October 16, 2012

Liquidmatrix Security Digest Podcast - Episode 12

1 hour 10 minutes

Episode 12 -- These are the Daves I know I know

He claims it's not his fault he missed an episode...

Yes, we're still doing a podcast. Lots of you listen. It's kinda awesome. We promise to be more awesome in the future.

And tonight, let us regale you with tales of:

Lots of News

Breaches

SCADAs

DERPs!!!

…and then our discussion topic - IDS IS DEAD

And if you've got commentary, please sent it to [email protected] for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

In this episode:

News

Capital One targeted in CYBERATTACKS

HTML5 Full Screen API Attack

Firefox 16 gets pulled (just like the goalie) - exploit follows in 24 hours

Lone packet takes out SS7 networks

FX beats up on Huawei at HITB

Myrcurial Complains: These Kids Today

High Court in the Philippines Suspends Contentious Internet Law

Panetta Warns of Dire Threat of Cyberattack on US

Breaches

Northwest Florida State College - 300,000

Facebook - everyone on the internet!!!!!!!

TD Bank (US - a subsidiary of TD Bank Canada) loses a tape IN MARCH!!!! - 260,000 records

Nationwide Address book Android app - 760,000 via @WeldPond

The SCADAs

LittleBlackBox is a collection of thousands of private SSL and SSH keys extracted from various embedded devices. Thanks @lmacvittie

What is Critical Infrastructure? A long twitter conversation on 2012-10-12 about the REAL rule-of-thumb criteria for what makes something critical infrastructure or not.

Errata

DERP of the week award: Samer Bishay said. “Network security lies ultimately with the service provider. So, if you can control your network well, then I don't see how any outside force could really override these controls.” (h/t @taosecurity)

Commentary

Foot In The Door - IDS IS DEAD

I can't even come up with notes. Just listen.

Hardcore - EXCEPT IT ISN'T

See above.

Mailbag / Bizarro Land

In Closing

Matt reviews “Trouble with the Curve” - was there any infosec in it, nope, ok then

We do research too - Ben's running a survey and will publish results. Check it out!

The Security Conference Library -- is a copy of the conferences amassed by @helpmerob and we’re adding more. If you’ve got pix/pdfs/slides/code/video of a security conference and you want to add to an attempt at the largest/bestest/least dickish security conference library -- send us a note (mailbag) and we’ll take your bits and file them. (NOTE: much is stored at http://myrcurial.com/conferences but you can totally trust that guy)

If you're interested in helping out with openCERT.ca, drop a line to [email protected]

A moment of silence for Amanda Todd, sadly a victim to online bullying

Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.

Upcoming Appearances: James at COUNTERMEASURE 2012 in Ottawa, Matt at AppSecUSA in TEXAS, Ben and Dave at HackFest in Quebec City, James at SecurityZone in Cali, Colombia

The Seacrest says “Oh My G-d, I’m falllllling, why won’t this parachute open!?!?"

Creative Commons license: BY-NC-SA

...more

View all episodes

By Liquidmatrix Security Digest

4.8

1313 ratings

October 16, 2012

Liquidmatrix Security Digest Podcast - Episode 12

1 hour 10 minutes

Episode 12 -- These are the Daves I know I know

He claims it's not his fault he missed an episode...

Yes, we're still doing a podcast. Lots of you listen. It's kinda awesome. We promise to be more awesome in the future.

And tonight, let us regale you with tales of:

Lots of News

Breaches

SCADAs

DERPs!!!

…and then our discussion topic - IDS IS DEAD

And if you've got commentary, please sent it to [email protected] for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

In this episode:

News

Capital One targeted in CYBERATTACKS

HTML5 Full Screen API Attack

Firefox 16 gets pulled (just like the goalie) - exploit follows in 24 hours

Lone packet takes out SS7 networks

FX beats up on Huawei at HITB

Myrcurial Complains: These Kids Today

High Court in the Philippines Suspends Contentious Internet Law

Panetta Warns of Dire Threat of Cyberattack on US

Breaches

Northwest Florida State College - 300,000

Facebook - everyone on the internet!!!!!!!

TD Bank (US - a subsidiary of TD Bank Canada) loses a tape IN MARCH!!!! - 260,000 records

Nationwide Address book Android app - 760,000 via @WeldPond

The SCADAs

LittleBlackBox is a collection of thousands of private SSL and SSH keys extracted from various embedded devices. Thanks @lmacvittie

What is Critical Infrastructure? A long twitter conversation on 2012-10-12 about the REAL rule-of-thumb criteria for what makes something critical infrastructure or not.

Errata

Commentary

Foot In The Door - IDS IS DEAD

I can't even come up with notes. Just listen.

Hardcore - EXCEPT IT ISN'T

See above.

Mailbag / Bizarro Land

In Closing

Matt reviews “Trouble with the Curve” - was there any infosec in it, nope, ok then

We do research too - Ben's running a survey and will publish results. Check it out!

If you're interested in helping out with openCERT.ca, drop a line to [email protected]

A moment of silence for Amanda Todd, sadly a victim to online bullying

Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.

Upcoming Appearances: James at COUNTERMEASURE 2012 in Ottawa, Matt at AppSecUSA in TEXAS, Ben and Dave at HackFest in Quebec City, James at SecurityZone in Cali, Colombia

The Seacrest says “Oh My G-d, I’m falllllling, why won’t this parachute open!?!?"

Creative Commons license: BY-NC-SA

...more

Share Liquidmatrix Security Digest Podcast - Episode 12

Sign up to save your podcasts

Liquidmatrix Security Digest Podcast - Episode 12

Liquidmatrix Security Digest Podcast - Episode 12