Claim OwnershipCyDefe
Subscribed: 473Played: 164
Subscribe
Description
CYDEFE CYCast is a network security podcast that breaks down network security and cyber security news to help everyday users.
31 Episodes
Reverse
1We are back after a very long break due to work. In this episode we have brand new intro music, discuss the yahoo hack and a apache tomcat vulnerability, and record in the same room for the first time in 2.5 years.
Show Notes:Have I been pwned?: https://haveibeenpwned.com/Apache misconfiguration: Below are examples of misconfigurtions in the web.xml file.<init-param>
<param-name>readonly</param-name>
<param-value>false</param-value>
</init-param>orIs this context "read only", so HTTP commands like PUT and DELETE are rejected? [true]New intro music provided by GIANT MONSTERS ON THE HORIZON:http://giantmonstersonthehorizon.com/
https://www.facebook.com/giantmonstersonthehorizon/
https://open.spotify.com/artist/4HmglWNfF7jAYQxbEjv9Xt
On this episode we discuss malware being discovered pre-installed on android devices. We also discuss Confide and how it isn't as secure as we thought it was.
Show Notes:Contest: http://www.cydefe.com/root9b/list of infected smartphones:Galaxy Note 2LG G4Galaxy S7Galaxy S4Galaxy Note 4Galaxy Note 5Xiaomi Mi 4iGalaxy A5ZTE x500Galaxy Note 3Galaxy Note EdgeGalaxy Tab S2Galaxy Tab 2Oppo N3Vivo X6 plusNexus 5Nexus 5XAsus Zenfone 2LenovoS90OppoR7 plusXiaomi RedmiLenovo A850
On this episode we talk about the return of carbanak and an individual facing jail time for creating keyloggers.
On this episode we talk about Microsoft's new privacy dashboard, and a lot of ransom happening in the cyber world.
Linkshttp://www.securityweek.com/microsoft-launches-privacy-dashboardhttp://thehackernews.com/2017/01/mongodb-database-security.html?m=1https://bugcrowd.com/netgearhttp://thevalleystar.com/valleys-pays-ransom-with-cyber-insurance/#sthash.Qxo4Nasl.yrd7uoKo.dpbs
On this episode mike and i wrap up 2016. Giving some insight into this past years news stories and giving some suggestions for this upcoming year.
On this episode we talk about the mirai botnet and get a bit off topic.
On this episode we discuss a USB killing device, Krebs on security getting DDoSed by an IOT bot, and another data breach.
Check out syncurity at https://www.syncurity.net/ and on twitter @syncurity
On this episode we discuss password leaks from Last.FM and Opera browser.
On this episode Micheal and i talk about CVE-2016-5696 better known as the off path attack.
Show Notes:in /etc/sysctl.conf set the following valuenet.ipv4.tcp_challenge_ack_limit = 999999999Then load the configuration with# sysctl -p
On this weeks episode we are joined by Ben0xA who works for https://www.trustedsec.com you can follow him on twitter @Ben0xA. This week we discuss Macs and iPhones have a Stagefright-style bug, Android banking malware blocks victims’ outgoing calls to customer service, Hidden 'backdoor' in Dell security software gives hackers full access, and Companies failing to plan for many cyber dangers.Remember to follow us on twitter @CyDefe and please support us on patreaon patreon https://www.patreon.com/cydefe
Links:Dell back door security advisory - https://www.digitaldefense.com/ddi-six-discoveries/
This is the third minicast. Dont worry we will soon be going back to our full podcasts.In this episode we discuss the HummingBad Android malware being distributed by yingmob.
This is the second episode of the CyDefe minicast. On this episode we are joined by Dave Kennedy and Ben MillerOn this episode we discuss Facebook being sued over privacy concerns, Facebook tracking non-users, and audio fingerprinting being used to track web users.
This is the first episode of the CyDefe minicast. We will be doing a lot of minicasts in-between our main podcast to keep delivering awesome content to our listeners.On this episode we discuss the LinkedIn breach and its impact today.
From the showkrebs on security list
On this weeks episode we discuss checking for malware in your firmware with Google's VirusTotal, Getting pwned by hearthstone hacking tools, Fake Flash Update Serves OS X Scareware, and the FBI trying to scrub its employees data off of the web.
Linkshttp://motherboard.vice.com/read/-the-fbi-is-trying-to-scrub-its-employees-hacked-data-off-the-webhttps://www.theguardian.com/technology/2016/feb/10/hacking-gold-hearthstone-symantec-malware-blizzardhttp://mashable.com/2016/02/02/virustotal-firmware-scanner/#szZeMIzsGSqphttp://www.securityweek.com/fake-flash-update-serves-os-x-scarewareVideos
On this weeks episode we are joined by Ben Miller and Jayson Street. We discuss three stories from 2015 and talk about our predicitons for 2016.
On this week’s episode we discuss Microsoft’s operations center to fight cyber threats, Dell added Cylance, a bug in Gmail app for Android allows anyone to send spoofed emails, and Siri’s lockscreen bypass
On this weeks episode we are joined by Shannon Morse. We discuss hacking chip and pin cards, malware that replaces your browser, a FitBit danger, and the rise of OS X malware.
Links:Shannon morseTwitter: @snubsWebsite: http://www.snubsie.com/Hak5: https://www.youtube.com/user/Hak5DarrenRise of OS X malware reporthttps://www.bit9.com/download/reports/OSX_Threat_Research_Report_Final.pdfFitBit attack example
On this week’s episode we discuss fake blue screen of death, ad blocking, a critcal WinRAR vulnerability, and a shortage of cyber professionals.
WinRAR vulnerability POC
On this week’s episode we discuss a new version of the Carbanak malware, a new malware breaks impenetrable corporate defenses, internet of things and vulnerable baby monitors, and malware construction kits.
Carabanak Malware Pluginswi.exe and klgconfig.plugMicrosoft Word Intruder Revealed WhitepaperThe paper is located HEREList Of Vulnerable Baby Monitors
On this week’s episode we discuss bittorrent, insiders creating malware, paylpal vulnerabilities, and pawnstorm.
Paypal proof of concpet videoMalicious EFF linkhttp://electronicfrontierfoundation.org/url/{6_random_digits}/Go.class
Comments
Download from Google Play
Download from App Store
United States