Sign up to save your podcasts
Or
Share Liquidmatrix Security Digest Podcast - Episode 65
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Liquidmatrix Security Digest Podcast - Episode 65
Episode 0x65
Ben and Matt Screw Up HTML
Thanks Matt-Dave, this is Ben-Jamie for episode 0x65 (82 for those of you not good with the hexa-ma-decimal) and we're down a bunch of peope tonight but that's okay because we're super committed (except Wil, he's doing who knows what somewhere). Tonight we've got a lot of news about vulns and then a brief stroll through the cybers, derps and mailbags before calling it a night. Hey Matt, what's in the news?
Upcoming this week...
- Lots of News
- Breaches
- SCADA / Cyber, cyber... etc.
- finishing it off with DERPs/Mailbag (or Deep Dive)
- And there are weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- glibc - Set fire to the rain
- Google's advisory on glibc vuln
- Cisco's firewall doesn't... you know... firewall and it's a pretty nasty vuln affecting millions of ASA deployments making it ripe for worm fodder. The vuln was discovered by Exodus Intel. Predictably the mass scanning started , and Qualys made some pretty good points about this vuln. Notably, Cisco has released an IDS signature back in November; but how does that help an admin who gets the alert. This mitigation probably didn't work.
- SCADA / Cyber, cyber... etc
- Fireeye vuln let's you whitelist malware
- Apple Encryption Bomb Dropped
- Trail of Bits Technical Deep Dive on Apple Encryption
- DERP
- Fake Download Buttons Be Gone!
- 3rd Party JavaScript in Major Banks Login Forms
- Mailbag
-
Hi-Di-Ho Have you thought about doing a livestream? Mr. Hanky
- Briefly -- NO ARGUING OR DISCUSSION ALLOWED
- Docker's Security Upgrades
- AWS Lambda WAF awesomeness
- Mimikatz defense
- Upcoming Appearances: -- more gratuitous self-promotion
- Dave: - RSA!
- James: - Nowhere - except for going to Seattle next week
- Ben: - Nowhere
- Matt: - RSA!
- Wil: - in his trailer between takes
- Other LSD Writers: - There is no Other Writers
- Closing Thoughts
- Seacrest Says: Eggplant 2 - Mother approved
Creative Commons license: BY-NC-SA
View all episodes
By Liquidmatrix Security Digest
4.8
1313 ratings
Episode 0x65
Ben and Matt Screw Up HTML
Thanks Matt-Dave, this is Ben-Jamie for episode 0x65 (82 for those of you not good with the hexa-ma-decimal) and we're down a bunch of peope tonight but that's okay because we're super committed (except Wil, he's doing who knows what somewhere). Tonight we've got a lot of news about vulns and then a brief stroll through the cybers, derps and mailbags before calling it a night. Hey Matt, what's in the news?
Upcoming this week...
- Lots of News
- Breaches
- SCADA / Cyber, cyber... etc.
- finishing it off with DERPs/Mailbag (or Deep Dive)
- And there are weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- glibc - Set fire to the rain
- Google's advisory on glibc vuln
- Cisco's firewall doesn't... you know... firewall and it's a pretty nasty vuln affecting millions of ASA deployments making it ripe for worm fodder. The vuln was discovered by Exodus Intel. Predictably the mass scanning started , and Qualys made some pretty good points about this vuln. Notably, Cisco has released an IDS signature back in November; but how does that help an admin who gets the alert. This mitigation probably didn't work.
- SCADA / Cyber, cyber... etc
- Fireeye vuln let's you whitelist malware
- Apple Encryption Bomb Dropped
- Trail of Bits Technical Deep Dive on Apple Encryption
- DERP
- Fake Download Buttons Be Gone!
- 3rd Party JavaScript in Major Banks Login Forms
- Mailbag
-
Hi-Di-Ho Have you thought about doing a livestream? Mr. Hanky
- Briefly -- NO ARGUING OR DISCUSSION ALLOWED
- Docker's Security Upgrades
- AWS Lambda WAF awesomeness
- Mimikatz defense
- Upcoming Appearances: -- more gratuitous self-promotion
- Dave: - RSA!
- James: - Nowhere - except for going to Seattle next week
- Ben: - Nowhere
- Matt: - RSA!
- Wil: - in his trailer between takes
- Other LSD Writers: - There is no Other Writers
- Closing Thoughts
- Seacrest Says: Eggplant 2 - Mother approved
Creative Commons license: BY-NC-SA