Episode 0x64
FIVE Golden Digests…
Yup, back again. Actually a thing. There’s even some people here to talk to you about security things. And whining. Also, fuck you Skype.
Upcoming this week…
- Lots of News
- Breaches
- SCADA / Cyber, cyber… etc.
- finishing it off with DERPs/Mailbag (or Deep Dive)
- And there are weekly Briefs – no arguing or discussion allowed
And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.
DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work.
ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don’t need to speak for anyone except themselves. Ok? Good.
In this episode:
- News and Commentary
- Dridex Malware Platform installing Avira
- Let’s encrypt has crossed 500K
- SANS Securing the Human Newsletters
And use Gophish to test them out… - Job hunting? White House seeking a CISO
- SCADA / Cyber, cyber… etc
- DERP
- VTech: “Not our bad…” ¯\_(?)_/¯
- Microsoft doesn’t understand what “no” means
- Avast decides to pull a Comodo
- Your backups should be in a separate cloud thingie
- Alibaba security team fails to notice 99 million brute force attempts – TAO says “you’re welcome”
- Mailbag
-
Dear Digestives
What’s the deal with auditors and the woodie they’ve got for full disk encryption on servers in secured data centers?
Love you all, but I NEED AN ANSWER NOW
- Briefly — NO ARGUING OR DISCUSSION ALLOWED
- Archive.org’s Malware archive
- Make all those asshole auditors shut up about O365
- Specialists Vs. Generalists by some guy named Nick
- Pamela Anderson is in a movie about the singularity
- RSA Parties List 2016
- Upcoming Appearances: — more gratuitous self-promotion
- Dave: – RSA, CSA Summit 2016 (Slovenia), FIRST …25th?
- James: – I work. A lot.
- Ben: – Also works. A lot.
- Matt: – There is no Matt.
- Wil: – Doesn’t work so much… Rehearsing for Radioheaded (again…), more CBC news coming…
- Other LSD Writers: – There is no Other Writers
- Closing Thoughts
- Seacrest Says: Eggplant
- http://lsdp-rawfeed.tumblr.com/tagged/briefly
Download the MP3
Listen:
Subscribe to us using plain old 
Also, we’re now available through 
Creative Commons license: BY-NC-SA
I actually had an auditor ask step-by-step how our servers encrypt data at rest, complete with screenshots. We had to walk him through a ~15 page document to prove that we have encryption and it’s properly implemented. So while there are a bunch of free encryption tools out there you should still make sure you can explain what exactly they do just in case!