HELLO everyone! It was a very interesting show. And yes, I’m slowly but surely getting better. I think I’m actually feeling much better as it goes and I hope to continue this.
With this said, we had a hell of a show talking about passwords and the various articles that we have lined up for you to see about them in case you did not get them.
You’re input is always appreciated, so make sure you get your comments in. We give out contact info at the beginning, and contact info at some point during this 3 hour 54 minute show.
We recorded for about 3 hours, but we did have plenty of things to ponder with six files, two of which were Sans News Bites.
Hope everyone is doing well, and thanks so much for listening!
Here is the 215mb file. The actual file size is 214.99.
Now, without any further ado, let’s discuss by giving you the show notes, what’s on the show!
Welcome to podcast 177 of the Security Box. On this podcast, we seem to be on a password discussion, as lots of articles have come out in regards to the subject. Our topic even will include talking about passwords. We’ll also have things to ponder, possibly some morons, and a great time as always!
These notes are extensive, but may not link to everything talked about.
Password articles
Here are articles that might be talked about when it comes to the password discussion besides our main topic.We’ll link to our coverage, where the full article is linked if we blogged it.
- This seems contradictory, don’t use long passwords, use unique complex passwords
- Some of the dumbest passwords to use are …
- An update from last night’s post, the mother of all breaches and Cybernews reports the mother of all breache: 26 billion recordss go hand in hand, as I was looking for the article but found the video. This one is huge!
Other articles that could be discussed in news notes
Here are items that may be discussed. Just because it isn’t linked doesn’t mean that the team didn’t find it of value to bring out.
- Jason’s Deli owned, credential stuffing to blame also part of things to ponder
- Here’s an interesting item, it tells a story
- Sans News bites for January 26, 2024 also part of Things to ponder
- Sans News Bites for January 30, 2024
- In major gaffe, hacked Microsoft test account was assigned admin privileges
Things to ponder
Here are things that we recorded that you can ponder on. If blogs are up for them, we’ll link to those.
- Jason’s Deli has been owned by a credential stuffing attack. This affects less than 400,000 users, and Jason’s Deli will be making sure accounts who are affected are made well by refunding balances where appropriate if unauthroized purchases were made. The amount of data taken by this compromise is extensive including points, the last 4 digits of cards, name, location of restaurant and more. Here’s the blog post on Jason’s Deli if you’d like to read it. Its also in another section of these notes where the group may want to talk about it, and that’s fine.
- The video from Cybernews which is also linked in another section of these show notes. We also found the article which I wanted to read. Here is the blog post linking to the video if you’d like to watch it.
- Trend Micro talks about the best of 2023. There’s no posting here, as this comes from their channel.
- Sans News bites for January 26, 2024 also part of Things to ponder
- Sans News Bites for January 30, 2024
- Have I been pwned update recorded January 29, 2024
Our moron(s)
Mercedes, its your turn. Apparently, you had something open on your Github account. The thing is, you’re not the first car company to have issues, although you never said that there wasn’t a problem, you did fix it with Github assisting as well. A password is mistakenly published, source code, blueprints and more once at risk is the blog post where you can read more about this one. Good job, guys!
Microsoft, you aught to be ashamed of yourself. You decided to give a test account admin privelages, then let the account go to legacy status. Then, because its an administrative account, someone finds it and abuses your systems. Great job! Ars Technica has the complete details. In major gaffe, hacked Microsoft test account was assigned admin privileges is the article.
Password reuse
We haven’t blogged this at the time of these notes, but this is a good topic. The Perils of Employee Password Reuse comes to us from Lastpass and Amber Steel. Let us know what you think.
Supporting the podcast
If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.
Internet Radio affiliates airing our program
Our Internet Radio stations that carry us include Blue Streak Radio and International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.