3 Security Buddies

3 Security Buddies

Podcast by Paul Kehrer, Robert Clark, Matias Brutti

Kokeile 90 vrk maksutta

Weekly podcast where three security buddies discuss security topics.

90 vrk ilmainen kokeilu

Kokeilun jälkeen 19,99 € / kuukausi.Peru milloin tahansa.

Aloita maksutta

Kaikki jaksot

8 jaksot
episode 3SB-8: Password Complexity artwork
3SB-8: Password Complexity

Follow up: * No follow ups Topics: * NIST changing password requirements * Roundtable how we got into security + suggestions Paul Rant: * Paul is on vacation. No Rants. Links: * https://pages.nist.gov/800-63-3/sp800-63b.html [https://pages.nist.gov/800-63-3/sp800-63b.html] * https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords [https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Special Guest: Travis McPeak @travismcpeak Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

24. kesäk. 2021 - 1 h 0 min
episode 3SB-7: 🍎 Security Worms artwork
3SB-7: 🍎 Security Worms

Follow up: * US is elevating ransomware the same level of terrorism. Topics: * Apple Security WWDC * Move beyond passwords ( iCloud Keychain WebAuthN keys ) * Discover account-driven User Enrollment * Secure login with iCloud Keychain verification codes ( domain-binding apple-totp ) * Polkit PrivEsc * Growing abuse of Kubernetes (it’s not containers) Paul Rant: * Apple Bug Report blackhole Links: * https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ [https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/] * https://threatpost.com/microsoft-cryptomining-kubeflow/166777/ [https://threatpost.com/microsoft-cryptomining-kubeflow/166777/] * https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/ [https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

16. kesäk. 2021 - 1 h 28 min
episode 3SB-6: Dependency Hell artwork
3SB-6: Dependency Hell

Follow up: - Nothing this week Topics: * Automated Fuzzing Testing in Go * Stack Overflow Supply Chain Attacks * Deps.dev * Update on Github’s policies regarding exploits, malware, and vulnerability research Paul Rant: * Pinning dependencies on Libraries Links: * https://blog.golang.com/fuzz-beta [https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/] * https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400 [https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400] * https://deps.dev [https://deps.dev] * https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/ [https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

09. kesäk. 2021 - 54 min
episode 3SB-5: Hardware Apocalypses artwork
3SB-5: Hardware Apocalypses

Follow up: * Vaxxed || Mask Rant Update * WhatsApp will not be removing functionality. Topics: * OpenSSL Rustification * Data without context is useless * AMD attacks on Virtual Machine Protection System. * M1ssing Register Access Controls Leak EL0 State Paul Rant: * QC35 switch is garbage. GARBAGE! Links: * https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/ [https://therecord.media/two-attacks-disclosed-against-amds-sev-virtual-machine-protection-system/] * https://m1racles.com [https://m1racles.com] Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

03. kesäk. 2021 - 1 h 5 min
episode 3SB-4: EuroCyberVision artwork
3SB-4: EuroCyberVision

Episode Follow up: * Codecov Mercari * Audacity Open Source Telemetry Topics: * WhatsApp: Give me your privacy or I will stop working. * Russian Keyboard as a first line of defense * Craig Federighi MacOS vs iOS Security Model Paul Rant: * Vaxxed or Mask. Trust by Verify Rant by Matias Brutti. Links: * https://about.mercari.com/en/press/news/articles/20210521_incident_report/ * https://github.com/audacity/audacity/discussions/889 * https://blog.malwarebytes.com/privacy-2/2021/05/whatsapp-calls-and-messages-will-break-unless-you-share-data-with-facebook/ * https://www.schneier.com/blog/archives/2021/05/adding-a-russian-keyboard-to-protect-against-ransomware.html * https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/ * https://9to5mac.com/2021/05/19/craig-federighi-mac-malware-problem/ * https://www.imore.com/craig-federighi-defends-iphone-security-throwing-mac-under-bus Hosts: Paul Kehrer @reaperhulk Robert Clark @hyakuhei Matías Brutti @MrBrutti Post-Production: Matias Brutti @MrBrutti Disclaimer:The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers.

26. toukok. 2021 - 1 h 6 min
Loistava design ja vihdoin on helppo löytää podcasteja, joista oikeasti tykkää
Laura
App Store
Loistava design ja vihdoin on helppo löytää podcasteja, joista oikeasti tykkää
Laura
App Store
Kiva sovellus podcastien kuunteluun, ja sisältö on monipuolista ja kiinnostavaa
Martin
App Store
Todella kiva äppi, helppo käyttää ja paljon podcasteja, joita en tiennyt ennestään.
Podcast4life
App Store

90 vrk ilmainen kokeilu

Kokeilun jälkeen 19,99 € / kuukausi.Peru milloin tahansa.

Podimon podcastit

Mainoksista vapaa

Maksuttomat podcastit

Äänikirjat

100 tuntia / kk

Aloita maksutta

Vain Podimossa

GaalaMartina & EskoSana on vapaaSami & JormaMurha joka tapahtuiIsoi juttuiPapupataJoku tietää jotainAki Linnanahde Talk ShowSaatan olla väärässäkin

Suosittuja äänikirjoja

Twisted 1: RakkausÄäniTwisted 2Amerikkalainen painajainenMaailman vaarallisin rikollisjärjestö 'NdranghetaTytärNäin päästin perheeni päiviltäHakkuuElollisetYou Are a BadassOpettajaVyöryKatso minuun pienehenValheiden vangitMies joka huusi suttaOpas vagushermon parantavaan voimaanUniin piirretty polkuHarhautusLuo itsesi uudelleenSukellusArkisatuja aikuisilleLäsnäolon voimaÄlykäs intuitioLapset lukkojen takana