EP028

Episode 28 – News Updates shownotes

Music provided by: Denis Kreynin https://soundcloud.com/denis-kreynin

HeartBleed – ep019

 

Google Project Zero started as an initiative against future heartbleeds

https://www.techradar.com/news/internet/web/google-project-zero-aims-to-stop-the-heartbleed-bug-from-happening-again-1257434

 

https://www.google.ca/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=google+project+zero&safe=off&tbm=nws

 

How a high profile exploit actually helped
https://www.cbronline.com/news/security/5-reasons-heartbleed-has-been-good-for-cyber-security-4322739

 

Currently, there are about 309,197 systems still vulnerable to Heartbleed, which is a slight drop from the 318,239 Graham discovered in early May. The slow drop indicates that Heartbleed patching has more or less ended.(Jun 27th)

https://www.pcworld.com/article/2365774/two-months-later-heartbleed-patching-stalls-out-with-300k-servers-still-vulnerable.html

 

Making a fix is easy, Getting people to apply it…

https://www.lifehacker.com.au/2014/07/why-heartbleed-is-still-a-problem/

 

Bug bounty topic: Seque Valve: https://www.gamespot.com/articles/valve-responds-to-steam-developers-security-concer/1100-6421214/

Target Breach – ep016

 

In January 2014, Target announced that the contact information — full names, addresses, email addresses and telephone numbers — of 70 million customers had also been compromised. Some of those customers probably also had credit-card data compromised in the earlier breach, but it’s possible that as many as 110 million people were affected by the Target breaches.

 

Literally nothing has changed over all

https://www.houstonchronicle.com/business/technology/article/Credit-card-breaches-keep-coming-5616326.php

 

except maybe now people know that CC compromise is easy so more people are doing it?

https://www.cleveland.com/business/index.ssf/2014/07/six_months_after_the_target_se.html

 

It’s driving change but change is a fancy car with a large price tag

A 2011 white paper from ATM manufacturer Triton Systems put the estimated cost of upgrading ATMs in the U.S. at about $500 million and point-of-sale terminals across the country somewhere around $6.8 billion.

https://www.biztechmagazine.com/article/2014/07/target-breach-hit-credit-unions-hardest-fuels-push-emv-card-adoption

 

CIO resigned, CEO in trouble: https://www.csoonline.com/article/2134444/security-leadership/target-cio-resigns-following-breach.html

 

CISO hired: https://www.informationweek.com/strategic-cio/team-building-and-staffing/target-hires-gm-exec-as-first-ciso/d/d-id/1269600

 

PoS compromises https://www.theregister.co.uk/2014/07/21/ebayed_point_of_sale_terminal_leak_peril/

CellPhone OS adoption – ep022

 

Version Codename API Distribution
2.2 Froyo 8 0.7%
2.3.3 –

2.3.7

 Gingerbread 10 13.5%
4.0.3 –

4.0.4

 Ice Cream Sandwich 15 11.4%
4.1.x Jelly Bean 16 27.8%
4.2.x 17 19.7%
4.3 18 9.0%
4.4 KitKat 19 17.9%

Data collected during a 7-day period ending on July 7, 2014.

Any versions with less than 0.1% distribution are not shown.

 

https://developer.android.com/about/dashboards/index.html

 

Ios iOS 7 adoption reaches 90 per cent ahead of iOS 8

https://www.trustedreviews.com/news/ios-7-adoption-reaches-90-per-cent-ahead-of-ios-8

 

iPhone Worm

https://www.iphonehacks.com/2009/11/jailbroken-iphones-hit-with-rickroll-worm.html

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.