Liquidmatrix Security Digest Podcast - Episode D

Episode D -- The Boys of Summer

Good News Everybody!

This is the longest one we've recorded yet -- by 0:59 -- and we will try to get these back down under an hour. Pinky swear. We've also gone over 10000 downloads from 63 countries. That's kinda cool - and thank you all very much. Lots of good stuff in this episode, it's totally worth the 74 minutes.

Hackers The SCADAs Java Lawyers MOAR SCADAS!!!! Apple, Microsoft Stupid Employee Tricks …and then our discussion topic - Employee Tricks

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

In this episode:

News Microsoft NZ exposes TechEd delegates' passwords Hackers vent ire, deface Youth Congress site Antisec Hackers Breach Globalcerts, Post Data Online Oilsands a hacker target: RCMP Particularly good article on impact of Java vulns on Mac users and American Bar Association Ethics rules now require IT knowledge Apple Genius Training Manual Toyota hacked by ex-IT worker, sensitive info stolen ZOMG ANOTHER SCADAS! RasGas computers are “aramco’d” and Who's responsible Breaches 1 MILLION accounts leaked in megahack on banks, websites Indianapolis based Cancer Care Group -- 55k medical records Canada's Maple Syrup Strategic Reserve Stolen (no, not a joke) Errata Something hinky going on with Aaron Portnoy (former TippingPoint ZDI manager) Commentary Foot In The Door - Employee Tricks How to find the really great employees Hardcore And how to get rid of the really bad ones Mailbag / Bizarro Land

Hi LSD crew

REDACTED REDACTED REDACTED. What about REDACTED?

((We're taking this as "how to manage the need to communicate without being able to communicate" -- aka, the frieNDA.))

thanks,

Jimmy, Nova Scotia

In Closing The Security Conference Library -- is a copy of the conferences amassed by @helpmerob and we’re adding more. If you’ve got pix/pdfs/slides/code/video of a security conference and you want to add to an attempt at the largest/bestest/least dickish security conference library -- send us a note (mailbag) and we’ll take your bits and file them. (NOTE: that link will send you to http://myrcurial.com/conferences but you can totally trust that guy) If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca Three Quarters of Liquidmatrix (with some Securosis added in) are doing a panel at SecTor Vote Dave for ISC2 Board Ballot! The Seacrest says “Everybody's working for the weekend"

Creative Commons license: BY-NC-SA