Security Justice Episode 27 – Social Engineering with Brian Brushwood from Scam School

August 2nd, 2010 Tom

This is the 27th episode of the Security Justice podcast recorded July 21st 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, and Chris with special guests Brian Brushwood from Scam School and Dave Kennedy. Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We interview Brian Brushwood the host of “Scam School” on Revision3.  From the Revision3 website: Brian is the author of The Professional’s Guide to Fire Eating; Pack the House; and Cheats,Cons, Swindles, and Tricks. He has appeared on dozens of television and radio broadcasts, including “The Tonight Show,” and programs on ABC, NBC, FOX, the BBC, E! and more.  He eats FIRE, knows a thing or two about magic and gives us some great advice on social engineering and techniques on how to pick up girls in a bar.

Please send show feedback to feedback [aT] securityjustice.com or comment below.

 

 Security Justice Episode 27 [01:12:19m]: Play Now | Play in Popup | Download (2421)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 26 – Interview with Joshua Abraham (@jabra), Dave Kennedy (@dave_re1ik) SET v0.6 and Arnold Palmer

July 2nd, 2010 Tom

This is the 26th episode of the Security Justice podcast recorded May 19th, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guests Joshua “Jabra” Abraham from Rapid7, Dave Kennedy and Ghostnomad.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• Interview with Joshua “Jabra” Abraham.  Jabra contributes to the BackTrack LiveCD, BeEF, Nikto, Fierce, and PBNJ.  You probably have seen his talks at BlackHat, DefCon, ShmooCon, Infosec World, CSI, OWASP Conferences, LinuxWorld, Comdex and BLUG.  He also codes in Perl! Yeah baby!
• Check out Jabra’s blog.  Great resource for scripts and pentest tools.
• Jabra gave a really good talk at the SANS Pentest Summit “Goal Oriented Pentesting”.  Information on the upcoming release of Fierce 2.
• “Unmasking You” talk with Rsnake and Jabra from Defcon 17
• Be sure to check out everything Dave Kennedy is up to at BlackHat and Defcon this year.  Dave gives an update on the Social Engineering contest at Defcon as well.  Let’s pray for no heart attacks this year Dave!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

 

 Security Justice Episode 26 [59:35m]: Play Now | Play in Popup | Download (2753)

Posted in Podcast Episodes | 1 Comment »

Security Justice Episode 25 – Interview with Rafal Los, THOTCON, AppSec Security Fail, Cyber what?

June 9th, 2010 Tom

This is the 25th episode of the Security Justice podcast recorded May 19th, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guest Rafal Los (speaker, blogger, appsec ninja).  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We have our very first out of town guest!  Rafal Los from HP joins us for some *very* lively conversation.  You should really read his blogs.
• Rafal gives an update on THOTCON.  Yes, we want to podcast LIVE from THOTCON next year! It’s in Chicago.  We like Chicago.
• Rafal also did 30 disasters in 30 days (this is the first one). Awesome read!
• Check out Rafal’s talk from Source Boston: Into the Rabbit Hole: Execution Flow-Based Web Application Testing. We have some great discussion about this on why we are failing at web app testing.  Can QA do security?  Should developers be licensed like other industries?
• We end with a discussion on security certifications, degrees, red team vs. blue team and the word “Cyber”….oh my.
• Stay tuned after the podcast for some exclusive LIVE dualCORE and an interesting collection of bumpers.  Enjoy!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

 

 Security Justice Episode 25 [85:15m]: Play Now | Play in Popup | Download (2597)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 24 – Interview with Steve Ocepek from SpiderLabs, Post Notacon Updates

May 5th, 2010 Tom

This is the 24th episode (two years!) of the Security Justice podcast recorded April 21st, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, and Chris with special guest Steve Ocepek from SpiderLabs.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We interview Steve Ocepek from SpiderLabs about his recent talk at BlackHat EU and NEOISF “Oracle, Interrupted: Stealing Sessions and Credentials“.  Steve talks about his job as head of security research for SpiderLabs, penetration testing Oracle, Layer 2 attacks and much more!
• Chris and Tom provide our Notacon 7 updates.  Notacon was awesome as usual!  We hope to release the audio from our session from Notacon Radio…it was EPIC! If anything you should listen to it just for our interview of 0ph3lia. RAGE!
• Check out our pictures from “Surviving the Zombie Apocalypse”.  We posted some video (you must see the Zombie Q&A from the video), and outtakes from the presentation.  Full video can be downloaded via Torrent (with the other Notacon 7 videos).

Please send show feedback to feedback [aT] securityjustice.com or comment below.

 

 Security Justice Episode 24 [69:56m]: Play Now | Play in Popup | Download (3163)

Posted in Podcast Episodes | No Comments »

Security Justice Live on Notacon Radio Tonight 11pm!

April 16th, 2010 Tom

Security Justice will be live tonight (4/16) on Notacon Radio beginning at 11pm EST.  You can listen to the stream live on the Notacon Radio Stream and chat with us on IRC (irc.freenode.net #securityjustice).  We will be talking about the days events at Notacon and a recap of talks!  We will also have some special guests from Notacon live with us in the Notacon Radio studio.

Don’t forget…Tom, Matt and Chris will be presenting “Surviving the Zombie Apocalypse” at Notacon 5pm this Saturday with the Confused Greenies.  Be there for live zombie carnage!! Oh, be sure to watch our exclusive preview.

Posted in Podcast Announcements | No Comments »

Security Justice Episode 23 – Infosec vs. IT Audit, Froggy and Tyger, Myrcurial and Notacon

March 23rd, 2010 Tom

This is the 23rd episode of the Security Justice podcast recorded March 17, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, and Chris with special guests Ghostnomad (the “auditor”) as well as Froggy and Tyger from Notacon AND Myrcurial.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC (that includes you Chris Nickerson..*gasp*).  Here are the show notes:

• Froggy and Tyger talk about Notacon 7.  Security Justice will be there…hopefully on Notacon radio.  Come see our talk “Surviving the Zombie Apocalypse” with our friends The Confused Greenies.  See our exclusive preview here! Also, come see Ghostnomad’s talk and all three talks with Myrcurial.
• You should really come to Notacon…April 15-18th in Cleveland Ohio! Other talks worth checking out (besides all of them) include…Int Eighty, dave_rel1k, Tiffany Rad, Rogueclown, Kaospunk, Irongeek and Mick Douglas from Pauldotcom Security Weekly.
• Interview with Ghostnomad who is a real, live, breathing IT Auditor (don’t worry…he’s actually pretty cool ).  We go one-on-one to find out what IT auditors do and how they are really not out to destroy us…or eat our children.  Myrcurial also joins the conversation…with NO Skype fail! Srsly..way to go Dave!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

 

 Security Justice Episode 23 [78:21m]: Play Now | Play in Popup | Download (3311)

Posted in Podcast Episodes | 1 Comment »

Security Justice Episode 22 – Physical Security, Interview with a Locksmith

February 24th, 2010 Tom

This is the 22nd episode of the Security Justice podcast recorded February 17, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guest John Doe the Locksmith.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• A few Shmoocon updates! There was snow! Dave’s pictures posted soon…
• Interview with “John Doe” the Locksmith.  John Doe talks about some of the biggest physical security fails he has seen as well as some great stories of alarm bypass.  He also talks about what are good consumer grade locks, what are his favorite lock picks, the rise of fake locksmiths and more.

Please send show feedback to feedback [aT] securityjustice.com or comment below.

 

 Security Justice Episode 22 [49:39m]: Play Now | Play in Popup | Download (3464)

Posted in Podcast Episodes | No Comments »

Shmoocon and how to protect yourself from Shmooball attackers!

February 3rd, 2010 Tom

It’s upon us. The con that is Shmoocon!  The full Security Justice crew will be there in full force.  If you see any of us around the con or at the parties be sure to say “Hi” as we have some new Security Justice stickers for ya!

Security Justice Shields for Rent!
We also want you to know that if you feel the need for “protection” from the potential barrage of incoming Shmooballs (especially you speakers), Security Justice is here to help! Rent yourself an official Security Justice protection shield for only $20 per hour.  Your donation of $20 goes to support the EFF (Electronic Frontier Foundation) or Hackers for Charity, your choice.  If your interested, look for Dave Lauer (he is also one of the Shmoocon staff and also will have a *large* Shmooball Launcher with him) at the con and he will hook you up with your protection needs.  Please note that Security Justice co-hosts cannot be purchased to be used as shields (except for Dave Kennedy…he always has a price).

Podcaster Meetup – Saturday @7:30pm
Security Justice will be participating in the Podcaster Meetup which takes place 7:30 – 8:30pm on Saturday in the hallway of the main con area (same as last year).  Be sure to stay for Firetalks after the meetup! More information about the Podcaster Meetup is here and more info about Firetalks is here.

Talks and more!
Check out the Shmooball Launcher contest sponsored by Woot.com, Dave Kennedy speaking about and releasing the new version of SET at the Firetalks on Friday night and don’t miss Social Zombies II: Your Friends Need More Brains with Tom Eston, Robin Wood and Kevin Johnson.  Their talk is Saturday at 11am in the “Break It!” track.

See you all at Shmoo!

Posted in Security Justice News | No Comments »

Security Justice Episode 21 – Woot.com, Hack Challenge, @dave_rel1k and SET

January 26th, 2010 Tom

This is the 21st episode of the Security Justice podcast recorded January 20, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guests Dave Kennedy creator of the Social Engineer Toolkit (SET) and Shawn Miller from Woot.com.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• Chris announces this months open source project worth supporting! Chris recommends donating to pfSense, which is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router.  Each month Chris is going to highlight an awesome open source project worth giving some cash to.
• Hurricane Labs in Cleveland, Ohio is having another awesome Hack Challenge taking place on February 3, 2010.  Special guest Jordan Wiens (DEFCON CTF champion) will be in attendance (he will not be participating in the challenge so don’t worry about getting pwnd).  Hurricane Labs talks about what’s different from last year and how a CTF (Capture The Flag) works.
• Shawn Miller from Woot.com talks about bags of crap and how Woot.com is sponsoring the Shmooball Cannon Contest this year at Shmoocon!  He also talks about the history of Woot.com and how they do Woot off’s and more.
• Dave Kennedy gives us an overview of his Social Engineer Toolkit (SET) as well as a sneak peak of some new things being released for SET during his firetalk at Shmoocon. Also, listen to Dave *butcher* @myrcurial.  Remember Dave…my-cur-i-al.
• Tom is bringing the social zombie apocalypse to Shmoocon with Kevin Johnson and Robin Wood Saturday, February 6th at 11am.
• Be sure to check out the Podcaster Meetup and the Firetalks at Shmoocon.  Security Justice will be there.  More details will be posted soon!
• Remember kids: If your going to Shmoocon…do not eat at Trattoria across the street from the Wardman Park!! See this video for more information.

Please send show feedback to feedback [aT] securityjustice.com or comment below.  Thanks to Dave and Shawn for being guests on the show!

 

 Security Justice Episode 21 [70:53m]: Play Now | Play in Popup | Download (3773)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 20 – Shmoocon 2010 Interview with Bruce Potter (@gdead)

December 22nd, 2009 Tom

This is the 20th episode of the Security Justice podcast recorded December 16, 2009 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave and Chris with very special guest Bruce Potter founder of the Shmoo Group.  * Photo of Bruce and Heidi from album.textfiles.com.

Bruce talks to us about Shmoocon 2010, the ticketing process, talks, events and everything else related to Shmoocon 2010.  Just a reminder that the last round of Shmoocon tickets go on sale January 1st at noon EST!  This is your last chance to get a ticket to Shmoocon.  If you don’t get one, Bruce says you can blame our very own Chris Clymer.  Thanks again to Bruce for being our guest on the show and for everyone participating in the live chat via IRC and on the live stream (very special thanks to aricon from PaulDotCom for letting use their Icecast server for the stream).

 

 Security Justice Episode 20 - Shmoocon 2010 Interview with Bruce Potter [71:26m]: Play Now | Play in Popup | Download (3726)

Posted in Podcast Episodes | 1 Comment »