T1SP: Episode 31

March 13, 2016

[ Subscribe to the Podcast: iTunes | Android ]

News

[ ] FBI saying it will force Apple to hand over source code and signing ability if they don’t comply | http://thehackernews.com/2016/03/fbi-apple-iphone.html
[ ] Locky ransomware campaign, JS downloader
[ ] X11 forwarding issue in OpenSSH, update now
[ ] Seagate Phish Exposes All Employee W-2’s
[ ] Apple acquired firmware security company LegbaCore last November
[ ] Over 40% of firms don’t know where their data is | http://www.v3.co.uk/v3-uk/news/2449565/almost-half-of-firms-do-not-know-where-their-data-is-stored
[ ] Palo Alto Firewalls Can’t Update on Leap Day | https://danielmiessler.com/blog/palo-alto-firewalls-cant-update-on-leap-year-day/
[ ] DROWN Attack Vulnerability | https://danielmiessler.com/blog/drown-ssl-attack/
[ ] San Bernadine Coins “Lying Dormant Cyber Pathogen” Infosec twitersphere freaks out
[ ] Rapid7 launches InsightIDR, which is some soft of IR Platform
[ ] SQL server on Linux
[ ] Google hires 4Chan founder to fix Google+
[ ] If you make enterprise hardware, prepare to get worried | http://www.businessinsider.com/werner-vogels-amazon-builds-it-own-tech-2016-3

Ideas, updates, and discussion

[ ] Discussion with Sam Harris on encryption
[ ] Out of band (phone) passwordless systems are going to make it much more interesting to hack your phone carrier; we’ll need to set up some sort of alert for if your phone number is changed; I recommend you enable all alerts for account changes
[ ] We Need a Socialist Correction, Not Socialism | https://danielmiessler.com/blog/we-need-a-socialist-correction-not-socialism/
[ ] Amazon Echo Attack That Could Cross the Bridge Between Consumer and Industrial
[ ] Google Team Study | http://www.nytimes.com/2016/02/28/magazine/what-google-learned-from-its-quest-to-build-the-perfect-team.html?_r=0
[ ] RSA Analysis | https://danielmiessler.com/blog/rsa-2016-analysis/

Tools, talks, and projects

[ ] DNSPop | https://github.com/bitquark/dnspop
[ ] Glass reflections in Windows OSINT | http://blog.ioactive.com/2014/05/glass-reflections-in-pictures-osint.html
[ ] Let’s code a TCP/IP stack: http://www.saminiir.com/lets-code-tcp-ip-stack-1-ethernet-arp
[ ] IRM | https://github.com/certsocietegenerale/IRM
[ ] DCEPT | Active Directory Honeytoken Tripwire
[ ] HTCAP | Recursive Web Application Scanner (Crawls SPAs in a recursive manner by intercepting Ajax calls and DOM changes)
[ ] Lumpy | Open Source Big Data and Visualization
[ ] Fenrir | Linux/Unix/OSX IOC scanner
[ ] Sonar | DNS reconnaissance tool for finding subdomains
[ ] Firmadyne | Linux Embedded Firmware Dynamic Analysis

Announcements

Miscellaneous

[ ] Eating chocolate associated with improved brain function | Eating chocolate is associated with improved brain function
[ ] Poor sleep gives you the munchies | Poor Sleep Gives You the Munchies, Study Says

[ Subscribe to the Podcast: iTunes | Android ]

The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.