We're sunsetting PodQuest on 2025-07-28. Thank you for your support!
Export Podcast Subscriptions
cover of episode SN 1002: Disconnected Experiences - 'Nearest Neighbor' Attack, Repo Swatting, the Return of Recall

SN 1002: Disconnected Experiences - 'Nearest Neighbor' Attack, Repo Swatting, the Return of Recall

2024/11/27
logo of podcast Security Now (Audio)

Security Now (Audio)
AI Deep Dive AI Chapters Transcript
People
S
Steve Gibson
网络安全专家和企业家,创立了多个影响深远的安全工具和播客。
Topics
Steve Gibson和Leo Laporte讨论了多个网络安全议题,包括中国制造的港口起重机中存在的安全漏洞,这种漏洞可能允许远程访问和控制,从而对美国关键基础设施构成威胁。他们还分析了最近邻攻击,攻击者通过入侵附近建筑物内的组织,利用其网络访问目标无线网络,以及一种新的“repo swatting”攻击,该攻击利用GitHub和GitLab中的隐藏功能来删除目标存储库。此外,他们还讨论了微软的“连接体验”功能,该功能默认情况下启用,并使用用户的Office文档内容来训练其AI模型,这引发了隐私担忧。 针对这些议题,Steve Gibson强调了记录所有内容的重要性,因为事后无法知道需要哪些日志,并指出大多数系统最终可以通过足够有动机和决心的攻击者入侵,绝对安全只是一种概念。他还讨论了Let's Encrypt十年来的发展,以及其在提高互联网安全性方面所取得的巨大成功。同时,他还分析了Palo Alto Networks企业防火墙中存在的严重零日漏洞,以及D-Link VPN路由器中存在的严重漏洞,并建议立即拔掉电源。最后,他们还讨论了Windows 11中重新引入的“Recall”功能,以及如何禁用该功能以保护用户隐私。

Deep Dive

Chapters
The 'nearest neighbor' attack by APT28 demonstrates how attackers can pivot through nearby compromised networks to breach a target's enterprise Wi-Fi network. The importance of logging everything to aid forensic investigations is emphasized.
  • APT28 compromised a nearby organization's network to gain access to the target's enterprise Wi-Fi.
  • Logging everything is crucial for forensic investigations and understanding network activities.
  • Storage costs are low, making comprehensive logging feasible.

Shownotes Transcript

  • What's the new "nearest neighbor" attack and how do you defend against it?

  • Let's Encrypt just turned 10. What changes has it wrought?

  • Now the Coast Guard is worried about Chinese built ship-to-shore cranes.

  • Pakistan becomes the first country to block Bluesky.

  • There's a new way to get Git repos "swatted" and removed.

  • Who's to blame for Palo Alto Networks' serious new 0-day vulnerabilities?

  • If you have any of these six D-Link VPN routers, unplug them immediately!

  • It turns out that VPN apps are against Shariah Law. Who knew?

  • The Return of Windows Recall. What are we learning now?

  • How many of today's systems remain vulnerable to last year's most popular exploits?

  • We share and respond to a bunch of terrific feedback from our listeners.

  • What are Microsoft's "Connected Experience" and why might you choose to disconnect from them?

Show Notes - https://www.grc.com/sn/SN-1002-Notes.pdf)

Hosts: Steve Gibson) and Leo Laporte)

Download or subscribe to Security Now at https://twit.tv/shows/security-now).

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit)

You can submit a question to Security Now at the GRC Feedback Page).

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com), also the home of the best disk maintenance and recovery utility ever written Spinrite 6).

Sponsors: