3 Security Buddies copertina

3 Security Buddies

3 Security Buddies

Di: Paul Kehrer Robert Clark Matias Brutti
Ascolta gratuitamente

3 mesi a soli 0,99 €/mese

Dopo 3 mesi, 9,99 €/mese. Si applicano termini e condizioni.

A proposito di questo titolo

Weekly podcast where three security buddies discuss security topics.

All rights reserved. Politica e governo
Episodi
  • 3SB-8: Password Complexity

    3SB-8: Password Complexity
    Jun 24 2021

    Follow up:

    • No follow ups


    Topics:

    • NIST changing password requirements
    • Roundtable how we got into security + suggestions


    Paul Rant:

    • Paul is on vacation. No Rants.  


    Links:

    • https://pages.nist.gov/800-63-3/sp800-63b.html 
    • https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords 


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Special Guest:

    Travis McPeak @travismcpeak 


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer: The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 
    Mostra di più Mostra meno
    1 ora
  • 3SB-7: 🍎 Security Worms

    3SB-7: 🍎 Security Worms
    Jun 16 2021

    Follow up:

    • US is elevating ransomware the same level of terrorism.


    Topics:

    • Apple Security WWDC
    • Move beyond passwords ( iCloud Keychain WebAuthN keys ) 
    • Discover account-driven User Enrollment
    • Secure login with iCloud Keychain verification codes ( domain-binding apple-totp )
    • Polkit PrivEsc
    • Growing abuse of Kubernetes (it’s not containers) 


    Paul Rant:

    • Apple Bug Report blackhole  


    Links:

    • https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ 
    • https://threatpost.com/microsoft-cryptomining-kubeflow/166777/
    • https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/ 


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer: The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 
    Mostra di più Mostra meno
    1 ora e 28 min
  • 3SB-6: Dependency Hell

    3SB-6: Dependency Hell
    Jun 9 2021

    Follow up:

     - Nothing this week


    Topics:

    • Automated Fuzzing Testing in Go
    • Stack Overflow Supply Chain Attacks
    • Deps.dev
    • Update on Github’s policies regarding exploits, malware, and vulnerability research

    Paul Rant:

    • Pinning dependencies on Libraries 


    Links:

    • https://blog.golang.com/fuzz-beta
    • https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400
    • https://deps.dev
    • https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer: The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 
    Mostra di più Mostra meno
    55 min
Ancora nessuna recensione