Liquidmatrix Security Digest Podcast – Episode 2B

Episode 0x2B — Or !2b

Nothin that we can’t fix

Infosec news is pretty light this week. Let’s have a good start for year two of Liquidmatrix Security Digest Podcast.

1. Upcoming this week…
2. Lots of News
3. Breaches
4. SCADA / Cyber, cyber… etc.
5. finishing it off with DERPs/Mailbag and
6. There will be a DEEP DIVE
7. And there are weekly Briefs – no arguing or discussion allowed

And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.

In this episode:

• News and Commentary
1. Microsoft seizes malware search domains
2. Jude says child porn suspect does not need to decrypt his files…

Or maybe yes he does.

3. The Chinese hack Israel
4. Hetzner web hosting service hacked
• Breaches / Cyber / DERP
1. Wired says NSA is on all Verizon calls
2. Meet PRISM and 9 big internet companies
3. EFF’s handy timeline
4. Tech Companies Concede to Surveillance Program
5. Boundless Informant: the NSA’s secret tool to track global surveillance data
6. Director of National Intelligence declassifies PRISM info to clear up ‘inaccuracies’
7. Why Canadians Should Be Demanding Answers About Secret Surveillance Programs
8. It’s in Canada too – Data-collection program got green light from MacKay in 2011
9. Whistleblower / future rendition candidate
10. Why Prism kills Cloud (wow, wtf is wrong w/ people)
11. More Links
• Briefly – NO ARGUING OR DISCUSSION ALLOWED
1. Google Upping their XSS Bounty on a few key domains. $7,500
2. Let’s all weigh in on how these thugs are steeling cars…
3. Modern IE – browsers + HTML = weirdness
4. Bradley Manning trial transcripts
5. Using lotsa data to make web apps secure
6. No security without maturity
7. O Hai – I haz new job
• Liquidmatrix Staff Projects
1. The Liquidmatrix Vegas Party- You’ve asked when and where – that’d be “We don’t know yet” and “The week of Blackhat/BSides/DEFCON”. You can beg your way onto the list by sending an email to vegas2013party@liquidmatrix.org.
2. The BSidesLV Ticket Give-away-

   Three tickets up for grabs:

   • best original piece of artwork incorporating a security rock star; bonus points for using a unicorn
   • best rap song about a major breach
   • best poem describing a vendor DERP

   Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I’d suggest you start buying a vote early. Email your submission to bsideslv2013@liquidmatrix.org

3. The Security Conference Library 
4. Contribute to the Strategic Defense Execution Standard (#SDES) and you’ll be Doing Infosec Right in no time.
5. If you’re interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
6. Upcoming Appearances: James Training (with Rich Mogull) and Matt Speaking at BHUSA. Dave will be speaking at SC Congress Toronto and attending Black Hat, DEF CON, Secure Asia in Manila and Security Congress 2013. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013’s return of the (canadian) fail panel.
• In Closing
1. Movie Review Enemy of the State
2. everyday is CTF! go set up a team
3. Signing up for a SANS course? Be sure to use the code “Liquidmatrix_150” and save $150 off the course fee! And Liquidmatrix_5 for 5% off a course
4. Seacrest Says: Hi NSA, I didn’t mean all those things I said about you in private

Download the MP3

Listen:

Subscribe to us using plain old

Also, we’re now available through

Creative Commons license: BY-NC-SA