Mostly Security

  • Author: Vários
  • Narrator: Vários
  • Publisher: Podcast
  • Duration: 226:57:20
  • More information

Informações:

Synopsis

Jon and Eric have worked in the security space as developers, architects and leaders for more years than they care to count. At some point Jon said, "we should do a podcast", and here we are. From commentary on current events to random musings, they chat (mostly) about security and technology topics. However, life is more than just the day job. From beekeeping adventures to hiking mountains to shows on Netflix, there's always something fun to wrap up the show.

Episodes

  • 152: A/Bee Testing

    06/11/2020 Duration: 42min

    Eric has a covid scare (and cake!). Jon preps garden for next year. Zerologon and (not much) hospital followup, DoJ seizes domains, and Mattel discloses ransomware attack in SEC filing. REvil interview allegedly describes internals of ransomware as a service. For fun, we have What the Golf?, reconnecting with distant friends, and training a magpie to exchange bottle caps for peanuts. 0:00 - Intro 7:27 - Garden Beds 14:10 - Zerologon Followup 14:51 - No News is Good News 16:55 - Domain Seizure 20:02 - Mattel Ransomware Attack 22:59 - REvil Interview 30:11 - What the Golf? 35:31 - Voyager 2 Re-contact 39:07 - Peanuts for Bottle Caps 41:14 - Mark Rober Squirrel Course

  • 151: Strap Some Rockets To It

    30/10/2020 Duration: 44min

    Jon does yard work, Eric muses about holiday light displays. Mutant Bacterial Enzyme followup and Election Phishing (is the election over yet)? Details on potential ransomware attacks on US Health Care infrastructure. Eric chats about a very expensive rock and faster than light travel, Jon mentions murder hornets and fills us in on Lise Meitner. 0:00 - Intro 11:27 - Mutant Bacterial Enzyme 15:36 - Election Phishing 20:12 - Health Care Ransomware 21:41 - Krebs On Ransomware 24:44 - CISA Ransomare Publication 28:55 - Psyche the Asteroid 31:20 - Faster than Light Travel 36:09 - Murder Hornets 40:08 - Who is Lise Meitner?

  • 150: Stepped On By Dinosaurs

    23/10/2020 Duration: 44min

    Everyone go Vote! Winter (rain) is coming to Oregon, gotta get those chores done. Venice dodges the flood again, and Dickeys is breached. Chrome has a zero day, Google kills Nest Secure (and many other products), and phishing and exfiltration using legit services. For fun, did we mention you should vote? Also an uncrushable beetle and an Asteroid Smack Down. 0:00 - Intro 4:59 - Chainsawing 8:15 - Oregon Vote By Mail 14:18 - Venice, Again 15:19 - Dickeys 16:42 - Chrome Zero Day 20:06 - Nest Secure No More 23:17 - Products Killed By Google 26:27 - Phishing With Native Services 31:38 - Vote, please! 35:16 - Uncrushable 39:29 - Asteroid Pickup

  • 149: Something Worth Doing

    16/10/2020 Duration: 43min

    Some Covid Phishing and Microsoft takes TrickBot to court. McAfee releases details on an Azure bug bounty and donates the proceeds to charity. Eric votes for David Attenborough and Jon votes for Generative Adversarial Network Art. #VOTE 0:00 - Intro 12:19 - Venice - 24 hours later 13:43 - FinFisher Raid 15:42 - Phishing the President's Covid 18:47 - Microsoft v TrickBot 22:40 - Prisoner of Azure-kaban 33:06 - Donating to Charity 33:32 - David Attenborough 37:39 - GANksy

  • 148: Anything Qualifies As Physics

    10/10/2020 Duration: 58min

    Jon Paints and Eric Hikes. Calories anyone? Typosquatting followup, zerologon is multiplatform, and who doesn't like SPACE! Four! Point! Oh! Please Vote, and were you aware IAM is difficult? For fun we have Venice barriers, punk Astley, Twinkie Fungi, Nobel Prizes, and gene splicing. Please leave us a review! 0:00 - Intro 1:39 - Painting 6:15 - Elk Mountain 13:37 - Olive Garden 16:14 - Typosquatting Packages 19:37 - Something Phishy 19:52 - Samba Zerologon 23:31 - Space 4.0 (part 1) 27:25 - Space 4.0 (part 2) 30:54 - VOTE! 32:43 - Enter the Vault 45:48 - Venice Barriers 49:39 - Punk Astley 50:31 - Twinkies Are(n't) Forever 52:40 - Nobel Prizes 55:43 - Bring Me A Gene 57:51 - Link To Review

  • 147: Isn't that called a Vending Machine?

    02/10/2020 Duration: 49min

    Jon patches his QNAP, Eric follows coffee maker firmware shenanigans. There's a 9-1-1 outage and a deconstructed Mac Spyware app. Ring makes a camera drone to fly around the inside of your house and Civilization is on the Subscription Bandwagon. 0:00 - Intro 7:26 - Meatless Mark Rober 13:43 - QNAP Ransomware 17:32 - Coffee Maker Ransomware 25:09 - 911 Outage 33:23 - Deconstructing a Mac App 41:07 - Ring Camera Drone 46:38 - Civilization Frontier Pass

  • 146: Too Tipsy

    26/09/2020 Duration: 58min

    Nice to breathe again, 3d printing fun, and concrete adventures. Directive to patch Zerologon, Russia bans ESNI, and did you know octal is a valid IP representation? Strava shows personal info to strangers, and Germany sees the first potential death due to a ransomware attack. For fun, you can fly Serenity, calculate the speed of light with a chocolate bar, code in Swift on Windows, and listen to Timber Wars. (will anyone notice if I *don't* put images into the metadata??) 0:00 - Intro 20:51 - Zerologon Patch Directive 22:20 - Russia Bans ESNI 25:54 - Other IP Encodings 34:54 - Strava Exposure 41:20 - Ransomware Death 45:51 - Fly Serenity 48:56 - Microwave and Chocolate 51:25 - Swift on Windows 53:14 - Timber Wars Podcast

  • 145: Got Barnacled Up

    18/09/2020 Duration: 47min

    No Mt. St. Helens for Eric, but bonus honey for Jon. GitHub drops passwords for cloning, Jon remembers a two year old underwater datacenter. More reminders about Disinformation and "Game Over" if you don't patch your servers. Eric's something fun isn't all that fun, then he stomps on Jon's fun. Jon gets excited about Library of Congress tech. 0:00 - Intro 12:40 - GitHub Passwords? 15:10 - Project Natick 20:29 - Disinformation Information 26:26 - ZeroLogon Attack 33:34 - Going to the Movies? No. 39:17 - Biomarking Bees 42:16 - Library of Congress Tech

  • 144: Now You Have A Birdsicle

    12/09/2020 Duration: 41min

    Wildfires are consuming the west coast -- including Oregon; Eric repurposes railing for a fence, Hartford schools and Pakistan's largest power company hit by ransomware. For fun Eric has a FrozenBird and Mario Cart Live, and Jon brings the board game Karmaka. 0:00 - Intro 11:23 - Building A Fence 14:57 - School Ransomware 18:01 - Pakistan Ransomware 20:46 - Mcafee Netwalker 27:33 - Birdsicle 30:28 - Mario Cart Live 32:54 - Karmaka

  • 143: Steepled Finger Tap

    04/09/2020 Duration: 49min

    Warning: This episode is rife with cliches. Eric's getting a new deck. Jon weeds and fences. Googling GitHub is now a thing. Apple notarizes a bad app. "Good" email names are more trouble than they're worth, and MoFi gets a 6 out of 10. Eric steals his something fun and Jon 1-ups that with a new 3d printer and an Umbrella Academy. 0:00 - Intro 12:06 - Medical data leaked on GitHub 15:33 - Apple notarization is not App Review 20:42 - Email Hijinks 27:29 - myrealbox.com 30:16 - MoFi gets 6/10 38:26 - AR Copy Paste 41:41 - New Photon Mono X 4k 47:16 - The Umbrella Academy

  • 142: Not A True Viking

    29/08/2020 Duration: 44min

    Jon harvests honey and Eric's on another road trip. "A Nevada Company" is Tesla, US Gov warns of the "BeagleBoyz", Bridgefy isn't secure, and an Ad Click Stealer. For fun Eric likes the Microsoft Flight Simulator (and the glitches), and Jon recommends an old fashioned (and fantastic) blog: honeybeesuite.com. 0:00 - Intro 3:43 - Honey Harvest 8:41 - "A Nevada Company" 12:14 - Hint: It's Tesla 13:38 - BeagleBoyz and FASTCash 21:07 - Bridgefy App 28:08 - Ad Library Click Stealer 35:16 - Microsoft Flight Simulator 40:22 - Honeybeesuite.com

  • 141: Time is Stretchy

    21/08/2020 Duration: 49min

    Time behaves differently for Jon and Eric. More data leaked as ATMs give out "free" cash. A cruise line gets hit with ransomware and Jon explains Hooking (not that kind!) while Eric reviews shooting lasers at the moon and Jon clones keys from sound. 0:00 - Intro 16:02 - Insta, TikTok & YouTube 18:33 - ATM Banking Ooops 22:06 - Cruise Line Ransomware 26:10 - EDR Hooking 36:13 - Shooting Lasers at the Moon 40:32 - Rocket men 42:49 - Cloning keys from sound

  • 140: Cassette Tape

    15/08/2020 Duration: 47min

    Paper Wasps vs. Yellowjackets, and a bit of a Cow Adventure. Tons of subreddits defaced, China begins blocking TLS 1.3, an LTE vulnerability in ReVoLTE, and statistics about Incident Responses. Eric likes automatic decryption in Ciphey, and Jon has trouble picking something fun: a sudoku ML tutorial, an immunology article, and a retro gaming cassette. 0:00 - Intro 2:22 - Paper Wasps Vs Yellowjackets 13:38 - Reddit Defacement 15:37 - China Blocking TLS 1.3 18:55 - ReVoLTE 24:33 - Incident Response Report 34:59 - Ciphey 38:30 - Solving Sudoku Tutorial 40:05 - Immunology != Intuitive 42:36 - Tape Loader

  • 139: Add an "Ugh"

    08/08/2020 Duration: 49min

    Eric is half way to becoming Spiderman. Jon rebuilds a carburetor. Twitter and Zoom followup. Disinformation and Phishing. Insulin Pump Hacks and stuff neither Eric nor Jon understands. (Yet!) Eric makes YARPSF (yet aother raspberry pi something fun) and Jon gets into the physics of time machines, pickles and sadness. 0:00 - Intro 12:56 - Twitter 16:11 - Zoom 20:33 - Disinformation 24:32 - Phishing 28:26 - Insulin Pump 37:04 - OpenAPS 37:17 - Page Protection Layer 43:34 - Watched Pot 46:06 - Pickles and Sadness

  • 138: There and Back Again

    01/08/2020 Duration: 57min

    Eric takes Stormlight on the road, Jon tries to change the oil, and the pickles are coming out just fine. Substack epitomizes irony by violating privacy in a privacy policy update, and a tiny bit more info in the Twitter breach. Nintendo game source leak exploration, GDPR complaints, and a PDF Shadow Attack. For fun, Eric brings another Pi project for monitoring power, and Jon likes the Way of Kings kickstarter. 0:00 - Intro 16:15 - Substack Irony 19:22 - Twitter Breach 22:16 - Sudo Make Me A Sandwich 23:50 - Nintendo Leak 31:12 - GDPR Complaint 35:20 - Out of Control 39:46 - PDF Shadow Attack 48:20 - Pi Power Monitoring 50:14 - Right Hand Rule 53:12 - Way Of Kings Kickstarter

  • 137: Setting Fire to Things

    25/07/2020 Duration: 51min

    Intro segue goodness, and, how to phrase it, largely home ec pickle talk - because Jon eats sandwiches (a lot). Some twitter followup, a well documented Twilio breach and Apple tries to roll out its Security Research Device program to much rejoicing (that's a reference). Fast Chargers can be bad and a genealogy hack for lulz. Eric appreciates that the Beavers Have Won and Jon digs Task Manager pixels, both fake and real. 0:00 - Intro 0:59 - Black Lives Matter 8:07 - Making Pickles 17:17 - Twitter Followup 20:18 - Twilio Breach 24:39 - Apple SRD Program 30:55 - BadPower Fast Chargers 35:45 - GEDmatch and MyHeritage 44:05 - Those Damming Beavers 47:21 - Task Manager DOOM (fake) 48:32 - Bad Apple Task Manager (real)

  • 136: I Like Starting Projects

    18/07/2020 Duration: 52min

    Go see NEOWISE while you can! Eric's almost got his microscope built, and Jon can't pass a hardware store. An open source password manager, more dark web prices, and an Unc0ver followup. A bad vuln (SIGRed) in Windows DNS, a massive Twitter compromise, and an Indian social app (Chingari) lack-of-authentication. For fun Eric's going to build a Pi Sniffer, and Jon brings back track separation with machine learning. 0:00 - Intro 6:44 - NEOWISE 12:04 - passbolt 16:29 - Dark Web Price Index 18:40 - Unc0ver Followup 24:28 - SIGRed 29:19 - Twitter Hacked 37:28 - Chingari Vulnerability 42:53 - Pi Sniffer 47:20 - Algoriddim

  • 135: Fit for a Viking

    11/07/2020 Duration: 45min

    Jon and Eric talk about their July 4th Activities. There's a Tsunami coming and not the billions of passwords on the dark web. Watch your DNS and BIG-IP. New Far Side, a CyberForge and a codec that makes Jon happy. 0:00 - Intro - 4th of July Events 14:44 - Tsunami Coming 16:50 - Billions Of Passwords 23:23 - Azure Takeovers 31:03 - BIG-IP 35:32 - The New Far Side 38:33 - CyberForge 41:18 - H.266

  • 134: Fingerprintability

    03/07/2020 Duration: 49min

    Eric goes to the beach for a change of scenery, while Jon shovels manure on his PTO. Local governments are hit with a MageCart attack, and a whole lot of discussion about Safari -- what isn't coming, what's been taken away, and what's new in the next version. A few other WWDC announcements like Apple Silicon. Eric's building his new 3D printer, and Jon's making Jam and watching videos (not at the same time). 0:00 - Intro 10:44 - Magecart Follow Up 13:26 - Safari Declined APIs 21:38 - Safari 14 New Features 28:58 - SMS OTP Standard Discussion 32:00 - WWDC Other Announcements 33:59 - Jon Bitcode Conspiracy 42:06 - Prusa 45:34 - Raspberry Jam 46:57 - Developer App

  • 133: I don't know if it's placebo

    26/06/2020 Duration: 43min

    Father's Day ramblings, more magecart madness, and setup your MFA before the bad guys do it for you. Safe Browsing bug and printers exposing themselves. A rickroll, a basketball, and Smallville. 0:00 - Intro 8:15 - More Magecart Madness 12:58 - MFA Or Crooks Will 20:28 - Face ID for Safari 21:22 - Face ID and Touch ID WWDC Video 23:47 - Safe Browsing Oops 29:47 - Printers on the Internet 34:14 - Jello + Shredder 35:10 - Jello + Shredder, actual 36:43 - Basketball with an Excavator 37:47 - Smallville

page 10 from 17