Sunday, April 14, 2019

2019-014-Tesla fails encryption, Albany and Sammamish ransomware attacks.

WorkshopCon Training with SpecterOps and Tim Tomes

redteam operations with SpecterOps

PWAPT with Tim Tomes


Source Boston: [Boston, MA 2019 (April 29 – May 3, 2019) ( April 29 - April 30, 2019 | Conference: May 1 - 3, 2019


Cybernauts CTF meetup in Austin Texas at Indeed offices, 23 April at 5pm Central time.


My last car sync’ed the contact list.

Video is a different story, but safety for the vehicle and owner, they’ll probably continue to store it.

Telemetry data is for changing road conditions, navigation, etc

Enable encryption at rest… or pop a fuse to scram the data when/if an accident is detected

    Level of difficulty, no fuse, requires hardware upgrade

    Encryption at rest, ensuring HTTPS on all incoming/outgoing.

    Annoying “do you want notifications from this site?”

    Like an annoying RSS feed… ‘Hey, we added a new banner ad!’

    Why add the switches to allow vulnerabilities?

    Slippery slope  --disable-dirtycow?

Threat intelligence and software detections…

Got an email… *Story Time from Mr. Boettcher*

Twitter: why do companies not allow copy/paste in password fields? Tesla

Here is a new episode of Brakeing Down Security Podcast!

No comments: