Securit13 Podcast
Первый украинский подкаст об информационной безопасности

Alice, Victor Zhora and Kostiantyn Korsun talked with Kenneth Geers about his book Cyber war in perspective (pdf) https://goo.gl/RjPuqU, how can Ukraine to be a leader in cyber security, conflicts in Ukraine and Syria with perspective on cyber space and other questions.

Kennet's twitter is @KennethGeers

Intro / Outro Grapes - I dunno http://dig.ccmixter.org/files/grapes/16626

Видео-запись интервью на нашем канале https://www.youtube.com/channel/UCGYHYOm_J3zpyE5jCNzAHJg

Direct download: 54-2.mp3
Category:Technology -- posted at: 3:43am CET
Comments[0]

Intro / Outro Alex - Drive http://dig.ccmixter.org/files/AlexBeroza/43098

0:01:54 Чтобы превратить iPhone в "кирпич", достаточно сменить системную дату на 1 января 1970 года - ITC.ua http://goo.gl/TblQCe

0:04:23 There's a lot of vulnerable OS X applications out there. https://goo.gl/OLWEiy

VLC unsigned updates over http https://goo.gl/OIevQP

0:09:09 Fake Flash Player Update Infects Macs with Scareware https://goo.gl/5uhPXG

0:10:09 Nexus Security Bulletin - February 2016 http://goo.gl/lDS1ZV

Google fixes multiple Wi-Fi flaws, mediaserver bugs in Android http://goo.gl/zESjhg

Google plugs Android vulns http://goo.gl/eX6Lbm

0:10:47 Google calls out Comodo's Chromodo Chrome-knockoff as insecure crapware http://goo.gl/OrTlUv

0:12:02 Every version of Windows hit by 'critical' security vulnerability http://goo.gl/gYVDPY

0:12:52 Опубликованы новые подробности о том, как троян BlackEnergy атакует Украину https://goo.gl/5GbPmR

Міненерговугілля має намір утворити групу за участю представників усіх енергетичних компаній, що входять до сфери управління Міністерства, для вивчення можливостей щодо запобігання несанкціонованому втручанню в роботу енергомереж http://goo.gl/FRXKUd

0:18:47 Hackers mirror 250GB of NASA files on the web http://goo.gl/2RXmr4

OpNasaDrones Zine #Anonsec http://pastebin.com/pm1WLXQj

0:24:12 Privilege Escalation + Remote Code Execution in Apache Jetspeed 2.2.0 - 2.3.0 https://vimeo.com/154475767

Default settings in Apache may decloak Tor hidden services http://goo.gl/hlaHrJ

0:26:02 Brit spies want rights to wiretap and snoop on US companies' servers http://goo.gl/VZC7Ve

0:26:52 Smart toys spring dumb vulns. Again. This time: Cuddly bears, watches http://goo.gl/y3w72D

Hacked Toy Company VTech’s TOS Now Says It’s Not Liable for Hacks http://goo.gl/XVTPk9

0:30:30 Big Question: What does the Julian Assange case have to do with human rights? http://goo.gl/QWO1mk

The Working Group on Arbitrary Detention Deems the deprivation of liberty of Mr. Julian Assange as arbitrary http://goo.gl/ptB4eH

0:31:08 New Safe Harbor Data “Deal” May Be More Politicking Than Surveillance Reform https://goo.gl/y8s2OS

Safe Harbor ripped and replaced with Privacy Shield in last-minute US-Europe deal http://goo.gl/wf8uEr

0:32:27 OpenSSL fixes bug, gets dissed by German gov: That's so random ... not http://goo.gl/EYiOtp

OpenSSL study https://goo.gl/yf08LN

0:34:41 White House seeks its first ever chief information security officer http://goo.gl/5uRDdL

0:35:39 Safeway Self-Checkout Skimmer Close Up http://goo.gl/zBUZaJ

0:36:39 Взломать PayPal за 73 секунды https://habrahabr.ru/company/pt/blog/276459/

0:37:46 AST-2016-001: BEAST vulnerability in HTTP server http://seclists.org/fulldisclosure/2016/Feb/9

0:38:44 For Cyberattackers, Time Is The Enemy http://goo.gl/DFrKim

0:39:29 Mysterious spike in WordPress hacks silently delivers ransomware to visitors http://goo.gl/jvKRO9

0:40:13 KeePassLogger - KeePass Two-Channel Auto-Type Obfuscation Bypass http://goo.gl/KGgQQq

0:40:48 Samsung warns customers not to discuss personal information in front of smart TVs http://goo.gl/AcCP7g

0:41:21 Twitter Says There’s No “Magical Algorithm” to Find Terrorists https://goo.gl/u6FDhg

Combating Violent Extremism | Twitter Blogs https://goo.gl/SdFZHO

0:42:06 Malware Museum! https://archive.org/details/malwaremuseum

Roll up, roll up to the Malware Museum! Run classic DOS viruses in your web browser http://goo.gl/sVkJSN 

О сколько нам открытий чудных готовит Office Microsoft https://habrahabr.ru/post/264313/

Видео-запись эпизода на нашем канале https://www.youtube.com/channel/UCGYHYOm_J3zpyE5jCNzAHJg

Direct download: 54-1.mp3
Category:Technology -- posted at: 3:38pm CET
Comments[0]

Intro/ Outro Time (cdk Give Me Some Dubstep Extended Mix) http://dig.ccmixter.org/files/cdk/50693

0:00:51 Продовжено роботу групи з вивчення причин тимчасового збою в роботі систем енергопостачальних компаній, що мали місце 23 грудня 2015 року http://goo.gl/ZJyUrh
Повна новина http://goo.gl/jgX1Ez
Атака на энергетические объекты 19-20 января 2016 года. Постфактум https://goo.gl/QUuEbA
Techie on the ground disputes BlackEnergy Ukraine power outage story http://goo.gl/TEP9Lg
Steinitz: Israel’s Electric Authority hit by ‘severe’ cyber-attack http://goo.gl/EennWL
0:07:48 Secret SSH backdoor in Fortinet hardware found in more products http://goo.gl/dLlF7J
Fortinet SSH vulnerability more widespread than thought http://goo.gl/4eVqOn
0:14:15 NSA Helped British Spies Find Security Holes In Juniper Firewalls https://goo.gl/euULKA
0:17:28 В ядре Linux обнаружена уязвимость, позволяющая поднять привилегии в системе http://goo.gl/B8f4DC
Analysis and Exploitation of a Linux Kernel Vulnerability (CVE-2016-0728) http://goo.gl/kjXogr
0:20:41 Canada Cuts Off Some Intelligence Sharing With U.S. Out of Fear for Canadians’ Privacy https://t.co/pGBHQl3we9?ssr=true
0:21:15 Get Safe online https://goo.gl/cZWzud
0:23:32 IT-cпецагенты: кого и как отобрали в украинскую киберполицию http://goo.gl/4vL4Wh
0:26:16 Critical Yahoo Mail Flaw Patched, $10K Bounty Paid https://goo.gl/jvOgi9
0:27:31 Lenovo used 12345678 as hard-coded password in SHAREit for Windows https://goo.gl/pu1Qrc
0:31:28 Here's what an Ashley Madison blackmail letter looks like https://goo.gl/aNbw8G
0:33:33 HD Moore Leaves Rapid7 https://goo.gl/vS0ZY8
0:34:01 OpenSSL to Patch Two Vulnerabilities This Week https://goo.gl/EFu7n6
0:37:49 PayPal Remote Code Execution Vulnerability http://goo.gl/w7wYd6 
And the tool used for that. https://github.com/frohoff/ysoserial
0:39:08 Oracle's finally killing its terrible Java browser plugin http://goo.gl/WAQXcu
0:40:36 Kali Linux, Rolling Edition Released – 2016.1 https://www.kali.org/releases/kali-linux-rolling-edition-2016-1/
0:46:50 Crash Safari Code | JerryGamblin.com http://goo.gl/ph75ar
https://twitter.com/mikko/status/691600741832720384
0:47:38 СБУ задержала группу хакеров при попытке воровства 15 млн грн http://goo.gl/zBYhMC
0:49:21 iSIGHT and FireEye: Ushering in a New Era of Intelligence-Led Security https://goo.gl/px28H0
0:49:59 Toyota Russia Customers Data http://pasted.co/6fe1aa50
0:52:06 Oracle drops 248 - count 'em - 248 patches, to fix ... something http://goo.gl/zWqXMK
0:56:42 Skype Now Hides Your Internet Address http://goo.gl/3iCJqM
0:58:08 NSA Hacker Chief Explains How to Keep Him Out of Your System http://goo.gl/Fp5vgX
1:00:03 Reversing Apple’s syslogd bug https://goo.gl/gNZ9cE
1:00:33 Прикольный баг был в 1Password https://twitter.com/1password/status/688510701359476738
1:01:01 As promised @googlechrome indeed doesn't recognise @VERISIGN certificates as trusted anymore. https://pbs.twimg.com/media/CZIm_eXVIAA0Oxo.jpg
1:02:44 White Paper: A Guide to DDoS Mitigation & Testing http://goo.gl/bGeVuL
1:03:01 Remote access to the car or practical aspects of the ELM 327 security http://goo.gl/AkTzpA 

Видео-запись эпизода на нашем канале https://www.youtube.com/channel/UCGYHYOm_J3zpyE5jCNzAHJg

Direct download: 53.mp3
Category:Technology -- posted at: 9:12pm CET
Comments[2]

1