Show Notes:



InfoSec News Update – 


• The Hacker News Hacking Awards : Best of Year 2011 – Link Here
• Japan’s Anti-Virus Virus – Link Here
• Nginx (pronunciation: “engine-ex”) becomes #2 web server
• Saudi hackers break into Israeli site – Link Here
• 3 Surefire Ways to Tick Off an Auditor – Link Here
• OWASP AJAX Crawling Tool – Link1 / Link2

Discussion Topic – 2012 Breach Report

1. Care2 Discloses Breach; Company Has Nearly 18 Million Members – Link Here
2. AntiSec hit California and NY Law Enforcement Sites – Link Here
3. Anonymous Nabs 50,000 Credit Card Numbers From Security Think Tank – Link Here

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/



Tour Dates:

1. Jan 6 – Dallas – Curtain Club
2. Jan 27 – Dallas – Trees
3. Jan 28 – Dallas – Trees
4. Mar 2 – Dallas – Curtain Club – 7th Album CD Release Party
5. Mar 3 – Houston – BFE Rock Club
6. Mar 24 – Fort Worth – The Rail Club
7. May 5 – Dallas – Renos Chop Shop

Intro – RivetHead – “The 13th Step”
News Bed – RivetHead - “Beautiful Disaster”
Discussion Bed – RivetHead - “Difference”
Outro – RivetHead – “Zero Gravity”

Link to MP3
Local Link To MP3

Show Notes:

InfoSec News Update -

• HouSecCon 2011 update – Link Here
• PCI Physical badging Gap – Link Here
• Using Mario against us (evil) – Link Here
• ½ of lost/stolen mobile device have sensitive info on them – Link Here
• Defining appropriate Cyber Attack response, A.K.A Eat my cruise missile you Commie, Pinko hacker! – Link Here
• Clickjacking, Cookiejacking oh my! – Link 1/ Link 2/ Link 3 / Link 4
• Can you have too much security? – Link Here

Geek Toys –

• Ubertooth one - Link Here
• Pwnie Express – Link Here

Discussion Topic – Five Infamous Database Breaches So Far In 2011 - Link Here

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

Tour dates:

• July 9 – with Powderburn, Earthrot, and more – Tomcats West in Fort Worth, TX
• July 24 – with Creeper, Phantom X, and more – Oriley’s in Dallas, TX

Intro – RivetHead – “Stirring It Up Again”
News Bed – RivetHead - “Beautiful Disaster”
Discussion Bed – RivetHead - “Difference”
Outro – RivetHead – “Zero Gravity”

Link to MP3

Local Link to MP3

Show Notes:

InfoSec News Update -

• HouSecCon 2011 update – Registration is open – Link Here
• Michaels Breached due to Card Skimmers – Link Here
• Dropbox saga continues (and heads to the feds) – Link 1 / Link 2 / Link 3
• Fox Broadcasting hacked – Link Here
• Verizon Business releases their 2011 DBI Report – Link Here
• Mythbusting: Static Analysis Software Testing – Link Here
• LastPass incident handling – Link Here
• CVRF – Common Vulnerability Reporting Framework – Link here

Discussion Topic – Scoping too small…

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

Tour dates:

• July 9 – with Powderburn, Earthrot, and more – Tomcats West in Fort Worth, TX
• July 24 – with Creeper, Phantom X, and more – Oriley’s in Dallas, TX

Intro – RivetHead – “Stirring It Up Again”
News Bed – RivetHead - “Beautiful Disaster”
Discussion Bed – RivetHead - “Difference”
Outro – RivetHead – “Zero Gravity”

Link to MP3

Local Link to MP3

Show Notes:

InfoSec News Update -

• TexSecConTriangle.com coming soon – HouSecCon, BSidesDFW, and LasCon
• Gonzales Update – Link Here
• Dropbox Pwnage -Link Here
• TX exposes 3.5 Mill records – Link Here
• Yet another Security Company Fail – Link Here
• IPhone keylogger – Link Here
• Law Firms Under Siege – Link Here

Discussion Topic – Reading the Fine Print in Cloud Computing – Link Here

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

Tour dates:

• Apr 20, 2011 – Sevendust, RIVETHEAD and TBA – Trees – Dallas, TX
• May 7, 2011 – Powderburn and RIVETHEAD – BFE Rock Club – Houston, TX
• Jun 4, 2011 – RIVETHEAD, The Razorblade Dolls, Horror Cult and more – The Rail – Fort Worth, TX
• Jul 9, 2011 – RIVETHEAD, Powderburn, Earthrot and more – Tomcats West – Fort Worth, TX

Intro – RivetHead – “Stirring It Up Again”
News Bed – RivetHead - “Beautiful Disaster”
Discussion Bed – RivetHead - “Difference”
Outro – RivetHead – “Zero Gravity”

Link to MP3
Local Link to MP3

Show Notes:

InfoSec News Update -

• HouSecCon 2011 – Call for Papers is still On
• The Data Breach Final Four Bracket – Link Here
• Watching the Fall Out….Again – RSA Hacked – Link Here
• Samsung Installing A Keylogger on New Laptops…. Or Maybe not – Link 1 / Link 2 /Link 3
• HealthNet Breach – Link Here
• NASA Needs to Develop A Security Program – Link Here
• Mass SQL Injection – Link Here
• Personal Story – Really Sketchers? Really?

Discussion Topic – How Detailed is Your Dr Plan?

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

Tour dates:

• Apr 20, 2011 – Sevendust, RIVETHEAD and TBA – Trees – Dallas, TX
• May 7, 2011 – Powderburn and RIVETHEAD – BFE Rock Club – Houston, TX
• Jun 4, 2011 – RIVETHEAD, The Razorblade Dolls, Horror Cult and more – The Rail – Fort Worth, TX
• Jul 9, 2011 – RIVETHEAD, Powderburn, Earthrot and more – Tomcats West – Fort Worth, TX

Intro – RivetHead – “Stirring It Up Again”

News Bed – RivetHead – “Beautiful Disaster”
Discussion Bed – RivetHead - “Difference”
Outro – RivetHead – “Zero Gravity”

Link to MP3

Local Link to MP3

Show Notes:

InfoSec News Update -

• HouSecCon 2011 Call for Papers – Link Here
• Busting DLP Myths or Playing with Hype? Link Here
• Google collecting kid’s info (including last 4 of SSN) for Doodling contest – Link Here
• Smartphone security threats overdramatized – Link Here
• 7 Deadly Sins – Link Here
• Another certification debate – Link Here
• Abusing HTTP Status Codes to Expose Private Information – Link Here

Geek Toys –

• Dream Plug PC – Link Here
• ATI 5970 for the GPU Win – Link Here for Specs / Link to Hashcat Forums

Discussion Topic – Saying No to Bad Patents – Link 1 / Link 2 / Link 3

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

Tour dates:

• Feb 26th – in Carlsbad NM
• March 19 – The American Airlines Center at the Dallas Stars Hockey Game

Intro – RivetHead – “Stirring It Up Again”
News Bed – RivetHead – “Beautiful Disaster”
Discussion Bed – RivetHead - “Difference”
Outro – RivetHead – “Zero Gravity”

Link to MP3
Local Link to MP3

In either case, we’re back, and in the immortal words of Rivethead, we’re “Stirring It Up Again” (you’ll read about Riverthead below and hear about them in the podcast). Jim, Dan, and I got together on a cold and stormy night (at least in Houston and Denver) to talk about all things InfoSec. Show notes are below. Oh, and yes, we are going with a new theme for numbering our episodes. I think it takes away the pressure a little myself since I don’t have to worry about huge numbers for episodes. Of course, I’ll have to count now, which sucks (thanks Jim).

Show Notes:

InfoSec News Update -

• Study shows non-compliance more expensive than compliance (study was sponsored by Tripwire) – Article Link / Report Link
• Security Fail – When Trusted IT members go bad!! – Link Here

  “It’s a CIO’s worst nightmare: You get a call from the Business Software Alliance (BSA), saying that some of the Microsoft software your company uses might be pirated. You investigate and find that not only is your software illegal, it was sold to you by a company secretly owned and operated by none other than your own IT systems administrator, a trusted employee for seven years. When you start digging into the admin’s activities, you find a for-pay porn Web site he’s been running on one of your corporate servers. Then you find that he’s downloaded 400 customer credit card numbers from your e-commerce server. And here’s the worst part: He’s the only one with the administrative passwords.”

• Looking back at old security news – have we made progress?? – Link Here (Registration required for full article)
• A SLOW Death! – Link Here
• Egypt gets Internet connection back – Link Here
• Ever Cookie’s Anyone? – Link Here

Discussion Topic #1 – CSRF and Clickjacking – Link Here

Music Notes:

Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

Tour dates:

Intro – RivetHead – “Stirring It Up Again”

Outro – RivetHead – “Zero Gravity”

Link to MP3

Anyway all 3 of us here this time… enjoy.

Show Notes:

InfoSec News Update -

• Web App Firewall Discussion Continues – Link 1 / Link 2 / Link 3 / Link 4
• Good Ole’ Firmware Hack – Link Here
• Small and MidSize Businesses are Getting Serious About Security – Link Here
• Looking for the Next Generation of Security Folks -Link Here
• “POET” Released – Link Here
• Fingerprinting the Bad Guys – Link Here
• Careful Where You Sext! – Link Here
• Encouraging Everyone to Participate in the Survey -Link Here

Discussion Topic #1 – Google Is Watching Your Wifi, But do You Really Care?

Discussion Topic #2 - Ye’ Old “Disclosure” Debate…Again?!? Link 1 / Link 2

Music Notes –

• Intro / Outro – Digital Breaks – “Therapy”
• Segway #1 – Building Rome – “Bored”
• Segway #2 – This is Fiction – “Breathe”
• Segway #3 – Patent Pending – “Los Angeles”

Local Link to File

Main Website Link

Anyway for this episode, Dan and I (Jim) found ourselves with 30 minutes or so of spare time, not much of a script, and working mics… so we sat down and simply recorded an unscripted show of us rambling about things that are going on for the moment.

Info Sec News Moments:

• Kudos to MS’ IE 8 Add Campaign – Link Here
• Jim’s 4.5 Seconds of fame – DenverGov website Hack – Link Here
• Android and the SMS Rootkit Hack – Link Here
• Google Ditching Windows due to Security Concerns – Link Here
• Denver OWASP – SnowFroc Con – Link Here

Music Notes:

• Intro / Outro – Digital Breaks – “Therapy”

Local Link to File

Main Website Link

Show Notes:

InfoSec News Update –

• Physical Security on Mac sucks – Link Here
• What Drives Corporate Security Spending? – Link Here
• Crazy Patch Week – Link 1 / Link 2
• Federal Court Uphold Border Searches for Laptops – Link Here
• Are Bank Breaches Still Trending High in 2010 -Link Here
• So Easy, Even a Celebretard Can Do It! – Link Here
• Perceptions Of Security Vary Widely Between IT Management, Security Staff – Link Here
• Slow Death of XSS Vulns – Link Here

Discussion Topic #1 – Integration of Web Vuln Scanners with IPS/WAFs

Discussion Topic #2 - Update your End user Awareness Training and stop blaming your users!

Link 1 / Link 2 / Link 3

Music Notes:

• Intro / Outro – Digital Breaks – “Therapy”
• Segway 1 – The Mannish Boys – “Too Tired”
• Segway 2 – Slide Show Baby – “Long, Long Road”
• Segway 3 – Megaphone – “Making Sense”

Local Link to File

Main Website Link