Liquidmatrix Security Digest Podcast

Liquidmatrix Security Digest Podcast - Episode 65

Listen Later

Episode 0x65

Ben and Matt Screw Up HTML

Thanks Matt-Dave, this is Ben-Jamie for episode 0x65 (82 for those of you not good with the hexa-ma-decimal) and we're down a bunch of peope tonight but that's okay because we're super committed (except Wil, he's doing who knows what somewhere). Tonight we've got a lot of news about vulns and then a brief stroll through the cybers, derps and mailbags before calling it a night. Hey Matt, what's in the news?

Upcoming this week...

  1. Lots of News
  2. Breaches
  3. SCADA / Cyber, cyber... etc.
  4. finishing it off with DERPs/Mailbag (or Deep Dive)
  5. And there are weekly Briefs - no arguing or discussion allowed

    6. And if you've got commentary, please sent it to [email protected] for us to check out.

    DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

    ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

    In this episode:

    • News and Commentary
      1. glibc - Set fire to the rain
      2. Google's advisory on glibc vuln
      3. Cisco's firewall doesn't... you know... firewall and it's a pretty nasty vuln affecting millions of ASA deployments making it ripe for worm fodder. The vuln was discovered by Exodus Intel. Predictably the mass scanning started , and Qualys made some pretty good points about this vuln. Notably, Cisco has released an IDS signature back in November; but how does that help an admin who gets the alert. This mitigation probably didn't work.
      4. SCADA / Cyber, cyber... etc
        1. Fireeye vuln let's you whitelist malware
        2. Apple Encryption Bomb Dropped
        3. Trail of Bits Technical Deep Dive on Apple Encryption
        4. DERP
          1. Fake Download Buttons Be Gone!
          2. 3rd Party JavaScript in Major Banks Login Forms
          3. Mailbag

            1. Hi-Di-Ho Have you thought about doing a livestream? Mr. Hanky

            2. Briefly -- NO ARGUING OR DISCUSSION ALLOWED
              1. Docker's Security Upgrades
              2. AWS Lambda WAF awesomeness
              3. Mimikatz defense
              4. Upcoming Appearances:  -- more gratuitous self-promotion
                1. Dave: - RSA!
                2. James: - Nowhere - except for going to Seattle next week
                3. Ben: - Nowhere
                4. Matt: - RSA!
                5. Wil: - in his trailer between takes
                6. Other LSD Writers: - There is no Other Writers
                7. Closing Thoughts
                  1. Seacrest Says: Eggplant 2 - Mother approved

                    2. Creative Commons license: BY-NC-SA

                    ...more
                    View all episodesView all episodes
                    Download on the App Store
                    Liquidmatrix Security Digest PodcastBy Liquidmatrix Security Digest
                    • 4.8
                    • 4.8
                    • 4.8
                    • 4.8
                    • 4.8

                    4.8

                    13 ratings