We air Microsoft’s dirty laundry as news leaks about their less than stellar handling of a security database breach, plus a fascinating story of deceit, white lies, and tacos; all par for the course in the world of social engineering, and we find out that so-called-smart cards might not be so smart, after it is revealed that millions are vulnerable to a crippling cryptographic attack & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

• HD Video
• MP3 Audio
• YouTube
• HD Torrent

RSS Feeds:

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Exclusive: Microsoft responded quietly after detecting secret database hack in 2013

• Microsoft Corp’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking group more than four years ago, according to five former employees, in only the second known breach of such a corporate database.

• The company did not disclose the extent of the attack to the public or its customers after its discovery in 2013, but the five former employees described it to Reuters in separate interviews. Microsoft declined to discuss the incident.

How I Socially Engineer Myself Into High Security Facilities

• A few months ago, a client had hired me to test two of their facilities. A manufacturing plant, plus data center and office building nearby.

• I scour profiles of employees who work at these facilities, and cross-reference them to other social media sites.

• This is not an advanced investigation. I’m not a private investigator and I don’t have the resources of the NSA. But I can do a lot of damage with simple methods.

• X could have saved the company a lot of heartache by simply verifying that I was who I claimed to be.

• I’ve been doing this job for a couple years now, and almost every job is a variant of this story. Very rarely do I go through an entire assessment without some sort of social engineering.

Crippling crypto weakness opens millions of smartcards to cloning

• Yubico not aware of any security breaches due to this issue

Millions of smartcards in use by banks and large corporations for more than a decade have been found to be vulnerable to a crippling cryptographic attack. That vulnerability allows hackers to bypass a wide range of protections, including data encryption and two-factor authentication.

At this time, we are not aware of any security breaches due to this issue. We are committed to always improving how we protect our customers and continuously invest in making our products even more secure.

Feedback

• Workaround for the WPA2 exploit – from Jonathan

• SNAPs for… Windows?

• Server Layout for Linux System with LXC – There is an interesting project kind of related to this idea called CloudABI – CloudABI for FreeBSD

• IT Land before time COMPUTERS THAT NEVER WERE Software Emulator for the Cardboard Illustrative Aid to Computationn

Round Up:

• Android getting “DNS over TLS” support to stop ISPs from knowing what websites you visit

• Mercedes handles the competition because it knows how to handle data, too

• IT TAKES JUST $1,000 TO TRACK SOMEONE’S LOCATION WITH MOBILE ADS

• Encryption chip flaw afflicts huge number of computers

• Canada’s ‘super secret spy agency’ is releasing a malware-fighting tool to the public

• Writing a Bootloader Part 1