An Information Security Place Podcast – 09-06-13

An Information Security Place Podcast – 09-06-13

Comments Off on An Information Security Place Podcast – 09-06-13

 

We’re in rare form today. A lot of fun sprinkled with the occasional good nugget of information security news and discussion.

Show Notes:

InfoSec News Update –

  • New OSX Metasploit Module or Time is not on your Side! – Link
  • If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the “admin group”), and the user has ever run the “sudo” command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970.

  • Communication is key – Link
  • Hacking Fantasy Football – Link
  • China Shifts to newer Exploits – Link
  • Now that folks are patching CVE-2012-0158

  • FTC smacks Internet-Connected home security cameras – Link
  • CSRF Protection wiithout nonce or random tokens – Link
  • British Parliament loves them some Pr0n! – Link
  • Samsung adding security to Android – Link
  • Gartner pushing SAST & DAST T together – Link
  • The blog is old, but this years Magic Quadrant has them merged into a
    single report. Is this a good or bad thing?

  • HouSecCon Update! – Link

Discussion Topic –

  1. 10 Golden Rules of the Outstanding CISO – Link

Music Notes: Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/

  • Intro – Stay Alive – Rivethead
  • Segment 1 – Synchroncity II – RivetHead
  • Segment 2 – Deaf Ears – RivetHead
  • Outro – Zero Gravity – RivetHead

Link to MP3

About the author:

My name is Michael Farnum. I am a Practice Principal at HP Fortify on Demand. I live in Tomball, Texas. I have been in the IT and InfoSec field since 1994. I am the founder and chairperson of HouSecCon, THE Houston Information Security Conference. These are MY words, not my employer's or anyone else's.

Back to Top