Episode 80 – Winners and Losers

Fresh from SOURCE Boston Josh, Bob, and Martin pick up a discussion that started at the conference...

We hope you enjoy!

Martin and Yvette take a quick look at some news from this week, review SOURCE Boston (awesome con, by the way), and give major props to BSides Chicago...

The Stories:

VMWare Source Code Doxed...but don't worry.

http://www.cio.com/article/705108/VMware_Source_Code_Stolen_Impact_Unclear?source=CIONLE_nlt_infosec_2012-04-27

Who's protecting your critical infrastructure?  Why Neo and Trinity are, dude!

http://www.newscientist.com/article/dn21756-bullet-time-to-stop-cyber-attacks-on-power-grids.html

Review of an awesome talk given at SOURCE Boston about making Blue Teams better...

http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/232900905/security-teams-need-better-intel-more-offense.html

The Shout Outs:

SOURCE Boston - you should go.  Really.  It's awesome.

http://www.sourceconference.com/boston/

BSides Chicago....ya done good, folks.

http://h30499.www3.hp.com/t5/Following-the-White-Rabbit/Missing-Opportunities-Making-things-worse-by-asking-all-the/bc-p/5640879#M932

http://securitymoey.com/bsideschicago-2012-career-panel/

http://www.jemurai.com/2012/04/bsides-chicago-2012/

Remember to send your contest entries to SFSPodcastContest@gmail.com!

Andy Willingham makes his triumphant return to the Southern Fried Security Podcast after his sabbatical.

We're also joined by friend-of-the-podcast Jamie Arlen AKA @myrcurial to talk about these stories...

Mac Malware: Sign of the End Times?

http://threatpost.com/en_us/blogs/new-mac-malware-sabpub-used-targeted-attacks-041612

The Chinese done did the Cyber-APT!

http://www.thetechherald.com/articles/China-blamed-for-RSA-attack-during-Armed-Services-hearing/16455/

Monitoring, without responding, is simply Log Aggregation.

http://www.darkreading.com/security-monitoring/167901086/security/security-management/232900312/is-monitoring-the-new-must-have-of-security.html

As mentioned you can win one or more BSides-Las Vegas passes by answering, in 200 words or less, what you would say to your CEO if asked "What does your department do and what should we invest in to make things better?"

Send your entry to sfspodcastcontest@gmail.com!

This evening, the gang is all here! Martin, Joseph, Steve, and Yvette all jump on to talk about some new and exciting breach type stories.

First, we talked about our first credit card payment processor breach since Heartland, Global Payment Systems.

http://krebsonsecurity.com/2012/04/global-payments-1-5mm-cards-exported/

http://www.darkreading.com/security/privacy/232800063/global-payment-systems-compromised-in-massive-breach.html

And if we're talking breaches, we had to talk about this year's Verizon DBIR:

http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Martin and Steve are joined by Michelle Klinger to talk about stories as well as the talk Martin and she are giving at SOURCE Boston...

The Stories...

An Anonymous OS...

    http://www.thetechherald.com/articles/Anonymous-announces-a-new-somewhat-official-OS/16427/

Microsoft exploit code gets released...and could go after millions of machines

    http://www.informationweek.com/news/security/app-security/232602800

    http://threatpost.com/en_us/blogs/researcher-says-5-million-machines-exposing-rdp-service-online-031912

The FBI can't unlock an Android phone....Oh, dear.

    http://www.wired.com/threatlevel/2012/03/fbi-android-phone-lock/

As always you can follow the podcast twitter feed at @SFSPodcast...

Tonight, it's just Martin and Joseph, and they're hitting some of the breaking news of the evening. First, they talk about the Security Bloggers Meetup from RSA, and props to all the winners and nominees:

http://www.ashimmy.com/2012/03/social-security-blogger-award-winners.html

Then, we get in to the real meat of the show tonight: Sabu and the FBI arrests:

http://www.fbi.gov/newyork/press-releases/2012/six-hackers-in-the-united-states-and-abroad-charged-for-crimes-affecting-over-one-million-victims

http://erratasec.blogspot.com/2012/03/notes-on-sabu-arrest.html

To close out, we brought up some fun news for this summer: BSidesLasVegas2012 is offering mentorship for those who want to break in to the security speaking "circuit". Check that out here:

http://www.securitybsides.com/w/page/51614272/BSidesLV%202012

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Tonight, we announce ourselves a new member: Yvette Johnson! (@jetsetyvette on twitter) She's going to bring a softer side to the podcast. So of course, we picked us two stories on opposite ends of the spectrum to get her started.

First, we had us a story of folks doing it right: Liquidmatrix. Read this entire article. Seriously. Now do it again. A fantastic article, we had nothing but good things to say about it.

http://www.liquidmatrix.org/blog/2012/02/21/we-are-losing/

On the very opposite end of the spectrum, an article from Forbes. A textbook example of FUD marketing. (For prior reading, check out this article for a little background: http://www.loglogic.com/blog/what-does-s-stand )

http://www.forbes.com/sites/petercohan/2012/02/17/loglogic-helps-ceos-sleep-at-night/

As always, you can find the podcast here or on iTunes: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Tonight it's just Martin and Joseph, so we decided to hit some of the hard hitting topics of the last week:

First, we talk about a fantastic article from Dark Reading about "Do you need a Security Operations Center":

http://www.darkreading.com/security-monitoring/167901086/security/perimeter-security/232500661/do-you-need-a-security-operations-center.html

Then, we get warmed up for our rants of the evening with Steve's article about the VeriSign disclosures, or lack thereof:

http://www.thetechherald.com/articles/VeriSign-left-executives-and-the-public-in-the-dark-about-breaches/16168/

And finally, we get to a nigh-impenetrable blog post from Trustwave, talking about why they issued a Certificate Authority to a private organization:

http://blog.spiderlabs.com/2012/02/clarifying-the-trustwave-ca-policy-update.html

We wrap up with a nice wrap-up of Shmoocon from Martin, and announcements about SOURCE Conference.

As always, you can find the podcast here: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Nick Selby, of the Police Led Intelligence blog, takes some time from our future while he's in Singapore to talk with Martin about just converged security, incident response, APT (APT!!??), and who won the Super Bowl.