Ben and Matt Screw Up HTML
Thanks Matt-Dave, this is Ben-Jamie for episode 0x65 (82 for those of you not good with the hexa-ma-decimal) and we’re down a bunch of peope tonight but that’s okay because we’re super committed (except Wil, he’s doing who knows what somewhere). Tonight we’ve got a lot of news about vulns and then a brief stroll through the cybers, derps and mailbags before calling it a night. Hey Matt, what’s in the news?
Upcoming this week…
- Lots of News
- SCADA / Cyber, cyber… etc.
- finishing it off with DERPs/Mailbag (or Deep Dive)
- And there are weekly Briefs – no arguing or discussion allowed
And if you’ve got commentary, please sent it to firstname.lastname@example.org for us to check out.
DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- glibc – Set fire to the rain
- Google’s advisory on glibc vuln
- Cisco’s firewall doesn’t… you know… firewall and it’s a pretty nasty vuln affecting millions of ASA deployments
making it ripe for worm fodder.
The vuln was discovered by Exodus Intel.
Predictably the mass scanning started ,
and Qualys made some pretty good points about this vuln.
Notably, Cisco has released an IDS signature back in November;
but how does that help an admin who gets the alert.
This mitigation probably didn’t work.
- Fireeye vuln let’s you whitelist malware
- Apple Encryption Bomb Dropped
- Trail of Bits Technical Deep Dive on Apple Encryption
Have you thought about doing a livestream?
- Dave: – RSA!
- James: – Nowhere – except for going to Seattle next week
- Ben: – Nowhere
- Matt: – RSA!
- Wil: – in his trailer between takes
- Other LSD Writers: – There is no Other Writers
- Closing Thoughts
- Seacrest Says: Eggplant 2 – Mother approved
Download the MP3
Creative Commons license: BY-NC-SA