Securit13 Podcast
Первый украинский подкаст об информационной безопасности

Alice, Victor Zhora and Kostiantyn Korsun talked with Kenneth Geers about his book Cyber war in perspective (pdf), how can Ukraine to be a leader in cyber security, conflicts in Ukraine and Syria with perspective on cyber space and other questions.

Kennet's twitter is @KennethGeers

Intro / Outro Grapes - I dunno

Видео-запись интервью на нашем канале

Direct download: 54-2.mp3
Category:Technology -- posted at: 3:43am CET

Intro / Outro Alex - Drive

0:01:54 Чтобы превратить iPhone в "кирпич", достаточно сменить системную дату на 1 января 1970 года -

0:04:23 There's a lot of vulnerable OS X applications out there.

VLC unsigned updates over http

0:09:09 Fake Flash Player Update Infects Macs with Scareware

0:10:09 Nexus Security Bulletin - February 2016

Google fixes multiple Wi-Fi flaws, mediaserver bugs in Android

Google plugs Android vulns

0:10:47 Google calls out Comodo's Chromodo Chrome-knockoff as insecure crapware

0:12:02 Every version of Windows hit by 'critical' security vulnerability

0:12:52 Опубликованы новые подробности о том, как троян BlackEnergy атакует Украину

Міненерговугілля має намір утворити групу за участю представників усіх енергетичних компаній, що входять до сфери управління Міністерства, для вивчення можливостей щодо запобігання несанкціонованому втручанню в роботу енергомереж

0:18:47 Hackers mirror 250GB of NASA files on the web

OpNasaDrones Zine #Anonsec

0:24:12 Privilege Escalation + Remote Code Execution in Apache Jetspeed 2.2.0 - 2.3.0

Default settings in Apache may decloak Tor hidden services

0:26:02 Brit spies want rights to wiretap and snoop on US companies' servers

0:26:52 Smart toys spring dumb vulns. Again. This time: Cuddly bears, watches

Hacked Toy Company VTech’s TOS Now Says It’s Not Liable for Hacks

0:30:30 Big Question: What does the Julian Assange case have to do with human rights?

The Working Group on Arbitrary Detention Deems the deprivation of liberty of Mr. Julian Assange as arbitrary

0:31:08 New Safe Harbor Data “Deal” May Be More Politicking Than Surveillance Reform

Safe Harbor ripped and replaced with Privacy Shield in last-minute US-Europe deal

0:32:27 OpenSSL fixes bug, gets dissed by German gov: That's so random ... not

OpenSSL study

0:34:41 White House seeks its first ever chief information security officer

0:35:39 Safeway Self-Checkout Skimmer Close Up

0:36:39 Взломать PayPal за 73 секунды

0:37:46 AST-2016-001: BEAST vulnerability in HTTP server

0:38:44 For Cyberattackers, Time Is The Enemy

0:39:29 Mysterious spike in WordPress hacks silently delivers ransomware to visitors

0:40:13 KeePassLogger - KeePass Two-Channel Auto-Type Obfuscation Bypass

0:40:48 Samsung warns customers not to discuss personal information in front of smart TVs

0:41:21 Twitter Says There’s No “Magical Algorithm” to Find Terrorists

Combating Violent Extremism | Twitter Blogs

0:42:06 Malware Museum!

Roll up, roll up to the Malware Museum! Run classic DOS viruses in your web browser 

О сколько нам открытий чудных готовит Office Microsoft

Видео-запись эпизода на нашем канале

Direct download: 54-1.mp3
Category:Technology -- posted at: 3:38pm CET

Intro/ Outro Time (cdk Give Me Some Dubstep Extended Mix)

0:00:51 Продовжено роботу групи з вивчення причин тимчасового збою в роботі систем енергопостачальних компаній, що мали місце 23 грудня 2015 року
Повна новина
Атака на энергетические объекты 19-20 января 2016 года. Постфактум
Techie on the ground disputes BlackEnergy Ukraine power outage story
Steinitz: Israel’s Electric Authority hit by ‘severe’ cyber-attack
0:07:48 Secret SSH backdoor in Fortinet hardware found in more products
Fortinet SSH vulnerability more widespread than thought
0:14:15 NSA Helped British Spies Find Security Holes In Juniper Firewalls
0:17:28 В ядре Linux обнаружена уязвимость, позволяющая поднять привилегии в системе
Analysis and Exploitation of a Linux Kernel Vulnerability (CVE-2016-0728)
0:20:41 Canada Cuts Off Some Intelligence Sharing With U.S. Out of Fear for Canadians’ Privacy
0:21:15 Get Safe online
0:23:32 IT-cпецагенты: кого и как отобрали в украинскую киберполицию
0:26:16 Critical Yahoo Mail Flaw Patched, $10K Bounty Paid
0:27:31 Lenovo used 12345678 as hard-coded password in SHAREit for Windows
0:31:28 Here's what an Ashley Madison blackmail letter looks like
0:33:33 HD Moore Leaves Rapid7
0:34:01 OpenSSL to Patch Two Vulnerabilities This Week
0:37:49 PayPal Remote Code Execution Vulnerability 
And the tool used for that.
0:39:08 Oracle's finally killing its terrible Java browser plugin
0:40:36 Kali Linux, Rolling Edition Released – 2016.1
0:46:50 Crash Safari Code |
0:47:38 СБУ задержала группу хакеров при попытке воровства 15 млн грн
0:49:21 iSIGHT and FireEye: Ushering in a New Era of Intelligence-Led Security
0:49:59 Toyota Russia Customers Data
0:52:06 Oracle drops 248 - count 'em - 248 patches, to fix ... something
0:56:42 Skype Now Hides Your Internet Address
0:58:08 NSA Hacker Chief Explains How to Keep Him Out of Your System
1:00:03 Reversing Apple’s syslogd bug
1:00:33 Прикольный баг был в 1Password
1:01:01 As promised @googlechrome indeed doesn't recognise @VERISIGN certificates as trusted anymore.
1:02:44 White Paper: A Guide to DDoS Mitigation & Testing
1:03:01 Remote access to the car or practical aspects of the ELM 327 security 

Видео-запись эпизода на нашем канале

Direct download: 53.mp3
Category:Technology -- posted at: 9:12pm CET