One Article Review
Accueil - L'article:
Source AlienVault.webp AlienVault Blog
Identifiant 740333
Date de publication 2018-06-22 13:00:00 (vue: 2018-07-11 17:02:49)
Titre Things I Hearted this Week, 22nd June 2018
Texte The Tesla Insider Elon Musk sent out an email stating an employee had stabbed the company in the back like Brutus, changing production code, and leaking inside information. I'll admit that like many people who have talked about or written about insider threats in the past, I instinctively punched the air and yelled, "YES! I warned you but you didn't listen." The incident is also notable for the impact it had on the company's  share price which dropped more than 6% in trading. "I was dismayed to learn this weekend about a Tesla employee who had conducted quite extensive and damaging sabotage to our operations, this included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties." Insider threats defined | AlienVault Tesla hit by insider saboteur who changed code, exfiltrated data | SC Magazine Tesla sinks after Elon Musk says an employee conducted 'sabotage' and Trump ramps up fears of a trade war (TSLA) | Business Insider Can't Fix Won't Fix, Don't Fix Organisations cannot afford to view penetration testing as a tick box exercise. How should they mitigate the fact some vulnerabilities can’t be fixed, won’t be fixed, and in some instances, actually shouldn’t be fixed? Can’t fix, won’t fix, don’t fix: Is it time for businesses to rethink how they action pen test results?| IT Pro Portal On the topic of pen tests, check out Adrian Sanabria's presentation slides from RSA earlier this year on killing the pen test. It's time to kill the pen test (PDF) | RSAconference To add balance, and to convince you pen testers out there that I'm not a bad person who hates all pen testers, here's an awesome collection of penetration testing resources that include tools, online resources, books, courses, conferences, magazine... Awesome Penetration Testing | Kinimiwar, GitHub A Case Study In Bad Disclosure Imagine you're a researcher and have found a vulnerability, you then disclose it responsibly to a vendor, then that vendor fixes the issue - but instead of sending the chopper over to you with a care package, they pretend like you didn't exist. Akin to Tom Cruise getting disavowed in every single Mission Impossible movie. Then imagine that vendor submitted the vulnerability details to Google and received a bug bounty award to the tune of $5,000. Then to top it off, they sat back in a massive reclining chair, threw their head back and laughed as they donated the full $5,000 to a good cause.
Envoyé Oui
Condensat $31 $31m 000 2018 22nd about action actually add admit adrian afford after air airport akin algorithms alienvault all also alternatively always amounts anonymous anyone appears approach apps architechure architecture arrested arrived asking asleep atlanta attend austin authorities availability award awesome back bad balance banking beard been being best between bias billion bit bitcoin bithumb bleeping blog bode books botch bounty box brutus bug business businesses busy but camp can can't fix can’t cannot capone captains care case cause chair championships changed changes changing charge check chopper cloud code collection community company company's  complete comprehensive computer conducted conferences contributions convince core courses crimes cruise cryptocurrencies cryptocurrency customers cyberattacks damaging dark data database defined detailing details detectives: didn't direct disavowed disclose disclosure dismayed divesting doesn't don't don’t donated down dropped drug earlier elon email employee engineering enjoyed even every exchange exercise exfiltrated exist exporting extensive fact fair false far fears feds find findings fix fix: fixed fixes found freecode from full fully get getting github github's good google got great guilty hack had hard has hates have head heart hearted held here's high highly him his hit how hunt i'll i'm ibm imagine impact impossible incident include included information infrastructure initial inside insider instances instead instinctively issue it's its job june kill killing kinimiwar korea korea’s korean large largest last late laughed leaking learn least led left liam like lines listen long loss lot madness magazine magento magnificent make making manufacturing many massive medium migrating million mission mitigate more morning moustache movie moving musk mustache mysql nature needs neeson new news night not notable now off online open operating operations organisations other out outlines over package paraphrasing parliament part participate parties past pay pdf pen penetration people person pleads pled portal post preliminary presentation pretend price pro problems production program published punched pwnaccelerator questions quite ramps randomness read reading really received recently reclining report republic researcher researchers resources responsibly results rethink right rsa rsaconference sabotage saboteur saga said sanabria's sat says schedule second security see seems sending sensitive sent september seriously service share should shouldn’t single sinks slides smoothly some source south stabbed stating stolen stories story strictly striving study submitted sure system systems taken tale talked tech tesla test testers testing tests texas than them then theory things third thorough though threats threw tick time tom too tools top topic traced trade trading transactions trump tsb tsb's tsla tuesday tune unable unavailable under unfortunate unknown usernames vallerius vendor vendors view vulnerabilities vulnerability want wanting war warming warned web webusb wednesday week weekend well what wheel which who whoever whole won won't won’t work world worth would write writeup written year yelled you're your
Tags Hack Vulnerability Guideline
Stories Bithumb Tesla Tesla
Notes
Move


L'article ne semble pas avoir été repris aprés sa publication.


L'article ne semble pas avoir été repris sur un précédent.
My email: