SecuraBit

Before It Bytes!

SecuraBit Episode 60: Free Calamari!!!

SecuraBit  Episode 60: Free Calamari!!!

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Jason Mueller – @securabit_jay
Tim Krabec – @tkrabec http://www.SMBMinute.com

Guests:
Christopher Boyd (Sunbelt Software)
http://en.wikipedia.org/wiki/Christopher_Boyd
http://www.vitalsecurity.org/
http://sunbeltblog.blogspot.com/

General topics:
Chris speaks about how he got involved in the position he is in now.  He also got into how he basically social engineers and discusses his blog.

Dodgy Dr Who Games
Orkut Shenanigans
The Sunbelt Security Blog
Fun with Internet Trolls
How Drugs and Stabby Things Led to a Career in Security
Internet Kill Switch
Twitter Agrees to Data-Security Audits
HacKid –http://www.hackid.org/

Links:

FTC Requires Twitter To Set Up Data-Security Audits
http://news.yahoo.com/s/nf/20100624/tc_nf/74031

Make sure you are there for Sunbelt’s next quarterly briefing entitled “Turning the Tables on Bad Guys:  Malware Unmasked”.  It will be at 9am and again at 2pm on August 25th, 2010.  Register here!

Chat with us on IRC at irc.freenode.net #securabit

SecuraBit Episode 58: Forensic Goodness with Harlan Carvey

SecuraBit Episode 58: Forensic Goodness with Harlan Carvey

Hosts:

Anthony Gartner  @anthonygartner http://anthonygartner.com
Christopher Mills @thechrisam
Chris Gerling @chrisgerling
Aricon
Andrew Borel @andrew_secbit

Guests:
Harlan Carvey
http://windowsir.blogspot.com/
Tools:  http://tech.groups.yahoo.com/group/win4n6/

General topics:
Timeline creation
Regripper
Forensic trends
SIFT
Lance Mueller http://www.forensickb.com/

SecuraBit Episode 57: Doctor Cole, I Presume?

Hosts:
Anthony Gartner @anthonygartner http://anthonygartner.com
Christopher Mills @thechrisam
Chris Gerling @chrisgerling
Andrew Borel @andrew_secbitGuests:
Dr. Eric Cole, Ph.D. – @drericcoleGeneral topics:
Mr. Cole is teaching the upcoming SANS vLive! 501 course which starts on June 22.

We discussed VOIP security, or the lack thereof.
Signature based security solutions are going the way of the dinosaur, it’s all about behavior and dynamic detection, such as heuristics now.
How to protect your privacy online:
http://twitter.com/ChrisPirillo/status/13881888168Links:
http://www.sans.org/security-training/instructors_upcoming.php?id=34
http://www.securityhaven.com/Sunbelt Software Webinar: Thursday, May 27, 2010, 2PM – 3PM EDT
Quarterly Briefing: Turn the tables on Bad Guys: Malware Unmasked

The cyber threat landscape is constantly changing, and even with the most sophisticated security you’re never completely protected from attacks. As part of our mission to ‘keep the bad guys out’, SunbeltLabs presents in this webinar how we use our own sandbox technology to keep a step ahead.

Sunbelt Software’s Lead Security Analyst, Brian Jack and Malware Response Manager, Dodi Glenn will discuss the current threat landscape and dig deeper into some of the most dangerous and complicated threats out there.  During this briefing we will focus on two different types of threats: malicious PDFs and rogue antivirus applications. Learn how to gain an edge when protecting your enterprise.

Whether you are dealing with spear phishing or mass attacks, join us to see how to deploy the right tools and learn how to quickly analyze and unmask malware. New threats require new technologies and techniques to protect yourself and your organization.  Sign up now and turn the tables on the bad guys.

Chat with us on IRC at irc.freenode.net #securabit

SecuraBit Episode 54: Lions and Tigers and Banking Trojans, OH MY!

Sponsored by Sunbelt Software!  Creators of the Sunbelt Sandbox, for all your malware analysis needs!  Visit http://www.sunbeltsandbox.com for more details!

Hosts:
Anthony Gartner @anthonygartner http://anthonygartner.com
Christopher Mills @thechrisam
Chris Gerling @chrisgerling
Jason Mueller @securabit_jay
Andrew Borel @andrew_secbit

Guests:
Sean-Paul Correll – @lithium -http://www.PandaLabs.com
Threat researcher at Panda Security

According to the Panda Annual security report, 66% of all malware are trojans:

http://www.pandasecurity.com/img/enc/Annual_Report_Pandalabs_2009.pdf

Definition of a Banking Trojan.

Mariposa bot net take down:  http://pandalabs.pandasecurity.com/mariposa-botnet/

Virus Total Web:  http://www.virustotal.com/

Appeared at Security B-side in San Francisco
Playing with Fire – Live Demonstration of Today’s Most Dangerous Malware
http://www.ustream.tv/recorded/5143692

http://www.securitybsides.com/

Chat with us on IRC at irc.freenode.net #securabit

SecuraBit Episode 50: Interview with Rob Lee!

SecuraBit Episode 50: Interview with Rob Lee!

  • What is SANS vLive?
  • Forensics
  • DOD Cyber Crime
  • How the forensics classes are structured.
  • 508 course and how it’s changed. Divided up into essentials and then follow on courses. 6 total courses for all of the info.
  • APT – Advanced Persistant Threat
  • Q & A from the IRC

If you havent taken the Security 508 course yet we have an excellent opportunity for you!  Rob will be teaching the SEC508 (Forensics) course  via the SANS vLive! platform beginning 3/23/2010. Classes will occur  every Tuesday and Thursday until 4/29/2010 from 7-10PM EDT.

Chat with us on IRC at  irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Christopher Mills – @thechrisam
Chris Gerling – @chrisgerling
Jason Mueller – @securabit_jay
Andrew Borel – @andrew_secbit

Guests:
Rob Lee – @robtlee

Links:
http://phishme.com/
http://phishtank.com/

SecuraBit Episode 49: ConFoo.ca!

SecuraBit Episode 49:  ConFoo.ca!

Podcasters Meetup – http://www.podcastersmeetup.com/
ShmooCon – Saturday Evening @ 8PM

SANS Discount Code SB508 – Free GCFA attempt when using this link.

Philippe Gamache:
Day job is focused on secure programing, developer training and code audit.
About ConFoo.ca:
-New conference about web technology
-PHP Quebec Conference offshoot
-Get all the user groups in the Monteral area together to share information
-8 Separate tracks at the time

ShmooCon FireTalks

Escaping the clutches of The GOOG - http://www.securabit.com/2010/01/21/escaping-the-clutches-of-the-goog/

Hosts:
Anthony Gartner  @anthonygartner
Christopher Mills @thechrisam
Chris Gerling  @chrisgerling
Nicholas Berthaume – @aricon
Andrew Borel @andrew_secbit

Guests:
Philippe Gamache – ConFoo.ca – @SecureSymfony

Chat with us on IRC at irc.freenode.net #securabit

Links:
ConFoo.ca – http://www.confoo.ca/en

SecuraBit Episode 48: Shmoocon (The Big Cheese) and PhoneFactor!

Hosts:
Anthony Gartner  @anthonygartner
Christopher Mills @thechrisam
Jason Mueller – @securabit_jay
Chris Gerling  @chrisgerling

Guests:
Bruce Potter – Shmoocon – @gdead
Steve Dispensa – CTO and Co-founder of PhoneFactor - http://www.phonefactor.com/about/management-team/steve-dispensa/ @dispensa
Marsh Ray – PhoneFactor – @marshray

Recent goings on:
If you are going to DC3 CyberCrime Conference contact Jason Mueller (@securabit_jay) to meet up!
Sean Hausauer and David Shpritz join the crew!  Check out their blog postings!

First Guest – Bruce Potter – Shmoocon – @gdead

Logistics of putting on a conference.
New events!
Ticket sales process is constantly evolving.

Wardman Park in 1920’s:  http://www.shorpy.com/files/images/29398u.jpg
ShmooCon 2010 FireTalks:  http://www.novainfosecportal.com/2010/01/06/shmoocon-2010-firetalks/
Podcasters Meetup:  http://www.podcastersmeetup.com/

PhoneFactor:
How to fix SSL/TLS in software
The process of working with vendors to get a solution implemented.
Project Mogul

End:
Join us on January 27, 2010 when we speak with Phillipe Gaumeche about the ConFoo.Ca conference.
Chat with us on IRC at irc.freenode.net #securabit

Links:
Shmoocon – http://www.shmoocon.org/
PhoneFactor –http://www.phonefactor.com/

Not on the air:
Andrew Borel @andrew_secbit

SecuraBit Episode 47: Double Dutch!

Listen in as we interview 1Password and NetWitness!

Dave Teare – Co-Founder of 1Password
Agile Web Solutions’ 1 Password
http://agilewebsolutions.com/products/1Password
Q’s
What was the motivation to create 1Password?
There are two key chain types that are used.  Why the switch to the other one?
When will we be able to sync across the iphone cord? (Edge/3G) 8.02.11 BGA type
Are there plans to port 1Password to Win/Lin platforms? 1password Anywhere?
Is there a way to import from other password managers? CSV format
what is the difference between the 1password pro and the touch pro?
http://help.agile.ws/1Password_touch/pro_vs_standard.html
What is the diffrence between 1Password and 1Password Pro?
Who actually maintains the twitter account?
Find out more at http://get1password.com

NetWitness – Eddie Schwartz
http://www.netwitness.com/
Q’s
How long have you been with NetWitness?
http://download.netwitness.com/
http://download.netwitness.com/download.php?src=DIRECT
Google Earth integration – Very Cool!!
What OS will the free or paid version work on and will it work from within a VM?
What does netwitness do at the layer 7 level?

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Christopher Mills – @thechrisam
Jason Mueller – @securabit_jay
Andrew Borel – @andrew_secbit

Guests:
Dave Teare – 1Password
Eddie Schwartz – Netwitness

SecuraBit Episode 44: Dennis Hurst and Movember!

SecuraBit Episode 44

Guest Interview:
Dennis Hurst, Senior Application Security Architect at HP Software &
Solutions and a founding member of the Cloud Security Alliance

Discussion of security and Agile development.

Scaling agile requires feedback mechanisms and strong visibility
http://h71028.www7.hp.com/enterprise/us/en/messaging/feature-software-scale-agile.html

HP Application Security Center
http://www.hp.com/go/stophackers

Cloud Security Alliance
http://cloudsecurityalliance.org

Movember:  Chris Gerling and Andrew Borel represent SecuraBit!
http://us.movember.com/mospace/99916 (Chris)
http://us.movember.com/mospace/361416/ (Andrew)

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner  @anthonygartner
Chris Gerling @chrisgerling
Christopher Mills @thechrisam
Andrew Borel  @andrew_secbit

Guest:
Dennis Hurst

Links:
Movember – http://us.movember.com/
Donate to Security Podcasters Alliance – https://www.movember.com/us/donate/your-details/team_id/997
Security podcasters get hairy for charity – http://www.securecomputing.net.au/News/159403,security-podcasters-get-hairy-for-charity.aspx

SecuraBit Episode 43: The Academy Pro

SecuraBit Episode 43 The Academy Pro

Guest Interview: Peter Giannoulis of The Academy Pro

Metasploit Rising

http://blog.metasploit.com/2009/10/metasploit-rising.html

WordPress 2.8.5: Hardening Release
http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/

Blubrry PowerPress Podcasting Plugin for WordPress
http://www.blubrry.com/powerpress/

Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks http://www.wired.com/threatlevel/2009/10/time-warner-cable/

Google Voice voicemails appearing in public search results
http://www.engadget.com/2009/10/19/google-voice-voicemails-appearing-in-public-search-results/

TweetDeck
http://www.tweetdeck.com/beta/

Porn, CSS History Hacking, User Recon and Blackmail
http://ha.ckers.org/blog/20091021/porn-css-history-hacking-user-recon-and-blackmail/

Windows 7
http://www.microsoft.com/windows/

Magic Mouse
http://www.apple.com/magicmouse/

Quick Shell Script to Extract Contents
http://pinowudi.blogspot.com/2009/10/quick-shell-script-to-extract-contents.html

Join us in IRC at irc.freenode.net #securabit

Hosts:
Anthony Gartner – @anthonygartner
Chris Gerling  – @chrisgerling
Christopher Mills – @thechrisam
Andrew Borel – @andrew_secbit

Guest:
Peter Giannoulis

Links:
The Academy Pro – http://www.theacademypro.com/
The Academy Home –http://www.theacademyhome.com/

Don’t forget to listen to the end of the show for the guest appearances by both Kermit the Frog and Sean Connery