SecuraBit
SecuraBit Before It Bytes!

Hosts

Guests

Topics

  • Cybersecurity Startups and Accelerators featuring MACH37
    • Northern Virginia based startup accelerator
    • 17 cohorts thus far
  • How tough it can be to start your own product company
  • Pitfalls and lessons learned through assisting cohorts through their founding stages

Use Our Discount Codes

  • Use code SANS_SecuraBit150 to get 150 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • Register for any SANS Security East 2015 course and receive $150 off using coupon code “SANS_SecuraBit150”. The training event takes place in New Orleans, LA –Jan 16 – 21, 2015.

Upcoming events

Links

  • www.gh0st.net/wiki - 24/7 Penetration Testing learning environment, FREE.
    • Volunteers sought to help maintain and build challenges. Local to RVA a plus!

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

 

 

Direct download: SecuraBit_EP130.mp3
Category:general -- posted at: 11:28am EDT

Hosts

Guests

Topics

Use Our Discount Codes

  • Use code SANS_SecuraBit150 to get 150 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • Register for any SANS Network Security 2014 course and receive $150 off using coupon code SANS_SecuraBit150. The training event takes place in Las Vegas, NV – Oct 19-27, 2014.

Upcoming events

Links

  • www.gh0st.net/wiki - 24/7 Penetration Testing learning environment, FREE.
    • Volunteers sought to help maintain and build challenges. Local to RVA a plus!

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

 

 

Direct download: SecuraBit_EP129.mp3
Category:general -- posted at: 6:45am EDT

Hosts

Topics

  • Chicago ATC Fire
  • Scorpion
  • Shellshock

Use Our Discount Codes

  • Use code SANS_SecuraBit150 to get 150 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • Register for any SANS Network Security 2014 course and receive $150 off using coupon code SANS_SecuraBit150. The training event takes place in Las Vegas, NV – Oct 19-27, 2014.

Upcoming events

Links

  • www.gh0st.net/wiki - 24/7 Penetration Testing learning environment, FREE.
  • Volunteers sought to help maintain and build challenges. Local to RVA a plus!

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405




Direct download: SecuraBit_EP128.mp3
Category:general -- posted at: 8:43pm EDT

Join us on this special SecuraByte interview episode with Graham Speake as we discuss Industrial Control Systems and their security!

Hosts

Guests

Topics

  • ICS systems and their criticality
  • Security in ICS
  • Examples of malicious campaigns

Use Our Discount Codes

  • Use code SANS_SecuraBit150 to get 150 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • Register for any SANS Network Security 2014 course and receive $150 off using coupon code SANS_SecuraBit150. The training event takes place in Las Vegas, NV – Oct 19-27, 2014.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast –http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available –http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Register for any SANS Network Security 2014 course and receive $150 off using coupon code “SANS_SecuraBit150”. The training event takes place in Las Vegas, NV – Oct 19-27, 2014.

Direct download: SecuraByte_EP08.mp3
Category:podcasts -- posted at: 4:45pm EDT

May 21st, 2014

Hosts

Guests

Topics

  • Lack of women in Cyber/IT fields. 11% of the cyber workforce consists of women.
  • Addressing the pipeline issues with getting more girls excited about STEM
  • Impostor Syndrome
  • Differences in perception between men and women from an interpersonal standpoint

Use Our Discount Codes

  • Use code SecuraBit5_SANS to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.
  • Register for any SANSFIRE 2014 course and receive 5% off using coupon code SecuraBit5_SANS. The training event takes place in Baltimore, MD – June 21 - 30, 2014.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast –http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available –http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8





Direct download: SecuraBit_EP127.mp3
Category:general -- posted at: 3:31pm EDT

Hosts

Guests

Topics

  • Drones and ARM fun!
  • ArchAssault Linux
    • Kali-like environment with the ability for heavy niche customization and swapping of environments.
    • Modular. Can overlay any part of the distro onto your own Arch Linux installation
    • Bleeding edge packages
    • Great for setting up remote dropboxes via ARM devices
  • IE Exploit
  • Heartbleed wrap-up
  • RVAsec CTF prizes! (Thanks Hak5!)
  • BsidesChicago Post-mortem
  • Upcoming guests!

Use Our Discount Codes

  • Use code SecuraBit5_SANS to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.
  • Register for any SANSFIRE 2014 course and receive 5% off using coupon code SecuraBit5_SANS. The training event takes place in Baltimore, MD – June 21 - 30, 2014.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast –http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available –http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP126.mp3
Category:general -- posted at: 11:03pm EDT

Hosts

 

Guests

Topics

  • NolaCon

    • June 19-22, 2014 in New Orleans, LA

    • Use coupon code “securabit” to get $50 off registration!

  • RVAsec CTF

  • Banter

 

Use Our Discount Codes

  • Use code SecuraBit5_SANS to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANS 2014 course and receive 5% off using coupon code SecuraBit5_SANS. The training event takes place in Orlando, FL – April 5 - 14, 2014.

 

Upcoming events

 

Links

 

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast –http://itunes.apple.com/us/podcast/securabit/id280048405

Direct download: SecuraBit_EP125.mp3
Category:general -- posted at: 5:39pm EDT

SecuraBit Episode 124: We are ALL The Cavalry!

February 19th, 2014

Hosts

Guests

Topics

  • I am the Cavalry

  • Your USB is my Network!

    • No firewalls on networks created via USB/Firewire/Bluetooth/etc ports.

  • NTP can be very dangerous and evil!

    • Everything relies on timing.

 

Use Our Discount Codes

  • Use code SecuraBit_SANS5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANS 2014 course and receive 5% off using coupon code SecuraBit_SANS5. The training event takes place in Orlando, FL – April 5 - 14, 2014.

 

Upcoming events

 

Links

 

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP124.mp3
Category:general -- posted at: 1:10pm EDT

SecuraBit Episode 123: Security Jedi 101

January 15th, 2013

Hosts

Guests

Topics

  • Reducing your attack surface

    • The Java the Challenge – See how many weeks you can go without Java installed

  • Get Focused!

    • Identify: Find the root cause of your top problem

    • Align: Build a project plan and get sponsorship

    • Communicate: Build consensus through awareness

    • Report: Build a scorecard to show results

  • Transition from ineffective processes and philosophies, make technology an enablement tool, not just another tool to misappropriate and be frustrated by.

Use Our Discount Codes

  • Use code SecuraBit_SANS5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANS 2014 course and receive 5% off using coupon code SecuraBit_SANS5. The training event takes place in Orlando, FL – April 5 - 14, 2014.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP123.mp3
Category:general -- posted at: 8:46pm EDT

SecuraBit Episode 122: Risky Bitcoin Insurance!

December 11th, 2013

Hosts

Guests

Topics

  • Risk

    • How are organizations addressing risk?

    • Does tossing money at a problem really help?

  • Bitcoins

    • Mining and security of wallets

    • How it works

  • Liability

    • Who is liable when a car gets hacked and kills someone?

    • Are software vendors liable for their vulnerabilities?

Use Our Discount Codes

  • Use code SecuraBit_SANS5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANS Security East course and receive 5% off using coupon code SecuraBit_SANS5. The training event takes place in New Orleans, LA – January 20 - 25, 2014.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP122.mp3
Category:general -- posted at: 9:36pm EDT

Hosts

Guests

  • SecureDrop (00:00 - 28:45)

  • Bro/Broala (29:00 - Fin)

Topics

Use Our Discount Codes

  • Use code SecuraBit_SANS5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANS CDI 2013 course and receive 5% off using coupon code “SecuraBit_SANS5”. The training event takes place in Washington, DC – December 12 – 19, 2013.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

Direct download: SecuraBit_EP121.mp3
Category:general -- posted at: 11:54am EDT

Hosts

Guests

Topics

  • Securing Change

    • Volunteer time and money to secure nonprofits

  • Bugcrowd

    • Get paid to find vulnerabilities

    • Start a bounty for your own product

News Items

  • Adobe hacked

  • Govt Shutdown

Use Our Discount Codes

  • Use code SecuraBit_5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_05 The training event takes place in Washington, DC – June 15-22, 2013.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

Direct download: SecuraBit_EP120.mp3
Category:general -- posted at: 7:28pm EDT

Hosts

 

Guests

 

Topics

  • BlackArch Linux

    • A complementary expansion to Arch Linux for penetration testers.

 

Use Our Discount Codes

  • Use code SecuraBit_05 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANS CDI 2013 course and receive 5% off using coupon code “SecuraBit_05”. The training event takes place in Washington, DC – December 12 – 19, 2013.

 

Upcoming events

 

Links

 

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

 

Direct download: SecuraBit_EP119.mp3
Category:general -- posted at: 11:02pm EDT

Hosts

Guests

Topics

Use Our Discount Codes

  • Use code SecuraBit_05 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_05 The training event takes place in Washington, DC – June 15-22, 2013.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP118.mp3
Category:general -- posted at: 1:02pm EDT

SecuraBit Episode 117: The Internet is on Fire!

March 27th, 2013

Hosts

Guests

Topics

  • Hack.RVA events, news, and RVAsec badges!

  • CTF is being put together for offline.  Register at http://securabit.com/ctf/

  • Security Awareness training

    • Who should provide more than just basic training?

    • Security Vendors

    • Security focused organizations?

News Items

Use Our Discount Codes

  • Use code SecuraBit_5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.

  • Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_5 The training event takes place in Washington, DC – June 15-22, 2013.

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP117.mp3
Category:general -- posted at: 10:32am EDT

Hosts


Guests


Topics

  • NetIQ
  • Internet History
  • Privacy and Social Media
  • Egypt’s revolution
  • Data management and risk in the cloud
  • Building Automation
  • BacNET protocol dissection
  • Shmoocon, RSA, and upcoming cons!
  • The PenLab is back up!
  • CTF Pre-registration for RVAsec 2013 will be coming soon!


News Items


Use Our Discount Codes

  • Use code SecuraBit_5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats.
  • Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_5 The training event takes place in Washington, DC – June 15-22, 2013.


Upcoming events


Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP116.mp3
Category:general -- posted at: 9:14pm EDT

Hosts

  • Andrew Borel – @andrew_secbit
  • Mike Bailey – @mpbailey1911
  • Jason Mueller - @SecuraBit_Jay


Topics


Use Our Discount Codes

  • Use code SecuraBit_5 to get 5% off of ANY training course. The discount code is good for all SANS courses in all formats.


Upcoming events

Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP115.mp3
Category:general -- posted at: 1:30pm EDT

After nearly 4 years dormant, we're bringing back the SecuraByte!  These are designed to cover things that can't wait for our normal podcast cycle.  In our 7th iteration, we interview Jake Kouns regarding the RVAsec security conference he is organizing in Richmond, VA which will be hosted again at VCU!

Host:

Guest:

What you need to know:

  • RVASec Call for Papers ends February 4th @ 11:59PM.  Get your submissions in now!
  • We expand on some more details regarding the Capture the Flag event that will be at the conference.
  • Forensics training announced today!  Only 12 seats so register now!
  • 2 day conference this year.  Parking and nourishment are included.
  • Registration is open!  If you register by the end of today using coupon code "early" you will save $25!

Links:

Direct download: SecuraByte_EP07.mp3
Category:podcasts -- posted at: 4:54pm EDT

Hosts


Topics

  • News
  • The Lab


News Items (no particular favoritism of non source links)


The Lab

  • CTF at RVASec
  • Lab upgrades and changes.



Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD
  • Use code 36449 for 20% off your Syngress order!


Upcoming events

Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: Securabit_Episode_114.mp3
Category:general -- posted at: 9:14am EDT

Hosts


Guests

  • Christopher Burgess - @burgessct - http://www.burgessct.com/

Topics

  • The state of security in Medical.
  • Social movements.
  • Lab Stuff


News Items


Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • http://www.sans.org/info/119125
  • Use code 36449 for 20% off your Syngress order!


Upcoming events

Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: Securabit_EP113.mp3
Category:general -- posted at: 1:51pm EDT

Hosts


Guests

Topics


News Items


Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD
  • Use code 36449 for 20% off your Syngress order!


Upcoming events

Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: Securabit_EP112.mp3
Category:general -- posted at: 7:42pm EDT

Hosts


Guests

Topics

  • The Glitch
  • Derp


News Items
LastPass Sentry Warns You When Your Online Accounts Have Been Breached
http://lifehacker.com/5944301/lastpass-sentry-warns-you-when-your-online-accounts-have-been-breached

Android Hack: Cracking WiFi passwords with your phone
http://hackaday.com/2012/09/18/android-hack-cracking-wifi-passwords-with-your-phone/

Judge correctly rules WiFi sniffing legal
http://erratasec.blogspot.com/2012/09/judge-correctly-rules-wifi-sniffing.html
http://arstechnica.com/tech-policy/2012/09/sniffing-open-wifi-networks-is-not-wiretapping-judge-says/

Google Acquires Online Malware Scanner VirusTotal
http://lifehacker.com/5941392/google-acquires-online-malware-scanner-virustotal

Chase joins Bank of America in possible Islamic attack outage
http://www.theregister.co.uk/2012/09/19/chase_website_outage/

Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD
  • Use code 36449 for 20% off your Syngress order!

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: Securabit_EP111.mp3
Category:general -- posted at: 5:33pm EDT

Hosts


Guests

  • AP Delchi - http://bsideslv.com/sciencefair/ - Submit your idea through your local hackerspace and represent! This is an excellent opportunity to start new hackerspaces or make existing ones even better!


Topics

  • Science Fair!
  • Bitcoin Hack
  • GovDeals


News Items
Dropbox’s Two-Step Authentication Out of Beta, Enable It Now to Further Secure Your Data
http://lifehacker.com/5938341/dropboxs-two+step-authentication-out-of-beta-enable-it-now-to-further-secure-your-data

Here’s Everywhere You Should Enable Two-Factor Authentication Right Now
http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two+factor-authentication-right-now

How Secure Are You Online: The Checklist
http://lifehacker.com/5938980/how-secure-are-you-online-the-checklist

‘Degrade, Disrupt, Deceive’: U.S. Talks Openly About Hacking Foes
http://www.wired.com/dangerroom/2012/08/degrade-disrupt-deceive/

Toyota Contractor Accused of Sabotaging Company Network, Stealing Data
http://www.wired.com/threatlevel/2012/08/toyota-alleges-sabotage/

Hackers Release 1 Million Apple Device IDs Allegedly Stolen From FBI Laptop
http://www.wired.com/threatlevel/2012/09/hackers-release-1-million-apple-device-ids-allegedly-stolen-from-fbi-laptop/

Another reason to not use floating unregulated currencies
http://nakedsecurity.sophos.com/2012/09/06/bitcoin-exchange-floored-in-virtual-bank-robbery-250000-stolen-in-security-lapse/

http://www.wired.com/images_blogs/dangerroom/2012/09/torturebox.png
Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD
  • Use code 36449 for 20% off your Syngress order!


Upcoming events

Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP110.mp3
Category:general -- posted at: 1:55pm EDT

Hosts


Guests


Topic

  • Crisis Malware
  • Z800 For Sale
  • Citrix
  • AV Talk - Primary vs Secondary Technology
  • Mainframes and TSO Brute


News Items


Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD
  • Use code 36449 for 20% off your Syngress order!


Upcoming events


Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP109.mp3
Category:general -- posted at: 11:39pm EDT

Hosts


Guests


Topics


Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE OnDemand Bundle with corresponding course purchase for SANS Network Security 2012 with code SecuraBit_NS12OD
  • Use code 36449 for 20% off your Syngress order!


Upcoming events

Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP108.mp3
Category:general -- posted at: 6:13pm EDT

Hosts

Guests

Topics

Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC
  • Use code 36449 for 20% off your Syngress order!

Upcoming events

Links

Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_Podcast_Episode_107.mp3
Category:podcasts -- posted at: 11:24pm EDT

Hosts

Guests

Topics

  • TOOOL - The Open Organisation Of Lockpickers http://toool.us/
  • Physical Security and the Three R's
  • New edition of Practical Lockpicking coming soon!

News Items
Coders' Rights At Risk in the European Parliament
https://www.eff.org/deeplinks/2012/06/eff-european-parliament-directive-attack-information-systems

Department of Homeland Security and U.S Navy hacked
http://thehackernews.com/2012/06/department-of-homeland-security-and-us.html

US-CERT discloses security flaw in Intel chips
http://m.csoonline.com/article/708568/us-cert-discloses-security-flaw-in-intel-chips  

FEMA pushes cyber attack game for businesses
http://www.v3.co.uk/v3-uk/the-frontline-blog/2184608/fema-pushes-cyber-attack-game-businesses

United States Department of Defense data leaked by Anonymous hackers
http://thehackernews.com/2012/06/united-states-department-of-defense.html

KeepTheWebOpen.com
http://keepthewebopen.com/digital-bill-of-rights

Attacks Targeting US Defense Contractors and Universities Tied to China
http://threatpost.com/en_us/blogs/attacks-targeting-us-defense-contractors-and-universities-tied-china-061312

10000 Twitter User oauth token hacked and Exposed by Anonymous
http://thehackernews.com/2012/06/10000-twitter-user-oauth-token-hacked.html

Password flaw leaves MySQL, MariaDB open to brute force attack
http://go.theregister.com/feed/www.theregister.co.uk/2012/06/11/mysql_mariadb_password_flaw/


Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE exam attempt with corresponding qualifying course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC (Expires July 6th!)
  • Use code 36449 for 20% off your Syngress order!


Upcoming events


Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP106.mp3
Category:general -- posted at: 12:10pm EDT

Hosts


Guests


Topics

  • APT and Penetration Testing
  • Bluetooth Hacking and Reconnaissance


News Items
Google Warning Users About State-Sponsored Attacks | threatpost
http://m.threatpost.com/en_us/blogs/google-warning-users-about-state-sponsored-attacks-060512

Apple Releases Guide To iOS Security - TechCrunch
http://m.techcrunch.com/2012/06/04/apple-releases-guide-to-ios-security/

Flame
A Massive Web of Fake Identities and Websites Controlled Flame Malware
http://www.wired.com/threatlevel/2012/06/flame-command-and-control/

Spy malware infecting Iranian networks is engineering marvel to behold
http://arstechnica.com/security/2012/05/spy-malware-infecting-iranian-networks-is-engineering-marvel-to-behold/

Meet ‘Flame,’ The Massive Spy Malware Infiltrating Iranian Computers
http://www.wired.com/threatlevel/2012/05/flame/

Stuxnet
Report: Obama Ordered Stuxnet to Continue After Bug Caused It to Spread Wildly
http://www.wired.com/threatlevel/2012/06/obama-ordered-stuxnet-continued/

Confirmed: US and Israel created Stuxnet, lost control of it
http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/


Words to Avoid Online If You Don't Want to Join the Government's Watch List http://lifehacker.com/5913945/words-to-avoid-online-if-you-dont-want-to-join-the-governments-watch-list


Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC
  • Use code 36449 for 20% off your Syngress order!


Upcoming events


Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP105.mp3
Category:general -- posted at: 11:37am EDT

Hosts


Guests

  • Dr. Tran
  • Emwave
  • Professor Farnsworth


News Items


Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC
  • Use code 36449 for 20% off your Syngress order!


Upcoming events


Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP104.mp3
Category:general -- posted at: 6:11pm EDT

Hosts

Guests

  • Tom Eston - @agent0x0
    • Mobile App/Device Security and Security Justice.

Topics

  • Lab
  • Contests
  • Banter

News Items

Use Our Discount Codes

  • Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.
  • FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC
  • Use code 36449 for 20% off your Syngress order!

Upcoming events


Links


Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP103.mp3
Category:general -- posted at: 1:03am EDT

Please join us as we kick it old school with various news and banter, as well as a special interview with Chris Sullo!  Our show notes can be found here.

Direct download: SecuraBit_EP102.mp3
Category:general -- posted at: 3:18pm EDT

Join us as we talk with Robin Wood (@digininja) about his recent survey of IT Security professionals!  Our show notes can be found here:  http://wiki.securabit.com/ShowNotes/EP101

Direct download: SecuraBit_EP101.mp3
Category:general -- posted at: 4:59pm EDT

Join us as we interview Craig Heffner of Tactical Network Solutions regarding the recent WPS vulnerability and his Reaver tool, and as we also interview Harlan Carvey whose latest Windows Forensic Analysis Toolkit book was recently released.  

Our show notes can be found here:  http://wiki.securabit.com/ShowNotes/EP100

 

 

 

Direct download: SecuraBit_EP100.mp3
Category:general -- posted at: 2:52pm EDT

Join us as we interview the CTO of Silicum Security about ECAT, Pascal Longpre! 

Please refer to our wiki for full show notes.

Direct download: SecuraBit_EP99.mp3
Category:general -- posted at: 9:41pm EDT

Please join us as we talk about cybercrime, botnets, and the ever changing internet with special guest Brian Krebs! Our show notes are now on our wiki:  http://wiki.securabit.com/ShowNotes/EP98

Direct download: SecuraBit_EP98.mp3
Category:SecuraBits -- posted at: 6:34pm EDT

In Episode 97 we announced that we'd be sending some preconfigured BT5 boxes to hackerspaces as well as a virtual machine version of this for people to access our community pentesting lab. Currently, there are 15 virtual machines available to be attacked, and we're setting a current target of 15 to 20 users for this [...]
Category:Labs -- posted at: 3:08pm EDT

Please join us as we interview Ron Gula, Co-Founder of Tenable Security!  We also discuss various cyber warfare topics including Al Qaeda hacking, SCADA, and our own Pentesting lab offering for the community and for hackerspaces! http://wiki.securabit.com/ShowNotes/EP97
Direct download: SecuraBit_EP97.mp3
Category:SecuraBits -- posted at: 6:22pm EDT

Join us as we talk about 2011!  Please visit our wiki for full show notes!
Direct download: SecuraBit_EP96.mp3
Category:SecuraBits -- posted at: 4:37pm EDT

Join the crew as they interview special guest Marisa Fagan of SECore! Please visit our wiki for full show notes!
Direct download: SecuraBit_EP95.mp3
Category:SecuraBits -- posted at: 11:03am EDT

Join us as we talk some lab shop with Mike Bailey and the rest of the crew! Please visit http://wiki.securabit.com/ShowNotes/EP94 for our show notes!
Direct download: SecuraBit_EP94.mp3
Category:SecuraBits -- posted at: 6:49pm EDT

Please re-download the Steganography file from the original post.  The first one was corrupted.  It will now export with the proper lowercase key.
Category:SecuraLabs -- posted at: 2:15pm EDT

Join us as we interview Nick Keuning from GFI about their Sandbox solution! Our show notes are now housed on our wiki.  Please visit this link to view them!
Direct download: SecuraBit_EP93.mp3
Category:SecuraBits -- posted at: 5:42pm EDT

This time around we are giving away books! The contest officially starts NOW and will run until 11:59PM on 11/19.  We will announce winners promptly after that. Prizes will be awarded to 1st and 2nd place.  Everyone else who scores any amount of points will be entitled to a free sticker mailed to them if [...]
Category:general -- posted at: 4:16pm EDT

On this episode we had special guest Christofer Hoff on to discuss Cloud and Virtualized security.  We touched on some pretty amazing points and we hope you'll enjoy this show!   Please visit our wiki for full show notes!
Direct download: SecuraBit_EP92.mp3
Category:Compromises -- posted at: 11:53am EDT

Hey folks, This is a wee bit late but we wanted to post the answers to our challenge that we had up before Derbycon.  Fortunately for all, there were enough tickets that nobody actually needed ours. We had a great time meeting folks and talking security, as well as meeting up with you, our valued [...]
Category:general -- posted at: 11:26pm EDT

Please visit our Wiki for full show notes
Direct download: SecuraBit_EP91.mp3
Category:Risk Management -- posted at: 3:30pm EDT

Join us this Friday 9/30 at the Bluegrass Brewing Company @ 10pm eastern time.  Come by and grab a beer, hang out, and let us throw stickers at you! The location is: Bluegrass Brewing Company 2 Theater Sq, Louisville, KY 40202(502) 568-2224  Here are walking directions as well.  It's 0.5 miles to walk it, and [...]
Category:general -- posted at: 4:41pm EDT

  Join us as we interview Saviour Emmanuel Ekiko, author of the Ghost Phisher tool. Show notes are now at our wiki:  http://wiki.securabit.com/ShowNotes/EP90
Direct download: SecuraBit_EP90.mp3
Category:SecuraBits -- posted at: 10:18am EDT

Challenge closed. tuts for solutions will be submitted soon.  Congrats to our winners who completed all the challenges.  Andrew Fastow              - 13 points jgor      @indiecom        - 13 points Thanks to all that participated Look forward to seeing you next month for our #SecurabitChallenge   Anyone competing [...]
Category:general -- posted at: 11:21am EDT

  Hosts Chris Gerling - @secbitchris Chris Mills - @chrisam Andrew Borel - @andrew_secbit Tony Huffman - @myne_us Guests Rafal Los - @Wh1t3Rabbit http://h30499.www3.hp.com/t5/Following-the-White-Rabbit-A/bg-p/sws-119 Topics Vericode vs Oracle Root Certificate Authorities Anonymous Item X Use Our Discount Code Use "Connect_SecuraBit" to get $150.00 off of ANY training course. The discount code is good for all [...]
Direct download: SecuraBIt_EP89.mp3
Category:Compromises -- posted at: 6:25pm EDT

  We are now doing our show notes inside of our wiki.  If you have suggestions or comments please feel free to leave them here. http://wiki.securabit.com/ShowNotes/EP88 Thank you for listening!  
Direct download: SecuraBit_EP88.mp3
Category:Compromises -- posted at: 6:36pm EDT

Check out our wiki for show notes!

http://wiki.securabit.com/ShowNotes/EP87

Direct download: SecuraBit_EP87.mp3
Category:general -- posted at: 11:56pm EDT

Join us as we interview Lance Spitzner, Technical Director for the SANS Securing the Human Program.

Show notes are now at our wiki:  http://wiki.securabit.com/ShowNotes/EP86

Direct download: SecuraBit_EP86.mp3
Category:general -- posted at: 11:20pm EDT

Hosts

myne-us @myne_us

Jacob hammack @hammackj

Guest Host

Dave Kennedy @dave_rel1k

Guest

Dr. Tyler Bletsch (Tyler.Bletsch {at} gmail.com)

Tyler's former security group at NC State University under Xuxian Jiang - http://www.csc.ncsu.edu/faculty/jiang/

Topics

JOP programming

Turing complete exploit development (http://en.wikipedia.org/wiki/Turing_completeness)

links

JOP

JOP technical report

ftp://ftp.ncsu.edu/pub/tech/2010/TR-2010-8.pdf

JOP academic paper

http://www.csc.ncsu.edu/faculty/jiang/pubs/ASIACCS11.pdf

Tyler's dissertation (JOP in x86 and MIPS, and a few other techniques)

http://repository.lib.ncsu.edu/ir/bitstream/1840.16/6698/1/etd.pdf

ROP

http://cseweb.ucsd.edu/~hovav/dist/rop.pdf

http://blog.zynamics.com/2010/03/12/a-gentle-introduction-to-return-oriented-programming/

http://sandsprite.com/CodeStuff/Understanding_imports.html

http://j00ru.vexillium.org/?p=893

http://www.braid-game.com/

http://qubes-os.org/Architecture.html

If you like the intro music and the closing music check out http://dualcoremusic.com/nerdcore/

break music http://www.audiomicro.com/saxophone-piano-drums-short-jazz-introduction-royalty-free-stock-music-94

Direct download: securabit_SEG_style_2_JOP_with_Tyler_Bletsch.mp3
Category:general -- posted at: 12:48pm EDT

Hosts
myne-us @myne_us
Jabob hammack @jhammack

Guest
Dave Kennedy @dave_rel1k
http://www.derbycon.com/
http://www.secmaniac.com/
http://seorg.org/

Topics
is BOF dead
what got you started
what are some of things that helped you get started
Heap
osx exploitation
and more....

links
http://advancedwindowsdebugging.com/
https://net-ninja.net/blog/?p=293
http://www.exploit-db.com/
http://www.offensive-security.com/live-information-security-training/

Intro by http://dualcoremusic.com/nerdcore/

@dave_rel1k
Direct download: Securabit_SEG_style_1.mp3
Category:podcasts -- posted at: 9:00pm EDT

SecuraBit Episode 84:  Tech Talk with Scott Moulton
June 15, 2011   

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Tony Huffman – @myne_us

Guests:
Scott Moulton - @scottamoulton - http://www.myharddrivedied.com/

Use our discount code "Connect_SecuraBit" to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.


Upcoming events
#BSidesLasVegas (3-4 August 2011)
BlackHat Vegas (3 - 4 August 2011)
DEFCON 19 (4 - 7 August 2011)
#BSidesLA Los Angeles, CA (18 - 19 August 2011)
#BSidesMO(21 Oct 2011)
#BSidesNewDelhi (22 - 23 October 2011)
VB Barcelona October 2011

Links:
http://www.securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: Securabit_EP84.mp3
Category:podcasts -- posted at: 4:44am EDT

SecuraBit Episode 83:  Hey look its the Human Hacker!!!
June 1, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling - MIA
Christopher Mills – @thechrisam - MIA
Jason Mueller – @securabit_jay - MIA
Andrew Borel –  @andrew_secbit
Tony Huffman – @myne_us
Tim Krabec  - @tkrabec

Guests:
Chris Hadnagy ( @humanhacker on Twitter ) discusses Social Engineering: The Art of Human Hacking

General topics:
Social Engineering: The Art of Human Hacking
http://www.amazon.com/Social-Engineering-Human-Hacking-ebook/dp/B004EEOWH0/ref=tmm_kin_title_0?ie=UTF8&m=AG56TWVU5XWC2
Social-Enginer.org
- variety of guests who use social enginering
Does Social Engineering Always Involve Deception?
Marketing or Social Engineering
Stereotypes
online help from skype :) <LOL
Social Engineer CTF for DEFCON 19
Five Key Points of Social Engineering

Links to News:
http://www.rollingstone.com/music/news/hackers-plant-fake-tupac-story-on-pbs-website-20110531http://www.redstate.com/neil_stevens/2011/05/28/anthony-weiner-and-his-eponymous-twitter-hack/
http://threatpost.com/en_us/blogs/report-l3-warns-employees-attacks-using-compromised-securid-tokens-060111


Use our discount code "Connect_SecuraBit" to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.


Upcoming events
#BSidesStJohns St. John's, NL (10 Jun 2011)
#BSidesCT Meriden, CT (11 Jun 2011)
FIRST Austria (12 - 17 June 2011)
#BSidesVienna(18 June 2011)
Toorcon (18 - 19 June 2011)
#BSidesLasVegas (3-4 August 2011)
BlackHat Vegas (3 - 4 August 2011)
DEFCON 19 (4 - 7 August 2011)
SANS Boston 2011(8 - 15 August 2011)
#BSidesLA Los Angeles, CA (18 - 19 August 2011)
#BSidesMO(21 Oct 2011)
#BSidesNewDelhi (22 - 23 October 2011)
VB Barcelona October 2011

Links:
http://www.securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP83.mp3
Category:general -- posted at: 7:45am EDT

SecuraBit Episode 82:  Totally Rad Man!

May 18, 2011

Hosts:

Anthony Gartner – @anthonygartner http://anthonygartner.com

Chris Gerling  – @chrisgerling

Christopher Mills – @thechrisam

Jason Mueller – @securabit_jay

Andrew Borel –  @andrew_secbit

Tony Huffman – @myne_us

Guests:

Carl Herberger from http://www.radware.com/ 

General topics:

 DDOS: Recent attacks from groups like anonymous , attack vectors, technique information and how it can effect you.

Signatures: Signature based detection and the effects it had on todays security

General security: Some general discussion on security 

Securibit exploit development group (SEG)  starting up blog post coming soon.

 

NEWS:

PSN hacked again! : 

 Just two days after the PlayStation Network was restored after a near month-long outage, the PSN password page has apparently been exploited. According to reports, the exploit allows other users to reset your account password using only your e-mail address and date of birth. This personal data was made available to hackersduring the initial PSN attack.

http://arstechnica.com/gaming/news/2011/05/report-playstation-network-passwords-exploited-accounts-compromised.ars

international_strategy_for_cyberspace.pdf

http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf

Backtrack 5 is out

http://www.backtrack-linux.org/

Facebook privacy demo gets guy arrested in austrelia

http://www.net-security.org/secworld.php?id=11045

Microsoft patch tuesday

http://www.microsoft.com/technet/security/bulletin/ms11-may.mspx

Use our discount code "Connect_SecuraBit" to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events

#BSidesDetroit (3 - 4 Jun 2011)

#BSidesStJohns St. John's, NL (10 Jun 2011)

#BSidesCT Meriden, CT (11 Jun 2011)

FIRST Austria (12 - 17 June 2011)

#BSidesVienna(18 June 2011)

Toorcon (18 - 19 June 2011)

#BSidesLasVegas (3-4 August 2011)

BlackHat Vegas (3 - 4 August 2011)

DEFCON 19 (4 - 7 August 2011)

#BSidesLA Los Angeles, CA (18 - 19 August 2011)

#BSidesMO(21 Oct 2011)

#BSidesNewDelhi (22 - 23 October 2011)

VB Barcelona October 2011

Links:

http://www.securabit.com

Chat with us on IRC at irc.freenode.net #securabit

iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405

iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP82.mp3
Category:general -- posted at: 9:00am EDT

SecuraBit Episode 81:  Network Admins Takeover
May 4, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Andrew Borel –  @andrew_secbit
Tim Krabec  - @tkrabec

Guests:
Sam Bowne discusses IPv6 and the RA 0day attack
Twitter: @sambowne
Home page: samsclass.info


General topics:
IPv6 Info: http://samsclass.info/ipv6/60_S11.php
RA 0day attack: http://samsclass.info/ipv6/proj/flood-router6a.htm
http://orchilles.com/2011/04/ssl-renegotiation-dos-faq.html


NIST Guidelines for the Secure Deployment of IPv6
http://csrc.nist.gov/publications/nistpubs/800-119/sp800-119.pdf

Hurricane Electric cert and info
http://ipv6.he.net/certification/

BackTrack 5 Available on May 10, 2011
http://www.backtrack-linux.org/

Netwitness
http://www.netwitness.com/products-services/investigator-freeware
http://www.netwitness.com/resources/videos/investigator-tutorial-1-overview-navigation

Use our discount code "Connect_SecuraBit" to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events:
CEIC Orlando (15 – 18 May 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)
#BSidesStJohns St. John's, NL (10 Jun 2011)
#BSidesCT Meriden, CT (11 Jun 2011)
FIRST Austria (12 - 17 June 2011)
#BSidesVienna(18 June 2011)
Toorcon (18 - 19 June 2011)
#BSidesLasVegas (3-4 August 2011)
BlackHat Vegas (3 - 4 August 2011)
DEFCON 19 (4 - 7 August 2011)
#BSidesLA Los Angeles, CA (18 - 19 August 2011)
#BSidesMO(21 Oct 2011)
#BSidesNewDelhi (22 - 23 October 2011)
VB Barcelona October 2011

Links:
http://www.securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP81.mp3
Category:podcasts -- posted at: 8:55am EDT

SecuraBit Episode 80:  Our 8080 Episode
April 20, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Tony Huffman – @myne_us
Dan Mitchell - @danmitchell

Guests:
int80 - @dualcoremusic
DualcoreMusic

General topics:
http://dualcoremusic.com/nerdcore/
http://www.youtube.com/watch?v=CMNry4PE93Y

NEWS:

Patch Tuesday April 2011 64 patched:
http://www.microsoft.com/technet/security/current.aspx
http://isc.sans.edu/diary.html?date=2011-04-11

Oracle Critical Patch Update Advisory - April 2011
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Verizon 2011 Data Breach Report
http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2011_en_xg.pdf

Barracuda
http://www.thetechherald.com/article.php/201115/7044/Malaysian-group-hits-Barracuda-Networks-Update?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+SecurityBloggersNetwork+%28Security+Bloggers+Network%29
http://blog.barracuda.com/pmblog/index.php/2011/04/12/waf-importance/
http://www.securecomputing.net.au/News/254601,barracuda-hack-shows-importance-of-defenceindepth.aspx?utm_source=twitterfeed&utm_medium=twitter
http://www.flyingpenguin.com/?p=11513
“Starting Saturday night at approximately 5pm Pacific time, an automated script began crawling our Web site in search of unvalidated parameters.  After approximately two hours of nonstop attempts, the script discovered a SQL injection vulnerability in a simple PHP script that serves up customer reference case studies by vertical market.  As with many ancillary scripts common to Web sites, this customer case study database shared the SQL database used for marketing programs which contained names and email addresses of leads, channel partners and some Barracuda Networks employees.  The attack utilized one IP address initially to do reconnaissance and was joined by another IP address about three hours later.  We have logs of all the attack activity, and we believe we now fully understand the scope of the attack.”

Texas
http://www.txsafeguard.org/
http://blogs.chron.com/texaspolitics/archives/2011/04/personal_inform.html
“Personal information of about 3.5 million Texans -- including names, mailing addresses and Social Security numbers -- was posted on a publicly accessible server at the state comptroller's office, much of it for more than a year, Comptroller Susan Combs said.”

Michigan Police taking your phones
http://www.thenewspaper.com/news/34/3458.asp
http://www.geekosystem.com/cellebrite-cellphone-hacker/
“The American Civil Liberties Union (ACLU) is currently engaged in a war of words and requests for information on a device used by the Michigan state police that can extract information from cellphones. The device, which has reportedly been in use since at least 2008, is apparently being used by the police during minor traffic violations.”

Wordpress
http://en.blog.wordpress.com/2011/04/13/security/
http://newenterprise.allthingsd.com/20110413/wordpress-com-suffers-security-breach/?mod=ATD_rss&utm_source=twitterfeed&utm_medium=twitter
http://threatpost.com/en_us/blogs/wordpress-hacked-source-code-stolen-041311

Georgian woman cuts off web access to whole of Armenia
http://www.guardian.co.uk/world/2011/apr/06/georgian-woman-cuts-web-access

Hacker Group Changes Millions of Passwords to "password"; Only 38% of Users Notice
http://www.f-secure.com/weblog/archives/00002134.html
“Passwords from over 3,000,000 user accounts were apparently set to "password" late last night in a wide-spread hack that affected hundreds of news, retail and Web 2.0 sites. Most affected users are completely unaware of the attack.”

Quick Mentions:
FBI take down botnet
http://threatpost.com/en_us/blogs/doj-shuts-down-botnet-disables-infected-systems-041411
Facebook adds 2 factor
http://threatpost.com/en_us/blogs/facebook-adds-two-factor-authentication-041911
Flash 0 day:
http://www.adobe.com/software/flash/about/
Anything below version 10.2.153.1 is vulnerable

Use our discount code "Connect_SecuraBit" to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
CEIC Orlando (15 – 18 May 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)
#BSidesStJohns St. John's, NL (10 Jun 2011)
#BSidesCT Meriden, CT (11 Jun 2011)
FIRST Austria (12 - 17 June 2011)
#BSidesVienna(18 June 2011)
Toorcon (18 - 19 June 2011)
#BSidesLasVegas (3-4 August 2011)
BlackHat Vegas (3 - 4 August 2011)
DEFCON 19 (4 - 7 August 2011)
#BSidesLA Los Angeles, CA (18 - 19 August 2011)
#BSidesMO(21 Oct 2011)
#BSidesNewDelhi (22 - 23 October 2011)
VB Barcelona October 2011

Links:
http://www.securabit.com
http://dualcoremusic.com/nerdcore/

Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP80.mp3
Category:podcasts -- posted at: 8:00am EDT

SecuraBit Episode 79:  Back to the basics with Marcus Carey!
April 6, 2011

Hosts:
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Tony Huffman – @myne_us

Guests:
Marcus J Carey- @iFail
http://hackersforcharity.org/

General topics:

NEWS:
Epsilon:
http://www.pcworld.com/businesscenter/article/224192/epsilon_data_breach_expect_a_surge_in_spear_phishing_attacks.html
http://www.eweek.com/c/a/Security/Epsilon-Data-Breach-Highlights-Cloud-Computing-Security-Concerns-637161/
http://threatpost.com/en_us/blogs/list-companies-hit-epsilon-breach-040511
https://threatpost.com/en_us/blogs/epsilon-data-breach-expands-include-capital-one-disney-others-040411
http://www.epsilon.com/News%20&%20Events/Press_Releases_2011/Epsilon_Notifies_Clients_of_Unauthorized_Entry_into_Email_System/p1057-l3

"On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway," the statement said.

LizaMoon:
http://threatpost.com/en_us/blogs/counterspin-lizamoon-web-attacks-no-big-deal-040511
In a post on Cisco's security blog, senior security researcher Mary Landesman said that data from the company's ScanSafe Web security infrastructure suggests that just over 1,000 Web domains have been compromised using the SQL injection attack, not the 500,000 to 1.5 million cited in published reports.

https://threatpost.com/en_us/blogs/widespread-lizamoon-web-attacks-push-rogue-antivirus-040111
“Websense researchers wrote on Thursday that a Google search for Web sites hosting the malicious URLs identified over 1.5 million Web sites hosting the code”

Pandora.com data leak:
http://threatpost.com/en_us/blogs/pandora-mobile-app-transmits-gobs-personal-data-040611?utm_source=Home+Page&utm_medium=Top+Graphic+Bar&utm_campaign=Position+3
“The data included both the owner's GPS location and tidbits the owners gender, birthday and postal code information. There was evidence that the app attempted to provide continuous location monitoring - which would tell advertisers not just where the user accessed the application from, but also allow them to track that user's movement over time. “

RSA attack:
http://threatpost.com/en_us/blogs/rsa-securid-attack-was-phishing-excel-spreadsheet-040111
“"The attacker in this case sent two different phishing emails over a two-day period. The two emails were sent to two small groups of employees; you wouldn’t consider these users particularly high profile or high value targets. The email subject line read '2011 Recruitment Plan," Uri Rivner, head of new technologies in the identity protection division of RSA wrote in a post on the attack”
http://www.nsslabs.com/research/analytical-brief-rsa-breach.html

¾ Energy Firms Had Data Breach over last year:
http://threatpost.com/en_us/blogs/study-three-four-energy-firms-had-data-breach-last-year-040511
Long perceived to be beyond the attention of hackers, energy firms and utilities now report that they are being targeted. In the Ponemon study, 76% of the IT security staff interviewed reported that their organization had experienced "one or more data breaches" in the last 12 months. A similar number - 69% - said they felt a data breach was likely to occur in the next 12 months, Ponemon said.

Comodo what really happened:
https://threatpost.com/en_us/blogs/phony-ssl-certificates-issued-google-yahoo-skype-others-032311
http://pastebin.com/uSdKNDN5
“ I found out that TrustDll.dll takes care of signing. It was coded in C#.
Simply I decompiled it and I found username/password of their GeoTrust and Comodo reseller account. “

FBI asks for help on cracking code:
http://www.h-online.com/security/news/item/FBI-asks-for-help-cracking-a-code-in-unsolved-murder-case-1220007.html

Other Stories:
http://www.techdirt.com/articles/20110401/13241213732/exploit-hadopi-site-turns-it-into-pirate-bay-supporter.shtml
http://news.softpedia.com/news/Google-Chrome-to-Block-Malicious-Downloads-193386.shtml

Use our discount code "Connect_SecuraBit" to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events:
ThotCon (15 Apr 2011)
#BSidesChicago (16 - 17 Apr 2011)
#BSides London, (20 Apr 2011)
CEIC Orlando (15 – 18 May 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)
#BSidesStJohns St. John's, NL (10 Jun 2011)
#BSidesCT Meriden, CT (11 Jun 2011)
FIRST Austria (12 - 17 June 2011)
#BSidesVienna(18 June 2011)
Toorcon (18 - 19 June 2011)
#BSidesLasVegas (3-4 August 2011)
BlackHat Vegas (3 - 4 August 2011)
DEFCON 19 (4 - 7 August 2011)
#BSidesLA Los Angeles, CA (18 - 19 August 2011)
#BSidesMO(21 Oct 2011)
#BSidesNewDelhi (22 - 23 October 2011)
VB Barcelona October 2011

Links:
http://www.securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP79.mp3
Category:general -- posted at: 11:43pm EDT

Securabit Episode 78:  Comodogate and Social Penetration!
March 23, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel –  @andrew_secbit
Tony Huffman (myne-us)  – @myne_us

Guests:
Dave Kennedy - @dave_rel1k
Carlos “Darkoperator” Perez - @Carlos_Perez

General topics:

Rogue SSL certificates ("case comodogate") http://www.f-secure.com/weblog/archives/00002128.html

PTES - Penetration Testing Execution Standard http://www.pentest-standard.org/
Social Enginer Toolkit
http://www.social-engineer.org/podcast/
http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_(SET)
BackTrack http://www.backtrack-linux.org/
DerbyCon http://www.derbycon.com/

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events:
#BSidesChicago (16 - 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)
SANS Orlando March 2011
CEIC Orlando April 2011
FIRST Austria June 2011
BlackHat Vegas August 2011
VB Barcelona October 2011

Links:
http://www.securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP78.mp3
Category:podcasts -- posted at: 2:03pm EDT

Securabit Episode 77:  Return to the Rabbit Hole
March 9, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Tony Huffman (myne-us)  – @myne_us
Andrew Borel –  @andrew_secbit

Guests:
Rafal Los - @wh1t3Rabbit

General topics:
Preview the upcoming BlackHat EU talk "Defying Logic."

Researchers Build Tool That Roots Out Business Logic Flaws In Web Apps
http://www.darkreading.com/database-security/167901020/security/application-security/229300667/researchers-build-tool-that-roots-out-business-logic-flaws-in-web-apps.html

--News
-Malware on the andoid market place. (DroidDream)
List of infected app http://blog.mylookout.com/2011/03/security-alert-malware-found-in-official-android-market-droiddream/

-Google nukes 150,000 email accounts on accident
http://gmailblog.blogspot.com/2011/02/gmail-back-soon-for-everyone.html

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
BlackHat Europe 2011 (17 - 18 Mar 2011)
#BSidesChicago (16 - 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP77.mp3
Category:podcasts -- posted at: 8:37pm EDT

SecuraBit Episode 76: E-viting you to your demise!
February 23, 2011

SecuraBit would like to apologize for the audio issues in this episode. We were not able to use the normal recording method due to a complete power failure.  Thanks for understanding!

Hosts:
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Tony – @myne_us
Dan Mitchell - @danmitchell
Andrew Borel –  @andrew_secbit

Guests:
Bill Swearingen - @hevnsnt

Trent Lo - @surbo

General topics:

History of i-hacked

[HackerRun] - @HackerRun
http://hackerrun.com/doku.php

Messing with evites

http://www.i-hacked.com/content/view/293/2/

http://www.csoonline.com/article/661365/evite-program-easily-tampered-with-researcher-says

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
#BSidesHalifax (5 Mar 2011)
#BSidesGSO Greensboro, NC (9 Mar 2011)
CanSecWest2011 (9 - 11 Mar 2011)
#BSidesAustin (11 - 12 March 2011) http://www.keepsecurityweird.org/
BlackHat Europe 2011 (17 - 18 Mar 2011)
#BSidesChicago (16 - 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP76.mp3
Category:podcasts -- posted at: 10:11am EDT

Securabit Episode 75:  Booze over IP
February 9, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel –  @andrew_secbit
Tony  (myne-us)  – @myne_us

Guests:
Mike Dahn
twitter:  @mikd

Joe Gottlieb
Twitter: joe_gottlieb

General topics:
Mike:Bsides origins and other.  http://chaordicmind.com/blog/
Joe: Open Security Intelligence http://www.opensecurityintelligence.com/

On Monday, February 14th, SIEM and log management vendor SenSage will introduce the Open Security Intelligence forum to the security community to become involved in. The concept of the community is to share best practices in open security analytics to improve our collective security defenses. Specifically, Joe Gottlieb, President and CEO of SenSage would like to discuss:
- Current challenges with today’s SIEM tools, which are a decade old
- Why security analytics needs to be ‘open’
- Why integrating business intelligence tools (i.e. Pentaho, Microsoft Exchange, Cognos, etc.) with SIEM tools can create useful dashboards that help security analysts mine huge data stores for the ‘needle in the haystack’ information they need
- Why ‘security quants’ (analysts that can look deep into the data and develop complex yet useful SQL queries) will become the next role in the SOC
- The benefits of joining the community and sharing best practices

The community will be hosted on a web portal – www.opensecurityintelligence.com – that is under development and will be discussed in our Feb. 14 release. Also, Joe is also giving a talk at Security BSides  SF on 2/14 at 3pm PT on this very topic.

--HBGary Federal
http://krebsonsecurity.com/2011/02/hbgary-federal-hacked-by-anonymous/

--Nasdaq
attack does not yet have reports of how they where attacked. The comment on the website was for the 1999 attack where someone defaced the nasdaq website.

Quotes from http://www.wallstreetandtech.com/technology-risk-management/229201267

The operator of the Nasdaq Stock Exchange said it found "suspicious files" on its computer servers, in a Web application called Directors Desk which is used by members of corporations' boards of directors who want to share information and files.

"What seems most likely is that the web servers were compromised in an attempt to use them to inject malicious software into their clients," commented one reader of the nakedsecurity.sophos.com blog.

--Bsides
http://www.securitybsides.com/w/page/12194156/FrontPage
to contact: info (at) securitybsides dot org -or- call 415-742-1739

--Exploit developers corner
Looking for exploit developers!

If you have recently published an exploit or have a previously published exploits you would like to talk about contact us at feedback@securabit.com or can contact Tony (myne-us) directly on IRC at freenode #securabit to have a small interview about your discovery.

List of common questions.

-How did you find the vulnerability?
-What is your goal in vulnerability research?
-How did you go about disclosing the vulnerability and how did the vendor respond?
-And more...

!!Caution!!:  No undisclosed vulnerabilities (0 day)! These vulnerabilities need to be reported to the vendor and patched or exceed a time period where vendor did not patch. If interested in releasing exploit on the show that is fine if can show proof you disclosed to vendor or see the proof of concept already posted on exploit-db or have a CVE.

Us:NetWitness Spectrum at RSA http://www.netwitness.com/products/spectrum.aspx

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
RSA Conference 2011 (14 -18 Feb 2011)
#BSidesSanFrancisco (14 - 15 Feb 2011)
#BSidesCleveland (18 Feb 2011)
#BSidesHalifax (5 Mar 2011)
#BSidesGSO Greensboro, NC (9 Mar 2011)
CanSecWest2011 (9 - 11 Mar 2011)
#BSidesAustin (11 - 12 March 2011) http://www.keepsecurityweird.org/
BlackHat Europe 2011 (17 - 18 Mar 2011)
#BSidesChicago (16 - 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP75.mp3
Category:podcasts -- posted at: 12:16pm EDT

Securabit Episode 74: Podcasting in the Dark with Brian Krebs
January 26, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit

Guests:
Brian Krebs - @briankrebs - http://krebsonsecurity.com/

General topics:

  • I recall reading about various greeting card based attacks over the years.  Do you think they've all been originated by the same folks who did this one?  Or at least, with the same goals in mind?
  • How prevalent do you think ATM skimmers are?  What are some ways the common person can look out for them?
  • Do you think financial institutions are getting better at educating their customers about the protections provided/not provided under Regulation E?
  • Do you anticipate payment processing centers becoming a bigger target for criminals vs the individual businesses?
  • Since many financials are under pressure from new reserve requirements, do you think new security requirements will force smaller financials to merge? How can they balance the need to offer more convenient services (such as mobile banking) with the need to improve security at the same time?
  • What do you think the top 3 stories for 2010 were? Why do you think they were the top stories?


Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
RSA Conference 2011 (14 -18 Feb 2011)
#BSidesSanFrancisco (14 - 15 Feb 2011)
#BSidesCleveland (18 Feb 2011)
#BSidesHalifax (5 Mar 2011)
#BSidesGSO Greensboro, NC (9 Mar 2011)
CanSecWest2011 (9 - 11 Mar 2011)
#BSidesAustin (11 - 12 March 2011) http://www.keepsecurityweird.org/
BlackHat Europe 2011 (17 - 18 Mar 2011)
#BSidesChicago (16 - 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP74.mp3
Category:general -- posted at: 3:43pm EDT

Securabit Episode 73:  Eber Kneber and botnet stuntmen
January 12, 2011

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel –  @andrew_secbit

Guests:
We discuss Kneber and other fun security topics with Alex Cox of NetWitness
@perpetualsec http://www.networkforensics.com/

General topics:
Kneber Botnet
Mariposa
Responsible disclosure
Evil Virustotal
http://socialmediasecurity.com/downloads/Facebook_Privacy_and_Security_Guide.pdf

PROGRAMMABLE HID USB KEYSTROKE DONGLE: USING THE TEENSY AS A PEN TESTING DEVICE https://www.defcon.org/html/defcon-18/dc-18-speakers.html#Crenshaw

http://www.irongeek.com/i.php?page=videos/dojocon-2010-videos


Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
ShmooCon (28 - 31 Jan 2011)
RSA Conference 2011 (14 -18 Feb 2011)
#BSidesSanFrancisco (14 - 15 Feb 2011)
#BSidesCleveland (18 Feb 2011)
#BSidesHalifax (5 Mar 2011)
#BSidesGSO Greensboro, NC (9 Mar 2011)
#BSidesAustin (11 - 12 March 2011) http://www.keepsecurityweird.org/
#BSidesChicago (16 - 17 Apr 2011)
#BSides London, (20 Apr 2011)
#BSidesROC Rochester, NY (21 May 2011)
#BSidesDetroit (3 - 4 Jun 2011)

Links:
http://www.securabit.com

Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8
Direct download: SecuraBit_EP73.mp3
Category:podcasts -- posted at: 7:11pm EDT

SecuraBit  Episode 72:  Take risks, get owned!
Recorded on December 29, 2010

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel –  @andrew_secbit

Guests:
Jack Jones discusses Risk Assessment and the FAIR method http://riskmanagementinsight.com/

General topics:

Risk Management, Small biz vs Enterprise
Monte Carlo?
How to Measure Anything: Finding the Value of Intangibles in Business by Douglas W. Hubbard
http://www.amazon.com/How-Measure-Anything-Intangibles-Business/dp/0470539399/ref=tmm_hrd_title_0

OnePassword - http://agilewebsolutions.com/onepassword
KeePass - http://keepass.info/
LastPass - http://lastpass.com/

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
#BSidesMSP (7 Jan 2011)
ShmooCon (28-31 Jan 2011)
RSA Conference 2011 (14 -18 Feb 2011)
#BSidesSanFrancisco (14-15 Feb 2011)
#BSidesAustin (11-12 March 2011) http://www.keepsecurityweird.org/

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP72.mp3
Category:podcasts -- posted at: 8:39am EDT

SecuraBit  Episode 71: Managing our Careers with Lee Kushner
December 15, 2010

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit

Guests:
Lee Kushner - @LJKush - http://www.ljkushner.com/ - http://www.infosecleaders.com/

General topics:
Discussion on Career Management
The importance of having a career plan.
It’s a very crowded market in information security, and it’s getting more so every day.

www.infosecleaders.com/2010-compensation-survey/
FAQ: Compromised Commenting Accounts on Gawker Media http://lifehacker.com/5712785/

OnePassword - http://agilewebsolutions.com/onepassword
KeePass - http://keepass.info/
LastPass - http://lastpass.com/

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
#BSidesBerlin (28-30 Dec 2010)
#BSidesMSP (7 Jan 2011)
ShmooCon (28-31 Jan 2011)
RSA Conference 2011 (14 -18 Feb 2011)
#BSidesSanFrancisco (14-15 Feb 2011)
#BSidesAustin (March 2011)

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP71.mp3
Category:podcasts -- posted at: 7:32pm EDT

SecuraBit  Episode 70: Following the wh1t3Rabbit, Hat-tricks with a wh1t3Rabbit
December 1, 2010

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Christopher Mills – @thechrisam
Chris Gerling  – @chrisgerling
Andrew Borel –  @andrew_secbit

Guests:
HP's Rafal Los - @wh1t3Rabbit
Subscribe to his blog at http://hp.com/go/white-rabbit

General topics:
Shmoocon tickets, who’s got them?

Hat-trick http://en.wikipedia.org/wiki/Hat-trick

Password security, does it really matter?

Application security to detect and prevent malicious code.

Diaspora https://joindiaspora.com/

Security Metrics

Story time with Rafal

RSnake shutting down his blog after 5 years and 1000 posts http://ha.ckers.org/

FTC Staff Issues Privacy Report Offers Framework for Consumers, Businesses, and Policymakers: Endorses “Do Not Track” to Facilitate Consumer Choice About Online Tracking
http://www.ftc.gov/opa/2010/12/privacyreport.shtm

SANS Discount:
Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Syngress Discount:
Use our discount code 36449 to receive 20% off any order direct from Elsevier!

Upcoming events
Sunbelt Quarterly Briefing December 8th, 2010 at 9am and 2pm
DojoCon December 11-12, 2010
#BSidesBerlin December 28-30, 2010
ShmooCon January 28-31, 2011

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP70.mp3
Category:general -- posted at: 1:08pm EDT

SecuraBit Episode 69: Picking Locks and Messing up Podcasts, Welcome to Gringo Village!
November 3, 2010

Hosts:
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Anthony Gartner – @anthonygartner http://anthonygartner.com
Jason Mueller – @securabit_jay
Rob Fuller – @mubix
Tim Krabec – @tkrabec http://www.SMBMinute.com

Guests:
Deviant Ollum - http://deviating.net/ - Author of Syngress Practical Lock Picking
General topics:
Practical Lock Picking By Deviant Ollam http://www.syngress.com/hacking-and-penetration-testing/Practical-Lock-Picking/

Review submitted by a coworker:
Practical Lock Picking by Deviant Ollum was an enjoyable read. The author does a good job of covering the art and science of picking locks. He chose two of the most common types of locks for the bulk of his material which helps keep the focus of the book tight. He leads the reader from the basic operational principles of the locks, to flaws in the design & manufacture and finally how to pick the locks. The coverage of pick types and other tools of the trade round out the readers knowledge of the subject. His down to earth style and simple language help the reader understand the material and develop the skills to pick these types of locks. His logical progression of starting with one pin and working your way up to all the pins in the lock will help the reader build confidence in their skills. The final sections on bypassing the door reminds the reader that locks are part of a system and sometimes the way to defeat a system is not the direct approach. Overall I would give this book 4 out of 4 stars.

Shmoocon Tickets??

The Open Organization Of Lockpickers http://toool.us/
Lock Picking Videos - http://www.youtube.com/deviantollam
General Information http://deviating.net/lockpicking/

IE Zero Day
Microsoft Security Advisory (2458511)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/2458511.mspx

Enhanced Mitigation Experience Toolkit v2.0
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04

SpyEye v. ZeuS Rivalry Ends in Quiet Merger
http://krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is0 good for all SANS courses in all formats.

Upcoming events

#BSidesDFW November 6, 2010
#BSidesDE November 6, 2010
AppSec DC 2010 November 8-12, 2010
#BSidesOttawa November 12-13, 2010
RUXCON 2010 December 4-5, 2010
DojoCon December 11-12, 2010
#BSidesBerlin December 28-30, 2010
ShmooCon January 28-31, 2010

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP69.mp3
Category:podcasts -- posted at: 7:58pm EDT

SecuraBit  Episode 68: Teaching for handbags!

Hosts:
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Anthony Gartner – @anthonygartner http://anthonygartner.com
Jason Mueller – @securabit_jay

Guests:
Kevin Johnson discusses SANS SEC 542 Web App Pen Testing, Base, etc

General topics:
New Apple Macbook Air.

Recent Security
Zynga collecting data about Facebook users.
Social engineering at a capture the flag event.
Pros and cons to using social networks.
Attacking your web applications for a more secure application.
Samurai WTF (Web Testing Framework) http://samurai.inguardians.com/
Laudanum: Injectable Functionality http://laudanum.inguardians.com/
Basic Analysis and Security Engine (BASE) project http://base.secureideas.net/

Use our discount code "Connect_SecuraBit10" to get 10% off of ANY training course. The discount code is good for all SANS courses in all formats.

Upcoming events
#BSidesDFW November 6, 2010
#BSidesDE November 6, 2010
AppSec DC 2010 November 8-12, 2010
#BSidesOttawa November 12-13, 2010
#BSidesBerlin December 28-30, 2010
ShmooCon January 28-31, 2010

Links:

http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP68.mp3
Category:podcasts -- posted at: 10:43pm EDT

 

SecuraBit  Episode 67:  We're all gonna get HAX!
October 6, 2010

Hosts:
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Anthony Gartner

Guest: Roger Grimes

General topics:

Authored eight books, and co-authored another 4
Chasing hackers for 23 years
SCADA issues
What the bad guys are doing? Black hat cloud backup?
Offline patch and reset days to recover from a issue.
Whitelisting may be a solution, that is just too hard to implement in many environments.
Needs full sign off from the organization
Different levels of identification

Syngress book of the month club for episode 68
Utilize code 36449 for a discount on books from Syngress!

Executives should have Macs because it makes it easier on the pen tester
Patching and warranties

SANS Connector Program
10% of any SANS events or training use coupon code Connect_SecuraBit10

Lenny Zeltser Facebook Social Captcha Authentication
http://blog.zeltser.com/post/1258010402/facebook-social-captcha-authentication

Upcoming events
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
Phreaknic 10/15. http://www.phreaknic.info/pn14/
Bsides Delaware 11/6
Bsides Dallas-FortWorth 11/6

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

 

Direct download: SecuraBit_EP67.mp3
Category:podcasts -- posted at: 12:48pm EDT

 

SecuraBit  Episode 66:
September 22, 2010

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel –  @andrew_secbit

 

Guests:
Aaron Barr (HB Gary Federal) @aaronbarr

We discuss HBGary with Aaron, and delve into some fun topics like malware analysis, forensics, and other technical skills.

General topics:
Media Sponsor for:
SecTor 2010 - http://www.sector.ca/
Security Training October 25.
Conference Sessions October 26 & 27, 2010.
Twitter XSS
http://status.twitter.com/post/1161435117/xss-attack-identified-and-patched

Robin Sage
Malware analysis
Behavior of malware in memory

FGET is pretty pimp (free tool that remotely images NTFS volumes)
https://www.hbgary.com/community/shawnblog/fget-v10-goes-live/

Free tools from HB Gary
https://www.hbgary.com/community/free-tools/

Forensics
How flypaper plays into image grabbing

 

Upcoming events
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
Louisivlle Infosec 10/7. http://www.louisvilleinfosec.com/
Atlanta B-Sides 10/8. http://www.securitybsides.com/BSidesAtlanta
HacKid - http://www.hackid.org/ 10/9-10/10
Phreaknic 10/15. http://www.phreaknic.info/pn14/

Links:

http://www.HBGary.com/
http://www.SecuraBit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

 

Direct download: SecuraBit_EP66.mp3
Category:podcasts -- posted at: 11:06pm EDT

 

SecuraBit  Episode 65: Application Security From the Ground Up!
September 8, 2010
 
Hosts:
Anthony Gartner – @anthonygartner
Jason Mueller  – @securabit_jay
Christopher Mills –  @thechrisam

Guests:
Jeff Morgan * Product manager for HP’s Application Security Center product line * 20+ years experience developing commercial software solutions in industries ranging from healthcare to payroll to commercial printing * Joined SPI Dynamics in 2006, which was later acquired by HP * Previously a software engineer and held positions in development, QA, support and account management
General topics:
 
Application Security Development Lifecycle
Flash, as usual
NoScript
Intel and McAfee

Upcoming events
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
Louisivlle Infosec 10/7. http://www.louisvilleinfosec.com/
Atlanta B-Sides 10/8. http://www.securitybsides.com/BSidesAtlanta
HacKid - http://www.hackid.org/ 10/9-10/10
Phreaknic 10/15. http://www.phreaknic.info/pn14/

SecTor 2010 - http://www.sector.ca/
Security Training October 25.
Conference Sessions October 26 & 27, 2010.

Links:
http://securabit.com
HP Application Security Center
Chat with us on IRC at irc.freenode.net #securabit

 

Direct download: SecuraBit_EP65.mp3
Category:podcasts -- posted at: 8:00am EDT

SecuraBit  Episode 64:  A whole lot of organized crime going on!
August 25, 2010

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Andrew Borel –  @andrew_secbit

Guests:
Bryan Sartin - Director of Investigative Response at Verizon Business

General topics:
Verizon RISK Team - http://www.verizonbusiness.com/products/security/risk/

Bryan Sartin, the Director of Investigative Response at Verizon Business, discusses the 2010 Verizon Data Breach Report
http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf

VERIS Framework - https://verisframework.wiki.zoho.com/

MalCon: A Call for ‘Ethical Malcoding’ http://krebsonsecurity.com/2010/08/malcon-a-call-for-ethical-malcoding/

SecTor 2010 - http://www.sector.ca/
Security Training October 25.
Conference Sessions October 26 & 27, 2010.

The real iTunes fraud vulnerability: Gullible users - http://news.cnet.com/8301-13579_3-20014481-37.html

Upcoming events
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
Louisivlle Infosec 10/7. http://www.louisvilleinfosec.com/
Atlanta B-Sides 10/8. http://www.securitybsides.com/BSidesAtlanta
HacKid - http://www.hackid.org/ 10/9-10/10
Phreaknic 10/15. http://www.phreaknic.info/pn14/

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP64.mp3
Category:general -- posted at: 6:33pm EDT

SecuraBit Episode 63:  Walking to the Waffle House with Andy Willingham
August 11, 2010
Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel –  @andrew_secbit

Guests:
Andy Willingham (Southern Fried Security Podcast) - @andywillingham http://www.andyitguy.com/blog/

General topics:
DEFCON/BLACKHAT/BSides Recap
--Chris’s experience this year, and a review of the medical facilities in Las Vegas
--General entertaining banter

Shiny Old VxWorks Vulnerabilities
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html

Facebook name extraction based on email/wrong password
http://seclists.org/fulldisclosure/2010/Aug/130

Apple Fixes PDF Vunerability that allowed webbased Jail Break.
iOS 4.0.2 Software Update http://support.apple.com/kb/DL1061

Interview with Andy Willingham
ShmooCon 2011 Dates Announced
http://tinyurl.com/29nzc46

Microsoft drops the patch bomb
http://www.securabit.com/2010/08/10/microsoft-drops-the-patch-bomb/

Andriod Malware and Unexpected Features
http://crave.cnet.co.uk/mobiles/android-gets-its-first-texting-malware-50000303/

Free Android antivirus clocks up 2.5m downloads
http://www.theregister.co.uk/2010/08/11/free_android_security_app/

A Review of Verizon and Google's Net Neutrality Proposal
http://www.eff.org/deeplinks/2010/08/google-verizon-netneutrality

Upcoming events
South Florida ISSA’s Hack the flag and chili cook-off  Saturday August 14, 2010 from 12:00pm - 5:00pm
http://sfissa.org/index.php/sfissa-mm-events/htf-main/85-hack-the-flag-2010
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
Louisivlle Infosec 10/7. http://www.louisvilleinfosec.com/
Atlanta B-Sides 10/8. http://www.securitybsides.com/BSidesAtlanta
HacKid - http://www.hackid.org/ 10/9-10/10
Phreaknic 10/15. http://www.phreaknic.info/pn14/

Links:

http://www.securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8
Direct download: SecuraBit_EP63.mp3
Category:general -- posted at: 10:59am EDT

SecuraBit  Episode 62: Visualizing Data with NetWitness

SecuraBit  Episode 62: Visualizing Data with NetWitness

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit

Guests:
Eddie Schwartz - @eddieschwartz

General topics:
BSidesLV http://www.securitybsides.com/BSidesLasVegas
BlackHat https://www.blackhat.com/html/bh-us-10/bh-us-10-home.html
Defcon https://www.defcon.org/html/defcon-18/dc-18-schedule.html

Shmoocon Woot Video http://www.youtube.com/watch?v=HJ0ypgZU_D0
NetWitness Visualize http://visualize.netwitness.com/

Brief panel on certifications.

iPhone App Now Available. http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

http://itunes.apple.com/us/podcast/securabit/id280048405

Upcoming events
South Florida ISSA’s Hack the flag and chili cook-off  Saturday August 14, 2010 from 12:00pm - 5:00pm
http://sfissa.org/index.php/sfissa-mm-events/htf-main/85-hack-the-flag-2010
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast - http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available - http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Direct download: SecuraBit_EP62.mp3
Category:podcasts -- posted at: 1:05pm EDT

SecuraBit Episode 61: Reverse Engineering Malware with a Spider Monkey

Hosts:
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Tim Krabec – @tkrabec http://www.SMBMinute.com
Nicholas Berthaume -- @nberthaume https://www.bordergatewayprotocol.net
Anthony Gartner – @anthonygartner http://anthonygartner.com

Guests:
Guest: Lenny Zeltser - @lennyzeltser http://zeltser.com/

General topics:
Reverse Engineering Malware

New Linux Distro to analyze malware
REMnux: A Linux Distribution for Reverse-Engineering Malware
http://zeltser.com/remnux/
Based on Ubuntu
Released just 5 days ago - July 8, 2010
2500 Downloads so far
VMWare appliance
Live Distro going out to Source Forge soon
Enlightenment as window manager, (no gnome or kde)
Just what you need to do the analysis
Lightweight as possible
Tools
Emulate Services
Allow malware to interact with your own resources
how does it differ from CW Sandbox
Determine the signs of comprise to compare with your production environment
JS Unpack
Since it is an Ubuntu distro, you can roll a custom version for your environment or lab.
Intrigrrated into the Reverse Engining Malware course from SANS

SANS Digital Forensics Summit
The state of people relying on only antivirus for protection.

The innovator's dilemma http://www.amazon.com/Innovators-Dilemma-Revolutionary-Business-Essentials/dp/0060521996
Microsoft Security Essentials http://www.microsoft.com/security_essentials/

http://www.sans.org/vlive/
Forensics 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
SANS vLive! FOR610 - 201001 - Monday, July 26, 2010 - Thursday, August 26, 2010
http://www.sans.org/vlive/details.php?nid=20668

Upcoming events:

BSidesLV http://www.securitybsides.com/BSidesLasVegas
BlackHat https://www.blackhat.com/html/bh-us-10/bh-us-10-home.html
Defcon https://www.defcon.org/html/defcon-18/dc-18-schedule.html
Tim is speaking http://defcon.org/html/defcon-18/dc-18-speakers.html#PanelHTF
Tim is also doing a skytalks schedule http://sudux.com/skytalks_web.jpg
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
South Florida ISSA’s Hack the flag and chili cookoff  Saturday August 14, 2010 from 12:00pm - 5:00pm
http://sfissa.org/index.php/sfissa-mm-events/htf-main/85-hack-the-flag-2010
These are the upcoming security cons and where you can find those of us that will be attending starting in less than two weeks.

Links:
Chat with us on IRC at irc.freenode.net #securabit

Direct download: SecuraBit_EP61.mp3
Category:podcasts -- posted at: 10:22pm EDT



SecuraBit  Episode 60: Free Calamari!!!

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Jason Mueller – @securabit_jay
Tim Krabec – @tkrabec http://www.SMBMinute.com

Guests:
Christopher Boyd (Sunbelt Software)
http://en.wikipedia.org/wiki/Christopher_Boyd
http://www.vitalsecurity.org/
http://sunbeltblog.blogspot.com/

General topics:
Chris speaks about how he got involved in the position he is in now.  He also got into how he basically social engineers and discusses his blog.

Dodgy Dr Who Games
Orkut Shenanigans
The Sunbelt Security Blog
Fun with Internet Trolls
How Drugs and Stabby Things Led to a Career in Security
Internet Kill Switch
Twitter Agrees to Data-Security Audits
HacKid -http://www.hackid.org/

Links:

FTC Requires Twitter To Set Up Data-Security Audits
http://news.yahoo.com/s/nf/20100624/tc_nf/74031

Chat with us on IRC at irc.freenode.net #securabit

Direct download: SecuraBit_EP60.mp3
Category:podcasts -- posted at: 11:59pm EDT

SecuraBit Episode 59: Too many acronyms, my head is going to explode!

SecuraBit Episode 59: Too many acronyms, my head is going to explode!

Hosts: Anthony Gartner – @anthonygartner http://anthonygartner.com Christopher Mills – @thechrisam Andrew Borel –  @andrew_secbit Chris Gerling  – @chrisgerling

Guests: Dan Philpott discusses NIST, Information Assurance, SCAP, FISMA, etc

Contact info: Twitter: @danphilpott

General topics: Federal Information Security Management Act (FISMA) Implementation Project http://csrc.nist.gov/groups/SMA/fisma/index.html

Special Publications (800 Series) http://csrc.nist.gov/publications/PubsSPs.html

Small Business Corner (SBC) http://csrc.nist.gov/groups/SMA/sbc/index.html

FISMApedia http://fismapedia.org/index.php?title=Main_Page

The Security Content Automation Protocol (SCAP) http://scap.nist.gov/ -Change Management

Windows Sysinternals http://technet.microsoft.com/en-us/sysinternals/default.aspx

Sysinternals Suite http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx

Links: http://csrc.nist.gov/

Chat with us on IRC at irc.freenode.net #securabit

Direct download: SecuraBit_EP59.mp3
Category:podcasts -- posted at: 10:57pm EDT

SecuraBit Episode 58: Forensic Goodness with Harlan Carvey

SecuraBit Episode 58: Forensic Goodness with Harlan Carvey

Hosts:

Anthony Gartner – @anthonygartner http://anthonygartner.com

Christopher Mills – @thechrisam

Chris Gerling  – @chrisgerling

Jason Mueller – @securabit_jay

Andrew Borel –  @andrew_secbit

Guests:

Harlan Carvey http://windowsir.blogspot.com/ Tools:  http://tech.groups.yahoo.com/group/win4n6/

General topics:
Timeline creation Regripper Forensic trends SIFT Lance Mueller http://www.forensickb.com/

Are you interested in taking an upcoming SANS course?  Dr. Eric Cole is teaching the upcoming SANS vLive! 501 course which starts on June 22.  You can register for the course using this link, and coupon code 501SB to save $500!

Direct download: SecuraBit_EP58.mp3
Category:podcasts -- posted at: 8:36am EDT

SecuraBit Episode 57:  Doctor Cole, I Presume?

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Christopher Mills – @thechrisam
Chris Gerling  – @chrisgerling
Andrew Borel –  @andrew_secbit

 

Guests:
Dr. Eric Cole, Ph.D. - @drericcole

General topics:
Mr. Cole is teaching the upcoming SANS vLive! 501 course which starts on June 22.  You can register for the courseusing this link, and coupon code 501SB to save $500!

We discussed VOIP security, or the lack thereof.
Signature based security solutions are going the way of the dinosaur, it's all about behavior and dynamic detection, such as heuristics now.
How to protect your privacy online:
http://twitter.com/ChrisPirillo/status/13881888168

 

Links:
http://www.sans.org/security-training/instructors_upcoming.php?id=34
http://www.securityhaven.com/

Sunbelt Software Webinar: Thursday, May 27, 2010, 2PM - 3PM EDT
Quarterly Briefing: Turn the tables on Bad Guys: Malware Unmasked

The cyber threat landscape is constantly changing, and even with the most sophisticated security you’re never completely protected from attacks. As part of our mission to ‘keep the bad guys out’, SunbeltLabs presents in this webinar how we use our own sandbox technology to keep a step ahead.

Sunbelt Software’s Lead Security Analyst, Brian Jack and Malware Response Manager, Dodi Glenn will discuss the current threat landscape and dig deeper into some of the most dangerous and complicated threats out there.  During this briefing we will focus on two different types of threats: malicious PDFs and rogue antivirus applications. Learn how to gain an edge when protecting your enterprise.

Whether you are dealing with spear phishing or mass attacks, join us to see how to deploy the right tools and learn how to quickly analyze and unmask malware. New threats require new technologies and techniques to protect yourself and your organization.  Sign up now and turn the tables on the bad guys.

Chat with us on IRC at irc.freenode.net #securabit

Direct download: SecuraBit_EP57.mp3
Category:podcasts -- posted at: 2:58pm EDT

SecuraBit  Episode 56: "Try Harder" - Used with permission

SecuraBit  Episode 56: "Try Harder" - Used with permission

Hosts: Anthony Gartner – @anthonygartner http://anthonygartner.com Christopher Mills – @thechrisam Chris Gerling  – @chrisgerling Jason Mueller – @securabit_jay Andrew Borel –  @andrew_secbit

Guests: Chris Hadnagy - @humanhacker Operations Manager and involved with www.offensive-security.com www.backtrack-linux.org http://www.social-engineer.org/

General topics: MSFU course Saturday the 8th from 10am to 5pm in Louisville, KY‎

Chris Speaks of a new kernel update released around the day of recording for Backtrack 4

Since you are able to listen to this podcast the DNS Security Update did not affect you

SANS Investigative Forensic Toolkit (SIFT) was updated

Links: http://www.exploit-db.com/ http://www.offensive-security.com/images/ryu-help-me.png Kid Friendly Podcast http://www.social-engineer.org/framework/Social_Engineering_Framework Free MSFU Course http://www.offensive-security.com/metasploit-unleashed/ SANS SIFT https://computer-forensics2.sans.org/community/siftkit/

Sponsor mention: Sunbelt Software Webinar: Thursday, May 27, 2010, 2PM - 3PM EDT Quarterly Briefing: Turn the tables on Bad Guys: Malware Unmasked

The cyber threat landscape is constantly changing, and even with the most sophisticated security you’re never completely protected from attacks. As part of our mission to ‘keep the bad guys out’, SunbeltLabs presents in this webinar how we use our own sandbox technology to keep a step ahead.

Sunbelt Software’s Lead Security Analyst, Brian Jack and Malware Response Manager, Dodi Glenn will discuss the current threat landscape and dig deeper into some of the most dangerous and complicated threats out there.  During this briefing we will focus on two different types of threats: malicious PDFs and rogue antivirus applications. Learn how to gain an edge when protecting your enterprise.

Whether you are dealing with spear phishing or mass attacks, join us to see how to deploy the right tools and learn how to quickly analyze and unmask malware. New threats require new technologies and techniques to protect yourself and your organization. Sign up now and turn the tables on the bad guys.

Chat with us on IRC at irc.freenode.net #securabit

Direct download: SecuraBit_EP56.mp3
Category:podcasts -- posted at: 8:33pm EDT

SecuraBit  Episode 55:  10000 Tubes of KY and a Case of Dog Biscuits!

Sponsored by Sunbelt Software!  Creators of the Sunbelt CWSandbox, for all your malware analysis needs!  Visit their website for more details!

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Christopher Mills – @thechrisam
Chris Gerling  – @chrisgerling
Andrew Borel –  @andrew_secbit

Missing Hosts:
Jason Mueller – @securabit_jay

Guests:
Joshua Wright - @joswr1ght http://www.willhackforsushi.com/

- Josh talks about the MiFi hack
- Bluetooth Hacking
- Barcode scanner hacking including the Bluetooth scanner hacks
- SANS SEC617 SEC617 Course
- 617BIT Discount Code for $500 off the vLive! Course
- Upcoming courses taught by Josh Wright http://www.sans.org/security-training/instructors_upcoming.php?id=97
- Pentest summit - Baltimore, MD - Josh will be speaking there.  His talk will be about essential crypto for pentesters.  http://www.sans.org/pen-testing-summit-2010/

General topics:
Mcafee Released a failed (fubar) virus definition Discussion thread
Gmail authentication code stolen
Someone we know was owned

Links:
http://www.willhackforsushi.com/
SEC617 Course
http://www.sans.org/security-training/instructors_upcoming.php?id=97
Bruce Schneier's book list
Dark Reading - Taking Penetration Testing In-House

Chat with us on IRC at irc.freenode.net #securabit

Direct download: SecuraBit_EP55.mp3
Category:podcasts -- posted at: 12:17pm EDT

SecuraBit  Episode 54 - Lions and Tigers and Banking Trojans, OH MY!

Hosts: Anthony Gartner – @anthonygartner http://anthonygartner.com Christopher Mills – @thechrisam Chris Gerling  – @chrisgerling Jason Mueller – @securabit_jay Andrew Borel –  @andrew_secbit

Guests: Sean-Paul Correll - @lithium -http://malwaredatabase.net/blog/ Threat researcher at Panda Security

According to the Panda Annual security report, 66% of all malware are trojans:

http://www.pandasecurity.com/img/enc/Annual_Report_Pandalabs_2009.pdf

Definition of a Banking Trojan.

Mariposa bot net take down:  http://pandalabs.pandasecurity.com/mariposa-botnet/

Virus Total Web:  http://www.virustotal.com/

Appeared at Security B-side in San Francisco Playing with Fire – Live Demonstration of Today’s Most Dangerous Malware http://www.ustream.tv/recorded/5143692

http://www.securitybsides.com/

Chat with us on IRC at irc.freenode.net #securabit

Direct download: SecuraBit_EP54.mp3
Category:podcasts -- posted at: 11:44am EDT

SecuraBit EP53: Thotcon If you think it you will go to Chicago!

SecuraBit Episode 53:  Thotcon If you think it you will go to Chicago

thotcon - http://www.thotcon.org/

Trustwave's Spider Labs - https://www.trustwave.com/spiderLabs.php

Chat with us on IRC at   irc.freenode.net #securabit

Hosts: Anthony Gartner – @anthonygartner Christopher Mills – @thechrisam Andrew Borel –  @andrew_secbit

Guests: Nick Percoc - Thotcon & Trustwave's Spider Labs Zach Fasel - Thotcon & Trustwave's Spider Labs

Links: http://www.thotcon.org/ https://www.trustwave.com/spiderLabs.php SpiderLabs Radio - http://itunes.apple.com/podcast/spiderlabs-radio/id300567984 https://www.trustwave.com/spiderLabs-tools.php

lacking Chris Gerling  – @chrisgerling Jason Mueller – @securabit_jay

Direct download: SecuraBit_EP53.mp3
Category:podcasts -- posted at: 1:06pm EDT

SecuraBit Episode 52: To catch a Mule with Krebs on Security!

Hosts: Anthony Gartner – @anthonygartner Christopher Mills – @thechrisam Chris Gerling  – @chrisgerling Jason Mueller – @securabit_jay Andrew Borel –  @andrew_secbit

Guests: Brian Krebs  - @briankrebs - http://www.krebsonsecurity.com/

VRT Blog Post:

http://vrt-sourcefire.blogspot.com/2010/03/apt-should-your-panties-be-in-bunch-and.html

Eric Chien, Symantec Zeus, King of the Bots: http://www.noryak.net/papers/zeus.pdf

Chat with us on IRC at   irc.freenode.net #securabit

Direct download: SecuraBit_EP52.mp3
Category:podcasts -- posted at: 12:06am EDT

SecuraBit EP51 - Malware Detection With Sunbelt Software

SecuraBit EP51 - Malware Detection With Sunbelt Software

Listen in as we discuss Sunbelt Software's CWSandbox and other products, along with in-depth malware detection and analysis!

#BSidesSF - Tuesday/Wednesday, March 2-3, 2010 @ 10am - 5pm #BSidesAustin - Saturday, March 13, 2010 #BSidesBOS - Saturday/Sunday, April 24-25, 2010 Chat with us on IRC at   irc.freenode.net #securabit

Hosts: Anthony Gartner – @anthonygartner Christopher Mills – @thechrisam Chris Gerling  – @chrisgerling Jason Mueller – @securabit_jay Andrew Borel –  @andrew_secbit

Guests: Brian Jack - Sunbelt Software Chad Loeven - Sunbelt Software

Links:

http://www.sunbeltsoftware.com/

http://www.sunbeltsoftware.com/Malware-Research-Analysis-Tools/Sunbelt-CWSandbox/

http://www.securitybsides.com/

Direct download: SecuraBit_EP51.mp3
Category:podcasts -- posted at: 11:42am EDT

Shmoocon 2010 Podcasters Meetup - NSFW!!!!!!

This is the audio from the 2010 pod-casters meet up.  This is UNEDITED and completely raw.  This file is NOT safe for work.  You have been warned.

Direct download: shmoo2010-podcastermeetup.mp3
Category:podcasts -- posted at: 9:29am EDT

SecuraBit Episode 50:  Interview with Rob Lee!

SecuraBit Episode 50:  Interview with Rob Lee!

  • What is SANS vLive?
  • Forensics
  • DOD Cyber Crime
  • How the forensics classes are structured.
  • 508 course and how it's changed. Divided up into essentials and then follow on courses.  6 total courses for all of the info.
  • APT - Advanced Persistant Threat
  • Q & A from the IRC

If you haven’t taken the Security 508 course yet we have an excellent  opportunity for you!  Rob will be teaching the SEC508 (Forensics) course  via the SANS vLive! platform beginning 3/23/2010.  Classes will occur  every Tuesday and Thursday until 4/29/2010 from 7-10PM EDT.

Use code SB508 to get a free GCFA certification attempt with the  purchase of the full course. Chat with us on IRC at   irc.freenode.net #securabit

Hosts: Anthony Gartner – @anthonygartner Christopher Mills – @thechrisam Chris Gerling  – @chrisgerling Jason Mueller – @securabit_jay Andrew Borel –  @andrew_secbit

Guests: Rob Lee - @robtlee

Links: http://phishme.com/ http://phishtank.com/

 

Direct download: SecuraBit_EP50.mp3
Category:podcasts -- posted at: 2:59pm EDT

SecuraBit Episode 49:  ConFoo.ca!

SecuraBit Episode 49:  ConFoo.ca!

Podcasters Meetup - http://www.podcastersmeetup.com/ ShmooCon - Saturday Evening @ 8PM

SANS Discount Code SB508 - Free GCFA attempt when using this link.

Philippe Gamache: Day job is focused on secure programing, developer training and code audit. About ConFoo.ca: -New conference about web technology -PHP Quebec Conference offshoot -Get all the user groups in the Monteral area together to share information -8 Separate tracks at the time

ShmooCon FireTalks

Escaping the clutches of The GOOG - http://www.securabit.com/2010/01/21/escaping-the-clutches-of-the-goog/

Hosts: Anthony Gartner – @anthonygartner Christopher Mills – @thechrisam Chris Gerling  – @chrisgerling Nicholas Berthaume - @aricon Andrew Borel –  @andrew_secbit

Guests: Philippe Gamache - ConFoo.ca - @SecureSymfony

Chat with us on IRC at irc.freenode.net #securabit

Links: ConFoo.ca - http://www.confoo.ca/en

Direct download: SecuraBit_EP49.mp3
Category:podcasts -- posted at: 4:10pm EDT

SecuraBit Episode 48:  Shmoocon (The Big Cheese) and PhoneFactor!

Hosts:
Anthony Gartner – @anthonygartner
Christopher Mills – @thechrisam
Jason Mueller - @securabit_jay
Chris Gerling  – @chrisgerling

Guests:
Bruce Potter - Shmoocon - @gdead
Steve Dispensa - CTO and Co-founder of PhoneFactor - http://www.phonefactor.com/about/management-team/steve-dispensa/ @dispensa
Marsh Ray - PhoneFactor - @marshray

Recent goings on:
If you are going to Cybercrime contact Jason Mueller (@securabit_jay) and see if he wants to meet up!
Sean Hausauer and David Shpritz join the crew!  Check out their blog postings!

SANS vLive!
January 26, 2010 @ 2PM EST  - Joshua Wright - Wireless Security (1 hour)
Use coupon code SECURABIT for $20.00 registration fee. Regularly $495.00
http://www.securabit.com/2010/01/13/sans-vlive-with-joshua-wright/

First Guest - Bruce Potter - Shmoocon - @gdead

Logistics of putting on a conference.
New events!
Ticket sales process is constantly evolving.

Wardman Park in 1920's:  http://www.shorpy.com/files/images/29398u.jpg
ShmooCon 2010 FireTalks:  http://www.novainfosecportal.com/2010/01/06/shmoocon-2010-firetalks/
Podcasters Meetup:  http://www.podcastersmeetup.com/

PhoneFactor:
How to fix SSL/TLS in software
The process of working with vendors to get a solution implemented.
Project Mogul

End:
Join us on January 27, 2010 when we speak with Phillipe Gaumeche about the ConFoo.Ca conference.
Chat with us on IRC at irc.freenode.net #securabit

Links:
Shmoocon - http://www.shmoocon.org/
PhoneFactor - http://www.phonefactor.com/

Not on the air:
Andrew Borel – @andrew_secbit

Direct download: SecuraBit_EP48.mp3
Category:podcasts -- posted at: 12:14pm EDT

SecuraBit Episode 47: Double Dutch! Listen in as we interview 1Password and NetWitness! Dave Teare - Co-Founder of 1Password Agile Web Solutions' 1 Password http://agilewebsolutions.com/products/1Password Q's What was the motivation to create 1Password? There are two key chain types that are used. Why the switch to the other one? When will we be able to sync across the iphone cord? (Edge/3G) 8.02.11 BGA type Are there plans to port 1Password to Win/Lin platforms? 1password Anywhere? Is there a way to import from other password managers? CSV format what is the difference between the 1password pro and the touch pro? http://help.agile.ws/1Password_touch/pro_vs_standard.html What is the diffrence between 1Password and 1Password Pro? Who actually maintains the twitter account? Find out more at http://get1password.com NetWitness - Eddie Schwartz http://www.netwitness.com/ Q's How long have you been with NetWitness? http://download.netwitness.com/ http://download.netwitness.com/download.php?src=DIRECT Google Earth integration - Very Cool!! What OS will the free or paid version work on and will it work from within a VM? What does netwitness do at the layer 7 level? Join us in IRC at irc.freenode.net #securabit Hosts: Anthony Gartner – @anthonygartner Christopher Mills – @thechrisam Jason Mueller - @securabit_jay Andrew Borel – @andrew_secbit Guests: Dave Teare - 1Password Eddie Schwartz - Netwitness
Direct download: SecuraBit_EP47.mp3
Category:podcasts -- posted at: 4:32pm EDT

SecuraNibble Episode 03 - Security Hour on IMP

SecuraNibble Episode 03 - Security Hour on IMP

This SecuraNibble is released out of band is an extra episode outside our normal releases.  This SecuraNibble is the recording of the conversation that happened on The International Mac Podcast held during their 12 Cubed event held on December 12, 2009.  The conversation was a general security round table held between our own Anthony Gartner, and panel of 4 other security pod-casters.  The panel of pod-casters include Bart Busschots of the International Mac Podcast, George Starcher of Typical Mac User Podcast, and the one and only Paul Asadoorian of PaulDotCom.com fame.

This SecuraNibble is not an extremely in depth and geeky conversation but one that covers a lot of general information and it applies to all operating systems not just the mac.

Direct download: SecuraNibble_EP03.mp3
Category:podcasts -- posted at: 10:46am EDT

SecuraBit Episode 46 – Making a Faster and Safer Web with Billy Hoffman

SecuraBit Episode 46 – Making a Faster and Safer Web with Billy Hoffman

Details of the Academy Pro Deal
New affiliation with the Academy Pro
Old podcasts at http://www.theacademypro.com/podcasts.php

Help people have a better user experience on the web.

Zoompf
-Billy's new company

Common Mistakes on Low Performing Websites

What is the best CMS to use.

How the report on Zoompf is being run currently.

New cameras and metadata
http://en.wikipedia.org/wiki/Exchangeable_image_file_format
-how much does the extra metadata take up in a file?

AT&T service and coverage

The origin of the name Zoompf

Link farms and domain squating

ICANN

IPV6

ShmooCon

Upcoming Events

http://www.google.com/calendar/ical/pe2ikdbe6b841od6e26ato0asc%40group.calendar.google.com/public/basic.ics

http://www.security-twits.com/

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller - @securabit_jay
Andrew Borel – @andrew_secbit

Guest:
Billy Hoffman - @zoompf - http://zoompf.com/blog/

Direct download: SecuraBit_EP46.mp3
Category:podcasts -- posted at: 6:13pm EDT

SecuraBit Episode 45 – More on DOJOCON

SecuraBit Episode 45 – More on DOJOCON

Marcus J Carey discusses MetaSponse tool to be released in mid-December. This uses the MetaSploit Framework for Incident Response.

Metasploit Framework 3.3  Released!
http://blog.metasploit.com/2009/11/metasploit-framework-33-released.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+metasploit%2Fblog+%28Metasploit+Blog%29

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Jason Mueller - @securabit_jay
Andrew Borel – @andrew_secbit

Guest:
Marcus Carey – @marcusjcarey

Links:

DojoCon - http://www.dojocon.org/
Hackers for Charity - http://www.hackersforcharity.org/
hak5 - http://www.hak5.org/

NoVA Hackers - http://groups.google.com/group/novahackers

dojosec @ USTREAM http://www.ustream.tv/dojosec
White Wolf Security - http://www.whitewolfsecurity.com/
ShmooCon 2010 - http://www.shmoocon.org/
Netwars Competition - http://www.sans.org/netwars/
International Spy Museum - http://www.spymuseum.org/
Cyber Forensics: Digital CSI - http://spymuseum.org/programs/calendar_pages/2009/q4/2009_12_01_prog.php
http://hashtags.org/tag/roachesmustdie

Direct download: SecuraBit_EP45.mp3
Category:podcasts -- posted at: 12:53pm EDT

SecuraBit Episode 44 - Dennis Hurst and Movember! SecuraBit Episode 44 – Guest Interview: Dennis Hurst, Senior Application Security Architect at HP Software & Solutions and a founding member of the Cloud Security Alliance Discussion of security and Agile development. Scaling agile requires feedback mechanisms and strong visibility http://h71028.www7.hp.com/enterprise/us/en/messaging/feature-software-scale-agile.html HP Application Security Center http://www.hp.com/go/stophackers Cloud Security Alliance http://cloudsecurityalliance.org Movember: Chris Gerling and Andrew Borel represent SecuraBit! http://us.movember.com/mospace/99916 (Chris) http://us.movember.com/mospace/361416/ (Andrew) Join us in IRC at irc.freenode.net #securabit Hosts: Anthony Gartner – @anthonygartner Chris Gerling – @chrisgerling Christopher Mills – @thechrisam Andrew Borel – @andrew_secbit Guest: Dennis Hurst Links: Movember - http://us.movember.com/ Donate to Security Podcasters Alliance - https://www.movember.com/us/donate/your-details/team_id/997 Security podcasters get hairy for charity - http://www.securecomputing.net.au/News/159403,security-podcasters-get-hairy-for-charity.aspx
Direct download: SecuraBit_EP44.mp3
Category:podcasts -- posted at: 3:47pm EDT

SecuraBit Episode 43 – The Academy Pro

SecuraBit Episode 43 – The Academy Pro

Guest Interview: Peter Giannoulis of The Academy Pro

Metasploit Rising

http://blog.metasploit.com/2009/10/metasploit-rising.html

WordPress 2.8.5: Hardening Release
http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/

Blubrry PowerPress Podcasting Plugin for WordPress
http://www.blubrry.com/powerpress/

Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks http://www.wired.com/threatlevel/2009/10/time-warner-cable/

Google Voice voicemails appearing in public search results
http://www.engadget.com/2009/10/19/google-voice-voicemails-appearing-in-public-search-results/

TweetDeck
http://www.tweetdeck.com/beta/

Porn, CSS History Hacking, User Recon and Blackmail
http://ha.ckers.org/blog/20091021/porn-css-history-hacking-user-recon-and-blackmail/

Windows 7
http://www.microsoft.com/windows/

Magic Mouse
http://www.apple.com/magicmouse/

Quick Shell Script to Extract Contents
http://pinowudi.blogspot.com/2009/10/quick-shell-script-to-extract-contents.html

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit

Guest:
Peter Giannoulis

Links:
The Academy Pro - http://www.theacademypro.com/
The Academy Home - http://www.theacademyhome.com/

Don't forget to listen to the end of the show for the guest appearances by both Kermit the Frog and Sean Connery

Direct download: SecuraBit_EP43.mp3
Category:podcasts -- posted at: 10:21am EDT

SecuraBit Episode 42 - Phreaking Sweet Con in TN.
SecuraBit Episode 42 – Phreaking Sweet Con in TN.
Phreaknic 13 – October 30 – November 1 2009
Phreaknic Curse
CCTV throughout hotel, great + for attending the con
Ware Chair Toss
Firing a jet engine in the parking lot.
Four Tracks
1 Cumberland (Main ballroom)
2 9th Floor (Vendor Area)
3 Cafe Area (Gaming)
4 Contest Area
Size of conferences
ShmooCon
Running Conferences
#RoachesMustDie from ShmooCon 2009 via Security Justice
Microsoft Security Essentials - http://www.microsoft.com/security_essentials/
New iTunes Store - http://www.apple.com/itunes/
Metasploit hiring in Austin, TX
New version of Pocket God for the iPhone
Hacker Consortium - http://hackerconsortium.com/

Join us in IRC at irc.freenode.net #securabit
Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit
Guest:
SkyDog
Links:
Direct download: Securabit_EP42.mp3
Category:podcasts -- posted at: 12:09pm EDT