I see several "artisanal" podcasts I subscribe to have taken a break. I feel like it's time for me to do it, too. Doing a regular podcast, even one like this, takes effort.PhoneBoy Speaks Ep 1112: Something in the Air
Samsung is apparently requiring "personal information" to obtain software updates. What responsibility do vendors have to provide updates, and at what cost?
- Via a message board, here's one reason to not buy from @samsung Why do I need to give personal info to them?
Bots have been a problem on eBay forever insofar as auctions are voncerned, sniping and/or driving up prices. Guess I shouldn't be shocked people are also using bots to buy rate shoes…and resell them at a huge profit!
Links:PhoneBoy Speaks Ep 1110: Sneaker Buying Bots
Apparently some so-called next generation endpoint products were cheating, using VirusTotal to supplement their catch rates. Those vendors, who aren't contributing their engines to VirusTotal, have been cut off from using VirusTotal.
- A bomb just dropped in endpoint security… and I’m not sure anyone noticed – Alex Eckelberry
- VirusTotal Blog: Maintaining a healthy community
- Intel Security at RSA Conference: 'Competition Is Holding Us Back' - Fortune
I post a lit if stuff on social media. It occasionally comes back to me, this time in a good way.
Links:PhoneBoy Speaks Ep 1108: It Will Come Back To You
It shocks me that Windows XP is "still alive" in some form until 2019. Of course, there are plenty of other things you have in your environment that you can't patch...
- Malware and non-malware ways for ATM jackpotting. Extended cut - Securelist
- Windows XP Embedded Supported for Two or More Years -- Redmondmag.com
How can an organization be so unaware of what security tools they have they need someone's help to discover what they have? With more and more infrastructure moving to the cloud, how can they be?
Links:PhoneBoy Speaks Ep 1106: Cloudy Security
Yet another new social media tool has been launched, called Talkshow. It's like Periscope but in SMS. Texting in public.
- Talkshow is texting in public. — Talkshow — Medium
- Talkshow: We keep reinventing the wheel
- Talkshow: I did it anyway because I'm dumb
Man in the middle attacks aren't new. Especially on the phone network, which has only gotten easier has more of it has become wireless.
- Hackers spied on a US Congressman’s communication abusing the SS7 protocol —Security Affairs “Security experts eavesdropped and geographic tracked a US Congressman only using his phone number by abusing the SS7 protocol.”
Users know they should do something to protect corporate data, but they don't actually do anything to do so. Who's fault is that? Ours, as infosec professionals. We don't make it easy for people to do the right thing.
- Top 4 Ways Employees Compromise their Corporate Data via Cloud Services —Check Point Blog “Recent research by Gartner showed that “Through 2020, 95% of cloud security breaches will be the customer’s fault.””
- SecurityBrief NZ - Employees worry about security but don't do anything about it, survey finds