Take 1 Security Podcast: Episode 9

  • Sorry about the audio last week; wireless headsets don’t compare to the Yeti

  • The CIA is focusing on cyberespionage in its new management

  • Anthem is refusing an audit by the OIG office–an org that audits health care groups that provide services to federal employees

    • Nothing says I’m guilty like refusing an audit

    • Reminds me of the Russians refusing the crash investigation in Game of Cards

  • There’s been a possible credit card breach at the Mandarin Oriental hotel chain

    • The incident was reported by Brian Krebs

  • Three people were indicted in the Epsilon hack

    • Resulted in around 1 billion email addresses being stolen

  • Dave Aitel thinks junk hacking is a waste

    • Basically hacking your blender or whatever

    • In my opinion he’s missing the point that most conferences are like this

    • I think there’s a hierarchy of talks

      • Create new defense tool based on new defense idea

      • Create new defense idea

      • Create new attack tool based on new attack idea

      • Create new attack idea

      • Create new tool for existing attack or defense idea

      • Describe existing attack or defense idea

  • Microsoft has reported it’s vulnerable to FREAK as well, making it even more serious

    • FREAK has proved to be less alarming than previous SSL vulns simply because of the difficulty of attack


Play Podcast


  1. I think I’m going to standardize the intro and outro so that I only end up recording the actual story content each week.

  2. Any recommendations on what else you’d like to see would be appreciated.

Related posts: