SecuriTEA Podcast

Welcome to the SecuriTEA podcast, episode 2! This episode was recorded about 9 months ago and I only just now got around to editing it. The reason it took so long is because this wasn't really the greatest of podcasts, at all lol. We only had 2 mics so Jon and Clayton tried sharing mics and my mic didn't have a pop filter, and to top it off, there were people playing CS:GO in the background. Oh well. Hopefully future episodes will have all these issues fixed. Website: https://www.securiteapodcast.com iTunes: https://itunes.apple.com/us/podcast/securitea-podcast/id1254179361 Google Play: https://play.google.com/music/listen#/ps/Inrjz5wdmmkac6uwhblolhyz4vu Hosts: Logan Rickert https://www.loganrickert.com @LittleDelta1337 Clayton Horstman @rotbot9000 Guests: Jon Zentgraf @kandi3kan3 Timestamps: 00:00 - Intro 00:21 - Tea Discussion 01:48 - Circle City Con 2017 -- 2:13 - Car Hacking and CAN bus -- 3:26 - Capture The Flag ---- 3:56 - Rankings and black badges ---- 5:00 - Challenges ---- 5:10 - Challenge: Bone Yard ---- 6:05 - Challenge: Pump up the jam ---- 7:05 - Challenge: File to file 8:00 - Bsides Cincinnati 8:21 - DefCon 8:40 - Hacker Hack Thyself 14:40 - Password hash security (just skip this section) ~cut~ - Web assembly 15:25 - Jon shows up 15:45 - Jon's Twitter fame 16:16 - One Login -- 17:20 - Shoutout to all my Johns -- 17:45 - We become self-aware -- 18:21 - How it was compromised 18:30 - Monster 6502 -- 19:30 - MegaProcessor - Computerphile -- 22:10 - Chrismas gift idea for Jon 22:13 - Rideshare stingray sniffing -- 24:35 - We are not lawyers 24:50 - Google CTF 2017 25:20 - Circle City Con again -- 25:35 - Crypto-vulnerability 26:25 - Google CTF 2017 again -- 27:00 - A company I've heard of -- 28:25 - Win some 1337 money 29:15 - Rollercoaster Tycoon 29:50 - IDA 64-bit edition 31:45 - Drinking the tea 32:00 - Outro Corrections: - 90% of the time, we're never wrong. Link Dump: - Circle City Con - https://circlecitycon.com/ - Bsides Cincinati - http://bsidescincy.org/ - Hacker Hack Theyself - https://blog.codinghorror.com/hacker-hack-thyself/ - Monster 6502 - https://monster6502.com/ - MegaProcessor - https://www.youtube.com/watch?v=lNa9bQRPMB8 - LiveOverflow - https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w - Finding stingrays with ridesharing - https://www.wired.com/2017/06/researchers-use-rideshares-sniff-stingray-locations/ - Google 2017 - https://capturetheflag.withgoogle.com/ - Rollercoaster Tycoon in assembly - http://www.chrissawyergames.com/faq3.htm - IDA 64-bit - http://www.hexblog.com/?p=1096

Welcome to the SecuriTEA podcast, episode 1! This podcast was more of a test podcast to see how well things would go. About half of this podcast is about DefCon and a 100-year-old technology called dial-up and the other is talking about current security news! Hosts: Logan Rickert https://www.loganrickert.com Clayton Horstman @viro101 00:00 - Intro 00:30 - Tea discussion 02:50 - John Draper 05:50 - DefCon 24 07:18 - Clay's Have to meet list 07:30 - Kevin Mitnick 08:20 - Steve Wozniak 08:59 - Logan's Have to meet list 09:43 - Old hacking Movies 11:47 - DefCon 25 12:14 - WannaCry 17:00 - Malware Unicorn's RE Guide 18:34 - Burp 20:05 - Trying Tea 20:55 - Outro Corrections: - 2600 Hertz, not MHz - It's just a regular unicorn, not a magical one. Link Dump: - John Draper [ https://en.wikipedia.org/wiki/John_Draper ] - Kevin Mitnick [ https://en.wikipedia.org/wiki/Kevin_Mitnick ] - Steve Wozniak [ https://en.wikipedia.org/wiki/Steve_Wozniak ] - Linus Torvalds [ https://en.wikipedia.org/wiki/Linus_Torvalds ] - Sneakers (1992) [ https://en.wikipedia.org/wiki/Sneakers_(1992_film) ] - Hackers (1995) [ https://en.wikipedia.org/wiki/Hackers_(film) ] - WannaCry [ https://en.wikipedia.org/wiki/WannaCry_ransomware_attack ] - Ransomware Customer Support [ https://www.reddit.com/r/ProgrammerHumor/comments/6bvpnu/when_ransomware_gang_offers_better_customer/ ] - MalwareTech Post [ https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html ] - Malware Unicorn [ https://securedorg.github.io/RE101/ ] - Burp Expoit [ http://www.agarri.fr/kom/archives/2017/04/04/exploiting_a_blind_xss_using_burp_suite/index.html ]