Sign up to save your podcasts
Or
Share Episode 29 - When You're With Your People
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 29 - When You're With Your People
Discussed Articles
1) NIST Declares Cyber War Against 2FA Via SMS
Did you enjoy that click bait title? I hope you did because in this week's episode we talk extensively about NIST's recent SP800-63-3 publication. According to Duo Security 2FA adoption is only at 6.5% on Google, so why are we fighting any kind of 2FA adoption?
* https://techcrunch.com/2016/07/25/nist-declares-the-age-of-sms-based-2-factor-authentication-over/
* https://pages.nist.gov/800-63-3/
* https://github.com/usnistgov/800-63-3
* https://krebsonsecurity.com/2016/08/social-security-administration-now-requires-two-factor-authentication/
* https://duo.com/blog/estimating-googles-two-factor-2sv-adoption
2) High Frequency Bug Hunting
A Mr. Shubham Shah spent 120 days hunting bugs in various different websites, services, APIs, and more. We talk about what this means for our community.
* https://shubs.io/high-frequency-security-bug-hunting-120-days-120-bugs/
* https://github.com/infosec-au/altdns
* https://github.com/infosec-au/assetnote
* https://github.com/infosec-au/bugbountydash
* https://bugcrowd.com/list-of-bug-bounty-programs
3) Braxton Goes To Blackhat and DEF CON
Braxton heads to the venerable security summer camp for the first time. We talk about his experience there, about OPSEC, hacker handles, and discuss which one he likes better and if he'll go back.
* https://www.blackhat.com/us-16/
* https://defcon.org/html/defcon-24/dc-24-index.html
View all episodes
Discussed Articles
1) NIST Declares Cyber War Against 2FA Via SMS
Did you enjoy that click bait title? I hope you did because in this week's episode we talk extensively about NIST's recent SP800-63-3 publication. According to Duo Security 2FA adoption is only at 6.5% on Google, so why are we fighting any kind of 2FA adoption?
* https://techcrunch.com/2016/07/25/nist-declares-the-age-of-sms-based-2-factor-authentication-over/
* https://pages.nist.gov/800-63-3/
* https://github.com/usnistgov/800-63-3
* https://krebsonsecurity.com/2016/08/social-security-administration-now-requires-two-factor-authentication/
* https://duo.com/blog/estimating-googles-two-factor-2sv-adoption
2) High Frequency Bug Hunting
A Mr. Shubham Shah spent 120 days hunting bugs in various different websites, services, APIs, and more. We talk about what this means for our community.
* https://shubs.io/high-frequency-security-bug-hunting-120-days-120-bugs/
* https://github.com/infosec-au/altdns
* https://github.com/infosec-au/assetnote
* https://github.com/infosec-au/bugbountydash
* https://bugcrowd.com/list-of-bug-bounty-programs
3) Braxton Goes To Blackhat and DEF CON
Braxton heads to the venerable security summer camp for the first time. We talk about his experience there, about OPSEC, hacker handles, and discuss which one he likes better and if he'll go back.
* https://www.blackhat.com/us-16/
* https://defcon.org/html/defcon-24/dc-24-index.html