3 Security Buddies
Podcast de Paul Kehrer, Robert Clark, Matias Brutti
Disfruta 90 días gratis
9,99 € / mes después de la prueba.Cancela cuando quieras.
Más de 1 millón de oyentes
Podimo te va a encantar, y no sólo a ti
Valorado con 4,7 en la App Store
Acerca de 3 Security Buddies
Weekly podcast where three security buddies discuss security topics.
Todos los episodios
8 episodios
Follow up: * No follow ups Topics: * NIST changing password requirements * Roundtable how we got into security + suggestions Paul Rant: * Paul is on vacation. No Rants. Links: * https://pages.nist.gov/800-63-3/sp800-63b.html [https://pages.nist.gov/800-63-3/sp800-63b.html] * https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords [https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Special Guest: Travis McPeak @travismcpeak Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.
Follow up: * US is elevating ransomware the same level of terrorism. Topics: * Apple Security WWDC * Move beyond passwords ( iCloud Keychain WebAuthN keys ) * Discover account-driven User Enrollment * Secure login with iCloud Keychain verification codes ( domain-binding apple-totp ) * Polkit PrivEsc * Growing abuse of Kubernetes (it’s not containers) Paul Rant: * Apple Bug Report blackhole Links: * https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ [https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/] * https://threatpost.com/microsoft-cryptomining-kubeflow/166777/ [https://threatpost.com/microsoft-cryptomining-kubeflow/166777/] * https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/ [https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.
Follow up: - Nothing this week Topics: * Automated Fuzzing Testing in Go * Stack Overflow Supply Chain Attacks * Deps.dev * Update on Github’s policies regarding exploits, malware, and vulnerability research Paul Rant: * Pinning dependencies on Libraries Links: * https://blog.golang.com/fuzz-beta [https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/] * https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400 [https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400] * https://deps.dev [https://deps.dev] * https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/ [https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.
Follow up: * Vaxxed || Mask Rant Update * WhatsApp will not be removing functionality. Topics: * OpenSSL Rustification * Data without context is useless * AMD attacks on Virtual Machine Protection System. * M1ssing Register Access Controls Leak EL0 State Paul Rant: * QC35 switch is garbage. GARBAGE! Links: * https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/ [https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/] * https://m1racles.com [https://m1racles.com] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.
Episode Follow up: * Codecov Mercari * Audacity Open Source Telemetry Topics: * WhatsApp: Give me your privacy or I will stop working. * Russian Keyboard as a first line of defense * Craig Federighi MacOS vs iOS Security Model Paul Rant: * Vaxxed or Mask. Trust by Verify Rant by Matias Brutti. Links: * https://about.mercari.com/en/press/news/articles/20210521_incident_report/ * https://github.com/audacity/audacity/discussions/889 * https://blog.malwarebytes.com/privacy-2/2021/05/whatsapp-calls-and-messages-will-break-unless-you-share-data-with-facebook/ * https://www.schneier.com/blog/archives/2021/05/adding-a-russian-keyboard-to-protect-against-ransomware.html * https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/ * https://9to5mac.com/2021/05/19/craig-federighi-mac-malware-problem/ * https://www.imore.com/craig-federighi-defends-iphone-security-throwing-mac-under-bus Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.
Valorado con 4,7 en la App Store
Disfruta 90 días gratis
9,99 € / mes después de la prueba.Cancela cuando quieras.
Podcasts exclusivos
Sin anuncios
Podcast gratuitos
Audiolibros
100 horas / mes
