Securit13 Podcast

About this podcast
Первый украинский подкаст об информационной безопасности
Latest episodes
Feb. 4, 2018
BSides Kyiv 21.04.2018 https://securitybsides.org.ua/, cfp https://securitybsides.org.ua/#cfp Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs https://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ Security hole in AMD CPUs' hidden secure processor revealed ahead of patches https://www.theregister.co.uk/2018/01/06/amd_cpu_psp_flaw/ Attacking a co-hosted VM: A hacker, a hammer and two memory modules - This is Security :: by Stormshield https://www.theverge.com/platform/amp/2018/1/3/16844630/intel-processor-security-flaw-bug-kernel-windows-linux?__twitter_impression=true Intel Releases New Technology Specifications to Protect Against ROP attacks https://software.intel.com/en-us/blogs/2016/06/09/intel-release-new-technology-specifications-protect-rop-attacks A Simple Explanation of the Differences Between Meltdown and Spectre https://danielmiessler.com/blog/simple-explanation-difference-meltdown-spectre/ blizzard: agent rpc auth mechanism vulnerable to dns rebinding https://bugs.chromium.org/p/project-zero/issues/detail?id=1471&desc=2 https://twitter.com/secwrks/status/955554405364981761 I’m harvesting credit card numbers and passwords from your site. Here’s how. https://hackernoon.com/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5 Part 2: How to stop me harvesting credit card numbers and passwords from your site https://hackernoon.com/part-2-how-to-stop-me-harvesting-credit-card-numbers-and-passwords-from-your-site-844f739659b9 Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 Australia probes sale of secret papers in filing cabinets https://apnews.com/2897f5d8449c413796efe03b9202a1ca Strava's heatmap revealed military bases, but it also showed nothing is anonymous online http://www.abc.net.au/news/science/2018-02-04/strava-heatmap-online-anonymity-is-almost-impossible/9380326 Now even YouTube serves ads with CPU-draining cryptocurrency miners https://arstechnica.com/information-technology/2018/01/now-even-youtube-serves-ads-with-cpu-draining-cryptocurrency-miners/ Uber ignores security bug that makes its two-factor authentication useless http://www.zdnet.com/google-amp/article/uber-security-flaw-two-factor-login-bypass/ British hacker arrested for cyberattacks against Pokemon, Google, and Skype. https://www.scmagazine.com/british-hacker-arrested-for-selling-malware-and-launching-cyberattacks-against-pokemon-google-and-skype/article/738288/ Ay MaMi https://objective-see.com/blog/blog_0x26.html Hospital Pays $55K Ransomware Demand Despite Having Backups https://www.bleepingcomputer.com/news/security/hospital-pays-55k-ransomware-demand-despite-having-backups/ СБУ заблокувала розповсюдження в Україні шпигунського програмного забезпечення - https://ssu.gov.ua/ua/news/1/category/2/view/4273#.T1a7701Q.dpbs Satellite derived time and position blackett review https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/676675/satellite-derived-time-and-position-blackett-review.pdf Dutch agencies provide crucial intel about Russia's interference in US-elections https://www.volkskrant.nl/media/dutch-agencies-provide-crucial-intel-about-russia-s-interference-in-us-elections~a4561913/ Music - KEYGEN MUSIC ~ One hour mix https://www.youtube.com/watch?v=c17k4LfLkaE
Jan. 30, 2018
Эпизод 90.2 - Интервью с А.Семенякой (10.12.2017) К нам пришел Алекс и рассказал о критической инфраструктуре интернетов. Что это вообще такое и как с ней жить? Intro / Outro Clouds of Tenderness by Lobo Loco http://freemusicarchive.org/music/Lobo_Loco/BOB/Clouds_of_Tenderness_ID_792 Russian-controlled telecom hijacks financial services’ Internet traffic https://arstechnica.com/information-technology/2017/04/russian-controlled-telecom-hijacks-financial-services-internet-traffic/ Resource Certification (RPKI) https://www.ripe.net/manage-ips-and-asns/resource-management/certification The Resource Public Key Infrastructure (RPKI) to Router Protocol https://tools.ietf.org/html/rfc6810 BGPsec Protocol Specification https://tools.ietf.org/html/rfc8205 [ipv6-wg] Belgian limits on CGN/NAT? https://www.ripe.net/ripe/mail/archives/ipv6-wg/2016-November/003004.html Доклад по интернет-блокировкам на Генассамблее ООН: http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf, туда же заодно и http://www.ohchr.org/Documents/Issues/Opinion/A.66.290.pdf Доклад на ENOG, расшифровка в составе сессии: https://habrahabr.ru/company/qrator/blog/342846/ , презентация: https://www.enog.org/wp-content/uploads/presentations/enog-14/21-171010-Content-blocking-intro.key, https://www.enog.org/wp-content/uploads/presentations/enog-14/21-171010-Content-blocking-intro.pdf, запись выступления: https://youtu.be/4MhCXbjSox8 Москва — Пєтушкі by Венедикт Єрофєєв https://uk.wikipedia.org/wiki/Москва_—_Пєтушкі  http://www.moskva-petushki.ru/ Связаться с Алексеем можно по адресу [email protected] или https://www.facebook.com/alex.semenyaka
Jan. 30, 2018
Intro / Outro Sleepy in the Garden by Lobo Loco https://freemusicarchive.org/music/download/7b5af5facd7ab75f565ca518647fb28f56f1dc08 Malvertising https://en.wikipedia.org/wiki/Malvertising Malvertising: When Online Ads Attack (2015) https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/malvertising-when-online-ads-attack Juniper Acquires Cyphort (2015) https://www.cyphort.com/press-release/cyphort-labs-issues-special-report-on-the-rise-in-malvertising-cyber-attacks/ Malvertising and crypto threats have rocketed in 2017 https://www.htbridge.com/blog/malvertising-and-crypto-threats-have-rocketed-in-2017.html Malvertising Campaign Redirects Browsers To Terror Exploit Kit https://threatpost.com/malvertising-campaign-redirects-browsers-to-terror-exploit-kit/128596/ Malvertising on Equifax, TransUnion tied to third party script (updated) https://blog.malwarebytes.com/threat-analysis/2017/10/equifax-transunion-websites-push-fake-flash-player/ New Malvertising Campaign Exploits Home Routers, Changes DNS Servers https://www.pindrop.com/blog/new-malvertising-campaign-exploits-home-routers-changes-dns-entries/ Expired domain names and malvertising https://blog.malwarebytes.com/threat-analysis/2017/09/expired-domain-names-and-malvertising/ Russian Influence Reached 126 Million Through Facebook Alone https://www.nytimes.com/2017/10/30/technology/facebook-google-russia.html Facebook's Advertising Tools Complicate Efforts To Stop Russian Interference https://www.npr.org/sections/alltechconsidered/2017/10/30/560836775/facebooks-advertising-tools-complicate-efforts-to-stop-russian-interference Ad network takes steps to reduce fraud https://www.csoonline.com/article/3195998/security/ad-network-takes-steps-to-reduce-fraud.html Will Crypto Browser Mining Replace The Ad Industry https://www.cryptoglue.com/2017/09/22/will-crypto-browser-mining-replace-the-ad-industry/ For $1000, anyone can purchase online ads to track your location and app use http://www.washington.edu/news/2017/10/18/for-1000-anyone-can-purchase-online-ads-to-track-your-location-and-app-use/ I never signed up for this! Privacy implications of email tracking https://senglehardt.com/papers/pets18_email_tracking.pdf The Future of Ad Blocking: An Analytical Framework and New Techniques https://arxiv.org/pdf/1705.08568.pdf https://brave.com https://cliqz.com/en/ https://play.google.com/store/apps/details?id=edu.berkeley.icsi.haystack&hl=en https://recon.meddle.mobi https://play.google.com/store/apps/details?id=edu.cmu.mcom.ppa&hl=en https://fdvt.org
Jan. 18, 2018
Разговор с Владимиром Илибманом о полугодовом отчете Cisco, кроликах и статистике. Всегда актуально. Intro / Outro State of Mind by Audiobinger http://freemusicarchive.org/music/Audiobinger/~/State_of_Mind BadRabbit Technical Analysis https://www.endgame.com/blog/technical-blog/badrabbit-technical-analysis Звіт Cisco з інформаційної безпеки за перше півріччя 2017 року https://engage2demand.cisco.com/LP=7258 2016 Data Breach Investigations Report (pdf) http://www.verizonenterprise.com/resources/reports/rp_DBIR_2016_Report_en_xg.pdf The Black Swan by Nassim Nicholas Taleb https://www.amazon.com/Black-Swan-Improbable-Robustness-Fragility/dp/081297381X Связаться с Владимиром можно по адресу [email protected] или https://www.facebook.com/vladimir.ilibman
Dec. 31, 2017
Ми тут вирішили згадати найголосніші події року, що вже майже минув. Приєднуйтесь! Incident report on memory leak caused by Cloudflare parser bug https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ Vault 7: CIA Hacking Tools Revealed https://wikileaks.org/ciav7p1/ NSA-leaking Shadow Brokers just dumped its most damaging release yet https://arstechnica.com/information-technology/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/ Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/ New ransomware, old techniques: Petya adds worm capabilities https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/ The MeDoc Connection http://blog.talosintelligence.com/2017/07/the-medoc-connection.html Threat Spotlight: Follow the Bad Rabbit http://blog.talosintelligence.com/2017/10/bad-rabbit.html Equifax website hack exposes data for ~143 million US consumers https://arstechnica.com/information-technology/2017/09/equifax-website-hack-exposes-data-for-143-million-us-consumers/ We have broken SHA-1 in practice http://shattered.io/ ROCA: Vulnerable RSA Key Generation https://blog.rapid7.com/2017/10/25/roca-vulnerable-rsa-key-generation/ KRACK Attacks: Breaking WPA2 https://www.krackattacks.com/ Hackers Can Easily Hijack This Dildo Camera and Livestream the Inside of Your Vagina (Or Butt) https://motherboard.vice.com/en_us/article/53847a/camera-dildo-svakom-siime-eye-hacked-livestream MsMpEng: Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more. https://bugs.chromium.org/p/project-zero/issues/detail?id=1252&desc=5 Why 'blank' Gets You Root https://objective-see.com/blog/blog_0x24.html Thousand-dollar iPhone X's Face ID wrecked by '$150 3D-printed mask' https://www.theregister.co.uk/2017/11/13/iphone_x_face_id/ Блокування веб-русурсів в Україні МОН доручило вишам не користуватися сайтами з доменами “.ru” і “.ру” http://life.pravda.com.ua/society/2017/12/29/228234/ Мінінформ оприлюднить доповнення до списку заборонених сайтів http://www.pravda.com.ua/news/2017/12/29/7167028/ #FuckResponsibleDisclosure Sean Brian Townsend https://www.facebook.com/ruheight https://informnapalm.org/uca/ http://usa.mfa.gov.ua/ua/consular-affairs/services/passport Music - KEYGEN MUSIC ~ One hour mix https://www.youtube.com/watch?v=c17k4LfLkaE
Dec. 10, 2017
Самые громкие новости последних недель. Удивительное яблоко, #FuckResponsibleDisclosure, обновленно обещание от Джона и еще что-то. Не пропустите! 00:00:58 #FuckResponsibleDisclosure Sean Brian Townsend https://www.facebook.com/ruheight https://informnapalm.org/uca/ http://usa.mfa.gov.ua/ua/consular-affairs/services/passport 00:07:26 Apple и все все все Why 'blank' Gets You Root https://objective-see.com/blog/blog_0x24.html As Apple fixes macOS root password hole, here's what went wrong http://www.theregister.co.uk/2017/11/29/apple_macos_high_sierra_root_bug_patch/ https://forums.developer.apple.com/thread/79235 https://twitter.com/fristle/status/935670476214378496 Repair file sharing after Security Update 2017-001 for macOS High Sierra 10.13.1 https://support.apple.com/en-us/HT208317 MACOS UPDATE ACCIDENTALLY UNDOES APPLE'S "ROOT" BUG PATCH https://www.wired.com/story/macos-update-undoes-apple-root-bug-patch/ Thousand-dollar iPhone X's Face ID wrecked by '$150 3D-printed mask' https://www.theregister.co.uk/2017/11/13/iphone_x_face_id/ Zero-day iOS HomeKit vulnerability allowed remote access to smart accessories including locks, fix rolling out https://9to5mac.com/2017/12/07/homekit-vulnerability/ 00:12:50 John McAfee https://twitter.com/officialmcafee/status/935900326007328768/photo/1 Bitcoin Miner NiceHash Hacked, Possibly Losing $62 Million in Bitcoin https://www.darkreading.com/cloud/bitcoin-miner-nicehash-hacked-possibly-losing-$62-million-in-bitcoin/d/d-id/1330585 Сайт блокчейн-проекта Confido недоступен: все профили команды проекта оказались поддельными https://forklog.com/sajt-blokchejn-proekta-confido-nedostupen-vse-profili-komandy-proekta-okazalis-poddelnymi/ 00:15:17 CVE-2017-11937 | Microsoft releases an emergency update to fix a flaw in Malware Protection Engine http://securityaffairs.co/wordpress/66475/hacking/cve-2017-11937-malware-protection-engine.html 00:17:49 Uber Paid Hackers to Delete Stolen Data on 57 Million People https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data 00:18:28 Intel Management Engine pwned by buffer overflow https://www.theregister.co.uk/2017/12/06/intel_management_engine_pwned_by_buffer_overflow/ 00:18:52 Thousands of WordPress sites infected with a Keylogger and cryptocurrency miner scripts http://securityaffairs.co/wordpress/66432/hacking/keylogger.html Websites use your CPU to mine cryptocurrency even when you close your browser https://arstechnica.com/information-technology/2017/11/sneakier-more-persistent-drive-by-cryptomining-comes-to-a-browser-near-you/ 00:19:09 Android flaw lets attack code slip into signed apps https://www.theregister.co.uk/2017/12/08/android_flaw_lets_attack_code_slip_into_signed_apps/ 00:19:24 Mailsploit: It's 2017, and you can spoof the 'from' in email to fool filters http://www.theregister.co.uk/2017/12/06/mailsploit_email_spoofing_bug/ Music - KEYGEN MUSIC ~ One hour mix https://www.youtube.com/watch?v=c17k4LfLkaE
Nov. 13, 2017
Немного самых громких новостей последних недель вам в ленту. Тут и кролик, и Алиса, и сладкие истории на ночь. ROCA: Vulnerable RSA Key Generation https://blog.rapid7.com/2017/10/25/roca-vulnerable-rsa-key-generation/ Certificate expiry monitoring, KeyChest for HTTPS, TLS, Letsencrypt expiry and server status https://keychest.net/roca Estonia government locks down ID smartcards: Refresh or else https://www.theregister.co.uk/2017/11/03/estonian_e_id_lockdown/ Threat Spotlight: Follow the Bad Rabbit http://blog.talosintelligence.com/2017/10/bad-rabbit.html BadRabbit Technical Analysis https://www.endgame.com/blog/technical-blog/badrabbit-technical-analysis Bad Rabbit: Not-Petya is back with improved ransomware https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back/ The Shadow Internet – Comae Technologies https://blog.comae.io/the-shadow-internet-d42b7195a118 Fake WhatsApp app in official Google Play Store downloaded by over a million Android users http://securityaffairs.co/wordpress/65159/malware/fake-whatsapp-app.html Tor Project fixed TorMoil, a critical Tor Browser flaw that can leak users IP Address http://securityaffairs.co/wordpress/65168/hacking/tor-tormoil-vulnerability.html Oracle Security Alert CVE-2017-10151 http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10151-4016513.html Dangerous liaisons https://securelist.com/dangerous-liaisons/82803/ Equifax execs sold shares before mega-hack reveal. All above board – Equifax probe http://www.theregister.co.uk/2017/11/03/equifax_share_trade_investigation/   Music - KEYGEN MUSIC ~ One hour mix https://www.youtube.com/watch?v=c17k4LfLkaE
Nov. 2, 2017
И снова вместо 300 секунд наши неугомонные ведущие обсуждают новости и события. Присоединяйтесь! A new Mirai-Like IoT Botnet is growing in a new mysterious campaign http://securityaffairs.co/wordpress/64565/malware/new-iot-botnet-growing.html Google launched Google Play Security Reward bug bounty program to protect apps in Play Store http://securityaffairs.co/wordpress/64545/mobile-2/google-play-security-reward.html Equifax website borked again, this time to redirect to fake Flash update https://arstechnica.com/information-technology/2017/10/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update/?amp=1 New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock https://thehackernews.com/2017/10/android-ransomware-pin.html PUBLIC SECURITY ALERT: New Facebook attack - watch out for phishy messages that say you’re a “Trusted Contact” - Access Now https://www.accessnow.org/public-security-alert-new-facebook-attack/ KRACK Attacks: Breaking WPA2 https://www.krackattacks.com/ YouTube sin-bins account of KRACK WPA2 researcher https://www.theregister.co.uk/2017/10/19/youtube_krack_down/ Malware hidden in vid app is so nasty, victims should wipe their Macs https://www.theregister.co.uk/2017/10/20/mac_os_reinstall_eltima_elmedia_malware/ Music - KEYGEN MUSIC ~ One hour mix https://www.youtube.com/watch?v=c17k4LfLkaE
Oct. 23, 2017
Intro / Outro Art Of Escapism - The Sands of Windhoek http://freemusicarchive.org/music/Artofescapism/Midnight_Caravan/The_Sands_of_Windhoek В связи с повышением количества атак на цепь поставок (Supply chain), в том числе и обновления, программного обеспечения, наши ведушие Андрей, Алиса, Алексей и Тарас решили разобраться что же это такое и с чем его едят, рассмотреть примеры и варианты, а так же возможные пути защиты и предотвращения. Supply chain https://en.wikipedia.org/wiki/Supply_chain What Is a 'Supply Chain Attack?' https://motherboard.vice.com/en_us/article/d3y48v/what-is-a-supply-chain-attack CCleanup: A Vast Number of Machines at Risk http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html Java security plagued by crappy docs, complex APIs, bad advice https://www.theregister.co.uk/2017/09/29/java_security_plagued_stack_overflow/ Apple Mac fans told: Something smells EFI in your firmware https://www.theregister.co.uk/2017/09/29/mac_firmware_insecurity/ Reflections on Trusting Trust https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
Oct. 14, 2017
В качестве возвращения и начала нового сезона осень-зима 2017-2018, Андрей и Алиса кратенько прошлись по последним новостям Взлом сайтів в доменій зоні *.gov.ua та помилка у CERT-UA https://goo.gl/A6kJve 4G/5G Wireless Networks as Vulnerable as WiFi and putting SmartCities at Risk http://securityaffairs.co/wordpress/64098/hacking/4g5g-wireless-networks-flaws.html Microsoft silently fixes security holes in Windows 10 – dumps Win 7, 8 out in the cold https://www.theregister.co.uk/2017/10/06/researchers_say_windows_10_patches_punch_holes_in_older_versions/ FIN7 hacking group is switched to new techniques to evade detection http://securityaffairs.co/wordpress/64083/apt/fin7-new-techniques.html VPN logs helped unmask alleged 'net stalker, say feds http://www.theregister.co.uk/2017/10/08/vpn_logs_helped_unmask_alleged_net_stalker_say_feds/ Russian spies used Kaspersky AV to hack NSA staffer, swipe exploit code – new claim http://www.theregister.co.uk/2017/10/05/anonymous_report_russian_spies_used_kaspersky_lab_software_to_steal_nsa_secrets/ Sri Lanka police arrest two men over cyber theft at the Taiwan Bank http://securityaffairs.co/wordpress/64034/cyber-crime/taiwan-bank-cyber-heist.html Microsoft Cortana Can Now Read Your Skype Messages to Make Chat Smarter https://thehackernews.com/2017/10/cortana-for-skype.html Warning: Millions Of P0rnHub Users Hit With Malvertising Attack https://thehackernews.com/2017/10/online-malvertising-attack.html Disqus Hacked: More than 17.5 Million Users' Details Stolen in 2012 Breach https://thehackernews.com/2017/10/disqus-comment-system-hacked.html The iPhone's Constant Password Popups Are a Hacker's Dream https://motherboard.vice.com/en_us/article/ne7gxz/ios-iphone-password-phishing-app-popups Music - KEYGEN MUSIC ~ One hour mix https://www.youtube.com/watch?v=c17k4LfLkaE