Liquidmatrix Security Digest Podcast – Episode F

Episode F — Aboot that

it’s not a boot, it’s just a really big shoe

Matt won’t be joining us tonight, it’s Ben’s fault. A quick shout out to Jimmy Vo, you will need approximately 15 or F shot glasses for this episode.

Aboot, Aboot, Aboot, Aboot!

And tonight, let us regale you with tales of:

1. More Malware
2. Less Malware
3. The SSL monsters
4. Ry-Hi
5. Twitter
6. GoDaddy
7. Breaches
8. SCADAs
9. …and then our discussion topic – what happens after the bad thing happens

And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.

In this episode:

• News

1. Blackhole 2.0 is out (aboot!)
2. Microsoft takes on Nitol (aboot!)
3. A story Aboot more SSL weaknesses, let’s introduce you to the CRIME attack
4. Aboot getting more skilled at Ryerson – there’s a Rainbow in Toronto for a Certificate in Computer Security and Digital Forensics
5. Twitter bows to subpoena, releases Occupy protester’s tweets
6. GoDaddy, everyones favourite SOPA supporters goes down
• Breaches
1. Miami hospital hit by second patient breach this year
2. Ankit Fadia gets hacked
• The SCADAs
1. If Congress and the Senate can’t do it – by gosh, the PRESIDENT will — Executive Order on Cyber Security in the works?
2. Interesting little bit on the side of Digital Bond’s website… “Schneider Has Not Removed Modicon FTP Backdoor Account In 2101 days”
• Errata
1. Every vendor that has been sitting on a known vuln for more than 1000 days. Jerks.
• Commentary

1. Foot In The Door – Aboot Investigations
• corporate policy
• lawyers are your friends
• purpose of the investigation (knowledge or action)
• http://it.toolbox.com/blogs/securitymonkey/
• http://www.sleuthkit.org/
• http://www.guidancesoftware.com/
2. Hardcore
• Defensible Methods
• Chain of Custody
• Judgement Day

• Mailbag / Bizarro Land

1. There is this website where I noticed that they display your login details after offering a quote in plaintext, ie. they display your username and a password on a http:// connection. So I called their call center and spoke with the manager, yeah, she will relay that information (but I kinda got the impression that she didn’t understand what the problem is). Nothing happens for weeks. After maybe 2 months I go back to check and here you go, my username with password are still shown in plaintext on the site. So I sent them an email, clearly marked “to IT or IT security something” explaining it a little bit more technical. Nothing happens again. Since I raised the original issue, about 4 months have passed.

   The question is now – is it worth pursuing this further?

   Cheers

   T

   PS: Should anyone of you guys be once in London, pls ping me and I buy you a beer! Or two?

2. Ben says: http://www.ico.gov.uk/
• In Closing
1. We do research too – Ben’s running a survey and will publish results. Check it out!
2. The Security Conference Library — is a copy of the conferences amassed by @helpmerob and we’re adding more. If you’ve got pix/pdfs/slides/code/video of a security conference and you want to add to an attempt at the largest/bestest/least dickish security conference library — send us a note (mailbag) and we’ll take your bits and file them. (NOTE: much is stored at http://myrcurial.com/conferences but you can totally trust that guy)
3. If you’re interested in helping out with openCERT.ca, drop a line to info@openCERT.ca
4. Three Quarters of Liquidmatrix (with some Securosis added in) are doing a panel at SecTor If you’re thinking of attending SecTor 2012, grab 10% off with discount code “liquidmatrix-2012” or if you can only make it to the expo floor, grab a free expo pass with code “liquidmatrix-Expo2012”
5. Vote Dave for ISC2 Board Ballot!
6. The Seacrest says “’Aboot’ to Jimmy Vo, ‘Shana Tova’ or to our non-Jewish friends, that means ‘have a good new year’ and it’s time to party like it’s 5772 and then get yourself up and off to work because 5773 is going to be WILD.”

Download the MP3

Listen:

Subscribe to us using plain old

Also, we’re now available through

Creative Commons license: BY-NC-SA