56 minutes | Jul 26th 2019

Overly-Convenient Store Cards

In this episode, Bill and Gavin discuss strange meetings in English Forests, improvements in security guidelines around IoT devices, bricking iPhone with a single message, and the issues with non-experts defining government policy. Bill is also joined by Tenable Researcher Jimi Sebree to discuss how he discovers new zero-days and a recent Arlo Camera teardown.

  1. All things IoT 
    1. https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8228.pdf
  2. Crime does not pay 
    1. https://www.darkreading.com/attacks-breaches/former-equifax-cio-sentenced-to-prison-for-insider-trading/d/d-id/1335078
  3. 1 more reason to use a password vault
    1. https://medium.com/@NullByteWht/hacking-macos-how-to-dump-1password-keepassx-lastpass-passwords-in-plaintext-723c5b1c311b
  4. Convenient loss @ a convenience store 
    1. https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
  5. 2019 so far so….
    1. https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/
  6. Protect yourself at all times 
    1. https://www.infosecurity-magazine.com/news/bas-magecart-breach-lands-it-183m
    2. https://www.infosecurity-magazine.com/news/ba-hit-by-global-web-skimming/
  7. When the non-experts are making policy
    1. https://www.itnews.com.au/news/amazon-blasts-australias-technically-flawed-anti-encryption-laws-527855
  8. Bricking an iphone with malformed imessage https://bugs.chromium.org/p/project-zero/issues/detail?id=1826
    1. Fixed in 12.3
    2. https://www.forbes.com/sites/daveywinder/2019/07/07/google-confirms-apple-iphone-bricking-imessage-bomb/#788e01f07a43
    3. Similar to “Black dot” from last year


Play
Like
Play Next
Mark Played