In The Weeds: InfoSec Round-Up September 20, 2017

Follow Casz's Fiction Farm on WordPress.com
We are getting closer to living in a Phillip K. Dick story.

Holy Moly, it seems like I’ve done nothing this week but read about new vulnerabilities and hack attempts and general InfoSec mayhem. While many are at #DerbyCon this week, I’m over here in Twin Peaks just trying to keep up with what I need to learn and remembering what I’ve already learned. I can see why when I talk to #InfoSec professionals many of them feel overwhelmed or that they are drowning in the river of keeping up.

This week I’d like to start by publicly sending condolences to the entire world for losing this hero. I have a vague memory of when this happened. I was in High School. Yes, I’m that old. Whatever. But, it’s stories like this that make me think that maybe my hope in mankind to do the right thing even after they’ve fucked up is not misplaced.

If you’re trying hard to stay healthy and using a FitBit — Be Aware of its vulnerabilities. I’ll say it again, whenever you’re on the internet, using the web, using the cloud, all of that, there are going to be vulnerabilities. You can’t absolutely protect yourself, but know your risk, at minimum. Please.

If you’ve downloaded or updated the CCleaner application in the last month, um, you’ll have an incident response regarding malware on your network to get to…so, um, get to it.

Oh to have the time on my hands to find these kinds of open doors:  PyPI Python repository hit by typosquatting sneak attack

For those both fascinated and terrified by Artificial Intelligence:  Humanoid robots ‘breakthrough’ as engineers create synthetic muscle that can lift ONE THOUSAND times its own weight

And if that’s not disturbing enough, we are our own worst enemy:  Infosec weakest links: Negligent employees and poor password policies

As in weeks past, feel free to leave a comment here about any of those articles. Let’s learn from one another. Okay, have pity on the noob and let me learn from you.

Have another great week InfoSec geeks. See you next week.

Leave a Reply