DiscoverHacker And The FedAuthentication Attacks, US Government Domains, and New Cyber Incident Disclosure Guidelines
Authentication Attacks, US Government Domains, and New Cyber Incident Disclosure Guidelines

Authentication Attacks, US Government Domains, and New Cyber Incident Disclosure Guidelines

Update: 2023-08-03
Share

Description

This week on Hacker And The Fed what authentication attacks might look like in a phishing resistant future, the SEC now requires companies to disclose cyber attacks, there are many more US government domains in the .com world than you might think, and other news stories from this week in cyber security.

Links from the episode:

What might authentication attacks look like in a phishing-resistant future?

https://blog.talosintelligence.com/what-might-authentication-attacks-look-like-in-a-phishing-resistant-future/


The Messaging Layer Security (MLS) Protocol

https://datatracker.ietf.org/doc/html/rfc9420


List of public government managed domains that exist outside of the top-level .gov and .mil domains

https://github.com/GSA/govt-urls/blob/main/1_govt_urls_full.csv


Top level domain operator wants out of the business

https://domainnamewire.com/2023/07/26/top-level-domain-operator-wants-out-of-the-business/


Network giants unite to fight security risks

https://www.networkworld.com/article/3703233/network-giants-unite-to-fight-security-risks.html


Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches

https://thehackernews.com/2023/07/cybersecurity-agencies-warn-against.html


Norwegian government IT systems hacked using zero-day flaw

https://www.bleepingcomputer.com/news/security/norwegian-government-it-systems-hacked-using-zero-day-flaw/

https://www.dss.dep.no/aktuelle-saker/departementer-utsatt-for-dataangrep/

https://www.wsj.com/articles/critical-infrastructure-companies-warned-to-watch-for-ongoing-cyberattack-76508d83


Satellites Are Rife With Basic Security Flaws

https://www.wired.com/story/satellites-basic-security-flaws/

 

Support our sponsors:

Go to hellofresh.com/50hatf code 50hatf for 50% off plus free shipping

Get your Hacker and the Fed merchandise at hackerandthefed.com


Get your Hacker and the Fed merchandise at hackerandthefed.com

Comments 
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
In Channel
Holiday Reflections: Cybersecurity, Careers, and Christmas Cheer

Holiday Reflections: Cybersecurity, Careers, and Christmas Cheer

2024-12-2645:32

Yahoo Red Team Layoffs, North Korea Infiltrating U.S. Companies, Data Breaches, and Protecting your Medical History

Yahoo Red Team Layoffs, North Korea Infiltrating U.S. Companies, Data Breaches, and Protecting your Medical History

2024-12-1947:04

Telecom Hacks, Ransomware Fallout, Encrypted Chats, and a Diss Track Challenge

Telecom Hacks, Ransomware Fallout, Encrypted Chats, and a Diss Track Challenge

2024-12-1246:00

DB Cooper, ExxonMobil & Corporate Espionage, and Ross Ulbricht's Potential Pardon

DB Cooper, ExxonMobil & Corporate Espionage, and Ross Ulbricht's Potential Pardon

2024-12-0544:55

A THANKSGIVING SPECIAL: Phishing Failures, Red Team Career Advice, and Cybersecurity Ethics

A THANKSGIVING SPECIAL: Phishing Failures, Red Team Career Advice, and Cybersecurity Ethics

2024-11-2847:12

Italian Hacking Scandal, NSA Best Practices, Insider Threats & a Former Anonymous Hacker?

Italian Hacking Scandal, NSA Best Practices, Insider Threats & a Former Anonymous Hacker?

2024-11-2140:19

We're Back!

We're Back!

2024-11-1429:46

The Colonial Pipeline Hack, the SEC's X Account, and Special Agent Aron Mann on Homeland Security and Cyber

The Colonial Pipeline Hack, the SEC's X Account, and Special Agent Aron Mann on Homeland Security and Cyber

2024-01-3101:33:38

A Train Hack, $80M Pig Butchering Scheme, and Greg Van Houten of Haynes Boone on the SEC's New Cybersecurity Disclosure Rules

A Train Hack, $80M Pig Butchering Scheme, and Greg Van Houten of Haynes Boone on the SEC's New Cybersecurity Disclosure Rules

2023-12-2101:25:30

The FBI Shares Tactics of a Ransomware Gang, a Ransom Payment Fail, and Cyber Law with Lance Taubin

The FBI Shares Tactics of a Ransomware Gang, a Ransom Payment Fail, and Cyber Law with Lance Taubin

2023-11-3001:24:17

The SolarWinds hack, North Korea IT Workers, Hackers Targeting a Data Company, and Listener Questions

The SolarWinds hack, North Korea IT Workers, Hackers Targeting a Data Company, and Listener Questions

2023-10-2601:25:00

MOVEit and MGM Resorts Hacks, U.S. Senate's Email System Melts Down, Cisco Can't Stop Using Static Passwords, and Listener Questions

MOVEit and MGM Resorts Hacks, U.S. Senate's Email System Melts Down, Cisco Can't Stop Using Static Passwords, and Listener Questions

2023-10-1901:24:49

Are Paying Ransoms Illegal? Ransomware Shuts Down a 158 Year Old Company, Fido2 Security Keys, and Hacktivist Rules

Are Paying Ransoms Illegal? Ransomware Shuts Down a 158 Year Old Company, Fido2 Security Keys, and Hacktivist Rules

2023-10-1201:14:42

Artificial Intelligence Doxxing in Viral Videos, Billions of Usernames and Passwords Exposed, and a HATF Contest

Artificial Intelligence Doxxing in Viral Videos, Billions of Usernames and Passwords Exposed, and a HATF Contest

2023-10-0501:12:12

Equifax Breach, a Hack of 27 Crypto Companies, and the Arrest of a Department of State IT Contractor

Equifax Breach, a Hack of 27 Crypto Companies, and the Arrest of a Department of State IT Contractor

2023-09-2801:13:06

Finding out our Relative is a Hacker, Working for the FBI, Prepping for a Technical Interview, and More Listener Questions

Finding out our Relative is a Hacker, Working for the FBI, Prepping for a Technical Interview, and More Listener Questions

2023-09-2101:10:52

Your Car and Your Sex Life, US Departments of State and Commerce Compromised, Iran and North Korea Hacking Crews, and Victories Over Russian Hackers

Your Car and Your Sex Life, US Departments of State and Commerce Compromised, Iran and North Korea Hacking Crews, and Victories Over Russian Hackers

2023-09-1401:05:21

The FBI's Operation "Duck Hunt" Takes Down a Botnet, NYC Subway Allows Users to be Tracked Online, and Why Chris Left the FBI

The FBI's Operation "Duck Hunt" Takes Down a Botnet, NYC Subway Allows Users to be Tracked Online, and Why Chris Left the FBI

2023-09-0701:29:19

Hacking Through a Fire Stick, a Danish Cloud Provider Loses all Their Customer Data, an Active Hacker Becoming a White Hat

Hacking Through a Fire Stick, a Danish Cloud Provider Loses all Their Customer Data, an Active Hacker Becoming a White Hat

2023-08-3101:29:06

Demystifying Internet Honeypots and Getting into Cyber Security with Andrew Morris, Founder and CEO of GreyNoise

Demystifying Internet Honeypots and Getting into Cyber Security with Andrew Morris, Founder and CEO of GreyNoise

2023-08-2450:44

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Authentication Attacks, US Government Domains, and New Cyber Incident Disclosure Guidelines

Authentication Attacks, US Government Domains, and New Cyber Incident Disclosure Guidelines

Chris Tarbell & Hector Monsegur