Feb26
An Information Security Place Podcast – Episode 16
on February 26th, 2009 at 8:51 amPosted In: Security
Episode 16 is up and running. Jim and I cover a lot of news again in this episode. Also, Jim goes a little crazy with the geek toys, but it is all really cool stuff and good info. We get into some PCI futures, playing off of Rich Mogull’s ideas on the subject. And we have a good cert discussion as well.
Show notes:
InfoSec News Update:
- Another Payment Processor Has Been Hacked
- Follow Up from last podcast – Chris Pagets ShmooCon session video is up
- Reported raids on federal computer data soar
- Backtrack 4 Beta Released
- FaceBook Privacy Changes
- Acrobat 0-Day running Wild
- XSS Stealing Data without a trace -”Our goal was to retrieve Web content anonymously,” says Matthew Flick, principal with FYRM Associates, who, along with fellow researcher Jeff Yestrumskas, demonstrated the XSS Anonymous Browser (XAB) framework at Black Hat DC yesterday. “We [said], ‘Why don’t we volunteer people for our network?’…Cross-site scripting can make people do things we want.
- Weaponizing Cyberspace
- Threats the Smart Phones Increase
- Intel’s new Bios Gets Slapped
- Researcher demonstrates SSL attack
Discussion: Continued from Martin’s Network Security Podcast Episode 139 and Rich’s post - Will Outbound monitoring and filtering be the next PCI requirement?
Geek Toys:
- GNU Radio Kit – Universal Software Radio Peripheral
- Netbooks A Plenty – MSI Wind and Lenovo S Series
- Tmobile @home Service
Consultants Corner: Top three security certifications (uhhh, yeah…)
Music Notes:
- Intro/Outro – Digital Breaks – “Therapy”
- Segway 1 – Electric Touch – “Sounds From the Underground”
- Segway 2 – Junkyard Groove – “Thank You”
- Segway 3 – InnerLogics – “Bam’s GirlFriend”
