![BrakeSec Education Podcast artwork](https://is1-ssl.mzstatic.com/image/thumb/Podcasts123/v4/f0/95/3e/f0953e48-be1e-60df-72d5-c863223e4d75/mza_8232316433178170329.png/100x100bb.jpg)
2019-014-Tesla fails encryption, Albany and Sammamish ransomware attacks.
BrakeSec Education Podcast
English - April 15, 2019 03:55 - 50 minutes - 46.4 MB - ★★★★★ - 98 ratingsTech News News Technology cisa cissp legal pentesting podcasts application compliance computersecurity cybersecurity education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Announcements:
WorkshopCon Training with SpecterOps and Tim Tomes
www.workshopcon.com
redteam operations with SpecterOps
PWAPT with Tim Tomes
Source Boston: [Boston, MA 2019 (April 29 – May 3, 2019) (https://sourceconference.com/events/boston19/)Trainings: April 29 - April 30, 2019 | Conference: May 1 - 3, 2019
Cybernauts CTF meetup in Austin Texas at Indeed offices, 23 April at 5pm Central time.
https://nakedsecurity.sophos.com/2019/04/02/wrecked-teslas-hang-onto-your-unencrypted-data/
My last car sync’ed the contact list.
Video is a different story, but safety for the vehicle and owner, they’ll probably continue to store it.
Telemetry data is for changing road conditions, navigation, etc
Enable encryption at rest… or pop a fuse to scram the data when/if an accident is detected
Level of difficulty, no fuse, requires hardware upgrade
Encryption at rest, ensuring HTTPS on all incoming/outgoing.
Annoying “do you want notifications from this site?”
Like an annoying RSS feed… ‘Hey, we added a new banner ad!’
https://www.phoronix.com/scan.php?page=news_item&px=Linux-Improve-CPU-Spec-Switches
Why add the switches to allow vulnerabilities?
Slippery slope --disable-dirtycow?
https://www.wamc.org/post/details-still-few-city-albany-s-ransomware-attack
Threat intelligence and software detections…
Got an email… *Story Time from Mr. Boettcher*
Twitter: why do companies not allow copy/paste in password fields? Tesla