18 Burst results for "ZDI"

How Technology Will Shape the Future of the Aviation Aftermarket

Aviation Week's Check 6 Podcast

09:02 min | 1 year ago

How Technology Will Shape the Future of the Aviation Aftermarket

"Going to talk about. How data and technologies such as artificial intelligence will shape the future of the aviation aftermarket and drive it to new levels of automation delay the foundation? Let's start talking about the data piece and move onto how technologies can use it. John on Baker emo is undergoing digital transformation. How long will it be till it operates as a paperless great great question? Yeah well because we're we're on that journey it's started many may say gradual and one day we will suddenly realize that we have energy accomplished it. I I think we can take note a little bit of history where this has happened in industries where go back customization. Today's nineties as we had tons of paper in our offices and today we have very little. We have very little could civilized and they were driven by devices software. Technologies tackled set and use cases. They became very popular and then adoption was very very fast. So we got a similar situation. Here we got plenty of technology that can be applied to spice so we're not short on tech plus some of the new Applications of AI and machine learning are able to increase that velocity auditions. I is Asian so I think the answer is we're going to see certain use cases it will get very fast adoption. We probably got some regulatory steps standards. That still only to be established. But it'll be mother of necessity here not driving that digitization Ford and we're already seeing some of those use cases today. I mean I would argue. Although paper is still a strong John Currency enough to market will still looking at digital versions of that paper in other words because it up I think that will that will change over time in the paper will gradually go away and I think I think it's going to be you know a while papers with us for a while. I mean we have to think about when the the next kind of conversion of the kind of life cycle the new aircraft you know comes through before we're really going to be able to think about true paperless. I'm John Known as you. Well know to and you write about right. There are some places where we're seeing the paperless functions. And we've got a technology that we've been working with around. And you're taking data and digitizing it. We started in engineering. So this is more of a I article inspection can application where we can take a SPEC. We can run through night a engine it ingests. That's back then when a part comes in with the test package we we can match that up the engine matches. The two together looks for the connects between the spectrum. What came through in the test package where there's an anomaly? An operator is alerted. The operated end goes makes the Christians machine learning component which actually takes those corrections and learns from them for future. You'd think about how we might apply that into. The moreau ruined the services space in a similar way. We're going to start being able to get to a point where we can take the paper and start ingesting it and they're working some of that stuff out of its existence. But it's going to be a while. I'm not giving you a number my next question. You want to hear the years I do. I do so the aviation snapped. Market companies are all at different levels of leveraging their data and as they progress on this journey. What wisdom's can you share are to help them accelerate this? Let me start with that. One I think is really three things. The first one is really focusing on wor value. Improved interactions whether it's customers or suppliers internally with employees and and what the role of data can be and providing insights that can be to action so think about that first first. The second thing is to recognize that not all data are created equal right so you gotta identify the data that really matters to the job that needs to get done and then the third thing just keeping a very high level in simple. Here's don't forget about the pipes right. I mean you need good. Data architecture need good data governance. We we see a lot of effort into master. Data Management said the data becomes more useful. Otherwise data is just the next new shiny object that we start talking about. That's super important Of those points. Big Data quality in particular is. If we're thinking about a machine learning or even just pulling back from it and thinking about advanced scintillating if you don't have good quality dates are just you're simply going to be a disaster situation if you're going to try to just more dates than you don't have a solid foundation also very problematic so those topics like md a and governance which you know particularly appealing. Sometimes when you're trying to approve you have significant sum of money and technology to get it done yet. You do have to do some. Take some of those steps APPs you can't do it you know in phases Than the other one of the tip I would give people and I've seen a lot of people recently is get to know your your data. Are we talking about all of these transmissions and technologies. That's fantastic but so many people have never actually seen all of that. Data slogged away in legacy systems And usually the access might be limitation of that system or the tools they have to actually get to it so trying extract some of that put it into a modern bi. I till you're tableau. Japan will be Domos and get to know it. See whether you can start to draw inside because you know with the help of you know one one of you your data scientists so people understand that those that transformation is not that hard. You're only doing this a read. Only thing you're not trying to do a transactional fit but gets no your dates. That'll help you focus innocent. People do it. And it's absolutely enlightening. When it goes through this process that makes a lot of sense? The Vision after market is very fragmented and global often the same companies compete on some work and then cooperate the next day on other work. and that can complicate data sharing so does what tips do you have for that situation. Well there's two things that I'd like to talk about here first of all if you look at the situation today when we've got dozens of OEM. Cynthia ones hundreds of supplies hundreds of airlines. And you think about all the potential intimate connectivity. That can happen. We've got a complex problem. We do have some emerging solutions. You can look at skyways and other solutions like that. That are definitely attacking pieces as a part of this problem and we see a lot of people who are doing their own custom point to point integration. Zdi Type integrations yet. We're going to have to deal with the fact that if you aren't oem trying to create a new digital services solution Mavis a-plus ones what you've got. Maybe some unique in sulphur offering you are going to have to deal with this in the short term because we do not have the silver bullet just about to come over the horizon so thinking about some of them will moton data ingestion question and translation tools which dozens out there in the mall in the informatica tools and oracle and things like that. They really can help you in that endeavor endeavor that is as opposed to having people who are building solutions do custom programming for everyone it just it becomes too much you really do need to take advantage. Orange of those many of them. Running in the cloud They can be scaled They can be program to deal with the different formats. They can do some of the translation down so it can article so it it does it does make it Easier now having said that you know might call to Action is industry needs to act upon is to start to establish better mechanisms and solutions for data exchange better standards and established this connected ecosystem that I must guess almost every Oem Liam. I've talked to over the past year or so talks about but we have to come together. Installed make it happen. I don't think he's a one-size-fits-all I think the will be potentially multiple if these but why can't we establish some this technology some of these standards because we will need it. We won't push automarket Ford rapidly until we can overcome ova come this. We have to be in a shed data and take into account the fact that you know your airline customers in not always going to be automatically predisposed to sharing sharing wolf editor at all the secrets review so you have to take that into account. They have to have an ability to control what they're sharing ensure security understand. Understand what you're doing with it and that takes a lot of effort as well that doesn't has not rea- dates orange thing. That's a little bit more philosophical but we've got to embrace that and understand that and I'm trying to help support them from that perspective I think in the near term what we're seeing where it is is companies come together around critical mass opportunities right whether it's around a specific pruitt product or with a particularly 'em or some element in the services side in similar in my mind to what we've been doing for years. Engineering manufacturing side where you have companies as a partner on one program whether competing on another program and so figuring that out today without having the benefit of things. John's was talking about it. Takes critical mass opportunity. And there's a few of them out there that I've even read about your pages land.

John Currency Ford Japan Informatica Moreau Baker Editor Partner Cynthia Domos
"zdi" Discussed on Security Now

Security Now

03:10 min | 1 year ago

"zdi" Discussed on Security Now

"The prolific duo returned with perhaps their greatest challenge of the competition starting from within a VM ware workstation client, they opened Microsoft edge. And browse. To their specially created web page. That's all it took to go from a browser in a virtual machine client to executing code on the underlying, hyper visor, and I'll just stop for moment to to say do do. We realize how much that exploit would have meant to zero diem the they zeroed him would have moved heaven and earth to obtain that hack. I mean, you visit a page and you're running code on the on the on the hosting, hyper visor unbelievable anyway. ZDI Trend Micro continues. They started with a type confusion bug in the Microsoft edge browser then used a race condition in the windows. Kernel followed by an out of bounds right in VM ware workstation, so serious exploit chain, the masterfully crafted exploit chain earned them a hundred and thirty thousand dollars. So, you know, no, small potatoes, they're either and thirteen master opponent points. They now have command a commanding lead with thirty three points total and the two days of the competition. They've racked up a total of three hundred and forty thousand dollars as a result of their phenomenal work tomorrow. They will attempt to cap their week off with a successful demonstration in the automotive category. Then they the the the blow by blow continues the third attempt of the day had Nickless bum. Stark. Target the Firefox the Mozilla Firefox web browser. He used a just in time bug in the browser. Follow biologic bug to escape the sandbox in a real world scenario, an attacker could use this to run their code on the on a target system at the level of the logged on user, the successful demonstration earned him forty thousand dollars and four master opponent points, the final attempt for day to had Arthur gherkins of exodus intelligence targeting Microsoft, edge, the newcomer to pony own wasted. No time by using a double free bug in the render follow biologic bug to bypass the sandbox. His debut entry earned him fifty thousand dollars and five points toward master of poem. And they write that brings day to to a close we awarded two hundred seventy thousand. Dollars for nine unique bugs today, which brings the total the day to total to five hundred and ten thousand dollars..

Microsoft Arthur gherkins Nickless exodus forty thousand dollars thirty thousand dollars fifty thousand dollars ten thousand dollars two days
"zdi" Discussed on Risky Business

Risky Business

04:14 min | 2 years ago

"zdi" Discussed on Risky Business

"They can do their own research is well some fantastic work's being done by some of our people, Abdul ry, Jason spell, man, Simon soccer, broad, especially have just done fantastic work in the areas of Java script in adobe in apple, it's their their little frightening, but thankfully there people. So like I'm curious to given your roots as I, you know, as a company that has paid for bugs now bug bounties have become a thing. Has it ever good to the team that maybe they could stop raising money from software companies and soliciting bugs on their behalf? Sort of like a bug bounty program, but more for software, you know, is that as opposed to web properties and things. You know, the bug bounty platforms do birth, but it seems ZD is the one with the track record in that in that sub nation, I guess, is that everything tempting book Donnie as a service to sound a little bit sensing, but it's it's not a discussion that we've had. Quite frankly, we're staffed at a level right now where we don't have a lot of extra time to help others yet, but we're hoping to increase to get to that point. But nobody is a services interesting concept it, you know, hacker one bug crowd have their platforms that they use, but I think there's a value to be completely independent from the vendors it allows us to may be critical. Right? Like at allows you to guy full disclosure on Microsoft, which is something you've just done, yes or adobe or apple, or anyone else that we purchased bugs for, including Trend Micro if that were to arise. We haven't had to do that on trend yet. Funny actually, you know, it was eighty either. Announced the return of a very popular stride in researcher who's actually on the show lost week Silvio Chesnay who left the industry for a few years. Why back in the die in the reason that we knew that he decided to reenter the industry is because ZDI around up. End up buying a whole bunch of links kernel bugs and we like Silvio back. Well, let's create Lennox. Colonel is an area where we wanna see more bugs in open source products as well. So that's fantastic that he came back in fact, tasks came back to, so we're gonna switch it up a little bit. Now we're going to talk to Eric Skinner who's more on the on the actual, you know, trend trend, trend side of trend and look. One of the reasons we're doing this activity is because Eric, you'll launching the next full release of trends, flagship product. The endpoint endpoint software. To what extent is this an overhaul of your endpoint software? Is this complete ground up rebuild an innovation? Like, what can you tell us? Well, there's there's some fairly substantial changes and and one of the one of the major areas from an overhaul perspective is that we're bringing things that have traditionally been separate in point agents together into one package and. We didn't just tie on tape around the outside of of the existing agents. There's been a fairly lengthy effort to merge these things in in resource efficient way, and in a way that makes sure that these components were playing really well together. So that would be the core endpoint threat detection engines. That would be the virtual patching capabilities which benefit from some of the things we've been talking. But ZDI application white listing capabilities and our Eadie are capabilities. So not only are all of those things up graded, but we've pulled them together in one package because increasingly, we were hearing from customers, they wanted a an easier way to roll things out. They wanted it to be one package. They wanted it to easier to upgrade and so on. Industry industry trend at the moment because I of the van doors that we that we hear from here on risky risky is die. Mike, and even more diverse set of endpoint agents and they're trying to unify everything into a single agent. It makes so much sense because it's what customers want, and Mike selling makes cross selling easy event does. Right? So I think we're gonna see more of this. I think that everyone is is at some stage along this path..

Silvio Chesnay Eric Skinner adobe apple ZDI Mike Abdul ry ZD Microsoft researcher Donnie Simon soccer Jason spell Eadie
"zdi" Discussed on Risky Business

Risky Business

03:09 min | 2 years ago

"zdi" Discussed on Risky Business

"Mazing. We spent eight hundred thirty three thousand dollars on it, but to get that level of research acquired with a seventy two hour window. It's Donna shea, what's that's what I really like about it is, yes, we're getting bugs that we went normally normally see because of the higher prices, but we're getting a lot of them and it's all really, really good research. I mean it's not just proof of concept. It's full exploitation and some of the best bugs that I've seen have come out of this contest. So look, I reckon it is the stuff that gets dropped at at can't west in in, you know, point to iron. I mean, that's a lot of the best that you gonna say publicly, right? Because people are dumping like state of the art exploits onto my linguists anymore. No, they really aren't. And of course, I am biased, but I do think it is the very best that you're gonna see publicly in. That's kind of, you know, proven by how many talks at conferences after pound own our about pony research, either from the researchers themselves for people whose like what we saw this cone to own. So we did our own research on it, things like that. So I, I do think it's a very, it's an intense week for us because there's a lot of logistics that goes on putting the contest on, but it's it's really fun to look back on government. We got some really cool research out of this now because you've got, you've got two ends of the spectrum. You've got iphone zeroed is basically fully patched nexus. You know. Pixel pixel Android, dumb bugs, and that's, that's that's big headline stuff. But I'm wondering as a proportion of the bugs that you actually handle a most of them to most of them fall into that sort of middleware category. Yes, they do. Well, there's, there's a lot of different categories that fall into right now. One of the things that we're seeing the most of is actually bugs in skate assistance. We're seeing a lot of that. I think we're about the only ones who are really focused on that certainly from abounding perspective that we work a lot with ICS cert to get those resolved. The middleware stuff is definitely a big area and you know the the mobile stuff, we don't see as much potent Okeyo is coming up here in November. We've introduced in IOT category, so we'll see what happens with that because there's there's so many questions around IOT, t security, keep buying them without answering any of those questions. So it'll be great to see with that goes, that's going to be shooting fish in a barrel, man. Like, hey, that's gonna come down to who gets who has the coolest demo, I think is should win that one who can most artfully and hilariously exploit the ISIS and it'll be a lot of fun. The apple watch will there the Amazon echo in. Google home will be there. And then we've got a couple of cameras. Okay. So that's what you mean by OT. Right. So they like the more established, you know, perhaps more sophisticated devices that he's interesting. I'm. You recently just died. Microsoft, didn't you? Yes, we did just last Thursday. And what what was that bug? Was it serious. It is serious. It would be critical rated from Microsoft, and it's a remote. Could execution vulnerability in the Microsoft Windows jet that abates engine..

Microsoft Donna shea Google apple Amazon eight hundred thirty three tho seventy two hour
"zdi" Discussed on Risky Business

Risky Business

02:11 min | 2 years ago

"zdi" Discussed on Risky Business

"Right is that is the idea of actually having some sort of kind of sense. Funded bug bounty for enterprise software must factor into the thinking for you. Is that right? Dustin. It does in. Certainly we by bugs in Trend Micro products, and we get those fixed. We bugs in HP products would we were with HP. We had an awkward time they were. We actually Dade HP which is if you've never date your parent company, I recommend it. It's a lot of fun. Some very interesting phone calls that you get to have. I can imagine. But yes, so it's great that we set up a corporate body program, but like you said, if we can directory searches, well, it provides us a lot of insight beyond just what we're looking at and you mentioned the HP stuff. There's a lot of middleware that we see a lot of research into, but doesn't get a whole lot of attention. So we, we like to be that bridge where we can find that stuff in the the deli ABC's the the CISCO's, that sort of stuff. And by those and find the techniques being used air, not enterprises have that stuff and then forget about it because it just. It's all universally awful. Right? So it's a target rich environment. Knits. It's nice to. And it's nice to be reminded of that. Right? So I think I certainly see that's a really vital function for was Deanna, and I think it's really something that is happening anywhere else. And of course, then you've got to own which I mean, let's be honest. That's a marketing that is a marketing exercise, but it's, I don't know. Maybe that's a bit cynical because you do get to see some really awesome exploitation techniques that you wouldn't actually say unless ZDI I was posting such huge rewards saw. I don't know what to make of it. You know, the the, the cynic in me says it's marketing and the and the optimist in me says that it's a really great white at getting sought. Well, it's I think it's a little bit of both, but I don't think it's fair to think it's unfair to say, you know, there's a security theater going on here because we do have cameras there. Of course, we're producing stuff, but at the same time, you'll back to the tenth day diversity which was actually last year where we bought fifty two bugs in three days, just acquiring fifty two. Bugs. Three days is of.

HP Dade HP Trend Micro Dustin Deanna ABC Three days three days
"zdi" Discussed on Risky Business

Risky Business

03:15 min | 2 years ago

"zdi" Discussed on Risky Business

"ZDI is of course the entity responsible for the phone to own competition, but not just that they've been buying bugs since well, before it was cool. Let's put it that way. It'll like a bug bounty program before bug bounties, and I buy everything from bugs in enterprise software. Then expounds whatever you find doll by Trend Micro actually earns ZDI and there's a story right there in how that kinda poss that you hear about an minute up, but you know what trend seems. To be really behind the program. The original idea behind ZDI when it was a tipping point thing was so that I could ride IDS signatures for vulnerabilities ZDI on earth. Now, we know today that spinning up signatures for bugs you're paying for isn't really a winning strategy for picking up zero attempts against you computers. So the question becomes, what do you do with the program like ZDI when you Trend Micro? And as it turns out there are two things with it. There's the marketing side. I mean, it's it's golden marketing, but there's also a constant stream of exploit submissions that do coming quite handy when you making endpoint security software. So in this podcast will also be hearing from Eric skin. He's trends VP of solution marketing and yeah, trend is pushing a major release of its endpoint security software, and he's along to Spruch that in a little bit as well as chiming in on some of the stuff. So I started off his podcast by talking with Dustin child's ZDI about ZDI and we started off by recapping the history of that program. Here he is. So z zero day initiative was started really to enhance the internal research that was done by tipping point, which at that time was not owned by three com yet they would be purchased there shortly thereafter. So it was really formed for two things. We wanted to enhance our own research that we were doing. And then we wanted to make easy for researchers around the world to disclose their research and get financial rewarded for it as well as recognized if they wanted to be because it's funny, right? Because it's almost like it's almost like bug bounties before bounties, but not really. Right, but it was very much rewards for bugs model. Yes, it was a very similar sort of thinking in that first year we only disclosed one bug that in a coordinated manner in I was in a Dell backup system. And then the next year they went onto a cigarette sixty ish or so bugs the entire year. And then a two thousand seven was where we got involved with opponent own competitions. Well, at the can set conference in Vancouver. And then from there. Where it's just kept growing growing growing till now we're doing multi million dollar payouts every year, and we've had over a thousand eighty disclosure so far this year alone. So it's really grown from very small to where you are the world's largest vendor agnostic bug bounty program. But I guess you know the difference being that it's not the vendors who create the software who applying those bounties it's year, right? And that's what makes us vendor nonstick in the way we're able to do that is what we do is we take the information that we get from the external research in. We use it to make Trinh's properties better or to make tipping point Silter ser- to put that knowledge of what the research being done into our products to protect customers. So for us, if we buy a bug, our customers will get.

ZDI Trend Micro Eric skin Trinh Silter ser Dustin Dell Vancouver Spruch million dollar zero day
"zdi" Discussed on Security Now

Security Now

02:02 min | 2 years ago

"zdi" Discussed on Security Now

"Note attackers to execute arbitrary code on vulnerable installations of microsoft windows and at the moment that's all of us user interaction is required they right to exploit this vulnerability and before you go who turns out that that's the target must visit a malicious page or open a militias file so not a man so it's not like somebody can reach out from across the world into any window system but all it takes his going to a website which has leveraged this which means as soon as this that information about this gets loose it will be actively exploited because that's what happens with these things so in other words just allowing microsoft's java script engine to interpret java script code received from a visit to any website so that's on edge or internet explorer that's like my guess browsers while yes yes the flaw exists within the handling of error objects in java script they right and by performing actions in in script an attacker can cause a pointer to be reused after it has been freed an attacker can leverage this vulnerability to execute code under the context of the current process so the time line of this is interesting they posted it on their on their page on january twenty third they say zdi sent the vulnerability report to the vendor in this case microsoft on the same day eleven twenty one twenty three twenty eighteen the vendor acknowledged and provided a case number four twenty three so right ninety days later micro apparent i mean like to the day exactly ninety days later they microsoft apparently suddenly woke up and said.

microsoft zdi ninety days
"zdi" Discussed on Security Now

Security Now

03:00 min | 2 years ago

"zdi" Discussed on Security Now

"Now i have lost control head mike i'm pressing a button there we go yeah he's back ladies and gentlemen more steve gibson loops that's not you that's you like some fibonacci thing it was the serpent's ski triangle actually i'm learning how to you know i've been taking a coating course and this was an exercise in the coding course see this tiny recur sive function that's all it takes why it's almost as compact as a steve gibson assembly language program air cool now i'm stuck on it oh there we go okay back to you steve so when four months is not enough time to fix a bad bug back in little after the middle of january a researcher dimitri kaslow of tele space systems discovered a significant problem in microsoft's windows java script engine he responsibly disclosed it to trend micro 's zero day initiative to start the clock busy d i group dessert day initiative group responsibly notified microsoft on january twenty third and received a same day acknowledgement from microsoft then a week ago last tuesday may twenty ninth more than four months later zdi group decided to hold microsoft accountable for not patching this still unpacked serious remote code execution bug would exists in their java script engine they posted last tuesday their post was titled zero day microsoft windows java script error object use after free remote code execution vulnerability and we've talked about us after free problems the idea being that in languages which incorporate automatic garbage collection so that the programmer is not required to indicate when they're no longer using an object the system releases it but in some cases when mistakes are made you can still have a pointer to the object whose memory has been released and using that pointer the there are various ways to exploit that in order to get your own code to run which is what happened here they're they're posting says this vulnerability allows rem.

steve gibson dimitri kaslow microsoft programmer mike i researcher zdi group four months zero day
"zdi" Discussed on Beers with Talos

Beers with Talos

02:02 min | 3 years ago

"zdi" Discussed on Beers with Talos

"Definitely i will tell you one of the things that has always kind of i guess amused me is every time i've gone to a conference that they have like some type of o'day competition or like you know who has the latest exploit you know they have zdi thing or whoever whoever's put it on whoever has the zero day optician happening with their little magic blackbox in front of the room the headline inevitably coming out of that conference every time after the two that drives me nuts drives me absolutely insane well yes yes they did own this specific aspect of android in about thirty seconds with nine months actually that drives me nuts because then you meet these people who are like completely confident that that's a hackers worse and it's just like turn the csi and actually pick a damn book yeah it it is is to hike through the firewall craig i remember the one where they were in where they were using two hands like come on yeah holy crap i can barely type with just like myself like i have enough trouble i don't need somebody else mashing buttons that would not help at all when you when you see them do that and you need somebody on the keyboard and then somebody else trying to come in and pull their hands on the keyboard what are the typing which letters cause they like trying to press the same ones at the same time or you know it's advanced hacker team like the left half of the keyboard controls the left monitor the right half controls right monitor so you can go to get good just a blip on the keys we sound like my wife and like a medical thing comes on all she gives you complain about how like the to mask is upside down and like that's the wrong monitor it's plugged in backwards it would really kill the patient instantly seeing what do represented in any kind of film or tv as always i yeah i yeah how hard would it be.

thirty seconds nine months two hands zero day
"zdi" Discussed on Security Now

Security Now

01:39 min | 3 years ago

"zdi" Discussed on Security Now

"Yes yes right away so too so this year's winner succeeded in two instances and you'll be reading his name in a second richard and you pronounce directly i ju ju won the contest with twelve points for hacking edge and fire fox and took home out of that to sixty seven thousand one hundred and twenty of that but anyway i thought you'd get i thought our listeners get wet get a kick out of you sort of taking us through the competitions a lot i'm only going to do a few paragraphs i'll let you you do do the the real rest estate one the first day opponent own 2018 has come to a close and so far we've awarded one hundred sixty two thousand us dollars and sixteen points toward master of pony oh i love this today so two successful attempts one partial success and one failure in total we purchased three apple bugs to arco bugs three microsoft bugs and a partridge in a pear tree i added that the day oh i love this this is this play by plays pretty funny yes the day began with richard ju fluorescence targeting apple safari with a sandbox escape unfortunately he couldn't get his exploit jane working within the time allotted due to a failure in the heaps freight technique oh no despite this the bugs he brought to the contest was certainly interesting and were purchased through the regular zdi program i guess that's what we were talking about the right they give money even though he didn't do a right or they didn't worry wreck on daunted richard later returned to target microsoft.

apple jane fox microsoft richard ju
"zdi" Discussed on Security Now

Security Now

02:02 min | 3 years ago

"zdi" Discussed on Security Now

"I don't know don't know that quite cuts it but give them an a for coming up with the idea okay i mentioned that tomorrow march fourteenth is the first day of the twenty eighteen pony to own conference up in canada this is it's twelve annual competition we've been covering them since two thousand seven so leo probably for as long as the podcast has been going since that we're we're in our twelve year also and we've always we've had a lot of fun with opponent own conferences the results over the years this year there's five categories virtualization web browsers enterprise applications servers and microsoft that is at one of the co hosts along with vm ware this year a sponsor is hat is the the fifth category is a special microsoft windows insider preview challenge category where they actually they figure out what the s for windows ten s is actually supposed to stand for no i'm getting i don't know the main backer or the organizer is trend micro 's zero day initiative zdi and as i said the partners for the event or microsoft and vm ware as a consequence of them and other sponsors up to two million dollars in us cash and prizes will be awarded as it is huge it's getting significant microsoft offers a windows insider preview challenge that tests their latest prerelease offerings combined with their configuration on their hardware and the title master of poneman will be awarded to the team with the most points at the end of the.

canada leo microsoft two million dollars twelve year zero day
"zdi" Discussed on Security Now

Security Now

02:02 min | 3 years ago

"zdi" Discussed on Security Now

"I don't know don't know that quite cuts it but give them an a for coming up with the idea okay i mentioned that tomorrow march fourteenth is the first day of the twenty eighteen pony to own conference up in canada this is it's twelve annual competition we've been covering them since two thousand seven so leo probably for as long as the podcast has been going since that we're we're in our twelve year also and we've always we've had a lot of fun with opponent own conferences the results over the years this year there's five categories virtualization web browsers enterprise applications servers and microsoft that is at one of the co hosts along with vm ware this year a sponsor is hat is the the fifth category is a special microsoft windows insider preview challenge category where they actually they figure out what the s for windows ten s is actually supposed to stand for no i'm getting i don't know the main backer or the organizer is trend micro 's zero day initiative zdi and as i said the partners for the event or microsoft and vm ware as a consequence of them and other sponsors up to two million dollars in us cash and prizes will be awarded as it is huge it's getting significant microsoft offers a windows insider preview challenge that tests their latest prerelease offerings combined with their configuration on their hardware and the title master of poneman will be awarded to the team with the most points at the end of the.

canada leo microsoft two million dollars twelve year zero day
"zdi" Discussed on Security Now

Security Now

02:37 min | 3 years ago

"zdi" Discussed on Security Now

"Oh read right compromise from any unproved lodged user on all recent versions of mac os so that means if you run some code on your machine which you should not trust as a as well we which you should be able to trust as an unprovoked user relying on the os to prevent code you didn't write from abusing the implant the inherent trust um that code can do pretty much anything and wants to on your system so i didn't dig into this indepth but i did look at it closely enough to be very impressed with this two hacker i mean this guy really knows his stuff and there's absolutely no question in my mind that this is the real deal and legitimate i in in digging around more i found that he had jumped into a diet log about this over on why combinator um where he wrote he said i had actually submitted to this zdi this zero day initiative but i had written the exploit and right up in the first place mainly because he wrote i like hacking rather than for money i figured i'd see what offers i'd get any way but once i had spent all the time on the right up i mainly wanted people to see that and the amount offered wasn't enough to convince me otherwise he wrote i might have published this earlier even but my december was kinda busy first with the vortex exploit and then with the bed he he he wrote a through a three four c3 which of course was is the guy chaos uh convention which has just happened he said and an engineer from apple security team contacted me a bit after releasing they had found the bug a while ago so this was at news to them what i read a tour allies wasn't new to them he wrote but hadn't verified the subsequent patch which actually did not fix it and a while ago i tweeted this and he has has a link to some die some interaction with them so they do have people on it they meaning apple he said i also told that person to extend mike.

mac os engineer zero day apple
"zdi" Discussed on AP News

AP News

01:44 min | 3 years ago

"zdi" Discussed on AP News

"Owl population explodes and that more birds than usual will winter in place those where people can see them but it's tough to assess slamming population trends and remote areas although researchers hope to enlist native villagers to help it's mostly up to owls with transmitters for now for the ap i'm ron brown with ribbit the us government says its negotiated a significant caught in the united nations budget ap correspondent jackie quinn reports the us mission to the united nations has announced that the un's twenty 1820 2019 budget would be slashed by over two hundred eighty five million dollars it also said reductions would be made to the un's management and support functions the announcement doesn't me cleared the entire amount of the budget or specify what effect this cut will have on the us contribution us ambassador to the un nikki haley says the inefficiency and overspending of the organization is wellknown she says she will not let the generosity of the american people be taken advantage of i jackie quinn one of the actresses who played a member of the singing von trapps family that i deem 65 filmed the sound of music has died ap correspondent jackie quinn reports i fled floods i clean clean zdi that's actress heather menzies uric who played the we saw the third oldest of the seven bunch children featured in the film version of the watterson hammerstein musical she was sixty eight years old her son actor ryan your tells variety his mother had been diagnosed with brain cancer she died in ontario canada her husband after robert juric had died in two thousand two the.

ron brown us jackie quinn united nations un nikki haley heather menzies watterson hammerstein brain cancer robert juric ap ryan your ontario two hundred eighty five millio sixty eight years
"zdi" Discussed on Mason & Ireland

Mason & Ireland

01:43 min | 3 years ago

"zdi" Discussed on Mason & Ireland

"And they stay to love yeah a lot of the one loss team stayed in front of them and then on top of that tonight it's sixers versus lakers at staples center will talk about reciprocity lon lonzo ball and ben simmons in joel embiid and cayo kouzmanis some of the great young players in the league i know you took all that money to go to minnesota this portion of yet prevented by mira audiovideo bang and olsen best audio and video the world as to offer all under one roof only admire audiovideo mason an ireland michael thompson stabbing in here and michael i like me is a were the only to people in the station that emit were republicans i've often suggested in my it'll should be the prime minister of common sense i i know of no political party independent isaiah isaiah zdi zdi i will not i will not use a ever uh again in the name of the prison the united states on the air apply so michael don't ask him he won't get in dog the bubble heave you are in charge of this ucla thranked what how would you handle well i'm more of a humanitarian and obviously steve mason is and i surprising humanitarian humanitarian because you support you come across as a guy who's who's more forgiving and i understanding and we all know that these guys were idiots there was stupid you come any kind of adjective you want to throw in the right amount of you wanna use and say yeah they made a stupid mistake bobby broke the law fine there the publicly embarrassed everybody all of the story but i was suspended for half the season and that a plane saturday now you got caught for a crime tickets are i got caught for selami gay tech's excited knows against the rules excellently fullface value and you'll get to the god of four hundred eight hundred eighty bucks i lost eight games because of that eight games wwas on i will say that i would say is okay your son.

sixers lakers staples center joel embiid minnesota michael thompson prime minister united states bobby ben simmons cayo kouzmanis olsen steve mason
"zdi" Discussed on This Week in Tech

This Week in Tech

01:41 min | 3 years ago

"zdi" Discussed on This Week in Tech

"Admittedly a small sample but a i think a fairly large sample size and they say according to you know their customers their users it's the largest product launch in the company's history this is the graph the iphone eight may plus kind of one of the smallest product launches in the company history uh but the ifo ten even bested the iphone six which was huge because it was the first big iphone this who you know this is pretty significant do brian are those useful numbers you think of these i feel like slices use is useful um you know i have been in apple reporter in several years so i really don't remember but it is early scanning receipts or something yeah now yes that's how were i i think apple has disputed those metrics before like just from what i remember they don't lobbed down and i'm not sure if it's because there to accurate or if it if territory while the off of i do i do think that early orders are definitely a good metric for you know uh early adopter interests and just you know like an indicator of whether or not a product is very interesting tear technology enthusiasts you know i don't i don't know if it really tells us much about the longterm sure over the course of a year sure blind it definitely is addressing zdi fontane and so much excitement over it yeah well i uh i think uh three out of the four of us have one in our hands at bodies as still using his nokia 1050 but no nothing but uh i uh i i wanted to hate this phone i for the price for the attention it was getting i just wanted to hate this for i wanted to find something wrong with it i can't find anything wrong with it says so d used an emoji.

iphone brian reporter apple nokia early adopter
"zdi" Discussed on The Right Time with Bomani Jones

The Right Time with Bomani Jones

01:32 min | 3 years ago

"zdi" Discussed on The Right Time with Bomani Jones

"Can you imagine shannon if your dad was bundy brown because that's what i'm sorry to big is the deal of our now he's bundy brown they cubbies out their doors all the way it every top though matter what it is he is bundy brad he is the most optimistic man i've ever heard because everything he got to say about lonzo is glass halffull every single bit of it although i mean not that it was like a stiff criticism but there was criticism there right like you got to close every day and then zdi he doesn't seem to be that delusional about his son he doesn't seem to be there in other imagine too that he's probably in private more critical we'll have more suggestions for lonzo in his game then he let on with us probably probably that'd be essay shannon thirty seven over under john wall night forty yes absolutely all you these over avoided go forty yes you got to send a message i'm curious to see jesuit john wall does because the big things this man and i have watched the legacy you tell me if i'm wrong here but i've thought the big issue alonzo is going to be no one has to pay any attention to his jump shot yet but he does not have a credible jumper once he has a credible jumper i think a lot of things will change for him but he and job or of similar size john wall is a completely different calibre athlete from what i can tell from him like a charges speed in lateral quickness john walls provide something that lonzo ball has never seen before face to face i mean laws did have none for de'aaron fox.

the deal john wall alonzo shannon bundy brown
"zdi" Discussed on The Film Vault

The Film Vault

01:49 min | 3 years ago

"zdi" Discussed on The Film Vault

"Gave forgotten what the best use 3d i think of obscene okay you don't have any any ridiculous things that coming right actually like are felt like i was going to touch my that the end of larry antony please only via party to hide zdi franco's click fought to the as what the plank oblivion was a click derives came up hateful eight the nice guys are nice guys not that falls apart connolly turns in on episode of scoobydoo very unpleasant madcap of uh lucy was corrected speaking to lucas on little lucy right there do not hate that lucy bellec valeri and a whole lot more contain all you know perfectly hateful areas they'll much that i was actually ato at the lowest really out prepared i'm surprised i did get into alec dunkirk a little bit more now and a un annika thrown off the girl the train nocturnal animals fences hidden figures monster caused the split lego mad batman movie trainspotting spiderman trilogy limited edition collection that's a fucking shame thanks for like a through but now you own that the fate of the furious knock before as well as for a few dollars more hey thanks for clicking through everybody should i see the best tobey maguire movie ever i got an answer if you've ever seen at the top of my head of the taba as they spiderman to email stabile get don't waste your time relay on lies i doubt that but i also got email saying you got his family so i see biscuit i suppose is up there only one answer not center rules ride with the devil alka ride with the devil is all i want to answer saw about the civil war jeffrey right black i play basquiat gender at egli film by the way angry from interest jeffey right a fighting on the side of the south barely that happened yeah other were apparently that hassle white off.

zdi franco lucas lucy bellec valeri taba larry antony connolly alec dunkirk tobey maguire civil war basquiat