November 29, 2022

Episode 191 - DNS Attacks, Organizational Risk, Mastadon

Listen Later

55 minutes

Going into the final month of 2022, the dynamic duo graces us with their presence. It begins with discussion of DNS Attacks based on Kaminsky-style attacks spurred by research presented at DeepSec by Timo Longen of Sec Consult. Followed by a conversation straight out of Slack about considerations involving organization and technical risks, specifically how to incorporate technical risk into organizational risk ratings. Finally, everyone is moving to Mastadon, but maybe they shouldn't be. Code is open source and there have been more than one flaw already identified in the service, although AppMap also shows how to use their tool to review Mastadon's source to sink interactions.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Absolute AppSec

By Ken Johnson and Seth Law

4.9

1717 ratings

November 29, 2022

Episode 191 - DNS Attacks, Organizational Risk, Mastadon

Listen Later

55 minutes

Going into the final month of 2022, the dynamic duo graces us with their presence. It begins with discussion of DNS Attacks based on Kaminsky-style attacks spurred by research presented at DeepSec by Timo Longen of Sec Consult. Followed by a conversation straight out of Slack about considerations involving organization and technical risks, specifically how to incorporate technical risk into organizational risk ratings. Finally, everyone is moving to Mastadon, but maybe they shouldn't be. Code is open source and there have been more than one flaw already identified in the service, although AppMap also shows how to use their tool to review Mastadon's source to sink interactions.

...more

More shows like Absolute AppSec

Risky Business by Patrick Gray

Risky Business

363 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

633 Listeners

The Scathing Atheist by Puzzle in a Thunderstorm, LLC

The Scathing Atheist

3,189 Listeners

The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch by Harry Stebbings

The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch

512 Listeners

The Skepticrat by Puzzle in a Thunderstorm, LLC

The Skepticrat

1,979 Listeners

The Application Security Podcast by Chris Romeo and Robert Hurlbut

The Application Security Podcast

36 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,830 Listeners

Techmeme Ride Home by Ride Home Media

Techmeme Ride Home

944 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

72 Listeners

My First Million by Hubspot Media

My First Million

2,601 Listeners

Cautionary Tales with Tim Harford by Pushkin Industries

Cautionary Tales with Tim Harford

5,085 Listeners

People I (Mostly) Admire by Freakonomics Radio + Stitcher

People I (Mostly) Admire

2,114 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners

Critical Thinking - Bug Bounty Podcast by Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)

Critical Thinking - Bug Bounty Podcast

47 Listeners