Wed, 20 February 2013
Episode 0x21 -- In which we prepare for RSA
Are you ready for RSA? Packed 500 business cards and a spare liver?
There's oh so much to talk about. Things we need to talk about, things we really want to not talk about, things you don't want to hear about.
- Upcoming this week...
- Lots of News
- Breaches
- SCADA / Cyber, cyber... etc.
- finishing it off with DERPs/Mailbag and
- THE DEEP DIVE
- Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- Facebook unlikes being hacked (Ars Technica) (The Atlantic Wire) (NYT) (BH Consulting) (IBI Times) (Apple too) (watering hole located)
- Dutch MP fined for hacking medical system
- NASA makes an oopsy with its software update
- Kaspersky says "Trust us, we're good with software"
- McAfee responds to criticism of AV industry with OpsFail
- Telecom NZ cancels 60k Yahoo Xtra passwords amid attack
- Exclusive: The Burger King and Jeep Hacker Is Probably This DJ From New England
- Obama says share!!!
- The Breach Report
- Mandiant. That is all.
- Burger King twitter gets hacked
- SCADA / Cyber, cyber... etc
- Electricity Market 101 - SCADA isn't just about the electricity
- Turns out all that airgapping was just theoretical
- Cyber Medals for Cyber Warriors
- DERP
- MTV fakes their twotter account being haxored
- Mailbag / Bizarro Land
-
Hi,
I just wondered if the Liquid Matrix team would be interested in commenting on the subject of Digital Forensics with Infrastruture-as-a-Service Cloud environments?
....
Adam Robson
Answer from the team:
No
- Ben Rants
- Ben Loses His Mind. Also, would you like a cheap certificate?
- Briefly - NO ARGUING OR DISCUSSION ALLOWED
- Securosis RSA Guide - 2013 Edition
- HDCP is dead, really
- Ronin
- Punk Spider - a searchable reference for web app vulns
- Magazine article on Chinese online takedown services gets taken down
- RoboPlow
- RoboSurgeon (warning - super gross - avoid)
- Liquidmatrix Staff Projects
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
- If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances: Ben, Matt James and Dave attending RSA. James and Dave speaking at RSA-e10+. James speaking at Thotcon, BSidesChicago, BSidesRochester and secret coolness for Hacker Summer Camp in Vegas. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
- In Closing
- Come find us at RSA!
- Movie Review: Live Free or Die Hard (and you thought it was just a cyberwarfare training video)
- everyday is CTF! go set up a team
- Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
- Seacrest Says: Am I the only one that crapped my pants when I heard a meteor hit russia?
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-21.mp3
Category: LSD_Podcasts
-- posted at: 10:08pm EDT
|
|
Wed, 13 February 2013
Episode 0x20 -- Can Dave count to 20?
Special Bonus Episode!
Since Dave (and a few select others) have problems with actually showing up to recordings, you'll be getting this episode about one day after the much maligned and completely screwed up Episode 0x1F. We are attempting to get back on track and do things the way they should be done. Or something like that. Also, Shmoocon!
- Upcoming this week...
- Lots of News
- Breaches
- SCADA / Cyber, cyber... etc.
- finishing it off with DERPs/Mailbag and
- THE DEEP DIVE
- Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- Password Dump stats for January 2013 and December for those curious
- LA Post serving Black Holes
- WaPo - ‘Fragmentation’ leaves Android phones vulnerable to hackers (some info on malware p0wnage)
- NIST 800-53 Rev4 is in Draft read it, comment on it.
- DHS declares 100 mile "4th Amendment Free" zone adjacent to US border
- Kaspersky update hoses Internet access for Windows XP users.
- Canadian Business Groups Lobby For Right To Install Spyware on Your Computer.
- The Everyday Agony of the Password
- Audacious Hack Exposes Bush Family Pix, E-Mail
- The Breach Report
- Bit9h got hacked!!!!
- SCADA / Cyber, cyber... etc
- Cyber Lobbists
- SCADA for the home players - turn the Belkin Wemo into a deathtrap
- Mailbag / Bizarro Land
-
Hi LSD crew... just finished 0x1E again and again, well done! Many thanks.
I am missing a bit the "central topic" what you had in earlier ones. What I mean is like in episode 0x14 about "Hardcore – Recovering from the Disaster you didn’t plan for" or "hiring". This was really interesting and gave some good insight. I understand quite a number of things are "common sense", but still, unfortunately quite a number (of the other?) things are not "common practice" and I think these need to be communicated.
Cheers guys Thomas
- Discussion - Keeping up with new technical developments
-
Because Thomas is a good guy, and he actually sent us an entire book of ideas, we're going to use one of them. Keeping up with new technical developments such as RFC 6797 HSTS and how to manage that along with everything else you're supposed to be doing as an information security professional. (Cue Dave talking about the value of CPEs in 3... 2... 1...)
- Briefly - NO ARGUING OR DISCUSSION ALLOWED
- If you permit USB keyboards or mice, you're permitting exfiltration
- Log stash book!!!
- Payment Card Industry clears up confusion over cloud use.
- Dave was on TV. He has many monitors. He is an Internet Security Expert. (fortunately he's not a social media expert)
- Not done yet: Oracle to ship revised Java fix on February 19
- Jeremiah Grossman's Self Pwnage
- Another RoR SQLi vuln
- Liquidmatrix Staff Projects
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
- If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances: James and Dave at RSA e10+, also attending Shmoocon but not speaking, James speaking at Thotcon and Dave will be at RSA, AltSecCon, Secure Dusseldorf, Infosecurity Europe, Black Hat, Defcon, Secure Asia
- In Closing
- We're thinking about doing a live podcast with audience participation - drop us a tweet or a line if you're interested
- Movie Review
- everyday is CTF! go set up a team
- Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
- Seacrest Says: Seacrest Likes Vicodin. SRLSY (but who doesn't - yummy yummy vicodin.... tasty)
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-20.mp3
Category: LSD_Podcasts
-- posted at: 2:23pm EDT
|
|
Tue, 12 February 2013
Episode 0x1F -- The Confusing Part Starts NOW
Can't wait till next week when Dave can start reading the episode numbers again!
I'm going to go ahead and apologize for this episode. We really couldn't seem to get it together last week so we bolted together some recording materials from last week and some that we put together last night. It's an unholy mess. Enjoy!
The show keeps getting longer. Even when 2/5ths of the hosts are absent, we're still in the hour long range. What's a podcast to do? Should we start trimming content? Not according to at least one of our listeners who really misses the Deep Dive Segment. Should we split into two episodes and release twice a week? Could we start recording any earlier so that those of us who live on the eastern side of the continent aren't yawning before the end? What's the best part of the show? What could we do less of? Should we just stick to what seems to be working?
These are all questions that you dear listener can answer. Let us know at mailbag@liquidmatrix.org. Did you know that you can also send us tips and links and things that you wish got a little more coverage? Yes you can! Now back to the show.
- Upcoming this week...
- Lots of News
- Breaches
- SCADA / Cyber, cyber... etc.
- finishing it off with DERPs/Mailbag and
- THE RETURN OF THE DEEP DIVE
- Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-1F.mp3
Category: LSD_Podcasts
-- posted at: 4:54pm EDT
|
|
Thu, 31 January 2013
Episode 0x1E -- Absenteeism
Insert Subtitle Here
With Matt and James out this week, Dave, Ben and Wil are left to their own devices. I think you'll understand what I mean when you get to the end.
- Upcoming this week...
- Lots of News
- Breaches
- No Scadas, no Matt, No Jamie
- finishing it off with DERPs/Mailbag and
- Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- The RCMP says they have no intention of using their Drones for surveilance purposes.
- Rapid7 white-paper says 81 million descrete publicly routable addresses responded to UPnP poll, as recently as last year.
- Sony fined many many quid
- India bars ZTE, Huawei and others from sensitive government projects
- Govt Sites Hacked Following Arrest of Alleged Jember Hacker
- FBI going after potential leakers of Stuxnet info
- Breaches - The never ending never ending story...
- USSC.gov Hacked : pwned
- Hackers in China Attacked The New York Times for Last 4 Months
- Errata / DERP of the week award
- Barracuda!!!!
- More Fishy
- Mailbag / Bizarro Land
-
Hi all,
Just came across this crazy story.GitHub's new search functionality has been temporarily disabled after users discovered they could search for juicy content that had been accidentally uploaded, such as private keys, known hosts, and bash history files. According to a couple of different accounts, some credentials and other sensitive data may already have been used to cause mischief.However, it's not all doom and gloom. Some doofus uploaded his home directory to GitHub, which in itself is mighty stupid. This immediately turned into something disturbing: his history contained mplayer commands aimed at playing videos of child pornography, with rather graphic titles. The details were summarily posted to Reddit, where an investigation ensued. GitHub has disabled the user's account, and it seems that a few people may have contacted his university.So, whilst it looks like GitHub's search features may have caused problems for a few users, it has also lead to the discover and outing of a paedophile.
Reddit Thread
Keep up the good work!
-- Graham Sutherland
- Briefly - NO ARGUING OR DISCUSSION ALLOWED
- Red teaming at a CCDC
- Honey Spider
- Whisper Systems' Spring Break of Code
- FTC Reaches Settlement Over Cord Blood Bank's Data Breach
- Liquidmatrix Staff Projects
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
- If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances: James and Dave at RSA e10+, also attending Shmoocon but not speaking
- In Closing
- We're thinking about doing a live podcast with audience participation - drop us a tweet or a line if you're interested
- Movie Review Under The Tuscan Scan
- everyday is CTF! go set up a team
- Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
- Seacrest Says: vote SEACREST!!!!!... I mean LiquidMatrix
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-1E.mp3
Category: LSD_Podcasts
-- posted at: 3:50pm EDT
|
|
Tue, 22 January 2013
Episode 0x1D -- Oops, We Did It Again
Sometimes, breaches happen to the nicest folks
A PSA on TFA!
TFA is addictive, a year ago I started using it at work and then I began using it at home on my webmail. I didn't tell my wife about it for a while because I thought that it would bring up the whole 'if you love me you'll share you password' argument again. My TFA use began to spread to other cloud services and soon I was trying to get other people to start using it as well. Now I do TFA everywhere, whenever I have a quiet moment to access a cloud service. Sometimes I'll even use it on the train when I go to work, I don't care who sees me key in my OTP because I know TFA will keep me safe; it's a good feeling.
- Upcoming this week...
- Lots of News
- Breaches
- The SCADAs/ICS and Cyber
- finishing it off with DERPs/Mailbag and
- Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-1D.mp3
Category: LSD_Podcasts
-- posted at: 12:13pm EDT
|
|
Mon, 14 January 2013
Episode 0x1C -- The New Guy
That's audio episode 29 out of us - and so it's time to go gracefully into our middle age with a new guy.
We are pleased to announce that we're adding a new regular contributor to the Podcast - Wil Knoll is a Calgary-based infosec consultant / hackerspace founder who has been a key contributor to Hacker Pyramid as well as knowing his shit when it comes to infosec. He's also an accomplished actor and once upon a time could be mistaken for Joey from Hackers. We are thrilled to have him join the show and in this first outing, he did a wonderful job. He also suffers from impostor syndrome - so make sure you tell him how awesome he really is -- @wintr on Twitter.
Normally there is an opportunity for witty goofing about here. This week, I'm taking the time to soapbox for a moment. If you're not aware of Aaron Swartz, you should be. Unless you're listening to this podcast by going directly to the website and downloading, it's his spec that's running the RSS you're using. Also, everything else. Here's a few links to get you thinking.
- Boing Boing / Cory Doctorow
- The Nation / Rick Perlstein
- Quinn Norton
- Lawrence Lessig
- Summary posting on The Laughing Squid
Upcoming this week...
- THE NEW GUY
- Lots of News
- Breaches
- The SCADAs/ICS and Cyber
- and then our discussion topic - Planning for staff turnover?
- finishing it off with DERPs/Mailbag and
- Our new weekly Briefs - no arguing or discussion allowed
And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- Under the Hood of DDoS attacks against banks
- Texas School Pupil who refused to wear RFID, loses appeal Disney Too!
- The Australians want to spy on us all
- Zeus Botmaster arrested
- Opsec for hackers by The Gruq
- Errors Mount at High-Speed Exchanges in New Year
- Thales DMCA takedown of manual
- Zero Day in Oracle Java 7
- Petition on "We The People" US government site seeks to legitimise DDoS as a form of civil protest Akamai CSO Andy Ellis tweets...
- TSA Once Again Considering Using Commercial Data To Profile Passengers
- Hack turns the Cisco phone on your desk into a remote bugging device
- Breaches - The never ending never ending story...
- "Oops we did it again" Canadian .gov looses 538,000 records
- Vicurex didn't listen to the Ruby on Rails warning
- Indonesian President's Web Site Hacked by Jember Hacker Team
- Hacker group exposes corruption in universities
- The SCADAs/ICS and Cyber
- PDF LINK: Update on 3S Codesys Multiple Vulns
- PDF LINK: SpecView Directory Traversal
- PDF LINK: Roxwell Automation Controllogix
- Errata / DERP of the week award
- Nokia is MITM'ing users
- Oracle + Java vuln slow repair = WTF
- Mailbag / Bizarro Land
- Hi Guys:
A good friend and CTO of a small oil & gas service firm has learned enough about infosec to be terrified. I blush to suggest I may have helped him along his journey. ;-) How about discussing how one locates & selects a pure fee-for-service consultancy to set a smallish firm on the straight & narrow? My friend's firm is well funded -- but myself, I have a prejudice against "big name" firms, so I will not be passing on any such recommendations to him. Thanks for the great podcast, Mark
- Sirs,
I listen regularly and really enjoy your podcast and the insightful, intelligent, sober analysis you provide. I must disagree with your assessment, in episode 1B, of the New York Times article Outmaneuvered at Their Own Game, Antivirus Makers Struggle to Adapt." It seems your analysis fell victim to the standard industry response to the piece, which, summed up, amounted to "duh, so what?" I would like to respectfully submit that the value of the article isn't so much its content, but the fact that it appeared in the Business Section of the New York Times that landed on my doorstep. It has long been well known in the information security community that antivirus was less than effective, but the fact that the Times ran an article indicting the industry, and served it up to lay people across the globe is a fairly significant event. The article begins: "the antivirus industry has a dirty little secret: its products are often not very good at stopping viruses," but the moment the Times went to press that fact was no longer secret. This type of mainstream media analysis could spell real trouble for an industry that has been struggling to find relevance in the modern threat environment, and the fact that popular media is beginning to get on the AV-bashing bandwagon does not bode well for the future of your favorite yellow swirly products. The PHB's of the world may not listen to their security officers, but they probably read the New York Times, which can change financial decisions for a company in significant ways. Cheers, Justin C. K. K.
- Briefly - NO ARGUING OR DISCUSSION ALLOWED
- If you go back and listen carefully to the entire podcast, there's a SECOND podcast hidden in the silence.
- Automating Security for developers from Mozilla
- effective approaches on app sec from etsy
- twitter on automating app sec
- 5 more tough security questions (and tips on answering them)
- Windows 8 RT Jailbreak
- Remember Aaron Swartz
- Liquidmatrix Staff Projects
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
- If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances: James and Dave at RSA e10+, also attending Shmoocon but not speaking
- In Closing
- We're thinking about doing a live podcast with audience participation - drop us a tweet or a line if you're interested
- Movie Review Silver Linings Playbook
- Security Blogger Awards 2013...ah hem (not like we're pandering for votes or anything, we only do that for ISC2 board seats) :)
- everyday is CTF! go set up a team
- Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
- Seacrest Says: "goodbye Aaron, we're saddened by your passing, the world is a less brilliant place without you" International list of Suicide Hotlines For the rest of you - "depression is a flaw in chemistry not character"
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-1C.mp3
Category: LSD_Podcasts
-- posted at: 10:21am EDT
|
|
Wed, 9 January 2013
Episode 0x1B -- Happy New Year, Start Yer Complaining NOW!
That's audio episode 28 out of us - not too bad to start off the new year.
PITHY COMMENTARY
Upcoming this week...
- Lots of News
- Breaches
- The SCADAs/ICS and Cyber
- DERPs!!!
- and then we're going to shoot through a whole bunch of brief items without discussionin our new segment - BRIEFS (which goes well with Ben's male bag doesn't it)
And if you've got commentary, please sent it tomailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- News
- Privacy czar tries to find web surveillance bill solution
- Los Alamos nuclear weapons lab removes Chinese tech over spying concerns
- Facebook bug: Reset anybody's password. Rusty Foster (of Kuro5hin fame) discovered that he was declared dead on Facebook. Turns out you can do this to your "friends"
- Rails Fail Whale (Sail, Mail, Hail) ..and boom
- Software maker faces jail for other people using his software
- malware author on sploit buying spree
- Another "WE HACKED YOUR FULL DISC ENCRYPTION" by having physical access to the device. No shit. Really? Same as in 2005 people - never sleep a FDE machine, always hibernate or poweroff.
- From NYTimes - "Outmaneuvered at Their Own Game, Antivirus Makers Struggle to Adapt" Really? No shit. Hmmm. I hadn't thought of that. (h/t Securosis)
- Breaches - The never ending never ending story...
- Raj Musicals - 12000
- SCMagazine (@SCMagazine) 2012-12-23 9:25 Here's a list of the top 8 breaches that took place in 2012.
- wiki.debian.org security breach
- Hacker at public works goes unnoticed
- Army says hacker got Fort Monmouth personal info
- The SCADAs/ICS and Cyber
- Industrial Control Systems Faced Nearly 200 Attacks: DHS
- Building a 21st Century Cyber Workforce
- Dale Peterson of Digital Bond on a rant about Insecure By Design PLCs
- Secret Plan Aims to Defend Power Grid (Perfect Citizen)
- PDF LINK - Canada's National Energy Board gave permission to the regions to make NERC CIP a requirement. Ongoing since 2002. Go Canada? (h/t Digital Bond)
- CMaaS - Continuous Monitoring as a Service. WTF.
- ProfiNet fuzzer developed
- 29C3: SCADA Strangelove - an ICS talk with the wrong name on it. Good nonetheless
- Mailbag / Bizarro Land
- Hi guys, my boss and I were debating the merits of using opensource products over shiny boxen. Any points for or against? - Mike, SC
- Briefly - NO ARGUING OR DISCUSSION ALLOWED
- 20+ best FREE security tools
- Yahoo DOM XSS
- Top 10 web hacking technique vote - 2012
- Honeydrive!
- An off premise browser
- NTLM Challenge Response is completely broken
- A couple of University of Washington courses on Coursera - If I was carrying fewer courses this semester, I'd be on these two.If you're a grandfathered CRISC, you might want to take these to fulfill your CPE's for 2013! Information Security and Risk Management in Context and Building an Information Risk Management Toolkit
- From BSI - PAS555: Cyber Security Risk - Governance and Management Specification
- OSINT Tools - Recommendations from Subliminal Hacking
- Memoto: The medical prosthetic for memory. Like I talked about at DEFCON 17. Don't know how I missed this on kickstarter. MIght just order one anyways.
- The Slow Data Movement
- The Process Myth
- And lastly... WTF. Eugene is #8 on Wired's list of the most dangerous people in the world?
- Liquidmatrix Staff Projects
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time.
- If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances: James and Dave at RSA e10+, also attending Shmoocon but not speaking
- In Closing
- Movie Review not a movie, but go read Wool and it's prequels
- Security Blogger Awards 2013...ah hem (not like we're pandering for votes or anything, we only do that for ISC2 board seats) :)
- everyday is CTF! go set up a team
- Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee!
- And big news for next week, but it's still a secret.
- Seacrest Says: "INSERT SEACREST COMMENT HERE"
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-1B.mp3
Category: LSD_Podcasts
-- posted at: 9:27pm EDT
|
|
Mon, 24 December 2012
Episode 0x1A -- Happy Holidays Everyone
Upcoming this week...
- SCREW THE NEWS!!!!!!!
- and then our discussion topic-- Predictions and Prognostication
And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
- Discussion topic -
- Dave's Point of view(cough cough sputter germs)
- Ben Says...looking back... weaponized stuff, and the lack of it looking forward... good enough security leads us to more awesome projects like security onion
- The Intern opines on conferences, human resources and infosec
- Matt is in denial about... Jamie and I quoted in an article together! Hack all the toasters! Breaches!! 2012 Web Vuln Stats super crazy chicken pants. SQLi What?! Passwords suck! (Password Reset sucks harder!) Bug Bounty! (Yandex)
- James gets the last word... THE FUCKING SCADAS
- no he doesn't... Ben wants to say something
- In Closing
- Seacrest Says: You'll see my ball dropping in a week!
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-1A.mp3
Category: LSD_Podcasts
-- posted at: 5:18pm EDT
|
|
Sun, 2 December 2012
In what can only be described as a collision of intergalactic import, the three bestest information security podcasts have come together and produced...
THE SOUTHERN MATRIX HOSE PODCAST
Have a listen for a half hour of:
Bringing you the infosec commentary that you crave from the Security Zone conference in beautiful Cali Columbia.
Since we're in a tropical paradise, there really isn't the patience for things like show notes. Have a listen and you'll be impressed, we swear.
Creative Commons license: BY-NC-SA
Direct download: slmrh1.mp3
Category: LSD_Podcasts
-- posted at: 5:21pm EDT
|
|
Fri, 30 November 2012
Episode 0x19 -- It's EARLY - and we like it!
No Matt. But Ben does a great Matt impression. In mashed potatoes.
It's another week in the wide wonderful world of Infosec. And every day feels like drinking from the firehose of Infosec Reactions. Seriously.
Upcoming this week...
- Lots of News
- Breaches
- SCADAs
- DERPs!!!
- and then our discussion topic-- You Got Half A Budget Now What?
And if you've got commentary, please sent it tomailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
Creative Commons license: BY-NC-SA
Direct download: LSDPodcast-19.mp3
Category: LSD_Podcasts
-- posted at: 12:58pm EDT
|
|