One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1019346 |
| Date de publication | 2019-02-01 14:00:00 (vue: 2019-02-01 16:01:05) |
| Titre | Things I Hearted This Week, 1st Feb 2019 |
| Texte |
Hello February! I was doing some research last night and was surprised to discover that the Target breach is over five years old! Five years! I was sure it only happened a couple of years ago - but such is the fast-paced nature of the industry, and also I guess a testament to how certain major breaches become part of infosec folklore. Like TJX, or Heartland - and no, I’m not going to look up when any of those occurred because I’ll probably end up feeling a lot older than I already do.
Enough reminiscing - let’s get down to it.
The Big Five
There’s been a lot of things I didn’t heart this week, although for one reason or another they ended up in my list of things to talk about. So, if you’re wondering about the stories regarding Facebook and Apple, and also Google, then yes, I did see them, and no, I don’t fancy talking about them.
But speaking of large companies, Kashmir Hill has undertaken what is perhaps becoming my favourite piece of tech journalism ever. WIth detailed write ups and slick videos showcasing how she cut out the big five of Amazon, Facebook, Google, Microsoft, and Apple from her life, one week at a time.
Life without the tech giants | Gizmondo
Week 1, Amazon | Gizmondo
Week 2, Facebook | Gizmondo
Week 3, Google | Gizmondo
Considerations for When Your Apartment Goes “Smart”
Everything is getting ‘smart’ these days. By smart, I mean connected and vulnerable. So, what should you do if you live in an apartment where everyone is getting fancy new smart locks (or terribly insecure cheap locks depending on how you look at it).
Lesley Carhart recently found herself in the same position, and has written a really good post on security considerations if you ever find yourself in a similar position.
Security Things to Consider When Your Apartment Goes ‘Smart’ | tisiphone
Abusing Exchange: One API Call Away From Domain Admin
An attacker with just the credentials of a single lowly Exchange mailbox user can gain Domain Admin privileges by using a simple tool. Very good writeup here.
Abusing Exchange: One API call away from Domain Admin | dirkjanm.io
_(1)_(1).jpg)
Sending Love Letters
The "Love Letter" malspam campaign has now changed its focus to Japanese targets and almost doubled the volume of malicious attachments it delivers.
Love Letter Malspam Serves Cocktail of Malware, Heavily Targets Japan | Bleeping Computer
While we’re talking about Japan, a new law in Japan allows the nation's National Institute of Information and Communications Technology (NICT) to hack into citizens' personal IoT equipment as part of a survey of vuln |
| Envoyé | Oui |
| Condensat | $50 “fundamentally 1st 200 2016 2019 2020 26m 451 about abusing accidentally according account acknowledges actively addresses adequate admin affecting agency agent ago ahead allows almost already also although amazon american android another antisocial any apartment api appears apple apps are article assured attachments attacker authorizes away banking because become becoming been behind big billion blames bleeping blocked breach breaches but call campaign can carhart certain changed cheap citizens' cocktail comment communications companies company’s compromised computer conclusions connected consider considerations could couldn’t couple court credentials credit customers cut daily dark data days declare deliveries delivers delivery depending detailed device devices did didn’t dirkjanm discover district doc documents doing domain don’t doubled down drawing effort email end ended engineer enough equipment ever everyone everything exchange exchange: execution expect facebook fair family fancy fast favourite feb february feeling festival find five focus folklore found fraud free from fyre gain games get getting giants gizmondo goes going good google guess hack hacking happened has have heart hearted heartland heavily hello her here herself hill history how huffington i’ll i’m incident includes industry information infosec initiative insecure inside institute intent interesting internet intrusion iot israel it’s its japan japan's japanese journalism judge just kashmir koh korea korean large largest last law leak leaked leaks leaves lesley let’s letter letters life like list little live locks logging logins long look looking lot love lowly lucy m&a magazine mailbox major malicious malspam malware manager marking massive mean mercenaries microsoft million monitoring more much names nation's national nature network new nict night not now numbers occurred old older olympic one only other out outflow outlook over own paced package pans part passwords pay people perhaps personal phone pickups piece plaintext plus position post presented privileges probably promotion proposal proposed rather reading really reason reasonable” rebuffed recently recover regarding rejects reminds reminiscing report research reuters route said same say scanning schedule secret security see sending servers serves settlement she shop should showcasing similar simple single slick smart some south speaking staff statement states stories strengthen such sure surprised survey swig talk talking target targets team tech technology terribly testament than them then there’s these thing things those time times tisiphone tjx tokyo tool two uae’s undertaken united ups used user users using very victims videos volume vulnerable we’re website week well what when where which who will without wondering work worried worth write writeup written yahoo yahoo’s years you’re your yourself zcall |
| Tags | Data Breach Hack |
| Stories | Yahoo |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.