Encryption Market Heating Up - ThreatWire
Вставка
- Опубліковано 31 тра 2024
- ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️
Support ThreatWire → / threatwire
@endingwithali →
Twitch: / endingwithali
Twitter: / endingwithali
Everywhere else: links.ali.dev
[❗] ThreatWire Patreon has moved to → / threatwire
0:00 Intro
0:10 - Encryption market is heating up
2:07 - Toddler Aged Malware Found
3:11 - Admitting to human error
4:08 - Outro
LINKS
🔗 Story 1: Encryption market is heating up
bughunters.google.com/blog/51...
www.bleepingcomputer.com/news...
www.bleepingcomputer.com/news...
www.nist.gov/news-events/news...
csrc.nist.gov/Projects/post-q...
thenextweb.com/news/zama-holy...
🔗 Story 2: Toddler Aged Malware Found
research.checkpoint.com/2024/...
arstechnica.com/security/2024...
arstechnica.com/security/2024...
🔗 Story 3: Admitting to human error
blog.knowbe4.com/88-percent-o...
thecyberexpress.com/cybersecu...
www.kaspersky.com/blog/human-...
media.isc2.org/-/media/Projec...
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. - Наука та технологія
Wait I’m Still at Toyotathon ,
I bet you are 😂
Lol
At least Hak5 removed the banner at 4:10…
I had to go back to understand what was going on.... I never read the tee-shirt.
@jamespifher, there was a banner?
As an information security professional I appreciate information about CVEs, latest attacks, etc. I'm also very interested in hearing about after-action reports for breaches. At the moment I'm most interested in breaking news about the UHC's Change Healthcare breach and especially how it happened.
+1 on all of this
I couldn't stop reading that shirt 😳
I'm sure that was entirely unintentional. I find the only way to watch those videos is with closed captioning on and the audio muted.
@@willstikken5619same
On gang bro 😂
Lol
If someone admits to NOT making mistakes at work, show them the door.
if someone says "We all dont know whats going on" as and excuse, show them the door 🤣🤣🤣
I disagree. Depends on the audience. If it is, their co-workers, then there is an issue with environment at work where they will be blamed and looked down on for making mistakes. If it is outside of works, they are boasting and definitely there is an issue there.
Analyst here,and a infosec enthusiast. I would like to hear more about latest exploits and tools popular in 2024
IT cloud team lead here, I like the quick summaries done on this channel across the board whether on general threat vectors to cloud operations or OS/Vendor/app level stories as they all are of interest in my domain. I'd say, in general, keep doing what you're doing. CVE and latest attacks being top of mind.
Fully homomorphic encryption would enable doing data processing (transformations) on the data without decrypting it. So, for example, you could send your encrypted data to a third party service provider to process your data and return the result without ever disclosing the data to that provider.
This has the potential to be as big or bigger than GenAI.
It's also an amazing advancement for application security vis a vis injection
is that like a zero knowlege proof ?
@@myname-mz3lo it's more complicated. A zero knowledge proof is being able to assert that a statement is true without revealing anything else. For example, proving that you know a password without revealing the password.
Homomorphic encryption is much more.
Imagine you give your encrypted financial information to your tax accountant and they can prepare your taxes for you without ever knowing anything about your income.
@@dragonwisard ohh wow that is amazing I must learn about it. I'm guessing it will enable new private block chains.
@@myname-mz3lo I've never heard a coherent argument for the existence of private blockchains. I'm sure someone will apply it to blockchains to swindle people out of their money, but I don't expect that will be the most interesting application.
Usually, labeled text is at the bottom of the screen…for some reason ,this one is almost mid screen
It was cold that day
@@nunezdynasty ha!
First off, love the shirt.
Second, for content I like a mix of current threats and stuff coming down the pipeline. I like the career tips too.
*love the tiddies
I think you like what the shirt contains.
I meant exactly what I said. I had hoped there would be more professionalism on a channel like this.
I’m a infosec “professional” what ever that means. So a lot of your focus on current threat landscape and your input is valuable since it gives me some additional points of view on things I may be missing
That is the nicest shirt I have ever seen.
BRO 😂😂
Retired B-52 flyer teaching Targeting to Cyber students, but have become so interested in the topic I started transitioning to Cyber by pursuing certs and another college degree (Cyber Security). Everything you brief is relevant, but I do like that you guys cover more than the standard threat stuff I find on other news channels (like this article on the Encryption market). By all means cover relevant and current threats but do keep covering topics beyond that as well please.
really glad you enjoyed the encryption market story! thought it was interesting~!
I was trying to move my head throughout, somehow thinking in my little brain that I'd be able to read the rest of your shirt, lmao. I've noticed that you're getting a lot more smother at reading the teleprompter and just talking in general. I knew it would just take time, and you're doing awesome! I currently am not working as I have been studying and preparing for the OSCP exam I sit for in a couple of days. Take care Ali!
this is a good reporting summary. I like your style
Thank you and everything you want to bring this way (news coverage) I want to hear.
Like what do you see as important? Which ones catch your attention?
Thx for the heads up on tuta. I knew about proton but not them 👍
Honestly i think most cybersecurity incidents are due to employees who couldn't care less about their employer
A fish rots from the head.
for companies employees are employee no. XXX in an excel sheet somewhere and companies couldn't care less and vice versa.
Employers give less than 2 shits about employees. It's a two way street.
This was great info, I’m studying for cybersecurity now and now I know I need to add cloud to my list of certifications. Thank you
Incident responder here.
I like the trends of attacks and I like hearing about new, novel attacks as well.
Statistical trends wouldn't be bad either.
You're doing fine as you did today. (Cybersecurity 4 years) Interested in: Top News as well as latest attack methods in detail with examples.
Thank you!
Working professional. Even if i know about a story I listen in anyways to see if i missed anything or sometimes threat wire summarizes things up better than I did so i can communicate with others better.
oh thats awesome! cool to hear
A good mix of stories us good.
Hobbies here , still like the security stuff 😊
this host is awesome. all your hosts have been awesome. happy fan and customer.
Keeping up with data breaches of popular companies is very useful. Keeping an eye on CVEs affecting popular widely used services or apps also helps. All of the topics contribute when you're working within the cybersec space. Information on the mitigations is very accessible but knowing all the events as they happen is the hard part as you only have so much time for it all. Then it becomes a matter of prioritising the Todo list.
i really like the way you said this - information on mitigations is easy to find, but theres too many things happening to know exactly whats happening. this comment definitely helps and gives a lot of food for thought!
As 15 year old student interested in cybersecurity, I love the content!
Yes, hopefully by the time you start working there will still be computers...
I used to work in I.T. and then I had an unfortunate accident and was left Paraplegic in chronic pain so I had to retire at the age of 42. Now I just focus on being up on the latest news so I can keep up on security and threats for me and all my family/friends.
im sorry to hear that happened, but glad you still come to threatwire to stay up to date!
@@endingwithali It does suck but nothing I can do but make lemonade with the lemons I was given in life. Glad you are settling in well to this new role with ThreatWire. I enjoy the videos hosted by you. Cheers!
I work on Tycho station, bulding ship... now to be honest I wont say we watch this because we interested into security, so we wont be saying who we are and what we do , from security point this would compromise personal information , maybe ask your patrons privately instead. Also I bet youtube already knows and there are statisstics for each video
I love your explanation style
SOC analyst. Love when you guys talk about new CVE's
I’m studying for a degree in networking and cyber security at the University of Hertfordshire. I like to Stay well informed. I have A+, AWS Cloud and Azure certs. Keep it coming ThreatWire.
Working in blockchain past half decade, at second protocol. Definitely took a couple years to feel confident.
You are doing good, growing in to the role.
If only she were growing better at it...
Good video. Well done.
The good news is also the bad news. We want more of everything.
always interesting. i never get tired to hear about microsoft cloud insecurity, thanks Ali
I'm probably late to this, but I'm a Cyber Security Analyst for a Federal Gov. MSP moving into Cyber Security Engineer soon. L
Latest attacks and threats, malware, fixes, etc. Our org experimented with quantum resilient cryptography has all had very low bandwidth 😞
Things we won't have to worry about adapting to be PQC: cats and dogs. Hi Baby! I hope you all have a great weekend.
we love baby~~~~~~
Cool update. Thanks.
I was just thinking... what if only one byte changes in the encrypted file, then good luck trying to decrypt it. There is no file that is immune to its binary being manipulated. Therefore rendering the encrypted data useless, until the byte order is restored. Am I making sense?
Both I work in IT but not on the security side, on the personal hobby enthusiasts side the security 100% interest me
Been a fan of Hak5 since the beginning, now I'm an Engineer that designs industrial IoT for critical systems. I like to stay up to date on anything security related, currently working to add PQC since like 2 years ago to existing systems. Threatwire is good for a quick overview of security related news. My favorite security show is Darknet Diaries where they interview actors involved in breaches on both sides (its a podcast and I can listen in car too). I've listened to 100% of that library. It can give insight to true root causes and ways to prevent them in system design, even when a 0 day is involved.
this is great insight - i had the chance to sit down with jack and record a podcast with him a few years ago. Great guy!
I'm a CIO with a MSc In Cyber Security with published academic articles. I worked in cloud environments for 10 years in both the medical and financial sectors.
I don't alway catch the latest breaches, so a weekly round up is nice.
Deep technical demonstrations, or explanations would be great to help reduce the time I spend doing research on malware and breaches.
Just wondering what kinds of topics you covered in your masters? I have a bachelors in comp science, with a lot of hacking certs .. it'd be interesting to know if there's any cross over .. thanks
@@camelotenglishtuition6394 I did three module on hacking. One of which was ethical hacking and deep diving into specific of a specific vulnerability. Another one was specifically around wireless communication, the ins and out plus hacking into them.
There was another module in encryption.
Beyond that, there was a governance module, and a risk module.
My dissertation was on detection and identification of malware using Deep Learning.
this is awesome to know - thanks for the content. definitely want to integrate and curate to get more advanced professionals back here and enjoying the content so this context is great to have!
I have a professional interest and really appreciate all the stories. Variety is good, but sometimes it is good to see that the more things change, the more they stay the same. :D
IT Support Tech. I dig the updates and curation.
Cybersecurity analyst. Any related security news are welcome especially when you explain the what and how and who got it and how it ended.
I work as a Science Lab Technician, but have always been a hobby geek, and currently looking for a career change into the cyber industry.
You're doing fine.
It manager and I don’t mind redundant stories because I’m adhd and I don’t always catch them the first time😅
lol your shirt is sweet
CEH and Cyber Security Analyst. Please cover CVE's and Zero Day threats. Thanks Alley! ❤🎉
I laughed for ten minutes straight. The neighbors came over to see what it was.
Thanks for the info beautifuuul 😍🤤
cybersecurity news and breaches and phishing campaigns and also cover some of the stuff from asian market as in cyber security stuff in asia
I spent the first year in the industry, just soaking it all in, currently consider myself “in the industry”, also expecting to hire on as a penetration tester within the year. so this content kind of scratches all of those itches. Thx for asking. 🍻
great context thank you!
I'd like more context. I can read a CVE, but further explanation on why it matters or how it was found is most interesting to me. Kind of sick of extreme edge cases grabbing headlines because they are novel methods, but not at all practical. Also any new laws or legal developments in the field are important to discuss.
computer scientist working in private sector , always been into security to hear what is happening in the scene since it keeps me on my toes better at work.
and baby is cuuuute!
im basically the same - backend engineer who loves security!
nice story, More A.I. please
She's real, have you seen AI avatar holding a dog!!
Former professional, currently a hobby. I still like to keep up on the latest. You're crushing it, by the way. Keep up the good work.
thank you!!!!
I love your channel 😐♥️
I think more attention needs to be paid to Dan Bernstein's attempts to FOIA the NSA and NIST over their denial of NTRU and NTRU-Prime while keeping Kyber. Them fighting FOIA means that the development of Kyber is NOT open, and there was no reason to deny NTRU that didn't also apply to Kyber.
Software Developer here, trying to stay abreast to what is happening out there. Not looking for UA-cam channel for developers already have a podcast where that is the focus. Just want a different perspective. Also, I like to hear about the vulnerabilities that affect me and my family as a user.
good to know! thank you!]
I'm a Security Professional. The two biggest security problems are: User's clicking things they shouldn't; That exception to best practice, because it will come back and bite you.
What I like to see is a bit of everything, so cherry pick what takes your fancy.
how can you call yourself a "Security Professional" and then say "Users click things they shouldn't". WTF imagine a surgeon saying, "I let the orderly do the surgery and when he messes up I try to fix it" LOL WOW
No you're not.
Thumbs up for the doggo.
3:32 88% Caused by people?! Woah woah woah, that'd be like AI training data being influenced by human alignment. I dooooont knoe...
Mac book - how to stay ahead the curve post utopia.
Architect/implementor for CS. I'm always looking for open source tools and knowledge on automation and threat intelligence. there's simply too much data and novel TTPs to cover for one person or small teams to cover without engaging absurdly expensive vendors
Holup... I love your shirt
Lobotomy ?? I only got a colonoscopy
😂
Home network administrator here... I don't know what I don't know & would want to know, but more indifferent animals are always good LOL
baby is SO indifferent about existence LMAOOOO
I like your shirt
I like the material despite redundancy
Nonsense. We don't even know what quantum computers are capable of. Not a single example of quantum supremacy has gone without challenge. VC's will throw money at a wet dog if you name it quantum. All that money is gone with the wind. Waiting on the exit payouts in 3, 2...
You're doing great, you just need to relax a little more
And hence we men of culture gather again here this time, to appreciate two big topics on cryptography 🎩
Told you that you would get it
Nice shirt.
Field service tech hospital industry... security cert but outsourced security team
Longer videos ~10-12 mins would be cool, maybe go further into the stories.
I think making more content about the modern hacker scene, conventions, new hackerspaces/makerspaces would be perfect. Definitely bring back the CVEs portion, kinda miss the "threat" part before talking about the wire.
this is great feedback! definitely want to make longer videos, however its just limited to my time right now for writing and producing threatwire. will definitely keep more of an an eye out regarding CVEs but would love do conversations with modern hackers at some point --- i have an idea!!!
major CVEs please
I love that shirt haha
System and network student trying to get up to date with the current technologies and threads.
I love her ❤️
The shirt 😂
Wow
I don't get the tshirt.
Five ways to celebrate Toyotathon.
Take a load off. ...
Go out for a nice dinner.
Yell it from the mountaintops. ...
Brag to the whole crew. ...
Have a party. ...
shirt is fire
Turnarounds
Question for people hak5. I have a pixel 3xl andriod phone just recently I can get sms message from apple, but not able to text back (the iphone does not get it at all, but if I send a MMS they get it.) 2 to 3 weeks ago there was no problem. Anyone else is having the problem. If you have andriod text your Iphone friends then wait 10 mins, and call them if they don't text you back.
I LOVE BABY WHAT AN ADORABLE CREATURE
BABY STAN ACCOUNT
Watching the vid for two big reasons
"2:14 damn it, I can't..
I straight up heard "bonerabilities"... I'll see myself out byyyyeee👋
Ali, I want more drama-llama news because nobody generates juicy group gossip better than active crews! It's cheesy but it gets those sweet sweet views like last years Lapsus$ scandals and the tor black market exit scams right now! LOLZ
Toyotathon got the good discounts lol
Ali leaning into her sex appeal.
is the tight shirt social engineering
HackRF One? it will come or NOT?
Let’s be honest these comments on the shirt are for more than just the words I mean NICE
Probably but I'll admit that part of the reasons I was staring is because of the words. I don't get the reference... does this mean I'm old and out of touch now?
@@centran aw no you’re not old and outta touch or anything like that . LGBTQ maybe but there’s a reason everyone loved the ‘shirt’ buddy and it’s not the words 😂😂😂
System administration & management, system design and system implementation of various systems used in the corporate space. Not everyone is in Cyber that watches this channel.
tbh im not either - im a backend engineer :)
Disregard haters, keep shining like only a Diamond can. ✨ Keep going! Side note, I hope you will cover more stories about dodgy spyware outfits that target civil society. Industry people might be able to make a difference here if they see your videos and escalate internally.