Podcasts about bsideslv

  • 20PODCASTS
  • 38EPISODES
  • 49mAVG DURATION
  • 1MONTHLY NEW EPISODE
  • Oct 2, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about bsideslv

Latest podcast episodes about bsideslv

Cybercrime Magazine Podcast
White House Kicks Off Fall Cyber Hiring Sprint. Bridging The Talent Gap. Kris Rides, Tiro Security.

Cybercrime Magazine Podcast

Play Episode Listen Later Oct 2, 2024 17:28


Kris Rides is the founder of Tiro Security. Recognized as an expert in cybersecurity staffing, he has spoken at prestigious conferences, including DEF CON, InfoSec World, RSA Conference, BSidesLV, and ISC2 Conference. Kris is also featured on our list of cybersecurity pundits. In this episode, he joins host Scott Schober to discuss the White House's initiative to fill hundreds of federal cyber, technology and artificial intelligence jobs in the coming months. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Storm⚡️Watch by GreyNoise Intelligence
Tech Giants Stumble: Georgia Tech Sued, SolarWinds Leaks, and Freaky Friday KEV Drops

Storm⚡️Watch by GreyNoise Intelligence

Play Episode Listen Later Aug 27, 2024 57:08


Forecast: High pressure system over Georgia Tech as DOJ storm rolls in. SolarWinds experiencing unexpected credential precipitation. This episode features the DOJ hot takes on Georgia Tech, SolarWinds dropping the ball (again), and why Keanu Reeves may want to re-think some of his recent life choices. Plus, we're decoding the latest KEV advisory. Tune in for our usual no-holds-barred analyses and commentary. Cyberside Chat ‍A major legal action by the U.S. Department of Justice targets Georgia Tech and its research corporation over alleged cybersecurity violations. The case underscores the critical importance of cybersecurity compliance, even for prestigious academic institutions. Cyber Spotlight: Blooper Reel‍ Keanu Reeves' involvement in a Palo Alto Networks AI security campaign raises questions about celebrity endorsements in tech. SolarWinds faces scrutiny after a recent credential leak in a hotfix for their Web Help Desk product, highlighting the risks of rushed patches. Additionally, a critical authentication flaw in DiCal-RED illustrates the ongoing challenge of securing essential software functions. Shameless Self-Promotion ‍‍Emily and Glenn will be speaking at LABSCON Glenn's BSidesLV presentation on vulnerability insights from the CISA KEV Catalog. GreyNoise's blog "BLUUID: Firewallas, Diabetics, And... Bluetooth," explores the intersection of technology and healthcare. Tag Round-Up / Let's Talk About KEV ‍A roundup of the latest tags from the GreyNoise Visualizer and a deep dive into the KEV (Known Exploited Vulnerabilities) Roundup, with special attention on CVE-2024-39717, a Versa Director vulnerability that has stirred controversy due to its rapid addition to the KEV catalog despite limited public information on its exploitation. Storm Watch Homepage >> Learn more about GreyNoise >>  

Open Source Security Podcast
Episode 443 - The Supply Chain Security Crisis

Open Source Security Podcast

Play Episode Listen Later Aug 26, 2024 34:23


Josh and Kurt talk about a story that discusses a story from Black Hat that references supply chains. There's a ton of doom and gloom around our software supply chains and much of the advice isn't realistic. If we want to take this seriously we need to stop obsessing over the little problems and focus on some big problems. Show Notes Black Hat USA 2024: Key Takeaways from the Premier Cybersecurity Event The Reason Train Design Changed After 1948

Absolute AppSec
Episode 255 (0xFF) - HackerSummerCamp Recap

Absolute AppSec

Play Episode Listen Later Aug 13, 2024


Seth and Ken are back from Vegas for Episode 0xFF (!!!!) of Absolute AppSec, sponsored by Redpoint Security (redpointsecurity.com). After spending the last week+ withering away in the desert heat while listening to industry insiders, technicians, and hackers talk about their research, the duo have returned dehydrated to share their own experiences from DEF CON 32, Blackhat, BSidesLV, and Diana Initiative. After some discussion, they dive into interesting talks, new tools, hotel searches, and badge controversies.

Absolute AppSec
Episode 254 - Pre-Hacker Summer Camp

Absolute AppSec

Play Episode Listen Later Aug 1, 2024


Seth and Ken return this week at a slightly unusual time help get you prepped for all things Hacker Summer Camp. As regular visitors to Las Vegas each year for Blackhat, BSidesLV, DEF CON, and other events, the duo has recommendations for making the most of your time in the desert. Specifically, download HackerTracker (https://hackertracker.app), plan out your time, take care of yourself, and have fun.

Open Source Security Podcast
Episode 389 - What would HashiCorp do?

Open Source Security Podcast

Play Episode Listen Later Aug 21, 2023 42:16


Josh and Kurt talk about the HashiCorp license change and copyright problems in open source. This isn't the first and won't be the last time we see this, but it's very likely open source developers and communities will view any project that has a contributor license agreement as a problem moving forward. Show Notes Josh's BSidesLV talk Hacker News marked site as malware HashiCorp license change A Theory of Joint Authorship for Free and Open Source Software Projects

Application Security PodCast
Guy Barhart-Magen -- Log4j and Incident Response

Application Security PodCast

Play Episode Listen Later Sep 23, 2022 43:45


With nearly 25 years of experience in the cyber-security industry, Guy held various positions in both corporates and startups.In his role as the CTO for the cyber crisis management firm Profero, his focus is making incident response fast and scalable, harnessing the latest technologies and a cloud-native approach.Guy is the BSidesTLV chairman and CTF lead, a Public speaker in well-known global security events (SAS, t2, 44CON, BSidesLV, and several DefCon villages, to name a few), and the recipient of the Cisco “black belt” security ninja honor – Cisco's highest cybersecurity advocate rank.Guy joins us to explore his front-row seat for the incident response with Log4j. There are many AppSec lessons to learn by understanding the greater depth of Log4J. We hope you enjoy this episode with .... Guy Barhart-Magen.

InSecurity
InSecurity Podcast Mixtape: Hacker Summer Camp Edition

InSecurity

Play Episode Listen Later Sep 9, 2019 47:37


InSecurity Podcast Mixtape: Hacker Summer Camp Edition is there any better time of year to go to Las Vegas than early August?!?   We’re totally kidding… It’s hot and this year there was a plague of locusts!   But it is also the time of year when people from all walks of the Cybersecurity world gather to learn, teach and reconnect. Whether it is at BSidesLV, Black Hat, DEFCONor other events too cool to be on the radar, odds are, you are standing in line next to someone who knows how to either protect or break into a network.   We spoke with some of those folks...   Enjoy!   Charles Eagan: BlackBerry Cylance Covers the Entire Security Spectrum Joe Menn: Cult of the Dead Cow; How the Original Hacking Supergroup Might Just Save the World John McClurg: There Is a Reason Legislators Listen to John McClurg Mia Damiano: Bringing the Story of Cybersecurity to the People Dave Cundiff: Building a Security Program as Secure as Fort Knox Greg Fitzgerald: Cyberforceis Showing SMBs the Same Love as Large Enterprises Dave Castignola: Why BlackBerry Cylance Looks to the Moon for Inspiration Rex Johnson: Rex JohnsonKnows Where the Gaps are in Cyber Insurance Red Dragon 1949: @RedDragon1949Can Only Tell You SOME of the Cyberscurity Stories He Has Lived Mark Wilson: BlackBerry and Cylance: The Integration is DONE     About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcastsand GooglePlayas well as Spotify, Stitcher, SoundCloud, I Heart Radioand wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

Bring Your Own Security Radio
BYOS - Review of Hacker Summer Camp

Bring Your Own Security Radio

Play Episode Listen Later Aug 15, 2019 42:41


Bring Your Own Security Radio
BYOS - Review of Hacker Summer Camp

Bring Your Own Security Radio

Play Episode Listen Later Aug 15, 2019 42:41


Bring Your Own Security Radio
Dave the I.T. Guy - WFLA Morning Show 8.12.19

Bring Your Own Security Radio

Play Episode Listen Later Aug 12, 2019 2:50


Dave The IT Guy appearing on the Tampa Morning Show talking about medical device hacking

Bring Your Own Security Radio
Dave the I.T. Guy - WFLA Morning Show 8.12.19

Bring Your Own Security Radio

Play Episode Listen Later Aug 12, 2019 2:50


Dave The IT Guy appearing on the Tampa Morning Show talking about medical device hacking

InSecurity
#BlackHat2018: A Look Back

InSecurity

Play Episode Listen Later Jul 29, 2019 64:39


#BlackHat2018: A Look Back     The world of Cybersecurity is about to descend upon Las Vegas like a plague of locusts. Oh… wait… that appears to have already happened.   Tens of thousands of our Cybersecurity colleagues will converge for Hacker Summer Camp next week. We’ll be attending Black Hat, BSidesLV, The Diana Initiative and DEFCON.   Before we dive into what’s coming next week… let’s take a look at what we learned last year and see how the passing year shook out.   Volume III of the InSecurity Podcast Mixtape features CEOs, legendary technology journalists, and some of the key players in the world of cybersecurity talking about what expected out of Hacker Summer Camp 2018. Kick back and enjoy the perspectives this group of experts has to offer on the present state and future of cybersecurity   Enjoy!   Katie Moussouris: When Bug Bounties Go Bad: Don’t Get Extorted Javvad Malik: Cybersecurity Is a Lot Like 80s TV Shows Josh Corman: Hackers Are Making the World a Safer Place. You Need Them Marcus Carey: Protect the Endpoint. Simulate an Attack. Make Sure You’re Protected Elinor Mills: Is It Really 25 Years Since L0pht Heavy Industries Testified in Congress? Dave Bittner: Cyberwire: The Daily Paper of Record for the Cybersecurity Industry Justin Kallhoff: How an MSSP Turns Many Small Businesses into One Large Enterprise   A lesser blog would rip off someone else’s good writing, change a few words and then not give credit where it’s due… But that’s not how we roll here on the InSecurity Podcast.   If you want to read a really good summation of Hacker Summer Camp, check out System Overlord’s lowdown on Hacker Summer Camp and what is about to happen in Las Vegas next week . He drops some serious knowledge on how to maximize your experience.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!

Down the Security Rabbithole Podcast
DtSR Episode 329 - Volunteering Your Career

Down the Security Rabbithole Podcast

Play Episode Listen Later Jan 8, 2019 40:08


This week, on the DtSR Podcast recorded way too early on a Monday morning, we talk volunteering in InfoSec with Kathleen Smith. Kathleen is the CMO of ClearedJobs.net and CyberJobs.com - and she recently ran a volunteerism survey (link: https://cybersecjobs.com/cyber-security-community-volunteering-report) you should probably check out too. Highlights of this week's show include... Kathleen discusses some of the highlights of the survey We discuss some of the things volunteers learn, and why this is critical to our community Several jokes are made We discuss the value of volunteering and its impact on your career and much, much more   Guest Kathleen Smith - @YesItsKathleen - CMO, ClearedJobs.Net/CyberSecJobs.Com, both veteran-owned companies, she spearheads the community-building, and communications outreach initiatives catering to the both organizations’ many audiences including security cleared job seekers, cybersecurity candidates, and military personnel. Kathleen has presented at several security conferences on recruiting and job search within the cybersecurity world to include BSidesLV, BSidesTampa, BSidesDE, FedCyber. Kathleen volunteers in the cybersecurity community; she is the Director, HireGround, BSidesLV’s 2-day career track. Kathleen is well respected within the recruiting community, is the co-founder and current President of recruitDC, the largest community of recruiters in the Washington DC area

Brakeing Down Security Podcast
2018-029-postsummercamp-future_record_breached-vulns_nofix

Brakeing Down Security Podcast

Play Episode Listen Later Aug 16, 2018 55:31


Post-Hacker Summercamp   IppSec Walkthroughs Brakesec Derbycon ticket CTF -   Drama - (hotel room search gate)   AirconditionerGate   Personal privacy   Ask for ID   Call the front desk   Use the deadbolt - can be bypassed   Plug the peephole with TP         Hotel rooms aren’t secure (neither are the safes)             Probably the most hostile environment infosec people go into to try and be secure/private   https://247wallst.com/technology-3/2018/08/13/25-of-known-computer-security-vulnerabilities-have-no-fix/ This is the company behind a sort-of threat intel site (vulnDB) The original marketing site I figured it was marketing… it smacked of a ‘buy our product’ site, but we don’t have to mention vulnDB   https://www.informationsecuritybuzz.com/expert-comments/over-146-billion-records/     Based on study by Juniper Research   https://www.teepublic.com/user/bdspodcast   #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

Unnamed Reverse Engineering Podcast

Alvaro and Gareth talked to Joe Grand on the ferry back from Toorcamp. Here are links to most of the things we talked about: San Juan Islands Burning Man Burn in the Forest CCCamp EMF Camp The L0pht DEFCON 14 Badge Saleae Logic Analyzer Bus Pirate Xeltek device programmer JTAGulator Joe’s Hardware Hacking Training BusBlaster JDEC Standard Manufacturer’s Identification Codes (login required) BSDL Files UrJTAG Openocd JTAGulator github Spin programming language Joe’s PCB Deconstruction Techniques Joe’s BSidesLV’s talk “Using Superpowers for Hardware Reverse Engineering” Grand Idea Studio Dangerous Prototypes “Dirty Decapping” Service DirtyPCB’s PCB RE Service Chris Tarnovsky and his Blackhat Talk Olivier Thomas (@reivilo_t) Texplained RE Services John McMaster Ken Shirriff Chris Gerlinsky PCB-RE Book If you’re curious about Joe’s “Juvenile Delinquency” days, check out his Cyphercon Talk! Here's the photo out the window Alvaro mentioned. Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)

LawyerLiz
08/02/17 Guest Dmitry Dain

LawyerLiz

Play Episode Listen Later Aug 6, 2017 60:00


Hacker Summer Camp: Security & Privacy Edition: One week, three security conferences, 30,000 tech researchers - hacked voting machines, cars, and connected devices. Liz and Dmitry Dain (CTO, Virgil Security) discuss highlights and the security and privacy implications from BlackHat, BSidesLV, and DefCon.

Security Nation
Episode 6: Recapping Black Hat 2016

Security Nation

Play Episode Listen Later Aug 12, 2016 30:01


The security world descended on Las Vegas last week for the trifecta of Black Hat, DEF CON, and BSidesLV. These events covered more topics than could possibly be mentioned all at once, from ATM hacking to new startup technologies and everything in-between. Among the crowds at Black Hat were members of Rapid7’s technical marketing team, including Eric Sun, Matt Hathaway, and Nate Palanov. On this episode of Security Nation, Kyle and team discuss what they consider to be the biggest takeaways from the week, as well as the impact of the show’s continued growth. Security Nation is a podcast dedicated to covering all things infosec – from what’s making headlines to practical tips for organizations looking to improve their own security programs. Host Kyle Flaherty (@KyleFlaherty) has been knee-deep in the security sector for nearly two decades. At Rapid7 he leads a team of technical marketers with the mission of providing impactful content that helps security professionals do their jobs.

Exotic Liability
64: Ol' Grandpa

Exotic Liability

Play Episode Listen Later Aug 7, 2015 82:40


Disaster Protocol Joins in, Tools and News, Pure Comedy, BH.BSidesLV.DC talks, @jsokoly joins, @myrcurial calls in, freebyron.com, EL Scares Marketing&HR, Intro: Ligatt Parody by the boys from Disaster Protocol, Outro:"60 Revolutions" by Gogol Bordello

Exotic Liability
78: Con-dom

Exotic Liability

Play Episode Listen Later Aug 7, 2015 106:48


VEGAS!!! BlackHat 2011, BSidesLV, and Defcon 19 schedule reviews!!! See you all at the Cons next week. ConBlackmail.com is COMING! Parties, Booze, and Puke!

Exotic Liability
78: Con-dom

Exotic Liability

Play Episode Listen Later Aug 6, 2015 106:48


VEGAS!!! BlackHat 2011, BSidesLV, and Defcon 19 schedule reviews!!! See you all at the Cons next week. ConBlackmail.com is COMING! Parties, Booze, and Puke!

Exotic Liability
64: Ol' Grandpa

Exotic Liability

Play Episode Listen Later Aug 6, 2015 82:40


Disaster Protocol Joins in, Tools and News, Pure Comedy, BH.BSidesLV.DC talks, @jsokoly joins, @myrcurial calls in, freebyron.com, EL Scares Marketing&HR, Intro: Ligatt Parody by the boys from Disaster Protocol, Outro:"60 Revolutions" by Gogol Bordello

Paul's Security Weekly TV
Hack Naked TV: Hacker Summer Camp, Hacking Team, Adobe Flash (July 14, 2015)

Paul's Security Weekly TV

Play Episode Listen Later Jul 15, 2015 2:44


Host Aaron Lyons talks about "Hacker Summer Camp" aka Blackhat, BsidesLV and Defcon conferences, HackingTeam and Adobe Flash.

DEF CON 22 [Materials] Speeches from the Hacker Convention.
Philip “Soldier of Fortran” Young - From root to SPECIAL: Pwning IBM Mainframes

DEF CON 22 [Materials] Speeches from the Hacker Convention.

Play Episode Listen Later Dec 13, 2014


Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Young/DEFCON-22-Philip-Young-From-root-to-SPECIAL-Hacking-IBM-Mainframes-Updated.pdf From root to SPECIAL: Pwning IBM Mainframes Philip “Soldier of Fortran” Young 1.1 million transactions are run through mainframes every second worldwide. From your flight to your ATM withdrawal a mainframe was involved. These critical, mainstays of the corporate IT world aren’t going anywhere. But while the hacker community has evolved over the decades, the world of the mainframe security has not. This talk will demonstrate how to go from meeting an IBM, zSeries z/OS mainframe, getting root and eventually getting system SPECIAL, using tools that exist currently and newly written scripts. It will also show you how you can get access to a mainframe to help develop your own tools and techniques. This talk will teach you the ‘now what’ after you've encountered a mainframe, returning the balance from the ‘computing mystics’ who run the mainframe back to the community. Phil “Soldier of Fortran” Young is a mainframe security researcher at a large corporation where he develops audit and security requirements guidelines for the various ‘legacy‘ mainframe systems. In polite company he is referred as a ‘Mainframe Security Enthusiast’ and amongst mainframers “that f***ing guy making my life harder”. He has given talks about mainframe security at various security conferences including BlackHat, BSidesLV and Shmoocon. While at work and at home he devotes his time to researching z/OS design and implementation flaws, developing tools and writing articles and resources for other security experts to leverage as they “discover” the mainframe. twitter: @mainframed767

DEF CON 22 [Materials] Speeches from the Hacker Convention.
Charlie Vedaa and Mike Larsen - Impostor — Polluting Tor Metadata

DEF CON 22 [Materials] Speeches from the Hacker Convention.

Play Episode Listen Later Dec 12, 2014


Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/Larsen-Vedaa/DEFCON-22-Mike-Larsen-Charlie-Vedaa-Impostor-Polluting-Tor-Metadata.pdf Impostor — Polluting Tor Metadata Charlie Vedaa Mike Larsen Just using Tor can bring the cops to your door. While the security community was busy scolding the Harvard bomb threat kid for his poor OPSEC, this ugly revelation was largely ignored. Malware authors are doing their part to remedy the situation; by adding thousands of infected hosts to the Tor network, they're making Tor traffic more common, and making dragnet investigation techniques less viable. But the hackers need to step up and help too. By taking advantage of weak detection techniques in security tools, fake Tor traffic can be injected with some simple JavaScript. We'll show how easy it is to fool open source monitoring tools, and present a variety of options for testing your closed source gear. In this fast-paced talk we'll cover how Tor traffic is detected, how false positives can be generated, and how you can help fight for anonymity on the Internet. Charlie Vedaa, CCIE #7502, is a fork and spoon operator for the US government. He's living proof that they'll let anyone speak at DEF CON, BSidesLV, Notacon, and HOPE. Twitter: @charlievedaa Mike Larsen is the world's dopest application security consultant. He's a Don Juan, lover, Lothario, straight up out the EFNET barrio.

Akamai - Security Podcast
Security Kahuna Podcast, Episode 2

Akamai - Security Podcast

Play Episode Listen Later Aug 11, 2014 29:24


Bill Brenner, Martin McKeay, Dave Lewis and some special guests report from Las Vegas during Black Hat, BSidesLV and DEF CON 2014.

Liquidmatrix Security Digest Podcast
Liquidmatrix Security Digest Podcast - Episode 3F

Liquidmatrix Security Digest Podcast

Play Episode Listen Later Jul 17, 2014 51:31


Episode 0x3F Last one before Summer Security Camp Pretty much everyone is drowning under piles of wtf and omfg diaf. But we promised you we'd be back and this time we're pretending we care. Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary Police Dog Sniffs Out Child Porn Hard Drives News about the news - the WaPo launches it's own wiki-leaks-esque platform Rogers Releases New Policy on Disclosing Subscriber Information UN human rights report blows apart governments’ pro-surveillance arguments Breaches HotelHippo.com Closes after Data Leak Lastpass doesn't think it got breached SCADA / Cyber, cyber... etc Senate "Intelligence Committee" approves cybersecurity bill. If you read Boing Boing, the NSA considers you a target for deep surveillance The NSA Revelations All in One Chart DERP Congress in middle of Hollywood copyright clash with Silicon Valley from listener Marco Tietz Mailbag / Deep Dive We're coming up to Summer Security Camp in Vegas. Some thoughts on how to survive - and even prosper - while retaining your mind. Briefly -- NO ARGUING OR DISCUSSION ALLOWED Plain Text Offenders - one of many Tumblrs to follow Putting the TOR back in Torrent Telehash Australian bill will put journos in prison for 10 years for reporting leaks Liquidmatrix Staff Projects -- gratuitous self-promotion The Security Conference Library Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time. If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Speaking at RSA Asia next week, Attending Black Hat/Defcon (goon) and BSidesLV, BSides Cape Breton as keynote and will be speaking at 44CON, Sector and BSides Toronto is coming. James: - Blackhat, DEF CON, Derbycon, BSides Toronto, Sector - dunno where else... somewhere I suppose Ben: - Staying at home - cause baby Matt: - If you see me, call me. I'm lost. Perhaps I'll be in Las Vegas. Wil: -  Other LSD Writers: - We added another one. Trying to clean up our image. Say hi to Bill - yes, that Bill. Advertising - pay the bills... Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! Or do the math and figure out if 5% off a course would be a better deal with "Liquidmatrix_5" Closing Thoughts Seacrest Says: Viva Las Vegas!!!! Creative Commons license: BY-NC-SA

Liquidmatrix Security Digest Podcast
Liquidmatrix Security Digest Podcast - Episode 3E

Liquidmatrix Security Digest Podcast

Play Episode Listen Later Jul 4, 2014 65:18


Episode 0x3E HAPPY $COUNTRY JULY PAID DAY OFF We're back. Reasons shall be enumerated. And so forth. Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary cryptolocker extortionists use bitcoin for less traceable blackmail payments, extortion payments visible in the blockchain till it goes through a mixer. crime pays Harper - Canada needs NSA lite because protesters More details on the Hacking Team spying software. Los Angeles Police Department Kept User ID and Password to “Big Data Policing” Software on Office Whiteboard, Incidentally Broadcast to CNN Viewers During Interview (UK gov/World Cup) Breaches Benjamin F. Edwards Co. Discloses Data Breach Affecting Customers DDoS Attack Puts Code Spaces Out of Business Feedly Suffers Extortion Related DDoS Attack SCADA / Cyber, cyber... etc The Akamai State of the Internet Report Deloitte Global Defense Outlook 2014 OpenSSL roadmap - we're going faster now DERP Austria prosecutes a TOR node operate - forgets about other common carriers CASL means no more security notifications Microsoft steals no-ip's domain Mailbag Hi guys, Where the fuck have you been? Sincerely, The Internet PS Can we have your domain name if you're not using it anymore? Briefly -- NO ARGUING OR DISCUSSION ALLOWED Awesome Sysadmin: A curated list of sysadmin resources Goals are for losers iOS 8 is Randomizing MAC Addresses Passwords Liquidmatrix Staff Projects -- gratuitous self-promotion The Security Conference Library Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time. If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Speaking at RSA Asia, Defcon, Black Hat, BSidesLV, Speaking at BSides Cape Breton, Speaking at 44CON, BSides Toronto, Speaking at Sector James: - Lots of work travel, Black Hat, DEF CON, BSidesLV, BSides Toronto, Speaking at Sector Ben: - Diaper changing Matt: - Seacrest OUT Wil: - Maybe painting the bathroom before DefCon and Burning Man. Other LSD Writers: - At least someone is blogging Advertising - pay the bills... Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! Or do the math and figure out if 5% off a course would be a better deal with "Liquidmatrix_5" Closing Thoughts Seacrest Says: "Look at that subtle off-white coloring. The tasteful thickness of it. Oh, my God. It even has a watermark." Creative Commons license: BY-NC-SA

Paul's Security Weekly
Interview with Kat Sweet - Episode 363, Part 1 - Febuary 20, 2014

Paul's Security Weekly

Play Episode Listen Later Feb 22, 2014 26:26


Kat Sweet is a geek-of-all-trades: maker, musician, ham (call sign K7FTW), and firm advocate of NSFW 3D printing. She presented on the latter, giving a talk titled "The Sensual Side of 3D Printing" at BSidesLV and SkyTalks in 2013. She can be followed on twitter at @TheSweetKat.

3d printing bsideslv kat sweet skytalks
Paul's Security Weekly TV
Episode 353: Guest Interview with Kat Sweet

Paul's Security Weekly TV

Play Episode Listen Later Feb 20, 2014 26:29


Kat Sweet is a geek-of-all-trades: maker, musician, ham (call sign K7FTW), and firm advocate of NSFW 3D printing. She presented on the latter, giving a talk titled "The Sensual Side of 3D Printing" at BSidesLV and SkyTalks in 2013.

BizSec Podcast
BizSec Podcast: Unconventional Risk Vectors

BizSec Podcast

Play Episode Listen Later Aug 26, 2013 33:41


Each episode we’re going to be talking about information security and technology security issues that matter to business, not just the technologists. Our theme this episode is unconventional risk vectors – risks you might not normally consider, but that could be something to look out for. In this episode we catch up on the three major security conferences in Vegas that happened earlier this month: BlackHat, DEF CON and BSidesLV. There were some interesting talks there, including research done on the computer systems that actually control your cars, medical devices and a hack that can get access to your mobile phone just by plugging it into a charger. We also talk about the Syrian Electronic Army (SEA) takeover of Twitter and New York Times, research on USB modems, fundamental flaws in Android, the “internet of things” and paper-based data breaches. For more detail visit our show notes: http://www.bizsecpodcast.com/2013/09/09/business-security-podcast-unconventional-risk-vectors/

Paul's Security Weekly
Andrew Righter, Banasidhe on BSidesLV, Drunken Security News - Episode 330 - May 2, 2012

Paul's Security Weekly

Play Episode Listen Later May 6, 2013 88:23


After 5 years of diving into the Security world head first, Andrew has finally come up bruised, beaten and a little less stupid. Like most hackers, he has ripped apart, modified and rewritten every electron and every bit possible - and under proper supervision has even gotten to play with a few really expensive toys. He now spends his time bootstrapping his DARPA CFT project (Netoko), hacking automotive networks (GoodThopter), or playing with academics as a Visiting Scholar at the University of Pennsylvania.

SecuraBit
SecuraBit Episode 118: The Conference Classic

SecuraBit

Play Episode Listen Later May 2, 2013 26:35


Hosts Chris Gerling – @secbitchris Andrew Borel – @andrew_secbit Mike Bailey –@mpbailey1911 Guests Banasidhe - @banasidhe Topics THOTCON http://www.thotcon.org/ BSides Las Vegas http://www.securitybsides.com/w/page/57632393/BSidesLV2013 Shout out to Tenable, Trustwave, and Risk I/O for sponsoring it! U.S. Army Corps of Engineers’ Dam database breached http://www.wired.com/threatlevel/2013/05/hacker-breached-dam-database/ U.S. Department of Labor hack http://labs.alienvault.com/labs/index.php/2013/u-s-department-of-labor-website-hacked-and-redirecting-to-malicious-code/ BitCoin RVASec http://rvasec.com/ CTF Hackers in Uganda: A Documentary http://www.kickstarter.com/projects/1456247168/hackers-in-uganda-a-documentary SECore.info https://secore.info/ Use Our Discount Codes Use code SecuraBit_05 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats. Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_05 The training event takes place in Washington, DC – June 15-22, 2013. Upcoming events http://www.secore.info Links http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabit iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405 iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit
SecuraBit Episode 110: We can do Science!

SecuraBit

Play Episode Listen Later Sep 14, 2012 73:53


Hosts Chris Gerling – @secbitchris Chris Mills - @thechrisam Andrew Borel – @andrew_secbit Mike Bailey – @mpbailey1911 Nichoals Berthaume - @nberthaume Guests AP Delchi - http://bsideslv.com/sciencefair/ - Submit your idea through your local hackerspace and represent! This is an excellent opportunity to start new hackerspaces or make existing ones even better! Topics Science Fair! Bitcoin Hack GovDeals News ItemsDropbox’s Two-Step Authentication Out of Beta, Enable It Now to Further Secure Your Datahttp://lifehacker.com/5938341/dropboxs-two+step-authentication-out-of-beta-enable-it-now-to-further-secure-your-dataHere’s Everywhere You Should Enable Two-Factor Authentication Right Nowhttp://lifehacker.com/5938565/heres-everywhere-you-should-enable-two+factor-authentication-right-nowHow Secure Are You Online: The Checklisthttp://lifehacker.com/5938980/how-secure-are-you-online-the-checklist‘Degrade, Disrupt, Deceive’: U.S. Talks Openly About Hacking Foeshttp://www.wired.com/dangerroom/2012/08/degrade-disrupt-deceive/Toyota Contractor Accused of Sabotaging Company Network, Stealing Datahttp://www.wired.com/threatlevel/2012/08/toyota-alleges-sabotage/Hackers Release 1 Million Apple Device IDs Allegedly Stolen From FBI Laptophttp://www.wired.com/threatlevel/2012/09/hackers-release-1-million-apple-device-ids-allegedly-stolen-from-fbi-laptop/Another reason to not use floating unregulated currencieshttp://nakedsecurity.sophos.com/2012/09/06/bitcoin-exchange-floored-in-virtual-bank-robbery-250000-stolen-in-security-lapse/http://www.wired.com/images_blogs/dangerroom/2012/09/torturebox.pngUse Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info https://secore.info/upcoming_conferences_feed.rss Links http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit
SecuraBit Episode 109: Hercules had a Z800!

SecuraBit

Play Episode Listen Later Aug 22, 2012 54:21


Hosts Chris Gerling – @secbitchris Chris Mills - @thechrisam Andrew Borel – @andrew_secbit Mike Bailey – @mpbailey1911 Guests Phil Young - @mainframed767 - http://mainframed767.tumblr.com/ Topic Crisis Malware Z800 For Sale Citrix AV Talk - Primary vs Secondary Technology Mainframes and TSO Brute News Items Blizzard Hacked http://us.blizzard.com/en-us/securityupdate.html backtrack 5 r3 released http://thehackernews.com/2012/08/backtrack-5-r3-released-download-now.html Use Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info https://secore.info/upcoming_conferences_feed.rss Links http://www.richsec.com http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit
SecuraBit Episode 105: Flaming Bluetooth Penetration!

SecuraBit

Play Episode Listen Later Jun 6, 2012 88:46


Hosts Chris Gerling – @secbitchris Chris Mills - @chrisam Andrew Borel – @andrew_secbit Mike Bailey – @mpbailey1911 Guests Jason Andress - @jason_andress Ronin - @r0wnin Topics APT and Penetration Testing Bluetooth Hacking and Reconnaissance News ItemsGoogle Warning Users About State-Sponsored Attacks | threatposthttp://m.threatpost.com/en_us/blogs/google-warning-users-about-state-sponsored-attacks-060512Apple Releases Guide To iOS Security - TechCrunchhttp://m.techcrunch.com/2012/06/04/apple-releases-guide-to-ios-security/FlameA Massive Web of Fake Identities and Websites Controlled Flame Malwarehttp://www.wired.com/threatlevel/2012/06/flame-command-and-control/Spy malware infecting Iranian networks is engineering marvel to beholdhttp://arstechnica.com/security/2012/05/spy-malware-infecting-iranian-networks-is-engineering-marvel-to-behold/Meet ‘Flame,’ The Massive Spy Malware Infiltrating Iranian Computershttp://www.wired.com/threatlevel/2012/05/flame/StuxnetReport: Obama Ordered Stuxnet to Continue After Bug Caused It to Spread Wildlyhttp://www.wired.com/threatlevel/2012/06/obama-ordered-stuxnet-continued/Confirmed: US and Israel created Stuxnet, lost control of ithttp://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/Words to Avoid Online If You Don't Want to Join the Government's Watch List http://lifehacker.com/5913945/words-to-avoid-online-if-you-dont-want-to-join-the-governments-watch-listUse Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info Links http://www.rvasec.com http://www.richsec.com http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit
SecuraBit Episode 62: Visualizing Data with NetWitness

SecuraBit

Play Episode Listen Later Aug 1, 2010 57:52


SecuraBit  Episode 62: Visualizing Data with NetWitnessHosts:Anthony Gartner – @anthonygartner http://anthonygartner.comChris Gerling  – @chrisgerlingChristopher Mills – @thechrisamAndrew Borel –  @andrew_secbitGuests:Eddie Schwartz - @eddieschwartzGeneral topics:BSidesLV http://www.securitybsides.com/BSidesLasVegasBlackHat https://www.blackhat.com/html/bh-us-10/bh-us-10-home.htmlDefcon https://www.defcon.org/html/defcon-18/dc-18-schedule.htmlShmoocon Woot Video http://www.youtube.com/watch?v=HJ0ypgZU_D0NetWitness Visualize http://visualize.netwitness.com/Brief panel on certifications.iPhone App Now Available. http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8http://itunes.apple.com/us/podcast/securabit/id280048405Upcoming eventsSouth Florida ISSA’s Hack the flag and chili cook-off  Saturday August 14, 2010 from 12:00pm - 5:00pmhttp://sfissa.org/index.php/sfissa-mm-events/htf-main/85-hack-the-flag-2010Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14thLinks:http://securabit.comChat with us on IRC at irc.freenode.net #securabitiTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit
SecuraBit Episode 61: Reverse Engineering Malware with a Spider Monkey

SecuraBit

Play Episode Listen Later Jul 22, 2010 64:28


SecuraBit Episode 61: Reverse Engineering Malware with a Spider Monkey Hosts: Christopher Mills – @thechrisam Andrew Borel –  @andrew_secbit Tim Krabec – @tkrabec http://www.SMBMinute.com Nicholas Berthaume -- @nberthaume https://www.bordergatewayprotocol.net Anthony Gartner – @anthonygartner http://anthonygartner.com Guests: Guest: Lenny Zeltser - @lennyzeltser http://zeltser.com/ General topics: Reverse Engineering Malware New Linux Distro to analyze malware REMnux: A Linux Distribution for Reverse-Engineering Malware http://zeltser.com/remnux/ Based on Ubuntu Released just 5 days ago - July 8, 2010 2500 Downloads so far VMWare appliance Live Distro going out to Source Forge soon Enlightenment as window manager, (no gnome or kde) Just what you need to do the analysis Lightweight as possible Tools Emulate Services Allow malware to interact with your own resources how does it differ from CW Sandbox Determine the signs of comprise to compare with your production environment JS Unpack Since it is an Ubuntu distro, you can roll a custom version for your environment or lab. Intrigrrated into the Reverse Engining Malware course from SANS SANS Digital Forensics Summit The state of people relying on only antivirus for protection. The innovator's dilemma http://www.amazon.com/Innovators-Dilemma-Revolutionary-Business-Essentials/dp/0060521996 Microsoft Security Essentials http://www.microsoft.com/security_essentials/ http://www.sans.org/vlive/ Forensics 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques SANS vLive! FOR610 - 201001 - Monday, July 26, 2010 - Thursday, August 26, 2010 http://www.sans.org/vlive/details.php?nid=20668 Upcoming events: BSidesLV http://www.securitybsides.com/BSidesLasVegas BlackHat https://www.blackhat.com/html/bh-us-10/bh-us-10-home.html Defcon https://www.defcon.org/html/defcon-18/dc-18-schedule.html Tim is speaking http://defcon.org/html/defcon-18/dc-18-speakers.html#PanelHTF Tim is also doing a skytalks schedule http://sudux.com/skytalks_web.jpg Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th South Florida ISSA’s Hack the flag and chili cookoff  Saturday August 14, 2010 from 12:00pm - 5:00pm http://sfissa.org/index.php/sfissa-mm-events/htf-main/85-hack-the-flag-2010 These are the upcoming security cons and where you can find those of us that will be attending starting in less than two weeks. Links: Chat with us on IRC at irc.freenode.net #securabit