What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-06-22 13:00:00 | Things I Hearted this Week, 22nd June 2018 (lien direct) |
The Tesla Insider
Elon Musk sent out an email stating an employee had stabbed the company in the back like Brutus, changing production code, and leaking inside information. I'll admit that like many people who have talked about or written about insider threats in the past, I instinctively punched the air and yelled, "YES! I warned you but you didn't listen."
The incident is also notable for the impact it had on the company's share price which dropped more than 6% in trading.
"I was dismayed to learn this weekend about a Tesla employee who had conducted quite extensive and damaging sabotage to our operations, this included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties."
Insider threats defined | AlienVault
Tesla hit by insider saboteur who changed code, exfiltrated data | SC Magazine
Tesla sinks after Elon Musk says an employee conducted 'sabotage' and Trump ramps up fears of a trade war (TSLA) | Business Insider
Can't Fix Won't Fix, Don't Fix
Organisations cannot afford to view penetration testing as a tick box exercise. How should they mitigate the fact some vulnerabilities can’t be fixed, won’t be fixed, and in some instances, actually shouldn’t be fixed?
Can’t fix, won’t fix, don’t fix: Is it time for businesses to rethink how they action pen test results?| IT Pro Portal
On the topic of pen tests, check out Adrian Sanabria's presentation slides from RSA earlier this year on killing the pen test.
It's time to kill the pen test (PDF) | RSAconference
To add balance, and to convince you pen testers out there that I'm not a bad person who hates all pen testers, here's an awesome collection of penetration testing resources that include tools, online resources, books, courses, conferences, magazine...
Awesome Penetration Testing | Kinimiwar, GitHub
A Case Study In Bad Disclosure
Imagine you're a researcher and have found a vulnerability, you then disclose it responsibly to a vendor, then that vendor fixes the issue - but instead of sending the chopper over to you with a care package, they pretend like you didn't exist. Akin to Tom Cruise getting disavowed in every single Mission Impossible movie.
Then imagine that vendor submitted the vulnerability details to Google and received a bug bounty award to the tune of $5,000.
Then to top it off, they sat back in a massive reclining chair, threw their head back and laughed as they donated the full $5,000 to a good cause.
|
Hack Vulnerability Guideline | Bithumb Tesla Tesla | |
 |
2017-07-06 10:08:51 | Largest cryptocurrency exchange hacked. Over $1 million worth of Bitcoin stolen (lien direct) | Bithumb, one of the world’s largest Bitcoin and Ether cryptocurrency exchanges, has been breached resulting in the loss of more than $1 Million in cryptocurrencies after a number of its user accounts were compromised. We reached out to some of the world’s leading cybersecurity experts for their thoughts on this latest hack. Ben Hertzberg, research ... | Guideline | Bithumb | ★★★★★ |
1
We have: 2 articles.
We have: 2 articles.
To see everything:
Our RSS (filtrered)
