Winamp Logo
Unsupervised Learning Cover
Unsupervised Learning Profile

Unsupervised Learning

English, Technology, 1 season, 482 episodes, 10 hours, 21 minutes
About
Security, Tech, and Society in 10 Minutes A weekly 10-minute update on the most critical stories in cybersecurity, technology, and society. Includes analysis, original ideas, and the best links from around the web.Part of the NEWS, ANALYSIS & DISCOVERY SERIES. Additional standalone episodes include: Conversations with one or more guests around a particular idea in the IDEA SERIES. Interviews with special guests to talk about a particular idea or topic, part of the INTERVIEW SERIES. Short, informative conversations with company founders about their products and approaches, in the SPONSORED INTERVIEW SERIES. Part of Unsupervised Learning, which you can learn more about at https://danielmiessler.com/newsletter.
Episode Artwork

UL NO. 454: The First AI Breaches

AI Avatar Breaches, Gullibility is Vulnerability: Conspiracy is Threat, Caldera's New Plugin, and more... Try Out the ThreatLocker to take your security to the next level: https://www.threatlocker.com/ul Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/18/202435 minutes, 1 second
Episode Artwork

How My Projects Fit Together (Substrate, Fabric, Telos, Daemon, and Human 3.0)

This episode, "How My Projects Fit Together," is a follow-up to a previous post called "What I Am Doing & How It's Going". Here, Daniel Miessler addresses the most commonly asked questions: "I see all your projects, but what are they? How are they related?" He takes an individual look at his various projects (Substrate, Fabric, Telos, Daemon, and Human 3.0) and then how they work together to tackle big issues such as the lack of purpose and meaning in people's lives, preparing people for the impact of AI in society, and the need for holistic human development. For all the projects’ links,visit: https://danielmiessler.com/p/how-my-projects-fit-together - Intro (00:00:00)- Identifying Major Problems (00:00:47)- Lack of Purpose and Meaning (00:01:50)- Impact of AI on Society (00:01:50)- Training for Full-Spectrum Individuals (00:03:02)- Security as a Core Focus (00:03:02)- Helios: Attack Surface Monitoring (00:04:11)- Daemon: Security Program Management (00:05:16)- Substrate: Enhancing Human Understanding (00:06:21)- Argument Components in Substrate (00:07:35)- AI and Argument Detection (00:10:59)- Fabric: Augmenting Humans with AI (00:15:26)- Fabric Patterns for Problem Solving (00:16:31)- Fabric Overview (00:19:36)- Telos Introduction (00:20:50)- Articulating the Mission (00:21:50)- Telos File Example (00:22:53)- Managing Personal Life with Telos (00:23:57)- AI and Purpose (00:26:10)- Daemon Introduction (00:28:21)- API Concept in Daily Life (00:29:28)- Digital Assistants and APIs (00:31:40)- Human Connection through Sharing (00:37:52)- Daemon Personal API Broadcast (00:39:53)- Human 30 Introduction (00:43:07)- Human 30 Philosophy (00:45:22)- Impact of AI on Work (00:48:47)- Human 30 Platform Overview (00:51:00)- Summary of Projects (00:54:03)- Vision of Future AI Integration (00:56:21)- Encouragement for Clarity and Purpose (00:57:39)- Encouragement for Purpose (00:59:47)- Articulating Your Work (01:00:46)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/15/20241 hour, 1 minute, 26 seconds
Episode Artwork

Human 3.0—The Skills & Mental Frames Required To Thrive In An AI World

Human 3.0 is here. In this conference for the United Nations, Daniel Miessler introduces the topic of Human 3.0 philosophy and the skills and mental frameworks needed to thrive in an AI-driven world.  Learn about: - The future of work and the human 3.0 economy. - How AI will revolutionize startups and entrepreneurship. - How one-person billion-dollar companies are becoming a reality. - Creative expression and AI. - The importance of personal visibility and authenticity. - How to survive and thrive in today's rapidly evolving technological landscape. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/9/202430 minutes, 3 seconds
Episode Artwork

UL NO. 452: The New Hotness: NotebookLM

China prepping for kinetic using cyber?, Automatic podcast creation using NotebookLM, VM + AI, and more... Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/7/202450 minutes, 13 seconds
Episode Artwork

NotebookLM Podcast: David Deutsch, Understanding, and AI

This is a NotebookLM podcast based on a long conversation I had with my AI, DARSA, on the topic of whether AIs truly understand things and/or are capable of creativity.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/2/202412 minutes, 49 seconds
Episode Artwork

Venture Capitalists Favor Risk-Takers: The Rise of Self-Made Billionaires and Tech Innovators

Venture capitalists aren't looking for nice founders; they want risk-takers. Nate Silver highlights that 70% of the billionaires on the 2023 Forbes 400 list are self-made, often coming from modest backgrounds. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/28/20245 minutes, 2 seconds
Episode Artwork

AI Comedians by 2026? The Future of Comedy and the Turing Test for Laughter

Comedians are increasingly using AI to help write jokes and brainstorm ideas, with mixed results. I think this is similar to the Turing Test in terms of the importance of AI progress. If AI can write a full set of comedy and make humans laugh, that’s f*cking huge. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/27/20244 minutes, 16 seconds
Episode Artwork

The Alarming Power of Deepfakes

Trump shared a fake image of Harris speaking at a Communist event. This one looks fairly fake, but 1) lots of people will still believe it’s real, and 2) current tech can already make more believable ones.  Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/26/20246 minutes, 8 seconds
Episode Artwork

UL NO. 451: Altman Says ASI in "Thousands of Days"

A new Fabric web app called FabricUI!, Many AI Eyes, PagerAttack Analysis, a new Ripgrep, and more... Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/26/202431 minutes, 24 seconds
Episode Artwork

Russia Is Paying Right Wing Influencers?

A whole bunch of right-wing influencers received millions from Russia in return for promoting pro-Russian talking points. Hilarious to me since their whole narrative is to be skeptical and discerning. Except when it comes to obvious Russian propaganda. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/25/20247 minutes, 27 seconds
Episode Artwork

This Is The Future Career For Creators - Virtual Realities, Economies, and Meaning

The more I think about it, the more I think a major career for creators going forward will be building entire realities for people to live inside of. So think post-AG/SI and post UBI, and where games are extraordinarily immersive. I think there will be a huge market for creative people building the story lines and stat systems and look and feel of entire worlds that people will live inside of for a period of years at a time. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/24/20248 minutes, 36 seconds
Episode Artwork

My First Thoughts on New OpenAI Strawberry Model ( OpenAI o1-preview)

Here are my first thoughts after using OpenAI's New Strawberry Model for a couple of hours Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/19/202422 minutes, 2 seconds
Episode Artwork

UL NO. 450: Thoughts on o1-preview and the Path to AGI

80% Chinese Cranes, Drones vs. Abrahams, a RAG kickstart, a Canary-based Security Maturity Model, and more... Check out Wiz for a Free Could Security Scan:https://www.wiz.io/ul Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/17/202424 minutes, 17 seconds
Episode Artwork

A Conversation with Shiladitya Sircar from BlackBerry on DeepFake Threats

In this conversation, I speak with Shiladitya Sircar, Senior VP of Product Engineering and Data Science at BlackBerry. We talk about: The Rise of Deepfakes and Cyber ThreatsInnovation Meets Malicious Intent: Deepfakes are not just a tech novelty; they’re a growing threat. From text-based phishing to hyper-realistic fake videos and audio, the landscape of cyber threats is evolving rapidly. Deepfake technology can clone voices, making it easier for cybercriminals to impersonate individuals and bypass security measures. Understanding Identity CompromiseVoice Cloning Dangers: Our brains are wired to trust familiar voices, making voice cloning particularly insidious. We share a chilling story about a cybercriminal impersonating Ferrari’s CEO. The attacker’s deepfake was so convincing that it almost led to a major scam. The Impact on TrustEroding Trust in Systems: Deepfakes can undermine trust in institutions and systems, much like traditional scams but with a high-tech twist. Beyond individual attacks, deepfakes can manipulate public opinion and even influence elections. Organizations need to train employees to spot deepfakes, and there’s a pressing need for laws that specifically address deepfakes and identity spoofing. And more Intro (00:00:00)Main Cyber Threats from Deepfakes (00:00:56)Identity Compromise Explained (00:02:47)Impact of Deepfakes on Trust (00:06:23)Deepfakes in Attack Chains (00:08:15)Case Studies of Deepfake Attacks (00:09:41)Emerging Threat Landscape (00:13:56)Defending Against Deepfake Attacks (00:15:07)Regulatory Frameworks Needed (00:16:28)The Role of Education and Technology (00:18:57)Future of Content Authenticity (00:20:53)Legislation and Authenticity Mechanisms (00:22:04)Real-Time Deepfake Validation (00:23:18)Government and Industry Partnership (00:24:07)Media Forensic Research (00:24:23)Zero Knowledge Proofs (00:25:36)Content Provenance and Authenticity (00:26:52)Trust Network Expansion (00:28:00)Puppeteering Technology (00:29:20)Stream Authentication Challenges (00:30:21)Hardware-Level Trust (00:32:00)Fragmentation in Standards (00:32:29)Trust in Communication Protocols (00:33:51)Collaboration for Solutions (00:35:22)Apple's Unique Position (00:36:47)Erosion of Trust (00:37:31)AI Agents for Detection (00:38:11)Short-term and Long-term Solutions (00:38:45)Awareness and Education (00:41:23)Predictions for Deepfake Technology (00:41:48)Community Action Against Deepfakes (00:43:09)Learning More About BlackBerry's Work (00:43:29)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/17/202444 minutes, 44 seconds
Episode Artwork

UL NO. 449: China Hits US ISPs, NIST CSF 2.0, Russian Intel Attacks, Stagnant Companies...

Life changing books, defining your core problems, the Apple updates, and much more... ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/16/202454 minutes, 16 seconds
Episode Artwork

North Korea Strategy to “Infiltrate” Foreign Companies

KnowBe4 accidentally hired a North Korean state actor who tried to install info-stealing malware on their devices. They caught it in time, but it shows how good North Korean hackers are at pretending to be IT staff. | Bill Toulas | MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/10/20243 minutes, 4 seconds
Episode Artwork

How To Find Great People to Work With - UBI & Talent Distribution

This reminds me of a very similar lesson I learned when hiring in cybersecurity over 20 years: exposing people to training and encouragement makes the stars stand out, but it doesn’t turn everyone into stars. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/8/20249 minutes, 31 seconds
Episode Artwork

Ambition & UBI - Why People Are Working Less

The idea that Universal Basic Income (UBI) reduces the need to work isn't new, but recent studies show it doesn't lead to better jobs or more education. Instead, people just work less. | by Alex Howlett | MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/6/20247 minutes, 21 seconds
Episode Artwork

UL NO. 448: TSA SQLi, NYT Github, NK RPM, NVIDIA Mystery...

Becoming Attention, Weighting on OpenAI, Ozempic and Aging?, and more... ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/6/202422 minutes, 19 seconds
Episode Artwork

UL Google Current State A Waste of Money & Talent

Google is slowly getting rid of all the best things it has. The main thing Google is growing is its graveyard. Such a colossal waste of money and talent. Their failures should be studied for centuries as an example of what happens when you don’t lead with UX-focused product management, rather than “throw shit at wall”-focused engineering. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/4/20242 minutes, 53 seconds
Episode Artwork

How China is Winning The Energy War

China is installing record amounts of solar and wind energy, adding 10 gigawatts of wind and solar capacity every two weeks, which is like building five large nuclear power plants weekly. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/2/20242 minutes, 16 seconds
Episode Artwork

AI The Creative Workflow & The Dangers of Groupthink

A new study shows that while generative AI like ChatGPT makes individual stories more creative and engaging, it also makes them more similar to each other. | by Ben Dickson | MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/31/20245 minutes, 38 seconds
Episode Artwork

UL NO. 447: Sam Curry on Bug Bounty Careers, Slack Data Exfil, The Work Lie

Stopping Chinese AI/Robot imports, Substrate for political platforms, sun vs. smoking, and more... Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/31/202432 minutes, 34 seconds
Episode Artwork

Don’t Judge Yourself Based On What Companies Think of Your Skills

I watched a number of videos last night about people losing their jobs, starting a YouTube channel, and just generally struggling. People are hurting because they’re feeling the ground shifting under their feet and it’s not clear if it’s their fault, what’s going on, or what to do about it. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/29/20244 minutes, 32 seconds
Episode Artwork

Microsoft Fires DEI Team & The Correct Approach To Diversity

Microsoft Lays Off DEI Team — Microsoft laid off its diversity, equity, and inclusion team, saying DEI is "no longer business critical." MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/27/20242 minutes, 41 seconds
Episode Artwork

UL NO. 446: AI Ecosystem Components, MS 0-Days, Iranian Campaign Hacks…

Political deepfakes are here, Grok2 is insane, weakness vs. evil, and more…  Check out ThreatLocker to secure your data: threatlocker.com/ul Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/22/202442 minutes, 27 seconds
Episode Artwork

Introducing Substrate—An Open-source Framework for Human Understanding, Meaning, and Progress

This video introduces Substrate—An Open-source Framework for Human Understanding, Meaning, and Progress.  Substrate is a crowdsourced project designed to enhance understanding, communication, and action in order to move humanity forward. Read the Article:📃 https://danielmiessler.com/p/introducing-substrate TOPICS:Introduction to Substrate (00:00:00)Components of Substrate (00:01:18)GitHub Repository Overview (00:02:33)Purpose of Substrate (00:04:36)Argument Visualization Example (00:05:32)Graphical Representation of Arguments (00:07:55)Trust in Sources (00:09:56)Strengthening Discussions (00:10:57)Real-World Use Cases (00:11:54)Describing Yourself with Substrate (00:12:55)Learning About Others (00:14:54)Visualizing Arguments and Claims (00:15:51)Transparency in Evaluating Claims (00:17:59)The Tiny Teapot Claim (00:18:54)Substrate Plus AI (00:20:04)Automating Science Workflows (00:21:16)Monitoring Crime and Corruption (00:24:21)Leadership Accountability (00:29:49)Companies as Graphs of Algorithms (00:31:56)Future State Optimization (00:35:47)Understanding Security Assessment (00:36:41)Optimizing Processes with AI (00:37:46)The Purpose of Substrate (00:38:49)AI's Role in Substrate (00:39:56)Want to Be Involved? (00:39:56) REFERENCED RESOURCES: My 9,000-word Illustrated Essay on Where I Think AI is Heading🔥 https://danielmiessler.com/p/ai-predictable-path-7-components-2024 The Substrate Project:⚙️ https://github.com/human-substrate Follow on X:🆇 https://x.com/danielmiessler Subscribe to the newsletter at: ✉️ https://danielmiessler.com/subscribe Join the UL community at:🤝🏻https://danielmiessler.com/upgradeBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/9/202441 minutes, 37 seconds
Episode Artwork

UL NO. 444: Pizza Meter Intelligence, China Bypasses Bans, Securing AWS Secrets…

What to expect at Blackhat/DEFCON, Identifying Explosives, OpenAI's new models, Llama 4 Timeline, and more…  ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Discussed in this episode:Intro (00:00:00)OSINT and the Pizza Index (00:01:08)Agent Framework Development (00:02:12)State of Cybersecurity (00:04:08)Critical Security Vulnerabilities (00:05:27)Ransomware Trends (00:06:25)Data Breach Costs (00:07:29)AI Developments (00:08:40)California AI Regulation (00:09:42)OpenAI's GPT-4 Launch (00:11:01)Tech Company Updates (00:12:03)Shifts in Workforce Dynamics (00:13:07)Prisoner Swap News (00:17:06)Shark AI Model (00:18:03)Dementia Prevention Insights (00:19:03)Genetics of Self-Control (00:20:12)Name and Appearance Study (00:20:12)Alzheimer's Disease Research (00:20:12)Dungeons and Dragons Rulebooks (00:20:12)Novelists Writing Bug Reports (00:21:22)Recent UBI Study Analysis (00:21:22)Free-Range Kids Initiative (00:21:22)Discovery Farm Bot (00:22:13)Super Memory AI (00:22:13)Avi Shipman's AI Pendant (00:22:13)Installing Fabric (00:22:13)Fleet Open Source Tool (00:22:13)SOC2 Policy Templates (00:22:13)Clutch Security Platform (00:22:13)Black Hat Reminder (00:23:48)Aphorism of the Week (00:23:48)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/9/202424 minutes, 47 seconds
Episode Artwork

Scaling Misinformation With AI

Daniel Miessler discusses how AI can grow the number of elite propagandists and hackers employed by foreign intelligence agencies. Discussed in this video: AI-Enhanced Software and Disinformation (00:00:00)Russia utilizes AI software, Millio Radar, to create sophisticated fake personas for disinformation. Concerns About AI Sophistication (00:01:12)The increasing capabilities of AI could enable enemies to manipulate information on a massive scale. Shift from Block List to Allow List (00:02:30)The internet may need to transition to an allow list system to combat overwhelming disinformation. Risks for Ordinary Individuals (00:03:44)Regular users, especially the less tech-savvy, are at high risk of falling victim to manipulation online. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/7/20245 minutes, 47 seconds
Episode Artwork

UL NO. 443: North Korean Co-workers, UBI Failure?, AI-Groupthink, GPS Spoofing…

Switzerland goes open source, Google keeps cookies, DJI not cancelled, Alzheimer's spray, and more… ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Discussed in this episode: Intro (00:00:00)Job Loss and Career Change (00:01:42)Self-Worth in the Job Market (00:02:55)The Need for Kindness (00:03:54)North Korean Cybersecurity Threat (00:04:57)GPS Spoofing Risks (00:07:11)Malicious Acts Disrupting Transportation (00:08:10)Google's Cookie Policy Change (00:09:19)AI's Impact on the Job Market (00:10:30)Generative AI and Creativity (00:11:32)Concerns Over AI Influence (00:12:50)Switzerland's Open Source Law (00:15:08)Waymo vs. Tesla in Self-Driving (00:16:07)Hiring Practices in Tech Companies (00:17:07)Declining U.S. Birthrate (00:18:11)Universal Basic Income (00:18:11)Building a Star Team (00:19:48)Overcoming Disadvantages (00:23:06)Distribution of Talent (00:24:07)Southwest Airlines Policy Change (00:25:16)Economic Stress in America (00:26:32)Breakthroughs in Medicine (00:27:45)Conspiracy Theories in Politics (00:28:32)Humanizing Political Differences (00:30:00)Lessons from "The Righteous Mind" (00:31:16)The Importance of Empathy (00:32:17)  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/5/202433 minutes, 27 seconds
Episode Artwork

A Conversation with Christine Gadsby from BlackBerry

In this conversation, I speak with Christine Gadsby, Head of Product Security Operations Team at BlackBerry. We talk about: The Role of AI in Cybersecurity:  AI's real advancements, practical applications, and associated challenges, moving beyond the hype.  Enhancing Incident Response and Threat Hunting Christine highlights AI's significant impact on enhancing incident response and threat hunting, how AI quickly analyzes vast data to identify Indicators of Compromise (IoCs), automates routine tasks, and improves decision-making with actionable insights.  The Evolution of Blackberry in Cybersecurity Christine discusses Blackberry's shift from mobile devices to cybersecurity, emphasizing their focus on highly regulated environment and how the acquisition of Silence brought advanced AI capabilities, enhancing their security solutions.  Among other topics.  Intro (00:00:00)AI in Cybersecurity: Hype or Reality? (00:00:06)Incident Response and Threat Hunting (00:01:12)Automation in Security Programs (00:02:08)Industry-Specific AI Needs (00:03:20)AI's Role in Regulated Environments (00:04:23)Blackberry's AI Integration (00:04:50)Perceptions of Blackberry's Evolution (00:06:51)Trust in Vendor Relationships (00:09:11)AI's Potential in Monitoring (00:11:12)Challenges of Staffing in Cybersecurity (00:13:18)Staff Turnover in Cybersecurity (00:13:54)Burnout and Job Satisfaction (00:14:18)Hiring Challenges in Security (00:15:17)Confusion in Cyber Job Market (00:16:10)Job Changes Among Cyber Leaders (00:17:10)Outsourcing Security Functions (00:18:09)Pressure from Boards (00:18:57)Evolving Security Needs (00:19:40)Human Element in Cybersecurity (00:20:46)Talent Pipeline Issues (00:21:40)Challenges of Smaller Companies (00:22:32)Job Satisfaction and Workload (00:24:03)Pressure Cooker Environment (00:24:43)Crypto Attacks Resurgence (00:26:16)Crypto Mining Discussion (00:26:33)APT 32 Insights (00:27:22)Employee Training Importance (00:28:41)Indicators of Crypto Mining (00:29:45)Detection Challenges (00:30:30)Normal System Behavior (00:32:13)Looking Ahead to 2025 (00:32:44)*Supply Chain Pressures (00:35:08)Arms Race in Security (00:35:27)Liability Hot Potato (00:36:27)Managed Services Growth (00:36:44)Cyber Insurance Trends (00:37:52)CISO Evolution (00:39:10)The Importance of Trust in Supply Chain (00:39:56)Predictions for Cybersecurity Roles (00:40:46)Following Blackberry's Work (00:41:00)Networking and Future Conversations (00:41:05)Conclusion (00:41:37)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/5/202441 minutes, 43 seconds
Episode Artwork

UL NO. 442: Crowdstrike Analysis, Cannabis=Soma?, NK Github SE, AI Weaponry

Chinese Solar Builds, DOJ Domain Seizures, Scattered Spider Arrest, Kaiser AI, and more… ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Discussed in this episode:Intro (00:00:00)CrowdStrike Incident Discussion (00:01:49)Threat Actor and Social Engineering (00:03:49)AI Weapons for Ukraine (00:04:56)China's Energy Expansion (00:06:09)Foreign Influence and Disinformation (00:07:30)AI Race and China's Restrictions (00:08:33)Healthcare Innovations with AI (00:10:20)Nvidia's Potential Losses (00:11:19)Google's URL Shortening Service Shutdown (00:14:36)Tech Startup Challenges (00:14:36)Meta Analysis on Toothbrushing (00:16:43)Young Adulthood and Happiness Crisis (00:17:53)AI's Impact on Employment (00:19:08)The Impact of UBI on Ambition (00:20:11)The Nature of Ambition (00:21:18)Cultural Influence on Drive (00:23:14)Addressing Societal Issues (00:24:16)Mental Models for Success (00:24:16)Cannabis and Mediocrity (00:25:25)Conspiracy Culture Commentary (00:26:28)AI in Security (00:27:39)Silicon Valley Political Movements (00:27:39)Discovery Dilemma Tool (00:28:52)Emergency Preparedness (00:28:52)Constructive Political Conversations (00:29:48)Finding Common Ground (00:30:49)Wisdom in Silence (00:31:43)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
7/24/202432 minutes, 27 seconds
Episode Artwork

UL NO. 441: Substrate, OpenAIs AGI Levels, US Literacy Rates

HackerCamp Approaches, Introducing Substrate, Kaspersky--, Exim/Gitlab Vulns, Personal/Business Branding, and more… ➡ Check out the Autonomous IT Podcast:https://community.automox.com/autonomous-it-podcasts-144 Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one! Discussed on this episode: Intro (00:00:00)AGI Definitions (00:01:29)Pinnacle Human Employees (00:02:36)Transition to ASI (00:03:18)Dynamic Content Summaries (00:03:48)Deepfakes in Education (00:04:43)AI and Disinformation (00:09:04)Manipulation and Inequality (00:11:01)Internet Trust and Content Verification (00:11:01)Concerns Over AI's Impact on Society (00:12:09)OpenAI's AGI Levels (00:13:08)AI Startups and Future Predictions (00:15:24)Technological Innovations (00:16:24)Literacy Crisis in the U.S. (00:17:29)Public Reaction to Health Risks (00:18:35)Search for Extraterrestrial Life (00:19:19)Exoplanets and the Drake Equation (00:19:37)VCs in Medical Practices (00:19:57)Conspiracies and Failures (00:20:48)Therapy and Rumination (00:20:57)Discovery Fluff on Lambda (00:21:12)Securing Workflows with GitHub Actions (00:21:22)Employee Disposability (00:21:32)Correlation of Smoking and Lung Cancer (00:21:48)AI in Satellite Imagery (00:22:04)Git Commits Insights (00:22:49)Check on Friends (00:23:12)Judgment as a Key Skill (00:23:22)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
7/21/202424 minutes, 20 seconds
Episode Artwork

UL NO. 440: RAID (Real World AI Definitions)

Twillio API Dump, North Korea Russia, Funny AI Memes, and more… ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
7/11/202435 minutes, 46 seconds
Episode Artwork

UL NO. 439: Humans vs. AI in Prediction Markets

Project Metaculus, SSH and Juniper 0-Day, China v. Taiwan, R1 Leaks, and more… ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
7/4/202418 minutes, 10 seconds
Episode Artwork

UL NO. 438: Confusion is a Muse

Sonnet 3.5 Support in Fabric, CISA AI Tabletop exercise, Kaspersky ban, China Invasion Scenario, Langchain disilussionment, more… ➡ Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
6/27/202436 minutes, 34 seconds
Episode Artwork

UL NO. 437: My List of Hard-won Life Lessons

New AUGMENTED Course Date, 3 New Essays, Disgruntled deletions, Scale and Merit, Russia moves to Yuan, and more… ➡ Check out the Autonomous IT Podcast:https://community.automox.com/autonomous-it-podcasts-144 Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
6/21/202427 minutes, 39 seconds
Episode Artwork

UL NO. 436: Thoughts on the Future of AI & Societal Stability

When SuperIntelligence? Apple's WWDC updates, new Fabric pattern, GPT-4 Hacking Paper, China/Russia Using OpenAI for Misinformation, and more… ➡ Check out Kolide:kolide.com/unsupervisedlearning Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
6/14/202453 minutes, 31 seconds
Episode Artwork

A Conversation with with Abhishek Agrawal from Material Security

In this conversation, I speak with Abhishek Agrawal, co-founder and CEO of Material Security. We talk about: - Material's Security innovative approach to email security by not just preventing unauthorized access but also containing damage from potential breaches. -Abhishek's background in data infrastructure at Dropbox and how product mangers can become successful CEOs due to their cross-functional expertise.  - The need for customized security measures for different organizations, the role of AI in detecting email threats, the importance of single-tenant environments for sensitive customers and the potential risk of default settings in productivity suites like Google Workspace. Among other topics.  Abhishek's Background and Material Security (00:00:00)Email Security and Productivity Suite (00:01:01)Geographical Connection and Coffee Meetup (00:02:06)Product Managers as CEOs and Co-founders (00:02:59)Empowering Product Managers (00:05:01)Product Management and Marketing Importance (00:08:04)Email as a Content Repository (00:09:39)Securing Email Content (00:11:03)Data Protection for Email (00:12:10)Redacting and Canaries (00:12:57)Email Security vs. Data Security (00:14:53)Abuse Cases and Control Layers (00:17:32)Mailbox Compromise and Lateral Movement (00:17:39)Threat Scenario Analysis (00:20:15)Language Models for Detection (00:22:19)Optimism in AI Tools for Defense (00:24:34)Customized Detection Categories (00:25:52)Security Controls Trend (00:26:20)Security Concerns for Law Firms (00:27:07)Email Copy Distribution (00:27:24)API-Based Integration (00:29:08)Monitoring LM Functionality (00:30:42)Threat Intelligence and Detection (00:32:54)Product Design Philosophy (00:35:56)Data Protection (00:38:01)Flexibility in Deployment (00:39:26)Main Products (00:40:33)Posture Management (00:44:01)Broadening Product Coverage (00:48:49)Google Workspace Threat Detection (00:50:05)Challenges with CSP (00:51:13)Contextual Intelligence (00:52:02)Balancing Depth and Breadth (00:53:15)Learning about Material (00:53:40)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
6/7/202454 minutes, 12 seconds
Episode Artwork

UL NO. 435: Making New Things is Post-AI Safety

Jason Haddix's AI Course, Microsoft Recall analysis, exercise erasing trauma, AI and the jobs problem…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
6/7/202422 minutes, 7 seconds
Episode Artwork

UL NO. 434: Can You Articulate Yourself in 50 Words?

NetworkChuck's Fabric Video, Algorithms Replace Degrees, AI Transparency, New Grad Difficulty, Windows Goes Full AI, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
6/1/202427 minutes, 17 seconds
Episode Artwork

UL NO. 433: China's Flawed Strategy

A new book, A new Fabric pattern, Autonomous fighter jets, Friend trips, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
5/29/20249 minutes, 11 seconds
Episode Artwork

A Conversation with Mike Privette from Return on Security

In this conversation, I speak with Mike Privette. Mike is the CISO and Cybersecurity Economist at Return on Security. We discuss:- The economic impact of COVID-19, the shift from prioritizing growth to operational efficiency, and the subsequent market crash and rebound in 2024. - The rise of AI in application security, the importance of trust and safety, and the potential for AI to enhance personal digital sovereignty.  -The changing dynamics of startups, venture capital, and private equity in the cybersecurity space.  Among many other topics. Introduction and Guest Welcome (00:00)Return on Security's audience (01:53)Economic trends in cybersecurity & COVID-19 (05:59)Shift towards operational efficiency in cybersecurity companies (09:39)Current cybersecurity trends and rebound effects (13:23)Application Security and AI (15:05)The Evolution of AI Security Companies (16:09)Trust and Safety in Cybersecurity & Discussing Deepfake videos (17:03)Validation of Ground Truth (19:18)Personal and corporate security from AI (20:31)Continuous Defender and AI Filtering (21:31)Validation of True Content to combat misinformation (23:23)AI for News Reports and Corporate Communications (26:16)The Future of AI Security (27:11)The trend of personal digital sovereignty (31:03)Private equity vs. VC vs. startups (33:36)Operational efficiency and the future of startups (36:29)Cybersecurity industry trends and data science (43:36)The Universal Dashboard concept (45:15)Sharing knowledge and connections (45:42)Check Out Return on Security (45:58)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
5/24/202446 minutes, 18 seconds
Episode Artwork

UL NO. 432: Can You Summarize Your Work in a Sentence?

Thoughts on GPT-4o, Dell's API Hack, Russian Campus Campaigns, Google's Pretend Work, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
5/24/202427 minutes, 57 seconds
Episode Artwork

A Conversation on Maritime Security with BlackBerry Threat Intelligence

In this sponsored conversation, I speak with Corey Ranslem, CEO of Dryad—and the resident expert on Maritime Attacks—and Ismael Valenzuela, VP of Threat Intelligence and Research at Blackberry. We talked about all things Maritime Security, and I learned a whole lot from the conversation. Digital Hijacking at Sea: Unveiling a Cyber Attack Scenario in the Red Sea BlackBerry Quarterly Global Threat Report — March 2024 00:00:00 Introduction and Guest Welcome00:00:30 Maritime Security Overview00:01:15 Baltimore Incident Discussion00:02:00 Legacy Systems on Ships00:03:20 Connectivity Challenges at Sea00:04:10 Cyber Threats in Maritime Industry00:05:00 Post-Accident Cyber Investigations00:06:00 Potential Cyber Attacks on Ships00:07:30 Threat Scenarios and Models00:08:45 USB and External Media Threats00:09:30 Evolution of Navigation System Connectivity00:10:30 Crew Connectivity and Cyber Risks00:11:30 Lessons from Other Industries00:12:15 GPS Spoofing and Navigation Interference00:13:30 Digital Hijacking of Ships00:14:45 Economic Disruption via Cyber Attacks00:16:00 Financial Motivation Behind Attacks00:17:15 Ransomware in Maritime Context00:18:30 Panama Canal and Economic Impact00:19:30 Cyber Security Maturity in Maritime Industry00:21:00 Legacy Systems and Geopolitical Interests00:22:15 Challenges with Security Solutions at Sea00:23:30 Historical Cyber Incidents in Maritime00:24:30 GPS Spoofing Techniques00:25:15 International Maritime Organization Standards00:26:30 Criminal Trends and Cyber Attacks00:27:45 Open Source Tools and Threat Actors00:28:45 Information Sharing in Maritime Industry00:29:30 Real-World Examples of Cyber Incidents00:31:00 Cruise Ships and Large Yachts Security00:32:15 Autonomous Vessels and Cyber Protection00:33:30 Future of Autonomous Vessels00:34:15 Learning and Improving Cyber Security in Maritime00:35:30 Role of Threat Intelligence in Maritime Security00:36:15 Optimism for the Future of Maritime Security00:37:30 Industry Awareness and Education Efforts00:38:30 AI Integration in Maritime Security Solutions00:39:15 Conclusion and Final ThoughtsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
5/16/202440 minutes, 16 seconds
Episode Artwork

UL NO. 431: Companies are Graphs of Algorithms

The US goes skills-based, AI is mostly prompting, simulation -> reality, 30 useful concepts, and more…… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
5/9/202411 minutes, 49 seconds
Episode Artwork

UL NO. 430: The Courage to be Disliked

How I use local AI models, MI5 vetting research students, the first AI deepfake racism attack, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
5/3/202430 minutes, 15 seconds
Episode Artwork

UL NO. 429: Build Your Career Around Problems

Stanford's State of AI, Peter Thiel vs. Tyler Cowen, China Taiwan Hacking Prep, GenZ Outperforming, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedN:https://www.linkedin.com/in/danielmiessler See you in the next one!  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
4/27/202421 minutes, 45 seconds
Episode Artwork

UL NO. 428: Reason to Fear; Reason to Build.

AI Propaganda, Speaking Events, analyze_presentation Pattern, Guarding Your Energy Reserves, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedN:https://www.linkedin.com/in/danielmiessler See you in the next one!  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
4/23/202416 minutes, 16 seconds
Episode Artwork

UL NO. 427: AI's Predictable Future

Israeli identity reveal, deepfaked content summaries, Altman/Ive device, wealthy kids, Cowen v. Haidt, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedN:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
4/10/202422 minutes, 54 seconds
Episode Artwork

UL NO. 425: The Efficient Security Principle

US drone combat, extract ideas from any book, Pinker writing analysis, Flipper reversal, GPT-5 updates, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedN:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
3/27/202421 minutes, 12 seconds
Episode Artwork

UL NO. 424: Raising Security's Floor

Insane Video Deepfakes, Devin Gets Slack Access, New Fabric Patterns, AI Application Interfaces, Let Grow, and more… Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedN:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
3/21/202426 minutes, 40 seconds
Episode Artwork

A Conversation with Jason Meller of Kolide/1Password

In this sponsored conversation, I speak with Jason Meller. Jason is the founder of Kolide, which has just recently been acquired by 1Password. We discuss: - Collide's acquisition by 1Password- The synergy between Collide and 1Password- The challenge of password management- The concept of device trust and zero trust- The limitations of MDM solutions- Engaging end-users in security remediation- The philosophy behind Collide's approach- The importance of human-friendly security solutions- Future plans for Collide under 1Password- The potential for broader application of Collide's technology Jason and I see a lot of things the same, and I really enjoyed this conversation and think you will too.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
3/19/202421 minutes, 45 seconds
Episode Artwork

UL NO. 423: AI is Becoming Like Reading

Google AI Espionage, My macOS UI, Cloudflare AI Firewall, Midnight Blizzard, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
3/12/202421 minutes, 48 seconds
Episode Artwork

UL NO. 422: To Survive AI, We Must Become Creators

Fabric Threat Models, An AI Worm, GitHub Auto-blocks, Long Covid IQ, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
3/6/202421 minutes, 46 seconds
Episode Artwork

A Conversation With Ismael Valenzuela About AI and Threat Intelligence

In this sponsored standalone episode I speak with Ismael Valenzuela, VP of Threat Research and Intelligence at Blackberry Cylance. We discuss: Modern Threat Intelligence The shifting attention of attackers GenAI attacks How defenders are adapting to AI attacks And many other topics Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
3/4/202445 minutes, 46 seconds
Episode Artwork

UL NO. 420: APTs using ChatGPT, Bugs Putin, The good side of AI jobs loss?, AI Monitoring Culture, AI patents, and more…

APTs using ChatGPT, Bugs Putin, The good side of AI jobs loss?, AI Monitoring Culture, AI patents, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
2/25/202423 minutes, 40 seconds
Episode Artwork

UL NO. 419: Problem Quality, 0-Day Spyware, LOTL, Ollama + OpenAI

Two new agent types, Ollama's new API structure, $7 Trillion for chips, American satisfaction, and more… Read the episode online here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
2/12/202430 minutes, 19 seconds
Episode Artwork

UL NO. 418: DEFCON Moves, AnyCloudDesk, Ransomware Learnings, My Top AI Projects

My favorite 2 AI projects, US spending habits, and your security program is sh*t… 📢Sponsored by Kolide Kolide ensures that if a device isn't secure, it can't access your apps. Zero Trust auth for Okta that drives your Devices to 100% compliance.  Watch a DemoBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
2/8/202427 minutes, 38 seconds
Episode Artwork

UL NO. 417: NSA's Broker Buys, AI-Assisted Attacks, Companies Only Want Killers

Companies Demand AI, Breach Overload, More Tech Layoffs, Chip Investment, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
2/8/202423 minutes, 44 seconds
Episode Artwork

A Conversation with Shil Sircar from Blackberry Data Science

In this episode of Unsupervised Learning, we talked to Shil Sircar. Shil is the Senior VP of Engineering and Data Science at Blackberry, and we talked about: - Machine Learning in Cybersecurity - The Evolution from ML to Generative AI - Predictive vs. Generative Models - Preventive AI in Cybersecurity - The Cylance AI Platform - Attacker vs. Defender Dynamics - Temporal Advantage in Threat Detection - Synthetic Malware Generation - Behavioral Analysis for Cybersecurity - And the Future of AI in Cybersecurity So with that, here's our conversation with Sil Sircar… Dive deeper here: Product Page: CylanceAI by BlackBerry Blog: Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats Blog: AI in Cybersecurity: Hype vs. Help Video: As Cyberthreats Have Evolved, So Has the Need for AI Video: Real-world performance is the ultimate test for predictive AI Predictive AI in Cybersecurity: What Works and How to Understand It https://www.blackberry.com/us/en/forms/cylance/on-demand-video/threat-demo-on-demand https://i.crn.com/sites/default/files/ckfinderimages/userfiles/images/crn/custom/2022/Blackberry/bb-ebook-finding-beacons-in-the-dark.pdf Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
1/29/202437 minutes, 27 seconds
Episode Artwork

UL NO. 416: Tracking AI Agent Activity, 400 SF Cameras, AI Sleeper Agents…

Benign AI's "Many Eyes", OpenAI's Pentagon partnership, AI voice scams, Zuckerberg all-in on AGI, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
1/24/202423 minutes, 29 seconds
Episode Artwork

A Conversation with Jason Kikta from Automox

In this sponsored episode of Unsupervised Learning, we talked to Jason Kikta. Jason is the CISO and Senior VP of Product at Automox, and our conversation covered: - Endpoint Management- IT and Security Overlap- Patching Strategies- Cloud-Based Solutions- Configuration Drift- Policy Articulation- Automation and AI- IT Operations Challenges- Future Product Features- and other topics. You can check out Automox at: https://automox.com.  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
1/22/202445 minutes, 24 seconds
Episode Artwork

UL NO. 415: It's Raining 9+ CVEs, 40% Job Loss from AI, Invisible Prompt Injection…

[updated: apologies, we had the wrong audio file initially] Taiwan chooses democracy, 10,000 hours debunked, Data/Display/AI/AR, and much more… 📢Sponsored by Automox: Brace yourself for any IT calamity with Automox! 🛡️ Tune into the Autonomous IT podcast and join experts discussing Patch Tuesday insights, mitigation strategies, and CVE remedies. Connect with IT pros and stay ahead of the game. 🎧 Listen now on Spotify, Apple, or your favorite podcast platform! Read today's episode hereBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
1/19/202421 minutes, 40 seconds
Episode Artwork

UL NO. 414: LastPass Settings Upgrade, Boosting ChatGPT Output, AI Adding Societal Transparency

ChatGPT prompting upgrades, CrewAI agent framework, people down on Democracy… 📢 Sponsored by Kolide: Concerned about data breaches and hacks? 🔒 Discover Kolide, the device trust solution that secures your company's devices and credentials, making phishing attempts useless to hackers. See it in action at www.kolide.com/unsupervisedlearning View today's episode online here: https://danielmiessler.com/p/ul-414Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
1/10/202425 minutes, 46 seconds
Episode Artwork

UL NO. 413: 7 Things to Expect from AI in 2024+, Xi Going Stalin, SSH's Terrapin…

Xi purges detractors, my thoughts on chaos and 2024, my predictions for what we'll build with AI in 2024, macro D, and much more… Read online here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
1/6/202423 minutes, 41 seconds
Episode Artwork

A Conversation with Gabe Bernadett-Shapiro on AI

👥 This conversation is between Daniel Miessler, founder of Unsupervised Learning, and Gabriel Bernadett-Shapiro, an expert on AI Safety and Threat Intelligence.  🧠 TOPICS 00:00:00 Intros 00:04:50 Acels vs. Decels/Boomers 00:08:10 Accelerationists' Optimism for AGI 00:11:02 AGI vs. ASI Discussion 00:14:22 AI Development Debate 00:18:45 Data Retrieval with LLMs 00:27:21 Bottom-Up Automation Strategy 00:34:56 Data Availability Problem Solving 00:42:07 Threat Intel Task Automation 00:49:32 Auto Analyst Tool Demo 01:02:14 Applying AI to Threat Intelligence   🔎 Gabe: X:   / gabeincognito   LinkedIn:   / gabebs     🔎 Daniel: Web: danielmiessler.com X:   / danielmiessler.com   LinkedIn: www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
12/21/202337 minutes, 18 seconds
Episode Artwork

UL NO. 412: OpenAI's Prompt Guide, My Neovim Overhaul, The UL Character Sheet, And…

Also: Ubiquity Cross-Pollination, Passcode Laws, China's AI Influence Network, Bodycam Shenanigans, And One Year Independent!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
12/20/202329 minutes
Episode Artwork

UL NO. 411: ChatGPT Repeat Vuln, A UL AI Course!, Revenge Code Deletion

Sneaky ChatGPT Data Leaks, A New Ground-Based Telescope, Companies Leaving Austin, More… 📢Sponsored by Automox: Brace yourself for any IT calamity with Automox! 🛡️ Tune into the Autonomous IT podcast and join experts discussing Patch Tuesday insights, mitigation strategies, and CVE remedies. Connect with IT pros and stay ahead of the game. 🎧 Listen now on Spotify, Apple, or your favorite podcast platform! Read today's episode hereBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
12/14/202319 minutes, 49 seconds
Episode Artwork

UL NO. 410: The Immigration/Identity Security Risk, Super Soldier Pentagon Talk, Okta&Me Updates, Teachable Agents

Meta bans AI-generated Political Ads, Google's new RETVec Anti-spam tool, a casual convo on Super Soldiers, and more… 📢Sponsored by Kolide🔒 Secure your world with device trust – manage all OS, empower employees to fix their own security issues. Say goodbye to vulnerable credentials. 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
12/6/202325 minutes, 44 seconds
Episode Artwork

UL NO. 408: OpenAI Coup Theory, SEC vs. SolarWinds Analysis, Deepfake D&D Summaries

My Theory Of What Happened At OpenAI, A New Ransomware Tactic, Analysis Of What The SEC Case Will Do To Cybersecurity, Live David Attenborough Narration, And More… Read the episode here. 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
11/27/202335 minutes, 55 seconds
Episode Artwork

UL NO. 407: OpenAI Prompt Injection, Leaky GPTs, AGI by 2028, Huberman Routine AI

Extremist groups using AI for propaganda, NYC restaurant bots, Wegovy and Cannabis studies, my favorite collections of GPTs… 📢Sponsored by Moonlock — cybersecurity wing of MacPaw. Developers of Moonlock Engine, the antimalware tech in CleanMyMac X. 📢Sponsored by Automox - AI-powered modern IT automation is here. Learn more at automox.com. Read the episode here.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
11/14/202340 minutes, 22 seconds
Episode Artwork

OpenAI's New Releases Are a Watershed Moment for Human Creativity—and Prompt Injection

Making it trivial to create and share AI Agents that connect to real-word APIs will have a drastic impact on Information Security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
11/13/20233 minutes, 41 seconds
Episode Artwork

Why I'm Not Getting the New Humane AI Pin

Why I should be super excited by the Humane AI pin, but I'm not.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
11/13/20233 minutes, 33 seconds
Episode Artwork

UL NO. 406: OpenAI Launches Custom AIs, Okta's New Breach, EFF's Browser Privacy Checker

DOJ and Pentagon emails hacked by Russians, OpenAI's DevDay announcements, when DeepMind thinks we'll see AGI, and more… 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
11/10/202328 minutes, 28 seconds
Episode Artwork

UL NO. 404: ServiceNow Widget Flaws, North Korean Infiltrators, and the New Top-performing Prompt String…

In this edition we dive into North Korean IT Infiltration, the top performing prompt technique, Google's traffic optimization, American sick day increases, ServiceNow's Widget problem, the US murder rates, and more Read online here: https://danielmiessler.com/p/ul-no-404-servicenow-widget-flaws-north-korean-infiltrators-new-topperforming-prompt-stringBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/26/202326 minutes, 39 seconds
Episode Artwork

UL NO. 403: Signal Investigates Rumored Zero-Day Bug, AI Predicts New COVID-19 Strains, Dwindling US-China Scientific Collaboration...

In This Edition We Look Into Signal's Investigation Into A Rumored Zero-Day Bug, How Harvard And Oxford Researchers Are Using AI To Predict New COVID-19 Strains, The Dwindling Collaboration Between American And Chinese Scientists, And The European Commission's CSAM Detection Bypass View this week's podcast online at https://danielmiessler.com/p/403Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/16/202328 minutes, 23 seconds
Episode Artwork

UL NO. 402: Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…

Israel analysis, a genetic data breach, active exploits against critical vulnerabilities, and a brilliant conversation between two writers about creativity 📢 Sponsored by Kolide: Concerned about data breaches and hacks? 🔒 Discover Kolide, the device trust solution that secures your company's devices and credentials, making phishing attempts useless to hackers. See it in action at www.kolide.com/unsupervisedlearning View today's episode online here: https://danielmiessler.com/p/402Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/11/202326 minutes, 18 seconds
Episode Artwork

UL NO. 401: Sony hit again?, Taiwan Disinformation, Corporations Demand Hardcore Workers, and GPTVision Examples…

We also look at Lex's first meaningful conversation in the metaverse, fixing Science, and TikTok's impact on reading 📢 Sponsored by Kolide: Concerned about data breaches and hacks? 🔒 Discover Kolide, the device trust solution that secures your company's devices and credentials, making phishing attempts useless to hackers. See it in action at www.kolide.com/unsupervisedlearning View today's episode online here: https://danielmiessler.com/p/ul-no-401-sony-hit-taiwan-disinformation-corporations-demand-hardcore-workers-gptvision-examples-9f9Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
10/3/202325 minutes, 18 seconds
Episode Artwork

UL NO. 400: What Hiring Managers Want, CVE Farming, Hunt Forward Operations, and AI vs. B2B Services

Discover how AI is set to revolutionize the B2B services economy and the implications for GDP. Plus, unravel the paradox of the cyber job market, explore the urgent need for a content source authentication system, and delve into the controversial practice of CVE farming 📢Sponsored by Vanta.com - scales with your business, helping you enter new markets, land bigger deals, and earn customer loyalty. 📢Sponsored by: Mimecast.com - Protect yourself against vulnerabilities with an added layer of security To view online, visit https://danielmiessler.com/p/400Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/28/202331 minutes, 5 seconds
Episode Artwork

UL NO. 399: Wisdom Extraction From Any Text, Vegas Gets Cyber Jesus, AI Creativity Performance, Pentagon Cyber Strategy…

This week we talk about how I extract manual-quality wisdom from any text/transcript, what I learn from biographies, 25 lessons in 17 years of infosec, and tons of new tools and projects. 📢Sponsored by Vanta.com - scales with your business, helping you enter new markets, land bigger deals, and earn customer loyalty. 📢Sponsored by Moonlock — cybersecurity wing of MacPaw. Developers ofthe antimalware tech in CleanMyMac X — Moonlock Engine.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/19/202338 minutes, 33 seconds
Episode Artwork

UL NO. 398: Storm Vuln Stacking, CloudRecon, The S-Tier Guide to AI Whispering, Full-body MRIs…

Explore the explosive separation of society into the Thriving 10% vs. the Suffering 90%, how AI is becoming an integral part of our brains, and how to defend your family's privacy 📢Sponsored by Vanta Building a SaaS business? Get ready for the compliance questions! 📈 Achieving SOC 2, ISO 27001, or HIPAA compliance can be a game-changer, but it's often tough. Automate up to 90% of work, save time & money, and scale effortlessly. www.vanta.com/unsupervisedBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/12/202320 minutes, 8 seconds
Episode Artwork

UL NO. 397: Propaganda in a Box, Glacier-like Security, AGI by 2028?, Ancient Wisdom via AI, and Newsletter Differentiation

🎥 Embracing Short-Form Video Creation🔬 Piping into Portscanner: A Guide📚 Long/Slow Content: The UL Book of the Month🛡️ Defensive Security: A Glacier's Pace🧠 Predicting AGI Attainment by 2025-2028📜 Timeless Concepts from Ancient Myths📰 Russian Impersonation Disinformation Exposed🤖 AI Disinformation: Counteracting Propaganda👗 Forever 21 Data Breach: Half a Million Impacted🚗 Automotive Hacking Contest: Pwn2Own Automotive🍏 Apple's Private Access Tokens: A Sneak Peek📡 WiFi Vision Surveillance: Tracking Living Beings🔭 Tool & Article Discovery➡️ The Recommendation of the Week🗣️ The Aphorism of the Week 📢Sponsored by Panoptica.app - Simplify container deployment, monitoring, and security 📢Sponsored by Vanta - Save up to 85% on compliance costs. Join 5,000+ clients cutting 300+ hours of work. 200+ integrations for easy tool security. Vanta.com/unsupervisedBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
9/7/202326 minutes, 24 seconds
Episode Artwork

No. 396 - Elon's Doxxing FSD, ATHI AI Threat Modeling Framework, Cardboard Drones, and GPT Enterprise…

In this episode: 🤔 Thoughts on the Eliezer vs. Hotz AI Safety Debate🎥 Musk's FSD and Privacy Demo🔒 Duolingo Data Breach💥 MOVEit Mass Hack🔎 Putin Critics' Fate🚨 Leaseweb Security Breach🔬 Lazarus's New Malware🚁 Cardboard Drones in Combat🕵️ Taiwan Espionage Alert🔐 CloudNordic Ransomware Attack📱 Kroll's SIM Swap👾 GPT-4's API Misuses🔭 Tool & Article Discovery➡️ The Recommendation of the Week🗣️ The Aphorism of the Week 📢Sponsored by: Mimecast.com - Protect yourself against vulnerabilities with an added layer of security 📢Sponsored by Vanta.com - scales with your business, helping you enter new markets, land bigger deals, and earn customer loyalty.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/29/202326 minutes, 29 seconds
Episode Artwork

What I'm Doing and How It's Going

How I went from a $350K FTE to $700K+ doing my own thing. This is the first time I've ever shared anything about what I'm doing and how I make money. It covers: Why I got out of the corporate game What I'm doing for income streams How much I make on each Why I think YOU should consider jumping as well Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/21/202322 minutes, 56 seconds
Episode Artwork

NO. 395 — How I Make Money as an Independent, Tesla's Insider Data Breach, Bots Beating CAPTCHAs, and Escaping the Maze…

In this episode: 🎙️ "What I’m Doing And How It’s Going" 🔐 Tesla's Data Breach: An Inside Job🔍 Example’s Matter: Canary's Domain Name Issue🚨 NetScaler Instances Hacked: CVE-2023-3519 Exploited🤖 Bots Outperform Humans at Solving CAPTCHAs🔒 Infrastructure Security Boost: Israel-US Collaboration🔎 Microsoft Breach Investigation by DHS's CSRB🇨🇳 China's Cyber Threat to US Infrastructure🇯🇵 China's Damaging Cyber Attack on Japan🕵️‍♂️ Hacker Accounts Exposed: Cybercrime Forum Logins Stolen🔭 Tool & Article Discovery➡️ The Recommendation of the Week🗣️ The Aphorism of the WeekBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/21/202332 minutes, 16 seconds
Episode Artwork

NO. 394 — Vegas Recap, CISA MS Alert, China/US AI Fight, Deceased Kid AI, Following vs. Leading…

In this episode: 🎰 Back from Vegas: Event Recap🔬 Covid Testing: Importance of Correct Method🔥 Burnout and Addiction: Shared Root Cause🪳 Vulnerabilities🎩 Black Hat Highlights: Tool Releases👥 Lapsus$ Tactics: Simple Techniques, Big Breaches🤖 AI Cyber Challenge: DARPA's Call to Arms🔒 Cybersecurity Standings: US vs China🌐 Render's Cloudflare Issue: Network Errors🔍 PromQL Guardrails: Code Scanning with Semgrep🔭 Tool & Article Discovery➡️ The Recommendation of the Week🗣️ The Aphorism of the WeekBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
8/16/202319 minutes, 1 second
Episode Artwork

No. 393 - Hacker Week, Deleting Google Info, And Creating High-Entropy Content

In this episode: 🎉 HackerCon Week: BSides, Blackhat, DEFCON🔒 Google's Privacy Update: Control Your Data🤖 AI Vulnerability: Adversarial Attacks on Chatbots🛡️ NIST CSF Changes: Are You Ready?📊 Breach Disclosure Rules: SEC's New Mandate🔧 Tech Giants' Security Fixes: Apple, Google, Microsoft📚 Penetration Testing Guide: Understanding Cybersecurity Risks🤖 Google's AI Pivot: Supercharged Assistant📦 Musk's Grid Warning: Invest in Energy Transition🔭 Tool & Article Discovery➡️ The Recommendation of the Week🗣️ The Aphorism of the Week 📢Sponsored by: Mimecast.com - Protect yourself against vulnerabilities with an added layer of security 📢Sponsored by: Panoptica.app - Simplify container deployment, monitoring, and securityBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/10/202330 minutes, 31 seconds
Episode Artwork

NO. 392 — Trail of Bits Testing Handbook, Startups Freefall, and Chinese Propaganda Escalation…

In this episode: 💡 Burnout and Addiction: A New Perspective🚦 UL RSS Live: Stay Updated🔍 Security News: Testing Handbook, IDOR Vulnerability, Lazarus Hacks📈 Technology News: Startup Decline, iPhone Dominance, AI Girlfriends🌍 Human News: Longevity Habits, Unemployment Rates, Math Crisis💭 Ideas & Analysis: AI Tooling and Reading🎨 Hacker Art by Rez0🛠️ Discovery: New Tools and Insights👥 Managerial Pitfalls: Transitioning Roles👜 Birkin Bag Economics: The World's Most Expensive Handbag🔭 Tool & Article Discovery➡️ The Recommendation of the Week🗣️ The Aphorism of the WeekBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/31/202318 minutes, 32 seconds
Episode Artwork

NO. 391 — AI Manipulation Defenders, .MIL Leak, And The NPC Phenomenon

In this episode: 🤖 How AI Will Defenders Protect Us📈 AI's Role in K-Shaped Recovery📧 Military Email Leak🔐 VirusTotal Data Leak🇨🇳 Great Firewall Expansion🍏 Apple vs UK Surveillance🚗 TikTok Theft Tutorials👁️ AI Surveillance Expansion🔧 Tech Scam Evolution🤖 OpenAI's Persistent Context🍏 Apple's AI Chatbot📰 AI Journalism🔭 Tool & Article Discovery➡️ The Recommendation of the Week🗣️ The Aphorism of the WeekBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/24/202322 minutes, 4 seconds
Episode Artwork

NO. 390 — Voice Scams, FrontView Mirrors, and Idea Molecules

In this episode: 🚨 VoiceFake Scams on the Rise🔑 FrontView Mirror, 2024 Edition: Trends and Preparations🎙️ AI and Content Creation: A Discussion on The Phillip Wylie Show🔒 Chinese Email Hack: A Sophisticated Espionage Effort🌐 Transatlantic Data Flow: A New EU-US Data Privacy Framework🔍 Docker Security Flaws: Sensitive Data in Docker Images🏥 HCA Healthcare Breach: Impacting 11 Million Patients⚖️ Orca Suing Wiz: A Case of Patent Infringement🤖 AI-Enabled Cybercrime: The Rise of WormGPT🐦 Twitter Struggles: Ad Revenue Plummets by Nearly 50%🎵 TikTok Music Launches: A New Competitor for Apple Music and SpotifyBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/17/202320 minutes, 48 seconds
Episode Artwork

NO. 389 — The Creativity Friction Coefficient, Lockbit v TSMC, and Detecting Smart Errors

📚 The Real Internet of Things: A Look into the Future of Technology🔒 Pentera's Unique Approach to Automated Security Validation🌐 AI and the Reduction of the Creativity Friction Coefficient🔐 LockBit vs. TSMC: A Tale of Ransomware and Supply Chain Dependencies☁️ The US's Move to Block Chinese Cloud Usage: A National Security Matter🔥 Fortinet Fallout: A Critical Bug in FortiGate Firewalls🇨🇳 New Chinese APT Tradecraft: Volt Typhoon's Stealthy Approach🔍 Google's Privacy Policy Update: Feeding the AI🌞 Solar Hacking: The Exposure of Renewable Energy Units📋 And more… Sponsor: https://pentera.io Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/10/202318 minutes, 8 seconds
Episode Artwork

Sponsored Interview: Pentera

Alright, in this Sponsored Interview I’m talking with Aviv Cohen. Aviv is an engineer turned Chief Marketing Officer with Pentera, so if he sounds more technical than most CMOs, that’s why. We talk about Pentera’s automated Security Validation platform, which he says is similar but different to automated pen testing and attack surface management, and we discuss multiple dimensions of that, from the space they play in, the problem with existing solutions, and a lot more. And with that, there’s my conversation with Aviv Cohen. https://pentera.io Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/10/202346 minutes, 23 seconds
Episode Artwork

NO. 388 — Context Reflections, Critical Thinking, China's Decline, and NFC

In this episode: 📚 Using Reflections to Compress LLM Context Data 🎧 My Appearance on the Critical Thinking Podcast 🍏 Apple's Critical Security Updates ⌚ Suspicious Smartwatches Targeting Military Personnel 🔥 Databricks Acquires Generative AI Company 🌐 Cloudflare's Observatory Performance Monitoring Tool 📺 LG Integrates AirPlay 2 and HomeKit into Hotel TVs 💼 Remote Work as a Competitive Advantage for Small Tech Companies 🐝 Beehiiv Raises $12.5 Million 🔍 AI Zoom Magic by Midjourney 🇨🇳 China's Economic Countdown? 🧠 Illusion of Moral Decline 📸 Smartphone Domination in Photography 💡 The Worst Intellectual Trait: NFC 🌍 Climate Change vs. Familial Self-preservation Instincts 🚢 Titanic Belief and Ignoring DangerBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/26/202316 minutes, 3 seconds
Episode Artwork

NO. 387 — Modern Parenting and Narcissism?, New Russian Hacking Unit, McKinsey AI Predictions, and more…

In this episode: 🧠 Is modern parenting creating narcissists?🔒 Top cybersecurity official warns of Chinese hackers🇷🇺 New Russian hacking unit identified🚀 NVIDIA's AI red team philosophy📈 McKinsey says AI will massively boost productivity💊 MDMA helps white supremacist move away from hate🔎 Google further soils the bedBecome a Member: https://danielmiessler.com/subscribe/See omny.fm/listener for privacy information.
6/20/202324 minutes, 7 seconds
Episode Artwork

NO. 386 — DBIR 2023, Vision, Smol-Developer, and more…

In this episode: 🔥 Human Immortality Using LLMs🤖 Generative AI Reshaping Enterprises🔒 Verizon DBIR 2023 Analysis🪳 Chrome Zero-Day Patched💰 Lazarus Atomic Wallet Link🚀 Tame Your Compliance Beast🪳 MOVEit Vulnerability Exploitation📰 North Korean Hackers Impersonate Journalists📱 Apple ID-sharing🌐 Apple Vision Announced🔑 Password Crackdown Success📈 AI-Driven Stock Surge📱 iOS17 Features Summary🔐 Apple Passkey SharingBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/12/202326 minutes, 2 seconds
Episode Artwork

NO. 384 — World AI Coin, Russian Power Attacks, Guidance AI Workflow…

In this episode:👁️ Worldcoin, OpenAI, and eye scanning: A global ID and currency?⚡ Grid Threat: Russia-linked malware targets power grids🧠 Neuralink gets FDA approval for clinical trials🤖 Bing integrated into ChatGPT for enhanced AI chatbot experience🚗 Tesla Model Y becomes world's best-selling car🌈 LGBTQ searches soar 1,300% since 2004Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/3/202321 minutes, 30 seconds
Episode Artwork

NO. 382 — AI Attack Surface Map, Digital Assistants, Dragos Nope, Rogue AI Girlfriend…

In this episode:🛡️ Support DEFCON's AI Village event🧠 Dive into AI attack surfaces🤖 Uncover digital assistants' future🔒 Investigate Dragos Incident & Snake takedown🎵 Experience Google's MusicLM magic🚀 Secure the cloud with a free guide👩‍💻 Witness an AI girlfriend gone rogueBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/16/202317 minutes, 13 seconds
Episode Artwork

The Right Amount of Trauma

In this standalone episode I read my essay titled "The Right Amount of Trauma". https://danielmiessler.com/blog/the-right-amount-of-trauma/   Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/11/20237 minutes, 59 seconds
Episode Artwork

NO: 381 — Reviving Conference Strategies, Nurturing High-Performers, AI Business Takeover, Cyber Threats, and Diversifying Production 🧠🏢🦈📱🚗

🧠 The Right Amount of Trauma: Nurturing high-performers🏢 Universal Business Components: AI's business takeover🦈 North Korean ReconShark: New global cyber threat📱 Apple's Brazil production: Diversifying from China🚗 NYPD's AirTag advice: Protect your car💵 US dollar losing reserve currency status🤖 IBM's hiring pause: AI and automation's impact🌐 World Economic Forum: Job disruption predictions 📺 YouTube views: Half on TV📞 GenZ's dumbphone trend: Reducing distractions🌿 A Post AI Future for Humans: Local community model💡 The Self-checkout Tipping Anti-Pattern: Dark pattern or generosity?Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/9/202311 minutes, 37 seconds
Episode Artwork

NO. 380 — LLM-Mind-Reading, Automated War, Rusty Sudo, Eliezer Bitterness Theory...

📚 Pre and Post-LLM Software: Adapt or be replaced🎙️ RSnake Show Appearance: AI-focused conversation🔐 RSA Live Podcast: Industry insights and advice🔮 Palantir AI: Automated war and terror🍏 New Apple Update Mechanism: Rapid Security Response🧠 LLM Mind-reading: Extracting text from brain activity🚫 Chatbanning: Samsung's response to data leak🔧 VMware & Zyxel Patches: Addressing vulnerabilities🔒 Google Security AI: Cloud Security AI Workbench🦀 Sudo Rust: Safer sudo and su in Rust🎥 Palo Alto Cameras: License plate tracking🏃‍♂️ Apple Coach: AI-powered health app🏦 First Republic Falls: FDIC intervention💡 Eliezer Bitterness Theory: AI doomsday predictions🤖🔥 Prompting Superpower: Advanced AI prompting techniques🛠️ ShadowClone & FigmaChain: Useful tools🐍 Recommendation: Learn Python and Langchain💬 Aphorism: Carl Jung on creativityBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/2/202318 minutes, 3 seconds
Episode Artwork

NO. 378 — AI Resilience Scale, Moloch The Demon, Ukraine Data Leak, and more...

NO. 378—AI Resilience Scale, Moloch The Demon, Ukraine Data Leak, and more...Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/17/202325 minutes, 1 second
Episode Artwork

NO. 376 | AI transforms security, existential risk, and how to stay in front…

NO. 376 | AI transforms security, existential risk, and how to stay in front…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/3/202320 minutes, 54 seconds
Episode Artwork

NO. 375 — 6 Post-GPT Phases, Github's Private Key, New Assistant Interfaces

6 Post-GPT Phases, Github's Private Key, New Assistant InterfacesBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/27/202317 minutes, 20 seconds
Episode Artwork

NO. 374 — AI Response Shaping, SpaceX Blueprints, GPT-4 Innovation Explosion…

NO. 374 — AI Response Shaping, SpaceX Blueprints, GPT-4 Innovation Explosion…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/21/202312 minutes, 16 seconds
Episode Artwork

NO. 373 — SPQA Architecture, LLaMA on M1 Mac, Loved Ones Voice Scams…

NO. 373 — SPQA Architecture, LLaMA on M1 Mac, Loved Ones Voice Scams… Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/13/202317 minutes, 27 seconds
Episode Artwork

Sponsored Interview — Kolide

Today I’m doing a Sponsored Interview with Kolide — a company I’ve heard a lot about recently and have been looking forward to chatting with. I’m talking to Jason Meller, the founder and CEO of Kolide and we talk about: The problems in the BOYD space Kolide’s approach to solving the problem A user-centric approach to policy compliance His view of what stops other players from being successful And other topics So with that, here’s Jason Meller… https://kolide.com/unsupervisedlearning  Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/13/202337 minutes, 29 seconds
Episode Artwork

NO. 372 — LastPass Employee Hack, State AI Propaganda, Crowdstrike Report Analysis…

NO. 372 — LastPass Employee Hack, State AI Propaganda, Crowdstrike Report Analysis…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/7/202329 minutes, 24 seconds
Episode Artwork

NO. 371 | Covid Lab Leak, Military Server Exposed, OAI Foundry…

NO. 371 | Covid Lab Leak, Military Server Exposed, OAI Foundry…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/27/202322 minutes, 47 seconds
Episode Artwork

NO. 370 | GoDaddy Hack, EU Chinese APTs, Hacking with ChatGPT

NO. 370 | GoDaddy Hack, EU Chinese APTs, Hacking with ChatGPTBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/21/202314 minutes, 24 seconds
Episode Artwork

NO. 369 | Reddit Hack, Deepfake Scams, Embracing Change…

NO. 369 | Reddit Hack, Deepfake Scams, Embracing Change… Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/13/202322 minutes, 16 seconds
Episode Artwork

NO. 368 | China Balloons, CustomGPT, 90s++…

NO. 368 | China Balloons, CustomGPT, 90s++…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/6/202318 minutes, 12 seconds
Episode Artwork

NO. 367 | Hive Ransom, Anti-Google, Software 2.0…

NO. 367 | Hive Ransom, Anti-Google, Software 2.0… The FBI infiltrated the HIVE ransomware group, stopping over $130 million in ransomware attacks Riot had the League of Legends source code stolen by a ransomware group, but they're refusing to pay the $10 million ransom ODIN Intelligence got hacked, resulting in the loss of police raid plans, facial recognition data, and surveillance information The FBI says North Korea was behind the $100 million Horizon Bridge crypto hack And much more! Sponsored by PlexTrac: Streamline your security testing reporting so you can get back to the work that matters! https://plextrac.com/unsupervisedlearningBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/30/202314 minutes, 26 seconds
Episode Artwork

NO. 366 | T-Breach, Siri++, Conception Ages…

NO. 366 | T-Breach, Siri++, Conception Ages… TOPICS INCLUDE: -T-Mobile has had another security breach, this one affecting at least 37 million accounts -Canary Cards now available to use as credit cards -Hook Malware allows attackers to fully control Android phones -Attackers are now spreading malware through Microsoft OneNote attachments -Many attackers are migrating from Cobalt Strike to the more defender-focused Silver C2 framework -Git patched two critical RCEs …and many more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/23/202315 minutes, 42 seconds
Episode Artwork

NO. 365 | China's Decline, MicrosoftAI, Creativity Ratio…

China's Decline, MicrosoftAI, Creativity Ratio…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/17/202311 minutes, 9 seconds
Episode Artwork

NO. 364 | Reality Headset, BingPT, AI+Cyber

NO. 364 | Reality Headset, BingPT, AI+CyberBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/9/202315 minutes, 2 seconds
Episode Artwork

NO. 363 | NEWS, ANALYSIS, and DISCOVERY SERIES

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/3/202313 minutes, 22 seconds
Episode Artwork

NO. 362 | Dependency Scanner, Citrix Attacks, AI Analysis…

Dependency Scanner, Citrix Attacks, AI Analysis…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/19/202212 minutes, 27 seconds
Episode Artwork

NO. 361 | GPT++, Apple Security, CISA Cuba…

GPT++, Apple Security, CISA Cuba…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/12/202212 minutes, 13 seconds
Episode Artwork

NO. 360 | NEWS, ANALYSIS & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/5/202213 minutes, 17 seconds
Episode Artwork

Erkang Zheng of JupiterOne | SPONSORED INTERVIEW SERIES

In this standalone episode we’re doing a sponsored interview with Erkang Zheng of Jupiter One. So JupiterOne is a special company to me. I just built a vuln management program at Robinhood based around them, and I believe so much in their vision that I’m looking to actually become an advisor. I mention this because when I fanboy for something, like Apple, or whoever, I want you to know that I’m fanboying and/or have a relationship with them. Or that I want to. The interview here talks mostly about concepts, however, and not so much specific features. But I just wanted to mention my orientation to the company prior to starting. I’m speaking with Erkang Zheng who is the founder and CEO of the company, and as you can hear we have a similar take on many of the problems currently in security. So with that, here’s Erkang Zheng. — Start a JupiterOne Account for FreeBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/3/202227 minutes, 17 seconds
Episode Artwork

NO. 359 | THE NEWS, ANALYSIS & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/28/20229 minutes, 47 seconds
Episode Artwork

Scott Kuffer of Nucleus Security | SPONSORED INTERVIEW SERIES

In this standalone episode we’re doing a sponsored interview with Scott Kuffer, co-founder and COO of Nucleus Security. I was already excited by this vendor just based on the research I did to allow them to be a sponsor, but the conversation with them really made me think they’re approaching the vulnerability management problem the right way. Namely, by tackling a lot of the non-technical problems using technical solutions rather than obsessing over vuln prioritization. If you are in the VM space or are about to be in it, you will love this conversation. And with that, here’s Scott Kuffer with Nucleus Security.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/28/202247 minutes, 31 seconds
Episode Artwork

NO. 358 | NEWS, ANALYSIS, & DISCOVERY SERIES

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/22/202214 minutes, 56 seconds
Episode Artwork

NO. 357 | NEWS, ANALYSIS, & DISCOVERY SERIES

NSA Languages, GPT-4 Hype, Chinese AirDrop…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/14/202212 minutes, 39 seconds
Episode Artwork

NO. 356 | NEWS, ANALYSIS & DISCOVERY SERIES

Sponsored by JupiterOne: jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/7/202211 minutes, 14 seconds
Episode Artwork

NO. 355 | NEWS & ANALYSIS SERIES

Critical TLS, Liz Russia, AI Sweater… Sponsor: Keeper Security | Protect employee passwords in minutes with Keeper — the award-winning password manager that is secure, easy to set up, and easy to use. Keeper works out-of-the-box with identity, MFA, and SIEM solutions including Okta, Azure AD, Ping Identity, G Suite, YubiKey and many others…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/31/202213 minutes, 47 seconds
Episode Artwork

Why Everyone Needs a Blog | THE IDEA SERIES

People used to be defined by where they work, and now they’re defined by their knowledge, capabilities, and opinions.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/27/20224 minutes, 3 seconds
Episode Artwork

Creativity Comes From Idleness | THE IDEA SERIES

A few years ago I figured out why we’re so creative in the shower…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/26/20222 minutes, 54 seconds
Episode Artwork

AI Art Will Push the Top 1% to Human Artists | THE IDEA SERIES

https://danielmiessler.com/blog/ai-art-push-1-percent-human-artists/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/25/20224 minutes, 5 seconds
Episode Artwork

NO. 354 | THE NEWS & ANALYSIS SERIES

China Controls, TikTok Tracking, Infra Sabotage…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/24/202218 minutes, 3 seconds
Episode Artwork

Humiliation is Deadly | THE IDEA SERIES

Exploring a status game model for understanding negative behavior. https://danielmiessler.com/blog/humiliation-is-deadly/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/21/202211 minutes, 10 seconds
Episode Artwork

NO. 353 | THE NEWS & ANALYSIS SERIES

🗞️ Caffeine Phishing, Cyber Labeling, Kamikaze Drones… Sponsor: Panther Security https://panther.com/ul22Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/17/20229 minutes
Episode Artwork

News & Analysis | NO. 352

CISA Assets, Contractor Hack, China CVEs… Sponsored by: Jupiter One @ jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/12/202213 minutes, 5 seconds
Episode Artwork

News & Analysis | NO. 351

Cloudflare vs. CAPTCHA, Exchange 0-Day, NSA Leaker Sponsor: Zerofox: Download the External Cybersecurity GuideBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/3/202217 minutes, 39 seconds
Episode Artwork

News & Analysis | NO. 350

Infowar Audit, Zoom Reflections, SF CamerasBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/26/202215 minutes, 16 seconds
Episode Artwork

News & Analysis: NO. 349

Uber Hacked, GTA Leak, Goodbyes Listen to JJAgha's comments on Relentless Iterations and What He Expects from a Modern SIEM: https://panther.com/resources/podcasts/compass-ciso-jj-agha-on-relentless-iterations-and-what-he-expects-from-a-modern-siem/ Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/20/202214 minutes, 3 seconds
Episode Artwork

News & Analysis | NO. 348 | Spearmishing, Patreon Security, and Triple-Threat Ransomware

Spearmishing, Patreon Security, and Triple-Threat Ransomware Sponsored by JupiterOne: https://www.jupiterone.com/unsupervisedlearningBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/12/202223 minutes, 21 seconds
Episode Artwork

Metagaming: An Interview with Andrew Ringlein

In today’s standalone episode I’m going to talk with Andrew Ringlein about some interesting new gaming ideas I’ve not seen anywhere else. He's releasing them in a new game called Rifters, and we chat through the concepts themselves and how they manifest in his new release.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/7/202253 minutes, 26 seconds
Episode Artwork

News & Analysis | NO. 347

TikTok Hack, Cloudflare Kiwi, Google OSS Bounty Sponsored by: Keeper Security http://keepersecurity.com/unsupervisedlearning Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/6/202215 minutes, 41 seconds
Episode Artwork

News & Analysis | NO. 346

🗞️ Unsupervised Learning NO. 346 | Twitter Whistle, LastPass Plex, Satellite PhonesBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/29/202219 minutes, 54 seconds
Episode Artwork

News & Analysis | NO. 345

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/22/202216 minutes
Episode Artwork

News & Analysis | NO. 344

Blackhat/DEFCON, TikTok Lockdown, MailChimp Breach… Sponsor: JupiterOne https://www.jupiterone.com/unsupervisedlearning  Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/17/202213 minutes, 19 seconds
Episode Artwork

News & Analysis | NO. 343

UL NO. 343 | Emergency Hack, Chinese Cobalt Strike, Solana Drainage Sponsor: ZeroFox https://www.get.zerofox.com/ti-guideBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/8/202212 minutes, 25 seconds
Episode Artwork

News & Analysis | NO. 342

NK Hackers, TikTok Influence, Amazon Police… Sponsor: Hyperproof. Security, Compliance, and Risk Management leaders need to be able to articulately advocate for their programs to gain collaboration from their peers, support from their leadership, as well as budget and headcount.In this Hyperproof guide, you'll see how to gain active and passive support for your various security initiatives, and you'll get tips and talking points you can use in executive conversations to gain support and drive urgency. info.hyperproof.io/getting-to-yes-ebookBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/2/202211 minutes, 25 seconds
Episode Artwork

News & Analysis | NO. 341

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/25/202215 minutes, 52 seconds
Episode Artwork

News & Analysis | NO. 340 | SF Surveillance, APTs vs. Journalists, TikTok Changes…

SF Surveillance, APTs vs. Journalists, TikTok Changes… Sponsored by Jupiter One.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/18/202221 minutes, 18 seconds
Episode Artwork

News & Analysis | NO. 339

Lockdown Mode, Paid Pentagon Bounty, China's IP Threat… Sponsors: Cerby.com, CrowdSec.netBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/11/202219 minutes, 16 seconds
Episode Artwork

Sponsored Lunch Interview: Keeper Security

I had the opportunity to sit down with Zane Bond from Keeper Security. We spent around 40 minutes talking about Keeper's products, the problems they solve, and how they think about the password problem. Learn more at keepersecurity.com.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/11/202233 minutes, 20 seconds
Episode Artwork

News & Analysis | NO. 338 | Deepfake Interviews, China Leak, Hacker Services…

This week's sponsor: Storyblok: Upgrade the Security of Your CMSBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/5/202220 minutes, 43 seconds
Episode Artwork

News & Analysis | NO. 337

In this episode we talk about China Surveillance, Cyber Bills, and Recon Tools… The episode was sponsored by ZeroFox and CrowdSec.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/27/202220 minutes, 25 seconds
Episode Artwork

News & Analysis | NO. 336

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/20/202215 minutes, 9 seconds
Episode Artwork

News & Analysis | NO. 335

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/13/202215 minutes, 18 seconds
Episode Artwork

News & Analysis | NO. 333

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/31/202221 minutes, 28 seconds
Episode Artwork

News & Analysis | NO. 331

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/16/20221 minute, 16 seconds
Episode Artwork

News & Analysis | NO. 330

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/9/202214 minutes, 5 seconds
Episode Artwork

Why I'm Not Worried About Elon Musk Buying Twitter

A short essay on why I'm actually optimistic about Elon buying Twitter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/2/20225 minutes, 25 seconds
Episode Artwork

News & Analysis: NO. 329

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/2/202211 minutes, 8 seconds
Episode Artwork

A Conversation with Paul Zimski from Automox

[ SPONSORED INTERVIEW ] In this standalone episode I'm speaking with Paul Zimski, VP of Product Strategy at Automox. In this series I have a short conversation with entrepreneurs and companies that are building interesting stuff. The conversation takes the form of a first-time business lunch, where I ask what the company does, what problems they're trying to solve, and how they're different from other players in the space.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/2/202229 minutes, 28 seconds
Episode Artwork

News & Analysis | NO. 328

Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/25/202213 minutes, 27 seconds
Episode Artwork

News & Analysis | NO. 327

https://danielmiessler.com/podcast/news-analysis-no-327/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/18/202212 minutes, 1 second
Episode Artwork

News & Analysis | NO. 326

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-326/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/11/202212 minutes, 6 seconds
Episode Artwork

News & Analysis | NO. 325

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-325/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/4/202214 minutes, 3 seconds
Episode Artwork

News & Analysis | NO. 324

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-324/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/28/202218 minutes, 51 seconds
Episode Artwork

News & Analysis | NO. 323

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-323/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/21/202213 minutes, 46 seconds
Episode Artwork

News & Analysis | NO. 322

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-322/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/14/202215 minutes, 31 seconds
Episode Artwork

News & Analysis | NO. 321

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-321/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/9/202214 minutes, 39 seconds
Episode Artwork

Sponsored Conversation: Ev Kontsevoy from Teleport

In this sponsored conversation, I talk with Ev Kontsevoy of Teleport. In this series I have organic conversations with entrepreneurs as if having lunch with them and hearing about the product for the first time. They give their pitch, and I dig deeper with questions. Teleport, in my own words, is a way of rethinking how people access and use computing resources. It's a policy-based system that controls who can do what across your entire infrastructure using a central access plane. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/7/202240 minutes, 59 seconds
Episode Artwork

Andrew Ringlein's 5 Crypto Accelerators in Gaming and Business

This standalone episode is a conversation with my friend Andrew Ringlein on the topic of how crypto is best thought of as a set of accelerators for business, with gaming being the initial flagship. We talk about Andrew's 5 principles that accelerate gaming companies adopting crypto first, and then look at how those same concepts will soon be adopted by all types of businesses. We also discuss legitimate doubts around crypto in general, and discuss why we think the concepts are more durable (and inevitable) than the technology.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/6/20221 hour, 5 minutes, 56 seconds
Episode Artwork

News & Analysis | NO. 320

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-320/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/28/202218 minutes, 9 seconds
Episode Artwork

News & Analysis | NO. 319

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-319/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/22/20228 minutes, 45 seconds
Episode Artwork

News & Analysis | NO. 318

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-318/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/14/202211 minutes, 5 seconds
Episode Artwork

News & Analysis | NO. 317

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-317/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/7/202214 minutes, 19 seconds
Episode Artwork

News & Analysis | NO. 316

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-316/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/31/202212 minutes, 3 seconds
Episode Artwork

News & Analysis | NO. 315

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-315/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/24/20229 minutes, 30 seconds
Episode Artwork

Your Value Comes from Your Output

A short essay on how there are no shortcuts to getting a seat at the table. The secret is no secret at all: It's hard work on a hard problem…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/18/20226 minutes, 14 seconds
Episode Artwork

News & Analysis: NO. 314

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-314/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/18/202211 minutes, 11 seconds
Episode Artwork

News & Analysis: No. 313

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-313/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/10/202216 minutes, 32 seconds
Episode Artwork

News & Analysis | No. 312

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-312/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/3/202215 minutes, 25 seconds
Episode Artwork

A Short Episode Before the Holidays

A quick update on log4j and an announcement on the next two weeks during the holidays.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/20/20214 minutes, 43 seconds
Episode Artwork

The Vigilant

A short essay on how we should pay and otherwise reward the thankless heroes who maintain our core internet code.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/13/20212 minutes, 21 seconds
Episode Artwork

News & Analysis | No. 311

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-311/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/13/202114 minutes, 32 seconds
Episode Artwork

News & Analysis | No. 310

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-310/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/6/20219 minutes, 52 seconds
Episode Artwork

News & Analysis | No. 309

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-309/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/29/202111 minutes, 33 seconds
Episode Artwork

News & Analysis | No. 308

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-308/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/22/20216 minutes, 51 seconds
Episode Artwork

Degrees and Credentials in InfoSec

How the needs-college and don't-need-college types are both right about the importance of education for getting into InfoSec.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/15/20214 minutes, 22 seconds
Episode Artwork

News & Analysis | No. 307

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-307/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/15/202122 minutes, 16 seconds
Episode Artwork

News & Analysis | No. 306

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-306/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/8/202116 minutes, 2 seconds
Episode Artwork

News & Analysis | No. 305

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-305/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/1/20219 minutes
Episode Artwork

News & Analysis | No. 304

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-304/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/25/20213 minutes, 53 seconds
Episode Artwork

News & Analysis | No. 303

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-303/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/18/202111 minutes, 55 seconds
Episode Artwork

News & Analysis | No. 302

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-302/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/11/20214 minutes, 39 seconds
Episode Artwork

Weakness and Evil

An essay about the difference between weakness and evil, and how the distinction is often theoretical in harmful relationships.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/8/20213 minutes, 57 seconds
Episode Artwork

Vendor Security 2.0

What we're doing in Vendor Security that isn't working, and what to do instead.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/5/20216 minutes, 3 seconds
Episode Artwork

News & Analysis | No. 301

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-301/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/4/202113 minutes, 26 seconds
Episode Artwork

News & Analysis | No. 300

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-284/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/27/202115 minutes, 51 seconds
Episode Artwork

News & Analysis | No. 299

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-299/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/20/202121 minutes
Episode Artwork

News & Analysis | No. 298

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-298/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/13/202115 minutes, 51 seconds
Episode Artwork

News & Analysis | No. 297

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-297/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/7/202119 minutes, 42 seconds
Episode Artwork

News & Analysis | No. 296

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-296/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/30/202117 minutes, 45 seconds
Episode Artwork

A Sponsored Lunch Conversation with Philippe Humeau of CrowdSec

This is a series where we emulate a first-time business lunch with a vendor/entrepreneur, where you can hear the pitch and ask all your basic questions about the offering. What you hear is exactly the type of conversation I would have with someone in real life during a 30 minute lunch chat where I’m hearing about the solution for the first time.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/25/202127 minutes, 48 seconds
Episode Artwork

News & Analysis | No. 295

  The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-295/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/23/202112 minutes, 50 seconds
Episode Artwork

News & Analysis | No. 294

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-294/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/16/202111 minutes, 34 seconds
Episode Artwork

News & Analysis | No. 293

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-293/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/9/202117 minutes
Episode Artwork

The Strange World of "Good Enough" Fencing

How bad does a fence have to be before it stops being effective?Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/5/20215 minutes, 3 seconds
Episode Artwork

News & Analysis | No. 292

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-292/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/2/202124 minutes, 3 seconds
Episode Artwork

Sustainable Content Creation

How to create consistently without burning out.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/27/20214 minutes, 32 seconds
Episode Artwork

The Presenting Vendor Paradox

Why conferences are full of speakers who represent companies.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/26/20213 minutes, 10 seconds
Episode Artwork

News & Analysis | No. 291

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-291/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/26/202127 minutes, 19 seconds
Episode Artwork

News & Analysis | No. 290

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-290/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/19/202117 minutes, 3 seconds
Episode Artwork

News & Analysis | No. 289

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-289/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/12/202118 minutes, 17 seconds
Episode Artwork

News & Analysis | No. 288

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-288/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/6/202114 minutes, 19 seconds
Episode Artwork

News & Analysis | No. 287

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-287/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/1/202118 minutes, 30 seconds
Episode Artwork

News & Analysis | No. 286

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-286/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/21/202113 minutes, 34 seconds
Episode Artwork

News & Analysis | No. 285

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-285/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/14/20218 minutes, 49 seconds
Episode Artwork

News & Analysis | No. 284

The latest in Security News, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Web Version: https://danielmiessler.com/podcast/news-analysis-no-284/Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/7/202120 minutes, 22 seconds
Episode Artwork

News & Analysis | No. 283

Conti Ransomware Attacks Against US Targets, GPT-3 Disinformation Sways Opinion, SolarWinds Group Has New NativeZone Tool, Open Source HIBP, CASM, Autonomous Drone Attack, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/1/202126 minutes, 26 seconds
Episode Artwork

News & Analysis | No. 282

Pentagon Civilians and Contractors, CISA SolarWinds, CNA, DarkSide Money, China RSA, Senate Science Bill, Google RSS, Technology News, Human News, Notes, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/24/202125 minutes, 10 seconds
Episode Artwork

News & Analysis | No. 281

Darkside Colonial, Cyber Executive Order, DBIR 2021, WiFi Vulns, Microsoft AI Security, OpenSSH Hardware Keys, Insurer AXA Ransomed, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/18/202122 minutes, 48 seconds
Episode Artwork

News & Analysis | No. 280

Oil Pipeline Ransomware, NSA OT Warning, Deepfake Uptick, Insurer Stops Ransomware Payouts, Google Automatic 2FA, AI-powered Cameras in Banks, Technology News, Content, Ideas & Analysis, Notes, Discovery, Recommendations, and the Aphorism of the Week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/10/202124 minutes, 14 seconds
Episode Artwork

News & Analysis | No. 279

FBI and CISA release SVR (Cozy Bear) TTPs, CISA releases an RTOS advisory around ICS, a task force has a plan for the Biden administration to counter ransomware, there's a vulnerability in the ipaddress library in Python, Krebs says Experian leaked credit scores, Censys found 1.93 million online databases, Technology News, Content, Ideas & Analysis, Notes, Discovery, Recommendations, and the Aphorism of the Week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/3/202121 minutes, 17 seconds
Episode Artwork

News & Analysis | No. 278

New Logo, CISA Pulse Secure VPN Orders, Ransomware Gangs + Stock Shorter Scams, Japanese NASA Hacked by China, Dan Kaminsky, LinkedIn Brittons and China/Russia, Codecov Fallout, Technology News, Content, Ideas & Analysis, Notes, Discovery, Recommendations, and the Aphorism of the Week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/26/202112 minutes, 28 seconds
Episode Artwork

News & Analysis | No. 277

CISA FBI and NSA Release Five APT29 Targeted Vulnerabilities, FBI Benign Hacking, The US Sanctioned Russia and Expelled Diplomats, Google's Cookie Replacement Not Going Well, NERC Says 1/4 Customers Downloaded Solarwinds, Technology News, Human News,  Content Curation & Analysis, Discovery, Recommendation, and the Aphorism of the Week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/19/202127 minutes, 39 seconds
Episode Artwork

News & Analysis | No. 276

Social Media Scraping Outbreak, Microsoft AI Security Tool, FBI/CISA FortiOS Warning, Zoom Vuln at Pwn2Own, AWS Bombing, 485% Ransomware Increase, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/12/202126 minutes, 21 seconds
Episode Artwork

News & Analysis | No. 275

University Accellion Breaches, 533 million Facebook Users' Data, Solarwinds Hackers Got Top DHS Emails, Github Secrets Scanning, Ubiquiti's Breach, Seoul's IoT Towers, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/5/202125 minutes, 33 seconds
Episode Artwork

Interview: Amir Majidimehr, Audiophile Industry Disruptor

In this standalone episode I’m speaking with Amir Majidimehr. Amir is an audiophile, but he has a unique approach to the hobby that’s literally disrupting the industry. He’s basically introduced measurement, and what he calls Objectivism, into this very sensitive audiophile world that prizes itself on everything being a matter of preference, or up to the listener. Amir calls these types the Subjectivists. So what Amir does is use his decades of experience, and his professional training, to actual test this equipment—much of which costs tens of thousands of dollars—to find out if their outrageous claims have any merit. It’s truly refreshing to see in the hobby, and I’m excited to talk to him. Amir has a degree in electrical engineering, he used to run the digital media group at Microsoft in the 1980s, and he’s the founder of Audio Science Forums. And here’s our conversation…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/2/20211 hour, 12 minutes, 22 seconds
Episode Artwork

News & Analysis | No. 274

Securing the Grid, PHP hacked, Russia/China Wargames, China v. Tesla, Top 10 American Threats, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/29/202120 minutes, 10 seconds
Episode Artwork

The Consumer Authentication Strength Maturity Model (CASMM)

A maturity model for seeing where a user's internet hygiene currently is, and how to improve it.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/25/202113 minutes, 4 seconds
Episode Artwork

News & Analysis | No. 273

US Intelligence Says Putin and Russia Tampered in 2020 Election, Finland Says APT31 Hacked Parliament, Google Releases Chrome Data Gathering Report, Ulysses Tracks Cars Worldwide, Twitter Steganography, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/22/202121 minutes, 6 seconds
Episode Artwork

News & Analysis | No. 272

Russian/Chinese Deepfakes, Hafnium Fallout, Chinese AI and Cyber, Microsoft Flack, Patch Tuesday Updates, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/16/202122 minutes, 9 seconds
Episode Artwork

News & Analysis | No. 271

Hafnium Fallout and Response, Software Supply Chain Naming Attacks, SITA Airline Attack, REvil, China vs. India in Cyberspace, Russian Cybercrime Forum Hacks, Russians Underming American Vaccines, US Not Ready For AI Competition, CPU Side-channel Attacks, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/8/202129 minutes, 10 seconds
Episode Artwork

News & Analysis | No. 270

SolarWinds Malware Tool, SolarWinds Blaming the Intern, Amazon Whistleblowers, Google Linux Devs, NYC Black Mirror Dog, Portswigger Top 10, API Security Top 10, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/1/202124 minutes, 20 seconds
Episode Artwork

News & Analysis: No. 269

US charges North Korean hackers, Egregor users arrested, Let’s Encrypt Upgraded, Very Few Vulnerabilities Are Dangerous, North Korea Pursued COVID Vaccine Data, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/22/202143 minutes, 46 seconds
Episode Artwork

News & Analysis | No. 268

Florida water hack, ESET Reports 768% More UDP Attacks, 223 Vulns Being Used in Ransomware, Microsoft Will Report State Hack Attempts, Cops Using Copyright Weapons, TikTok Russian Battles, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/15/202127 minutes, 46 seconds
Episode Artwork

News & Analysis | No. 267

Supercookies, Mobile App Tracking, 80% PII, Moody's Cyber Rates, Facial Recognition California, Chinese Men Feminine, Google Bounty Payouts, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/8/202135 minutes, 45 seconds
Episode Artwork

News & Analysis | No. 266

China has 80% of US Adult PII, Chris DeRusha now US CISO, New Version of NAT Slipstreaming, Exposing.AI Looks For Your Face, Birdwatch Misinformation, Pentagon Vaccination Program, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/1/202122 minutes, 55 seconds
Episode Artwork

News & Analysis | No. 265

FireEye Solar Details, Cyberinsurace Supporting Crime, FBI Tracking Cell Pings, RDP DDoS Amplification, Palantir Stock, Fake Job Offers, DDoS Ransomware, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/25/202127 minutes, 1 second
Episode Artwork

What They Don’t Tell You About Being a Bounty Hunter or Content Creator

How the dopamine hits of bugs and praise can become a trap.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/22/20215 minutes, 5 seconds
Episode Artwork

News & Analysis | No. 264

New Member Podcast Feed, NSA and DNS, GSA kills Drones, Parler in Russia, White House AI, SAP, Ubiquity, OpenWRT, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/19/202124 minutes, 53 seconds
Episode Artwork

News & Analysis | No. 263

Congressional System Integrity, FBI Egregor, Parler Dox, Clearview Spike, JetBrains Speculation, Chinese Finacial APTs, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/14/202114 minutes, 30 seconds
Episode Artwork

News & Analysis | No. 259

Recon/Attack Surface Management Analysis, The Pentester's BluePrint, Amazon's 10,000 Small Bets, Sunburst APT29 Hack, Data Dump on the CCP, Ransomware Makes Half of All Major Incidents, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/14/202127 minutes, 27 seconds
Episode Artwork

News & Analysis | No. 257

Amazon Curate (I Wish), Tesla Hack, IoT Security Bill, Iran Assassination, Robot Dogs, Drupal, TikTok Cartels, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/14/202112 minutes, 18 seconds
Episode Artwork

News & Analysis | No. 255

Tim Berners-Lee's Solid Idea, Police Looking Through Ring Cameras, Feinstein's Chinese Spy, Trump Banned 31 Chinese Companies, Microsoft on MFA, US Trolling Russian APT, Zoom Thanksgiving, Facbook Copying Snap, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/14/202121 minutes, 41 seconds
Episode Artwork

News & Analysis: No. 253

US Election Security, How to Write Well, The Future of Sensors and Algorithms, I Like Pre-recorded Conference Talks, Substack is Great For Newsletters BUT, Zoom End-to-End Encryption, Chinese Espionage Database, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/3/202021 minutes, 13 seconds
Episode Artwork

News & Analysis | No. 251

The Content Value Hierarchy, Chinese Suicide Drones, 900,000 Unemployment Claims, Law Enforcement Suspending Leave, Tricking Teslas, Sweden Increasing Military Spending, Atlanta Drone Arrest, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, the Weekly Aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/19/202024 minutes, 9 seconds
Episode Artwork

Operation Fortify: A US Ransomware Plan

A simple yet comprehensive plan for how the United States could address its devastating ransomware problem.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/15/20209 minutes, 6 seconds
Episode Artwork

The Relationship Between Hardship, Struggle, and Meaning

My essay on how struggle could be necessary for meaning, and how this could be the underlying cause of much of America's mental health problem.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/15/202013 minutes, 53 seconds
Episode Artwork

News & Analysis | No. 250

CrowdSec, Nudge, Trickbot Trickery, CISA Ransomware Guide, Twitter and Facebook anti-Disinformation, QAnon Takedowns, Putin Turning on Trump, Azure Vulnerabilities, PC shipments up, Virtual Sales Call AI, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/12/202026 minutes, 54 seconds
Episode Artwork

News & Analysis | No. 249

Operation Fortify, Cyber Pearl Harbor, Github Code Scanning, E-6B Flights, Blackbaud++, Grinder Password Reset, Cloudflare API Security, QNAP Drama, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/5/202021 minutes, 54 seconds
Episode Artwork

News & Analysis | No. 248

Everyday Threat Modeling, Why I Like TikTok So Much, Windows XP Leak, SSH 8.4, Renée DiResta's Latest, Student Visas Changes, Cisco IOS Vulns, QAonon Gamification, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/28/202016 minutes, 44 seconds
Episode Artwork

Why Creators Should Move to Direct Support Monetization

My essay about why I think creators—especially in InfoSec—should be setting up their own domains and moving to a direct model for monetization.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/24/202011 minutes, 41 seconds
Episode Artwork

No, Changing Your SSH Port Isn't Security by Obscurity

My latest essay on the timeless debate on SSH ports and Security by Obscurity. I talk about why changing your port is not usually obscurity, and give what I believe to be an airtight method of how you can tell the difference between regular security and Security by Obscurity.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/23/202013 minutes, 4 seconds
Episode Artwork

News & Analysis | No. 247

SSH Port Obscurity, The TikTok Deal, Ransomware Death, Chinese Espionage CRM, Amazon Bribery, Instant Domain Admin, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/21/202020 minutes, 2 seconds
Episode Artwork

Book Summary | Naked Statistics, by Charles Wheelen

In this episode, I review the book Naked Statistics, by Charles Wheelen. I cover: My one-sentence summary of the text The table of contents, which is super helpful to see the structure of the argument My capture of the main points My takeaways, questions, and ideas that came from reading it My final summarization And then my rating of the book and whether I recommend you read the full text Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/16/202022 minutes, 44 seconds
Episode Artwork

News & Analysis | No. 246

Gullibility vs. Disinformation, Russia, Iran, and China Attacking US Elections, Oracle TikTok, US Revokes Chinese Visas, China vs. US Cyber, Patch Tuesday, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/14/202026 minutes, 2 seconds
Episode Artwork

Book Summary | Atomic Habits, by James Clear

In this episode, I review the book Atomic Habits, by James Clear. I cover: My one-sentence summary of the text The table of contents, which is super helpful to see the structure of the argument My capture of the main points My takeaways, questions, and ideas that came from reading it My final summarization And then my rating of the book and whether I recommend you read the full text Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/10/202016 minutes, 7 seconds
Episode Artwork

News & Analysis | No. 245

Anxiety and Freedom, Microsoft Deepfake Detection, Facebook Disinformation, Replacing Huawei, India China Apps, JEDI Microsoft, A Text Scam, Cisco Jabber Flaw, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/8/202025 minutes, 5 seconds
Episode Artwork

News & Analysis | No. 244

Russian attempted hack of Tesla, New Zealand SE DDoS, Drone Assassinations, China Unified Social Credit System, Cisco Sabotage, Stolen Gaming Accounts, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/31/202018 minutes, 9 seconds
Episode Artwork

News & Analysis | No. 243

InfoSec Creator Monetization, Initiating Contact with a Mentor, The Dark Side of Bounty/Creator Life, Facebook Election Threat Scenarios, Uber CISO Arrested, Spy HR Review Goes Bad, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/24/202025 minutes, 49 seconds
Episode Artwork

News & Analysis | No. 242

Clearview AI ICE, NSA/FBI Fancy Bear Malware, Indian Health Card, Trump TikTok 90 Days, Startups Dying, Uber/Lyft vs. Courts, Android Earthquakes, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/17/202024 minutes, 2 seconds
Episode Artwork

News & Analysis | No. 241

State Department Russian Media, Clean Network Plan, Cap One Fine, NSA Tracking Warning, YouTube Account Ban, Amazon Malls, No More Pixel 4, Audio RPGs, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/10/202024 minutes, 36 seconds
Episode Artwork

News & Analysis | No. 240

FBI Twitter Suspects, Recorded Future China Vatican, TikTok Microsoft Sep 15th, Amazon and Shopify Thriving, Forrester Ad Spending, Samsung Out of China, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/4/202016 minutes, 18 seconds
Episode Artwork

Unsupervised Learning: No. 239

Pentagon Information Warfare, Fancy GRU Attacks, 2 Chinese COVID Hackers, Chief Software Officer, Space Force DEVOPS, FBI Chinese Tax Software, DJI Drone Vulns, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/27/202010 minutes, 16 seconds
Episode Artwork

Unsupervised Learning: No. 238

Twitter's Breach, The US Attacked IRA, Bloomberg FBI Sabre, Iran Keeps Getting Hacked, Russia's Cozy Bear, Cloudflare Outage, UIPath Automation, Verizon Uses Google AI to Automate Customer Service, Gamers Are Spending More, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/21/202029 minutes, 11 seconds
Episode Artwork

Our Lighted Path to Totalitarianism

An essay on how five trends seem to naturally guide civilizations towards Totalitarianism as they progress, and what we can do to avoid that outcome.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/16/202014 minutes
Episode Artwork

Unsupervised Learning: No. 237

Americans in China, TikTok Banning, Chinese Critics, BlueLeaks, Router Security, COVID Accelerating Trends, Twitter Subscriptions?, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/13/202014 minutes, 45 seconds
Episode Artwork

Searching for the Ultimate Obstacle to Creativity

This essay looks at Training as Avoidance, The Toolbox Fallacy, and procrastination, and explores a potential root cause that underpins them all to inhibit creativity.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/7/202017 minutes, 35 seconds
Episode Artwork

Unsupervised Learning: No. 236

Encrochat breach, F5 Big Problem, DHS Social Election Query, WastedLocker, India Bans Chinese Apps, Florida DNA Privacy, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/6/202027 minutes, 40 seconds
Episode Artwork

Unsupervised Learning: No. 235

Chinese diplomats stealing secrets, COVID flying risk, RT interviewing US cops, Army Ignite future predictors, China launches its GPS network, Russians paid bounties to kill US troops, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/29/202018 minutes, 31 seconds
Episode Artwork

Unsupervised Learning: No. 234

Ripple20 IoT Vulns, Homeland Security Surveillance, US Cyber Budget, Adobe EOL, AWS DDoS, Bellingcat Poison Investigation, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/21/202020 minutes, 18 seconds
Episode Artwork

The Dark Web Has Nothing on Data Brokers

How so-called legitimate Data Brokers are a far worse threat to peoples' privacy than cyber-criminals operating on the Dark Web.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/15/20207 minutes, 37 seconds
Episode Artwork

Unsupervised Learning: No. 233

SMBleed, Republicans. vs. China, Hawkey Surveillance, COVID in August 2019, IBM Facial PR, Palantir NHS, Blockchain Misinformation, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/15/202020 minutes, 3 seconds
Episode Artwork

The Problem With Extracted Versions of Things

A short essay on how we might get more pleasure from things that take longer to process and attain, and what we can do with that information.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/12/20205 minutes, 55 seconds
Episode Artwork

Unsupervised Learning: No. 232

COVID-19 Trends, New Zoom Trouble, Facebook Blocking, Chrome Incognito Suit, Retail Rents, Nuclear Contractor Hack, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/8/202033 minutes, 14 seconds
Episode Artwork

Unsupervised Learning: No. 231

US Protests & Unrest, Trump Goes Into the Bunker, NSA Warns on Exim, Octopus Scanner, Stanford's SIO Virality Project, Windows 10 Update, SHA-1 Deprecated in SSH, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/1/202018 minutes, 17 seconds
Episode Artwork

Unsupervised Learning: No. 230

Twitter Bots, Face Recognition Headsets, Chrome Bug Memories, Virtual Currency, White House OPSEC, Realtime Language Translation, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/25/202024 minutes, 7 seconds
Episode Artwork

Analysis of the 2020 Verizon Data Breach Report

In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. He looks at the key findings and talks about what they might mean to us going forward.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/20/202010 minutes, 39 seconds
Episode Artwork

Unsupervised Learning: No. 229

Feds Release Top Vulns, China Brainwave Tracking, Europe CISSP Masters, Army Electronic Warfare, Microsoft Third-largest Patch Tuesday, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/18/202019 minutes, 16 seconds
Episode Artwork

Unsupervised Learning: No. 228

Thunderbolt Attack, Celebrity Ransomware, ClearView Government, Blackhat DEFCON Virtual, War Thunder, 5G Bio Attacks, PC Game Cheating, Zoom Keybase, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/12/202016 minutes, 38 seconds
Episode Artwork

Unsupervised Learning: No. 227

VICE vs. Chinese Surveillance, Indian Contact Tracing, NHS + GCHQ, Banjo Racism, Singapore Requires Check-ins, Bruce on Contact Tracing, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/4/202020 minutes, 19 seconds
Episode Artwork

Unsupervised Learning: No. 226

Bay Area Lockdown Til May, The Swedish Approach, California Autopsies, Zoom Security Updates, Palantir Contacts, NSA Web Vulns, GreyNoise Services, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/28/202020 minutes, 44 seconds
Episode Artwork

A Conversation with Renée DiResta: Disinformation and Conspiracy Propagation

In this episode, Daniel speaks with Renée DiResta about her work tracking narratives online. They discuss: The different strains of false information Her work at the Stanford Internet Observatory How the same narrative can be used by multiple sides The origin of the Bill Gates conspiracies Mapping campaigns to actor strategies What she recommends others do who are interested in her field Other topics around disinformation, conspiracy, and narrative tracking Renée DiResta is the technical research manager at Stanford Internet Observatory, a cross-disciplinary program of research, teaching and policy engagement for the study of abuse in current information technologies. Renee investigates the spread of malicious narratives across social networks, and assists policymakers in devising responses to the problem.              Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/22/20201 hour, 6 minutes, 20 seconds
Episode Artwork

Unsupervised Learning: No. 225

Flu Simulations, Amazon Thermal Cameras, Facebook Bad Info Tracing, 5G Gates Conspiracies, Google Slows Hiring, Amazon Hires More, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/21/202014 minutes, 47 seconds
Episode Artwork

Unsupervised Learning: No. 224

Biogen Superspreaders, African Locusts, Game of Life, Meat Troubles, 5G Conspiracies, Japan Getting Out of China, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/14/202020 minutes, 11 seconds
Episode Artwork

Unsupervised Learning: No. 223

Coronavirus unemployment rate, 2 million guns, UK 5G attacks, German Antibodies, Zoom Drama, New Cloudflare Servers, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/7/202015 minutes, 52 seconds
Episode Artwork

A Conversation With Leif Dreizler About Security Engineering at Segment

So today I’m talking to Leif Dreizler. Leif is a buddy of mine who also works in San Francisco. He’s a developer at a company called Segment, and over the last year or so he’s been telling me about all kinds of cool stuff he’s been working on, how his team is set up, and how they see security teams being built in the future. So we’re going to cover those topics and more in a conversation that ranges from security engineering strategy to solving specific problems through custom tooling.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/2/202054 minutes, 55 seconds
Episode Artwork

Unsupervised Learning: No. 222

Who's hiring, freezing, and laying off, models predict 100-200K US deaths, April distancing, Adversarial Capital, Booz Russia, Google State Phishes, Worker Monitoring, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism… Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/30/202034 minutes, 3 seconds
Episode Artwork

Unsupervised Learning: No. 221

Health-justified Video Surveillance, FDA Emergency Approval of a C19 Test, Israel Mobile Monitoring, Amazon Essentials, Pandemic Drone Monitoring, Retasking Factories, Rich People Ventilators, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/24/202026 minutes, 28 seconds
Episode Artwork

Unsupervised Learning: No. 220

Virus updates, Github gets NPM, New Stimulus, Amazon Hiring 100K, Saltwater Nozzles, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/17/202020 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 219

Coronavirus Update, Nation-state Exchange Hacking, FuzzBench, New Artillery, Germ Catapults, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/9/202013 minutes, 18 seconds
Episode Artwork

Unsupervised Learning: No. 218

SARS-CoV-2 update, China's health tracking, Firefox DNS over HTTPS, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/2/202014 minutes, 12 seconds
Episode Artwork

Unsupervised Learning: No. 217

MGM breach, DDoS and Ransomware on the Rise, Twitter v. Bloomberg, Tesla Tape, Russia Pro Trump & Pro Bernie, Tapping Cables, Insider Concern, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/24/202019 minutes, 13 seconds
Episode Artwork

Unsupervised Learning: No. 216

Adsense Extortion, OT Ransomware Attack, Ring 2FA, Smart Speaker Jamming Bracelet, DARPA's Flying Gun, Lots of Advisories, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/20/202013 minutes, 51 seconds
Episode Artwork

A Conversation With General Earl Matthews on Election Security

In this episode I speak with retired Air Force Major General Earl Matthews on the topic of election security. We talk about digital elections, attacking trust in the US system, social media influence campaigns, and possible motives for foreign interference in US elections.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/15/202039 minutes, 4 seconds
Episode Artwork

Unsupervised Learning: No. 215

Iran DDoS, Jigsaw Picture Validation, 1000 Chinese Espionage Cases, Twitter Deepfake Labeling, Android Bluetooth Vuln, Cisco Discovery Vuln, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/10/202014 minutes, 12 seconds
Episode Artwork

Unsupervised Learning: No. 214

London Facial Recognition, Coalfire Freedom, NYT Reporter Spyware, Avast Sells Customer Data, Google's Bounty Program, Kali 2020, Harvard Chemist Espionage, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/4/202027 minutes, 57 seconds
Episode Artwork

Unsupervised Learning: No. 213

Saudi Bezos Hack, MIT Davos AI, Moar Energy Attacks, NIST Privacy, Ohio CISO, Microsoft Data Breach, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/27/202018 minutes, 22 seconds
Episode Artwork

Unsupervised Learning: No. 212

Clearview AI Surveillance De-anonymizing Faces, Face Obscuring Tech, Google Cookies, San Diego GE Surveillance, Oregon Selling DMV Data, Windows 7 Done, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/21/202021 minutes, 32 seconds
Episode Artwork

Unsupervised Learning: No. 211

California's Privacy Law, SHA1 exploit, Ransomware Storage, Ring Voyeurs, 20 vs. 2020, ATT&CK ICS, Telecom SMS, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/13/202017 minutes, 37 seconds
Episode Artwork

Visibility and Understanding Create Both Tools and Weapons

How increased understanding leads to the creation of better and better tools, and why tools are inexorable from weapons.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/12/20205 minutes, 50 seconds
Episode Artwork

Unsupervised Learning: No. 210

War with Iran, TikTok, New GIAC cert, Mystery Drones, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/8/202012 minutes, 42 seconds
Episode Artwork

Unsupervised Learning: No. 209

Ring Sued, Mean Time to Hardening, APT20 2FA, China Base Pictures, China Satellites, Angled Toilets, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/30/201915 minutes, 7 seconds
Episode Artwork

Unsupervised Learning: No. 208

Mobile Tracking, Chinese Drone-Flu Terrorism, Message Spying, Bing Misinformation, 23andMe GlaxoSmithKline, Spam Laws, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/23/201915 minutes, 19 seconds
Episode Artwork

Unsupervised Learning: No. 207

Pentagon vendor requirements, Ring camera freakout, Bluetooth Thieves, Palantir Pentagon, Amazon Rekognition, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/17/201928 minutes, 37 seconds
Episode Artwork

Unsupervised Learning: No. 206

Vietnamese BMW APT, Defense Contractor Prep, China replacing a culture, HackerOne Cookie Snafu, Chinese Also Worried About Privacy, China Mobile Face, CDC Flu Warning, AWS Sagemaker, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/9/201921 minutes, 45 seconds
Episode Artwork

Unsupervised Learning: No. 205

Spam trends, CWE's latest 25, Uber audio recordings, Uber unauthorized drivers, Chinese research theft, Google state-actor notifications, bluetooth burglars, Nixon deepface, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/2/201934 minutes
Episode Artwork

Unsupervised Learning: No. 203

Google health care, Google checking, Github open source, China policy hack, Hactivist bounties, healthcare attacks, facial protests, OSINT CTF, surveillance robots, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/18/201918 minutes, 4 seconds
Episode Artwork

Unsupervised Learning: No. 202

Capital fired, DHS biodata, Twitter insiders, Baltimore Cyber Insurance, Airbnb Assessment, Google Play Malware, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/11/201914 minutes, 23 seconds
Episode Artwork

Unsupervised Learning: No. 201

Unify drama, Fancy cheating, NSO lawsuits, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/4/201919 minutes, 50 seconds
Episode Artwork

Unsupervised Learning: No. 200

200th episode!, White House cyber vacancies, AT&T SIM bribery, South Africa ultimatum, climate change power crash, Bahgdadi dead, RuNET, NYT insanity, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/28/201917 minutes, 52 seconds
Episode Artwork

Unsupervised Learning: No. 199

Stolen Cards Stolen, Autoclerk Hacked, TeamViewer Hacked, Russia Pretending to be Iranian, JackSpotting, Pixel4 Faces, FrenchFacRec, Samsung Fingerprints, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/21/201918 minutes, 29 seconds
Episode Artwork

Unsupervised Learning: No. 198

Eye reflection EXIF, WiFi gait, Russian Cyber Clusters, Russia African Americans, China Pressure, VPN drama, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/14/201918 minutes, 5 seconds
Episode Artwork

Unsupervised Learning: No. 197

Yahoo creep, DarkNet, E2E encryption, Cyber talent, RandomDeath, Private Data Property, Eyeballer, plus Technology News, Human News, Ideas Trends and Analysis, Updates, Discovery, Recommendations, and the Aphorism for the week!Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/7/201924 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 196

New York is suing Dunkin (Donuts) for not revealing breaches in a timely manner (going all the way back to 2015), which is says jeopardized their customers. Good for New York. It's one thing to be breached: it's much worse to try to pretend it didn't happen. MoreNPR wrote an extraordinary piece on how the US penetrated ISIS' communications infrastructure and basically tore it down from the inside. It includes significant details on the operation, which made me cringe as I read them because they were so descriptive. But what we lost in operational surprise we likely gained in deterrence. MoreUyghurs are playing cat and mouse with the Chinese government on the TikTok platform, with the former using videos to show solidarity while the latter searches for and deletes the content. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/30/201924 minutes, 40 seconds
Episode Artwork

Unsupervised Learning: No. 195

Here's the new MITRE 2019 25 Most Dangerous Software Errors. Memory corruption bugs are huge right now. MoreThere's a ton of recent DDoS activity that's leveraging IoT devices for UDP amplification attacks. Specifically, the WS-Discovery service (WSD) is being used because the response to request ratio is so large (from 43% to 15,000%). MoreThere's a lot of chatter out there about Snowden due to his new book coming out, the NSA suing to keep him from making money off of it, him saying he'd like to come home, and him reiterating that he was just trying to do the right thing. Oh, and him saying he's never cooperated with the Russians. This whole situation makes me cautious of anyone with a singular and strong opinion about this, including myself. In 2016 I wrote a short piece about my opinion, and I am pretty much still in the same place with it. In short, if you think he's a hero you're probably wrong, and if you think he's a traitor you're probably wrong. He seems to be some combination of these two things, and from day to day, article to article, and book to book, I simply can't tell how much of which. BookBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/23/201926 minutes, 9 seconds
Episode Artwork

Unsupervised Learning: No. 194

Not sure how this isn't bigger news, but Saudi Arabia shut down half its oil production after a number of drones attacked the largest oil processing plant in the world. Yemeni rebels claimed credit, but the US blames Iran. MoreDNS over HTTPS is coming to Chrome as well, so it's not just Firefox. So this is basically where browsers have a preferred DNS server, which works over HTTPS, and ISPs therefore won't be able to see every DNS request that users make. This will be a good thing for reducing the risk of ISPs (and actors with access to their logs) seeing what people are requesting, but it raises questions around filtering, caching networks, and other major components of the status quo. MoreA couple of Coalfire Pentester's got arrested and are still in custody for trying to break into a courthouse that they were actually paid to break into. Evidently, it's not clear whether the physical part was in scope or not. So, no, the get out of jail free card wouldn't have helped. Everyone already knows they were doing it thinking it was ok; the question is next steps. And meanwhile they sit in jail, probably spending all their time mentally working on DEFCON slides. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/15/201924 minutes, 27 seconds
Episode Artwork

Unsupervised Learning: No. 193

AIG says BEC has overtaken ransomware as the primary claim type against their cyber insurance policies in EMEA, accounting for 23% of claims. More PaperThe NSA Cyber Chief wants to share digital threat information early and often. I like the fact that they're opening up a bit, and I think it's only good for everyone (except bad guys). The more they share the higher the bar is for attackers, and the less time they have to use certain TTPs. This is exactly the type of Government-Industry interaction that we need to be doing more of to stay ahead of China. MoreNYU did a report on how social media is likely to be used for misinformation campaigns in 2020. They say Instagram will be a much bigger player this time around, which makes sense given that images are the dominant meme carrier. Article StudyBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/8/201922 minutes, 10 seconds
Episode Artwork

Unsupervised Learning: No. 192

Ring has already partnered with over 400 police departments. As you know, I'm torn on this kind of tech. Neighborhood watch can be a good thing, and it can also be a bad thing. Technology tends to magnify both weaknesses and strengths, so it can make neighborhood watch really great, or it can turn it into a nightmare. The problem is that you can easily start on the positive side, build it all the way up, and then in a few legal, policy, and tech changes have it turn into the oppressive form. Some say this is a reason not to do any of this stuff, but I disagree. We know someone is going to do it, so I think the best thing that can be done is to build a benign version and hope it wins in the market. More People are drawing comparisons between China's social credit system (which is actually multiple systems) and the Silicon Valley's various apps that have internal rating systems. They're saying that these ratings will eventually be used to make decisions about things that matter. Sure, but this has existed throughout human history. Word of mouth, blacklists, etc.: these are all ways of extending the reach of good or bad reputation. I think whenever someone points out the downside of a technology, we should ask ourselves whether that dynamic exists already in the real world, and adjust our opinions accordingly. MoreThe Pentagon is worried that China will beat the US in AI if we don't create a stronger link between the government and both academia and industry, which China is good at. We basically need to move faster from edge concepts to practical implementations, but it's damn hard to do this when we have all sorts of legal and ethical constraints that China doesn't have. Our caution and morality are a definite weakness in this case. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/2/201935 minutes, 4 seconds
Episode Artwork

Unsupervised Learning: No. 191

Protestors in Hong Kong are physically attacking and destroying facial recognition cameras. MorePalo Alto says 7 out of 10 new domain registrations (NDRs) are either malicious or not safe for work, and they encourage companies to block them. MoreLt. Gen. Fogarty is fighting to change the name of Army Cyber Command to Army Information Warfare Command, and to give the group a much larger scope in its mission. MoreWe continue to see attacks against open source supply chains, in packages like NPM, RubyGems, Webmin, and many others. It's about to become imperative for people to understand—and to be able to validate—the entire chain of trust that a given application sits upon before they use it. There have been many companies in this space in the past, but I expect to see them (and new players) get a lot more attention soon. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/26/201925 minutes, 53 seconds
Episode Artwork

The Difference Between Data, Information, and Intelligence

The terms intelligence, information, and data are thrown around pretty loosely in most tech circles, and this inevitably leads to people confusing and/or conflating them. What follows is a simple explanation of how the related terms are different from each other, and how they work together.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/19/20195 minutes, 19 seconds
Episode Artwork

Unsupervised Learning: No. 190

There are some seriously nasty Windows RDP bugs out there. If you have RDP facing the internet, make sure you're patched. And try to get to VPN as soon as possible. MoreA huge survey of firmware security has found virtually no improvement over the last 15 years. People seem surprised by this, but it is exactly what I would have predicted based on my analysis here. Basically, for most people not in the industry, our current state is actually fine. MoreNYPD has over 82K peoples' DNA in a database, and the program has little visibility and oversight. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/19/201922 minutes, 38 seconds
Episode Artwork

Unsupervised Learning: No. 189

Ring is developing two-way relationships with hundreds of police departments in the US. This allows Ring users to be alerted to crime in their area via 911 data, and police departments to pull video from participating Ring devices. This is the type of functionality that most people will see and think, “Wow, I'd love to have that!”, which is why it's going to be very successful. But it's also one tiny step away from something terrifying. MoreA number of critical bugs in VxWorks are going to cause issues with infrastructure for years to come. MoreDARPA is building a $10 million dollar, open source voting system with a focus on security. MoreIt looks like China's social credit system might not be a giant monolithic system, but rather a series of siloed experiments. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/13/20198 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 188

Marcus Hutchins got off with time-served, and people have feelings. The range basically goes from 'he did nothing wrong', to, 'he should rot in prison'. In my mind this outcome was close to perfect. Remember, he went through two years of hell since being brought up charges, he's still a convicted felon, and he also is largely banned from the US. I think it's good that he admitted guilt, faced consequences, and is being offered a chance to continue giving back to the community. MoreAttorney General Barr said recently that companies should put backdoors in their products that bypass encryption, or else the government will pass laws that require it. This is unspeakably stupid. Without even getting into the philosophy of whether the internet can host a private conversation (which requires a warrant to tap), we can just start with the fact that backdoors present a clear and present danger to security, right now, due to the weaknesses of those who create them. If the NSA can be hacked or somehow lose its sensitive tools and materials, there's no company this cannot happen to. Purposefully installing backdoors therefore equates (effectively) to giving such access to attackers. Unacceptable. MoreEquifax is offering people $125 dollars in reparations for them losing all your data. But to get it, you have to log in and give a bunch of data about yourself. It's hilarious. They made money offering credit protection after the breach, and now they're going to collect updated information on anyone who wants to collect $125. On Twitter I called this a sadder and more permanent form of giving plasma. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/29/201919 minutes, 29 seconds
Episode Artwork

Humans Are Genebots

Unpacking the evolution-granted bliss of prep schools and elite institutions, and why they resonate so much with us.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/26/20197 minutes, 47 seconds
Episode Artwork

Machine Learning Doesn’t Introduce Unfairness—It Reveals It

The difference between unfairness and bias in machine learning.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/25/20198 minutes, 34 seconds
Episode Artwork

Unsupervised Learning: No. 187

Lots of people in the security community went silly over the FaceApp application last week, basically saying that you shouldn't be using the application because they'll steal your face and then be able to impersonate you. Oh, and then it turned out to be a Russian company who put out the application, and that made it 100x worse. The problem here is the lack of Threat Model Thinking. When it comes to election security, propaganda discussions, etc., I am quite concerned about Putin's willingness and ability to harm our country's cohesion through memes and social media. But that does not extend to some random company stealing faces. Why? Because before you can get legitimately concerned about something, you have to be able to describe a threat scenario in which that thing becomes dangerous. As I talked about in this piece, pictures of your face are not the same as your face when it comes to biometric authentication. There's a reason companies need a specific device, combined with their custom algorithm, in order to enroll you in a facial identification system. They scan you in a very specific way and then store your data (which is just a representation, not your actual face) in a very specific way. Then they need to use that same exact system to scan you again, so they can compare the two representations to each other. That isn't happening with random apps that have pictures of you. And even if that were the case, they could just get your face off your social media, where those same people who are worried are more than happy to take selfies, put their pictures on profile pictures, and make sure as many people see them as possible. There are actual negative things that can be done with images (like making Deepfakes of you), and that will get easier over time, but the defense for that is to have zero pictures of you…anywhere. And once again you have to ask who would be doing that to you, and why. Bottom line: authentication systems take special effort to try to ensure that the input given is the same as the enrollment item, e.g., (face, fingerprint, etc.), so it will not be easy any time soon to go from a random picture to something that can full a face scanner or fingerprint reader at the airport. People reading this probably already know this, but spread the word: threat modeling is one of our best tools for removing emotion from risk management. A contractor named SyTech that does work with Russian FSB has been breached, resulting in the release of 7.5TB of data on the FSB's various projects. This is obviously embarrassing for SyTech and the FSB, but the leaked projects focused on de-anonymization, spying on Russian businesses, and the project to break Russia away from the Internet, which are all known and expected efforts. So there don't seem to be any big reveals as a result of the leak. MoreSomeone discovered that a bunch of browser extensions were reading things they shouldn't be, and sending them out to places they shouldn't be. This is not surprising to me. Chrome extensions are like Android apps, which should tell you all you need to know about installing random ones that seem interesting. My policy on browser extensions is extremely strict for this reason. People need to understand how insane the entire idea of the modern web is. We're visiting URLs that are executing code on our machines. And not just code from that website, but code from thousands of other websites in an average browsing session. It's a garbage fire. And the only defense really is to question how much you trust your browser, your operating system, and the original site you're visiting. But even then you're still exposing yourself to significant and continuously-evolving risk when you run around clicking things online. And the worst possible thing you can do in this situation is install more functionality, which gives more parties, more access, to that giant stack of assumptions you're making just by using a web browser. The best possible stance is to have as few people possible with access to your particular dumpster. And that means installing as few highly-vetted add-ons as possible. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/22/201935 minutes, 9 seconds
Episode Artwork

Time Speeds Up When You’re Wasting It

An essay on why time can feel like it's speeding up when you get older, and how to slow it back down.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/20/20195 minutes, 16 seconds
Episode Artwork

Unsupervised Learning: No. 186

Parts of Manhattan had a power outage Saturday night, which happened to be the anniversary of another power outage in 1977. The power company apologized but didn't explain what happened. The hacker in me thinks this could easily be a probing shot by a sophisticated attacker, or a fun prank by amateurs. But the overwhelming odds are on simple failure. Either way, this country needs to get a whole lot more resilient to small attacks, because enough small ones can quickly become a big one. MoreZoom has had a bad week or two. Not only did it have a major vuln, but it turned out to be part of the design, and they moved relatively slowly in addressing it, and then companies started auto-uninstalling it from their OS. They had a lot of momentum going in the space, too. This will sting for sure. MoreFacebook will be fined $5 billion over its various privacy catastrophes. MoreMarriott is being fined $124 million over the Starwood breach. Real question: how does that compare to their coffee budget? MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/15/201920 minutes, 34 seconds
Episode Artwork

Unsupervised Learning: No. 185

The Telegraph has found strong links between Huawei employees and Chinese intelligence agencies. The Huawei counter was that this was extremely common among telecom companies, and that it wasn't a big deal. The counter to that counter was, basically, "Well, then why did you try to hide it?" /gg MoreThe NPM security team caught a malicious package designed to steal cryptocurrency. A lot of these packages work by uploading something useful, waiting until it's used by lots of people, and then updating it to have the malicious payload. My buddy Andre Eleuterio did the IR on the situation there at NPM, and said they're constantly improving their ability to detect these kinds of attacks. Luckily NPM's security team had the talent and tooling to detect such a thing, but think of how many similar companies aren't so equipped. I think any team that's part of a supply chain should be thinking about this type of attack very seriously. MoreFederal agents are mining state DMV photos to feed their facial recognition systems, and they're doing it without proper authorizations or consent. To me this has always been inevitable because—as Benedict Evans pointed out—it's a natural extension of what humans already do. You already have wanted posters. You already have known suspects lists. And it's already ok for any citizen or any cop to see any person on that list and report them. In fact it's not just possible, it's encouraged. So the only thing happening here is that process is becoming a whole lot more aware (through more sensors), and therefore more effective. Of course, any broken algorithms that identify the wrong people, or automatically single out groups of people without actual matches, those issues need to be snuffed out for sure. But we can't expect society to not use superior machine alternatives to existing human  processes, such as identifying suspects in public. That just isn't realistic. Our role as security people should be making sure these systems are as accurate as possible, with as little bias as possible, by the best possible people. In other words, we should spend our cycles improving reality, not trying to stop it from happening. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/8/201921 minutes, 37 seconds
Episode Artwork

The World is Collapsing Into Two Countries—Green and Red

The world being sorted into two different countries—a Green country of the top 10% of income/wealk, and a Red country that's everyone else. These countries are separated not by geography, but by class.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/3/20198 minutes, 12 seconds
Episode Artwork

Unsupervised Learning: No. 184

I created a new tutorial on OWASP Amass, and just joined the team as a contributor as well. TutorialChinese hacking groups have been embedded deep inside multiple major US tech firms for many years, including Fujitsu, Tata, NTT, Dimension Data, and HPE. The first thing you should be thinking is where else they are today. MoreAmazon is getting heavier into the SIEM space (and perhaps others) with their new Amazon Security Hub offering. It takes in lots of event types from various AWS services, and surfaces what it thinks is most important. Of course, it doesn't do this for other product types, i.e., non-AWS stuff, but that could come eventually. MoreAmazon also launched a new service that lets you monitor your AWS VPC traffic. And lots of vendors are announcing their support for it. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/1/201918 minutes, 53 seconds
Episode Artwork

Unsupervised Learning: No. 183

There's a Linux vulnerability called SACK Panic (among other names) that takes advantage of a kernel feature called Selective ACK. The feature lets systems tell the other side of the conversation how much data it's received, and it turns out it can be overflowed or fuzzed. The former creates a crash, and the latter creates a slowdown. You should patch. And if you have any services facing the internet running Linux, you should definitely patch. MoreA Florida city paid $600,000 in bitcoin to get access to their data back from a ransomware gang. MoreMagic Leap is suing former engineer Chi Xu for allegedly using his knowledge of the headset to make a version for China. MoreThe average security group is running over 50 security tools. As my friend Jeremiah once said when looking at a Momentum Partners slide, "Are we secure yet?" MoreAmazon just got a patent for using delivery drones for surveillance. I don't necessarily think that means they'll use delivery drones for surveillance though. That's what a lot of the conspiracy theorists will say, though—just based on them getting a patent for using delivery drones for surveillance. Actually, the patent is a bit more benign than my joke implies. It's designed to monitor opted-in people's property, a lot like a house camera or a Ring device. Makes sense. But still. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/24/201913 minutes, 7 seconds
Episode Artwork

Unsupervised Learning: No. 182

The US is supposedly ramping up attacks against Russian power grid through the use of new cyberattack powers granted by Trump. I am happy to hear of this, but it's an example of where we as outsiders can only know a tiny fragment of the story. But any signs that this administration sees Russia as a foe, and are treating it as such, are positive in my view. MoreAdobe is entering the deepfakes arena by showing off research tools designed to detect manipulated photos. MoreTarget stores have been hit by major outages. MoreMany places are using very granular bluetooth beacon tracking to watch you move throughout their businesses, including airports, malls, subways, buses, gyms, hotels, festivals, museums, etc. MoreThe US is going after ethnic Chinese researchers in the medical field, and specifically at cancer centers. I'm all for becoming more aggressive towards the Chinese government pilfering the world's intellectual property, but, um, cancer research is one thing that I think it's ok to spread widely. It's not like they're stealing the only copy of the research; they're just sharing it. Maybe I'm missing something, but if that something is just about who makes the profit, then I'm calling Meh. MoreFirewalling outbound DNS could save companies billions. Yes! I've been on about this for years. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/18/201910 minutes, 36 seconds
Episode Artwork

Unsupervised Learning: No. 181

Some absolutely fascinating research has just come out on what percentages and types of vulnerabilities are actually exploited in the wild. It found that only 5.5% of vulnerabilities discovered between 2009 and 2018 were actually exploited, with most of those being issues with a CVSS score of 9 or 10. The best part of the paper, however, was a discussion of optimal patching strategies, where they looked at different methodologies for what to patch and measured them against each other based on coverage (no misses) and efficiency (not patching what you don't have to). Options included patching by CVSS, whether or not there are public exploits, by vulnerability tags, etc. The ML model performed best, but it seemed that patching the CVSS 7 and above was decent as well, and for more efficiency but less coverage—CVSS 9 and above. Super interesting paper. MoreThe US is going to start requiring 5 years of social media account history from Visa applicants, as part of the filtering process. I'm genuinely curious as to how effective this is going to be. On the one hand, there will now be a market for creating and maintaining fake social media accounts that people can use for this purpose. But on the other hand, there will be many who don't want to go to that effort and either won't try to come, or will get caught in the filter. As with most things, the efficacy will come down to execution. MoreA team at Stanford has made it possible to edit video using a text editor. So, editing the things that were said by the actual subject, to say something else entirely, but having it seamlessly injected into the video so it looks completely natural. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/11/201924 minutes, 45 seconds
Episode Artwork

Grit is the Ultimate Privilege

An argument that we should acknowledge grit as one of the most powerful causal factors in success, and figure out ways to bring its benefits to everyone.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/8/20196 minutes, 25 seconds
Episode Artwork

Why Software Remains Insecure

A concise explanation of why software continues to have security and quality problems after decades of supposedly trying to address the problem.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/6/20194 minutes, 21 seconds
Episode Artwork

Unsupervised Learning: No. 179

The Deepfakes thing is already starting to have an impact, and it didn't even involve actual Deepfake (GAN ML) technology. A video was spread of Nancy Pelosi speaking very slowly and seeming to stumble over her words, which made her look quite bad. The video was virally shared throughout social media on the right. Problem is, it was intentionally slowed down to make her look old/stupid/crazy. What this shows us is that it's not the machine learning that makes Deepfakes dangerous; it's the willingness of a massive percentage of the US population to believe total garbage without an ounce of scrutiny. It doesn't matter if Deepfakes can be shown to be fake because people are matching evidence to their emotions, not the other way around. The vulnerability is our ignorance and cynicism, not a spoofing technology. And as I wrote about a couple of years ago, this will be used as a weapon against us. More EssayA real estate insurance website for First American Financial Corp was vulnerable to a simple IDOR (where you change the account number in the URL to get another account), and it evidently resulted in the exposure of hundreds of millions of insurance records that included extremely sensitive information. IDOR is still one of the most common and dangerous vulns a web app can have, and for companies like this they can be devastating. MoreThe US Military is trying to learn how popular movements form and evolve, and to do so they're studying 350 billion social media messages. But it's a Bloomberg article, so maybe they're actually studying bullfrogs for clues about hypertension. MoreMoody's has downgraded Equifax's rating in some significant part due to its 2017 cyber breach. This is noteworthy because until now, breaches have largely been spackled over in terms of the major financial perspective and at the 6-24 month timescale. This is a positive indication that companies could actually start taking cybersecurity more seriously, and not just at the CISO and IT level, but from the boardroom down. MoreAdvisories: TP-Link RoutersBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/28/201917 minutes, 20 seconds
Episode Artwork

Unsupervised Learning: No. 178

Trump has semi-banned the use of foreign telecom gear, which is really a direct shot at Huawei and China. moreBaltimore’s IT systems are still being held hostage after 2 weeks. Of all the cities in the world that I could imagine this happening to, Baltimore is towards the top of the list. If you don’t have good schools or a good police force, I don’t expect you’d have good IT security hygiene either. moreCrime is so bad in Mexico that people buy fake mobile phones so they can give them to muggers instead of their real one. I have to assume this is also happening in Brazil. moreThis is a stunning audio Deepfake of Joe Rogan doing a few different routines. It sounds exactly like him. Not a little bit. Exactly. Now imagine that for politicians and celebrities, where there is plenty of source material to train from. We’re about to move to a world where you can only trust authenticated voices and personalities, using sources and clients that are trusted to serve you their actual content. Expect a massive industry around serving authentic content and detecting fakes. moreSalesforce had to disable access to millions while the fixed an access control issue that allowed open reading of tons of customer data. moreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/24/201923 minutes, 29 seconds
Episode Artwork

Unsupervised Learning: No. 177

My Takeaways from the 2019 DBIR Report My Summary The ReportThe DOJ has unsealed the indictment against those who they believe hacked Anthem in 2015, and they are Chinese Nationals. They didn't reveal the suspected motive, however. But as I wrote about last year, I don't think we need an explanation. I think it's obvious. MoreAn Airbnb host in China has been arrested for watching guests using a hidden camera. MoreThe Mossad has released an interesting challenge in something of a spy CTF style. MoreChinese scientists have created a small, portable camera system that uses LIDAR to resolve human features from up to 28 miles away. Good news—it also penetrates smog. MoreBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/14/201922 minutes, 32 seconds
Episode Artwork

Finding Clarity on the Exodus of the New Left

A short essay that attempts to wrap a simple narrative around what's happening with the exodus of the New Left, and what it's doing to the moderate left, center, and right that they left behind.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/4/201910 minutes, 38 seconds
Episode Artwork

Unsupervised Learning: No. 175

Deepfakes are about to seriously erode our collective ability to tell truth from fiction, and this is already a big enough problem without them. Think of every problem you care about, and realize this represents an exponent on each one. This video captures it extremely well. LinkSlack has warned the world that it's being targeted by Nation State actors. I'm glad they said it, but we already knew that. Think of what an attacker could get if they could access any company's internal Slack communication without being detected. LinkScientists have captured the brain waves of someone hearing speech, run that through an algorithm that created it's own speech from the recordings, and got a 75% recognition rate from humans on that speech. So the algorithm knew what the person heard, and turned that into spoken language that people actually understood. The next step is for the algorithm to know what people thought, instead of heard. In other words, machine learning is taking very close to mind-reading—but we still have potholes and cancer. LinkBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/1/201936 minutes, 57 seconds
Episode Artwork

A Political Discussion with Jeremiah Grossman

Today's standalone episode of Unsupervised Learning is a political conversation with Jeremiah Grossman, who many of you will know as the founder of Whitehat Security, current CEO of BitDiscovery, Jujitsu Blackbelt, and all-around great individual. In this episode, however, we’re not going to be talking about Information Security, but Politics. We have remarkably different and similar views on politics, which we’ve been discussing in private for years, and we thought now was the perfect time to show that it’s possible to disagree with someone, respect them, and have a conversation about those disagreements in a positive and useful way. This is the first experiment of this kind on Unsupervised Learning, and I’m quite pleased with how it turned out. So with that, Here’s Jeremiah Grossman.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/14/20191 hour, 45 minutes, 46 seconds
Episode Artwork

Unsupervised Learning: No. 173

Amazon has many thousands of people doing quality control on Alexa, meaning that they're listening to incoming audio captured on Echo devices. This shouldn't be surprising. The question is how they're doing it, and what policies they have around privacy when doing so. I don't personally see a major problem here. But at the same time I'd never put a Facebook device in my home. To me it's more about the company and its incentives than anything else. LinkA number of FBI-affiliated websites were hacked, and information on thousands of federal agents and law enforcement officers are now being sold online. LinkChinese schools are using facial recognition on students, and using ML to determine whether or not they're currently paying attention, distracted, etc. LinkSift is a service that builds a risk profile on you so merchants can determine whether you're a benign actor or someone about to commit fraud. I think people need to accept that continuous risk scoring for people and situations is both inevitable and actually already happening. The moment you try to block bad actors by looking at their behavior, you quickly end up with a score that determines action based on various thresholds. And the moment you do it for bad actors, you're kind of implicitly doing it for good actors as well. There are better and worse ways to approach this, but profile scoring is not something we're going to be able to avoid going forward. Let's accept this reality and start having the conversations about how to make (and keep) this functionality as benign as possible. LinkA Dutch F-16 was damaged by rounds from its own 20MM cannon. So it fired bullets, and then flew into them. Life is awesome. LinkBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/14/201924 minutes, 41 seconds
Episode Artwork

Unsupervised Learning: No. 171

Mastercard is looking to create a Digital ID service that can bind your digital presence to your mobile device, which will be able to verify you to various services. Palantir has won an $800 million contract to build the next combat intelligence system (to replace DCGS-A) for the Army. Putin appears to be causing brain drain in Russia. Dropbox has an interesting proposal for improving vendor security assessments. TL;DR: They turned their requirements into contractual points. LOVE IT. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/1/201919 minutes, 12 seconds
Episode Artwork

Unsupervised Learning: No. 169

Multiple governments have now blacklisted Huawei, which Huawei seems very confused by. The best explanation I've heard so far about why this move makes sense for western countries came from Rob Joyce of NSA. He basically said that just like Kaspersky in Russia, the reason you can't trust Huawei is that it's a Chinese company, and even if they're not already infiltrated by the Chinese government, they can be at any moment without anyone knowing that it happened. And there's nothing Huawei or anyone else could do to stop it. Strong argument. Link2/3 of Android antivirus apps are hot garbage. Gasp. LinkDARPA is building an open-source, secure voting system. That's their goal, anyway. I'm skeptical of being able to build truly secure systems, but I have lots of confidence in DARPA, and I also know the bar for improvement over the current state is quite low. So, yeah, go forth and prosper. LinkThe RAND Think Tank conducts wargames between the U.S. and its potential enemies, such as Russia and China, and one analyst said that we keep losing. The issue seems to be that our key advantages can be neutralized rather easily, and it'd take a lot of money to fix the biggest issues. LinkBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/18/201918 minutes, 48 seconds
Episode Artwork

Unsupervised Learning: No. 167

This is a description of cyberwar that sounds quite realistic to me, and it's based around the thousand-cuts idea. Ring Doorbells have a vulnerability that allows one to capture clear-text videos and other data from the cameras if you can get on the wireless network that the camera is using. An independent security researcher found the Dow Jones Watchlist database sitting open on the internet. Schneier talks here about how easy it is to influence people in sensitive positions, similar to my post on China building a database on us.…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/3/201934 minutes, 2 seconds
Episode Artwork

Unsupervised Learning: No. 165

OpenAI text spoofing, Twitter DMs, Chinese tracking database, Ponemon Cyber Risk Score, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/21/201923 minutes, 58 seconds
Episode Artwork

Unsupervised Learning: No. 163

My takeaways from ENIGMA 2019—one of my two favorite conferences in the world. The US has charged Huawei with stealing trade secrets, money laundering, and fraud. This escalates the already tense situation with China on a number of fronts. An engineer does a Twitter thread on AI-created videos on YouTube. He describes how they are created, promoted, and selected for display in recommendations. Fascinating read. This is a video of thieves scanning a BMW key fob through the wall of the owner's house, and driving away in their car. It could be that proximity-based security devices might need a trigger event (from the owner) before becoming active, like for mobile payments.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/4/201916 minutes, 44 seconds
Episode Artwork

An Overview of the OWASP IoT Top 10 for 2018

We just released the 2018 version of the OWASP Internet of Things Top 10, and in this episode I talk you through the list and give the philosophy, methodology, and next steps for the project.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/7/201914 minutes, 55 seconds
Episode Artwork

Unsupervised Learning: No. 159

German politicians hacked, NSA's new RE tool, Weather Channel tracking, sick TSA agents, Facebook dust tracking, Technology News, Human News, Ideas, Discovery, Recommendations, and the weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/7/201928 minutes, 6 seconds
Episode Artwork

Unsupervised Learning: No. 155

Google+ breach, Android flaws, China's long game against the US, Australia's encryption blunder, NYPD drones, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/11/201816 minutes, 13 seconds
Episode Artwork

Unsupervised Learning: No. 153

Ukraine malware, China's Black Mirror, DARPA's Mosaic, FBI trolling, Silicon Valley jobs, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Notes, Recommendations, and the weekly Aphorism!Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/26/201814 minutes, 59 seconds
Episode Artwork

Unsupervised Learning: No. 147

OWASP IoT Top 10 Draft, Facebook compromise, Fornite cheating, Pentagon weapons, spam calls, technology news, human news, ideas, discovery, recommendation, and the weekly aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/25/201812 minutes, 1 second
Episode Artwork

Unsupervised Learning: No. 141

AMA Summer 2018, Security News, Technology News, Human News, Ideas, Discovery, and the weekly Recommendation and Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/4/201858 minutes, 44 seconds
Episode Artwork

Unsupervised Learning: No. 139

TLS 1.3, BurpSuite Improvements, Google Ad Database, Russian Attack Sattelites, Amazon Theaters, Google AI Cooling, Wheat Genome, Giant Magellan Telescope, Carb Ratios, Leg Exercise and Cognitive Health, Ideas, Discovery, Notes, Recommendations, and the weekly Aphorism…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/20/201817 minutes, 36 seconds
Episode Artwork

Unsupervised Learning: No. 135

GRU ATT&CK analysis, Assange to the UK, Cisco backdoors, DARPA electronics, faces from genomes, viz.ai, open plans are bad, Best Buy consulting, ultrasound vs. dementia, 4 day work weeks, ideas, recommendations, and the aphorism of the week!Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/22/201827 minutes, 48 seconds
Episode Artwork

Unsupervised Learning: No. 133

Twitter deleting accounts, deepfakes, location leaks, Rekognition, bio databases, juggalo makeup, iOS 12 security, Siri upgrades, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/11/201834 minutes, 56 seconds
Episode Artwork

Unsupervised Learning: No. 131

Predicting your credit rating based on the tech you use, Russians attack Germans, WPA3, China bird drones, AT&T and Verison to stop selling our location data, Facebook red team, Twitter Smyte, plus tech, humans, discovery, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/26/201829 minutes, 47 seconds
Episode Artwork

Unsupervised Learning: No. 129

Reboot your router, China hacked a U.S. Navy contractor and stole around 600GB of top secret data. Newark, NJ is monitoring much of the city with surveillance cameras, and they're making the camera footage available to the public. Facebook also shared data with a number of Chinese companies. Tech, Humans, Ideas, Discovery, Reconmendations, Aphorism… Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/12/201811 minutes, 20 seconds
Episode Artwork

Unsupervised Learning: No. 128

Pentagon background checks, China using machine learning in schools, Rusian ethnicity detecting AI, US Military presence in Africa, Atlanta lost dashcam footage, Kidnapping insurance, Technology News, Ideas, Recommendation, Aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/4/201810 minutes, 43 seconds
Episode Artwork

Unsupervised Learning: No. 127

VPNFilter botnet, Echo private convo, Ghostery GDPR fail, PornHub VPN, Technology News, Human News, Ideas, Trends, & Analysis, Discovery, Recommendations, the weekly Aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/29/20189 minutes, 33 seconds
Episode Artwork

Unsupervised Learning: No. 126

VPNFilter botnet, LA + Palantir, Amazon Surveillance, Momentum report, Clapper says Russia turned the election, Chinese supply chain attacks, Tech News, Human News, Ideas, Discovery, Recommendation, the Aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/25/20189 minutes, 9 seconds
Episode Artwork

Unsupervised Learning: No. 125

Regulators aren't staffed to audit you on GDPR, inaudible Siri and Alexa commands, iOS 4 is bringing lots of privacy updates, California DNA storage, technology news, human news, Ideas, recommendation, the weekly aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/18/201812 minutes, 26 seconds
Episode Artwork

If You’re Not Doing Continuous Asset Management You’re Not Doing Security

How enterprises are completely ignoring the security activity that could help the most.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/16/20187 minutes, 3 seconds
Episode Artwork

Unsupervised Learning: No. 120

It's 2 billion users now, Liinux beep, Digital Shadows finds fail files, cloud misconfiguration, AlterEgo, AI applications, Alexa sending payments, Tech, Ideas, Recommendation, Aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/9/201819 minutes, 14 seconds
Episode Artwork

Unsupervised Learning: No. 119

Atlanta disabled, MyFitnessPal hacked, Cambridge Analytica election tampering, Drupal, Saks, DARPA drones, Cloudflare 1.1.1.1, Slack bosses, Democratic Chinese AIs, Georgia facepalm, tech, humans, ideas, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/2/201827 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 116

Chinese at CanSecWest, Applebees POS, Palantir, Poisoning, TensorFlow DoD, Amazon laughing, Google 72-qbits, Amazon FinTech, Android P, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/13/201817 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 115

GitHub DDoS, Celebrite Attacks, AI warnings, Palantir in New Orleans, Grub Backspace, 4G attacks, Space Corps, Amazon wins Defense Department deal, tech news, human news, discovery, notes, recommendation, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/6/201812 minutes, 23 seconds
Episode Artwork

Unsupervised Learning: No. 113

Parkland tampering, Avoid Huawei, Bongo S3, Facebook 2FA Spam, Android Cryptojacking, Spyware Hacking, Password Dating, Technology News, Human News, Trends, Ideas & Analysis, Data & Statistics, Discovery, Recommendations, Aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/20/201851 minutes, 44 seconds
Episode Artwork

Unsupervised Learning: No. 112

Chinese AR glasses, Cisco ASA flaws, Russian Nuclear Cryptomining, Marine quadcopters, POS Skimmers, Chrome HTTP, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/12/201822 minutes, 1 second
Episode Artwork

Unsupervised Learning: No. 111

Olympic security drones, Alexa trickery, Chinese quantum satellite, Audio Adversary Examples, BeeToken Ethereum theft, App Store Security, Cryptomining, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/5/201814 minutes, 2 seconds
Episode Artwork

Unsupervised Learning: No. 109

Social engineering, breach impact, Chinese turncoat, Android spy kit, Hawaiian OPSEC, Russian cables, bypassing CloudFlare, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/22/201814 minutes, 46 seconds
Episode Artwork

Unsupervised Learning: No. 107

Meltdown & Spectre, India's Database, Criminals and Monero, Equifax Non-action, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/8/201830 minutes, 11 seconds
Episode Artwork

The Biggest Advantage in Machine Learning Will Come From Superior Coverage, Not Superior Analysis

Many people, in many fields, think Machine Learning won't replace their analysts because their humans are better than an algorithm. But it's not just about side-by-side comparisons. The bigger question is, "what percentage of the data can humans actually look at?", and the answer to that question (a tiny fraction) is the reason ML will be so helpful.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/3/20188 minutes, 25 seconds
Episode Artwork

It's Wrong to Fear-monger on IoT Security

How it's shortsighted and irresponsible for InfoSec professionals to fear-monger on IoT Security, and what we should be saying instead.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/3/20185 minutes, 20 seconds
Episode Artwork

Unsupervised Learning: No. 106

Swatting death, Ethereum kidnap, Chinese dystopia, Alteryx S3 bucket, Starbucks Monero, Forever21, Microphone ads, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/3/201828 minutes, 1 second
Episode Artwork

Unsupervised Learning: No. 105

TRITON, 1.4 billion credentials, HP keyloggers, iTunes Bitcoin laundering, removing credit card signatures, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/18/201723 minutes, 31 seconds
Episode Artwork

Unsupervised Learning: No. 104

NiceHash hacked, Apple bugs, Stealing Cars via Relay, Crypto Collusion, technologgy news, human news, discovery, notes, recommendations, and the aphorism of the week…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/12/201725 minutes, 42 seconds
Episode Artwork

Unsupervised Learning: No. 103

Uber's mess, Google tracking users, AI finding missiles, drone disclosure, net neutrality, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/27/201728 minutes, 32 seconds
Episode Artwork

Unsupervised Learning: No. 102

Github security, China IW, Brexit IW, S3 again, Quad9 DNS security, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/20/201726 minutes, 8 seconds
Episode Artwork

Unsupervised Learning: No. 101

Verizon’s DBIR Report, sleeping fingerprints, IoT legislation, S3 security tools, AI tricks scammers, SEALs kill Green Beret, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/13/201735 minutes, 23 seconds
Episode Artwork

Unsupervised Learning: No. 100

Russian IW memes, POTUS Twitter, Texas Attack, Silence Trojan, NotPetya Damages, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/6/201723 minutes, 16 seconds
Episode Artwork

Unsupervised Learning: No. 99

Information Warfare, AI vs. CAPTCHA, Google Bug Bug, DARPA Drone Swarms, USB Fail, Medical Extortion, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/31/201729 minutes, 10 seconds
Episode Artwork

InfoSec Needs to Embrace New Tech Instead of Ridiculing It

The InfoSec community needs to learn how to shepherd the public through new technology instead of joining them in fleeing from it.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/26/20176 minutes, 2 seconds
Episode Artwork

The Difference Between Violence and Terrorism

The ways that terrorism and violence are different, and why it's important that we don't confuse them.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/26/20174 minutes, 32 seconds
Episode Artwork

Unsupervised Learning: No. 98

The Reaper botnet, Google Advanced Email Protection, Bitcoin Over $6,000, Duo's $70 million, Dubai going to facial recognition, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/23/201732 minutes, 54 seconds
Episode Artwork

Unsupervised Learning: No. 97

Major WPA2 Flaw, Suburu hack, Vulnerable Container Ships, F-35 Data Stolen, Accenture S3 Buckets, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/16/201736 minutes, 31 seconds
Episode Artwork

Unsupervised Learning: No. 96

Russians vs. NSA, ArcSight vs. Russia, DISQUS breach, TrendMicro vulnerability, Stamos, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/11/201734 minutes
Episode Artwork

Unsupervised Learning: No. 95

IE leak, Whole Foods, Sonic, Apple Open-sources Kernels, Equifax $15 million retirement, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/2/201711 minutes, 6 seconds
Episode Artwork

Unsupervised Learning: No. 94

Deloitte hacked, Equifax fumbles, SEC hacked, iCloud ransom, Adobe PGP facepalm, Verizon S3 buckets, CCleaner, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/25/201733 minutes, 27 seconds
Episode Artwork

Unsupervised Learning: No. 93

Equifax fallout, BlueBorne, Microsoft RCE, iPhone X, Dumping AWS, Cassini, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/18/201742 minutes, 31 seconds
Episode Artwork

Unsupervised Learning: No. 92

Equifax, Hutchins got Krebs'd, Russia used Facebook, Energy hacking, Anti-protester AI, High-pitched Assistant hacking, tech news, human news, ideas, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/11/201729 minutes, 57 seconds
Episode Artwork

Unsupervised Learning: No. 91

465K pacemaker patches, instagram leak, DJI bounty, Marketing departments messing up security news, false dichotomy in complex issues, IRS social media mining, death of the Sun, more fake Wells Fargo accounts, human echolocation, facial gestures as interface, discovery, recommendations, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/4/201737 minutes, 55 seconds
Episode Artwork

Unsupervised Learning: No. 90

Swedish gov leak, OPM hacking arrest, cybersecurity spending $1T, Oreo, Whole Amazon Foods, intelligence genes, false dichotomy of conflicting ideas, OPSEC obscurity, discovery, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/28/201730 minutes, 33 seconds
Episode Artwork

Unsupervised Learning: No. 89

Serious CANBUS issue, Cyber as a branch of the service?, iOS 11 Cop Mode, biometric wearables, Bill Joy battery, bitcoin forking again, ideas, discovery, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/20/201735 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 88

Amazon Macie, APT28, Cuba sonic attacks, Palantir and police, DNA malware, confusing self-driving cars, ideas, discovery, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/15/201722 minutes
Episode Artwork

Unsupervised Learning: No. 85

The future of security testing, nuclear plant hacks, Android malware, satellite decryption, wildcard certs, military encryption, gsuite protections, WWE S3, tesla 3, jawbone, drone hacking, mental aging, millionare GPAs, discovery, recommendations, the weekly aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/10/201726 minutes, 1 second
Episode Artwork

Unsupervised Learning: No. 83

Petya ransomware worm, RNC breach, Anthem settlement, Russians want source code, risk ratings, patching, ICOs, ideas, discovery, recommendation, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/27/201726 minutes, 31 seconds
Episode Artwork

Unsupervised Learning: No. 82

Live from London, Gamestop hacked, PowerPoint malware, Chinese Apple Hack, XSS, WWDC summary, FDA approves cancer drug, heroin $51B, ideas, discovery, recommendation, aphorism, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/12/201719 minutes, 59 seconds
Episode Artwork

Unsupervised Learning: No. 81

OneLogin, Extortion, Coinbase, Pandemic, Booz, Mobile Apps, Electricity, AI voices, Sheets, Walmart, Karoshi, APIs, discovery, aphorisms, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/4/201727 minutes, 30 seconds
Episode Artwork

Unsupervised Learning: No 79

WannaCry, Intel leaks, DocuSign phishing, cockpit codes, Delta facial recognition, China vs. CIA, WordPress bug bounty, Marines and drones, HPE R&D, Watts, graduates only making 40K, China's DNA project, honeymoons vs. rings, Sherrif Eli, retirees hoarding money, boo restaurant kiosks, investing in employees, discovery, aphorisms, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/23/201732 minutes, 59 seconds
Episode Artwork

Unsupervised Learning: No. 78

The WannaCry ransomware worm, the president's EO, Macron hacking, HP backdoors, laptop bans, Amazon releases, Chinese online commerce, CRISPR, Germany and renewable energy, beetles, dental health as social indicator, Reading superpowers, Net Neutrality, serverless, deep learning black box, The Three Body Problem, you can now support the site, The Mechanical Universe, TrueCaller, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/14/201730 minutes, 45 seconds
Episode Artwork

Unsupervised Learning: No.76

Verizon's DBIR report, Chipotle (again), USAF bounty, NSA surveillance hampered, Android hacks, Taser and computer vision, Google fights fake news, Exercise types & mental skills, Perfect pitch recording, Lifecasting, RF X-Ray, discovered links, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/2/201717 minutes, 45 seconds
Episode Artwork

Unsupervised Learning: No. 75

DoublePulsar in the wild, vigilante IoT worms, Bose listening headphones, PoS hacking sentence, Google ad blocking, best anti-aging exercises, unqualified Indian engineers, , discovered links, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/23/201734 minutes, 44 seconds
Episode Artwork

Unsupervised Learning: No 74

Shadow Brokers, fingerprinting Netflix traffic, Magneto vuln, Juniper advisories, Amazon speaker tech, Facebook's 100Gbit optical switches, Google Hire, Minecraft currency, a solar-powered water harvester, OWASP Top 10 draft comments, remote SSH, EC2 and NAT firewalls, deep learning is a black box, discovered links, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/17/201752 minutes, 29 seconds
Episode Artwork

Unsupervised Learning: No 73

Word 0-day, BrickerBot, iOS GIF, Russian arrested, Tizen, OilRig, APT10 MSPs, Dallas sirens, ATM drilling, Watson golf, Uber Italy, AI memory, links, projects, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/10/20171 hour, 16 minutes, 9 seconds
Episode Artwork

Unsupervised Learning: No. 72

Apple fixed tons of bugs, hacking smart TVs over DVB-T, gift card bots, handgun AIs, Uber manipulations, AI vs. jobs, how to read more, cloud secret management, OPSEC and phishing, links, projects, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/3/20171 hour, 3 minutes, 7 seconds
Episode Artwork

Unsupervised Learning: No. 71

Half of Android devices haven't been patched in over a year, Tavisclosure, NEST camera flaws, senate vs. privacy, electronics ban, bad Let's Encrypt certs, Moodle SQLi, infosec venture capital drying up, IBM employees heading into the office, Twitter going paid model, Google killing Talk, Quiet spaces, Age of the influencer, AI vs. jobs, tools, aphorisms, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/26/201742 minutes, 50 seconds
Episode Artwork

Unsupervised Learning: No. 70

Russians at it again, Microsoft and Adobe updates, PoS breaches, US-CERT throws TLS shade, epilepsy tweet stalking, Tesla's billion, lip-reading AI, autonomous BMWs, Fiber Lasers, taxing robots, Green Zones and Red Zones, AI disruption of healthcare, discovery, recommendations, and aphorisms, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/20/201724 minutes, 30 seconds
Episode Artwork

Unsupervised Learning: No. 69

The Vault7 CIA dump, Russian shenanigans, Dahua, Verifone, mandatory genetic testing, Wordpress, atomic storage, Google Kaggles, presenting at HouSecCon, fasting research, data wars, chaos, voice interfaces, tools, projects, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/13/201727 minutes, 11 seconds
Episode Artwork

Unsupervised Learning: No. 68

Amazon's S3 outage, Uber greyballing, fooling AI, DNS RATs, automating human jobs, suicide and ML, post-work IQ and creativity, greatness vs. imperfection, media choice, tools, projects, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/6/201737 minutes, 44 seconds
Episode Artwork

Unsupervised Learning: No. 67

CloudBleed, SHA1-1, White House Leaks, Planets, Satellites, Drones vs. Eagles, InfoSec Jobs, ExFil, IQ and Creativity in a Post-work World, Weaponized Narrative, Security Tools, Tons of Great Links, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/27/201731 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 66

My recap of RSA 2017, Google's zero-trust implementation, Trump domain hacked, robots doing your taxes, the IoT Security train analogy, the future of authentication, toolswatch best tools of 2016, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/21/201729 minutes, 18 seconds
Episode Artwork

Unsupervised Learning: No. 64

Tax phishing, Microsoft SMB vulnerability, Cellebrite tools released, Computer interfaces, Centrism, Mobile 2.0, new projects, more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/7/201722 minutes, 26 seconds
Episode Artwork

The Experience of Free Will is Not Free Will

A short essay on how it's possible to experience free will without it being real.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/1/20175 minutes, 30 seconds
Episode Artwork

Unsupervised Learning: No. 63

Peak Prevention at AppSec Cali, Austrian Hotel Ransomware, Russian FSB Drama, WordPress Issues, AV Conflicts, Uber Pays Another Company's Bounty, Data Science, Rules for Rulers…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/30/201746 minutes, 43 seconds
Episode Artwork

Unsupervised Learning: No. 62

An OWASP Gaming Security Framework, infosec news, OPSEC is obscurity, AMP is a horrible idea, the End of Twitter, the Sound of Silence, chaning your Echo wake word, RAWGraphs, Ask Lesley, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/22/201728 minutes
Episode Artwork

Unsupervised Learning: No. 61

Nasty new GMail phishing bug, Microsoft kills security bulletins, ShadowBrokers go dark, Cellebrite hacked, Combining sensor data with machine learning, the tradeoff between privacy and IoT functionality, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/16/201739 minutes, 35 seconds
Episode Artwork

Gratitude is the Epicenter of Happiness

The elusive center of happiness is gratitude, and the reason seems to be evolution.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/14/20174 minutes, 27 seconds
Episode Artwork

If You Believe Nothing You Can Be Convinced of Anything

An essay about the Russian hacking attribution issue, and how people who cannot differentiate the credibility of information sources are ultimately set to believe anything rather than nothing.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/13/201712 minutes, 9 seconds
Episode Artwork

Unsupervised Learning: No. 60

How we know Russia did it, the FBI using Best Buy, an IBM study on ransomware, MongoDB hacks, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/11/201731 minutes, 42 seconds
Episode Artwork

4 Things To Do in the First Week of Every January

A short piece on why I don't like New Years resolutions, and the four things I prefer to do instead. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/27/20162 minutes, 25 seconds
Episode Artwork

Unsupervised Learning: No. 58

This week's topics: Yahoo!, Shadowbrokers, Building Your Own Honeytrapping Infrastructure, The Power of Newsletters, Project Aristotle, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/19/201614 minutes, 50 seconds
Episode Artwork

Unsupervised Learning: No. 57

This week’s topics: Russia gave us attribution for Christmas, the NSA is shedding talent, the evilest ransomware, how to raise someone's IQ in 2 minutes, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/12/201629 minutes, 2 seconds
Episode Artwork

Unsupervised Learning: No. 56

Gooligan, Korean Game Hacking Law, DoubleFlag Experian Hack, Georgia Tech Attribution Research, Amazon's re:Invent Conference Highlights, recommended links, and more…Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/5/201614 minutes, 51 seconds
Episode Artwork

Unsupervised Learning: No. 55

Biowarfare defenses, AI advances, mergers and acquisitions, Facebook and censorship, IoT definitions, the philosophy of Westworld, and more...Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/28/201624 minutes, 10 seconds
Episode Artwork

The Difference Between Threats, Threat Actors, Vulnerabilities, and Risks

My essay that clearly separates the differences between the core infosec terms of threat, threat actor, vulnerabilty, and risk.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/27/20165 minutes, 46 seconds
Episode Artwork

The Difference Between Existentialism, Nihilism, and Absurdism

For centuries there have been people who believe there is no intrinsic meaning in the universe. Here I’ll summarize the three major branches of this belief, and how each proposes we deal with the situation.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/22/20168 minutes, 1 second
Episode Artwork

Stop Being Proud of Complexity

An essay on how complexity often communicates the exact opposite of its desired effect.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/22/20163 minutes, 54 seconds
Episode Artwork

Unsupervised Learning: No. 54

Britain's new surveillance law, CRISPR biotech, the Army's new Phaser, NIST's new IoT Security guidelines, ML-based facial recognition, and more...Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/21/201614 minutes, 38 seconds
Episode Artwork

Unsupervised Learning: No. 52

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 52 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/7/201640 minutes, 59 seconds
Episode Artwork

Unsupervised Learning: No. 51

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 51 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/31/20161 hour, 38 seconds
Episode Artwork

Unsupervised Learning: No. 50

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 50 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/24/201637 minutes, 24 seconds
Episode Artwork

Unsupervised Learning: No. 49

Subscribe to Unsupervised Learning via: iTunes | Android | RSS | Newsletter This is Episode No. 49 of Unsupervised Learning—a weekly show where I collect my favorite stories in infosec, technology, and humans, and talk about why they matter. The show is released in two forms: * the Podcast, which you can subscribe to via iTunes, Android, Blog, or RSS * the Newsletter, which is the podcast’s companion and conveniently serves as its show notes as well. You can get the newsletter by clicking here or on the image/text below. Thank you for listening! Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
10/18/201647 minutes, 39 seconds
Episode Artwork

Unsupervised Learning: Episode 46

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter [ Click here to get the full companion newsletter with complete show notes from this episode. ] [ Click here to get the full companion newsletter with complete show notes from this episode. ] Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/27/201630 minutes, 1 second
Episode Artwork

Unsupervised Learning: Episode 45

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter [ Click here to get the full companion newsletter with complete show notes from this episode. ] [ Click here to get the full companion newsletter with complete show notes from this episode. ] Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/19/201657 minutes, 4 seconds
Episode Artwork

Unsupervised Learning: Episode 44

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter [ Click here to view the full companion newsletter with complete show notes from this episode. ] [ Click here to view the full companion newsletter with complete show notes from this episode. ] Subscribe to the Podcast via: iTunes | Android | RSS | NewsletterBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/11/201634 minutes, 9 seconds
Episode Artwork

Unsupervised Learning: Episode 43

Subscribe to the Podcast via: iTunes | Android | RSS | Newsletter News Internet disinformation service for hire [ Link ] Rob Fuller (@mubix) has found a way to pull credentials from a locked machine using a USB dongle and Responder [ Link ] Yelp starts new bug bounty with HackerOne, offers up to 15K […] -- :: Unsupervised Learning: Episode 43 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/7/201642 minutes, 29 seconds
Episode Artwork

Unsupervised Learning: Episode 42

[ Subscribe to the Podcast: iTunes | Android | RSS ] InfoSec news and articles Dropbox hacked 68 million accounts Back in 2012 Malware infected all Eddie Bauer stores in U.S. and Canada All 350 stores in North America Wicked iPhone vulnerability called Trident (3 0days) All you need to do is follow a link, […] -- :: Unsupervised Learning: Episode 42 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
9/1/20161 hour, 4 minutes, 34 seconds
Episode Artwork

Unsupervised Learning: Episode 41

[ Subscribe to the Podcast: iTunes | Android | RSS ] InfoSec news and articles NSA hacking tools supposedly leaked back in 2013 Could have just been a jump box, which rival groups commonly attack from each other Snowden thinks Russia hacked the NSA and is announcing this as part of the DNC debate Flip […] -- :: Unsupervised Learning: Episode 41 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/18/201634 minutes, 14 seconds
Episode Artwork

Unsupervised Learning: Episode 40

- LinkedIn breach from 2013 | 65.5 million emails and salted and hashed passwords - XSS in Wordpress plugin (JetPack) - DerbyCon is going to stream live this year | you can’t stream the networking, so it probably won’t hurt next year’s sales too much - Websites using audio fingerprinting to track web usersBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/31/201654 minutes, 38 seconds
Episode Artwork

Unsupervised Learning: Episode 39

[ Subscribe to the Podcast: iTunes | Android | RSS ] InfoSec news and articles BAE systems saying that SWIFT hack is linked to the Sony breach [ Link ] Kaspersky is saying ransomware is the #1 threat now [ Link ] Identity thieves grab W-2 data from Equinox [ Link ] Germany claims it was […] -- :: Unsupervised Learning: Episode 39 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/14/201623 minutes, 48 seconds
Episode Artwork

Unsupervised Learning: Episode 38

[ Subscribe to the Podcast: iTunes | Android | RSS ] InfoSec news and articles Michigan lawmakers want life sentence for hacking cars | will that apply to changing the speed of your turn signal? SWIFT to get update after Bangladesh hack NSA is so overwhelmed with data that it’s no longer effective FBI now […] -- :: Unsupervised Learning: Episode 38 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
5/2/201645 minutes, 26 seconds
Episode Artwork

Unsupervised Learning: Episode 37

[ Subscribe to the Podcast: iTunes | Android | RSS ] InfoSec news Feds paid over 1M to get into San Bernardino iPhone Continued fallout from Panama papers 3.2 million servers vulnerable to JBoss attack which is being used in SamSam ransomware attacks MIT launches internal bug bounty platform | https://threatpost.com/mit-launches-experimental-bug-bounty-program/117618/ NSA recommends out-of-band taps […] -- :: Unsupervised Learning: Episode 37 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/25/201635 minutes, 49 seconds
Episode Artwork

Unsupervised Learning: Episode 36

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] Nothing useful found on Farook’s phone | http://www.theregister.co.uk/2016/04/14/nothing_useful_on_farook_iphone/?utm_source=dlvr.it&utm_medium=facebook | I think they knew this and used it as a lever for something they’ve wanted for a long time [ ] Apple engineers say security threat is hackers, not government | http://www.macrumors.com/2016/04/15/apple-engineers-hackers-security-threat/ […] -- :: Unsupervised Learning: Episode 36 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/18/201620 minutes, 41 seconds
Episode Artwork

Unsupervised Learning: Episode 35

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] The hack of Mossak Fonseca has been tied to a breach of their wordpress install through a plugin called Revolution Slider, leading to the Panama Papers breach. So just to be clear, we might have just seen the biggest data leak […] -- :: Unsupervised Learning: Episode 35 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/11/201627 minutes
Episode Artwork

5 Increasingly Effective Ways to Achieve Immortality

[ Subscribe to the Podcast: iTunes | Android | RSS ] — I think a lot about how to become immortal. More than I should, probably. Many think it’s a waste of time. Everyone dies, and it’s foolish to think we can avoid it. This piece takes a different view, and describes a number of ways, with varying levels of requirement and effectiveness, one can either avoid dying or live on after death. They’ll go from most practical to most effective. 1. Live On Through Your Children This one is cheating a bit, mostly because you’re not actually becoming immortal. But the fact remains that this does give many people (probably billions) a genuine feeling of lastingness, and that’s significant. Again, I don’t really count it because it’s an extremely tenuous way of living on, but it deserves mention. 2. Live On Through Your Works This one is kind of like the first, in that you’re not actually getting to continue living. So it’s a bit of a misnomer too. What it deals with, however, can also provide a significant sense of contentment at the end of one’s life. Basically, if you leave behind works and ideas that will be used by significant numbers of people, for a significant period of time, you can think of this as living on. It’ll take some sting off of dying, perhaps. But not much. You’re still dead. 3. Reconstruction Through Reproduction of Variables Ok, now we’re getting into actual survivability. This one works like this: either before you die, or after you are dead, an organization collects a series of inputs about you and uses them to create a working model of you. Here are some of the input types: * Your DNA (this is really important) * Everything there is to know about where you grew up (what was happening in the world then, where you went to high school, what the major news events were, the major themes in culture and art, etc.) * Everything there is to know about the people you grew up with * All your personal, transformational experiences. This can be gathered from a myriad of sources, but your own description of the incidents will be key. It’ll also come from interviews with people who know those experiences and how they affected you * Every piece of output you left behind, e.g. blog posts, Facebook posts, books, essays, schoolwork, letters, videos, whatever. They’re all harvested for evidence of who you are Then, the system takes the environment data and models it against your DNA, which it got from a piece of hair or something. It runs your entire genome and determines how you would respond mentally to these various stimuli. The output is a digital life form that is, as much as it can be, you. You now live in cyberspace somewhere, and you’re introduced to the fact that you were reconstructed using this method, and that you have this rich history, etc. You are you. 4. Preserving Your Brain to Be Put in Another Body in the Future Another method for achieving comfort that you’ll continue to live after death is to have a reliable way to preserve your brain once you pass, with the belief that it’ll be either 1) put into another body later (not my favorite idea), or 2) it’ll be downloaded into a digital form to live permanently in cyberspace. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/7/201613 minutes, 30 seconds
Episode Artwork

Unsupervised Learning: Episode 33

News [ ] Panama Papers leak [ ] Hackers targeting major US law firms [ ] Ubuntu has some kernel vuln patches out [ ] 50 million turkish citizens have their information dumped online [ ] Microsoft makes cloud-app security services now available (Adallom) [ ] OSVDB shutting down because nobody would pay them [ ] WhatsApp is now end-to-end encrypted [ ] Critical new Flash bug, expect Ransomware to leverage it [ ] Security salaries skyrocketing due to talent shortage | http://www.csoonline.com/article/3049374/security/survey-with-all-eyes-on-security-talent-shortage-sends-salaries-sky-high.html [ ] Data exfiltration using Smart Lightbulbs | http://www.scribd.com/doc/306620189/Eyal-Ronen-and-Adi-Shamir-Hack-Lightbulbs [ ] Significant Firefox extensions bug, look for a patch soon [ ] $40 attack that steals police drones from 2 kilometers away | http://www.theregister.co.uk/2016/04/01/hacker_reveals_40_attack_to_steal_28000_drones_from_2km_away/ | break wep, disconnect their controller, connect yours, must be within 100 meters [ ] IoT is expected to push the US ahead of China in manufacturing by 2020 | http://www.zdnet.com/article/internet-of-things-analytics-expected-to-push-u-s-ahead-of-china-for-manufacturing/ [ ] 1,400 vulnerabilities found in automated medical supply system | https://www.helpnetsecurity.com/2016/03/30/1400-flaws-automated-medical-supply-system/ | automated cabinets that dispense medical supplies , if you’re locked out it could be bad -- :: Unsupervised Learning: Episode 33 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/7/201637 minutes, 30 seconds
Episode Artwork

T1SP: Episode 32

[ Subscribe to the Podcast: iTunes | Android | RSS ] News * [ ] Verizon Enterprise Solutions had a major data breach of their customer data. This is the group that handles breaches for their customers. “Virtually every attack in this data set (98 percent) was opportunistic in nature, all aimed at easy marks…” * [ ] Iranians charged with attacks against US banks and a New York dam * [ ] Hackers steal 81 billion from the Federal reserve bank of New York * [ ] Uber launches bug bounty program, describes the surface area. Someone said it was really bad, though. Not sure what that’s about * [ ] New ultra-fast SSD technology coming from Intel soon * [ ] FBI backs off request for Apple backdoor. Says they have it handled. We find out it’s an Israeli company * [ ] Water treatment plant hacked, chemical mix changed for tap supplies | http://www.theregister.co.uk/2016/03/24/water_utility_hacked/ * [ ] German steel mill compromised and wrecked a blast furnace * [ ] This is after a string of attacks against power companies using spear phishing and office malware * [ ] Microsoft’s AI Chatbot was a teenage girl, but it learned from the people who talked to it, so before long it was talking about loving incest, sex, and hitler * [ ] Millions of Android devices vulnerable to root exploit due to Snapdragon chip flaw * [ ] Kentucky-based Methodist Hospital declares state of emergency after it’s wrecked by Locky ransomware * [ ] Credit Card Breaches Linked To Security Cameras * [ ] Chinese national pleads guilty to stealing plans for Air Force aircraft * [ ] Hackers offer Apple’s Ireland staff $23,000 for their login credentials * [ ] Ransomware hitting major vulns: The Angler, Neutrino, Magnitude, RIG, and Nuclear exploit kits spread the Flash CVE 2015-7645 exploit; Angler spreads Flash 2015-8446; Angler and Neutrino spread Flash CVE 2015-8651; and Angler spreads Silverlight CVE-2016-0034, an exploit exposed in the Hacking Team breach. * [ ] Microsoft Deploys Macro Blocking Feature in Office to Curb Malware Ideas, updates, and discussion * [ ] Innovation Sandbox | Innovative Security Products (2016 Edition) * [ ] AI and messaging apps are the new mobile apps * [ ] Human Attention as Attack Surface | https://danielmiessler.com/blog/human-attention-as-influence-attack-surface/ * [ ] Most can’t respond to breach: http://blogs.csc.com/2016/03/15/while-majority-of-orgs-fear-big-breach-theyre-not-prepared-to-respond/?utm_content=bufferc043c&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer * [ ] How your data is collected and commoditized online by free online services | http://www.troyhunt.com/2016/03/how-your-data-is-collected-and.html Tools, talks, and projects * [ ] Innovation Sandbox | Innovative Security Products (2016 Edition) * [ ] 2016 Data Breach Digest | https://danielmiessler.com/blog/analysis-verizons-2016-data-breach-digest/ * [ ] AI and messaging apps are the new mobile apps | https://danielmiessler.com/blog/ai-assistants-are-the-new-applications/ * [ ] Idea Expansion Format | https://danielmiessler.com/blog/idea-expansion-format-ief/ * [ ] BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. * [ ] IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets and log files using a message queuing protocol.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/28/201636 minutes, 29 seconds
Episode Artwork

T1SP: Episode 31

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] FBI saying it will force Apple to hand over source code and signing ability if they don’t comply | http://thehackernews.com/2016/03/fbi-apple-iphone.html [ ] Locky ransomware campaign, JS downloader [ ] X11 forwarding issue in OpenSSH, update now [ ] Seagate Phish Exposes All […] -- :: T1SP: Episode 31 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/14/201632 minutes, 18 seconds
Episode Artwork

My Response to Sam Harris on the Apple Encryption Debate

[ Subscribe to the Podcast: iTunes | Android | RSS ] [ UPDATE: Much credit to Sam for engaging in the conversation. I’m not sure how people claim he’s closed on this topic when he is clearly open to exploring it. ] I don't agree with all of it. But this is a very good response to my remarks about encryption. https://t.co/rMl8zgtuWN@danielmiessler— Sam Harris (@SamHarrisOrg) February 28, 2016 — I’ve been planning on doing a podcast episode on the Apple encryption debate for some time, but I was unsure of the format I should use. This problem was just solved for me when I listened to Sam Harris—who is someone I respect greatly—miss the mark significantly in a recent podcast. The thing that compelled me to respond was the fact that I don’t often disagree with Sam. His logic is usually impeccable, and we often end up with nearly identical opinions. So it was somewhat surreal to hear him be wrong about something. Or at least disagree with me (which, of course, may not be the same thing). Anyway, being in information security myself I felt like a response was important. This essay takes the form of a retort to his comments, followed by my own points and then a summary. Sam’s points [ The points are summarized, by the way, not necessarily exact quotes. ] * Apple built the lock, but didn’t build the key, and now they’re telling us that building the key would put us all at risk. Self-serving abdication of responsibility. * Community in tech swayed by Snowden. Even when the government gets a court order, they think they shouldn’t give access * Gives cases where text messages could have helped solve a murder, but the texts are unread because the iPhone is unbreakable. Imagine being a family member! * Could someone build an impregnable room inside their own house? * What if you could take a drug that could make your DNA unanalyzable? So you could never be linked to any crime. The only people who would benefit would be criminals! * Apple could maintain the backdoor and it’d be fine, just like banks have your banking information. They’re trading on paranoia. My responses [ NOTE: This will come in the form of a podcast, which I may still record. I wrote it largely in the voice of a spoken conversation. ] First, let’s start with where we agree. You speak of a “Cult of Privacy”, where people are blindly saying that Snowden did nothing wrong whatsoever, that he didn’t set a dangerous precedent, that any violation of privacy in any case is always bad, etc., etc. I absolutely agree with you that this is not an intelligent way to understand and discuss current events. But there’s another cult on the other side, and it’s one that you’re coming dangerous close to membership in. And that’s “The Cult of Safety”. This one works like this: If there is any situation in which some amount of data could be used to help learn where a kidnapped girl is, or where a terrorist’s bomb will detonate, then it’s within the rights of a government to legally seize ...Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/28/201636 minutes, 29 seconds
Episode Artwork

T1SP: Episode 29

[ Subscribe to the Podcast: iTunes | Android | RSS ] News * [ ] Apple calls out FBI on iPhone decryption case * [ ] Trump calls for a boycott of Apple, from an iPhone * [ ] Judge Rules FBI Must Reveal Malware It Used to Hack Over 1,000 Computers * [ ] Wow. Someone hacked @linuxmint’s website and replaced ISOs with backdoored version today http://blog.linuxmint.com/?p=2994  * [ ] This affects a universally used library (glibc) at a universally used protocol (DNS).  Generic tools that we didn’t even know had network surface (sudo) are thus exposed, as is software written in programming languages designed explicitly to be safe. ~ Dan Kaminsky * [ ] Mint Forum Hacked, website compromised, fake downloads posted * [ ] TeslaCrypt now targeting Joomla sites as well as WordPress * [ ] Hollywood Hospital pays 17K to decrypt files; hope they cleaned up afterwards otherwise they’ll be paying rent * [ ] Patch your vServer; RCE flaw * [ ] Power grid honeypot by MalCrawler Ideas, updates, and discussion * [ ] The San Bernadino health department changed the iCloud password (at the FBI’s request) after having the device for just a few hours * [ ] The FBI didn’t have the other two phones, which were destroyed * [ ] The implications for data security if US companies are told the government must be able to get in is that US citizens will soon be told that they cannot create, purchase, or use tech that is locked down in this way * [ ] There’s another way to the iPhone data: https://threatpost.com/delicate-hardware-hacks-could-unlock-shooters-iphone/116388/ via @IOActive Tools, talks, and projects * [ ] Bitquark is releasing some subdomain research; will be added to SecLists * [ ] Log.io web interface for looking at log files | http://www.tecmint.com/linux-server-log-monitoring-with-log-io/ * [ ] Lobotomy: Automate Android assessment and reversing | https://n0where.net/android-security-toolkit-lobotomy/ * [ ] SSLyze: https://n0where.net/fast-and-full-featured-ssl-scanner-sslyze/ * [ ] SELKS: Full NSM with Suricate and rule manager | https://www.stamus-networks.com/downloads/ Announcements * [ ] I’ll be at the IOAsis at RSA next week; come by and say hello Miscellaneous * [ ] War-games movie prompted Reagan to take cybersecurity action | http://www.nytimes.com/2016/02/21/movies/wargames-and-cybersecuritys-debt-to-a-hollywood-hack.html [ Subscribe to the Podcast: iTunes | Android | RSS ] Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/23/201619 minutes, 18 seconds
Episode Artwork

T1SP: Episode 28

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] Major Cisco ASA buffer overflow; patch now [ ] Critical patches for Windows and Flash [ ] The FBI is officially investigating Hillary Clinton regarding her private email server [ ] NSA doing a complete reorg (basically combining defense and offense) […] -- :: T1SP: Episode 28 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/15/201642 minutes, 15 seconds
Episode Artwork

T1SP: Episode 27

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] Heavy surveillance around the Super Bowl [ ] A new BlackEnergy spear phishing campaign is targeting more Ukrainian companies [ ] Magneto, the popular e-commerce CMS, releases fixes to critical XSS issues [ ] Someone has posted private files of America’s […] -- :: T1SP: Episode 27 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/2/201622 minutes, 55 seconds
Episode Artwork

T1SP: Episode 26

[ Subscribe to the Podcast: iTunes | Android | RSS ] News [ ] Backdoor found in AMX devices that run corporate and government conference rooms [ ] Autopwn every Android device on your network using BetterCap and addJavascritInterface [ ] Cyber insurance challenged: a lawsuit for failing to cover a 500K loss in Houston […] -- :: T1SP: Episode 26 appeared originally on danielmiessler.com. :: Subscribe to Unsupervised Learning---my weekly show where I handpick the best stories from infosec and technology, and talk about why they matter.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/25/201649 minutes, 8 seconds
Episode Artwork

T1SP: Episode 25

[ Subscribe to the Podcast: iTunes | Android | RSS ] News * [ ] TrendMicro node.js server listening on localhost can execute commands; exposed to the internet * [ ] SSH backdoor found in Fortinet firewalls * [ ] SSH client vulnerability * [ ] Australia’s Cybercrime Online Reporting Network (ACORN) received over 39K reports of criminal activity in 2015 * [ ] Hyatt names 250 hotels hit by malware, includes the one for DerbyCon * [ ] Web sense rebranding as Forepoint, acquires Intel’s firewall business * [ ] Twitter might be ending its 140 character limit * [ ] Major vulns still being found in Health and Fitness mobile apps * [ ] Angler exploit kit continues to evade detection * [ ] LostPass attack is a phishing email attack that works against LastPass (showed at Shmoocon this weekend) * [ ] Virus just took down the Melbourne Health computer system * [ ] Lastpass has found a workaround for the LostPass attack * [ ] A bit match fixing problem has been found in Tennis * [ ] Trustwave is being sued by Affinity for supposedly missing an second hack that was going on while they were there to fix an initial hack Ideas, updates, and discussion * [ ] IR is messy and dangerous; assume compromise; assume continued compromise; be extremely careful saying that things were contained; if you’re not Mandiant you’re probably not doing a great job * [ ] Smartphone encryption and the gun debate: same coin? ISIS supposedly has its own encryption app. What next, make murder illegal? Tools, talks, and projects * [ ] FIR – Fast Incident Response Management Platform * [ ] DIVA damn insecure and vulnerable Android app * [ ] Kill Chain for Kali Linux 2.0 : recon, weaponization, delivery, exploit, installation, c2, actions * [ ] EZ-Wave: exploiting Z-Wave networks using SDR * [ ] GoPhish: open source phishing framework * [ ] V3n0m SQLi scanner * [ ] VScan : uses NSE scripts to find vulns * [ ] SleepyPuppy Burp Extension * [ ] DBDAT — Database Assessment Tool — https://github.com/foospidy/DbDat Announcements * [ ] Speaking at AppSec Cali next week (Tuesday) on ATM * [ ] Shmoocon hiring list: http://www.room362.com/2016/01/2016-shmoocon-hiring-list.html Miscellaneous * [ ] Great security news source: https://security.didici.cc/news * [ ] Thanks to Tripwire for giving a shoutout to the podcast on Twitter [ Subscribe to the Podcast: iTunes | Android | RSS ] Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/19/201626 minutes, 21 seconds
Episode Artwork

T1SP: Episode 24

[ Subscribe to the Podcast: iTunes | Android | RSS ] News * [ ] Norse lays of 20 people; not clear what percentage that is; threat intel not going so well? * [ ] OPM declines to release details on its big breach * [ ] Juniper says it’s going to remove the code that it thinks was developed by the NSA to eavesdrop on traffic * [ ] CVE details lists (OS X, iOS, Flash, Air, IE, Chrome, Firefox) as the software with the most issues * [ ] GM is going to do a bug bounty * [ ] The Hacker Manifesto turned 30 (My crime is that of curiosity) * [ ] Sophos Home free for Windows and Mac users * [ ] SF Yellowcab filling for bankruptcy * [ ] Hackers shut down Ukraine power grid; evidently a malicious word doc sent via email; supposedly the Sandworm Team * [ ] Bicycle Attack on TLS: https://guidovranken.files.wordpress.com/2015/12/https-bicycle-attack.pdf * [ ] North Korea evidently detonated a hydrogen bomb * [ ] Time warner customers lose email passwords (320K) * [ ] Microsoft killing off IE 8, 9, and 10 on January 12th * [ ] VTech launching new product line after it got hacked and leaked data on 6 million kids * [ ] Big Flash player update, 0-day and 18 other issues Ideas, updates, and discussion * [ ] Back to Ubuntu from CentOS * [ ] Sick for five weeks * [ ] Ikigai (what you love, what the world needs, what you can be paid for, what you are good at) * [ ] Giving books as gifts Tools, talks, and projects * [ ] TOWER-SEC protecting ECUs and Telematics on cars * [ ] AppSensor project; Detection points: https://www.owasp.org/index.php/AppSensor_DetectionPoints * [ ] Where the Science is Taking Us in Cybersecurity, Dan Geer * [ ] Rapid7 Hackazon app (modern) * [ ] DVNA (Damn vulnerable Node Application) * [ ] Argon2 password hashing algorithm * [ ] Dradis * [ ] Kippo SSH honeypot [ Subscribe to the Podcast: iTunes | Android | RSS ] Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. * It’s better to listen via iTunes or with the player embedded above, but you can also download the sound file directly. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/11/201628 minutes, 20 seconds
Episode Artwork

T1SP: Episode 23

[ Subscribe to the Podcast: iTunes | Android | RSS ] News * [ ] Juniper backdoor; could have been found with diff; signs point to NSA * [ ] RCE on FireEye appliances * [ ] Hyatt got hacked; malware on POS * [ ] 45K drones registered with FAA within 2 days * [ ] Industry moving towards password-free logins; still single factor, now the factor is your device; although access to device could require factors * [ ] Microsoft will now tell you if your account has been targeted by government authorities * [ ] Tor announced it’s doing a bug bounty, looks like it’ll be internal * [ ] Steam had a DoS that revealed 34K user details * [ ] Linode has been suffering a massive DDoS on its datacenters, DNS infrastructure * [ ] Spy files found in North Korea’s Operating System Ideas, updates, and discussion * [ ] 3 things you should do every January * [ ] Web Scanner Series: Burp vs. Netsparker * [ ] When you’re interviewing, make sure you make it clear that you’re the asset too, not just them * [ ] Failing at the basics in intelligence and infosec * [ ] Why Trump is Winning * [ ] Sensitive data sent in URL over HTTPS * [ ] Difference between correlation and causation * [ ] Paul Graham’s REFRAGMENTATION post * [ ] The relationship between Relaxation, Fun, and Performance * [ ] Michael Coates makes the argument that false negatives are way better than false positives because false positives create unnecessary work for his team * [ ] Brainstorm questions, not solutions Tools and projects * [ ] BLUTO * [ ] Serpico * [ ] Firmware Extraction from Craig Smith * [ ] Vulnerability Database Resources * [ ] IoT Attack Surfaces Project * [ ] RobotsDisallowed Project * [ ] Nowhere.net (CyberPunk) * [ ] EyeWitness * [ ] REST Security Cheat Sheet * [ ] Censys.io * [ ] GithubDorks * [ ] InstaRecon (DNS lookups, whois, shodan, google dorks, etc) * [ ] twfactorauth.org Announcements * [ ] Speaking at OWASP Cali end of January * [ ] Currently working on an ICS / SCADA primer Miscellaneous * [ ] Need to check out the Benedict Evans blog * [ ] Serial Podcast / Making a Murderer on Netflix * [ ] If you know any Army veterans who are getting out and want to get into InfoSec, let me know * [ ] Twitter account: CISSP Googling * [ ] Sam Altman (Startup Playbook) [ Subscribe to the Podcast: iTunes | Android | RSS ] Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/4/201655 minutes, 5 seconds
Episode Artwork

Security and Obscurity

[ Subscribe to the Podcast: iTunes | Android | RSS ] In this episode I explore the topic of Security and Obscurity by reading my popular essay on the topic. Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/13/201510 minutes, 11 seconds
Episode Artwork

T1SP: Episode 21

[ Subscribe to the Podcast: iTunes | Android | RSS ] Topics for this episode: News * [ ] Stringing Shodan to exploitation * [ ] Why you need to check HaveIBeenPwned * [ ] Another DELL root cert hacked * [ ] ISIS OPSEC advice (data privacy, tor, crytocat, telegram, proton mail, gps features on mobile devices, etc.) They also mention not to use instagram because Facebook has a poor privacy record. * [ ] Obama wants to make it harder for terrorists to use technology to escape from justice * [ ] DHS giving companies free penetration tests * [ ] Issues in Honeywell gas detectors (path traversal and clear-text passwords) * [ ] UAE Bank declines to pay ransom, data released * [ ] Swift is open source * [ ] Amazon two-factor now available * [ ] Credit freeze vs. monitoring * [ ] Thousands of IoT devices sharing the same SSH keys * [ ] Many people predicting that 2016 is the year that Apple gets targeted by more attackers * [ ] Engine Immobilizers hackable over the internet Announcements * [ ] Speaking at OWASP Cali end of January * [ ] Currently working on an ICS / SCADA primer Productivity * [ ] Algorithmic learning [ Subscribe to the Podcast: iTunes | Android | RSS ] Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. * It’s better to listen via iTunes or with the player embedded above, but you can also download the sound file directly. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/13/201518 minutes, 15 seconds
Episode Artwork

Take 1 Security Podcast: Episode 20

Topics for this episode: News and analysis * [ ] Ads using high frequency sound to communicate across devices. The ultrasonic pitches are embedded into TV commercials or are played when a user encounters an ad displayed in a computer browser. While the sound can’t be heard by the human ear, nearby tablets and smartphones can detect it. When they do, browser cookies can now pair a single user to multiple devices and keep track of what TV commercials the person sees, how long the person watches the ads, and whether the person acts on the ads by doing a Web search or buying a product. * [ ] Conficker in police body cameras (windows brute force tool) * [ ] Siri iOS data extraction. Tv reporter * [ ] The eye of Siri * [ ] Read top stories from the security news site * [ ] Expect to see concealed carry increase in the united states * [ ] Starwood hotels hit with POS malware * [ ] How to Deploy Splunk AD Monitoring in 437 Easy Steps * [ ] PCs being shipped with MiTM certs in them (supply chain security) * [ ] Java Deserialization flaws evidently affect more libraries * [ ] France looking at banning Tor, blocking public WiFi * [ ] Blackberry leaves Pakistan rather than provide backdoor * [ ] EFF launches bug disclosure program for Let’s Encrypt and HTTPS Everywhere * [ ] Flash is really on the way out Ideas and commentary * Personal Github Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. * It’s better to listen via iTunes or with the player embedded above, but you can also download the sound file directly. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
12/7/201523 minutes, 35 seconds
Episode Artwork

Corporations Don't Want Employees

Companies don't want employees, and they're doing their best to get rid of them. We should be getting ready for this.Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/17/20153 minutes, 53 seconds
Episode Artwork

Take 1 Security Podcast: Episode 19

Topics for this episode: News and analysis * [ ] A couple of months into my job with IOActive * [ ] Paris Attacks: resilience vs. prevention * [ ] Updating the OWASP IoT Project (no longer the Top 10) It’s an umbrella project. * [ ] Adding to the IoT project the SCADA Top 10 List (read the list), and Nabil Ouchn is going to be project leader on that project * [ ] Pentagon farms coding to Russia * [ ] Crypto email service pays ransom, gets taken out anyway * [ ] Blackout Europe shows vulnerabilities in LTE. Forced leak of location within 2-KM radius. Were also able to block LTE and force 3G or 2G. * [ ] Onapsis talks SAP HANA vulnerabilities. They’re config issues, and aren’t patchable, and include: remote file writes, remote directory deletions, moving files to where they can be access remotely, remote command execution, and remote python execution. To fix, you have to upgrade to the latest version and reconfigure your system. Also two issues with the database that allow HTTP RCE and SQL RCE. * [ ] TPP : how did we even get an agreement that was secret in the first place. Forget the details. This should never be allowed to happen again * [ ] Linux ransomware now hitting websites (broken by Brian Krebs) * [ ] Linux.Encoder.1 has a predictable key for its ransomware, and a tool was released to decrypt victims’ systems. Good to know that even attackers make dumb encryption implementation mistakes. * [ ] Visio smart tracking turned on for 10 million users. Here was the pitch “revolutionary shift across all screens that brings measurability, relevancy and personalization to the consumer like never before!” * [ ] Ring-0 theory of devops: history of the o-ring. Small thing that everything else depends on. for serial tasks you need A players to have an A process. As you lower the whole thing tumbles down * [ ] The Chinese Great Cannon: so we know about the Great Firewall, now learn about the Great Cannon * [ ] Must read article: What ISIS Really Wants, by the Atlantic * [ ] Two must follows: Gunnar Peterson, and Benedict Evans. Gunnar is brilliant in security, and Benedict works for Adresesen Horowitz Updates and announcements * Hit me up at IOActive if you have any security consulting needs. Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. * It’s better to listen via iTunes or with the player embedded above, but you can also download the sound file directly. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
11/16/201531 minutes, 18 seconds
Episode Artwork

Take 1 Security Podcast: Episode 18

Topics for this episode: News and analysis * Sonar framework * Schneider Electric SCADA issues revealed at DEFCON * Ashley Madison hack, extortion will become more common, passwords added to SecLists * Hackers attack PR firm and manipulate stocks * Uber is quadrupling their security staff in 2015 * Android vulnerabilities lately Ideas and commentary * Business-based hacking: extortion-based hacking, ransomware, prediction-based hacking, PR releases, etc. Find the leverage, then execute the hack * My problem with threat intelligence * Optimal playlists for getting work done: baroque, no words, medium volume, 60 beats per minute * Ambient sound as two-factor, which goes to my idea of continuous authentication * How standardization and insurance will change security * Miller (mlr) is like sed, awk, join, cut, and sort, but for name:index data such as CSV * Participation in the OWASP IoT Project, Sasa Zdjelar is going to work on an IOT disposition project, Digicert is possibly working on a secure updates project, and we welcome others to add to the mix Updates and announcements * Vegas conferences: two talks, Blackhat Arsenal, DEFCON talk on IoT Attack Surface Areas, Caparser release * If you’re into IoT, be sure to check out Craig Smith’s podcast at IoT Weekly, and Bruce Sinclair’s IoT podcast as well * SecLists has been reorganized, go check it out * Kali Linux 2.0 is out: new kernel, based on debian, rolling release, go get it Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
8/25/201526 minutes, 58 seconds
Episode Artwork

Mr. Robot Episode 3 Review

[ NOTE: There are spoilers below, not just for this episode but for the show in general. ] Enough people have asked me to start doing reviews of Mr. Robot episodes that I’m going to have a go at it. The deciding factor was the fact that I had such a strong desire to write during the third episode. I’m going to start here with thoughts on the show in general, not just on episode 3. Mr. Robot in general The character The main protagonist is an interesting character. He is what the writer evidently wants to capture, or actually believes to be, the template for a true hacker, which is highly damaged. I am quite struck with the focus that is placed on how truly messed up he is. He has major drama with the way his father was killed. He largely hates society. He has deep personal depression. And he’s a user of narcotics. I’m left thinking along the lines of a Hemingway type of artist, where the best creativity (in this case hacking) comes from those wo are the most tortured internally. Painters, musicians, etc. We’re familiar with the template. This redeeming qualities, which the writers take equal efforts to highlight, are the desire to protect people, his love for the blonde girl, and a general but understated willingness to fight back against the soul-crushing force of our modern, consumerist society. I really enjoy how he is only actually going to see his psychiatrist because he’s trying to help her, and if she’s actually going to help him it’ll kind of be on accident. He deeply analyzes people and sees if they’re good, or weak, or in need of help, and then if they are he kind of hates them less because of this. And he is willing to use his superpowers to help them as a result, like when he pushed that guy out of his psychiatrist’s life. The tech Before going into the various problems, it must be said that the information security writing has been exemplary. I’d say definitely the best we’ve seen in either movies or “television” (whatever that is). That said, there are a number of missing links in the armor. On one of the first episodes, possibly the first, I noticed an IP address with a final octet in the 300’s. That’s just an editing miss, but it did take me out of the fantasy. In Episode 2, which I generally didn’t like, I was quite bothered by the destruction scene. Here’s what I think happened there. They wanted to do a destruction scene, they had it all rigged up, and they wrote the story so that he’d do a quick hack and then get spooked enough to do it. Then they show the infosec writer(s) the story component and they’re like, Um, no. There’s no way anyone of this skill level would be hacking from his actual IP address. And they’re like, Well, we need to do this scene. Most people will miss that, and the scene will be cool enough to make up for it. So the writer stomps out of the room mumbling about how they shouldn’t have hired him for authenticity if they were going to make such obvious mistakes, and they go with it. Who knows if that really happened, but that’s how I imagine it. Comments on modern society I also find the comments on modern society to be quite interesting. I think it’s a big part of the whole hacker feel. Hackers have always had this component to their mystique. Being counter-culture. Being underground. Fighting against the man. So the idea that everything is a conspiracy with the rich exploiting the poor, the strong exploiting the weak, and everything being about selling advertising and the dominance o...Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/19/201518 minutes, 32 seconds
Episode Artwork

Take 1 Security Podcast: Episode 17

Topics for this episode: Announcements * [ ] New desk, new mic setup News * [ ] SSL vuln spoofing issue, requires mitm * [ ] Sleepy puppy XSS Payload Management Framework * [ ] Troy Hunt on tech presentations * [ ] Stock market attacked and taken down. Anonymous warned about it beforehand * [ ] OPM goes to 21.5 million cards; director steps down * [ ] People need to get fired for this stuff; it’s the only way anyone will care enough to do anything * [ ] National Guard announces data breach Commentary * [ ] Mr. Robot * [ ] Splunk buys Caspida * [ ] Securing web session ids, by Eran Hammer Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/12/201525 minutes, 54 seconds
Episode Artwork

Take 1 Security Podcast: Episode 16

Topics for this episode: * [ ] Hacking Team Hacked, show which oppressive governments bought their software * [ ] No exploits for non-jailbroken iPhone * [ ] The FBI spent 775K on Hacking Team software * [ ] Citi creating a digital currency, called Citicoin * [ ] Clinton attacking China on hacking, “Said they’re trying to hack into everything that doesn’t move.” * [ ] Eric Holder suggests that Snowden had a positive impact, and that an agreement could be reached * [ ] Critical bug in node.js patched that could lead to DoS * [ ] MasterCard looking to do facial scanning to authenticate purchases * [ ] FBI is offering 4.3 million for help finding top hackers * [ ] A petition for Ellen Pao to leave Reddit has topped 150K signatures Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
7/7/20156 minutes, 49 seconds
Episode Artwork

Take 1 Security Podcast: Episode 15

Topics for this episode: * iOS flaw * The Chinese hacking campaign against the US * Breach at Recorded future * Hacking cars through key fobs * NSA/GCHQ hacking of people through security software * Snowden’s documents in the hands of the Chinese and Russians * Samsung re-enabling Windows Update * Mr. Robot * Blackhat/DEFCON Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/29/201514 minutes, 17 seconds
Episode Artwork

Take 1 Security Podcast: Episode 14

Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/15/201522 minutes, 51 seconds
Episode Artwork

Take 1 Security Podcast: Episode 13

Notes * The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
6/12/201542 minutes, 55 seconds
Episode Artwork

Take 1 Security Podcast: Episode 12

Play Podcast START CONTENT * Singtel buys Trustwave * Snowden does interview with John Oliver * CheckPoint buys Lacoon * Everyone’s trying to do everything, which gives the big people a major advantage * China melted GitHub * MiTM’d Baidu traffic and modified its analytics JavaScript to make constant requests to GitHub * They did it because GitHub was hosting two mirror repos for content that is banned in China * Also highlights the need for encryption, so that the JS couldn’t have been injected * Obama just came out and said that if you attack us, we’ll sanction you * How does that work exactly, when China makes everything we use? * Then we just found out Russia hacked us through the State Department issue * A major vulnerability was revealed in Inngate routers used in the US and Europe. * It allows attackers to browse and write to the root file system of the devices, changing configuration, distributing malware, etc. * Mostly used in US and European hotels * Attackers are compromising IRS accounts in large numbers. Claim yours to avoid it happening to you * Featuring Brooks Garrett * He’s a friend and co-worker going back 8 years * He’s the smartest IT guy I’ve ever known: sick programmer, Linux ninja, database, networking, everything. Full stack, real deal. * He’s a volunteer firefighter * He blogs at http://brooksgarrett.com: latest posts are Remote Streaming with Pi and MPD, Nagios SMS alerts with Amazon SNS, Cleaning Passwords from Logs, Fixing OhMyZSH prompts in PuTTY * His Twitter is @brooksgarrett * If you’re not following his stuff, you should be END CONTENT Notes * Intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
4/8/201513 minutes, 48 seconds
Episode Artwork

Take 1 Security Podcast: Episode 11

Play Podcast START CONTENT * Twitch, a game streaming service owned by Amazon, was hacked last week * Passwords, emails, usernames, addresses, phone numbers, dates of birth * Amazon bought them last year for almost 1 billion dollars * Bar Mitzvah attack on TLS * Requires that you can sniff traffic * Basically an RC4 problem * Solution is to remove it from your supported algorithms * GitHub Has been hit by a massive DDoS attack * Apparently from China * CSRF vulnerability found in a wind turbine * Allowed you to pull usernames and passwords * Also allowed the password to be changed for the default user, which had admin access * CSRF vulnerability exposes Hilton customer accounts * There was an account rotation issue where you could gain access to their account as long as you could guess their 9-digit username * Snowden says IT workers now the targets of spies * They’re not going after their information, but to use them for access to networks * Premera hacked on same day as Blue Cross (January 29th) * Same story: encryption, know your network, etc. * Also same story: health data is harder to clean up from because it involves PII that cannot easily be changed * More speculation around these attacks is that they’re data gathering for larger attacks on government networks * Apple Acquires FoundationDB * Fast NoSQL database probably to be used for its increasing entry into the services market * Researchers use heat to breach air-gapped systems * Everyone knows that an airgap is the best defense * Ben-Gurion University came out with BitWhisper * Now bidirectional using malware on both systems that controlled heat creation and detection * Only 8-bits per hour * BioCatch, Zumigo, Alibaba release tools to identify users * I used to work with a technology called BioPass * Uses what you do with your mouse, scrolling, how you smile via selfie, compares habits, your current location, etc. Similar to existing fraud detection just with more data points * Really cool tech, needs to be used with the right authentication level * Korea investing 5B in IoT and Smart Cars * Bring Your Own IoT * Recording audio and video are getting increasingly easy * Sensitive meetings might become dead zones soon, and perhaps even sensitive work areas * Some people will say that we already have this risk, but they key is the ease with which it can be done END CONTENT Play Podcast Notes * I skipped a week due to travel in Asia. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/30/201516 minutes, 57 seconds
Episode Artwork

Take 1 Security Podcast: Episode 10

Play Podcast START CONTENT * There was another SQL Injection bug found in SEO by Yoast * It required admins to click a malicious link * Was patched quickly * It’s the plugins that make WordPress vulnerable * Attackers are targeting gamers for ransomware * Virlock is one version of ransomware that not only locks the screen, but infects files * It’s also polymorphic, so it changes itself every time it runs * TeslaCrypt goes after gamers, which seems super smart because they are often addicted * The Hello Barbie doll is recording kids voices and sending the recordings over the Internet for voice recognition * I get asked a lot about what to do about this kind of stuff * Start by making a list of everything that can record voice or audio in your home, and determine what kind of controls you have on them * Assume the worst, even though it’s probably not that bad * US industrial systems attacked 245 times between October 2013 and September 2014 * Most attacks were against Critical Manufacturing and Energy * Biggest vectors were spear phishing and port scanning * CloudFlare aims to defeat DDoS with Virtual DNS * They want to proxy DNS before it hits customer name server * The CIA supposedly tried to hack Apple hardware * The article has come under extreme scrutiny * Going to be on the Security Weekly podcast with Pau * Hillary Clinton’s email account dram * OpenSSL is getting an audit * Bout time * Wikimedia is suing the NSA over surveillance * Spoofing the boss is the best way to phish someone, evidently * Had a great time at CactusCon in Phoenix * Did a talk with Jason and saw Dave’s keynote * Dave’s keynote was about struggling with the basics, not APT * He asked when a major breach was NOT a dumb mistake * Someone’s looking to make a Snowden Phone * Looks like I’ll be on the Security Weekly podcast with Paul * Going to talk about IoT security and my our OWASP project END CONTENT Play Podcast Notes * Comments welcome on content and format, as usual. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/16/201522 minutes, 1 second
Episode Artwork

Take 1 Security Podcast: Episode 9

START CONTENT * Sorry about the audio last week; wireless headsets don’t compare to the Yeti * The CIA is focusing on cyberespionage in its new management * Anthem is refusing an audit by the OIG office–an org that audits health care groups that provide services to federal employees * Nothing says I’m guilty like refusing an audit * Reminds me of the Russians refusing the crash investigation in Game of Cards * There’s been a possible credit card breach at the Mandarin Oriental hotel chain * The incident was reported by Brian Krebs * Three people were indicted in the Epsilon hack * Resulted in around 1 billion email addresses being stolen * Dave Aitel thinks junk hacking is a waste * Basically hacking your blender or whatever * In my opinion he’s missing the point that most conferences are like this * I think there’s a hierarchy of talks * Create new defense tool based on new defense idea * Create new defense idea * Create new attack tool based on new attack idea * Create new attack idea * Create new tool for existing attack or defense idea * Describe existing attack or defense idea * Microsoft has reported it’s vulnerable to FREAK as well, making it even more serious * FREAK has proved to be less alarming than previous SSL vulns simply because of the difficulty of attack END CONTENT Play Podcast Notes * I think I’m going to standardize the intro and outro so that I only end up recording the actual story content each week. * Any recommendations on what else you’d like to see would be appreciated. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/9/201512 minutes, 59 seconds
Episode Artwork

Take 1 Security Podcast: Episode 8

START CONTENT * New SSL attack called FREAK * Has to do with falling RSA back to a deprecated and weak level * Requires the client and server are both vulnerable * The solution is to patch * Many orgs will also want to note which servers were vulnerable * The lesson is that you don’t reduce security to increase it * Backdoors x time = regret * Using Ruby’s Open-URI could be dangerous * open-uri monkeypatches kernel.open * open(params[:url]) can execute |ls * Hilary Clinton used a personal email address and did not store correspondence on government servers for her entire 4 years as Secretary of Defense * This seems highly suspect * First you’re putting that data at risk in a personal system * Second you’re obviously trying to hide your conversations * Facebook can access your account without your password * Google no longer encrypting Lollipop by default * Was one of the main selling points for 5, and now it’s gone * They said it was simply a driver issue * DLink routers have a remote command injection bug * Could allow DNS hijacking and other attacks * ISIS has threatened some members of the Twitter team for disabling their accounts * This really puts a point on public presence for me * I’m a strong proponent of the belief that the way to avoid attack is to avoid being a target, not to be hard to attack once people want to * This works for personal attacks, not for countries obviously * There has been some major fraud happening with people connecting stolen cards to ApplePay * The issue isn’t a security problem with ApplePay, but rather with standard bank / card security issue * Up to 18.8 non-Anthem customers exposed in the Anthem breach * This is in addition to the 80 million actual anthem customers * GoPro vulnerability on its website exposes customer Wi-fi passwords * Expect more of this * Uber took over 5 months to issue a breach notification * There was a breach of driver names and license numbers that they just now disclosed * Seagate NAS vulnerability allows unauthorized root access * This raises the cloud storage issue I blogged about last week END CONTENT Play Podcast Notes * Sorry about my voice on this one. I’m a bit sick. :( Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
3/3/201516 minutes, 25 seconds
Episode Artwork

Take 1 Security Podcast: Episode 7

START CONTENT * New stuxnet like piece of malware was discovered * Was found by Kaspersky * Has infected thousands of computers, mostly in Iran * The malware is the most advanced ever found * Can hide on the computer even after reinstall * Many of the names used in the application are known NSA codenames, such as GROK * Wired said those targeted groups were Islamic scholars * The group is called equation group due to the encryption used to hide itself * Car washes hacked by Billie Rios * Bad web software * Default passwords * Submit POST requests * Battery power can be used to track Android phones * Based on the power you use from cell phone tower usage * Obama sides with encryption against government groups * Lenovo laptops spying on you * Can we just say it’s dumb to use things produced in China? END CONTENT Play Podcast ### Notes * Sorry about the pops in the audio. My desk randomly makes loud noises. I’m working on it. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/24/20158 minutes, 40 seconds
Episode Artwork

Take 1 Security Podcast: Episode 6

START CONTENT * Ukrainian banks hacked for up to 1 Billion dollars * Evidently installed malware on bank admin machines using phishing * Not sure they have an FDIC * As if the Ukraine didn’t have enough problems * 10 million password project * Mark Burnett posted 10 Million password combinations * Went through a long explanation of why he was doing it * I’ve broken them up and put them in the SecLists project * Jeb Bush leaks personal data * Anthem may have been Heartbleed * Could have been China, but who knows * Reminder about talking about things without information * It’s best to just leave it alone * HP released Home Security Systems report * We found 10/10 systems vulnerable to account harvesting * DARPA Dark Web Search Engine * Stuff not indexed by Google * Tor services, etc. * Obama creating new threat intelligence agency * Unified organization for tracking threats * Looking to partner with private industry as well * Anthem and Cyberinsurance * Up to 200M in cyberinsurance * Probably won’t cover it, but it’ll be a good test of usefulness * Facebook lets you pick who manages your account when you die * Facebook threat sharing program * Uber lost and found database was online with personal data in it * Basically, if you lose something in a car, they know who you are, and they keep your stuff for you * But they had the database exposed online END CONTENT Play PodcastBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/17/201512 minutes, 29 seconds
Episode Artwork

Take 1 Security Podcast: Episode 5

START CONTENT * Anthem, the second largest healthcare company, had a major breach * They lost around 80 million socials, addresses, emails, etc., which is roughly double the Target breach * There’s speculation that it was China, trying to penetrate government, but it’s early * Watch for phishing scams related to it * The megabreaches continue…weee! * A WordPress plugin called FancyBox had a serious compromise in it last week, which affected thousands of websites * If you’re going to run WordPress, understand that Plugins are the best way to get yourself hacked * Specifically, the type of plugins that handle user input and do something with it that affects the site’s output * Image manipulation plugins have been particularly vulnerable, usually to XSS * There was another critical Flash vulnerability this week * Like I said last week, and the week before, there’s a first time for everything * Three bug hunters at HP received the 125,000 prize for finding a major vulnerability in Internet Explorer * Because they work for HP they couldn’t take the cash, and instead donated it to charity * Microsoft released Outlook for iOS last week, which looks pretty slick * Unfortunately it is riddled with security flaws * Recommendation: wait for a few updates, and for them to get a security assessment END CONTENT Play PodcastBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/8/20157 minutes, 17 seconds
Episode Artwork

Take 1 Security Podcast: Episode 4

START CONTENT * Ghost bug in PHP could affect millions of servers * Flaw is in glibc, which is extensively by all Linux distributions * Patch and reboot using yum or aptitude * The US Army Released DShell, a malware forensics tool * This is an interesting trend where we see tons of formerly secret groups flock to Github. Great to see * Reddit released its first transparency report last week * Says it received 55 requests for user information * Says it complied with 64% of state and federal requests * Says it received 218 requests for content removal, and complied with 31 percent of those * I am pleased to see them releasing these numbers, and I hope more organizations do the same * The GHCQ was using a program called BADASS to collect data leaked by games such as Angry Birds * Luckily it only affected the 11 people still playing that game * Russian dating site, Topface, got hacked for 20 million usernames * The FBI busted up a Tom Clancy book plot in New York City * The plan was to get information about wall street trading algorithms and hopefully destabilize the markets * All they managed to do was embarrass themselves by commenting on how they couldn’t recruit young women * China is demanding to be able to build backdoors into any code sold to its banking sector * Some people call this news, but with China we just call this Wednesday * Apple released a Yosemite update that fixed Thunderstrike, among other things * Anonymous and Lizard Squad are going after each other * Anonymous is the famous hacking group known for all sorts of things * Lizard Squad is known for taking down the XBox and Playstation networks around Christmas time * Anonymous DDoS’d the Lizard Squad website, and then Twitter suspended a couple of their handles * Interesting to see these groups going after each other * BMW and the internet of things is in the news, with BMW owners receiving an automatic push to around 2 million cars * A vulnerability was present that could allow attacks to spoof cell towers and possibly control onboard systems * BMW pushed a patch that ensures all such communications go over HTTPS * It’s interesting that, like printers, cars are likely to become a primary IoT platform just because there are so many of them * The key is to figure out what normal things exist in the world today en mass, and then imagine those things being connected * Printers, cars, furniture, clothing, etc. It’s the regular stuff that makes it interesting because of how much attack surface they represent, and how prevalent the perspective they’ll offer into our daily lives END CONTENT Play Podcast Notes * Intro is from Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
2/2/20157 minutes, 53 seconds
Episode Artwork

Take 1 Security Podcast: Episode 3

START CONTENT * There was an issue with the Marriott website that exposed reservations and payment information. It’s now been fixed * Police are now using a new radar to see into peoples’ homes without a warrant * Security budgets are reportedly going up due to the mega-breaches in 2014 * Also leading to higher pay for CIOs * Anecdotally, I’d say it’s a pretty good time to be in infosec * A new security startup, PFP Cybersecurity, uses power consumption to detect malware * Meant initially to be used for SCADA type systems * The US hacked North Korean computers back in 2010 * This is reportedly the reasons we were so sure they hacked Sony * Recently leaked documents from Snowden show heavy offense * Snowden recently talked to Schneier at Harvard about a number of things * The NSA is becoming increasingly offensively oriented vs. defensive * The NSA supposedly uses compromised systems as jump points * Snowden said most NSA hackers are junior enlisted with limited skills * Russia reportedly hacking for geopolitical gain, not just money * Millions of gas stations could be at risk of shutdown * The Automated Tank Gauges can be remotely accessed by attackers * Could be manipulated to cause alerts * Potentially could be used to stop the flow of fuel * Microsoft gave Charlie Hebdo data to FBI in 45 minutes * Starwood hack based on bad passwords * Bad passwords, password re-use, and a brute forcing tool * Account harvesting is rough: user enumeration, weak passwords, and lack of account lockout * Flash has another major exploit. Update your stuff. * People continue to be worried that the President’s crackdown on hackers could hurt security professionals * Congress is meeting on the 27th of January to discuss breach notification * The wireless in around 2 million cars is highly vulnerable to attack * A polish company has created Mouse-Box, which is an entire computer inside of a mouse enclosure END CONTENT Play Podcast Notes * Sorry about the noise part way through. My girl walked in and started unpacking groceries. But when I say one take, I mean one take. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/25/201510 minutes, 51 seconds
Episode Artwork

Take 1 Security Podcast: Episode 2

START CONTENT * UK police arrest 18-year-old in connection to Playstation and XBox attack * Major ASUS router bug * Local users can take full control without a password * Biggest issue there seems to be DNS hijacking * Legislative attacks on infosec profession and encryption * Anti-hacking law language ambiguous “according to owner” * Obama is said to agree with Cameron, but it’s complicated * Evidence of a plot is different than outlawing encryption * There’s other talk about it being illegal to see hack data * French reporting 19,000 DoS attacks since the shootings * Anonymous is going after ISIS and others * An attack on free speech is an attack on Anonymous * Google releases another Windows flaw that they didn’t fix * Verizon API vulnerability exposes customer email addresses * Issue was with a mobile API used by Android devices * Allowed him to retrieve peoples’ emails and send emails as them * On whether we should trust the FBI regarding the Sony attack * We now find out the attribution came from a previous NSA hack * It’s hard to criticize without data * This doesn’t mean they did it, or that the FBI is always right, or that they should always be trusted * It means be cautious when you don’t have any information, and the person you’re criticizing has all of it * Free speech and the Paris attacks * Where is the line for free speech? * I think it comes down to safety and taste * You can’t yell fire, and art matters * Quote of the week * No one is as happy as they seem on Facebook, as depressed as they seem on Twitter, or as employed as they seem on LinkedIn. END CONTENT Play Podcast Notes * I have a consolidated InfoSec news feed (here) that I use as a source for headlines. Become a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/19/201515 minutes, 46 seconds
Episode Artwork

Take 1 Security Podcast: Episode 1

Subscribe to the Podcast: iTunes | Android | RSS START HEADLINES * Google drops security updates for Android 4.3 and below * This is a problem since that’s most of the install-base * Only .1% of users are on Android 5 * Microsoft and Adobe Push Critical Security Fixes * Seems like Google’s been messing up recently, with their attack on Whitehat for the Aviator stuff, their dropping security updates for Android, and now this early release of a bug before there was a fix. * Obama is asking for the removal of a number of state laws that make it harder to get good broadband in the US. * Obama is asking for quicker laws around the disclosure of hacks * One potential law is the Personal Data Notification and Protection Act, which would require companies to notify within 30 days if they get hacked. * The CENTCOM Twitter account got hacked a couple of days ago by some pro-ISIS folks * Obama is looking to improve the sharing of cybersecurity information as a response to the hack * Sammy Kamkar has released a keylogger for Microsoft wireless keyboards, called Keysweeper * David Cameron wants to make encrypted messaging apps illegal * 1) I’m not sure how he thinks this is possible Subscribe to the Podcast: iTunes | Android | RSSBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.
1/14/20153 minutes, 50 seconds