3 Security Buddies

著者: Paul Kehrer Robert Clark Matias Brutti
  • サマリー

  • Weekly podcast where three security buddies discuss security topics.

    All rights reserved.
    続きを読む 一部表示

あらすじ・解説

Weekly podcast where three security buddies discuss security topics.

All rights reserved.
エピソード
  • 3SB-8: Password Complexity
    2021/06/24

    Follow up:

    • No follow ups


    Topics:

    • NIST changing password requirements
    • Roundtable how we got into security + suggestions


    Paul Rant:

    • Paul is on vacation. No Rants.  


    Links:

    • https://pages.nist.gov/800-63-3/sp800-63b.html 
    • https://www.ncsc.gov.uk/blog-post/let-them-paste-passwords 


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Special Guest:

    Travis McPeak @travismcpeak 


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer: The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 


    続きを読む 一部表示
    1 時間
  • 3SB-7: 🍎 Security Worms
    2021/06/16

    Follow up:

    • US is elevating ransomware the same level of terrorism.


    Topics:

    • Apple Security WWDC
    • Move beyond passwords ( iCloud Keychain WebAuthN keys ) 
    • Discover account-driven User Enrollment
    • Secure login with iCloud Keychain verification codes ( domain-binding apple-totp )
    • Polkit PrivEsc
    • Growing abuse of Kubernetes (it’s not containers) 


    Paul Rant:

    • Apple Bug Report blackhole  


    Links:

    • https://www.reuters.com/technology/exclusive-us-give-ransomware-hacks-similar-priority-terrorism-official-says-2021-06-03/ 
    • https://threatpost.com/microsoft-cryptomining-kubeflow/166777/
    • https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/ 


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer: The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 

    続きを読む 一部表示
    1 時間 28 分
  • 3SB-6: Dependency Hell
    2021/06/09

    Follow up:

     - Nothing this week


    Topics:

    • Automated Fuzzing Testing in Go
    • Stack Overflow Supply Chain Attacks
    • Deps.dev
    • Update on Github’s policies regarding exploits, malware, and vulnerability research

    Paul Rant:

    • Pinning dependencies on Libraries 


    Links:

    • https://blog.golang.com/fuzz-beta
    • https://www.wsj.com/articles/software-developer-community-stack-overflow-sold-to-tech-giant-prosus-for-1-8-billion-11622648400
    • https://deps.dev
    • https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer: The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 


    続きを読む 一部表示
    55 分

3 Security Buddiesに寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。