Shmoocon and how to protect yourself from Shmooball attackers!

February 3rd, 2010 Tom

It’s upon us. The con that is Shmoocon!  The full Security Justice crew will be there in full force.  If you see any of us around the con or at the parties be sure to say “Hi” as we have some new Security Justice stickers for ya!

Security Justice Shields for Rent!
We also want you to know that if you feel the need for “protection” from the potential barrage of incoming Shmooballs (especially you speakers), Security Justice is here to help! Rent yourself an official Security Justice protection shield for only $20 per hour.  Your donation of $20 goes to support the EFF (Electronic Frontier Foundation) or Hackers for Charity, your choice.  If your interested, look for Dave Lauer (he is also one of the Shmoocon staff and also will have a *large* Shmooball Launcher with him) at the con and he will hook you up with your protection needs.  Please note that Security Justice co-hosts cannot be purchased to be used as shields (except for Dave Kennedy…he always has a price). :-)

Podcaster Meetup – Saturday @7:30pm
Security Justice will be participating in the Podcaster Meetup which takes place 7:30 – 8:30pm on Saturday in the hallway of the main con area (same as last year).  Be sure to stay for Firetalks after the meetup! More information about the Podcaster Meetup is here and more info about Firetalks is here.

Talks and more!
Check out the Shmooball Launcher contest sponsored by Woot.com, Dave Kennedy speaking about and releasing the new version of SET at the Firetalks on Friday night and don’t miss Social Zombies II: Your Friends Need More Brains with Tom Eston, Robin Wood and Kevin Johnson.  Their talk is Saturday at 11am in the “Break It!” track.

See you all at Shmoo!

Posted in Security Justice News | No Comments »

Security Justice Episode 21 – Woot.com, Hack Challenge, @dave_rel1k and SET

January 26th, 2010 Tom

This is the 21st episode of the Security Justice podcast recorded January 20, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guests Dave Kennedy creator of the Social Engineer Toolkit (SET) and Shawn Miller from Woot.com.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

  • Chris announces this months open source project worth supporting! Chris recommends donating to pfSense, which is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router.  Each month Chris is going to highlight an awesome open source project worth giving some cash to.
  • Hurricane Labs in Cleveland, Ohio is having another awesome Hack Challenge taking place on February 3, 2010.  Special guest Jordan Wiens (DEFCON CTF champion) will be in attendance (he will not be participating in the challenge so don’t worry about getting pwnd).  Hurricane Labs talks about what’s different from last year and how a CTF (Capture The Flag) works.
  • Shawn Miller from Woot.com talks about bags of crap and how Woot.com is sponsoring the Shmooball Cannon Contest this year at Shmoocon!  He also talks about the history of Woot.com and how they do Woot off’s and more.
  • Dave Kennedy gives us an overview of his Social Engineer Toolkit (SET) as well as a sneak peak of some new things being released for SET during his firetalk at Shmoocon. Also, listen to Dave *butcher* @myrcurial.  Remember Dave…my-cur-i-al. :-)
  • Tom is bringing the social zombie apocalypse to Shmoocon with Kevin Johnson and Robin Wood Saturday, February 6th at 11am.
  • Be sure to check out the Podcaster Meetup and the Firetalks at Shmoocon.  Security Justice will be there.  More details will be posted soon!
  • Remember kids: If your going to Shmoocon…do not eat at Trattoria across the street from the Wardman Park!! See this video for more information.

Please send show feedback to feedback [aT] securityjustice.com or comment below.  Thanks to Dave and Shawn for being guests on the show!

 
icon for podpress  Security Justice Episode 21 [70:53m]: Play Now | Play in Popup | Download (1373)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 20 – Shmoocon 2010 Interview with Bruce Potter (@gdead)

December 22nd, 2009 Tom

This is the 20th episode of the Security Justice podcast recorded December 16, 2009 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave and Chris with very special guest Bruce Potter founder of the Shmoo Group.  * Photo of Bruce and Heidi from album.textfiles.com.

Bruce talks to us about Shmoocon 2010, the ticketing process, talks, events and everything else related to Shmoocon 2010.  Just a reminder that the last round of Shmoocon tickets go on sale January 1st at noon EST!  This is your last chance to get a ticket to Shmoocon.  If you don’t get one, Bruce says you can blame our very own Chris Clymer.  :-) Thanks again to Bruce for being our guest on the show and for everyone participating in the live chat via IRC and on the live stream (very special thanks to aricon from PaulDotCom for letting use their Icecast server for the stream).

 
icon for podpress  Security Justice Episode 20 - Shmoocon 2010 Interview with Bruce Potter [71:26m]: Play Now | Play in Popup | Download (1979)

Posted in Podcast Episodes | 1 Comment »

Security Justice Episode 19 – Epic Interview with Jason Scott (@textfiles)

November 27th, 2009 Tom

Jason_Scott_Text_urized_by_roy_sacThis is the 19th episode of the Security Justice podcast recorded November 18, 2009 live at the Chris Clymer Bar & Grill (his basement actually).  This episode was hosted by Tom, Matt, Dave and Chris with very special guest Jason Scott from textfiles.com (picture of Jason in this post courtesy of roy-sac).

Jason is probably the most interesting person you will ever meet.  His long list of accomplishments include speaking at pretty much every hacker conference known to man, hosting the fantastic Blockparty for the last three years at Notacon, archiver of the Internet, proprietor of textfiles.com, computer historian, producer of BBS: The Documentary, creator of sockington (the most famous cat on Twitter with well over 1 million followers) and also known as the guy who goatse’d all of MySpace.  We talk to Jason about pretty much everything listed above.  This is truly a EPIC episode going into the two hour mark but well worth the listen!

Thanks again to Jason for being our guest on the show and for everyone participating in the live chat via IRC and on the live stream (it was our largest audience yet)!  Please send show feedback to feedback [aT] securityjustice.com or comment below.

 
icon for podpress  Security Justice Episode 19 - Jason Scott [134:27m]: Play Now | Play in Popup | Download (2263)

Posted in Podcast Episodes | 2 Comments »

Select Talks from ISS2009 Now Available for Download

November 20th, 2009 Tom

summitlogoWe have uploaded the audio recording of select talks from the Ohio Information Security Summit that took place October 29-30, 2009 in Cleveland, Ohio.  There is a separate RSS feed for these talks located here.  If you are using iTunes you can simply use the RSS feed to download all the talks, it’s different then our normal podcast feed.  If you want to download individual talks you can download them via the links below or from our Libsyn podcast page here.  Thanks to the ISS2009 organizers for putting on a great conference!  Here are a list of talks that we recorded ready for download:

Knowledge + Malice = Chaos: When Awareness Doesn’t Work – John O’Leary
Corporate Honeypots: Hackers Can’t Believe What They See - L. Brent Huston
Enterprise Open Source Intelligence Gathering – Tom Eston
Network Security Monitoring and Incident Response – Richard Bejtlich
Anti-Virus is Dead – Dave Kennedy
Radio Reconnaissance and Pen Testing: All Your RF Are Belong to Us – Matt Neely
Vulnerability Management in a Post Apocalytic World – Bill Mathews

Posted in Podcast Special Editions | No Comments »

Security Justice Special Edition – Interview with Richard Bejtlich (@taosecurity)

November 7th, 2009 Tom

bejtlich_dcbsdcon2009_cropIn this special edition of Security Justice we interview Richard Bejtlich at this year’s Ohio Information Security Summit.  Richard is the Director of Incident Response for General Electric. Prior to joining GE, Richard operated TaoSecurity LLC as an independent consultant, protected national security interests for ManTech Corporation’s Computer Forensics and Intrusion Analysis division, investigated intrusions as part of Foundstone’s incident response team, and monitored client networks for Ball Corporation.

Richard began his digital security career as a military intelligence officer at the Air Force Computer Emergency Response Team (AFCERT), Air Force Information Warfare Center (AFIWC), and Air Intelligence Agency (AIA). Richard is a graduate of Harvard University and the United States Air Force Academy. He wrote “The Tao of Network Security Monitoring” and “Extrusion Detection,” and co- authored “Real Digital Forensics.” He also writes for his blog (taosecurity.blogspot.com) and TechTarget.com, and teaches for Black Hat.

Thanks again to Richard for being our guest on the show!

 
icon for podpress  Security Justice Special Edition - Richard Bejtlich [32:41m]: Play Now | Play in Popup | Download (2055)

Posted in Podcast Special Editions | No Comments »

Security Podcasters “Go the Mo” for Men’s Health

November 6th, 2009 Tom

The biggest names in security podcasting (talk about star power!!) are shaving down for charity, raising money for men’s heath in November.

“Movember” participants have 30 days to grow a moustache from a clean shave, while earning support from friends and family in the form of donations. All money raised supports men’s health issues including prostate cancer research and anti-depression initiatives.

For some, participation in the event will involve significant sacrifice in the name of altruism. PaulDotCom Security Weekly co-host Larry Pesce has agreed to shave his entire face on November 1st.

Well known as a technology podcaster, Pesce is also renowned as the custodian of one of the finest facial forests ever seen in Rhode Island. It’s rumoured Pesce’s chin hasn’t seen sunlight since he hit puberty.

“My wife has told me I’m not getting any play until the goatee grows back,” Pesce says. “So I want this to be worth it.”

For Pesce’s colleague, fellow host Paul Asadoorian, the challenge will be actually growing a moustache in only one month. “I’m considering dosing up on synthetic horse testosterone,” says Asadoorian. “I know a veterinarian with a gambling problem, so I should be able to get my hands on something.”

Asadoorian, Pesce, Exotic Liability’s Chris Nickerson, Dave Lauer from Security Justice, SecuraBit’s Chris Gerling and Australia’s Patrick Gray– the host of the Risky Business podcast — are all on board.  More security podcasters have also been added recently.  You can see the full list here.

Gray hopes the charity drive will solicit donations from both listeners and security technology vendors. “We’re all really hoping the vendors will come to the party,” Gray says. “If we can get good participation from our listeners and the security industry itself, then we’re confident we’ll be able to raise a decent amount of money for a good cause.”

Supporters based in the USA are urged to make their donations to the Security Podcasters Alliance team (or individuals) on us.movember.com [1], while Australian supporters can donate to the Risky Business team or its members at au.movember.com [2].

[1] http://us.movember.com/mospace/members/search/q/security+podcasters
[2] http://au.movember.com/mospace/members/search/q/risky+business

Posted in Security Justice News | No Comments »

Security Justice Special Edition – Jayson Street and Dissecting the hack: the f0rb1dd3n network

October 30th, 2009 Tom

eyesThis special edition was recorded during the 7th Annual Ohio Information Security Summit. Jayson Street is the author of a book titled “Dissecting the hack: the f0rb1dd3n network”.  Jayson updates us on the recent controversy regarding the plagiarism by the technical editor of the book.  You can check out the book review by Wesley McGrew that is mentioned in the podcast.  Wesley was also our guest on Episode 18 talking about the book review.  Jayson provides an overview of what happened and how the publisher and the security community are working together to move forward and how the revised book will be written.  You can find out more about this new community on the dissecting the hack website. We want to thank Jayson for being upfront and honest about the situation and for being our guest on the show!

Oh…and as a bonus we have the very first “cross-over of the streams” with PaulDotCom Security Weekly!  Listen to it towards the end of the podcast.  Thanks to Paul and Larry for skyping us in!

 
icon for podpress  Security Justice Special Edition - Jayson Street [49:26m]: Play Now | Play in Popup | Download (1788)

Posted in Podcast Special Editions | 1 Comment »

Security Justice Episode 18 – Louisville InfoSec, Rapid7, Interview with Wesley McGrew

October 27th, 2009 Tom

mcgrewsecThis is the 18th episode of the Security Justice podcast recorded October 21st 2009 live at Mavis Winkle’s Irish Pub. This was the last episode recorded at Mavis Winkle’s.  Apparently, they can’t handle any more of the “justice”.  This episode was hosted by Tom, Matt, Dave and Chris with special guests Wesley McGrew from McGrewSecurity.com and Dave Kennedy (ReL1K).  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.

Special Announcements:
We will be podcasting live at the Ohio Information Security Summit October 29-30.  We should be streaming some of the talks and select interviews with some of the speakers.  Be sure to follow our Twitter feed for updates on when we will be live!  Tom, Matt, Dave Kennedy, Alex Hutton, Richard Bejtlich and Wikid Systems (Nick Owen) will all be speaking.

Tom Eston and Kevin Johnson will be speaking at OWASP AppSec DC November 10-13th.  Tom and Kevin will be presenting “Social Zombies: Your Friends Want to Eat Your Brains”

Website Plug(s) of the Month:

Shmoocon CFP is open! Canadian Web Techno Conference CFP is open, ConFoo!

The Social-Engineer.org Podcast.  Be sure to check out the first episode on interrogation and interview tactics.  Really good stuff.  We are hoping that these guys put out more episodes soon!

Please send show feedback to feedback [aT] securityjustice.com or comment below.  Thanks to Wesley for being a guest on the show!

 
icon for podpress  Security Justice Episode 18 [77:08m]: Play Now | Play in Popup | Download (1610)

Posted in Podcast Episodes | 1 Comment »

Security Justice International BBQ Edition – Nick Owen (@wikidsystems)

October 22nd, 2009 Tom

Nick_OwenThis special edition was recorded during our 1st annual International BBQ podcast.

Nick Owen is CEO of WiKID Systems a open source two-factor authentication solution.  Nick talks to us about the WiKID solution, how it works and why it’s better then most expensive two-factor authentication solutions.  Be sure to check out the rockin’ Python based command line software token for use with WiKID (created by our friends over at Hurricane Labs)!

Nick is also speaking at the Ohio Information Security Summit October 29-30th on “Securing Network Access with Open Source Solutions”.

Thanks again to Nick for being on the show!

 
icon for podpress  Security Justice International BBQ Edition – Nick Owen [34:53m]: Play Now | Play in Popup | Download (2043)

Posted in Podcast Special Editions | No Comments »

« Previous Entries