One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 503147 |
| Date de publication | 2018-03-09 14:00:00 (vue: 2018-03-09 14:00:00) |
| Titre | Things I hearted this week 9th March 2018 |
| Texte |
It’s been an uneventful week for the most part. I did spend a lot of time reading tweets by Today In Infosec. If you don’t know of it, I suggest checking it out. As the name suggests, it tweets out news from the world of information security from previous years. I was thinking that maybe I could wait five years and then recycle these weekly roundup blogs as “This week in Infosec”
But that’s the future, let’s jump into the news that matters today.
An Olympic hack
What went on behind the scenes at the Olympics? How much hacking went on, who was behind it, and what can be done about it?
Lessons in Cyber: Influence Operations | Comae technologies (the Grugq)
2018 Winter Olympic Games have been hacked, organizers confirm | Digital trends
Russian spies hacked the Olympics and tried to make it look like North Korea did it, U.S. officials say | Washington Post
SAML, SSO many vulnerabilities
SAML-based single sign on systems have some vulnerabilities that allow attackers with authenticated access to trick SAML systems into authenticating as different users without knowledge of the victims’ password.
Sounds like a lot of fun.
Duo Finds SAML Vulnerabilities Affecting Multiple Implementations | DUO
Passhunt
I came across this little gem on GitHub this week. Basically, it’s a repository of default credentials for a plethora of network devices, web apps, and so forth for over 500 vendors and near 2100 default passwords.
Remember, Mirai originally only had 61 default passwords to wreak havoc.
Passhunt | GitHub
Sharing is caring
If you give your information to a business, how many places do you think it shares that information with? None, a dozen, fifty?
Well, thanks to GDPR compliance, PayPal has shared a list of over 600 entities it shares data with.
List of Third Parties (other than PayPal Customers) with Whom Personal Information May be Shared | PayPal
Related
What Amazon Echo and Google Home do with your voice data | Wired
MoviePass CEO admits company creepily tracks users | New York Post
|
| Envoyé | Oui |
| Condensat | 'need “rage “this 2018 2100 500 600 9th about access across address admits affect affecting after aftermath against age alexa allow always amazon anonymous any applicable appreciate apps are ars article artificial attacked attackers authenticated authenticating authorities available avoiding bad bar based basically bbc bearing been behind being better big bitcoin blog blogs body bond breach breaches burst business but call came can caring cars case catch ceo changes checking chief clear comae companies company company’s compliance confirm consensus could couple cox credentials creepily cryptocoin cryptocurrencies cryptocurrency customers cyber: cybersecurity daniel data default developing device devices did different digital dip discrimination discussed disruption don’t done down dozen drivers driving duo easy echo else encourage entities ethereum evolving exploited eye feel fifty films finds first five fix fixes flaw focus focused force forgotten form forth from fun fundamentals future games gdpr gem general github give google gray grugq guardian guidelines hack hacked hacking had hard hardening has hat have havoc hearted highly his home how human hutchins i’ll identifies impact implementations important include influence information infosec infosec” innocent innovative intelligence interesting involves iot iot: issues it’s its joseph jump just keep kid know knowledge korea laughter ledger left lessons let’s life like likely list literally little look loss lot machine” major make malware manufacturers many march marcus matters may maybe mean met miessler mind mirai months more most motherboard moviepass much multiple myself name near network new news none north not nothing nymag officials often olympic olympics only operations organizers originally other out over own part parties passhunt password passwords paypal people personal personally photo piece places plethora point police porn post previous price privacy profits raging raise raises random reading really realm recycle register regulating regulation related remember report repository research resilience resources risk roundup russian safety saml say says scenes securing security see self serious share shared shares sharing should sign single slam slap smart smartphone some somewhat soon sophisticated sounds spend spies sso ssrn steer stop suffer suggest suggests systems tech technica technical techniques technologies teeth' telegraph than thanks that’s then these they’d things think thinking third time times today told took track tracks trends trick tried try turned tweets uneventful uniquely unlikely upside users valuable vendors very victims’ voice vulnerabilities wait washington ways web week weekly well went what when who whom will willingly winter wired without working world worth wreak written years yet york your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.