Securit13 Podcast

Нашумевшие дебаты Марка и Илона, множество исследований, еще больше художественных произведений... Но что же такое AI? А с точки зрения информационной безопасности? Именно об этом решили поговорить наши ведущие. А что думаете вы? Intro / Outro The Yellow Flying Cog by Flying Species http://freemusicarchive.org/music/Flying_Species/Cogs/4_-_The_Yellow_Flying_Cog Google's AI Built Its Own AI That Outperforms Any Made by Humans https://www.sciencealert.com/google-s-ai-built-it-s-own-ai-that-outperforms-any-made-by-humans On the security, privacy, and safety challenges of AI http://www.ml4aad.org/automl/ Why Zuckerberg and Musk Are Fighting About the Robot Future https://www.theatlantic.com/technology/archive/2017/07/musk-vs-zuck/535077/ Elon Musk says we need to regulate AI before it becomes a danger to humanity https://www.theverge.com/2017/7/17/15980954/elon-musk-ai-regulation-existential-threat Live grilling in Mark's backyard https://www.facebook.com/zuck/videos/10103911836230631/ OpenSOC: An Open C

BSides Kyiv 21.04.2018 https://securitybsides.org.ua/, cfp https://securitybsides.org.ua/#cfp Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs https://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ Security hole in AMD CPUs' hidden secure processor revealed ahead of patches https://www.theregister.co.uk/2018/01/06/amd_cpu_psp_flaw/ Attacking a co-hosted VM: A hacker, a hammer and two memory modules - This is Security :: by Stormshield https://www.theverge.com/platform/amp/2018/1/3/16844630/intel-processor-security-flaw-bug-kernel-windows-linux?__twitter_impression=true Intel Releases New Technology Specifications to Protect Against ROP attacks https://software.intel.com/en-us/blogs/2016/06/09/intel-release-new-technology-specifications-protect-rop-attacks A Simple Explanation of the Differences Between Meltdown and Spectre https://danielmiessler.com/blog/simple-explanation-difference-meltdown-spectre/ blizzard: agent rpc auth mechanism vulnerable to dns rebind

Эпизод 90.2 - Интервью с А.Семенякой (10.12.2017) К нам пришел Алекс и рассказал о критической инфраструктуре интернетов. Что это вообще такое и как с ней жить? Intro / Outro Clouds of Tenderness by Lobo Loco http://freemusicarchive.org/music/Lobo_Loco/BOB/Clouds_of_Tenderness_ID_792 Russian-controlled telecom hijacks financial services’ Internet traffic https://arstechnica.com/information-technology/2017/04/russian-controlled-telecom-hijacks-financial-services-internet-traffic/ Resource Certification (RPKI) https://www.ripe.net/manage-ips-and-asns/resource-management/certification The Resource Public Key Infrastructure (RPKI) to Router Protocol https://tools.ietf.org/html/rfc6810 BGPsec Protocol Specification https://tools.ietf.org/html/rfc8205 [ipv6-wg] Belgian limits on CGN/NAT? https://www.ripe.net/ripe/mail/archives/ipv6-wg/2016-November/003004.html Доклад по интернет-блокировкам на Генассамблее ООН: http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf, туда же заодн

Intro / Outro Sleepy in the Garden by Lobo Loco https://freemusicarchive.org/music/download/7b5af5facd7ab75f565ca518647fb28f56f1dc08 Malvertising https://en.wikipedia.org/wiki/Malvertising Malvertising: When Online Ads Attack (2015) https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/malvertising-when-online-ads-attack Juniper Acquires Cyphort (2015) https://www.cyphort.com/press-release/cyphort-labs-issues-special-report-on-the-rise-in-malvertising-cyber-attacks/ Malvertising and crypto threats have rocketed in 2017 https://www.htbridge.com/blog/malvertising-and-crypto-threats-have-rocketed-in-2017.html Malvertising Campaign Redirects Browsers To Terror Exploit Kit https://threatpost.com/malvertising-campaign-redirects-browsers-to-terror-exploit-kit/128596/ Malvertising on Equifax, TransUnion tied to third party script (updated) https://blog.malwarebytes.com/threat-analysis/2017/10/equifax-transunion-websites-push-fake-flash-player/ New Malvertising Campaign Exploits

Разговор с Владимиром Илибманом о полугодовом отчете Cisco, кроликах и статистике. Всегда актуально. Intro / Outro State of Mind by Audiobinger http://freemusicarchive.org/music/Audiobinger/~/State_of_Mind BadRabbit Technical Analysis https://www.endgame.com/blog/technical-blog/badrabbit-technical-analysis Звіт Cisco з інформаційної безпеки за перше півріччя 2017 року https://engage2demand.cisco.com/LP=7258 2016 Data Breach Investigations Report (pdf) http://www.verizonenterprise.com/resources/reports/rp_DBIR_2016_Report_en_xg.pdf The Black Swan by Nassim Nicholas Taleb https://www.amazon.com/Black-Swan-Improbable-Robustness-Fragility/dp/081297381X Связаться с Владимиром можно по адресу voilibma@cisco.com или https://www.facebook.com/vladimir.ilibman

Ми тут вирішили згадати найголосніші події року, що вже майже минув. Приєднуйтесь! Incident report on memory leak caused by Cloudflare parser bug https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ Vault 7: CIA Hacking Tools Revealed https://wikileaks.org/ciav7p1/ NSA-leaking Shadow Brokers just dumped its most damaging release yet https://arstechnica.com/information-technology/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/ Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/ New ransomware, old techniques: Petya adds worm capabilities https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/ The MeDoc Connection http://blog.talosintelligence.com/2017/07/the-medoc-connection.html Threat Spotlight: Follow the Bad Rabbit http://blog.talosintelligence.com/2017/10/bad-ra

Самые громкие новости последних недель. Удивительное яблоко, #FuckResponsibleDisclosure, обновленно обещание от Джона и еще что-то. Не пропустите! 00:00:58 #FuckResponsibleDisclosure Sean Brian Townsend https://www.facebook.com/ruheight https://informnapalm.org/uca/ http://usa.mfa.gov.ua/ua/consular-affairs/services/passport 00:07:26 Apple и все все все Why 'blank' Gets You Root https://objective-see.com/blog/blog_0x24.html As Apple fixes macOS root password hole, here's what went wrong http://www.theregister.co.uk/2017/11/29/apple_macos_high_sierra_root_bug_patch/ https://forums.developer.apple.com/thread/79235 https://twitter.com/fristle/status/935670476214378496 Repair file sharing after Security Update 2017-001 for macOS High Sierra 10.13.1 https://support.apple.com/en-us/HT208317 MACOS UPDATE ACCIDENTALLY UNDOES APPLE'S "ROOT" BUG PATCH https://www.wired.com/story/macos-update-undoes-apple-root-bug-patch/ Thousand-dollar iPhone X's Face ID wrecked by '$150 3D-printed mask' https://www.theregis

Немного самых громких новостей последних недель вам в ленту. Тут и кролик, и Алиса, и сладкие истории на ночь. ROCA: Vulnerable RSA Key Generation https://blog.rapid7.com/2017/10/25/roca-vulnerable-rsa-key-generation/ Certificate expiry monitoring, KeyChest for HTTPS, TLS, Letsencrypt expiry and server status https://keychest.net/roca Estonia government locks down ID smartcards: Refresh or else https://www.theregister.co.uk/2017/11/03/estonian_e_id_lockdown/ Threat Spotlight: Follow the Bad Rabbit http://blog.talosintelligence.com/2017/10/bad-rabbit.html BadRabbit Technical Analysis https://www.endgame.com/blog/technical-blog/badrabbit-technical-analysis Bad Rabbit: Not-Petya is back with improved ransomware https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back/ The Shadow Internet – Comae Technologies https://blog.comae.io/the-shadow-internet-d42b7195a118 Fake WhatsApp app in official Google Play Store downloaded by over a million Android users http://securityaffairs.co/wordpress/6515

И снова вместо 300 секунд наши неугомонные ведущие обсуждают новости и события. Присоединяйтесь! A new Mirai-Like IoT Botnet is growing in a new mysterious campaign http://securityaffairs.co/wordpress/64565/malware/new-iot-botnet-growing.html Google launched Google Play Security Reward bug bounty program to protect apps in Play Store http://securityaffairs.co/wordpress/64545/mobile-2/google-play-security-reward.html Equifax website borked again, this time to redirect to fake Flash update https://arstechnica.com/information-technology/2017/10/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update/?amp=1 New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock https://thehackernews.com/2017/10/android-ransomware-pin.html PUBLIC SECURITY ALERT: New Facebook attack - watch out for phishy messages that say you’re a “Trusted Contact” - Access Now https://www.accessnow.org/public-security-alert-new-facebook-attack/ KRACK Attacks: Breaking WPA2 https://www.krackattacks.com/ Y

Intro / Outro Art Of Escapism - The Sands of Windhoek http://freemusicarchive.org/music/Artofescapism/Midnight_Caravan/The_Sands_of_Windhoek В связи с повышением количества атак на цепь поставок (Supply chain), в том числе и обновления, программного обеспечения, наши ведушие Андрей, Алиса, Алексей и Тарас решили разобраться что же это такое и с чем его едят, рассмотреть примеры и варианты, а так же возможные пути защиты и предотвращения. Supply chain https://en.wikipedia.org/wiki/Supply_chain What Is a 'Supply Chain Attack?' https://motherboard.vice.com/en_us/article/d3y48v/what-is-a-supply-chain-attack CCleanup: A Vast Number of Machines at Risk http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html Java security plagued by crappy docs, complex APIs, bad advice https://www.theregister.co.uk/2017/09/29/java_security_plagued_stack_overflow/ Apple Mac fans told: Something smells EFI in your firmware https://www.theregister.co.uk/2017/09/29/mac_firmware_insecurity/ Reflections on Trust

В качестве возвращения и начала нового сезона осень-зима 2017-2018, Андрей и Алиса кратенько прошлись по последним новостям Взлом сайтів в доменій зоні *.gov.ua та помилка у CERT-UA https://goo.gl/A6kJve 4G/5G Wireless Networks as Vulnerable as WiFi and putting SmartCities at Risk http://securityaffairs.co/wordpress/64098/hacking/4g5g-wireless-networks-flaws.html Microsoft silently fixes security holes in Windows 10 – dumps Win 7, 8 out in the cold https://www.theregister.co.uk/2017/10/06/researchers_say_windows_10_patches_punch_holes_in_older_versions/ FIN7 hacking group is switched to new techniques to evade detection http://securityaffairs.co/wordpress/64083/apt/fin7-new-techniques.html VPN logs helped unmask alleged 'net stalker, say feds http://www.theregister.co.uk/2017/10/08/vpn_logs_helped_unmask_alleged_net_stalker_say_feds/ Russian spies used Kaspersky AV to hack NSA staffer, swipe exploit code – new claim http://www.theregister.co.uk/2017/10/05/anonymous_report_russian_spies_used_kaspersky

Intro / Outro Finest Cockles by Blah Blah Blah http://freemusicarchive.org/music/Blah_Blah_Blah/MOONRAKER_5317_1904/Finest_Cockles Интервью с Максимом Тульевым о блокировках и будущем украинского интернета

Intro / Outro I Do Believe I've Had Enough by Zephaniah And The 18 Wheelers http://freemusicarchive.org/music/Zephaniah_And_The_18_Wheelers/Live_On_WFMUs_Honky_Tonk_Radio_Girl_Program_with_Becky_11316/Zephaniah_And_The_18_Wheelers_02_I_Do_Believe_Ive_Had_Enough Big 4 of the top security and privacy conferences: S&P ("Oakland"), NDSS, CCS and USENIX Security. Наука не делается самостоятельно, a нужно учиться у передовых исследований, как они интегрируются с практикой, понимать их уровень, и себя показывать. По-этому, для того кто первый с украинским affiliation опубликует статью на этих конференциях - с меня можно пообещать "коньяк" :) The Network and Distributed System Security Symposium (NDSS) 2017 by Internet Society - http://www.internetsociety.org/events/ndss-symposium/ndss-symposium-2017 > From the keynote speech by J. Alex Halderman: "Want to Know if the Election was Hacked? Look at the Ballots" - https://medium.com/@jhalderm/want-to-know-if-the-election-was-hacked-look-at-the-ballots-c61a6

Intro / Outro Semme Automatic Stay the Course https://www.jamendo.com/track/1421989/stay-the-course 00:00:34 Слухи про блокировки в интернетах ДО их официальной блокировки 00:04:52 Давайте поговорим про фищинг 00:07:40 Google Docs users hit with sophisticated phishing attack https://www.theverge.com/2017/5/3/15534768/google-docs-phishing-attack-share-this-document-with-you-spam 00:08:44 Recruiters considered really harmful: Devs on GitHub hit with booby-trapped fake job emails https://www.theregister.co.uk/2017/03/30/github_devs_malware_mails/ 00:09:47 Получили письмо из налоговой? 00:11:08 __blank в Edge Researcher pwns Charles Darwin to demonstrate Microsoft Edge exploit https://www.scmagazine.com/researcher-pwns-charles-darwin-to-demonstrate-microsoft-edge-exploit/article/652807/ 00:13:16 Захист від фішингу від Британської податкової 00:14:27 https://en.wikipedia.org/wiki/Phishing 00:24:45 В Тернополе в торговом центре мужчина при свидетелях открыл банкомат и похитил оттуда полмиллиона (видео) ht

Intro / Outro Lady We Knew by Cullah http://freemusicarchive.org/music/MC_Cullah/Cullahmity/03_-_Lady_We_Knew Hackers Can Easily Hijack This Dildo Camera and Livestream the Inside of Your Vagina (Or Butt) https://motherboard.vice.com/en_us/article/camera-dildo-svakom-siime-eye-hacked-livestream?utm_source=mbtwitter Teampass http://teampass.net/ Squid: Optimising Web Delivery http://www.squid-cache.org/ SNORT https://www.snort.org/ Suricata https://suricata-ids.org/ pfSense https://www.pfsense.org/ Life and death for Windows: Vista support ends as Creators Update starts to roll out https://www.geekwire.com/2017/microsoft-makes-april-11-a-day-of-life-and-death-for-versions-of-windows-and-office/

Intro / Outro Just Wait by Drake Stafford http://freemusicarchive.org/music/Drake_Stafford/SUNDAY/JUST_WAIT_-_DRAKE_STAFFORD Identity management system https://en.wikipedia.org/wiki/Identity_management_systems Dashlane https://www.dashlane.com TeamPass http://teampass.net/ Microsoft built a special government-approved version of Windows 10 for China https://thenextweb.com/microsoft/2016/03/28/microsoft-windows-10-china/

Intro / Outro StrangeZero - Burnin Star  https://www.jamendo.com/track/1378740/burnin-star 00:03:12 Vault 7: CIA Hacking Tools Revealed https://wikileaks.org/ciav7p1/ Vault 7 Megathread - Technical Analysis & Commentary of the CIA Hacking Tools Leak https://www.reddit.com/r/netsec/comments/5y1pag/vault_7_megathread_technical_analysis_commentary/ 00:06:10 Интервью с Евгением Пилянкевичем. Связаться с Евгением можно по почте eugene@cossacklabs.com или в твиттере @9gunpi Acra https://www.cossacklabs.com/acra/ Work Rules!: Insights from Inside Google That Will Transform How You Live and Lead https://www.amazon.com/Work-Rules-Insights-Inside-Transform/dp/1455554790/ref=asap_bc?ie=UTF8 A Graduate Course in Applied Cryptography https://crypto.stanford.edu/~dabo/cryptobook/

Intro / Outro Brady Harris  - Welcome Me Back https://www.jamendo.com/track/1381589/welcome-me-back 00:01:24 Incident report on memory leak caused by Cloudflare parser bug https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/ Pragmatic thoughts on #CloudBleed https://www.troyhunt.com/pragmatic-thoughts-on-cloudbleed/ 00:11:14 We have broken SHA-1 in practice http://shattered.io/ 00:19:26 KasperskyOS 11-11: в России разработана уникальная операционная система https://hi-tech.mail.ru/news/kaspersky-os-11-11/ 00:23:15 Microsoft forced to issue emergency Flash fix after delaying Windows patches http://www.theverge.com/2017/2/22/14696358/microsoft-security-fix-adobe-flash-february-2017-patch-tuesday 00:30:08 China just made VPNs illegal https://www.engadget.com/2017/01/23/china-vpn-illegal-internet-censorship-government-approval/ An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps https://research.csiro.au/ng/wp-content/uploads/sites/1

Intro / Outro DDmyzik- Gypsy Swing https://www.jamendo.com/track/1369034/gypsy-swing   Про будущее Астории, Tor-client Cipollino: https://arxiv.org/pdf/1605.03596.pdf https://github.com/sbunrg/Astoria   Полная статье по Technical Support Scam: http://securitee.org/files/tss_ndss2017.pdf (о други проектах лаборатории можно узнать на http://pragsec.com)   The full paper about web shells: http://securitee.org/files/webshells_www2016.pdf и немного визуализации на картах можно найти тут: http://www.cyber-investigator.org/cybercrime/on-the-detection-of-malicious-web-shells-and-compromised-websites/   Про PrivacyMeter:  http://www.datatransparencylab.org/grantees2016.html  https://www.youtube.com/watch?v=NW4Z7k71Pn8   Про браузерные дополнения: 1) Our study "Extended Tracking Powers: Measuring the Privacy Diffusion Enabled by Browser Extensions" - на днях появится на http://www.cyber-investigator.org/about/ 2) WOT extension: http://thehackernews.com/2016/11/web-of-trust-addon.html http://news.thewindowsclub.com

Intro / Outro Muciojad - Before I sleep https://www.jamendo.com/track/1406716/before-i-sleep 00:00:44 Best company name ever! Share capital £1, name priceless… https://nakedsecurity.sophos.com/2017/01/06/best-company-name-ever-share-capital-1-name-priceless/ 00:04:07 Bug Bounty anniversary promotion: bigger bounties in January and February https://github.com/blog/2302-bug-bounty-anniversary-promotion-bigger-bounties-in-january-and-february 00:05:13 Немного истории о расскрытии уязвимостей Disclosing vulnerabilities to protect users https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html Charlie Miller and Apple. iPhone Security Bug Lets Innocent-Looking Apps Go Bad http://www.forbes.com/sites/andygreenberg/2011/11/07/iphone-security-bug-lets-innocent-looking-apps-go-bad/#5fd06fe62336 Legal woes http://martin.swende.se/blog/IP-issues.html Fatal flaw found in PricewaterhouseCoopers SAP security software http://www.theregister.co.uk/2016/12/09/fatal_flaw_in_pricewaterhousecoo