50% of macOS malware reportedly comes from single app — delete it now https://www.tomsguide.com/news/new-report-says-nearly-half-of-macos-malware-comes-from-single-app-delete-it-now [Gizmodo] Apple Is Tracking You Even When Its Own Privacy Settings Say It's Not, New Research Says https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558 Dear Carey: Mastodon clients. https://joinmastodon.org/apps  https://bilge.world/mastodon-ios-apps  Further Info Best & Worst Gifts for 2022: https://firewallsdontstopdragons.com/best--worst-gifts-2022/ Privacy & Security Coupons: https://fdsd.me/coupons  Give thanks and donate! https://firewallsdontstopdragons.com/give-thanks-donate/  Send me your questions! https://fdsd.me/qna  Support me! https://fdsd.me/support  Subscribe to the newsletter: https://firewallsdo...

PC Perspective Podcast
Podcast #700 - RTX 4080 Review, High GPU Prices Explained, GN Solves 4090 Connector Mystery, 1-click AMD boost!

PC Perspective Podcast

Play Episode Listen Later Nov 19, 2022 87:15


We have made it to episode 700!!! Sure, only half of the crew made it this far, but that's just how it goes. It's a war of attrition, and Jeremy was there from episode one (Josh joined a bit later). And this week we decided to gather, virtually, once again, and talk about the most affordable graphics card ever made!RTX 4080 review, gaming PC building vs consoles, Nvidia earnings, some good security news for once, and more!Timestamps:00:00 Intro01:39 Food with Josh03:08 NVIDIA GeForce RTX 4080 Founders Edition review36:07 You aren't dreaming...it's NVIDIA quarterly earnings coverage!42:34 Podcast sponsor - Masterclass44:03 Did Gamers Nexus solve the 4090 connector mystery?55:47 AMD's EPYC new server processors1:00:53 Josh talks memory controllers1:04:23 AMD brings HYPR-RX to Radeon Software next year1:06:09 Google settles Android tracking lawsuit1:08:02 Lenovo patches UEFI vulnerability1:10:01 Gaming PSA1:13:12 Picks of the Week1:25:45 Outro ★ Support this podcast on Patreon ★

Paul's Security Weekly (Video-Only)
UEFI & SMM Vulnerabilities - Jesse Michael - PSW #764

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Nov 17, 2022 77:02


Navigating the UEFI waters is treacherous. While UEFI has become the standard on most PCs, servers, and laptops, replacing legacy BIOS, it is a complex set of standards and protocols. Jesse joins us to help explain how some of this works and describe how vulnerabilities, specifically with SMM, can manifest and be exploited. Segment Resources: [CHIPSEC GitHub] https://github.com/chipsec/chipsec    Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw764

Paul's Security Weekly (Podcast-Only)
PSW #764 - Jesse Michael

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Nov 17, 2022 215:13


In the Security News: Stealing Mastodon passwords, reporting vulnerabilities in open-source privately, labeling does not solve problems, or does it? will it every get patched? geolocating people from photos, no meta-data required, update your firmware on Linux, hacking flow computers, when a driver isn't really a driver, well, its a driver, but not the one you may be thinking of, oops I leaked it again, misconfiguration leads to compromise, harden runner, guard dog and hacking spacecraft via Ethernet! Navigating the UEFI waters is treacherous. While UEFI has become the standard on most PCs, servers, and laptops, replacing legacy BIOS, it is a complex set of standards and protocols. Jesse joins us to help explain how some of this works and describe how vulnerabilities, specifically with SMM, can manifest and be exploited. Segment Resources: [CHIPSEC GitHub] https://github.com/chipsec/chipsec    Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/psw764

Paul's Security Weekly TV
UEFI & SMM Vulnerabilities - Jesse Michael - PSW #764

Paul's Security Weekly TV

Play Episode Listen Later Nov 17, 2022 77:02


Navigating the UEFI waters is treacherous. While UEFI has become the standard on most PCs, servers, and laptops, replacing legacy BIOS, it is a complex set of standards and protocols. Jesse joins us to help explain how some of this works and describe how vulnerabilities, specifically with SMM, can manifest and be exploited. Segment Resources: [CHIPSEC GitHub] https://github.com/chipsec/chipsec    Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw764

Paul's Security Weekly
PSW #764 - Jesse Michael

Paul's Security Weekly

Play Episode Listen Later Nov 17, 2022 215:13


In the Security News: Stealing Mastodon passwords, reporting vulnerabilities in open-source privately, labeling does not solve problems, or does it? will it every get patched? geolocating people from photos, no meta-data required, update your firmware on Linux, hacking flow computers, when a driver isn't really a driver, well, its a driver, but not the one you may be thinking of, oops I leaked it again, misconfiguration leads to compromise, harden runner, guard dog and hacking spacecraft via Ethernet! Navigating the UEFI waters is treacherous. While UEFI has become the standard on most PCs, servers, and laptops, replacing legacy BIOS, it is a complex set of standards and protocols. Jesse joins us to help explain how some of this works and describe how vulnerabilities, specifically with SMM, can manifest and be exploited. Segment Resources: [CHIPSEC GitHub] https://github.com/chipsec/chipsec    Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/psw764

Podlodka Podcast
Podlodka #290 – Микропроцессоры

Podlodka Podcast

Play Episode Listen Later Oct 17, 2022 94:50


Микропроцессор – мозг, сердце любой системы. С Владимиром Туровым из Selectel прошлись по техническому устройству процессора, архитектурам. CPU по праву считается центральным элементом, обсудили как он взаимодействует с другими частями системы. А в конце традиционно разобрали эволюцию отрасли. Поддержи лучший подкаст про IT: www.patreon.com/podlodka Также ждем вас, ваши лайки, репосты и комменты в мессенджерах и соцсетях!
 Telegram-чат: https://t.me/podlodka Telegram-канал: https://t.me/podlodkanews Страница в Facebook: www.facebook.com/podlodkacast/ Twitter-аккаунт: https://twitter.com/PodlodkaPodcast Ведущие в выпуске: Стас Цыганов, Евгений Кателла Полезные ссылки: Как запускается сервер https://habr.com/ru/company/selectel/blog/471756/ (Legacy) https://habr.com/ru/company/selectel/blog/516810/ (UEFI) Книга «Код, тайный язык информации» Видео разбора мака старого и с M1 https://www.youtube.com/watch?v=IWIHEI1Au0k Бенчмарки от организаций https://www.spec.org/ Статьи по древним серверам https://habr.com/ru/users/ereinion/posts/ Профиль Владимира на хабре https://habr.com/ru/users/firemoon

Gestalt IT Rundown
lder Lake Leaks BIOS Source | Gestalt IT Rundown: October 12, 2022

Gestalt IT Rundown

Play Episode Listen Later Oct 12, 2022 29:18


Intel isn't happy that the source code for their Alder Lake BIOS has been leaked online. The UEFI code was nabbed by someone and posted to the Internet as a 6 GB file containing all kinds of secret things. One of the big finds is the private key for Intel Boot Guard, a seuciry feature designed to create a secure booting environment. No official word has been released on who leaked the data but signs point to an ODM in China that created a Github repository that was cloned and distributed rapidly. Tom, how bad is this for Intel? Time Stamps: 0:00 - Welcome to the Rundown 0:22 - Disk Drive Market Declining 3:04 - Splunk Claims Cribl Cribbed Code 7:53 - Pavilion Data is Threadbare 11:15 - Airlines Want 5G Made Permanent 16:48 - Alder Lake Leaks BIOS Source 26:39 - The Weeks Ahead 27:50 - Thanks for Watching Follow our hosts on Social Media Tom Hollingsworth: https://www.twitter.com/NetworkingNerd Stephen Foskett: https://www.twitter.com/SFoskett Max Mortillaro: https://www.twitter.com/MaxMortillaro Follow Gestalt IT Website: https://www.GestaltIT.com/ Twitter: https://www.twitter.com/GestaltIT LinkedIn: https://www.linkedin.com/company/1789

Cyber Security Headlines
Cyber Security Headlines: Heat leaks passwords, KillNet hits airports, Intel UEFI leak

Cyber Security Headlines

Play Episode Listen Later Oct 11, 2022 6:56 Very Popular


Finger heat can leak your password US airport sites targeted by KillNet Intel confirms UEFI leak Thanks to today's episode sponsor, Noname Security Prevent API attacks in real-time with automated AI and ML-based detection from Noname Security. Monitor API traffic for data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks. Integrate with your existing IT workflow management system like Jira, ServiceNow, or Slack for seamless remediation. Learn more at nonamesecurity.com/runtime-protection

Dave & Gunnar Show
Episode 237: Confidentially Speaking

Dave & Gunnar Show

Play Episode Listen Later Sep 20, 2022 44:21


This week Dave talks with Mike Bursell (https://dgshow.org/guests/mbursell) and Nathaniel McCallum (https://dgshow.org/guests/nmccallum) about confidential computing! Check out Mike on D&G 201 (https://dgshow.org/201) from 2020! Enarx (https://enarx.dev/) Red Hat (https://www.redhat.com/en) Profian (https://www.profian.com/) McCallum-Relyea exchange (https://www.admin-magazine.com/Archive/2018/43/Automatic-data-encryption-and-decryption-with-Clevis-and-Tang) Trusted computing (https://en.wikipedia.org/wiki/Trusted_Computing) Confidential computing – the new HTTPS? (https://aliceevebob.com/2019/12/03/confidential-computing-the-new-https/) Confidential Computing Consortium (https://confidentialcomputing.io/) Trusted Platform Module (TPM) (https://en.wikipedia.org/wiki/Trusted_Platform_Module) Trusted Execution Environment (TEE) (https://en.wikipedia.org/wiki/Trusted_execution_environment) Digital Rights Management (DRM) (https://en.wikipedia.org/wiki/Digital_rights_management) Intel SGX (https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions.html) AMD SEV (https://developer.amd.com/sev/) AWS Nitro System (https://aws.amazon.com/ec2/nitro/) What is attestation for Confidential Computing? (https://aliceevebob.com/2022/06/14/what-is-attestation-for-confidential-computing/) WebAssembly (https://webassembly.org/) Bytecode Alliance (https://bytecodealliance.org/) Drawbridge (https://github.com/profianinc/drawbridge) Keep (https://github.com/enarx/enarx-keepldr) Secure multi-party computation (https://en.wikipedia.org/wiki/Secure_multi-party_computation) Privacy-Enhancing Technologies (PET) (https://en.wikipedia.org/wiki/Privacy-enhancing_technologies) Homomorphic encryption (https://en.wikipedia.org/wiki/Homomorphic_encryption) Functional equivalence and formal equivalence checking (https://en.wikipedia.org/wiki/Formal_equivalence_checking) What is a Linux Container? (https://www.redhat.com/en/topics/containers/whats-a-linux-container) Functions as a Service (https://en.wikipedia.org/wiki/Function_as_a_service) UEFI (https://en.wikipedia.org/wiki/UEFI) Reproducible builds (https://en.wikipedia.org/wiki/Reproducible_builds) Trusted Computing Base (TCB) (https://en.wikipedia.org/wiki/Trusted_computing_base) Confidential Computing: try it now, for free (https://blog.profian.com/confidential-computing-now-for-free/) FedRAMP (https://www.fedramp.gov/) Bell–LaPadula model (https://en.wikipedia.org/wiki/Bell%E2%80%93LaPadula_model) NVIDIA Confidential Computing (https://www.nvidia.com/en-us/data-center/solutions/confidential-computing/) U.S. and U.K. Launch Innovation Prize Challenges in Privacy-Enhancing Technologies to Tackle Financial Crime and Public Health Emergencies (https://www.whitehouse.gov/ostp/news-updates/2022/07/20/u-s-and-u-k-launch-innovation-prize-challenges-in-privacy-enhancing-technologies-to-tackle-financial-crime-and-public-health-emergencies/) Advancing a Vision for Privacy-Enhancing Technologies (https://www.whitehouse.gov/ostp/news-updates/2022/06/28/advancing-a-vision-for-privacy-enhancing-technologies/) Accelerating the adoption and development of privacy-enhancing technologies (PETs) (https://petsprizechallenges.com/) Trust in Computer Systems and the Cloud (https://www.wiley.com/en-us/Trust+in+Computer+Systems+and+the+Cloud-p-9781119692324) We Give Thanks * Mike Bursell (https://dgshow.org/guests/mbursell) and Nathaniel McCallum (https://dgshow.org/guests/nmccallum) for joining us on the show! * Jen Wike Huger (https://twitter.com/JenWike) for connecting the dots! Special Guests: Mike Bursell and Nathaniel McCallum.

Linux Action News
Linux Action News 257

Linux Action News

Play Episode Listen Later Sep 8, 2022 19:58


Linux goes underwater, Microsoft kills the Teams' Linux app, and the nasty GRUB bug some of us could not avoid.

Linux Action News
Linux Action News 257

Linux Action News

Play Episode Listen Later Sep 8, 2022 19:58


Linux goes underwater, Microsoft kills the Teams' Linux app, and the nasty GRUB bug some of us could not avoid.

Linux Action News
Linux Action News 256

Linux Action News

Play Episode Listen Later Sep 1, 2022 17:27


Debian's firmware future is up for debate, Pine64 teases a RISC-V SBC, and some of your favorite tools just got new tricks.

Linux Action News
Linux Action News 256

Linux Action News

Play Episode Listen Later Sep 1, 2022 17:27


Debian's firmware future is up for debate, Pine64 teases a RISC-V SBC, and some of your favorite tools just got new tricks.

Hack Naked News (Audio)
SWN #232 - UEFI, PyPI, Vishing, VNC, Sova, DOOM Deere, Mailchimp, & Hiding Photos

Hack Naked News (Audio)

Play Episode Listen Later Aug 16, 2022 32:10


This week Dr. Doug talks: UEFI, PyPI, vishing, VNC, Sova, Doom, Mailchimp, hiding photos, and is joined by Jason Wood on this episode of Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn232

Paul's Security Weekly
SWN #232 - UEFI, PyPI, Vishing, VNC, Sova, DOOM Deere, Mailchimp, & Hiding Photos

Paul's Security Weekly

Play Episode Listen Later Aug 16, 2022 32:10


This week Dr. Doug talks: UEFI, PyPI, vishing, VNC, Sova, Doom, Mailchimp, hiding photos, and is joined by Jason Wood on this episode of Security Weekly News!   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn232

Hack és Lángos
HnL238 - Very Protected Network

Hack és Lángos

Play Episode Listen Later Aug 5, 2022 66:48


Mai menü:Felmérés szerint az átlag amerikai naponta 6,5 alkalommal lép be gyanús oldalakraKínai hacker keresőKínai UEFI rootkitet találtak Gigabyte és Asus alaplapokon | SecurityWeek.ComHamisított git metaadatokAnti-vax társkereső webhely kitett adatok 3,500 felhasználók keresztül "hibakeresési mód" hiba - A VergeNoMoreRansom születésnapFBI lefoglal $500,000 Ransomware kifizetések és Crypto az észak-koreai hackerektőlAz XSS-sel történő hackelés tisztázásaKezdje el tanulni a biztonságot az SQLi segítségévelElérhetőségeink:TelegramTwitterInstagramFacebookMail: info@hackeslangos.show

All TWiT.tv Shows (MP3)
This Week in Tech 886: The Barn Has Left the Horse

All TWiT.tv Shows (MP3)

Play Episode Listen Later Aug 1, 2022 147:32 Very Popular


CHIPS Act clears Congress, ensuring $52 billion boost to US foundries. Intel (INTC) earnings Q2 2022. Intel Kills Optane Memory Business Entirely. Apple's $83B quarter by the numbers. FY22 Q4 - Press Releases - Investor Relations - Microsoft. Amazon (AMZN) Q2 2022 earnings. Peacock's paid subscribers stayed flat at 13 million, losses widen to $467 million. Why Big Tech Is Making a Big Play for Live Sports. Collect and Trade NFL Highlights As NFTs. Spotify has 188 million Premium users, but continues to lose money. Spotify forks out $295M for Findaway, Podsights, Chartable, and Sonantic, filing reveals. FTC's Lina Khan Overruled Staff to Sue Meta Over Virtual-Reality Deal. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Instagram walks back TikTok-style changes — Adam Mosseri explains why. Facebook Is Finally Giving People A Non-Algorithmic News Feed. Twitter is raising the Blue subscription price from $2.99 to $4.99 monthly. Twitter v. Elon Musk trial date set to start October 17th. FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. T-Mobile to pay $500M for one of the largest data breaches in US history. Tim Hortons offers free coffee to settle mobile app class action lawsuits. Russia tried to hijack some of Apple's internet traffic for 12 hours. Details from FBI Raid of U.S. Private Vaults Being Kept from Public. Why One Critical Second Can Wreak Havoc on the Internet. HBO Max will begin streaming 'Game of Thrones' in 4K HDR next month. Ultiworld on Twitter: "Marques Brownlee (@MKBHD) with the MASSIVE sky for @PrideofNY at the World Ultimate Club Championships" NASA on Twitter: "We celebrate the life of Nichelle Nichols, Star Trek actor, trailblazer, and role model, who symbolized to so many what was possible." Host: Leo Laporte Guests: Jason Snell, Shoshana Weissmann, and Dan Patterson Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit Melissa.com/twit kolide.com/twit go.newtek.com/twit-tv

This Week in Tech (MP3)
TWiT 886: The Barn Has Left the Horse - CHIPS Act, earnings week, FTC sues Meta, Twitter Blue price hike

This Week in Tech (MP3)

Play Episode Listen Later Aug 1, 2022 147:32 Very Popular


CHIPS Act clears Congress, ensuring $52 billion boost to US foundries. Intel (INTC) earnings Q2 2022. Intel Kills Optane Memory Business Entirely. Apple's $83B quarter by the numbers. FY22 Q4 - Press Releases - Investor Relations - Microsoft. Amazon (AMZN) Q2 2022 earnings. Peacock's paid subscribers stayed flat at 13 million, losses widen to $467 million. Why Big Tech Is Making a Big Play for Live Sports. Collect and Trade NFL Highlights As NFTs. Spotify has 188 million Premium users, but continues to lose money. Spotify forks out $295M for Findaway, Podsights, Chartable, and Sonantic, filing reveals. FTC's Lina Khan Overruled Staff to Sue Meta Over Virtual-Reality Deal. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Instagram walks back TikTok-style changes — Adam Mosseri explains why. Facebook Is Finally Giving People A Non-Algorithmic News Feed. Twitter is raising the Blue subscription price from $2.99 to $4.99 monthly. Twitter v. Elon Musk trial date set to start October 17th. FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. T-Mobile to pay $500M for one of the largest data breaches in US history. Tim Hortons offers free coffee to settle mobile app class action lawsuits. Russia tried to hijack some of Apple's internet traffic for 12 hours. Details from FBI Raid of U.S. Private Vaults Being Kept from Public. Why One Critical Second Can Wreak Havoc on the Internet. HBO Max will begin streaming 'Game of Thrones' in 4K HDR next month. Ultiworld on Twitter: "Marques Brownlee (@MKBHD) with the MASSIVE sky for @PrideofNY at the World Ultimate Club Championships" NASA on Twitter: "We celebrate the life of Nichelle Nichols, Star Trek actor, trailblazer, and role model, who symbolized to so many what was possible." Host: Leo Laporte Guests: Jason Snell, Shoshana Weissmann, and Dan Patterson Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit Melissa.com/twit kolide.com/twit go.newtek.com/twit-tv

All TWiT.tv Shows (Video LO)
This Week in Tech 886: The Barn Has Left the Horse

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Aug 1, 2022 148:14


CHIPS Act clears Congress, ensuring $52 billion boost to US foundries. Intel (INTC) earnings Q2 2022. Intel Kills Optane Memory Business Entirely. Apple's $83B quarter by the numbers. FY22 Q4 - Press Releases - Investor Relations - Microsoft. Amazon (AMZN) Q2 2022 earnings. Peacock's paid subscribers stayed flat at 13 million, losses widen to $467 million. Why Big Tech Is Making a Big Play for Live Sports. Collect and Trade NFL Highlights As NFTs. Spotify has 188 million Premium users, but continues to lose money. Spotify forks out $295M for Findaway, Podsights, Chartable, and Sonantic, filing reveals. FTC's Lina Khan Overruled Staff to Sue Meta Over Virtual-Reality Deal. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Instagram walks back TikTok-style changes — Adam Mosseri explains why. Facebook Is Finally Giving People A Non-Algorithmic News Feed. Twitter is raising the Blue subscription price from $2.99 to $4.99 monthly. Twitter v. Elon Musk trial date set to start October 17th. FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. T-Mobile to pay $500M for one of the largest data breaches in US history. Tim Hortons offers free coffee to settle mobile app class action lawsuits. Russia tried to hijack some of Apple's internet traffic for 12 hours. Details from FBI Raid of U.S. Private Vaults Being Kept from Public. Why One Critical Second Can Wreak Havoc on the Internet. HBO Max will begin streaming 'Game of Thrones' in 4K HDR next month. Ultiworld on Twitter: "Marques Brownlee (@MKBHD) with the MASSIVE sky for @PrideofNY at the World Ultimate Club Championships" NASA on Twitter: "We celebrate the life of Nichelle Nichols, Star Trek actor, trailblazer, and role model, who symbolized to so many what was possible." Host: Leo Laporte Guests: Jason Snell, Shoshana Weissmann, and Dan Patterson Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit Melissa.com/twit kolide.com/twit go.newtek.com/twit-tv

Radio Leo (Audio)
This Week in Tech 886: The Barn Has Left the Horse

Radio Leo (Audio)

Play Episode Listen Later Aug 1, 2022 147:32


CHIPS Act clears Congress, ensuring $52 billion boost to US foundries. Intel (INTC) earnings Q2 2022. Intel Kills Optane Memory Business Entirely. Apple's $83B quarter by the numbers. FY22 Q4 - Press Releases - Investor Relations - Microsoft. Amazon (AMZN) Q2 2022 earnings. Peacock's paid subscribers stayed flat at 13 million, losses widen to $467 million. Why Big Tech Is Making a Big Play for Live Sports. Collect and Trade NFL Highlights As NFTs. Spotify has 188 million Premium users, but continues to lose money. Spotify forks out $295M for Findaway, Podsights, Chartable, and Sonantic, filing reveals. FTC's Lina Khan Overruled Staff to Sue Meta Over Virtual-Reality Deal. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Instagram walks back TikTok-style changes — Adam Mosseri explains why. Facebook Is Finally Giving People A Non-Algorithmic News Feed. Twitter is raising the Blue subscription price from $2.99 to $4.99 monthly. Twitter v. Elon Musk trial date set to start October 17th. FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. T-Mobile to pay $500M for one of the largest data breaches in US history. Tim Hortons offers free coffee to settle mobile app class action lawsuits. Russia tried to hijack some of Apple's internet traffic for 12 hours. Details from FBI Raid of U.S. Private Vaults Being Kept from Public. Why One Critical Second Can Wreak Havoc on the Internet. HBO Max will begin streaming 'Game of Thrones' in 4K HDR next month. Ultiworld on Twitter: "Marques Brownlee (@MKBHD) with the MASSIVE sky for @PrideofNY at the World Ultimate Club Championships" NASA on Twitter: "We celebrate the life of Nichelle Nichols, Star Trek actor, trailblazer, and role model, who symbolized to so many what was possible." Host: Leo Laporte Guests: Jason Snell, Shoshana Weissmann, and Dan Patterson Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit Melissa.com/twit kolide.com/twit go.newtek.com/twit-tv

This Week in Tech (Video HI)
TWiT 886: The Barn Has Left the Horse - CHIPS Act, earnings week, FTC sues Meta, Twitter Blue price hike

This Week in Tech (Video HI)

Play Episode Listen Later Aug 1, 2022 148:14


CHIPS Act clears Congress, ensuring $52 billion boost to US foundries. Intel (INTC) earnings Q2 2022. Intel Kills Optane Memory Business Entirely. Apple's $83B quarter by the numbers. FY22 Q4 - Press Releases - Investor Relations - Microsoft. Amazon (AMZN) Q2 2022 earnings. Peacock's paid subscribers stayed flat at 13 million, losses widen to $467 million. Why Big Tech Is Making a Big Play for Live Sports. Collect and Trade NFL Highlights As NFTs. Spotify has 188 million Premium users, but continues to lose money. Spotify forks out $295M for Findaway, Podsights, Chartable, and Sonantic, filing reveals. FTC's Lina Khan Overruled Staff to Sue Meta Over Virtual-Reality Deal. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Instagram walks back TikTok-style changes — Adam Mosseri explains why. Facebook Is Finally Giving People A Non-Algorithmic News Feed. Twitter is raising the Blue subscription price from $2.99 to $4.99 monthly. Twitter v. Elon Musk trial date set to start October 17th. FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. T-Mobile to pay $500M for one of the largest data breaches in US history. Tim Hortons offers free coffee to settle mobile app class action lawsuits. Russia tried to hijack some of Apple's internet traffic for 12 hours. Details from FBI Raid of U.S. Private Vaults Being Kept from Public. Why One Critical Second Can Wreak Havoc on the Internet. HBO Max will begin streaming 'Game of Thrones' in 4K HDR next month. Ultiworld on Twitter: "Marques Brownlee (@MKBHD) with the MASSIVE sky for @PrideofNY at the World Ultimate Club Championships" NASA on Twitter: "We celebrate the life of Nichelle Nichols, Star Trek actor, trailblazer, and role model, who symbolized to so many what was possible." Host: Leo Laporte Guests: Jason Snell, Shoshana Weissmann, and Dan Patterson Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit Melissa.com/twit kolide.com/twit go.newtek.com/twit-tv

Geek News Central
Discovery of new UEFI Rootkit is bad news! #1614

Geek News Central

Play Episode Listen Later Jul 29, 2022 55:58


The UEFI Rootkit that has been discovered has been in the wild since 2016, with it only now being discovered is an absolute disaster primarily at this point for Windows users! How something so sinister can go undetected for this long is a tragedy. We had some boosts to the show from the fountain podcast app thank you to those early adopters. The post Discovery of new UEFI Rootkit is bad news! #1614 appeared first on Geek News Central.

Paul's Security Weekly TV
FreeBSD, Steam Decks, Ancient Computers, UEFI Rootkits, & Office Macro Saga Continues - PSW #749

Paul's Security Weekly TV

Play Episode Listen Later Jul 29, 2022 128:55


In the Security News FreeBSD and the software supply chain, open-source implies that its open, hardcoded passwords are always bad, on-again, off-again, on-again, privilege escelation defined, preparing for quantum, so many vulnerabilities, CosmicStrand another UEFI firmware rootkit, & reviving ancient computers!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw749

All TWiT.tv Shows (MP3)
This Week in Google 674: Happy Leap Schmear

All TWiT.tv Shows (MP3)

Play Episode Listen Later Jul 28, 2022 145:05 Very Popular


Alphabet misses on earnings and revenue for second quarter. Google earnings signal company weathering slowdown better than expected. Mark Zuckerberg braces Meta employees for 'intense period'. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Introducing Home and Feeds on Facebook. Zuck Turns Up the Heat. Sunset of the social network. @elonmusk: The media is a click-seeking machine dressed up as a truth-seeking machine. Inside TikTok's Attempts to 'Downplay the China Association'. Google Fires Blake Lemoine, Engineer Who Called Its AI Sentient. Google, like Amazon, will let police see your video without a warrant. TikTok's Pink Sauce chef defends her viral condiment. Today's TikTok culinary horror: pizza sacrilege. Why Does the Prison-Life Content on TikTok Feel So Familiar? A Fond Farewell to the Chaotic Italian Sandwich Man of TikTok. Google is adding Flyover-like aerial views to Maps. Google Photos website starts showing the backup quality of every image. Google Play gets a new logo for its 10-year anniversary. Hangouts on Air is back as Google Meet brings YouTube livestreaming to free Gmail. Pixel's At a Glance widget starts showing Air Quality (AQI) alerts. Google Drive, Docs, and other Workspace apps getting optimized for Android tablets. Chromecast with Google TV finally supports streaming live video from new Nest Cams, Doorbell. Chromebooks are getting a new, more advanced Google Photos movie editor. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing. The drive to save Choco Taco. Chess robot grabs and breaks finger of a seven-year-old opponent. Russia to drop out of International Space Station after 2024. Why One Critical Second Can Wreak Havoc on the Internet. How to Use BeReal, the 'Unfiltered' Social Media App. Why Big Tech Is Making a Big Play for Live Sports. Why Amazon is buying a little-known medical provider for $3.9 billion. Frankfurt airport boss blames travel chaos on black suitcases. Picks: Stacey - @secengineer on TikTok. Jeff - @jeffjarvis: Well, damn, now I'm crying all over again. Newport put up two high-quality and complete videos from @jonimitchell's set. Ant - Mac Arnold's 80th birthday celebrated with blues jam. Hosts: Leo Laporte, Jeff Jarvis, Stacey Higginbotham, and Ant Pruitt Download or subscribe to this show at https://twit.tv/shows/this-week-in-google. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: ClickUp.com use code TWIG

This Week in Google (MP3)
TWiG 674: Happy Leap Schmear - Tech earnings tanked, Instagram changes, TikTok in China, leap second

This Week in Google (MP3)

Play Episode Listen Later Jul 28, 2022 145:05 Very Popular


Alphabet misses on earnings and revenue for second quarter. Google earnings signal company weathering slowdown better than expected. Mark Zuckerberg braces Meta employees for 'intense period'. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Introducing Home and Feeds on Facebook. Zuck Turns Up the Heat. Sunset of the social network. @elonmusk: The media is a click-seeking machine dressed up as a truth-seeking machine. Inside TikTok's Attempts to 'Downplay the China Association'. Google Fires Blake Lemoine, Engineer Who Called Its AI Sentient. Google, like Amazon, will let police see your video without a warrant. TikTok's Pink Sauce chef defends her viral condiment. Today's TikTok culinary horror: pizza sacrilege. Why Does the Prison-Life Content on TikTok Feel So Familiar? A Fond Farewell to the Chaotic Italian Sandwich Man of TikTok. Google is adding Flyover-like aerial views to Maps. Google Photos website starts showing the backup quality of every image. Google Play gets a new logo for its 10-year anniversary. Hangouts on Air is back as Google Meet brings YouTube livestreaming to free Gmail. Pixel's At a Glance widget starts showing Air Quality (AQI) alerts. Google Drive, Docs, and other Workspace apps getting optimized for Android tablets. Chromecast with Google TV finally supports streaming live video from new Nest Cams, Doorbell. Chromebooks are getting a new, more advanced Google Photos movie editor. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing. The drive to save Choco Taco. Chess robot grabs and breaks finger of a seven-year-old opponent. Russia to drop out of International Space Station after 2024. Why One Critical Second Can Wreak Havoc on the Internet. How to Use BeReal, the 'Unfiltered' Social Media App. Why Big Tech Is Making a Big Play for Live Sports. Why Amazon is buying a little-known medical provider for $3.9 billion. Frankfurt airport boss blames travel chaos on black suitcases. Picks: Stacey - @secengineer on TikTok. Jeff - @jeffjarvis: Well, damn, now I'm crying all over again. Newport put up two high-quality and complete videos from @jonimitchell's set. Ant - Mac Arnold's 80th birthday celebrated with blues jam. Hosts: Leo Laporte, Jeff Jarvis, Stacey Higginbotham, and Ant Pruitt Download or subscribe to this show at https://twit.tv/shows/this-week-in-google. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: ClickUp.com use code TWIG

Paul's Security Weekly
PSW #749 - Larry Pesce

Paul's Security Weekly

Play Episode Listen Later Jul 28, 2022 183:32


We've heard about the recent abuses for Apple's AirTags used in tracking and stalking issues in recent months. While tools exist for detection under the Apple ecosystem, limited options exist for Android and none under Linux. We'll explore the AirTag beacons and showcase some tools for detecting beacons and creating our own for testing under Linux. We'll also show some ways to take our methods even further as an exercise left unto the reader.   In the Security News FreeBSD and the software supply chain, open-source implies that its open, hardcoded passwords are always bad, on-again, off-again, on-again, privilege escelation defined, preparing for quantum, so many vulnerabilities, CosmicStrand another UEFI firmware rootkit, & reviving ancient computers!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/psw749

Radio Leo (Audio)
This Week in Google 674: Happy Leap Schmear

Radio Leo (Audio)

Play Episode Listen Later Jul 28, 2022 145:05


Alphabet misses on earnings and revenue for second quarter. Google earnings signal company weathering slowdown better than expected. Mark Zuckerberg braces Meta employees for 'intense period'. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Introducing Home and Feeds on Facebook. Zuck Turns Up the Heat. Sunset of the social network. @elonmusk: The media is a click-seeking machine dressed up as a truth-seeking machine. Inside TikTok's Attempts to 'Downplay the China Association'. Google Fires Blake Lemoine, Engineer Who Called Its AI Sentient. Google, like Amazon, will let police see your video without a warrant. TikTok's Pink Sauce chef defends her viral condiment. Today's TikTok culinary horror: pizza sacrilege. Why Does the Prison-Life Content on TikTok Feel So Familiar? A Fond Farewell to the Chaotic Italian Sandwich Man of TikTok. Google is adding Flyover-like aerial views to Maps. Google Photos website starts showing the backup quality of every image. Google Play gets a new logo for its 10-year anniversary. Hangouts on Air is back as Google Meet brings YouTube livestreaming to free Gmail. Pixel's At a Glance widget starts showing Air Quality (AQI) alerts. Google Drive, Docs, and other Workspace apps getting optimized for Android tablets. Chromecast with Google TV finally supports streaming live video from new Nest Cams, Doorbell. Chromebooks are getting a new, more advanced Google Photos movie editor. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing. The drive to save Choco Taco. Chess robot grabs and breaks finger of a seven-year-old opponent. Russia to drop out of International Space Station after 2024. Why One Critical Second Can Wreak Havoc on the Internet. How to Use BeReal, the 'Unfiltered' Social Media App. Why Big Tech Is Making a Big Play for Live Sports. Why Amazon is buying a little-known medical provider for $3.9 billion. Frankfurt airport boss blames travel chaos on black suitcases. Picks: Stacey - @secengineer on TikTok. Jeff - @jeffjarvis: Well, damn, now I'm crying all over again. Newport put up two high-quality and complete videos from @jonimitchell's set. Ant - Mac Arnold's 80th birthday celebrated with blues jam. Hosts: Leo Laporte, Jeff Jarvis, Stacey Higginbotham, and Ant Pruitt Download or subscribe to this show at https://twit.tv/shows/this-week-in-google. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: ClickUp.com use code TWIG

This Week in Google (Video HI)
TWiG 674: Happy Leap Schmear - Tech earnings tanked, Instagram changes, TikTok in China, leap second

This Week in Google (Video HI)

Play Episode Listen Later Jul 28, 2022 145:46


Alphabet misses on earnings and revenue for second quarter. Google earnings signal company weathering slowdown better than expected. Mark Zuckerberg braces Meta employees for 'intense period'. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Introducing Home and Feeds on Facebook. Zuck Turns Up the Heat. Sunset of the social network. @elonmusk: The media is a click-seeking machine dressed up as a truth-seeking machine. Inside TikTok's Attempts to 'Downplay the China Association'. Google Fires Blake Lemoine, Engineer Who Called Its AI Sentient. Google, like Amazon, will let police see your video without a warrant. TikTok's Pink Sauce chef defends her viral condiment. Today's TikTok culinary horror: pizza sacrilege. Why Does the Prison-Life Content on TikTok Feel So Familiar? A Fond Farewell to the Chaotic Italian Sandwich Man of TikTok. Google is adding Flyover-like aerial views to Maps. Google Photos website starts showing the backup quality of every image. Google Play gets a new logo for its 10-year anniversary. Hangouts on Air is back as Google Meet brings YouTube livestreaming to free Gmail. Pixel's At a Glance widget starts showing Air Quality (AQI) alerts. Google Drive, Docs, and other Workspace apps getting optimized for Android tablets. Chromecast with Google TV finally supports streaming live video from new Nest Cams, Doorbell. Chromebooks are getting a new, more advanced Google Photos movie editor. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing. The drive to save Choco Taco. Chess robot grabs and breaks finger of a seven-year-old opponent. Russia to drop out of International Space Station after 2024. Why One Critical Second Can Wreak Havoc on the Internet. How to Use BeReal, the 'Unfiltered' Social Media App. Why Big Tech Is Making a Big Play for Live Sports. Why Amazon is buying a little-known medical provider for $3.9 billion. Frankfurt airport boss blames travel chaos on black suitcases. Picks: Stacey - @secengineer on TikTok. Jeff - @jeffjarvis: Well, damn, now I'm crying all over again. Newport put up two high-quality and complete videos from @jonimitchell's set. Ant - Mac Arnold's 80th birthday celebrated with blues jam. Hosts: Leo Laporte, Jeff Jarvis, Stacey Higginbotham, and Ant Pruitt Download or subscribe to this show at https://twit.tv/shows/this-week-in-google. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: ClickUp.com use code TWIG

All TWiT.tv Shows (Video LO)
This Week in Google 674: Happy Leap Schmear

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Jul 28, 2022 145:46


Alphabet misses on earnings and revenue for second quarter. Google earnings signal company weathering slowdown better than expected. Mark Zuckerberg braces Meta employees for 'intense period'. Instagram Admits It's 'Not Good' After Kardashians Beg It to Stop Copying TikTok. Introducing Home and Feeds on Facebook. Zuck Turns Up the Heat. Sunset of the social network. @elonmusk: The media is a click-seeking machine dressed up as a truth-seeking machine. Inside TikTok's Attempts to 'Downplay the China Association'. Google Fires Blake Lemoine, Engineer Who Called Its AI Sentient. Google, like Amazon, will let police see your video without a warrant. TikTok's Pink Sauce chef defends her viral condiment. Today's TikTok culinary horror: pizza sacrilege. Why Does the Prison-Life Content on TikTok Feel So Familiar? A Fond Farewell to the Chaotic Italian Sandwich Man of TikTok. Google is adding Flyover-like aerial views to Maps. Google Photos website starts showing the backup quality of every image. Google Play gets a new logo for its 10-year anniversary. Hangouts on Air is back as Google Meet brings YouTube livestreaming to free Gmail. Pixel's At a Glance widget starts showing Air Quality (AQI) alerts. Google Drive, Docs, and other Workspace apps getting optimized for Android tablets. Chromecast with Google TV finally supports streaming live video from new Nest Cams, Doorbell. Chromebooks are getting a new, more advanced Google Photos movie editor. Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us. Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing. The drive to save Choco Taco. Chess robot grabs and breaks finger of a seven-year-old opponent. Russia to drop out of International Space Station after 2024. Why One Critical Second Can Wreak Havoc on the Internet. How to Use BeReal, the 'Unfiltered' Social Media App. Why Big Tech Is Making a Big Play for Live Sports. Why Amazon is buying a little-known medical provider for $3.9 billion. Frankfurt airport boss blames travel chaos on black suitcases. Picks: Stacey - @secengineer on TikTok. Jeff - @jeffjarvis: Well, damn, now I'm crying all over again. Newport put up two high-quality and complete videos from @jonimitchell's set. Ant - Mac Arnold's 80th birthday celebrated with blues jam. Hosts: Leo Laporte, Jeff Jarvis, Stacey Higginbotham, and Ant Pruitt Download or subscribe to this show at https://twit.tv/shows/this-week-in-google. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: ClickUp.com use code TWIG

Risky Business
Risky Business #673 -- When throwing computers into a woodchipper is standard IR

Risky Business

Play Episode Listen Later Jul 27, 2022 Very Popular


On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Why Entrust being ransomwared is good news UEFI bootkits turn hardware into landfill Microsoft resumes macro blocking rollout Pat and Adam talk about why plugging your IDP into legacy apps is a dreadful idea Much, much more This week's sponsor guest is Paul “The Voice” Lanzi of Remediant. He's popping along to talk about the emergence of a new product category – Identity Threat Detection and Response, or ITDR. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Italy investigating ransomware attack on tax agency - The Record by Recorded Future IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future Microsoft resuming default block of Office VBA macros - The Record by Recorded Future Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health Congress goes after spyware purveyors. Will it make a difference? Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED Federal privacy legislation progresses, but concerns about data brokers loom China cybersecurity agency fines ride-hailing giant Didi $1.2 billion for data issues - The Record by Recorded Future T-Mobile reaches historic $350 million settlement in 2021 data breach - The Record by Recorded Future Former Coinbase Manager Arrested by Feds for Alleged Insider Trading Cisco patches dangerous bug trio in Nexus Dashboard | The Daily Swig Atlassian patches batch of critical vulnerabilities across multiple products | The Daily Swig Hardcoded password in Confluence app has been leaked on Twitter | Ars Technica

Techmeme Ride Home
Wed. 07/27 – Inflation Hits The Metaverse

Techmeme Ride Home

Play Episode Listen Later Jul 27, 2022 16:37 Very Popular


I'll wrap up the earnings from Microsoft, Alphabet, Spotify and Shopify. Proof that the cost of a data breach for companies is skyrocketing. What ever happened to the legislative crackdown on Big Tech? Inflation comes to the Metaverse as Meta is jacking up the prices on Quest headsets. And a big update to Google Maps.Sponsors:Storyblok.com/ridehomeLinks:Techmeme headlines from this morning running down earnings (Techmeme, 8:25am eastern today)IBM Security report finds data breaches are costlier than ever before (SiliconAngle)Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us (ArsTechnica)Senate's Antitrust Crackdown Sputters as Schumer Signals Doubts (Bloomberg)Quest 2 Price Jumps To $399 As Meta Costs Rise (UploadVR)Google Maps rolls out location sharing notifications, immersive views and better bike navigation (TechCrunch)See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Paul's Security Weekly
SWN #226 - Costa Rica, UEFI, LinkedIn, Ducktail, Tmobile, Prestashop, aNews & David Monnier

Paul's Security Weekly

Play Episode Listen Later Jul 27, 2022 32:27


Killer Robots, UEFI, LinkedIn, Ducktail, Costa Rica, Tmobile, Prestashop, we also have a special guest, David Monnier from Team Cymru.   Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/swn226

The CyberWire
LockBit gets an upgrade. CosmicStrand UEFI firmware rootkit. Treating thieves like white hats? Most-impersonated brands. AV-Test's Twitter account is hijacked. The cyber phase of a hybrid war.

The CyberWire

Play Episode Listen Later Jul 26, 2022 27:01 Very Popular


LockBit gets an upgrade. CosmicStrand firmware rootkit is out in a new and improved version. Are thieves being treated like white hats? AV-Test's Twitter account is hijacked. Joe Carrigan considers the mental health effects of the online scam economy. Mr. Security Answer Person John Pescatore ponders the cybersecurity talent gap. And ongoing speculation on the cyber phase of the hybrid war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/138 Selected reading. LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities (Trend Micro) CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit (Securelist) Crypto Firms Make Thieving Hackers an Offer: Keep a Little, Give Back the Rest (Wall Street Journal) Phishers' Favorites Top 25, H1 2022: Microsoft Is the Most Impersonated Brand in Phishing Attacks (Vade Secure) Testing times for AV-Test as Twitter account hijacked by NFT spammers (Graham Cluley) Ukraine fall-out and new ransomware tactics elevate cyber risks (Strategic Risk Europe) Ed's note: The Ukrainian-Russian cyber war no one speaks about (Smart Energy)

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

PowerShell Script with Fileless Capability https://isc.sans.edu/diary/PowerShell+Script+with+Fileless+Capability/28878 With Management Comes Risk: Finding Flaws in Filewave MDM https://claroty.com/2022/07/25/blog-research-with-management-comes-risk-finding-flaws-in-filewave-mdm/ CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/

InfoSec Overnights - Daily Security News
Entrust Breached, UEFI Rootkit, Racoon Get Buff, and more.

InfoSec Overnights - Daily Security News

Play Episode Listen Later Jul 25, 2022 3:06


A daily look at the relevant information security news from overnight - 25 July, 2022Episode 272 - 25 July 2022Entrust Breached- https://www.bleepingcomputer.com/news/security/digital-security-giant-entrust-breached-by-ransomware-gang/UEFI Rootkit - https://thehackernews.com/2022/07/experts-uncover-new-cosmicstrand-uefi.htmlUrgent SonicWall Patch - https://www.securityweek.com/sonicwall-warns-critical-gms-sql-injection-vulnerabilityCisco Nexus Patches Three- https://portswigger.net/daily-swig/cisco-patches-dangerous-bug-trio-in-nexus-dashboard Racoon Gets Buff - https://thehackernews.com/2022/07/racoon-stealer-is-back-how-to-protect.htmlHi, I'm Paul Torgersen. It's Monday July 25th, 2022, this is a look at the information security news from overnight. From BleepingComputer.com:Identity and access management company Entrust has confirmed that it was the victim of a cyberattack. Threat actors were able to breach their network and steal data from internal systems. The company says they have found no indication that the breach has impacted their operation or their products and services. No word on malware strain or threat actor involved. More to come I'm sure. From TheHackerNews.com:An unknown Chinese-speaking threat actor has been attributed with a new kind of UEFI firmware rootkit called CosmicStrand. The rootkit is located in the firmware images of Gigabyte or ASUS motherboards, and are related to designs using the H81 chipset. Victims identified so far are just individuals in China, Vietnam, Iran and Russia, with no discernable ties to business or government agencies. A link to the Kaspersky research in the article. From SecurityWeek.com:SonicWall has issued urgent patches for a critical flaw in its Global Management System software, warning that the issue exposes businesses to remote attacks. The 9.4 severity flaw provides a pathway for a remote attacker to execute arbitrary SQL queries in the database. The vulnerability exists due to insufficient sanitization of user-supplied data. From PortSwigger.net:Serious vulnerabilities in Cisco Nexus Dashboard give attackers a viable path to executing arbitrary commands as root, uploading container image files, or performing cross-site request forgery attacks. Cisco has issued patches for the three bugs, one of them carrying a 9.8 severity rating. The company said it was not aware of any of these bugs being exploited in-the-wild. Get your patch on kids. And last, from TheHackerNews.com:The new and vastly improved version of Raccoon Stealer has hit the scene. Not only can it steal browser passwords, cookies, and auto-fill data, it can now also steal credit card numbers, cryptocurrency and crypto wallets, harvest file data, drop files onto the system, list apps installed on the machine, and take screenshots. Fortunately, just like with the real world rodents, basic precautions should keep the varmint at bay: beware of spoofed messages and don't click any links you didn't know were specifically coming. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

Technado from ITProTV (Audio)
Technado, Ep. 265: MFA Phishing Attack

Technado from ITProTV (Audio)

Play Episode Listen Later Jul 21, 2022 47:47


The Technado team was back together in the studio this week to discuss the new Intel Core i9-12900K benchmarks, Microsoft's shift in Windows development cycles, Unbreakable Oracle Linux 9's Btrfs support, Lenovo patching UEFI code execution vulnerabilities, and a phishing campaign that can get around MFA. Finally, the team talked about CIA hacker Joshua Shulte's conviction and how it compared to the Edward Snowden leak.

Technado from ITProTV
Technado, Ep. 265: MFA Phishing Attack

Technado from ITProTV

Play Episode Listen Later Jul 21, 2022 47:47


The Technado team was back together in the studio this week to discuss the new Intel Core i9-12900K benchmarks, Microsoft's shift in Windows development cycles, Unbreakable Oracle Linux 9's Btrfs support, Lenovo patching UEFI code execution vulnerabilities, and a phishing campaign that can get around MFA. Finally, the team talked about CIA hacker Joshua Shulte's conviction and how it compared to the Edward Snowden leak.

Late Night Linux All Episodes
Late Night Linux – Episode 186

Late Night Linux All Episodes

Play Episode Listen Later Jul 18, 2022 29:31 Very Popular


Thinkpads that won't boot Linux by default, Lennart moves to Microsoft, the Firefox Snap is finally a lot faster, Reddit shows its true colours, KDE Korner, and more.   News London Meetup 5th August near The Eye Lenovo Secured-core PC unable to boot Linux from a USB stick Responsible stewardship of the UEFI secure boot... Read More

Late Night Linux
Late Night Linux – Episode 186

Late Night Linux

Play Episode Listen Later Jul 18, 2022 29:31 Very Popular


Thinkpads that won't boot Linux by default, Lennart moves to Microsoft, the Firefox Snap is finally a lot faster, Reddit shows its true colours, KDE Korner, and more.   News London Meetup 5th August near The Eye Lenovo Secured-core PC unable to boot Linux from a USB stick Responsible stewardship of the UEFI secure boot... Read More