Episode 0x25 — The one with ALL the cybers
We’re not sure why this keeps happening.
As is the new normal around here, we’ve spent more time arguing about the show instead of actually doing the show. Add to that Dave’s issues with (a)using a computer, and (b)having a decent ISP. It took a whole lot of goofing about to get this episode into the realm of “listenable”. But hey, it’s done now. Enjoy!
- Upcoming this week…
- Lots of News
- Breaches
- SCADA / Cyber, cyber… etc.
- finishing it off with DERPs/Mailbag and
- THE DEEP DIVE
- Our new weekly Briefs – no arguing or discussion allowed
And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- Krebs gets whacked And does some digging
- Forbes magazine internet thingy talks about cracking crypto (so does Sophos) (and a lawsuit on the use of RC4 – so another reason to stop using it)
- Hacked retailers up in arms over $13 million ‘fine’, Visa lands up in court
- It’s Kali Time
- MCMC probes The Malaysian Insider over spyware story
- The Breach Report
- Second Factor FTW
- Philippines National Telecom Commission Defaced by Anon
- CCTV hack wins gamblers $33*10^6 (cue Ocean’s 11/12/13)
- SCADA / Cyber, cyber… etc
- You Say: Cyber. I Say: Unsubscribe
- North Korea restores Internet access, blames US hackers
- Queensland police to use surveillance drones to combat crime ahead of G20 conference
- Federal Judge Finds National Security Letters Unconstitutional, Bans Them
- NERC 2012 Annual Report (pdf)
- Medical device hacking: The 6 lines of code that could bring down a hospital
- US Cyber Command Admits Offensive Cyberwarfare Capabilities, Fundamental Shift In US Doctrine
- U.S. Demands China Crack Down on Cyberattacks
- Who’s Really Attacking Your ICS Devices?
- DERP
- Mailbag / Bizarro Land
- Question:
Anyway, anyway, guys guys guys, come on. I’m in this computer, right. So I’m looking around, looking around, you know, throwing commands at it, I don’t know where it is or what it does or anything. It’s like, it’s like choice, it’s just beautiful, okay. Like four hours I’m just messing around in there. Finally I figure out, that it’s a bank. Right, okay wait, okay, so it’s a bank. So, this morning, I look in the paper, some cash machine in like Bumsville Idaho, spits out seven hundred dollars into the middle of the street.
That was me. That was me. I did that.
- Answer:
What are you, stoned or stupid? You don’t hack a bank across state lines from your house, you’ll get nailed by the FBI. Where are your brains, in your ass? Don’t you know anything?
- The Deep Dive – Security Research and the Law
- Briefly – NO ARGUING OR DISCUSSION ALLOWED
- The Matrix in less than 600 bytes of JavaScript
- Branching breach impact model
- Top 10 Web Hacks of 2012 Webinar (Matt is hosting it with Jeremiah Grossman)
- Hackers play Space Invaders on Belgrade billboard, get rewarded with iPads.
- Microsoft to push Windows 7 Service Pack 1 to users starting March 19
- Liquidmatrix Staff Projects
- The Liquidmatrix Vegas Party- We threatened more news. There will be passes distributed. You can beg your way onto the list by sending an email to vegas2013party@liquidmatrix.org.
- The BSidesLV Ticket Give-away-
Three tickets up for grabs:
- best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
- best rap song about a major breach
- best poem describing a vendor DERP
Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I’d suggest you start buying a vote early. Email your submission to bsideslv2013@liquidmatrix.org
- The Security Conference Library
- Contribute to the Strategic Defense Execution Standard (#SDES) and you’ll be Doing Infosec Right in no time.
- If you’re interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
- Upcoming Appearances: James speaking at Thotcon, BSidesChicago, BSidesRochester and Training (with Rich Mogull) at BHUSA. Dave will be at Secure Dusseldorf, Infosecurity Europe, Black Hat, DEF CON, Secure Asia
- In Closing
- Movie Review Hackers
- everyday is CTF! go set up a team
- Signing up for a SANS course? Be sure to use the code “Liquidmatrix_150” and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
- Seacrest Says: Dave says “screw you Cogeco”
Download the MP3
Listen:
Subscribe to us using plain old
Also, we’re now available through
Creative Commons license: BY-NC-SA