Security Justice Episode 29 – Building Blocks for Building Docs with Alex Hamerstone, James Arlen

October 7th, 2010 Tom

This is the 29th episode of the Security Justice podcast recorded September 15th 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guests Alex Hamerstone, James Arlen and Dave Kennedy. Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• Alex discusses his talk at the Northeast Ohio Information Security Forum: Building Blocks for Building Docs.  We delve into one of the most forgotten topics in InfoSec…documentation <gasp>.
• Derby Con is coming!  Be there! September 30-October 2, 2011
• The Information Security Summit is October 14-15th in Cleveland Ohio.  Tom, Matt and Chris will all be speaking!
• Check-in to random locations just like Alex by using Tom’s guide.
• Tom Eston and Kevin Johnson will be presenting the third Social Zombies talk (lite version) at OWASP AppSec DC: Social Zombies Gone Wild: Totally Exposed and Uncensored
• Alex explains how information security relates to “The Bridges of Madison County”. Seriously.
• Check out Gary’s blog about SSL Wars!
• Schuyler Towne and the Open Locksport project
• Stay tuned for some very special live dualCORE!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 29 [ 1:03:21 ] Play Now | Play in Popup | Download (7688)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 28 – Interview with Jack Daniel

September 6th, 2010 Tom

This is the 28th episode of the Security Justice podcast recorded August 18th 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guests Jack Daniel, dotzero, and Alex from SecureState. Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We interview the InfoSec curmudgeon: Jack Daniel.  Jack talks about a certain security certification organization, BSides, Vegas updates, PCI, getting free drinks because you look like ZZ Top and much more! Also, there are some interesting updates from Defcon provided by dotzero.  Be sure to check out Jack’s blog!
• Don’t forget about Ohio Linux Fest September 10-12th and the Hurricane Labs Hack Challenge September 22nd.

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 28 [ 1:31:17 ] Play Now | Play in Popup | Download (5956)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 27 – Social Engineering with Brian Brushwood from Scam School

August 2nd, 2010 Tom

This is the 27th episode of the Security Justice podcast recorded July 21st 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, and Chris with special guests Brian Brushwood from Scam School and Dave Kennedy. Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We interview Brian Brushwood the host of “Scam School” on Revision3.  From the Revision3 website: Brian is the author of The Professional’s Guide to Fire Eating; Pack the House; and Cheats,Cons, Swindles, and Tricks. He has appeared on dozens of television and radio broadcasts, including “The Tonight Show,” and programs on ABC, NBC, FOX, the BBC, E! and more.  He eats FIRE, knows a thing or two about magic and gives us some great advice on social engineering and techniques on how to pick up girls in a bar.

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 27 [ 1:12:19 ] Play Now | Play in Popup | Download (7863)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 26 – Interview with Joshua Abraham (@jabra), Dave Kennedy (@dave_re1ik) SET v0.6 and Arnold Palmer

July 2nd, 2010 Tom

This is the 26th episode of the Security Justice podcast recorded May 19th, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guests Joshua “Jabra” Abraham from Rapid7, Dave Kennedy and Ghostnomad.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• Interview with Joshua “Jabra” Abraham.  Jabra contributes to the BackTrack LiveCD, BeEF, Nikto, Fierce, and PBNJ.  You probably have seen his talks at BlackHat, DefCon, ShmooCon, Infosec World, CSI, OWASP Conferences, LinuxWorld, Comdex and BLUG.  He also codes in Perl! Yeah baby!
• Check out Jabra’s blog.  Great resource for scripts and pentest tools.
• Jabra gave a really good talk at the SANS Pentest Summit “Goal Oriented Pentesting”.  Information on the upcoming release of Fierce 2.
• “Unmasking You” talk with Rsnake and Jabra from Defcon 17
• Be sure to check out everything Dave Kennedy is up to at BlackHat and Defcon this year.  Dave gives an update on the Social Engineering contest at Defcon as well.  Let’s pray for no heart attacks this year Dave!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 26 [ 59:35 ] Play Now | Play in Popup | Download (7535)

Posted in Podcast Episodes | 1 Comment »

Security Justice Episode 25 – Interview with Rafal Los, THOTCON, AppSec Security Fail, Cyber what?

June 9th, 2010 Tom

This is the 25th episode of the Security Justice podcast recorded May 19th, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guest Rafal Los (speaker, blogger, appsec ninja).  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We have our very first out of town guest!  Rafal Los from HP joins us for some *very* lively conversation.  You should really read his blogs.
• Rafal gives an update on THOTCON.  Yes, we want to podcast LIVE from THOTCON next year! It’s in Chicago.  We like Chicago.
• Rafal also did 30 disasters in 30 days (this is the first one). Awesome read!
• Check out Rafal’s talk from Source Boston: Into the Rabbit Hole: Execution Flow-Based Web Application Testing. We have some great discussion about this on why we are failing at web app testing.  Can QA do security?  Should developers be licensed like other industries?
• We end with a discussion on security certifications, degrees, red team vs. blue team and the word “Cyber”….oh my.
• Stay tuned after the podcast for some exclusive LIVE dualCORE and an interesting collection of bumpers.  Enjoy!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 25 [ 1:25:15 ] Play Now | Play in Popup | Download (6106)

Posted in Podcast Episodes | No Comments »

Security Justice Episode 24 – Interview with Steve Ocepek from SpiderLabs, Post Notacon Updates

May 5th, 2010 Tom

This is the 24th episode (two years!) of the Security Justice podcast recorded April 21st, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, and Chris with special guest Steve Ocepek from SpiderLabs.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• We interview Steve Ocepek from SpiderLabs about his recent talk at BlackHat EU and NEOISF “Oracle, Interrupted: Stealing Sessions and Credentials“.  Steve talks about his job as head of security research for SpiderLabs, penetration testing Oracle, Layer 2 attacks and much more!
• Chris and Tom provide our Notacon 7 updates.  Notacon was awesome as usual!  We hope to release the audio from our session from Notacon Radio…it was EPIC! If anything you should listen to it just for our interview of 0ph3lia. RAGE!
• Check out our pictures from “Surviving the Zombie Apocalypse”.  We posted some video (you must see the Zombie Q&A from the video), and outtakes from the presentation.  Full video can be downloaded via Torrent (with the other Notacon 7 videos).

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 24 [ 1:09:56 ] Play Now | Play in Popup | Download (6423)

Posted in Podcast Episodes | No Comments »

Security Justice Live on Notacon Radio Tonight 11pm!

April 16th, 2010 Tom

Security Justice will be live tonight (4/16) on Notacon Radio beginning at 11pm EST.  You can listen to the stream live on the Notacon Radio Stream and chat with us on IRC (irc.freenode.net #securityjustice).  We will be talking about the days events at Notacon and a recap of talks!  We will also have some special guests from Notacon live with us in the Notacon Radio studio.

Don’t forget…Tom, Matt and Chris will be presenting “Surviving the Zombie Apocalypse” at Notacon 5pm this Saturday with the Confused Greenies.  Be there for live zombie carnage!! Oh, be sure to watch our exclusive preview.

Posted in Podcast Announcements | No Comments »

Security Justice Episode 23 – Infosec vs. IT Audit, Froggy and Tyger, Myrcurial and Notacon

March 23rd, 2010 Tom

This is the 23rd episode of the Security Justice podcast recorded March 17, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, and Chris with special guests Ghostnomad (the “auditor”) as well as Froggy and Tyger from Notacon AND Myrcurial.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC (that includes you Chris Nickerson..*gasp*).  Here are the show notes:

• Froggy and Tyger talk about Notacon 7.  Security Justice will be there…hopefully on Notacon radio.  Come see our talk “Surviving the Zombie Apocalypse” with our friends The Confused Greenies.  See our exclusive preview here! Also, come see Ghostnomad’s talk and all three talks with Myrcurial.
• You should really come to Notacon…April 15-18th in Cleveland Ohio! Other talks worth checking out (besides all of them) include…Int Eighty, dave_rel1k, Tiffany Rad, Rogueclown, Kaospunk, Irongeek and Mick Douglas from Pauldotcom Security Weekly.
• Interview with Ghostnomad who is a real, live, breathing IT Auditor (don’t worry…he’s actually pretty cool ).  We go one-on-one to find out what IT auditors do and how they are really not out to destroy us…or eat our children.  Myrcurial also joins the conversation…with NO Skype fail! Srsly..way to go Dave!

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 23 [ 1:18:21 ] Play Now | Play in Popup | Download (7763)

Posted in Podcast Episodes | 1 Comment »

Security Justice Episode 22 – Physical Security, Interview with a Locksmith

February 24th, 2010 Tom

This is the 22nd episode of the Security Justice podcast recorded February 17, 2010 live at Damon’s Grill in Independence, OH.  This episode was hosted by Tom, Dave, Matt and Chris with special guest John Doe the Locksmith.  Music as always provided by dualCORE. Thanks to everyone listening to the live stream and for participating in the chat via IRC.  Here are the show notes:

• A few Shmoocon updates! There was snow! Dave’s pictures posted soon…
• Interview with “John Doe” the Locksmith.  John Doe talks about some of the biggest physical security fails he has seen as well as some great stories of alarm bypass.  He also talks about what are good consumer grade locks, what are his favorite lock picks, the rise of fake locksmiths and more.

Please send show feedback to feedback [aT] securityjustice.com or comment below.

Security Justice Episode 22 [ 49:39 ] Play Now | Play in Popup | Download (7809)

Posted in Podcast Episodes | No Comments »

Shmoocon and how to protect yourself from Shmooball attackers!

February 3rd, 2010 Tom

It’s upon us. The con that is Shmoocon!  The full Security Justice crew will be there in full force.  If you see any of us around the con or at the parties be sure to say “Hi” as we have some new Security Justice stickers for ya!

Security Justice Shields for Rent!
We also want you to know that if you feel the need for “protection” from the potential barrage of incoming Shmooballs (especially you speakers), Security Justice is here to help! Rent yourself an official Security Justice protection shield for only $20 per hour.  Your donation of $20 goes to support the EFF (Electronic Frontier Foundation) or Hackers for Charity, your choice.  If your interested, look for Dave Lauer (he is also one of the Shmoocon staff and also will have a *large* Shmooball Launcher with him) at the con and he will hook you up with your protection needs.  Please note that Security Justice co-hosts cannot be purchased to be used as shields (except for Dave Kennedy…he always has a price).

Podcaster Meetup – Saturday @7:30pm
Security Justice will be participating in the Podcaster Meetup which takes place 7:30 – 8:30pm on Saturday in the hallway of the main con area (same as last year).  Be sure to stay for Firetalks after the meetup! More information about the Podcaster Meetup is here and more info about Firetalks is here.

Talks and more!
Check out the Shmooball Launcher contest sponsored by Woot.com, Dave Kennedy speaking about and releasing the new version of SET at the Firetalks on Friday night and don’t miss Social Zombies II: Your Friends Need More Brains with Tom Eston, Robin Wood and Kevin Johnson.  Their talk is Saturday at 11am in the “Break It!” track.

See you all at Shmoo!

Posted in Security Justice News | No Comments »