Episode 0x65
Ben and Matt Screw Up HTML
Thanks Matt-Dave, this is Ben-Jamie for episode 0x65 (82 for those of you not good with the hexa-ma-decimal) and we're down a bunch of peope tonight but that's okay because we're super committed (except Wil, he's doing who knows what somewhere). Tonight we've got a lot of news about vulns and then a brief stroll through the cybers, derps and mailbags before calling it a night. Hey Matt, what's in the news?
Upcoming this week...
Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowedAnd if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.
In this episode:
News and Commentary glibc - Set fire to the rain Google's advisory on glibc vuln Cisco's firewall doesn't... you know... firewall and it's a pretty nasty vuln affecting millions of ASA deployments making it ripe for worm fodder. The vuln was discovered by Exodus Intel. Predictably the mass scanning started , and Qualys made some pretty good points about this vuln. Notably, Cisco has released an IDS signature back in November; but how does that help an admin who gets the alert. This mitigation probably didn't work. SCADA / Cyber, cyber... etc Fireeye vuln let's you whitelist malware Apple Encryption Bomb Dropped Trail of Bits Technical Deep Dive on Apple Encryption DERP Fake Download Buttons Be Gone! 3rd Party JavaScript in Major Banks Login Forms MailbagHi-Di-Ho
Have you thought about doing a livestream?
Mr. Hanky
Creative Commons license: BY-NC-SA