Welcome back to the Hurricane Labs InfoSec Podcast.
This is Episode .03: The "But Wait, Where's the Logjam Logo?" Edition, featuring Kelsey Clark (Marketing Person), Corey Ham (Penetration Tester), Tom Kopchak (Senior Security Engineer & Operations Team Lead), and Amanda Berlin (Network Security Engineer).
Listen in to this animated and informational discussion, for the latest InfoSec Hacks and Headlines, Hot Topic Talk, and What We're Arguing About this week.
ANNOUNCEMENTS
We are hiring! Looking for your next best IT career move? Apply with us today! Position openings include:
Network Security Operations AnalystsSplunk/Big Data AdministratorsSplunk Consultants
Ian Gillespie has published the first part of his new blog-screencast tutorial series. So, check it out:
Custom Error Viewing in Splunk Part 1: Listening for Search Events
Awesome job to Amanda Berlin for being featured in a CSO Online article. See what she has to say on the topic of Social Engineering:
Social Engineering: Even Shakespeare understood security's weakest link
Have you developed an impressive Splunk app? Enter the Splunk Apptitude App Contest for the chance to gain bragging rights for your innovation, along with some nice pocket change.
Enter the Splunk Apptitude App Contest
TOP INFOSEC HACKS & HEADLINES HOT OFF THE PRESS
Logjam Vulnerability Logjam Encryption Flaw Threatens Secure Communications On Web
NSA "Irritant Horn" Hacking Project NSA hijacked app stores to hack phones
NetUSB FlawNetUSB flaw leaves 'millions' of routers, IoT devices vulnerable to hacking
VENOM Bug The VENOM "virtual machine escape" bug - what you need to know
New Google Chrome Extension Google's latest experiment brings new superpowers to Chrome browsers
Washington Post HackedWashington Post Hacked by Syrian Electronic Army
Uber Plain Text Password Problem Uber in hot water again - this time over plaintext passwords in emails
TODAY’S HOT TOPIC TALK
Thanks to Logjam, we are diving into the topic of 'Encryption.'
During this discussion, we will be talking about tech giants urging the US government to retain strong encryption, how often should things and/or what things should be encrypted, whether or not encryption is going to be dead eventually, and more.
Amanda also gives a brief overview of her recent blog post about vsftpd (very secure FTP daemon). If you're interested in finding out more, take a look:
Dealing with the Dinosaurs of IT: Setting up vsftpd on Ubuntu
Other related articles:
Tech Firms, Activists Press US on Encryption When Encrypted Communication Is Not Good Enough6 questions to ask when choosing an encryption solution
READY TO ARGUE?
Question of the day: Are airplane hackers good or bad?
Aviation experts dispute hacker's claim he seized control of airliner mid-flight
Corey also suggested a Carnal0wnage article that does a good job describing 'stunt hacking.'Check it out:
Let's Call Stunt Hacking What it is, Media Whoring
UNTIL NEXT TIME!
If you have opinions on airplane hackers, or anything else we've discussed, join our conversation and talk to us on Twitter: @hurricanelabs