So do we suck or what? Sorry that its taken so long for us to get another episode out… things have been crazy busy for all of us.

Anyway for this episode, Dan and Jim found themselves with 30 minutes or so of spare time, not much of a script, and working mics (Michael was working on a couple of proposals and an RFP that is due in two days); so they sat down and simply recorded an unscripted show of rambling about things that are going on for the moment.

Info Sec News Moments:

• Kudos to MS’ IE 8 Add Campaign – Link Here
• Jim’s 4.5 Seconds of fame – DenverGov website Hack – Link Here
• Android and the SMS Rootkit Hack – Link Here
• Google Ditching Windows due to Security Concerns – Link Here
• Denver OWASP – SnowFroc Con – Link Here

Music Notes:

• Intro / Outro – Digital Breaks – “Therapy”

Link to MP3

We are really sorry for the long delay, but all three of our schedules have been packed for the last 2 months. But I’m sure you don’t want to hear any excuses, so without further hesitation… Here’s Episode 34.

Show Notes:

Kudos to Tommy Perniciaro for article at SC Magazine – Link Here

InfoSec News Update –

• Physical Security on Mac sucks – Link Here
• What Drives Corporate Security Spending? – Link Here
• Crazy Patch Week – Link 1 / Link 2
• Federal Court Uphold Border Searches for Laptops – Link Here
• Are Bank Breaches Still Trending High in 2010 -Link Here
• So Easy, Even a Celebretard Can Do It! – Link Here
• Perceptions Of Security Vary Widely Between IT Management, Security Staff – Link Here
• Slow Death of XSS Vulns – Link Here

Discussion Topic #1 – Integration of Web Vuln Scanners with IPS/WAFs

Discussion Topic #2 - Update your End user Awareness Training and stop blaming your users!

Link 1 / Link 2 / Link 3

Music Notes:

• Intro / Outro – Digital Breaks – “Therapy”
• Segway 1 – The Mannish Boys – “Too Tired”
• Segway 2 – Slide Show Baby – “Long, Long Road”
• Segway 3 – Megaphone – “Making Sense”

Everyone was here for this episode (meaning Dan, Jim, and Michael), and it was pretty much on schedule this time. We do the normal cutting up, then talk about news and start discussing stuff. Then Dan puts the hurt down on some developer geek speak. You will definitely learn  from stuff from this episode (as opposed to the drivel you get from most of our episodes).  Very good stuff.

BTW, the format of the posts are changing just a bit. While the podcast player will stay where it usually is at the top of the post, the link to the file will now be below the posts. This is changing because when iTunes picks up the text from the feed, it throws the “Link to MP3″ text at the top, and it looks weird when looking at the show description in iTunes. Just a minor change really, but just wanted to point it out here in case that is where you grab the file. OK, now on to the show!

Show Notes:

InfoSec News Update –

• Hacker Cracks 49 House Sites and Insults Obama – Link Here
• 17 Year Old Vulnerability – Link Here
• 77K Risk Data Loss in Alaska – Link Here
• SEC Workers Surfing Pr0n – Link Here / BREAK.COM VIDEO Link
• If your password is 123456, just make it HACKME – Link Here
• ID Thieves Successfully Targeting Wealth Victims – Link Here

Discussion Topic #1 – Laptops on Hostile Networks – Link Here

Discussion Topic #2 - DK’s Web App Security Minute… and then some

• Remote File Include Attacks – Link Here / DK’s Info Page
• Larry Suto’s New Web App Scanner Review Report - Link Here

Music Notes:

The first podcast of the new year is here, and it is a nice round number!  That is sweet!  So please forgive any weirdness in the way this episode sounds.  It was put together over a couple of weeks doing interviews here and there with vendors as well as each other while we were at our (Michael and Jim) employer’s annual company meeting.  Jim is a miracle worker, but even he could not make it completely fluid!

Also, because of scheduling, Dan did not get to join us.  But Jim and I were fortunate enough to be joined by coworker and wireless uber-beast, Mr. Tyler Theys.  I think you will enjoy this episode, even with all the weirdness!

Show Notes:

Info Sec News Update -

• Jim, Michael, and Tyler talk about all the Google Hacking – Link Here

Interview #1 -Michael with Roger Hegland of TruARX

Interview #2 - Jim with Mike Tuchen of Rapid7

“Added Bonus to Our Listeners”

Going to RSA? Join Rapid7 on March 3^rd for a party at Ruby Skye. Get on the VIP list for the evening everyone else will be talking about at RSA 2010: www.rapid7.com/forms/rsarsvp.jsp

Discussion Topic - PCI in the Gaming Industry

Music Notes –

• Intro/Outro – Digital Breaks – “Therapy”
• Segway 1 – Building Rome – “Dr. Doctor”
• Segway 2 – Megaphone – “Write it Down”
• Segway 3 – This is Fiction – “Breathe”

Merry Christmas to all our listeners! It’s that time of the year again where we sit down and make a fun podcast and recap the year and look forward to next year. Heck there was even a Christmas Miracle on this episode… it was actually recorded on time !!!! So sit back with your eggnog next to the Yule log fire under the stockings and enjoy!

Show Notes:

InfoSec News Update –

• Howard Schmidt new White House cybersecurity coordinator – Link Here
• deCOFEEnating Windows – Link Here
• Twitter DNS hack came from authorized credentials – Link Here
• Social Networks searches could be a hackers dream… Link 1 / Link 2
• FireFox and Adobe named “Most Buggy” – Link Here / Bit9 Link
• Insurgents Hack US Drones – Link Here / Software Link

Discussion Topic -

2009 Year in Review and Looking Forward Predictions to 2010 –

Link 1 / Link 2 / Link 3

Music Notes -

• Intro – TheHipCola – “SleighRide”
• Segway 1 – Winzenried – “Have Yourself A Merry Little Christmas”
• Segway 2 – OutSpoken – “Punk Rock Bells”
• Outro – TheHipCola – “Winter WonderLand”