3 Security Buddies

3 Security Buddies

Podcast af Paul Kehrer, Robert Clark, Matias Brutti

Begrænset tilbud

3 måneder kun 9,00 kr.

Derefter 99,00 kr. / månedIngen binding.

Kom i gang
Phone screen with podimo app open surrounded by emojis

Mere end 1 million lyttere

Du vil elske Podimo, og du er ikke alene

Rated 4.7 in the App Store

Læs mere 3 Security Buddies

Weekly podcast where three security buddies discuss security topics.

Alle episoder

8 episoder
episode 3SB-8: Password Complexity artwork
3SB-8: Password Complexity

Follow up: * No follow ups Topics: * NIST changing password requirements * Roundtable how we got into security + suggestions Paul Rant: * Paul is on vacation. No Rants. Links: * https://pages.nist.gov/800-63-3/sp800-63b.html [https://pages.nist.gov/800-63-3/sp800-63b.html] * https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords [https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Special Guest: Travis McPeak @travismcpeak Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

24. jun. 2021 - 1 h 0 min
episode 3SB-7: 🍎 Security Worms artwork
3SB-7: 🍎 Security Worms

Follow up: * US is elevating ransomware the same level of terrorism. Topics: * Apple Security WWDC * Move beyond passwords ( iCloud Keychain WebAuthN keys ) * Discover account-driven User Enrollment * Secure login with iCloud Keychain verification codes ( domain-binding apple-totp ) * Polkit PrivEsc * Growing abuse of Kubernetes (it’s not containers) Paul Rant: * Apple Bug Report blackhole Links: * https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ [https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/] * https://threatpost.com/microsoft-cryptomining-kubeflow/166777/ [https://threatpost.com/microsoft-cryptomining-kubeflow/166777/] * https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/ [https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

16. jun. 2021 - 1 h 28 min
episode 3SB-6: Dependency Hell artwork
3SB-6: Dependency Hell

Follow up: - Nothing this week Topics: * Automated Fuzzing Testing in Go * Stack Overflow Supply Chain Attacks * Deps.dev * Update on Github’s policies regarding exploits, malware, and vulnerability research Paul Rant: * Pinning dependencies on Libraries Links: * https://blog.golang.com/fuzz-beta [https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/] * https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400 [https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400] * https://deps.dev [https://deps.dev] * https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/ [https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

09. jun. 2021 - 54 min
episode 3SB-5: Hardware Apocalypses artwork
3SB-5: Hardware Apocalypses

Follow up: * Vaxxed || Mask Rant Update * WhatsApp will not be removing functionality. Topics: * OpenSSL Rustification * Data without context is useless * AMD attacks on Virtual Machine Protection System. * M1ssing Register Access Controls Leak EL0 State Paul Rant: * QC35 switch is garbage. GARBAGE! Links: * https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/ [https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/] * https://m1racles.com [https://m1racles.com] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

03. jun. 2021 - 1 h 5 min
episode 3SB-4: EuroCyberVision artwork
3SB-4: EuroCyberVision

Episode Follow up: * Codecov Mercari * Audacity Open Source Telemetry Topics: * WhatsApp: Give me your privacy or I will stop working. * Russian Keyboard as a first line of defense * Craig Federighi MacOS vs iOS Security Model Paul Rant: * Vaxxed or Mask. Trust by Verify Rant by Matias Brutti. Links: * https://about.mercari.com/en/press/news/articles/20210521_incident_report/ * https://github.com/audacity/audacity/discussions/889 * https://blog.malwarebytes.com/privacy-2/2021/05/whatsapp-calls-and-messages-will-break-unless-you-share-data-with-facebook/ * https://www.schneier.com/blog/archives/2021/05/adding-a-russian-keyboard-to-protect-against-ransomware.html * https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/ * https://9to5mac.com/2021/05/19/craig-federighi-mac-malware-problem/ * https://www.imore.com/craig-federighi-defends-iphone-security-throwing-mac-under-bus Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

26. maj 2021 - 1 h 6 min
En fantastisk app med et enormt stort udvalg af spændende podcasts. Podimo formår virkelig at lave godt indhold, der takler de lidt mere svære emner. At der så også er lydbøger oveni til en billig pris, gør at det er blevet min favorit app.
En fantastisk app med et enormt stort udvalg af spændende podcasts. Podimo formår virkelig at lave godt indhold, der takler de lidt mere svære emner. At der så også er lydbøger oveni til en billig pris, gør at det er blevet min favorit app.
Rigtig god tjeneste med gode eksklusive podcasts og derudover et kæmpe udvalg af podcasts og lydbøger. Kan varmt anbefales, om ikke andet så udelukkende pga Dårligdommerne, Klovn podcast, Hakkedrengene og Han duo 😁 👍
Podimo er blevet uundværlig! Til lange bilture, hverdagen, rengøringen og i det hele taget, når man trænger til lidt adspredelse.
Phone screen with podimo app open surrounded by emojis

Rated 4.7 in the App Store

Begrænset tilbud

3 måneder kun 9,00 kr.

Derefter 99,00 kr. / månedIngen binding.

Eksklusive podcasts

Uden reklamer

Gratis podcasts

Lydbøger

20 timer / måned

Kom i gang

Kun på Podimo

Populære lydbøger