Securit13 Podcast
Первый украинский подкаст об информационной безопасности

Intro / Outro Run The Jewels - A Christmas F*cking Miracle

0:02:41 Bitcoin's Creator Satoshi Nakamoto Is Probably This Unknown Australian Genius

Satoshi Nakamoto Not Eligible For Nobel Prize - CCN: Financial Bitcoin & Cryptocurrency News

Time To Call A Hoax? Inconsistencies On 'Probable' Bitcoin Creator's PhD And Supercomputers Revealed

0:06:16 If you are using TrueCrypt you should stop.  Hashcat is now optimized to crack TrueCrypt volumes.

0:07:03 How the AM hack changed the victims’ lives

0:08:14 Hacker Confirms PlayStation 4 Jailbreak! Exploit Could Open Doors for Pirated Games

Hacking the PS4, part 2

0:09:16 Unauthorized code in Juniper ScreenOS allows for administrative access

0:11:40 Back to 28: Grub2 Authentication 0-Day

Критическая уязвимость в загрузчике Grub2 позволяет обходить защиту паролем

0:12:46 DDoS on DNS

Корневые DNS-серверы пережили необычную DDoS-атаку

0:16:08 MacKeeper data breach

0:20:20 Critical Remote Root Zero-Day In FireEye Appliances 

0:24:08 PCI security standards council revises date for migrating off vulnerable SSL and early TLS encryption (pdf)

Let's Encrypt says get your free digital security certificates here

Let's Encrypt! Get started.

Certificates for US sanctioned countries

0:25:55 MIT Creates Untraceable Anonymous Messaging System Called Vuvuzela

0:28:35 No root for you! Google slams door on Symantec certs

0:29:38 Donald Trump thinks he can call Bill Gates to 'close up' the internet

0:33:45 Shocking! Instagram HACKED! Researcher hacked into Instagram Server and Admin Panel

0:35:09 A Different Kind of POP: The Joomla Unserialize Vulnerability

0:38:08 A 2008 book by Craig S. Wright contains plagiarism

0:42:36 Google Search starts indexing HTTPS pages by default

0:43:10 Kazakhstan Announces Plan to Spy on Encrypted Internet Traffic

0:51:45 Troy Hunt: When children are breached – inside the massive VTech hack

Hacker Obtained Childrens' Headshots and Chatlogs From Toymaker VTech

VTech Hacker Explains Why He Hacked the Toy Company

0:52:46 First ever EU rules on cybersecurity

0:56:36 I included emoji in my password and now I can't log in to my Account on Yosemite

0:59:15 Хакера з України, підозрюваного в крадіжці 80 млн, затримали в Кракові

0:59:51 Неудачное обновление ПО SAP в Deutsche Post DHL

1:06:45 Tails 1.8 is out

1:06:50 What a nice holiday gift.

1:07:21 Python Extension · rapid7/metasploit-framework Wiki · GitHub

1:07:58 Craig S. Wright - "The IT Regulatory and Standards Compliance Handbook" Contains Plagiarism

1:08:14 The Happiness Advantage: The Seven Principles of Positive Psychology That Fuel Success and Performance at Work 

Direct download: 51.mp3
Category:Technology -- posted at: 6:03pm CEST

Intro / Outro Naughty By Nature Ft. Kate Nauta - Name Game

0:02:03 Kaspersky Antivirus Certificate handling path traversal

0:03:40 CVE-2015-6357: FirePWNER Exploit for Cisco FireSIGHT Management Center SSL Validation Vulnerability

0:05:23 Dell ships laptops with rouge CA Lenovo style

Dell apologizes for HTTPS certificate fiasco, provides removal tool

0:06:08 Amazon suffers potential password leak, unknown number of accounts affected

Amazon data breach rumours spread as passwords are reset on some accounts

0:06:33 At 11:59pm EST on Sunday, the NSA will stop in-house phone metadata collection

The secret message hidden in every HTTP/2 connection: HTTP Verb "PRISM"

0:06:44 Казахстан внедряет свой CA для прослушивания всего TLS-трафика

0:09:34 Комментарий Евгения Шульги о прослушивании TLS-трафика

0:17:50 Интервью с Полом Алдерсоном

Daniel H. Pink - Drive

The Anatomy of Peace: Resolving the Heart of Conflict

0:21:15 Интервью с Алексеем Старовым

Concise. A Cybersecurity Education Directory.

Топовые конференции по security

"Security Engineering" by Ross Anderson

Примеры интересных академических статей:

0:25:24 Интервью с Кеннетом Гирсом

0:30:56 Интервью с Сергеем Харюком

0:35:32 Интервью с Гийомом Лове

0:42:50 Интервью с Александром

0:44:30 Интервью с Олегом Кучеровым

0:50:24 Интервью с Евгенией Брошеван и Вадимом Чакряном

Hackup learning network

Вадим Чакрян - С чего начать свой путь этичного хакера?

Direct download: 50.mp3
Category:Technology -- posted at: 6:25am CEST

Intro / Outro Wang Rong Rollin - Chick Chick

02:40 Here’s a Spy Firm’s Price List for Secret Hacker Techniques

04:30 Google Is Fixing a Dangerous Gmail Bug That Could Let Others Impersonate You


05:59 Hacker fakes German minister's fingerprints using photos of her hands

09:43 Основатель Bitcoin Foundation Ukraine доказал в суде незаконность изъятия техники при обыске у него дома

12:41 Hacker Group Anonymous Announces 'Biggest Operation' Against ISIS After Paris Attacks

15:44 Кабмин "завернул" законопроект НКРСИ "Об электронных коммуникациях" - InternetUA

16:35 FBI denies paying $1 million to unmask Tor users

17:06 Nmap 7 Released

18:35 Cyberattacks are again used in a hybrid warfare. Now in Bulgaria.

24:59 The way we bank some places

27:53 Why tech firms pay hackers to hack them

29:18 The media link the PlayStation 4 to terrorist attacks in Paris

Direct download: 49.mp3
Category:Technology -- posted at: 1:54pm CEST

Intro / Outro Був’є – Стіна

CloudFlare is a free global CDN and DNS provider that can speed up and protect any site online

Op-ed: (How) did they break Diffie-Hellman?

Ransomware Now Gunning for Your Web Sites

Linux Ransomware Debut Fails on Predictable Encryption Key

Let me tell you about Wireshark 2.0

Windows 3.1 Is Still Alive, And It Just Killed a French Airport

Oracle now keeps all EU data within EU borders to avoid Safe Harbour problems

Halloween security breach

Updates to Chrome platform support

Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege

The Secret Service Agent Who Collared Cybercrooks by Selling Them Fake IDs

Direct download: 48.mp3
Category:Technology -- posted at: 12:17pm CEST

Intro / Outro Dubioza kolektiv - Free.mp3 (The Pirate Bay Song)



Take 5 minutes and up your opsec game with Tor Messenger

Короткая история времени

Hackers gonna hack, but why? Maybe Freud has the answer (публикация и твитт удалены)



Во Львовской ОГА уволили пользовавшегося почтой чиновника

В правительстве решили отделить свой Интернет от провайдеров

Somebody Just Claimed a $1 Million Bounty for Hacking the iPhone

TalkTalk Hackers Demanded £80K in Bitcoin

A 15-year-old boy Arrested in connection with #TalkTalk Cyber Attack

TalkTalk breach: CEO dismisses encryption, 15-year-old arrested

TalkTalk, Script Kids & The Quest for ‘OG’

13 million plaintext passwords leak from free webhosting firm

FireEye's CEO partly blamed a slowdown in Chinese hacking for its poor results, and the stock is getting crushed

ProtonMail Paid Hackers $6000 Ransom in Bitcoin to Stop DDoS Attacks

This 11-year-old is selling cryptographically secure passwords for $2 each

In the UK, Web browsing history must now be stored for a year

Programmers: Stop Calling Yourselves Engineers

Direct download: 47.mp3
Category:Technology -- posted at: 12:51am CEST

Intro / Outro Пустельник - Піккардійська терція

Linux for kids

Интервью с Дмитрием Пономеревым о Lockpicking

Lockpicking wiki

Одни из лучших образовательных видео, чувак реально доходчиво объясняет и адекватное качество картинки, а не пиксели:


Building Your First Lock Pick Kit

Improve Your Lock Picking Skills (for Beginners)

Building Your First Lock Pick Kit

How to Detect and Beat Spool Pins (for Beginners)

Вендоры:  (тут называется Raking, но по-идее,это zipping )


А вот это raking с bogota rake

Связаться с Дмитрием можно в твиттере @ze_punker или написать письмо на

1Password хранит данные в незашифрованном виде - «Хакер»

CIA boss has his personal email account hacked... and yes, it's on AOL

Wikileaks claims release of CIA boss John Brennan's emails - BBC News

Teen Who Hacked CIA Director’s Email Tells How He Did It

HTTPS certs now simple, automated and FREEEE!

Chinese used hacking team software

Apple tells judge it's "impossible" to unlock a device running iOS 8 or higher

КМУ про винагороду кіберполіції

A network error routed traffic for the UK's nuclear weapons agency through Russia

Direct download: 46.mp3
Category:Technology -- posted at: 3:56pm CEST

Intro / Outro Mt Eden DnB and Imogen Heap - The walk

Yahoo wants to kill passwords with revamped Mail app

Two-Factor Authentication - Duo Security

Интернет-омбудсмен увидел вред для РФ от вложений в IT-специалистов


Интервью с Евгением Пилянкевичем о проекте Themis

Блог и твиттер компании

Даниэль Канеман “Думай медленно... решай быстро”

John McAfee Launches Presidential Bid With Surprisingly Low Key Video

China arrests hacking suspects on behalf of the US

Створення кіберполіції

Вимоги до інспекторів та спецагентів

What’s in a Boarding Pass Barcode? A Lot

Migrate to KeePassX

Everything Amazon announced at AWS re:Invent 2015

Happy to see @awscloud Inspector ( & @googlecloud scanner ( as another security tool for dev
How is NSA breaking so much crypto?

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice (pdf)

OS X 10.11 El Capitan: Bugs, bugs, and more bugs

Microsoft Working on Fix for Office Bugs in OS X El Capitan

Adobe confirms major Flash vulnerability, and the only way to protect yourself is to uninstall Flash

13 new vulnerabilities? You should disable or uninstall Adobe Flash

Adobe releases patch for major Flash vulnerability – here’s how to download it

Dow Jones Hacked, Affecting Thousands

WSJ hacked (pdf)

How I Hacked Hotmail

Exclusive: Uber checks connections between hacker and Lyft

Alleged Ukrainian Hacker Extradited to US

European Court of Justice invalidates European Commission’s Safe Harbor decision

IRS Can’t Update Woefully Out-of-Date Windows Servers Because It Can’t Find Some of Them

Russia ‘very targeted’ in its cyber attacks (video)

Злоумышленники атакуют компании через Cisco WebVPN

VulDB: Cisco ASA SSL VPN cross site scripting [CVE-2014-3393]

Rusky antivirus company FIRE BOMBED for research blogs

App Store removes root certificate-based ad blockers over privacy concerns

Lessons From the Summer of Epic Car Hacks

Direct download: 45.mp3
Category:Technology -- posted at: 2:22pm CEST

Intro / Outro Гуцул Калiпсо - Звiзда

Интервью с Игорем Блюменталем. Связаться можно с помощью facebook или twitter

Bugsheet. Bug Bounties & Disclosure Programs



Первая всеукраинская олимпиада и форум по кибербезопасности

SYNful Knock - A Cisco router implant - Part I

IoT vigilante Linux.Wifatch 'malware' may be patching up security flaws

You should traceroute right now and

President Obama says the U.S. and China have agreed to broad anti-hacking principles

Analysis: China-US hacking accord is tall on rhetoric, short on substance

The Cost of Mobile Ads on 50 News Websites

Patreon was warned of serious website flaw 5 days before it was hacked


ARIN IPv4 Free Pool Reaches Zero

Russian police investigate Apple for ‘propagating homosexuality’

Symantec caught issuing rogue certificates

Symantec employees fired for issuing rogue HTTPS certificate for Google


Hello? HELLO? Major Skype outage hits UK, Australia and Japan

Недокументированная фича

AVG can sell your browsing and search history to advertisers (Wired UK)

BitPay Hacked, 5 000 Bitcoins Stolen

Cyber-attacks and underground activities in Port of Antwerp

Direct download: 44.mp3
Category:Technology -- posted at: 1:53am CEST

Intro / Outro DJ Orkidea - Beautiful

Да здравствует UISGCon 11!

Мосгорсуд взыскал с Google 50 тысяч рублей за чтение личной переписки

iOS Ad-Blocking Apps Top Apple Inc.'s App Store Paid List Shortly After iOS 9 Launch

Ex-Ashley Madison CTO Threatens Libel Suit

Ashley Madison passwords like “thisiswrong” tap cheaters’ guilt and denial

Researcher discloses zero-day vulnerability in FireEye

FireEye, Kaspersky hit with zero-day flaw claims

FireEye 0day details (as much of them as legally possible)


Android 5.x Lockscreen Bypass (CVE-2015-3860)

iOS 8.4.1 AirDrop Exploit Demo

FBI: $1.2B Lost to Business Email Scams

BitPay Hacked, 5 000 Bitcoins Stolen - CCN: Financial Bitcoin & Cryptocurrency News

Bloke clicks GitHub 'commit' button in Visual Studio, gets slapped with $6,500 AWS bill

В России заблокируют PornHub

ЮРИДИЧНІ ОСОБИ, до яких застосовуються обмежувальні заходи (санкції) (pdf)

What is Privacy For? Protecting Our Kids Online.

Raising Kids with Privacy Awareness

Like Kaspersky, Russian Antivirus Firm Dr.Web Tested Rivals

Уязвимость на сайте ПриватБанка позволяла просматривать историю платежей любого пользователя

Яндекс.Навигатор уличили в записи разговоров владельца

LinkedIn Sockpuppets Are Targeting Security Researchers

SUCEFUL: Next Generation ATM Malware

Криворукие «хакеры» ФСБ «Киберберкут» разродились очередным фейком

А что вы ищите на github?

Global State of Information Security Survey 2015

First-ever monthly Android security updates start to roll out

Хакерские группы взламывают спутниковые каналы, чтобы замести следы

Netflix releases reflected XSS audit tool for biz

Что искала СБУ в Днепропетровском офисе LUXOFT

Malicious Firmware Found Preinstalled on Xiaomi, Huawei, Lenovo Phones

Direct download: 43.mp3
Category:Technology -- posted at: 8:41am CEST

Intro / Outro ELEPHANT - Moon

A New Encryption Standard of Ukraine: The Kalyna Block Cipher

Держспецзв'язку впроваджує нові стандарти криптографічного захисту інформації

База патентів України. Спосіб шифрування двійкових блоків даних

A Meet-in-the-Middle Attack on Reduced-Round Kalyna-b=2b (pdf)



Who Hacked Ashley Madison?

Exposed Ashley Madison members targeted by scammers and extortionists

Troy Hunt: Here’s what Ashley Madison members have told me

Ashley Madison execs hacked competitors, wrote screenplay

Ashley Madison faces proposed class-action suit over half-deleted data

Lessons learned from cracking 4,000 Ashley Madison passwords

AshleyMadison: $500K Bounty for Hackers

Ashley Madison: 'Suicides' over website hack - BBC News

Leaked AshleyMadison Emails Suggest Execs Hacked Competitors

Almost None of the Women in the Ashley Madison Database Ever Used the Site

Ashley Madison dump, Troy Hunt and The Grugq

Netflix Is Dumping Anti-Virus, Presages Death Of An Industry

ЗМІ дізналися про загрози Касперського мочити компанію-конкурента

Холодильники Samsung могут быть использованы для кражи паролей Gmail

Linux Foundation releases PARANOID internal infosec guide

Improving Security for Bugzilla

Електронні петиції

Uber hires two security researchers to improve car technology

Direct download: 42.mp3
Category:Technology -- posted at: 12:17pm CEST

Intro / Outro Frontline - Pillar

Ashley Madison Emails By Category

How to search through the leaked Ashley Madison data

Hackers Finally Post Stolen Ashley Madison Data

Hackers Dump More Ashley Madison Data

Aug 20 2015: New message and torrent!

Ashley Madison Hackers Speak Out: 'Nobody Was Watching'

I found my husband in the Ashley Madison leak

Как дрозды становятся дятлами

Oracle Deletes CSO’s Screed Against Hackers Who Report Bugs

Oracle CSO is right

My Personal Take On Mary Ann's Blog

No, You Really Can’t

Oracle blog. Those Who Can’t Do, Audit

Researchers find way to steal Windows Active Directory credentials from the Internet (SMB protocol)

EXCLUSIVE-Ex-employees: Russian antivirus firm faked malware to harm rivals Hacked! Credit Card information of 93,000 Customers Compromised

ICANN hacked, emails and passwords stolen

Tech Firm Ubiquiti Suffers $46M Cyberheist (8.1 вернули, 6.8 зарезервировано)

BitTorrent clients can be made to participate in high-volume DoS attacks

Domain Administrator in 17 seconds

Заклеивание веб-камеры или как мой муж сошел с ума

The Lifecycle of a Revolution (Keynote)

В Одеській ОДА виявили, що інформація з комп’ютерів йде в "ДНР"

Сайт Львівської обладміністрації зламали з території Криму



Loggly Main Dashboard

AWS CloudFormation

Understanding AWS Security

A lot of security topics  AWS videos are here:

Blog post about port knocking

Не вошедшее:

Empire is a pure PowerShell post-exploitation agent

cve-2015-???? poc ~ os x 10.10.5 kernel local privilege escalation

Share your terminal as a web application

Alibi routing software and data

Direct download: 41.mp3
Category:Technology -- posted at: 11:57am CEST

Intro / Outro The Weeknd - Wicked Games

Hackers Can Disable a Sniper Rifle—Or Change Its Target

This Hacker’s Tiny Device Unlocks Cars And Opens Garages

This Gadget Hacks GM Cars to Locate, Unlock, and Start Them

Researchers Hacked a Model S, But Tesla’s Already Released a Patch

New vulnerability can put Android phones into permanent vegetative state

 Can they hear you now? Hacking Team & SS7

Researchers look sideways to crack SIM card AES-128 encryption

Derelict TrueCrypt Russia portal 'is command hub for Ukraine spying op’

Windows 10 is spying on you - at least that's what this developer thinks

Disable KeyLogger Windows 10

fix windows 10

Windows 10 updates to be automatic and mandatory for Home users

Researchers claim they’ve developed a better, faster Tor

950 million Android phones can be hijacked by malicious text messages

First Known Exploit of Apple DYLD_PRINT_TO_FILE Vulnerability Discovered in the Wild

Ashley Madison invites red-faced cheats to bolt stable door for free

Захист урядового порталу від Ddos-атак коштуватиме півмільйона

Mt.Gox Bitcoin Exchange CEO Arrested by Japanese Police

Chinese VPN Service as Attack Platform?


Thunderstrike 2” rootkit uses Thunderbolt accessories to infect Mac firmware

Exclusive: Visa application portal closed following SC Magazine investigation

Rapid7 Inc (NASDAQ:RPD)

What amateurs can learn from security pros about staying safe online

Телеком-регулятор проголосовал за лишение абонентов мобильной связи анонимности

Внимание! Крутое мошенничество с картами «ПриватБанка»!

Direct download: 40.mp3
Category:Technology -- posted at: 8:16am CEST

Intro / Outro Hollywood Undead - Young

ВРУ рассмотрит законопроект о защите киберпространства

Предложения «ГО ИСАКА КИЕВ» к проекту закона Украины об основах кибербезопасности

Канадский опыт и

Hackers Remotely Kill a Jeep on the Highway—With Me in It

When Charlie Miller tells you to install an update for your Jeep, you really should go and install that update.

Patch Your Chrysler Now Against a Wireless Hacking Attack

Online Cheating Site AshleyMadison Hacked

#AshleyMadisonHack ... the website is now down

Paying $20 to delete your Ashley Madison profile was probably a bad idea


Firefox blacklists Flash player due to unpatched 0-day vulnerabilities

Adobe: We REALLY are taking Flash security seriously – honest

Third Hacking Team Flash Zero-Day Found

Project Zero. One Perfect Bug: Exploiting Type Confusion in Flash

RIPv1 Used in DDoS Reflection Attacks - AT&T ThreatTraq Bits (video)

Threat Advisory: RIPv1 Reflection DDoS (pdf)

OS X 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation Vulnerability


MS urges Skype users to change their passwords

Bye bye Darkode

How to Crack RC4 Encryption in WPA-TKIP and TLS

Free Tool Looks for HackingTeam Malware

Owners of OPM breached data tobe granted life time credit monitoring

Wow, another NSA leak: Network security code appears on GitHub (Анализ на хабре

Direct download: 39.mp3
Category:Technology -- posted at: 2:33pm CEST

Intro / Outro Сен-тропе - у селові

Интервью с Василием Гузием о тонкостях поимки кибер преступников

В Украине арестовали пятерых хакеров, причастных к краже не менее 2 млн евро у крупнейших мировых банков

Депутаты дошли до интернета: законопроект о киберпространстве

MasterCard to trial pay-by-face for online purchasing

Spy Tech Company 'Hacking Team' Gets Hacked

Information related to the attacks on HackingTeam on July 6, 2015

Hacking Team Breach Shows a Global Spying Firm Run Amok

Hacking Team Asks Customers to Stop Using Its Software After Hack

The FBI Spent $775K on Hacking Team's Spy Tools Since 2011

UK police forces wanted to buy Hacking Team spyware

Adobe Flash exploit that was leaked by Hacking Team goes wild

Hacking Team leak, Flash 0day, exploit payloads and more

Days after Hacking Team breach, nobody fired, no customers lost

OPM shuts down background investigation portal because of vulnerability

433,000 Ford cars to be recalled because of software bug

Samsung announces fix for major Galaxy keyboard security flaw

Adventures in Automotive Networks and Control Units (pdf)

NSA can track everyone's phone calls again -- for a while

Your VPN Probably Isn’t Private


Critical OpenSSL bug allows attackers to impersonate any trusted server

The OpenSSL "CVE-2015-1793" certificate verification bug - what you need to know

Google unveils independent “fork” of OpenSSL called “BoringSSL”

В Україні через тиждень запускають захищений мобільний зв'язок

Система криптографически защищенной мобильной связи TACITUS

Meet the hackers who break into Microsoft and Apple to steal insider info

'Hackers' give orders to German missile battery

Украина вошла в рейтинг стран с наибольшим количеством DDoS-атак

David Cameron is going to try and ban encryption in Britain

7 things to do when your business is hacked

Kali Linux 2.0 Release Day Scheduled

Новий Голова Держспецзв’язку Леонід Євдоченко

Apple to introduce two-factor authentication option in iOS 9 and OS X El Capitan

Security-конференция dec0de в Одессе

Apple to introduce two-factor authentication option in iOS 9 and OS X El Capitan

Windows 10 will share your Wi-Fi key with your friends' friends

Cisco To Buy Cloud Security Company OpenDNS for $635M In Cash

US-CERT Alerts of Phishing Campaigns Targeting OPM Hack Victims

Information security news and discussion

Two keys to rule them all: Cisco warns of default SSH keys on appliances

Amazon Releases S2N TLS Crypto Implementation to Open Source


To determine HackingTeam infection

Direct download: 38.mp3
Category:general -- posted at: 11:19am CEST

Intro / Outro Jam & Spoon Featuring Rea Garvey-Set Me Free

ВРУ рассмотрит законопроект о защите киберпространства

Министерство IT

В Украине арестовали пятерых хакеров, причастных к краже не менее 2 млн евро у крупнейших мировых банков

Operation Lotus Blossom

HP Releases Details, Exploit Code for Unpatched IE Flaws

Analysis and Exploitation of an ESET Vulnerability

IETF официально вывел из обихода протокол SSLv3

Hackers Exploit Zero-Day Magento Vulnerability to Steal Your Credit Cards

Secret Service agent who stole $820K from Silk Road pleads guilty

This Radio Bug Can Steal Laptop Crypto Keys, Fits Inside a Pita

Polish airline LOT was grounded after 'IT attack' took hold

Polish plane IT attack? Apparently not, just a simple DDoS

All Airlines Have the Security Hole That Grounded Polish Planes

Zero-Day Exploits for Stealing OS X and iOS Passwords

 CIA Backed Firm Finds Stolen Government Passwords Throughout Web

Роскомнадзор заблокировал страницу «архива интернета» за экстремизм

Drupal Fixes Critical OpenID Bug

Canada government websites taken down in cyber attack

US and British Spies Targeted Antivirus Companies

Adobe Releases Emergency Patch for Flash Zero-Day Vulnerability

Sony Hack: WikiLeaks Releases New Batch of 270,000 Documents


HP Security Research OSINT (OpenSource Intelligence) articles of interest

Crooks Use Hacked Routers to Aid Cyberheists

Transparently Routing Traffic Through Tor

Using Metasploit socks proxy auxilliary module over a Meterpretee session

Meterpreter Paranoid Mode

Encryption software for files in the cloud

Direct download: 37.mp3
Category:Technology -- posted at: 10:22am CEST

Intro / Outro ЯрмаК - Вставай (TS Prod.)

Интервью с Алексеем Старовым о Tor-клиенте Astoria.

Measuring and mitigating AS-level adversaries against Tor (pdf)

Center for Applied Internet Data Analysis

Связаться с Алексеем можно по e-mail

Direct download: 36.5.mp3
Category:Technology -- posted at: 7:03pm CEST

Intro / Outro Андрій Хливнюк "Спи собі сама"

Kaspersky Finds New Nation-State Attack—In Its Own Network


Stuxnet spawn infected Kaspersky using stolen Foxconn digital certificates

China might be building vast database of federal worker info, experts say

TV5 Monde attack 'by Russia-based hackers'

Serious iOS bug lets hackers create fake login screens to steal Apple credentials

LastPass Security Notice

Tesla Motors начала платить за найденные уязвимости

Assume your GitHub account is hacked, users with weak crypto keys told

You Can Be Prosecuted for Clearing Your Browser History

Sourceforge Hijacks the Nmap Sourceforge Account

This Hacked Kids' Toy Opens Garage Doors in Seconds

Edward Snowden: “I should have come forward sooner.”

Сноуден обвинил Россию в нарушении неприкосновенности частной жизни

Украинец убедил нигерийского спамера выслать ему 600 долларов

Держспецзв’язку видала позитивний експертний висновок на Симетричний блоковий шифр AES

The Senate Finally Passes NSA Surveillance Reform

Интернет-вруны: В сети появился список кремлевских троллей и пропутинских организаций

У Бельгії комісія подала до суду на Facebook

Report: Hack of government employee records discovered by product demo

Технологический практикум «Облака без лишних слов»

Вебинары Positive Technologies: образовательная программа "Практическая безопасность"

Yahoo to face class action lawsuit over email spying claims

Facebook will encrypt the emails it sends to you with PGP

Microsoft Plans to Add Secure Shell (SSH) to Windows


Direct download: 36.mp3
Category:Technology -- posted at: 9:00pm CEST

Intro/outro - Фантом 2 - Двоє

The Complete Guide for Hidden Services And Staying Anonymous

Risky Business #367 -- Tor Project lead Roger Dingledine

Astoria — Advanced Tor Client Designed to Avoid NSA Attacks

Anonymous peer-to-peer instant messaging

Top encryption researcher moves to Switzerland to escape government interference

HideMyAss story: How misbehaving at school made one man a multimillionaire

Russia warns Google, Twitter and Facebook on law violations

Президент РФ подписал указ о создании государственного сегмента интернета

Some notes about Wassenaar

Cisco Systems поставляла оборудование для Минобороны РФ, ФСБ и Роскомоса в обход санкций

Билеты на финал Лиги Европы от Приватбанка

The founder of the Silk Road drug marketplace has been sentenced to life in prison without parole

Aaron Swartz stood up for freedom and fairness

Верховный суд обязал банки возвращать клиентам украденные с карточек деньги

Активисты раскрыли способ "накрутки" голосов при отборе в общественный совет НАБ

NSA (doesn’t) shut down surveillance program

Senate blocks the bill: Senate blocks NSA surveillance reform bill

Китайцы придумали, как отслеживать людей в метро через акселерометры смартфонов

Official Kali Linux Docker Images

ООН причислил шифрование и анонимность в интернете к правам человека

Anatomy of a LOGJAM - another TLS vulnerability, and what to do about it

Infosec Hype Tracker

pcre -- multiple vulnerabilities

Malicious Minecraft apps affect 600,000 Android Users

Annoying bug causes iPhone Messages to crash

Hola VPN turns 10M users into exit nodes

These two Diablo III players stole virtual armor and gold — and got prosecuted IRL

Real-world, physical crypto-lockers

Security Firm Redefines APT: African Phishing Threat

Direct download: 35.mp3
Category:Technology -- posted at: 9:17am CEST

Intro / outro - Christian Kane - LA Song

Интервью с Тарасом Бобало

Связаться с Тарасом можно с помощью email и skype madspeedy

Virtualized Environment Neglected Operations Manipulation (VENOM)

Heartbleed, eat your heart out: VENOM vuln poisons countless VMs

PCI DSS 3.1 (pdf)



Patch Tuesday Facelift End of an Era


Премьер-министр Сингапура написал решатель Судоку на C++ и выложил исходный код программы в открытый доступ

Super secretive malware wipes hard drive to prevent analysis 

WordPress Vulnerability Puts Millions of Websites At Risk

 Киевский трамвай наехал на Google-мобиль

Self-Driving Trucks Are Going to Hit Us Like a Human-Driven Truck

Security Product Liability Protections Emerge

France passes new surveillance law in wake of Charlie Hebdo attack

Microsoft Launches Visual Studio Code, A Free Cross-Platform Code Editor For OS X, Linux And Windows

Sublime Text

Mad Max: Fury Road

Goodbye! We'll be back!

Direct download: 34.mp3
Category:Technology -- posted at: 8:51am CEST


Dai Davis

Jerry Gamblin

Kevin Williams

Leslie Forbes


Direct download: 44Con.mp3
Category:Technology -- posted at: 1:02am CEST

Intro / Outro The Guild: I'm the One That's Cool

Интервью с Евгением Цигикало, специалистом по сигнализации в сетях связи

Б.Гольтдштейн Сигнализация в сетях связи



Hackers Could Commandeer New Planes Through Passenger Wi-Fi

RSA Conference 2015

How Kaspersky makes you vulnerable to the FREAK attack and other ways Antivirus software lowers your HTTPS security

Hacker Implants NFC Chip In His Hand To Hack Android Phones


Twitter перевёл неамериканские аккаунты в ирландский дата-центр

Wi-Fi software security bug could leave Android, Windows, Linux open to attack

iOS bug sends iPhones into endless crash cycle when exposed to rogue Wi-Fi

Fukushima nuke plant owner told to upgrade from Windows XP

Hackers used a surprisingly simple method to access Tesla's website and Twitter account

«ПриватБанк» и «Ощадбанк» запускают в Украине BankID — систему верификации пользователя на госсайтах

Direct download: 33.mp3
Category:Technology -- posted at: 12:50am CEST

Intro / Outro Skylar Grey - White Suburban

FORTINET Security Day 2015


Introducing CSX skills-based CYBERsecurity training and performance-baced certifications

СТАЛЕВИЙ БУБЕН - IX (2015-04-04)

С Днем рождения, Владимир!

2015 Data Breach Investigations Report (pdf)

Risky Business #362

IBM to release 20 years worth of cyberthreat data 

IBM® X-Force Exchange 

Wikileaks Publishes Hacked Sony Emails, Documents

VeraCrypt 1.0f-2

French TV station TV5Monde hit by Islamic State hack

The 4 stages of crypto ransomware

Find it in twitter

Полиция Массачусетса заплатила выкуп в биткоинах, чтобы вернуть свои файлы

Q&A about malicious ransomware software

How the U.S. thinks Russians hacked the White House

66% devices patched Heartbleed but Most top corporates still Heartbleeding over the internet


What Your Passwords Say About Your Psychology

Direct download: 32.mp3
Category:Technology -- posted at: 4:23am CEST

Intro / Outro Origa - Inner Universe

С Днем рождения, Сергей Борисович!

С Днем рождения, Алиса и Боб!

Интервью с Виктором Жорой


Рекомендованные книги:

Момент истины

Крестный отец

Сталевий бубен

Fortinet Security Day 2015

Information Security Day 2015 доклады


Call for paper R0-Conf #3

PCI Recognizes PTES as a reference framework for Conducting Penetration Tests! (pdf)

Курс з основ інформаційної безпеки

2015 Social Security Blogger Awards

Cyberbullying Resource Center : For parents

Все, що ви написали у "Фейсбук", залишається там – Влодимир Стиран

TrueCrypt Security Audit (pdf)

This 'Killer USB' can make your Computer explode

Is your VirtualBox reading your E-Mail?

Rooting SIM cards

Кабмин разрешил НКРСИ проверить 4 телекомоператора, в том числе "МТС Украина" и "Киевстар"

China's attack against GitHub

App Submissions On Google Play Now Reviewed By Staff, Will Include Age-Based Ratings

Cisco recommends Adblock & Ghostery to combat malvertising

Cisco IP Phones Vulnerable To Remote Eavesdropping

How Hackers Could Delete Any YouTube Video With Just One Click

Federal Agents Accused of Stealing Bitcoins During Silk Road Investigation

OSINT Tools … Recommendations List

Stop using tail -f (mostly)

Direct download: 31.mp3
Category:Technology -- posted at: 3:17pm CEST

Intro: Кар - Мэн - Лондон гуд-бай

The Company Securing Your Internet Has Close Ties to Russian Spies

A practical guide to making up a sensation

H4cked off: Is Eugene Kaspersky 'in bed' (or the sauna) with the Russian government? Derr, of course he is

Exploiting the DRAM rowhammer bug to gain kernel privileges

The Rowhammer Bug

Risky Business #357 -- Mark Dowd talks Rowhammer

Black Box Can Brute Force Crack iPhone PIN Passcodes

New BIOS implant, vulnerability discovery tool to debut at CanSecWest

Mobile Android, iOS apps still vulnerable to FREAK attacks

RC4 must die

uTorrent Installs Bitcoin Miner

OpenSSL Audit

Webnic Registrar Blamed for Hijack of Lenovo

Bogus SSL certificate for Windows Live could allow man-in-the-middle hacks

Yahoo Mail launches on-demand passwords, end-to-end encryption coming by year's end

Yahoo exec goes mano a mano with NSA director over crypto backdoors

Adobe web services vulnerability disclosure program

Yahoo! pays $24,000 to Hacker for finding Security Vulnerabilities

Cyber terror test tasks hackers with saving London from hacked battleship

Banning Tor unwise and infeasible, MPs told

Drupal Patches Critical Password-Reset Vulnerability

GPG Suite Beta 6

Интервью с представителем департамента по борьбе с кибер. преступностью Украины Василием Гузием

Форма связи

Outro: Петр Сказкив - Буревій

Direct download: 30.mp3
Category:Technology -- posted at: 12:22am CEST

Intro/Outro: Etherwood - Begin By Letting Go

'FREAK' in Android and iOS

'FREAK' in Windows

Вопрос от слушателя по мотивам очередного pre-load in Android


Truecrypt audit

Dropbox Accesses All The Files in Your PC (Not Just Sync Folder) and Steals Everything

Dropbox Is Probably Not Stealing All Your Files

Seagate NAS Remote Code Execution Vulnerability

How the NSA’s Firmware Hacking Works

Gemalto Confirms It Was Hacked But Insists the NSA Didn’t Get Its Crypto Keys

How Hackers Abused Tor To Rob Blockchain, Steal Bitcoin, Target Private Email And Get Away With It

Github Hacking for fun and... sensitive data search!

Hillary Rodham Clinton and her emails

Spies Just by Watching Your Phone’s Power Use has been hacked

Google is More Protected from Unwanted Software

Cloud based web app security scanner released by GOOGLE

Most vulnerable operating systems and applications in 2014 

Blogger porn content policy

Internet is for PORN!!

Direct download: 29.mp3
Category:Technology -- posted at: 3:15am CEST

Intro/Outro: La Fouine - Controle Abusif

CTF движение в Украине и мире – интервью с Николаем Ильиным @MykolaIlin

Рейтинги команд CTF и успехи dcua

Популярность CTF-соревнований в Украине и мире

Принципы проведения CTF

Типы соревнований, тактика и стратегия участия в CTF

Для связи с Николаем используйте Twitter или пишите на

Ten Million (Logins and) Passwords


Online Check:

Lenovo caught installing adware on new computers

Кража миллиардов из 100 финансовых организаций по всему миру

Anunak vs Carbanak FAQ

Microsoft Pushes Patches for Dozens of Flaws

Bypassing Windows Security by modifying 1 Bit Only

Universal XSS in IE 11

NSA Planted Stuxnet-Type Malware Deep Within Hard Drive Firmware

Решили как-то за блогерами следить

но потом передумали

Рада ликвидировала Нацкомиссию по вопросам морали

Отчет об уязвимости моб.интернета от Positive Technologies (pdf)

The great SIM heist

SSL is officially declared dead

GnuPG 2.1.2 released

Facebook SCAM Alert: Get FREE $200 Amazon Gift Card!

Spat leads to partial leak of Rig Exploit Kit compromised by Chinese cyber spies targeting US firms

Direct download: 28.mp3
Category:Technology -- posted at: 1:54pm CEST

Intro/Outro: Mad Heads – Молода кров

GnuPG donations

Support Risky.Biz

GPG Tools

GPG encrypted loopback disks

Mofilla, Tor & Privacy

Anthem hack

World's Biggest Data Breaches infographic

The Pirate Bay & CloudFlare CDN

Tsarev & Kolomoyskiy


Kyivstar cell network blackout in Eastern Ukraine

SS7 security concerns

Had Russian blackhats pwned Sony?

Tech journalism in Ukraine

RetroShare Signal Silent Circle

Extradition aspects

Snare on MacOS X bootkitting

Cisco Annual Security Report

Source 114 vs Verizon Business. Who wins?

Fear the known: why AV companies publish security reports?

Binary Risk Analysis

2 factor authentication vs 2 step verification


Army cyber defenders open source code in new GitHub project

CERT-UA 2014 report

Direct download: 27.mp3
Category:Technology -- posted at: 4:28pm CEST


  1. Sony Hack

    1. Хронология событий

    2. Мнение Дейва Атила

    3. Сомнение в причастности Северной Кореи

    4. США подтвердило проведение мониторинга интернет активности Северной Кореи

  2. Lizard Kids атаковали Sony PlayStation и Microsoft xBox Networks


    2. Арест учасников и

  3. Взлом и приостановка биржи bitcoin



    3. Анализ курса биткоинта (с небольшим графиком) после приостановки биржи

  4. Атака на Tor


Direct download: 26.mp3
Category:general -- posted at: 5:39pm CEST