This is the 46th episode of the Shared Security Podcast (formally the Social Media Security Podcast) sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions. This episode was hosted by Tom Eston and Scott Wright recorded October 7, 2015. Below are the show notes, commentary, links to articles and news mentioned in the podcast:
Scott gives an overview of the BSides Ottawa Security Conference
If you’re in the Information Security industry I highly recommend you attend a local BSides conference. Always great content and networking opportunities!
-Tom
Everyone you know will be able to rate you on the terrifying ‘Yelp for people’ — whether you want them to or not
Yelp for people? What could possibly go wrong? What are the ramifications when we start “rating” everyone we know or encounter? In a recent twist everything available about the Peeple app has been removed (social media, website, etc) by the founders most likely because of the firestorm of news media and privacy concerns. While the Peeple app looks like it may not happen..I’m sure there are other similar apps that will pop up and try something similar in the near future.
-Tom
The Power of Privacy Video Series by The Guardian
The first episode takes a very thought provoking look at the digital shadows you leave and how someone can find personal and private information about you on the Internet…highly recommended! Episode 2 was recently released and talks about how easy it is to get hacked through phishing and common social engineering techniques.
– Tom
Anatomy of an enterprise social cyber attack
This is some interesting ZeroFOX research on customer scams, specifically one called “hashtag hijacking”. I’ve heard of several cases in the news about this type of attach using social engineering and social media as attack vectors. Check out this great infographic to learn more.
-Tom
Thousands of ‘directly hackable’ hospital devices exposed online
This research was released at the DerbyCon security conference last month. I found it fascinating that now MRI and other critical medical equipment can be found using the search tool Shodan outside of the firewall of some major healthcare providers. Most likely this happens because of poor network segmentation as well as separate Internet connections outside of the healthcare provider. To top that off many of these devices are configured with default credentials and/or weak passwords (some running vulnerable Windows XP and older systems too). The researchers built a honeypot defibrillator machine to prove their points which “attracted a whopping 55,416 successful SSH and web logins and some 299 malware payloads”. Medical devices (pretty much in the same category of IoT) which lack any security is very scary, especially the potential impact to human life if these device
Published on 10 years, 2 months ago
If you like Podbriefly.com, please consider donating to support the ongoing development.
Donate