Liquidmatrix Security Digest Podcast

By Liquidmatrix Security Digest

The Liquidmatrix Security Digest Podcast - Information Security News and Commentary from Professionals.... more

· Technology

4.8

1313 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Liquidmatrix Security Digest Podcast:

How many episodes does Liquidmatrix Security Digest Podcast have?

The podcast currently has 137 episodes available.

Liquidmatrix Security Digest Podcast episodes:

May 14, 2013Liquidmatrix Security Digest Podcast - Episode 29
Episode 0x29 -- Not just CrO2, but now with Dolby
Does anyone read show notes?
So last week had a really annoying failure in the workflow that gets this podcast from a bad Skype conference call to your ears oh precious listener. In this case, it was the failure to apply the noise canceller magic. This means that if you downloaded the podcast from the time that it was posted until I overheard the Liquidmatrix Intern listening to the podcast, you got to hear all of the background noise from each recording. Including Wil's unfortunately loud Bermuda frogs. I can't promise that it won't happen again, mostly because so much of the production workflow is human-based and not automatically awesome like it could be. Sigh. I suppose all of those automation people can't be wrong. Or something.
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
But there are weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Microsoft YouTube app DERP
Bang with Friends Facebook glitch
APPLE MULTIFACTOR FOR TEH CANADAZ!!!!!
PayPal Exec vows to go thermonuclear on passwords.
Data breach leads to lots of many
Privacy Breach on Bloomberg’s Data Terminals
Breaches
In Hours, Thieves Took $45 Million in A.T.M. Scheme (also covered by Ars) (and the krebs)
Name.com got p0wned
SCADA / Cyber, cyber... etc
The police need an app for that
DERP
Saudi's tried to hire Moxie to spy on their citizens mobile app traffic
Briefly - NO ARGUING OR DISCUSSION ALLOWED
Troy Hunt on Clickjacking
Interesting note from David Seah on Procrastination.
Mainframes can be hacked and backdoored
Why certificate revocation doesn't work
Cory Doctrow talking about freedom, society, computers and the internet
Cmdr. Hadfield bids adieu to ISS with “Space Oddity” cover.
Government subpoenas, obtains wide set of AP phone records in investigation
Liquidmatrix Staff Projects
The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to [email protected].
The BSidesLV Ticket Give-away-
Three tickets up for grabs:
best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
best rap song about a major breach
best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to [email protected]
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James Training (with Rich Mogull) at BHUSA. Dave will be at Black Hat, DEF CON, Secure Asia. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel.
In Closing
Movie Review Big: All about authentication and authorization when biometrics won't work anymore.
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
Seacrest Says: This is ground control to Major Seacrest...
Creative Commons license: BY-NC-SA
...more
59min
May 09, 2013Liquidmatrix Security Digest Podcast - Episode 28
Episode 0x28 -- For Reals... it's here.
I SAID it's a weekly podcast
Life gets in the way of art. There's five of us, we are operating from 3 time zones and several of us have a whole lot more than just one job, and then parenting duties as well. This negatively contributes to the possibility of getting all of us together at the same time for a recording. We're trying to figure out what to do about it. It may be that we go for more frequent recordings of whomever is available and stuff together the rest of us when we can. Sigh. Or something.
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
There will be a DEEP DIVE
But there are weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Stonesoft bought by McAfee/Intel
How I got here: Hoff
Thotcon / BSidesChicago - Jericho says I did a good job
Is the U.S. Government Recording and Saving All Domestic Telephone Calls?
Systems manager arrested for hacking former employer's network
Breaches
Study: Utah Health Breach Could Approach $406M
The Onion Hacked by Syrians and the Onion responds
1 million dollars (Kreb's said "cyberheist" drink!)
SCADA / Cyber, cyber... etc
Many MANY sources: Your inability to understand Google Earth is entertaining
DERP
This time, the DERP is on us. With five schedules spread across 3 time zones and about 12 different jobs (not including parenting)... the Liquidmatrix Crew takes the DERP of the week. We promise we will attempt to get back on ye olde horse. Although it may be in the form of us no longer trying to have all hands on deck. What say you dear listener?
Hide a bitcoin miner in your code
vendor just called me, offered "a great solution for cyber defense by securing end points using DoD standards" #salesFail
Mailbag / Bizarro Land
Hey,
I'm stupid busy at work. Can't keep up. People know where I sit. The email. The phone calls. I'm trying to use the damn bathroom now. Please help?
SRSLYBizzay Secpro
DEEP DIVING - Productivity In The Security Hotseat
Interupt driven lifestyle for the win?
Rage Quit
Plan to be interupted - get in earlier or stay later than most of your co-workers
Use a trick to determine how much productive time you have (Carmack and his CD player)
Arrange a "cover" for the day
Emergent Time Planner & Task Order Up
kanban
Trello (free)
Lean Kit (not Free)
Atlassian (jira) Greenhopper ($)
Time Management for System Administrators
Trusted Systems
"Heroes are Zeroes" - Identify and Manage
Failure to document makes you a team liability
Briefly - NO ARGUING OR DISCUSSION ALLOWED
Notch says practice your typing skills
Cyber Observable Expression from MITRE
OpenBSD 5.3 Released.
Teacher 'powerless' to stop ex-girlfriend's cyberstalking
Liquidmatrix Staff Projects
The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to [email protected].
The BSidesLV Ticket Give-away-
Three tickets up for grabs:
best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
best rap song about a major breach
best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to [email protected]
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James Training (with Rich Mogull) at BHUSA. Dave will be at Black Hat, DEF CON (AMFYOYO), Secure Asia. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel.
In Closing
Movie Review Terminator 2: All your PINs belong in my Atari handheld HSM
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
Seacrest Says: She sells sea shells on the sea shore.
Creative Commons license: BY-NC-SA
...more
1h 5min
April 11, 2013Liquidmatrix Security Digest Podcast - Episode 27
Episode 0x27 -- Wednesday is the new Monday
It's the podcast that never ends
We've collected up something like 4 times more stories than we can use. We need to find a sponsor who will pay us to do this twice a week. Anyone got some money they're not using?
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
There will be no DEEP DIVE -- our SCUBA gear is in the shop
But there are weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Kim Jong Un needs a snickers!!!
Linksys Routers Screwed
Bitcoin dDoS destroy world economy... nah (also bitcoin social engineering) (and skype bitcoin mining malware bot)
Security BSides - Rochester
Windows XP Security Updates ending in one year IE6 Countdown Windows XP still maintains 39% overall market share.
Secrets of FBI Smartphone Surveillance Tool Revealed in Court Fight.
DEA Accused Of Leaking Misleading Info Falsely Implying That It Can't Read Apple iMessages
Breaches
Vudu resets user passwords after hard drives lost in office burglary
SCADA / Cyber, cyber... etc
NIST CyberSecurity Framework Recordings
Anonymous hacks DPRNK Twitter and Flickr
Anonymous launches massive cyber assault on Israel Israel says: "Anonymous doesn't have the skills to damage the country's vital infrastructure" And fixes things up so that Anonymous' C&C plays "Hatikvah"
USAF designates some of their software as CYBERWEAPONS
Apparently there are CYBER-WEAPONS in the Korean Conflict
Fast-Talking Computer Hacker Just Has To Break Through Encryption Shield Before Uploading Nano-Virus
DERP
Papa, m'entends tu?
French Government discovers Streisand Effect on Wikipedia (without actually looking up) The Streisand Effect
Interesting to note: The Wikipedia article on The Streisand Effect DOES link to the communication from WIkimedia Foundation.
IRS Doesn’t Deny Snooping Emails Without A Warrant
Dongle-gate - this makes it so much clearer
Mailbag / Bizarro Land
Subject:OMG, Arlen was right...
I thought Jamie was just whining about how bad Blackboard is, but now that I have to use it... IT SUUUUUUCKS. It feels like an application that was rather forward thinking for its time, assuming it was built in 1997!
I take it back. Anything coded in 1997 would be faster than Blackboard is today.
Would it be wrong of me to try to find flaws in this thing, to try to get them to make it less... suck?
Thanks,-Jim
Briefly - NO ARGUING OR DISCUSSION ALLOWED
Deutsche Telecom SOC big board
Ingress - check it out
Non-SSL active content on SSL pages is blocked by default in FireFox 18
Montreal police arrest a 20 year old woman after she posts a photo of graffiti to her instagram feed
The ATF Wants ‘Massive’ Online Database to Find Out Who Your Friends Are
Liquidmatrix Staff Projects
The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to [email protected].
The BSidesLV Ticket Give-away-
Three tickets up for grabs:
best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
best rap song about a major breach
best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to [email protected]
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James speaking at Thotcon, BSidesChicago, and Training (with Rich Mogull) at BHUSA. Dave will be at Secure Dusseldorf, Infosecurity Europe (including European Security Bloggers Meetup), Black Hat, DEF CON, Secure Asia. Matt speaking at Adelphi University Cyber Security Educational Panel.
In Closing
Movie Review Die Hard 4 - It's a blast. Seriously. Quick, there's a fire sale.
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
Seacrest Says: I have no mouth with which to scream
Creative Commons license: BY-NC-SA
...more
58min
April 02, 2013Liquidmatrix Security Digest Podcast - Episode 26
Episode 0x26 -- The First Rule...
Ministry of Information Bulletin: Liquidmatrix is a weekly podcast.
While we'd like to be able to say that the Ministry of Information is always correct, that would not necessarily be the case. The past few weeks of Infosec have certainly been interesting. The echo chamber is at an all time echo stratosphere and the daily slog of infosec professionals remains at an all time crappiness. Anyone want to join our "Infosec Anonymous" program? Perhaps we should go with a different name: searching "infosec anonymous" gives me about 210,000 results.
Upcoming this week...
Lots of News
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
THE DEEP DIVE
Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
To hack back or to not hack back The Grugg on Opsec for Hackers (how not get p0wned while p0wning)
The dDoS to end all dDosssses that almost broke the ENTIRE internet, then again maybe not, but maybe sorta it did
Uptime = 16 years = AWESOME. Feature parity with Netware 16 years later = STILL CAN'T HAVE IT.
FBI Pursuing Real-Time Gmail Spying Powers as “Top Priority” for 2013
SCADA / Cyber, cyber... etc
DHS Warns of ‘TDos’ Extortion Attacks on Public Emergency Networks
FERC U MAD BRO ???? (PDF)
Cyber Divers take Egypt offline (except it might have been a ship's anchor)
First time that it looks like actual details were stolen
The Reality of Attribution about Cyber Attacks
Cyber Security: The Digital Arms Trade
Cyber RFI for the Space Race
Fukushima Cooling Knocked Offline By... a Rat... that ended badly
DERP
Security hole allows anyone to reset an Apple ID with email and DOB
Mailbag / Bizarro Land
My official statement of begging for getting onto the Vegas party list. Thank you for your consideration.
Kris
Hello!
Any chance I can get a couple of tickets to the party? I'm an infosec "professional" from Vancouver BC. I've met some of you guys at various cons, Hope, Defcon, Derbycon.
thanks! Kevin
The Deep Dive - Security Awareness Training
Is Bruce ALWAYS right?
Briefly - NO ARGUING OR DISCUSSION ALLOWED
Is OwnCloud Good Enough?
Monitoring for humans
Pimp myself - Top 10 Web Hacks
Attempted child abduction thwarted when girl asks stranger for code word
Liquidmatrix Staff Projects
The Liquidmatrix Vegas Party- We threatened more news. There will be passes distributed. You can beg your way onto the list by sending an email to [email protected].
The BSidesLV Ticket Give-away-
Three tickets up for grabs:
best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
best rap song about a major breach
best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to [email protected]
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James speaking at Thotcon, BSidesChicago, BSidesRochester and Training (with Rich Mogull) at BHUSA. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
In Closing
Movie Review: Wargames
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
Seacrest Says: "I kinda really wanted to jump in and slam him!"
Creative Commons license: BY-NC-SA
...more
1h
March 22, 2013Liquidmatrix Security Digest Podcast - Episode 25
Episode 0x25 -- The one with ALL the cybers
We're not sure why this keeps happening.
As is the new normal around here, we've spent more time arguing about the show instead of actually doing the show. Add to that Dave's issues with (a)using a computer, and (b)having a decent ISP. It took a whole lot of goofing about to get this episode into the realm of "listenable". But hey, it's done now. Enjoy!
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
THE DEEP DIVE
Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Krebs gets whacked And does some digging
Forbes magazine internet thingy talks about cracking crypto (so does Sophos) (and a lawsuit on the use of RC4 - so another reason to stop using it)
Hacked retailers up in arms over $13 million 'fine', Visa lands up in court
It's Kali Time
MCMC probes The Malaysian Insider over spyware story
The Breach Report
Second Factor FTW
Philippines National Telecom Commission Defaced by Anon
CCTV hack wins gamblers $33*10^6 (cue Ocean's 11/12/13)
SCADA / Cyber, cyber... etc
You Say: Cyber. I Say: Unsubscribe
North Korea restores Internet access, blames US hackers
Queensland police to use surveillance drones to combat crime ahead of G20 conference
Federal Judge Finds National Security Letters Unconstitutional, Bans Them
NERC 2012 Annual Report (pdf)
Medical device hacking: The 6 lines of code that could bring down a hospital
US Cyber Command Admits Offensive Cyberwarfare Capabilities, Fundamental Shift In US Doctrine
U.S. Demands China Crack Down on Cyberattacks
Who’s Really Attacking Your ICS Devices?
DERP
EC-Council goes off the deep end
Mailbag / Bizarro Land
Question:
Anyway, anyway, guys guys guys, come on. I'm in this computer, right. So I'm looking around, looking around, you know, throwing commands at it, I don't know where it is or what it does or anything. It's like, it's like choice, it's just beautiful, okay. Like four hours I'm just messing around in there. Finally I figure out, that it's a bank. Right, okay wait, okay, so it's a bank. So, this morning, I look in the paper, some cash machine in like Bumsville Idaho, spits out seven hundred dollars into the middle of the street.
That was me. That was me. I did that.
Answer:
What are you, stoned or stupid? You don't hack a bank across state lines from your house, you'll get nailed by the FBI. Where are your brains, in your ass? Don't you know anything?
The Deep Dive - Security Research and the Law
Internet troll “weev” sentenced to 41 months for AT&T/iPad hack.
Briefly - NO ARGUING OR DISCUSSION ALLOWED
The Matrix in less than 600 bytes of JavaScript
Branching breach impact model
Top 10 Web Hacks of 2012 Webinar (Matt is hosting it with Jeremiah Grossman)
Hackers play Space Invaders on Belgrade billboard, get rewarded with iPads.
Microsoft to push Windows 7 Service Pack 1 to users starting March 19
Liquidmatrix Staff Projects
The Liquidmatrix Vegas Party- We threatened more news. There will be passes distributed. You can beg your way onto the list by sending an email to [email protected].
The BSidesLV Ticket Give-away-
Three tickets up for grabs:
best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
best rap song about a major breach
best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to [email protected]
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James speaking at Thotcon, BSidesChicago, BSidesRochester and Training (with Rich Mogull) at BHUSA. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
In Closing
Movie Review Hackers
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
Seacrest Says: Dave says "screw you Cogeco"
Creative Commons license: BY-NC-SA
...more
1h 15min
March 12, 2013Liquidmatrix Security Digest Podcast - Episode 24
Episode 0x24 -- The Robot Uprising
You'd think those worthless meatbag humans would be more respectful.
It looks like we will have a limited incidence of Robots in tonights episode. Of course, nothing in life can be ACTUALLY robot free. That's just silly talk. Also, pro-tip: make grilled cheese sandwiches in the George Foreman after making steak - better than butter.
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
THE DEEP DIVE
Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Pwn2Own: IE, Firefox, Chrome and Java go down ...and Adobe Flash, Reader and Oracle Java exploits Chrome hack details (threat post link) Thanks Ben!
Indian .gov puts bounty on botnet takedown
China's internet backbone will have security features (also censorship) (SAVA)
How Facebook Prepared to Be Hacked
Having the MD5 hash of "123456" is probably not the best way to store passwords in your publicly searchable code on github... /via Thierry Zoller. (also don't put your twitter oauth keys in github)
International Womens' Day - Don't forget Admiral Grace
Freeze All The Robots: Put Android ICS in the freezer to break crypto
Harvard sneaks through 16 Deans' email
Deja vote: Iran blocks VPN use ahead of elections
The Breach Report
Another bitcoin exchange gets p0wned
Ausie Ausie Ausia Bank Oy Oy Oy (Reserve Bank of Australia gets infected, then found out)
Pakistan .gov gets hacked
SCADA / Cyber, cyber... etc
Metasploit releases exploit module for Honeywell ICS that has a patch available
Formal Paper (pdf) from Ralph Langner Bound to Fail: Why Cyber Security Risk Cannot Be "Managed" Away
US Military Advisory Panel Says Nuke a Cyber Attacker
Reasons to depend on Kaspersky for ICS/SCADA operating systems -- EXCELLENT IPv6 STACKS
BP Fights Off Up to 50,000 Cyber-Attacks a Day: CEO
Cyberwar: you lack imagination
DERP
TELUS releases qualitive security survey (pdf link) - completely ignores science, math and proper research
Survival of the fittest: Some data-breach victims can't be helped - but they enjoy reacharounds
China points at USA and cries "you're stinky and mean"
Mailbag / Bizarro Land
Dear Dudes of the Liquid
I found a vuln when I was browsing a company's website with w3af? Should I report it?
Yimmy, Warsaw
Briefly - NO ARGUING OR DISCUSSION ALLOWED
From Space Rogue - The Infinite Daft Loop - productivity in a can
Play Donkey Kong as the Princess
Browser sec
Tripwire aquires nCircle
Click to play!!!!
Microsoft preps UPDATE EVERYTHING patch batch
Liquidmatrix Staff Projects
The Liquidmatrix Vegas Party- We threatened more news. There will be passes distributed. You can beg your way onto the list by sending an email to [email protected].
The BSidesLV Ticket Give-away-
Three tickets up for grabs:
best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
best rap song about a major breach
best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to [email protected]
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James speaking at Thotcon, BSidesChicago, BSidesRochester and Training (with Rich Mogull) at BHUSA. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
In Closing
Movie Review Moon (it's all about clones - BTW spoiler alert)
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
Seacrest Says: "Here's to a hoopy frood who really knew where his towel was." RIP Douglas Adams
Creative Commons license: BY-NC-SA
...more
1h 16min
March 07, 2013Liquidmatrix Security Digest Podcast - Episode 23
Episode 0x23 -- Post RSA Actual News
Recovery takes time. There has not been enough time.
There's really not anything significant to note off the top. There's much going on in the world of infosec. I wish that it weren't as true, but even with the wildness of RSA, the cybers never sleep.
You might want to stay until the end of the show to hear about a CONTEST and something even cooler...
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
THE DEEP DIVE
Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Miniduke is older than we thought (Miniduke tells time in China)
Cloudflare dDoS post mortem
Google services should not require real names: Vint Cerf
Oracle Issues Emergency Java Update
Wireless brain sensor pack. Future - here we come!
The Lightning Digital AV Adapter Surprise
When will we trust robots?
The Breach Report
Evernote Security Notice: Service-wide Password Reset Evernote hacked: Emails, encrypted passwords stolen But it's ok, there will be 2 factor auth someday Critics say Evernote breach was avoidable.
Envelopes mailed to 26k retired government employees in N.C. exposes SSNs
Encrypted laptop, casino reports belonging to federal agency stolen from rental car in Calgary
City of Owen Sound websites offline due to porn hack
SCADA / Cyber, cyber... etc
Information Assurance Certification Review Board: Certified SCADA Security Architect (CSSA)
NEWS TO NO ONE: SANS SCADA and Process Control Security Survey - the state of the industry is discouraging
Recent 10-Ks mentioning "cyber" incidents
Canadian Anti-hacking agency slow to learn about Chinese cyberattack
Symantec: work on Stuxnet worm started two years earlier than first thought
SCADA 'Sandbox' Tests Real-World Impact Of Cyberattacks On Critical Infrastructure
DERP
Jailed hacker allowed into IT class, hacks prison computers
Nearly Every NYC Crime Involves Cyber, Says Manhattan DA
Mailbag / Bizarro Land
Dearest Son,
Why do you people always talk about "the echo chamber"? What is the echo chamber for?
Love, Mom
Deep Dive -
Government Malware! discuss (Finfisher, Hacking Team)Zero Day Doc
Briefly - NO ARGUING OR DISCUSSION ALLOWED
Recon 2013 CFP opened
APT 1 goes back years
There's a vuln in sudo (yes, that sudo)
Quick and dirty pcap slicing with tshark and friends
Liquidmatrix Staff Projects
The Liquidmatrix Vegas Party- More news to follow
The BSidesLV Ticket Give-away-
Three tickets up for grabs:
best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
best rap song about a major breach
best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early.
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James speaking at Thotcon, BSidesChicago, BSidesRochester and Training (with Rich Mogull) at BHUSA. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
In Closing
RIP Stompin' Tom We'll leave a light on.
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
Seacrest Says: I'm drinking beer at HouSec bitches!
Creative Commons license: BY-NC-SA
...more
1h 12min
March 04, 2013Liquidmatrix Security Digest Podcast - Episode 22
Episode 0x22 -- RSA is almost over...
Yes, we all survived, but RSAConflu hurts
So, 4/5th of Liquidmatrix is hanging out at RSAC this week. And we are really tired and would like to go home. Voices are pretty blown so we apologize for channeling Mike Rothman. It's been an exciting week and… well… thank goodness it's over.
For this week's special episode...
Stupid Vendor tricks
BSidesSF + harrassment
Buzzword Bingo
Speed Dating
We Lost
I've got 99 problems and Rich ain't one
Brian "CyberPotato" Honan
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
No Notes due to SPECIAL REASONS
Liquidmatrix Staff Projects
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James speaking at Thotcon, BSidesChicago, BSidesRochester and secret coolness for Hacker Summer Camp in Vegas. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
In Closing
Movie Review: No Review
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
Seacrest Says: I came for the booth babes and stayed for the bacon licking.
Creative Commons license: BY-NC-SA
...more
57min
February 21, 2013Liquidmatrix Security Digest Podcast - Episode 21
Episode 0x21 -- In which we prepare for RSA
Are you ready for RSA? Packed 500 business cards and a spare liver?
There's oh so much to talk about. Things we need to talk about, things we really want to not talk about, things you don't want to hear about.
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
THE DEEP DIVE
Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Facebook unlikes being hacked (Ars Technica) (The Atlantic Wire) (NYT) (BH Consulting) (IBI Times) (Apple too) (watering hole located)
Dutch MP fined for hacking medical system
NASA makes an oopsy with its software update
Kaspersky says "Trust us, we're good with software"
McAfee responds to criticism of AV industry with OpsFail
Telecom NZ cancels 60k Yahoo Xtra passwords amid attack
Exclusive: The Burger King and Jeep Hacker Is Probably This DJ From New England
Obama says share!!!
The Breach Report
Mandiant. That is all.
Burger King twitter gets hacked
SCADA / Cyber, cyber... etc
Electricity Market 101 - SCADA isn't just about the electricity
Turns out all that airgapping was just theoretical
Cyber Medals for Cyber Warriors
DERP
MTV fakes their twotter account being haxored
Mailbag / Bizarro Land
Hi,
I just wondered if the Liquid Matrix team would be interested in commenting on the subject of Digital Forensics with Infrastruture-as-a-Service Cloud environments?
....
Adam Robson
Answer from the team:
No
Ben Rants
Ben Loses His Mind. Also, would you like a cheap certificate?
Briefly - NO ARGUING OR DISCUSSION ALLOWED
Securosis RSA Guide - 2013 Edition
HDCP is dead, really
Ronin
Punk Spider - a searchable reference for web app vulns
Magazine article on Chinese online takedown services gets taken down
RoboPlow
RoboSurgeon (warning - super gross - avoid)
Liquidmatrix Staff Projects
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: Ben, Matt James and Dave attending RSA. James and Dave speaking at RSA-e10+. James speaking at Thotcon, BSidesChicago, BSidesRochester and secret coolness for Hacker Summer Camp in Vegas. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
In Closing
Come find us at RSA!
Movie Review: Live Free or Die Hard (and you thought it was just a cyberwarfare training video)
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
Seacrest Says: Am I the only one that crapped my pants when I heard a meteor hit russia?
Creative Commons license: BY-NC-SA
...more
55min
February 13, 2013Liquidmatrix Security Digest Podcast - Episode 20
Episode 0x20 -- Can Dave count to 20?
Special Bonus Episode!
Since Dave (and a few select others) have problems with actually showing up to recordings, you'll be getting this episode about one day after the much maligned and completely screwed up Episode 0x1F. We are attempting to get back on track and do things the way they should be done. Or something like that. Also, Shmoocon!
Upcoming this week...
Lots of News
Breaches
SCADA / Cyber, cyber... etc.
finishing it off with DERPs/Mailbag and
THE DEEP DIVE
Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to [email protected] for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary
Password Dump stats for January 2013 and December for those curious
LA Post serving Black Holes
WaPo - ‘Fragmentation’ leaves Android phones vulnerable to hackers (some info on malware p0wnage)
NIST 800-53 Rev4 is in Draft read it, comment on it.
DHS declares 100 mile "4th Amendment Free" zone adjacent to US border
Kaspersky update hoses Internet access for Windows XP users.
Canadian Business Groups Lobby For Right To Install Spyware on Your Computer.
The Everyday Agony of the Password
Audacious Hack Exposes Bush Family Pix, E-Mail
The Breach Report
Bit9h got hacked!!!!
SCADA / Cyber, cyber... etc
Cyber Lobbists
SCADA for the home players - turn the Belkin Wemo into a deathtrap
Mailbag / Bizarro Land
Hi LSD crew...just finished 0x1E again and again, well done! Many thanks.
I am missing a bit the "central topic" what you had in earlier ones. What I mean is like in episode 0x14 about "Hardcore – Recovering from the Disaster you didn’t plan for" or "hiring". This was really interesting and gave some good insight. I understand quite a number of things are "common sense", but still, unfortunately quite a number (of the other?) things are not "common practice" and I think these need to be communicated.
Cheers guysThomas
Discussion - Keeping up with new technical developments
Because Thomas is a good guy, and he actually sent us an entire book of ideas, we're going to use one of them. Keeping up with new technical developments such as RFC 6797 HSTS and how to manage that along with everything else you're supposed to be doing as an information security professional. (Cue Dave talking about the value of CPEs in 3... 2... 1...)
Briefly - NO ARGUING OR DISCUSSION ALLOWED
If you permit USB keyboards or mice, you're permitting exfiltration
Log stash book!!!
Payment Card Industry clears up confusion over cloud use.
Dave was on TV. He has many monitors. He is an Internet Security Expert. (fortunately he's not a social media expert)
Not done yet: Oracle to ship revised Java fix on February 19
Jeremiah Grossman's Self Pwnage
Another RoR SQLi vuln
Liquidmatrix Staff Projects
The Security Conference Library
Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
If you're interested in helping out with openCERT.ca, drop a line to [email protected]
Upcoming Appearances: James and Dave at RSA e10+, also attending Shmoocon but not speaking, James speaking at Thotcon and Dave will be at RSA, AltSecCon, Secure Dusseldorf, Infosecurity Europe, Black Hat, Defcon, Secure Asia
In Closing
We're thinking about doing a live podcast with audience participation - drop us a tweet or a line if you're interested
Movie Review
everyday is CTF! go set up a team
Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
Seacrest Says: Seacrest Likes Vicodin. SRLSY (but who doesn't - yummy yummy vicodin.... tasty)
Creative Commons license: BY-NC-SA
...more
1h 1min

FAQs about Liquidmatrix Security Digest Podcast:

How many episodes does Liquidmatrix Security Digest Podcast have?

The podcast currently has 137 episodes available.