Thursday, March 02, 2006

 

Hack Media: Security podcasts

Hack Media: Security podcasts:

Here are some security podcasts from the last week. Feel free to suggest additional ones. There is never a shortage of podcasts on the internet, about the internet.





Security Catalyst 19 The Secrets of Risk Management (With Ron
Woerner) 25:33 SC was suggested last week by sometimes co-host [matt yoder].
It’s a nice interview with Woerner about his experience implementing a risk management program at a large company. I
was happy to hear about several upcoming security conventions in Omaha (i.e. ones I don’t have to fly to). Michael
Santarcangelo does a great job hosting too.




Security Now! #28 Listener Feedback Q&A #4 40:24 [sentinel]
corrected me last week; the ARP spoofing show is next week. This episode does maintain some interest because it is
structured by listener questions. Leo mentions that he might make his OPML file public since he tracks about 50 sites.
I was thinking about doing this. I’ve currently got about 160 sites in Bloglines (I
trim the fat from time to time). It’s certainly no comparison to the 500+ monster that the Engadget writers
maintain.




PaulDotCom Security Weekly -
Episode 16 51:18 was suggested by co-host [Larry Pesce]. This is a pretty fun group podcast. They mentioned a
favorite quote by Geer at ShmooCon, “We need security because at any moment the bad guys are only 150ms away; just ping
China”. They also pointed out that there is a GPL version of the Spinning
Cube of Potential Doom.




CyberSpeak Feb 25 72:08 Lots of
interesting stuff coming from the feds. It starts with Mike Younger discussing some of the problems in validating email
since Outlook and Lotus Notes both let you edit messages you’ve already received and ones you’ve already sent. They
point out a nice deny hosts script
to prevent brute force dictionary attacks. Check the entry’s comments for other solutions. They also mentioned that
you should check for firmware updates for your firewire write-blocking devices if you want to read the HPA of a drive.
The LiveAmmo podcast from last week specifically stated that you should avoid USB and Firewire write-block devices
because they might not be able to access HPA.




LiveAmmo: Digital
Forensics and Hacking Investigations, Part 3 46:12 is not nearly as dry as it was the previous weeks. It covers the
data collection process and what sort of slip-ups might happen. They suggest reading NIST Special Publication 800-61:
Computer Security Incident Handling Guide.




SploitCast #007 44:01 As promised last week, this
is an interview with Lance James. This is my favorite podcast of the bunch this week. Lance covers many of the
techniques that phishers are using. They’ve been going so far as do distributed hosting of their phishing websites on
0wned computers. Lance also talks about the server-side tools he has been developing to fight malware. The burden is
being placed on the server since you can’t expect the users to keep themselves safe.




Blue Box #17 41:00 Another week, another
excellent VoIP security podcast.




I promised my friends Cara and Brigitte that I would promote their podcast
Catty Girls Discuss” hosted by the local paper. I hadn’t heard
it at that point, but the title kinda gives it away. Here are the highlights from the first show: 10:00 they realize
they’ve run out of topics, 15:00 they realize they’ve run out of topics, 20:00 they realize they’ve run out of topics.
No, it’s not really that bad and can be pretty funny. Direct links to episode
one and
two.




Permalink'|'Email this'|'Linking'Blogs'|'Comments
© 2006 Weblogs, Inc.




(Via hack a day.)


# posted by Khaled A. @ 6:38 PM
Comments: Post a Comment



<< Home

This page is powered by Blogger. Isn't yours?