Securit13 Podcast
Первый украинский подкаст об информационной безопасности

Intro / Outro Run The Jewels - A Christmas F*cking Miracle

0:02:41 Bitcoin's Creator Satoshi Nakamoto Is Probably This Unknown Australian Genius

Satoshi Nakamoto Not Eligible For Nobel Prize - CCN: Financial Bitcoin & Cryptocurrency News

Time To Call A Hoax? Inconsistencies On 'Probable' Bitcoin Creator's PhD And Supercomputers Revealed

0:06:16 If you are using TrueCrypt you should stop.  Hashcat is now optimized to crack TrueCrypt volumes.

0:07:03 How the AM hack changed the victims’ lives

0:08:14 Hacker Confirms PlayStation 4 Jailbreak! Exploit Could Open Doors for Pirated Games

Hacking the PS4, part 2

0:09:16 Unauthorized code in Juniper ScreenOS allows for administrative access

0:11:40 Back to 28: Grub2 Authentication 0-Day

Критическая уязвимость в загрузчике Grub2 позволяет обходить защиту паролем

0:12:46 DDoS on DNS

Корневые DNS-серверы пережили необычную DDoS-атаку

0:16:08 MacKeeper data breach

0:20:20 Critical Remote Root Zero-Day In FireEye Appliances 

0:24:08 PCI security standards council revises date for migrating off vulnerable SSL and early TLS encryption (pdf)

Let's Encrypt says get your free digital security certificates here

Let's Encrypt! Get started.

Certificates for US sanctioned countries

0:25:55 MIT Creates Untraceable Anonymous Messaging System Called Vuvuzela

0:28:35 No root for you! Google slams door on Symantec certs

0:29:38 Donald Trump thinks he can call Bill Gates to 'close up' the internet

0:33:45 Shocking! Instagram HACKED! Researcher hacked into Instagram Server and Admin Panel

0:35:09 A Different Kind of POP: The Joomla Unserialize Vulnerability

0:38:08 A 2008 book by Craig S. Wright contains plagiarism

0:42:36 Google Search starts indexing HTTPS pages by default

0:43:10 Kazakhstan Announces Plan to Spy on Encrypted Internet Traffic

0:51:45 Troy Hunt: When children are breached – inside the massive VTech hack

Hacker Obtained Childrens' Headshots and Chatlogs From Toymaker VTech

VTech Hacker Explains Why He Hacked the Toy Company

0:52:46 First ever EU rules on cybersecurity

0:56:36 I included emoji in my password and now I can't log in to my Account on Yosemite

0:59:15 Хакера з України, підозрюваного в крадіжці 80 млн, затримали в Кракові

0:59:51 Неудачное обновление ПО SAP в Deutsche Post DHL

1:06:45 Tails 1.8 is out

1:06:50 What a nice holiday gift.

1:07:21 Python Extension · rapid7/metasploit-framework Wiki · GitHub

1:07:58 Craig S. Wright - "The IT Regulatory and Standards Compliance Handbook" Contains Plagiarism

1:08:14 The Happiness Advantage: The Seven Principles of Positive Psychology That Fuel Success and Performance at Work 

Direct download: 51.mp3
Category:Technology -- posted at: 6:03pm CET

Intro / Outro Naughty By Nature Ft. Kate Nauta - Name Game

0:02:03 Kaspersky Antivirus Certificate handling path traversal

0:03:40 CVE-2015-6357: FirePWNER Exploit for Cisco FireSIGHT Management Center SSL Validation Vulnerability

0:05:23 Dell ships laptops with rouge CA Lenovo style

Dell apologizes for HTTPS certificate fiasco, provides removal tool

0:06:08 Amazon suffers potential password leak, unknown number of accounts affected

Amazon data breach rumours spread as passwords are reset on some accounts

0:06:33 At 11:59pm EST on Sunday, the NSA will stop in-house phone metadata collection

The secret message hidden in every HTTP/2 connection: HTTP Verb "PRISM"

0:06:44 Казахстан внедряет свой CA для прослушивания всего TLS-трафика

0:09:34 Комментарий Евгения Шульги о прослушивании TLS-трафика

0:17:50 Интервью с Полом Алдерсоном

Daniel H. Pink - Drive

The Anatomy of Peace: Resolving the Heart of Conflict

0:21:15 Интервью с Алексеем Старовым

Concise. A Cybersecurity Education Directory.

Топовые конференции по security

"Security Engineering" by Ross Anderson

Примеры интересных академических статей:

0:25:24 Интервью с Кеннетом Гирсом

0:30:56 Интервью с Сергеем Харюком

0:35:32 Интервью с Гийомом Лове

0:42:50 Интервью с Александром

0:44:30 Интервью с Олегом Кучеровым

0:50:24 Интервью с Евгенией Брошеван и Вадимом Чакряном

Hackup learning network

Вадим Чакрян - С чего начать свой путь этичного хакера?

Direct download: 50.mp3
Category:Technology -- posted at: 6:25am CET

Intro / Outro Wang Rong Rollin - Chick Chick

02:40 Here’s a Spy Firm’s Price List for Secret Hacker Techniques

04:30 Google Is Fixing a Dangerous Gmail Bug That Could Let Others Impersonate You


05:59 Hacker fakes German minister's fingerprints using photos of her hands

09:43 Основатель Bitcoin Foundation Ukraine доказал в суде незаконность изъятия техники при обыске у него дома

12:41 Hacker Group Anonymous Announces 'Biggest Operation' Against ISIS After Paris Attacks

15:44 Кабмин "завернул" законопроект НКРСИ "Об электронных коммуникациях" - InternetUA

16:35 FBI denies paying $1 million to unmask Tor users

17:06 Nmap 7 Released

18:35 Cyberattacks are again used in a hybrid warfare. Now in Bulgaria.

24:59 The way we bank some places

27:53 Why tech firms pay hackers to hack them

29:18 The media link the PlayStation 4 to terrorist attacks in Paris

Direct download: 49.mp3
Category:Technology -- posted at: 1:54pm CET

Intro / Outro Був’є – Стіна

CloudFlare is a free global CDN and DNS provider that can speed up and protect any site online

Op-ed: (How) did they break Diffie-Hellman?

Ransomware Now Gunning for Your Web Sites

Linux Ransomware Debut Fails on Predictable Encryption Key

Let me tell you about Wireshark 2.0

Windows 3.1 Is Still Alive, And It Just Killed a French Airport

Oracle now keeps all EU data within EU borders to avoid Safe Harbour problems

Halloween security breach

Updates to Chrome platform support

Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege

The Secret Service Agent Who Collared Cybercrooks by Selling Them Fake IDs

Direct download: 48.mp3
Category:Technology -- posted at: 12:17pm CET

Intro / Outro Dubioza kolektiv - Free.mp3 (The Pirate Bay Song)



Take 5 minutes and up your opsec game with Tor Messenger

Короткая история времени

Hackers gonna hack, but why? Maybe Freud has the answer (публикация и твитт удалены)



Во Львовской ОГА уволили пользовавшегося почтой чиновника

В правительстве решили отделить свой Интернет от провайдеров

Somebody Just Claimed a $1 Million Bounty for Hacking the iPhone

TalkTalk Hackers Demanded £80K in Bitcoin

A 15-year-old boy Arrested in connection with #TalkTalk Cyber Attack

TalkTalk breach: CEO dismisses encryption, 15-year-old arrested

TalkTalk, Script Kids & The Quest for ‘OG’

13 million plaintext passwords leak from free webhosting firm

FireEye's CEO partly blamed a slowdown in Chinese hacking for its poor results, and the stock is getting crushed

ProtonMail Paid Hackers $6000 Ransom in Bitcoin to Stop DDoS Attacks

This 11-year-old is selling cryptographically secure passwords for $2 each

In the UK, Web browsing history must now be stored for a year

Programmers: Stop Calling Yourselves Engineers

Direct download: 47.mp3
Category:Technology -- posted at: 12:51am CET

Intro / Outro Пустельник - Піккардійська терція

Linux for kids

Интервью с Дмитрием Пономеревым о Lockpicking

Lockpicking wiki

Одни из лучших образовательных видео, чувак реально доходчиво объясняет и адекватное качество картинки, а не пиксели:


Building Your First Lock Pick Kit

Improve Your Lock Picking Skills (for Beginners)

Building Your First Lock Pick Kit

How to Detect and Beat Spool Pins (for Beginners)

Вендоры:  (тут называется Raking, но по-идее,это zipping )


А вот это raking с bogota rake

Связаться с Дмитрием можно в твиттере @ze_punker или написать письмо на

1Password хранит данные в незашифрованном виде - «Хакер»

CIA boss has his personal email account hacked... and yes, it's on AOL

Wikileaks claims release of CIA boss John Brennan's emails - BBC News

Teen Who Hacked CIA Director’s Email Tells How He Did It

HTTPS certs now simple, automated and FREEEE!

Chinese used hacking team software

Apple tells judge it's "impossible" to unlock a device running iOS 8 or higher

КМУ про винагороду кіберполіції

A network error routed traffic for the UK's nuclear weapons agency through Russia

Direct download: 46.mp3
Category:Technology -- posted at: 3:56pm CET

Intro / Outro Mt Eden DnB and Imogen Heap - The walk

Yahoo wants to kill passwords with revamped Mail app

Two-Factor Authentication - Duo Security

Интернет-омбудсмен увидел вред для РФ от вложений в IT-специалистов


Интервью с Евгением Пилянкевичем о проекте Themis

Блог и твиттер компании

Даниэль Канеман “Думай медленно... решай быстро”

John McAfee Launches Presidential Bid With Surprisingly Low Key Video

China arrests hacking suspects on behalf of the US

Створення кіберполіції

Вимоги до інспекторів та спецагентів

What’s in a Boarding Pass Barcode? A Lot

Migrate to KeePassX

Everything Amazon announced at AWS re:Invent 2015

Happy to see @awscloud Inspector ( & @googlecloud scanner ( as another security tool for dev
How is NSA breaking so much crypto?

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice (pdf)

OS X 10.11 El Capitan: Bugs, bugs, and more bugs

Microsoft Working on Fix for Office Bugs in OS X El Capitan

Adobe confirms major Flash vulnerability, and the only way to protect yourself is to uninstall Flash

13 new vulnerabilities? You should disable or uninstall Adobe Flash

Adobe releases patch for major Flash vulnerability – here’s how to download it

Dow Jones Hacked, Affecting Thousands

WSJ hacked (pdf)

How I Hacked Hotmail

Exclusive: Uber checks connections between hacker and Lyft

Alleged Ukrainian Hacker Extradited to US

European Court of Justice invalidates European Commission’s Safe Harbor decision

IRS Can’t Update Woefully Out-of-Date Windows Servers Because It Can’t Find Some of Them

Russia ‘very targeted’ in its cyber attacks (video)

Злоумышленники атакуют компании через Cisco WebVPN

VulDB: Cisco ASA SSL VPN cross site scripting [CVE-2014-3393]

Rusky antivirus company FIRE BOMBED for research blogs

App Store removes root certificate-based ad blockers over privacy concerns

Lessons From the Summer of Epic Car Hacks

Direct download: 45.mp3
Category:Technology -- posted at: 2:22pm CET

Intro / Outro Гуцул Калiпсо - Звiзда

Интервью с Игорем Блюменталем. Связаться можно с помощью facebook или twitter

Bugsheet. Bug Bounties & Disclosure Programs



Первая всеукраинская олимпиада и форум по кибербезопасности

SYNful Knock - A Cisco router implant - Part I

IoT vigilante Linux.Wifatch 'malware' may be patching up security flaws

You should traceroute right now and

President Obama says the U.S. and China have agreed to broad anti-hacking principles

Analysis: China-US hacking accord is tall on rhetoric, short on substance

The Cost of Mobile Ads on 50 News Websites

Patreon was warned of serious website flaw 5 days before it was hacked


ARIN IPv4 Free Pool Reaches Zero

Russian police investigate Apple for ‘propagating homosexuality’

Symantec caught issuing rogue certificates

Symantec employees fired for issuing rogue HTTPS certificate for Google


Hello? HELLO? Major Skype outage hits UK, Australia and Japan

Недокументированная фича

AVG can sell your browsing and search history to advertisers (Wired UK)

BitPay Hacked, 5 000 Bitcoins Stolen

Cyber-attacks and underground activities in Port of Antwerp

Direct download: 44.mp3
Category:Technology -- posted at: 1:53am CET

Intro / Outro DJ Orkidea - Beautiful

Да здравствует UISGCon 11!

Мосгорсуд взыскал с Google 50 тысяч рублей за чтение личной переписки

iOS Ad-Blocking Apps Top Apple Inc.'s App Store Paid List Shortly After iOS 9 Launch

Ex-Ashley Madison CTO Threatens Libel Suit

Ashley Madison passwords like “thisiswrong” tap cheaters’ guilt and denial

Researcher discloses zero-day vulnerability in FireEye

FireEye, Kaspersky hit with zero-day flaw claims

FireEye 0day details (as much of them as legally possible)


Android 5.x Lockscreen Bypass (CVE-2015-3860)

iOS 8.4.1 AirDrop Exploit Demo

FBI: $1.2B Lost to Business Email Scams

BitPay Hacked, 5 000 Bitcoins Stolen - CCN: Financial Bitcoin & Cryptocurrency News

Bloke clicks GitHub 'commit' button in Visual Studio, gets slapped with $6,500 AWS bill

В России заблокируют PornHub

ЮРИДИЧНІ ОСОБИ, до яких застосовуються обмежувальні заходи (санкції) (pdf)

What is Privacy For? Protecting Our Kids Online.

Raising Kids with Privacy Awareness

Like Kaspersky, Russian Antivirus Firm Dr.Web Tested Rivals

Уязвимость на сайте ПриватБанка позволяла просматривать историю платежей любого пользователя

Яндекс.Навигатор уличили в записи разговоров владельца

LinkedIn Sockpuppets Are Targeting Security Researchers

SUCEFUL: Next Generation ATM Malware

Криворукие «хакеры» ФСБ «Киберберкут» разродились очередным фейком

А что вы ищите на github?

Global State of Information Security Survey 2015

First-ever monthly Android security updates start to roll out

Хакерские группы взламывают спутниковые каналы, чтобы замести следы

Netflix releases reflected XSS audit tool for biz

Что искала СБУ в Днепропетровском офисе LUXOFT

Malicious Firmware Found Preinstalled on Xiaomi, Huawei, Lenovo Phones

Direct download: 43.mp3
Category:Technology -- posted at: 8:41am CET

Intro / Outro ELEPHANT - Moon

A New Encryption Standard of Ukraine: The Kalyna Block Cipher

Держспецзв'язку впроваджує нові стандарти криптографічного захисту інформації

База патентів України. Спосіб шифрування двійкових блоків даних

A Meet-in-the-Middle Attack on Reduced-Round Kalyna-b=2b (pdf)



Who Hacked Ashley Madison?

Exposed Ashley Madison members targeted by scammers and extortionists

Troy Hunt: Here’s what Ashley Madison members have told me

Ashley Madison execs hacked competitors, wrote screenplay

Ashley Madison faces proposed class-action suit over half-deleted data

Lessons learned from cracking 4,000 Ashley Madison passwords

AshleyMadison: $500K Bounty for Hackers

Ashley Madison: 'Suicides' over website hack - BBC News

Leaked AshleyMadison Emails Suggest Execs Hacked Competitors

Almost None of the Women in the Ashley Madison Database Ever Used the Site

Ashley Madison dump, Troy Hunt and The Grugq

Netflix Is Dumping Anti-Virus, Presages Death Of An Industry

ЗМІ дізналися про загрози Касперського мочити компанію-конкурента

Холодильники Samsung могут быть использованы для кражи паролей Gmail

Linux Foundation releases PARANOID internal infosec guide

Improving Security for Bugzilla

Електронні петиції

Uber hires two security researchers to improve car technology

Direct download: 42.mp3
Category:Technology -- posted at: 12:17pm CET