An Information Security Place Podcast – 09-06-13
We’re in rare form today. A lot of fun sprinkled with the occasional good nugget of information security news and discussion.
InfoSec News Update –
- New OSX Metasploit Module or Time is not on your Side! – Link
- Communication is key – Link
- Hacking Fantasy Football – Link
- China Shifts to newer Exploits – Link
- FTC smacks Internet-Connected home security cameras – Link
- CSRF Protection wiithout nonce or random tokens – Link
- British Parliament loves them some Pr0n! – Link
- Samsung adding security to Android – Link
- Gartner pushing SAST & DAST T together – Link
- HouSecCon Update! – Link
If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the “admin group”), and the user has ever run the “sudo” command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970.
Now that folks are patching CVE-2012-0158
The blog is old, but this years Magic Quadrant has them merged into a
single report. Is this a good or bad thing?
Discussion Topic –
- 10 Golden Rules of the Outstanding CISO – Link
Music Notes: Special Thanks to the guys at RivetHead for use of their tracks – http://www.rivetheadonline.com/
- Intro – Stay Alive – Rivethead
- Segment 1 – Synchroncity II – RivetHead
- Segment 2 – Deaf Ears – RivetHead
- Outro – Zero Gravity – RivetHead