Anyway all 3 of us here this time… enjoy.

Show Notes:

InfoSec News Update -

• Web App Firewall Discussion Continues – Link 1 / Link 2 / Link 3 / Link 4
• Good Ole’ Firmware Hack – Link Here
• Small and MidSize Businesses are Getting Serious About Security – Link Here
• Looking for the Next Generation of Security Folks -Link Here
• “POET” Released – Link Here
• Fingerprinting the Bad Guys – Link Here
• Careful Where You Sext! – Link Here
• Encouraging Everyone to Participate in the Survey -Link Here

Discussion Topic #1 – Google Is Watching Your Wifi, But do You Really Care?

Discussion Topic #2 - Ye’ Old “Disclosure” Debate…Again?!? Link 1 / Link 2

Music Notes –

• Intro / Outro – Digital Breaks – “Therapy”
• Segway #1 – Building Rome – “Bored”
• Segway #2 – This is Fiction – “Breathe”
• Segway #3 – Patent Pending – “Los Angeles”

Local Link to File

Main Website Link

Anyway for this episode, Dan and I (Jim) found ourselves with 30 minutes or so of spare time, not much of a script, and working mics… so we sat down and simply recorded an unscripted show of us rambling about things that are going on for the moment.

Info Sec News Moments:

• Kudos to MS’ IE 8 Add Campaign – Link Here
• Jim’s 4.5 Seconds of fame – DenverGov website Hack – Link Here
• Android and the SMS Rootkit Hack – Link Here
• Google Ditching Windows due to Security Concerns – Link Here
• Denver OWASP – SnowFroc Con – Link Here

Music Notes:

• Intro / Outro – Digital Breaks – “Therapy”

Local Link to File

Main Website Link

Show Notes:

InfoSec News Update –

• Physical Security on Mac sucks – Link Here
• What Drives Corporate Security Spending? – Link Here
• Crazy Patch Week – Link 1 / Link 2
• Federal Court Uphold Border Searches for Laptops – Link Here
• Are Bank Breaches Still Trending High in 2010 -Link Here
• So Easy, Even a Celebretard Can Do It! – Link Here
• Perceptions Of Security Vary Widely Between IT Management, Security Staff – Link Here
• Slow Death of XSS Vulns – Link Here

Discussion Topic #1 – Integration of Web Vuln Scanners with IPS/WAFs

Discussion Topic #2 - Update your End user Awareness Training and stop blaming your users!

Link 1 / Link 2 / Link 3

Music Notes:

• Intro / Outro – Digital Breaks – “Therapy”
• Segway 1 – The Mannish Boys – “Too Tired”
• Segway 2 – Slide Show Baby – “Long, Long Road”
• Segway 3 – Megaphone – “Making Sense”

Local Link to File

Main Website Link

So here’s Michael’s Notes:

OK, holy crap. We expected this episode to be pretty short since Jim was not around to add his golden commentary, but we got to yappin’ and churned out almost an hour of content (I use that term loosely). So enjoy the show!

Show Notes:

InfoSec News Update –

• Iran Shutters Google’s Gmail Service, offering own email for citizens – Link here
• Security Scoreboard – Link here
• Brian Kreb’s has blog post used by scammers – Link here and Sophos article link here
• The Death of Product Reviews (Mike Rothman at Securosis) – Link here
• TSA agent arrested for molestation – Link here
• Hacker threat forces DoH to close appraisal site (Political Activist?) – Link here

Discussion Topic – Smaller, more intimate security conferences (Security B-Sides, Schmoocon, etc)

Music Notes:

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – Guitar Slingers – “Johnny Dangerously”
• Segway 2 – Matthew Ebel – “Trees”

Local Link to File

Main Website Link

Show Notes:

InfoSec News Update –

• Hacker Cracks 49 House Sites and Insults Obama – Link Here
• 17 Year Old Vulnerability – Link Here
• 77K Risk Data Loss in Alaska – Link Here
• SEC Workers Surfing Pr0n – Link Here / BREAK.COM VIDEO Link
• If your password is 123456, just make it HACKME – Link Here
• ID Thieves Successfully Targeting Wealth Victims – Link Here

Discussion Topic #1 – Laptops on Hostile Networks – Link Here

Discussion Topic #2 - DK’s Web App Security Minute… and then some

• Remote File Include Attacks – Link Here / DK’s Info Page
• Larry Suto’s New Web App Scanner Review Report - Link Here

Music Notes:

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – Nathan Lee – “Hold Me Down”
• Segway 2 – Building Rome – “Bored”
• Segway 3 – Devo Spice – “I’m Not Your Personal IT Guy”

Local Link To File

Link To Main Website

Wow – First podcast of the new year and i’m already slammed with other stuff. So this episode was put together over a couple of weeks doing interviews here and there with vendors as well as each other while we were at our (Michael and Jim) Employer’s annual company meeting. So if it sounds funny…. blame the way we recorded it

Show Notes:

Info Sec News Update -

• Jim, Michael, and Tyler talk about all the Google Hacking – Link Here

Interview #1 -Michael with Roger Hegland of TruARX

Interview #2 - Jim with Mike Tuchen of Rapid7

“Added Bonus to Our Listeners”

Going to RSA? Join Rapid7 on March 3^rd for a party at Ruby Skye. Get on the VIP list for the evening everyone else will be talking about at RSA 2010: www.rapid7.com/forms/rsarsvp.jsp

Discussion Topic - PCI in the Gaming Industry

Music Notes –

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – Building Rome – “Dr. Doctor”
• Segway 2 – Megaphone – “Write it Down”
• Segway 3 – This is Fiction – “Breathe”

Local Link To File

Link To Main Website

Show Notes:

InfoSec News Update –

• Howard Schmidt new White House cybersecurity coordinator – Link Here
• deCOFEEnating Windows – Link Here
• Twitter DNS hack came from authorized credentials – Link Here
• Social Networks searches could be a hackers dream… Link 1 / Link 2
• FireFox and Adobe named “Most Buggy” – Link Here / Bit9 Link
• Insurgents Hack US Drones – Link Here / Software Link

Discussion Topic -

2009 Year in Review and Looking Forward Predictions to 2010 –

Link 1 / Link 2 / Link 3

Music Notes -

• Intro – TheHipCola – “SleighRide”
• Segway 1 – Winzenried – “Have Yourself A Merry Little Christmas”
• Segway 2 – OutSpoken – “Punk Rock Bells”
• Outro – TheHipCola – “Winter WonderLand”

Local Link To File

Main Website Link

Show Note:

InfoSec News Update and Geek Toys Update –

• T-Mobile Employee causes largest data theft in the UK – Link Here
• Government Security Woes
  Story 1 – 5 TSA workers put on leave over online posting – Link here
  Story 2 – The Party Crashing Scandal – Link Here
  Story 3 – Felon working for DHS for 2 years – Link Here
• Nessus 4.2 is released – Link Here
• Rapid7 and Metasploit Community Projects – Link 1 / Link 2
• ProxMark3 now shipping completed RFID read/write/clone kits – Link here
• Moxie launched cloud-based WPA password Cracking – Link Here
• Cure for Eye Strain – Gunnar Glasses – Link Here

Discussion Topic -

Changes to OWASP standard for 2010 –

Link Here

Consultants Corner - Picking your tools wisely… 2009/2010 update

Music Notes –

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – This is Fiction – “Breathe”
• Segway 2 – Patent Pending – “Los Angeles”
• Segway 3 – The FUMP – “”All You Can Tweet”

Local Link To File

Main Website Link

Show Notes:

InfoSec News Update -

• FTC Orders ChoicePoint To Pay $275,000 For 2008 Data Breach – Link Here
• Senator says the cybersecurity chief should be in DHS, not the White house – Link Here
• Major SSL Flaw Find Prompts Protocol Update – Link Here
• Jailbroken iPhones more vulnerable to attack; ikee worm Rick Rolls iPhone users – Link Here
• New FDIC Phishing Attack – Link Here
• MSFT trying to walk the annoyance / security fine line with toned down User Access Control (UAC) in Windows 7 – Link Here
• Awesomely funny story about an IT engineer in Iraq annoying the troops with some bogus war driving – Link Here

Discussion Topic - Highlights from Michael’s NAISG Chapter Meeting

Geek Toys – “Ideas to get your Geek for Christmas”

• Still Need A Netbook? Try and Acer or a Dell
• Playing with GPU Acceleration – The Nvidia GTX 260 is a great choice
• Windows 7 – Pick your favorite version
• Network Attached Storage – 2 Drive / 4 Drive / 8 Drive Solutions
• Make Perfect BBQ everytime – DigiQ system from thebbqguru.com

Music notes -

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – Nathan Lee – “Hold Me Down”
• Segway 2 – Junk Yard Groove – “Its OK”
• Segway 3 – Great Luke SKI – “Parents Bought Me intellivision”

Local MP3 Link

Main Website Link

Show Notes:

InfoSec News Update –

• Michael’s New NAISG Group are having their first meeting on Nov 2, 2009 in Houston, TX. – Houston Chapter Website / Email Link
  
• Power Grid Takedown – a HowTO – Link Here
• Court Ruling – Disloyal Computing is Not Illegal – Link Here
• New OWASP Sponsored Web App Firewall – Link Here
• MS Gets into the AV Game … Again…with latest release – Link 1 / Link 2
• Trojans getting Smarter – Link Here
  
• PCI DSS Update Could Include Virtualization Security – Link Here

Discussion Topic -

Encouraging Bad Behavior via marketing (Identity Guard Commercials)

Consultants Corner - Predicting what Security Consulting will be like in the future – Link Here

Music notes –

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – SwampdaWamp – “Lady”
• Segway 2 – Building Rome – “Dr. Doctor”
• Segway 3 – The Summer Set – “Chelsea”
  

Local MP3 Link

Main Website Link