Securit13 Podcast
Первый украинский подкаст об информационной безопасности

К нам пришел наш друг Сергей Смитиенко и мы поговорили про архитектуру х86. Получилось немного меланхолично и безысходно, но познаветельно.

Intro / Outro Ninja by Indikings 

Breaking the x86 Instruction Set 
DEF CON 25 - Christopher Domas - Breaking the x86 Instruction Set 
17 BHB ASIA 013 Hello From the Other Side SSH Over Robust Cache Covert Channels in the Cloud 
Clémentine Maurice 
PinMe: Tracking a Smartphone User around the World 
Here’s the Solution to the 3-Year-Old, $50,000 Bitcoin Puzzle 
Intel® 64 and IA-32 Architectures Software Developer’s Manual 
Intel® 64 and IA-32 Architectures Optimization Reference Manual 

Keygen Music [2+ hour Mix] 

Direct download: 93.mp3
Category:Technology -- posted at: 12:04am CET

Нашумевшие дебаты Марка и Илона, множество исследований, еще больше художественных произведений... Но что же такое AI? А с точки зрения информационной безопасности? Именно об этом решили поговорить наши ведущие. А что думаете вы?

Intro / Outro The Yellow Flying Cog by Flying Species

Google's AI Built Its Own AI That Outperforms Any Made by Humans
On the security, privacy, and safety challenges of AI
Why Zuckerberg and Musk Are Fighting About the Robot Future
Elon Musk says we need to regulate AI before it becomes a danger to humanity
Live grilling in Mark's backyard
OpenSOC: An Open Commitment to SecurityГордиевский,_Олег_Антонович
Banned In Germany: Kids' Doll Is Labeled An Espionage Device
CCS 2017
GDPR (General Data Protection Regulation)
Вредоносные боты уже в сети - как их обнаруживают? можно ли эффективно детектить Sybil attacks? Как отличать человека от бота? А как мы делаем вердикт, что существо перед нами, это человек?
И наоборот, может ли AI определять "плохое" поведение людей
Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing
Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures
David Wagner keynote
AI может "to hack back":

Blindsight by Peter Watts
Далекая Радуга by Братья Стругацкие
WarGames (1983)
Introduction to Artificial Intelligence for Security Professionals

Music - KEYGEN MUSIC ~ One hour mix

Direct download: 92_2.mp3
Category:Technology -- posted at: 10:49pm CET

BSides Kyiv 21.04.2018, cfp
Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs
Security hole in AMD CPUs' hidden secure processor revealed ahead of patches
Attacking a co-hosted VM: A hacker, a hammer and two memory modules - This is Security :: by Stormshield
Intel Releases New Technology Specifications to Protect Against ROP attacks
A Simple Explanation of the Differences Between Meltdown and Spectre
blizzard: agent rpc auth mechanism vulnerable to dns rebinding
I’m harvesting credit card numbers and passwords from your site. Here’s how.
Part 2: How to stop me harvesting credit card numbers and passwords from your site
Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability
Australia probes sale of secret papers in filing cabinets
Strava's heatmap revealed military bases, but it also showed nothing is anonymous online
Now even YouTube serves ads with CPU-draining cryptocurrency miners
Uber ignores security bug that makes its two-factor authentication useless
British hacker arrested for cyberattacks against Pokemon, Google, and Skype.
Ay MaMi
Hospital Pays $55K Ransomware Demand Despite Having Backups
СБУ заблокувала розповсюдження в Україні шпигунського програмного забезпечення -
Satellite derived time and position blackett review
Dutch agencies provide crucial intel about Russia's interference in US-elections

Music - KEYGEN MUSIC ~ One hour mix

Direct download: 92_1.mp3
Category:Technology -- posted at: 6:51pm CET

Эпизод 90.2 - Интервью с А.Семенякой (10.12.2017)

К нам пришел Алекс и рассказал о критической инфраструктуре интернетов. Что это вообще такое и как с ней жить?

Intro / Outro Clouds of Tenderness by Lobo Loco

Russian-controlled telecom hijacks financial services’ Internet traffic
Resource Certification (RPKI)
The Resource Public Key Infrastructure (RPKI) to Router Protocol
BGPsec Protocol Specification
[ipv6-wg] Belgian limits on CGN/NAT?
Доклад по интернет-блокировкам на Генассамблее ООН:, туда же заодно и
Доклад на ENOG, расшифровка в составе сессии: , презентация:,, запись выступления:
Москва — Пєтушкі by Венедикт ЄрофєєвМосква_—_Пєтушкі

Связаться с Алексеем можно по адресу или

Direct download: 90_2.mp3
Category:Technology -- posted at: 3:20pm CET

Intro / Outro Sleepy in the Garden by Lobo Loco

Malvertising: When Online Ads Attack (2015)
Juniper Acquires Cyphort (2015)
Malvertising and crypto threats have rocketed in 2017
Malvertising Campaign Redirects Browsers To Terror Exploit Kit
Malvertising on Equifax, TransUnion tied to third party script (updated)
New Malvertising Campaign Exploits Home Routers, Changes DNS Servers
Expired domain names and malvertising
Russian Influence Reached 126 Million Through Facebook Alone
Facebook's Advertising Tools Complicate Efforts To Stop Russian Interference
Ad network takes steps to reduce fraud
Will Crypto Browser Mining Replace The Ad Industry
For $1000, anyone can purchase online ads to track your location and app use
I never signed up for this! Privacy implications of email tracking
The Future of Ad Blocking: An Analytical Framework and New Techniques

Direct download: 89_2.mp3
Category:Technology -- posted at: 8:48am CET

Разговор с Владимиром Илибманом о полугодовом отчете Cisco, кроликах и статистике. Всегда актуально.

Intro / Outro State of Mind by Audiobinger

BadRabbit Technical Analysis
Звіт Cisco з інформаційної безпеки за перше півріччя 2017 року
2016 Data Breach Investigations Report (pdf)
The Black Swan by Nassim Nicholas Taleb
Связаться с Владимиром можно по адресу или

Direct download: 88_2.mp3
Category:Technology -- posted at: 10:31pm CET

Ми тут вирішили згадати найголосніші події року, що вже майже минув. Приєднуйтесь!

Incident report on memory leak caused by Cloudflare parser bug
Vault 7: CIA Hacking Tools Revealed
NSA-leaking Shadow Brokers just dumped its most damaging release yet
Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware
New ransomware, old techniques: Petya adds worm capabilities
The MeDoc Connection
Threat Spotlight: Follow the Bad Rabbit
Equifax website hack exposes data for ~143 million US consumers
We have broken SHA-1 in practice
ROCA: Vulnerable RSA Key Generation
KRACK Attacks: Breaking WPA2
Hackers Can Easily Hijack This Dildo Camera and Livestream the Inside of Your Vagina (Or Butt)
MsMpEng: Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more.
Why 'blank' Gets You Root
Thousand-dollar iPhone X's Face ID wrecked by '$150 3D-printed mask'
Блокування веб-русурсів в Україні
МОН доручило вишам не користуватися сайтами з доменами “.ru” і “.ру”
Мінінформ оприлюднить доповнення до списку заборонених сайтів
#FuckResponsibleDisclosure Sean Brian Townsend

Music - KEYGEN MUSIC ~ One hour mix

Direct download: 91.mp3
Category:Technology -- posted at: 8:06pm CET

Самые громкие новости последних недель. Удивительное яблоко, #FuckResponsibleDisclosure, обновленно обещание от Джона и еще что-то. Не пропустите!

00:00:58 #FuckResponsibleDisclosure Sean Brian Townsend
00:07:26 Apple и все все все
Why 'blank' Gets You Root
As Apple fixes macOS root password hole, here's what went wrong
Repair file sharing after Security Update 2017-001 for macOS High Sierra 10.13.1
Thousand-dollar iPhone X's Face ID wrecked by '$150 3D-printed mask'
Zero-day iOS HomeKit vulnerability allowed remote access to smart accessories including locks, fix rolling out
00:12:50 John McAfee
Bitcoin Miner NiceHash Hacked, Possibly Losing $62 Million in Bitcoin$62-million-in-bitcoin/d/d-id/1330585
Сайт блокчейн-проекта Confido недоступен: все профили команды проекта оказались поддельными
00:15:17 CVE-2017-11937 | Microsoft releases an emergency update to fix a flaw in Malware Protection Engine
00:17:49 Uber Paid Hackers to Delete Stolen Data on 57 Million People
00:18:28 Intel Management Engine pwned by buffer overflow
00:18:52 Thousands of WordPress sites infected with a Keylogger and cryptocurrency miner scripts
Websites use your CPU to mine cryptocurrency even when you close your browser
00:19:09 Android flaw lets attack code slip into signed apps
00:19:24 Mailsploit: It's 2017, and you can spoof the 'from' in email to fool filters

Music - KEYGEN MUSIC ~ One hour mix

Direct download: 90_1.mp3
Category:Technology -- posted at: 12:20pm CET

Немного самых громких новостей последних недель вам в ленту. Тут и кролик, и Алиса, и сладкие истории на ночь.

ROCA: Vulnerable RSA Key Generation
Certificate expiry monitoring, KeyChest for HTTPS, TLS, Letsencrypt expiry and server status
Estonia government locks down ID smartcards: Refresh or else
Threat Spotlight: Follow the Bad Rabbit
BadRabbit Technical Analysis
Bad Rabbit: Not-Petya is back with improved ransomware
The Shadow Internet – Comae Technologies
Fake WhatsApp app in official Google Play Store downloaded by over a million Android users
Tor Project fixed TorMoil, a critical Tor Browser flaw that can leak users IP Address
Oracle Security Alert CVE-2017-10151
Dangerous liaisons
Equifax execs sold shares before mega-hack reveal. All above board – Equifax probe


Music - KEYGEN MUSIC ~ One hour mix

Direct download: 89_1.mp3
Category:Technology -- posted at: 9:06pm CET

И снова вместо 300 секунд наши неугомонные ведущие обсуждают новости и события. Присоединяйтесь!

A new Mirai-Like IoT Botnet is growing in a new mysterious campaign
Google launched Google Play Security Reward bug bounty program to protect apps in Play Store
Equifax website borked again, this time to redirect to fake Flash update
New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock
PUBLIC SECURITY ALERT: New Facebook attack - watch out for phishy messages that say you’re a “Trusted Contact” - Access Now
KRACK Attacks: Breaking WPA2
YouTube sin-bins account of KRACK WPA2 researcher
Malware hidden in vid app is so nasty, victims should wipe their Macs

Music - KEYGEN MUSIC ~ One hour mix

Direct download: 88_1.mp3
Category:Technology -- posted at: 8:46am CET