EP044 – Plain Ketchup
Music provided by: Denis Kreynin https://soundcloud.com/denis-kreynin
Greetings & Banter
indistinguishable from the rest of the show. Sorry.
Projects & Homework
None this “week”, so maybe take the time to watch MR ROBOT if you haven’t already. Season 3 just started and episode 1 has some awesome scenes featuring Shodan, social engineering and a Capture The Flag style event (you can play around with your own if you want, just see the resources at http://captf.com/practice-ctf/). It’s so good.
Also, come meet Max at BSides Toronto, learn awesome stuff, and play CTF games!
Topic for this week: Catching up on the biggest events in the last year
Yahoo: One Billion More Accounts Hacked — Krebs on Security
‘Counter-Strike’ Bug Allowed Hackers to Completely Own Your Computer with a Frag – Motherboard Counter-strike, L4D, and TF2 all affected with a frag to remote command execution bug
Equifax website borked again, this time to redirect to fake Flash update | Ars Technica
Equifax, TransUnion websites push fake Flash player in malvertising campaign | Malwarebytes Labs Equifax 2nd breach actually malvertising
8,000 Canadian residents data breached down from the 100k initially reported
Russia hacking stuff we skipped over but I don’t want to do a separate episode on now…
- Bear Hunting: History and Attribution of Russian Intelligence Operations
- FBI NCCIC report on Grizzly Steppe This is the PDF on Russian Intelligence Service (RIS) involvement in compromising the RNC and DNC systems during the US National elections.
- FBI-DHS Report Provides Insight Into Russian Malicious Cyber Activity eWeek’s analysis and conclusions based on the FBI NCCIC report
- Did Russia Hack Ukraine’s Electrical Grid?: CYBERWAR (Clip) – YouTube Viceland’s coverage of the attack against Ukraine’s power grid
- On the Frontlines of Ukraine’s Proxy War Between the West and Russia – YouTube Viceland: Canada main contributor to proxy (real) war in Ukraine
- The rise of TeleBots: Analyzing disruptive KillDisk attacks – Was blackenergy group, now the TeleBots group.
- The awesome NPR Planet money episode on Russia’s propaganda machine
pi-hole is awesome! You should totally run it in your home. Details are at pi-hole.net
Cryptocurrency mining in your browser:
Ads don’t work so websites are using your electricity to pay the bills | Technology | The Guardian
CBS’s Showtime caught mining crypto-coins in viewers’ web browsers • The Register
What every Browser knows about you Pretty cool
Since no one is going to get my reference, here’s the WuTang Financial video (explicit) that speaks to “diversifying yo bonds”.