Samy Kamkar - PoisonTap - https://samy.pl/poisontap/

RCMP want an iphone unlocker - http://www.cbc.ca/news/investigates/police-power-privacy-encryption-1.3856375

Discussion paper - https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/ntnl-scrt-grn-ppr-2016-bckgrndr/index-en.aspx

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x1E.mp3
Category:LSD_Television -- posted at: 5:18pm EDT

More Travels With Dave...

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x1D.mp3
Category:LSD_Television -- posted at: 10:34am EDT

Reporting on the infosec implications of Walt Disney World...

https://disneyworld.disney.go.com/
https://www.wired.com/2015/03/disney-magicband/

http://www.nytimes.com/1998/08/20/technology/roller-coasters-take-a-ride-from-wild-to-wired.html
http://www.rockwellautomation.com/global/industries/entertainment/overview.page
http://dsicontrols.com/amusement.html

Direct download: mini0x1C.mp3
Category:LSD_Television -- posted at: 8:50am EDT

Dave is actually alive. We have video proof.

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x1B.mp3
Category:LSD_Television -- posted at: 12:00pm EDT

No notes.

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x1A.mp3
Category:LSD_Television -- posted at: 12:00pm EDT

https://2016.pycon.ca/en/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x19.mp3
Category:LSD_Television -- posted at: 12:00pm EDT

Russian Hacker group responsible for DNC Hack is at it again - https://krebsonsecurity.com/2016/11/russian-dukes-of-hackers-pounce-on-trump-win/

Russian banks getting hit back by DDoS Attack - https://themoscowtimes.com/news/ddos-attack-hits-russian-banks-56077

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x18.mp3
Category:LSD_Television -- posted at: 12:00pm EDT

(Ben didn't do show notes)

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x17.mp3
Category:LSD_Television -- posted at: 11:00am EDT

MS16-137 - https://g-laurent.blogspot.ca/2016/11/ms16-137-lsass-remote-memory-corruption.html?m=1

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x16.mp3
Category:LSD_Television -- posted at: 6:46am EDT

Tesco was breached - https://www.google.ca/amp/www.bbc.co.uk/news/amp/37907441

The grugq on Security, Cyber, and Elections - https://medium.com/@thegrugq/security-cyber-and-elections-part-1-cd04de8ed125#.9dtgkxkut

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x15.mp3
Category:LSD_Television -- posted at: 6:43am EDT

http://www.mprnews.org/story/2016/11/07/npr-how-hostile-nation-could-disrupt-election

 

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x14.mp3
Category:LSD_Television -- posted at: 6:39am EDT

Nobody knew what CSIS was up to - http://www.cbc.ca/beta/news/politics/what-you-need-to-know-about-csis-metadata-1.3837104

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x13.mp3
Category:LSD_Television -- posted at: 6:35am EDT

Matthew Keys is in jail for not giving up a source - http://arstechnica.com/tech-policy/2016/11/speaking-from-prison-incarcerated-reporter-maintains-innocence/

Go Secure botnet analysis - https://gosecure.net/2016/11/02/exposing-the-ego-market-the-cybercrime-performed-by-the-linux-moose-botnet/

Blackhat EU talks - https://www.blackhat.com/eu-16/

getting root on wemos - https://www.invincealabs.com/blog/tag/wemo/

 

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x12.mp3
Category:LSD_Television -- posted at: 6:26am EDT

Quebec police spied on multiple journalists - https://www.engadget.com/2016/11/03/quebec-canada-cops-monitor-journalists/

Canadian intelligence agency gets hands slapped - http://www.cbc.ca/news/politics/csis-metadata-ruling-1.3835472

EMET EOL announced - https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x11.mp3
Category:LSD_Television -- posted at: 6:23am EDT

Typed JSON - https://tonyarcieri.com/introducing-tjson-a-stricter-typed-form-of-json

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x10.mp3
Category:LSD_Television -- posted at: 12:30pm EDT

http://www.cbc.ca/beta/news/canada/toronto/woman-toronto-police-database-unauthorized-searches-1.3830541

http://www.cbc.ca/beta/news/canada/calgary/gerard-brand-calgary-police-trial-breach-trust-1.3829644

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0F.mp3
Category:LSD_Television -- posted at: 11:14am EDT

Google talks about disclosing 0days - https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html

 

Finically regulator loses some records - https://www.engadget.com/2016/10/31/us-comptroller-data-breach/

 

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0E.mp3
Category:LSD_Television -- posted at: 1:50pm EDT

I need a new computer. Or maybe I just want one.

  1. Owen Williams writes on Medium Apple just told the world it has no idea who the mac is for and I'm not entirely sure I disagree.
  2. Rui Carmo lamenting the state of the macOS ecosystem and talking Elementary IO.
  3. Touch bar is cool. I think it might work, but a fully reprogrammable awesome Sonder E Ink Keyboard or the 9.7" retina touchscreen would've made more sense.
  4. Despite having no hardware upon which to test... here's someone's attempt at sudo-touchid with a minor caveat :(
  5. And if you're a student - here's a nice deal JetBrains Developer Tools

Tomorrow I'm leaving this up to Ben, I'm not a morning person.

 

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0D.mp3
Category:LSD_Television -- posted at: 7:00am EDT

Good morning!

Coming to you live from O'Reilly Security in NYC. Well, the breakfast buffet anyways.

  1. Great 101 article from Ars Technica How security flaws work: SQL Injection
  2. The always eloquent friend of the show / my friend Violet Blue cuts to the bone with the awesome phrase "Infosec smarty-pantses" in her article on That Time Your Smart Toaster Broke The Internet Note that @gattaca's toaster doesn't obey him either
  3. Twitter does dumb shit again and pisses off long term users Hiding Usernames In @Replys
  4. DMCA exemption list finally updated and has a great list covered exemptions from The Register

Tune in tomorrow for a SPOOOKY story from me still in NYC.

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0C.mp3
Category:LSD_Television -- posted at: 1:30pm EDT

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0B.mp3
Category:LSD_Television -- posted at: 4:04am EDT

Australia's Blood Service's exposed lots of personal data - https://www.troyhunt.com/the-red-cross-blood-service-australias-largest-ever-leak-of-personal-data/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x0A.mp3
Category:LSD_Television -- posted at: 9:36am EDT

Machine Learning Appsec testing - http://www.slideshare.net/babaroa/code-blue-2016-method-of-detecting-vulnerability-in-web-apps

Mozilla doesn't trust Ernst & Young audits of CAs - https://blog.mozilla.org/security/2016/10/24/distrusting-new-wosign-and-startcom-certificates/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x09.mp3
Category:LSD_Television -- posted at: 11:55am EDT

UNENCRYPTED SCADA PAGERS!!! http://arstechnica.com/security/2016/10/nuclear-plants-leak-critical-alerts-in-unencrypted-pager-messages/ (watch Jamie and Dave's head explode when they read that)

MS threat modelling tool - https://www.microsoft.com/en-us/download/details.aspx?id=49168

 

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x08.mp3
Category:LSD_Television -- posted at: 9:37am EDT

Yet another - this is LSD TV mini0x07.

Talking about the Defense again.

Oh, and Ben's got a link for you - http://mooc.fi/courses/2016/cybersecurity/

Direct download: Liquidmatrix_Security_Digest_TV_mini0x07.mp3
Category:LSD_Television -- posted at: 12:40pm EDT

Hangzhou Xiongmai recalls IoT devices - http://www.reuters.com/article/us-cyber-attacks-manufacturers-idUSKCN12O0MS

Comodo CA relies on broken OCR and issues certs incorrectly - https://bugzilla.mozilla.org/show_bug.cgi?id=1311713

Using Rowhammer on Android - http://arstechnica.com/security/2016/10/using-rowhammer-bitflips-to-root-android-phones-is-now-a-thing/

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x06.mp3
Category:LSD_Television -- posted at: 12:27pm EDT

Hyper scale defenses (https://youtu.be/90kxsEOSZQ8), scaring the Russians (http://www.cbc.ca/beta/news/technolog...) and rigged elections in the Philippines (http://thestandard.com.ph/mobile/arti...) -- turns out its very old news which popped up in my news feed and I can't read dates

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x05.mp3
Category:LSD_Television -- posted at: 5:28pm EDT

Mini episode #4: crazy TLDs and DDoS on Dyn.

https://twitter.com/kpyke/status/789156391726387200 https://www.dynstatus.com/incidents/5r9mppc1kb77 https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/amp/
https://youtu.be/90kxsEOSZQ8

Direct download: Liquidmatrix_Security_Digest_TV_-_mini0x04.mp3
Category:LSD_Television -- posted at: 11:43am EDT

Friday's episode of the new Liquidmatrix Security Digest TV minis, Ben Sapiro talks Yahoo! and Boards of Directors and Linux privilege escalation and Wikileaks and HE JUST KEEPS TALKING. 

Direct download: Liquidmatrix_Security_Digest_TV_mini0x03.mp3
Category:LSD_Television -- posted at: 10:40am EDT

The SECOND episode of the new Liquidmatrix Security Digest TV minis, Ben Sapiro talks data exfiltration.

Direct download: Liquidmatrix_Security_Digest_TV_mini0x02.mp3
Category:LSD_Television -- posted at: 10:31am EDT

In this first episode of the new Liquidmatrix Security Digest TV minis, Ben Sapiro walks you through SecTor 2016.

Direct download: Liquidmatrix_Security_Digest_TV_mini0x01.mp3
Category:LSD_Television -- posted at: 10:28am EDT

Television Episode 0x03 -- SecTor Interviews The Third

NFC with Charlie - IT'S MILLER TIME

Back again again - An interview with Charlie Miller at Sector during which you may want to hold your phone tightly in a tinfoil hat of it's own.

If you don't know the name Charlie Miller - you should head over and read his Wikipedia Page first and then come back and watch the video. Charlie has been doing some cool things with NFC on phones. He's goooooood at messing them up using only a passive NFC tag! You'll learn something if you pay attention, I swear.

There's more of these in the queue. Tell us what you think or what you'd like to see.

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones/cover the screen if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

Creative Commons license: BY-NC-SA

Direct download: LSD-TVEp0x03-med.m4v
Category:LSD_Television -- posted at: 9:24pm EDT

Television Episode 0x02 -- SecTor Interviews The Second

A Full Dose of Rothman

Back again - and understand that we're serious this time.

Attempt to not learn something as I interview Mike Rothman (@securityincite), Analyst and The PRESIDENT of Securosis. Please try to pay attention. There's an awesome amount of information in there.

There's more of these in the queue. Tell us what you think or what you'd like to see.

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones/cover the screen if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

Download the m4v

Direct download: LSD-TVEp0x02-med.m4v
Category:LSD_Television -- posted at: 12:49pm EDT

Television Episode 0x01 -- SecTor Interviews The First

Video even - inorite!

We gave you a warning and then didn't follow through, so we understand the confusion. This is the first of many Liquidmatrix Security Television Episodes which we naively think you might enjoy.

To start off, we've got this delicious interview with Dave Mortman (@mortman), the Chief Security Architect of Enstratus. Watch as Dave regales you with tales of the way things where back when he was a boy ((It appears that he's still a boy, but that's all charm.))

There's more of these in the queue. Tell us what you think or what you'd like to see.

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones/cover the screen if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

Creative Commons license: BY-NC-SA

Direct download: LSD-TVEp0x01-med.m4v
Category:LSD_Television -- posted at: 11:03am EDT

We've been threatening to do something interesting and cool...

We're happy to announce that we will be producing a bi-weekly video podcast edition - tightly edited to a broadcast friendly 22 minutes in length. Perfect to watch while having lunch or between an episode of M*A*S*H and Barney Miller. 

Thanks for all of your support so far and we look forward to invading your space regularly to make some friends and maybe even learn a thing or two.

((PS: Based on comments from listeners, we're going to make some changes and give you a more granular set of RSS feeds so that you can select to receive exactly the version of our show that makes you the happiest. If you're subscribed to the general feed, this is the last full video episode you'll see.))

Direct download: LSD-TVepisode-1960x540.m4v
Category:LSD_Television -- posted at: 1:45pm EDT

1



-->

Syndication

Categories

Archives

March 2024
S M T W T F S
     
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31