Sep 072013


We’re in rare form today. A lot of fun sprinkled with the occasional good nugget of information security news and discussion.

Show Notes:

InfoSec News Update –

  • New OSX Metasploit Module or Time is not on your Side! – Link
  • If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the “admin group”), and the user has ever run the “sudo” command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970.

  • Communication is key – Link
  • Hacking Fantasy Football – Link
  • China Shifts to newer Exploits – Link
  • Now that folks are patching CVE-2012-0158

  • FTC smacks Internet-Connected home security cameras – Link
  • CSRF Protection wiithout nonce or random tokens – Link
  • British Parliament loves them some Pr0n! – Link
  • Samsung adding security to Android – Link
  • Gartner pushing SAST & DAST T together – Link
  • The blog is old, but this years Magic Quadrant has them merged into a
    single report. Is this a good or bad thing?

  • HouSecCon Update! – Link

Discussion Topic –

  1. 10 Golden Rules of the Outstanding CISO – Link

Music Notes: Special Thanks to the guys at RivetHead for use of their tracks –

  • Intro – Stay Alive – Rivethead
  • Segment 1 – Synchroncity II – RivetHead
  • Segment 2 – Deaf Ears – RivetHead
  • Outro – Zero Gravity – RivetHead

Link to MP3

Sorry, the comment form is closed at this time.