Securit13 Podcast

Intro / Outro Vivienne Mort - ГГПТКН https://www.youtube.com/watch?v=mf7lFcOraVw 00:02:13 The FBI Drops Its Case Against Apple After Finding a Way Into That iPhone http://goo.gl/M96YTK iOS forensics expert’s theory: FBI will hack shooter’s phone by mirroring storage http://goo.gl/6j2wSl 00:05:54 Apple's fruitless rootless security broken by code that fits in a tweet http://goo.gl/5d0aI7 00:09:37 About the Panama Papers http://goo.gl/LmVx8I 00:14:39 Hack Brief: Turkey Breach Spills Info on More Than Half Its Citizens http://goo.gl/9rXh38 00:15:13 Megabreach: 55 MILLION voters' details leaked in Philippines http://goo.gl/kh4Amj 00:18:00 Costa Rica launches investigation after reports hackers ‘rigged’ 2014 election http://goo.gl/GZm656 00:21:04 BlaBlaCar & Uber 00:23:59 Why Hospitals Are the Perfect Targets for Ransomware http://goo.gl/4Yvtjk 1,400+ Vulnerabilities Identified in Medical Supply System https://goo.gl/adrm0n 00:28:52 Meet the new ransomware that knows where you live http://goo.gl/BvMp09 00:30:2

В этом эпизоде Виктор Жора рассказал о тонкостях установления кибер *бинго* стратегии Украины. Intro / Outro Somewhere by spinmeister http://dig.ccmixter.org/files/spinmeister/53428 Про рішення Ради національної безпеки і оборони України від 27 січня 2016 року "Про Стратегію кібербезпеки України" http://www.president.gov.ua/documents/962016-19836 Киберполиция Украины https://vk.com/club104704813

Intro / Outro Lies apemix by apeskinny http://dig.ccmixter.org/files/jellyman3/15118 00:01:31 OpenNews: Внеплановое обновление Java SE 8u77 с устранением опасной уязвимости http://goo.gl/gNiz0f 00:02:06 Bangladesh gets FBI help on bank heist, cyber expert missing http://goo.gl/2uPYn2 00:03:04 Researchers find hole in SIP, Apple’s newest protection feature http://goo.gl/R9Kj7X 00:04:20 The Law is Clear: The FBI Cannot Make Apple Rewrite its OS https://goo.gl/7mqZER The Most Embarrassing Fact Checks Apple Gave the FBI http://goo.gl/Y8Z29K Government Calls Apple’s iPhone Arguments in San Bernardino Case a ‘Diversion’ http://goo.gl/pmPDs5 Former cyber czar says NSA could crack the San Bernadino shooter’s phone http://goo.gl/33X4jK Israeli biz fingered as the FBI's iPhone cracker http://goo.gl/eUkOET 00:07:15 Report: Apple designing its own servers to avoid snooping http://goo.gl/phr5So 00:08:56 How Rowhammer Could Be Used to Exploit Weaknesses in Computer Hardware (pdf) http://www.thirdio.com/rowhammer.pdf 00:10

Intro / Outro Texasradiofish - It's a Good Day http://dig.ccmixter.org/files/texasradiofish/53328 00:00:58 Skype co-founder launches ultra-private messaging, with video http://goo.gl/7Kx4ZJ ChaCha (pdf) https://cr.yp.to/chacha/chacha-20080128.pdf 00:02:27 Top iPhone Hackers Ask Court to Protect Apple From the FBI http://goo.gl/4y1Ydp John McAfee better prepare to eat a shoe because he doesn’t know how iPhones work http://goo.gl/gaqx1M John McAfee tells Ars he’s fighting a lonely battle, but he’s not lying http://goo.gl/qI2CHQ One of the FBI’s Major Claims in the iPhone Case Is Fraudulent https://t.co/t2JHOLK8iU 00:10:33 Exim < 4.86.2 Local Root Privilege Escalation http://seclists.org/fulldisclosure/2016/Mar/32 00:11:24 Hacker 'Guccifer' extradited to US http://goo.gl/EJxEsG 00:12:27 Romanian ATM hacker exploits vulnerability in FENCE, escapes jail http://goo.gl/JGHKH6 00:13:41 ATM Hackers Have Reached Whole New Level https://goo.gl/78f6yC You'd Never Spot These Hidden Card Skimmers That Are on the Rise http:

Intro / Outro Get Money by Blake http://dig.ccmixter.org/files/blakeht/27438  В этом эпизоде Павел Кравченко рассказал о bitcoin, blockchain и децентрализованных аукционах. Третье поколение электронных аукционов как разгром государственной монополии http://goo.gl/XQChJP Мануал по приєднанню платформи до аукціона https://goo.gl/lG4Q9l РАСПРЕДЕЛЁННАЯ СИСТЕМА BLOCKCHAIN-АУКЦИОНА https://goo.gl/vjZs5f The World’s First State Auction on the Blockchain Being Tested in Ukraine http://goo.gl/QJzdoB The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers http://goo.gl/291tKp Безумно просто http://goo.gl/Seyw0I Связаться с Павлом можно по скайпу ideateam_macuser Видео запись эпизода на нашем канале https://www.youtube.com/channel/UCGYHYOm_J3zpyE5jCNzAHJg

Intro / Outro Степ - Бум-Бум - все в нас є https://www.youtube.com/watch?v=UjG-W9-pHiE 00:01:45 Apple, The FBI And iPhone Encryption: A Look At What's At Stake http://goo.gl/UyYXbd Why You Should Care About Apple’s Fight With the FBI http://goo.gl/7n6Ckc Judge Forces Apple to Help Unlock Terror Shooter's iPhone https://goo.gl/pg8pnB No, A Judge Did Not Just Order Apple To Break Encryption On San Bernardino Shooter's iPhone, But To Create A New Backdoor | Techdirt https://goo.gl/ed5sT5 The FBI’s attack on Apple could force Congress to rule on encryption http://goo.gl/809jtw Customer Letter - Apple https://www.apple.com/customer-letter/ Judge Demands that Apple Backdoor an iPhone https://goo.gl/FNxUeu Why Tim Cook is wrong about the iPhone 'back door': A privacy advocate's view http://reg.cx/2jWm Encryption is under attack. https://www.google.com/takeaction/issue/encryption/ Not a Slippery Slope, but a Jump off the Cliff https://goo.gl/2M7xj7 Apple vs the FBI - a plain English guide - BBC News http://goo.gl/tFf

Alice, Victor Zhora and Kostiantyn Korsun talked with Kenneth Geers about his book Cyber war in perspective (pdf) https://goo.gl/RjPuqU, how can Ukraine to be a leader in cyber security, conflicts in Ukraine and Syria with perspective on cyber space and other questions. Kennet's twitter is @KennethGeers Intro / Outro Grapes - I dunno http://dig.ccmixter.org/files/grapes/16626 Видео-запись интервью на нашем канале https://www.youtube.com/channel/UCGYHYOm_J3zpyE5jCNzAHJg

Intro / Outro Alex - Drive http://dig.ccmixter.org/files/AlexBeroza/43098 0:01:54 Чтобы превратить iPhone в "кирпич", достаточно сменить системную дату на 1 января 1970 года - ITC.ua http://goo.gl/TblQCe 0:04:23 There's a lot of vulnerable OS X applications out there. https://goo.gl/OLWEiy VLC unsigned updates over http https://goo.gl/OIevQP 0:09:09 Fake Flash Player Update Infects Macs with Scareware https://goo.gl/5uhPXG 0:10:09 Nexus Security Bulletin - February 2016 http://goo.gl/lDS1ZV Google fixes multiple Wi-Fi flaws, mediaserver bugs in Android http://goo.gl/zESjhg Google plugs Android vulns http://goo.gl/eX6Lbm 0:10:47 Google calls out Comodo's Chromodo Chrome-knockoff as insecure crapware http://goo.gl/OrTlUv 0:12:02 Every version of Windows hit by 'critical' security vulnerability http://goo.gl/gYVDPY 0:12:52 Опубликованы новые подробности о том, как троян BlackEnergy атакует Украину https://goo.gl/5GbPmR Міненерговугілля має намір утворити групу за участю представників усіх енергетичних компаній,

Intro/ Outro Time (cdk Give Me Some Dubstep Extended Mix) http://dig.ccmixter.org/files/cdk/50693 0:00:51 Продовжено роботу групи з вивчення причин тимчасового збою в роботі систем енергопостачальних компаній, що мали місце 23 грудня 2015 року http://goo.gl/ZJyUrh Повна новина http://goo.gl/jgX1Ez Атака на энергетические объекты 19-20 января 2016 года. Постфактум https://goo.gl/QUuEbA Techie on the ground disputes BlackEnergy Ukraine power outage story http://goo.gl/TEP9Lg Steinitz: Israel’s Electric Authority hit by ‘severe’ cyber-attack http://goo.gl/EennWL 0:07:48 Secret SSH backdoor in Fortinet hardware found in more products http://goo.gl/dLlF7J Fortinet SSH vulnerability more widespread than thought http://goo.gl/4eVqOn 0:14:15 NSA Helped British Spies Find Security Holes In Juniper Firewalls https://goo.gl/euULKA 0:17:28 В ядре Linux обнаружена уязвимость, позволяющая поднять привилегии в системе http://goo.gl/B8f4DC Analysis and Exploitation of a Linux Kernel Vulnerability (CVE-2016-0728) http://goo.g

Intro / Outro BRUTTO - Просперо (Piano Cover) https://www.youtube.com/watch?v=NwsISaGo_PU 00:03:31 Интервью с Виктором Жорой об атаке на объекты электроэнергетики УкраиныПричиною вчорашнього знеструмлення половини Івано-Франківщини була хакерська атака http://goo.gl/yxFlrD СБУ попередила спробу російських спецслужб вивести з ладу об'єкти енергетики України http://goo.gl/px5umB First known hacker-caused power outage signals troubling escalation http://goo.gl/KxqQsf Хакери погрожують українським енергомережам. За кібератакою на обленерго читається російський почерк http://goo.gl/PG3Gxk США підозрюють Росію у причетності до кібератак на електромережі України http://goo.gl/GPtka5 Malware 'clearly' behind Ukraine power outage, SANS utility expert says http://goo.gl/s4DGoc iSIGHT Partners: Sandworm Team and the Ukrainian Power Authority Attacks http://www.isightpartners.com/?p=5305 Троян BlackEnergy используется в кибератаках на СМИ и промышленные объекты Украины http://goo.gl/bUKvOG BlackEnergy Disrupt Matrix - SO

Intro / Outro Run The Jewels - A Christmas F*cking Miracle https://www.youtube.com/watch?v=OQ5rI461KNE 0:02:41 Bitcoin's Creator Satoshi Nakamoto Is Probably This Unknown Australian Genius http://goo.gl/uDsciu Satoshi Nakamoto Not Eligible For Nobel Prize - CCN: Financial Bitcoin & Cryptocurrency News https://t.co/bPqMWsznSK?ssr=true Time To Call A Hoax? Inconsistencies On 'Probable' Bitcoin Creator's PhD And Supercomputers Revealed http://goo.gl/6oYsmQ 0:06:16 If you are using TrueCrypt you should stop.  Hashcat is now optimized to crack TrueCrypt volumes. http://ow.ly/VGS0O 0:07:03 How the AM hack changed the victims’ lives https://t.co/YFWfXHranh?ssr=true 0:08:14 Hacker Confirms PlayStation 4 Jailbreak! Exploit Could Open Doors for Pirated Games http://goo.gl/hWsbNr Hacking the PS4, part 2 https://cturt.github.io/ps4-2.html 0:09:16 Unauthorized code in Juniper ScreenOS allows for administrative access https://goo.gl/DYccDI 0:11:40 Back to 28: Grub2 Authentication 0-Day http://goo.gl/YPWQfV Критическая

Intro / Outro Naughty By Nature Ft. Kate Nauta - Name Game https://www.youtube.com/watch?v=OY5YZFpwKVk 0:02:03 Kaspersky Antivirus Certificate handling path traversal https://goo.gl/90KDvl 0:03:40 CVE-2015-6357: FirePWNER Exploit for Cisco FireSIGHT Management Center SSL Validation Vulnerability http://goo.gl/ZlyXbH 0:05:23 Dell ships laptops with rouge CA Lenovo style  http://goo.gl/VqaRDS Dell apologizes for HTTPS certificate fiasco, provides removal tool http://goo.gl/3QMaSP 0:06:08 Amazon suffers potential password leak, unknown number of accounts affected http://goo.gl/NO2TrV Amazon data breach rumours spread as passwords are reset on some accounts https://goo.gl/Xv7NAA 0:06:33 At 11:59pm EST on Sunday, the NSA will stop in-house phone metadata collection http://goo.gl/vTM9NN The secret message hidden in every HTTP/2 connection: HTTP Verb "PRISM" http://goo.gl/gs6ECH 0:06:44 Казахстан внедряет свой CA для прослушивания всего TLS-трафика http://habrahabr.ru/post/272207/ 0:09:34 Комментарий Евгения Шульги

Intro / Outro Wang Rong Rollin - Chick Chick https://www.youtube.com/watch?v=mxzgwJ8tSE0 02:40 Here’s a Spy Firm’s Price List for Secret Hacker Techniques http://goo.gl/ahgdl8 04:30 Google Is Fixing a Dangerous Gmail Bug That Could Let Others Impersonate You http://goo.gl/gA6cgo 05:48 http://securityreactions.tumblr.com/post/133077996442/showing-to-client-an-exploit-that-worked-yesterday 05:59 Hacker fakes German minister's fingerprints using photos of her hands http://goo.gl/Aw1TOc 09:43 Основатель Bitcoin Foundation Ukraine доказал в суде незаконность изъятия техники при обыске у него дома http://goo.gl/qaNS6K 12:41 Hacker Group Anonymous Announces 'Biggest Operation' Against ISIS After Paris Attacks https://t.co/ZUZQjOsRZS?ssr=true 15:44 Кабмин "завернул" законопроект НКРСИ "Об электронных коммуникациях" - InternetUA http://goo.gl/mXjBYg 16:35 FBI denies paying $1 million to unmask Tor users http://goo.gl/2Ru3CP 17:06 Nmap 7 Released https://nmap.org/7/ 18:35 Cyberattacks are again used in a hybrid warfa

Intro / Outro Був’є – Стіна https://www.youtube.com/watch?v=4EWcKr5ei7Y CloudFlare is a free global CDN and DNS provider that can speed up and protect any site online https://www.cloudflare.com/dnssec/ Op-ed: (How) did they break Diffie-Hellman? http://goo.gl/nB7pXy Ransomware Now Gunning for Your Web Sites https://t.co/FQYuhUM813?ssr=true Linux Ransomware Debut Fails on Predictable Encryption Key http://goo.gl/OO4lD3 Let me tell you about Wireshark 2.0 https://goo.gl/AvMyNe Windows 3.1 Is Still Alive, And It Just Killed a French Airport https://goo.gl/mevwFB Oracle now keeps all EU data within EU borders to avoid Safe Harbour problems http://goo.gl/fjI3oi Halloween security breach https://goo.gl/V4ZgFN Updates to Chrome platform support http://goo.gl/MgIpTW Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege https://goo.gl/66lgfl The Secret Service Agent Who Collared Cybercrooks by Selling Them Fake IDs http://www.wired.com/2013/07/open-market/

Intro / Outro Dubioza kolektiv - Free.mp3 (The Pirate Bay Song) https://www.youtube.com/watch?v=EuQLMXyGQOE KeePass https://goo.gl/VtKzFW Freedome https://www.f-secure.com/en/web/home_global/freedome Take 5 minutes and up your opsec game with Tor Messenger http://goo.gl/KmwjSS Короткая история времени http://www.bookland.com/ukr/books/3341669 Hackers gonna hack, but why? Maybe Freud has the answer http://goo.gl/wBLMbz (публикация и твитт удалены) OWASP-UKRAINE LVIV MEETUP http://goo.gl/7uSdFS Hack-it https://www.youtube.com/watch?v=sbrAZ-lC3U8 Во Львовской ОГА уволили пользовавшегося почтой mail.ru чиновника http://goo.gl/rlejON В правительстве решили отделить свой Интернет от провайдеров http://goo.gl/0PQddZ Somebody Just Claimed a $1 Million Bounty for Hacking the iPhone http://goo.gl/UdBg63 TalkTalk Hackers Demanded £80K in Bitcoin http://goo.gl/vTbOcw A 15-year-old boy Arrested in connection with #TalkTalk Cyber Attack http://goo.gl/PPkonk TalkTalk breach: CEO dismisses encryption, 15-year-old arrested ht

Intro / Outro Пустельник - Піккардійська терція https://www.youtube.com/watch?v=1Jd8Y8xvbjA Linux for kids http://qimo4kids.com/download/ Интервью с Дмитрием Пономеревым о Lockpicking Lockpicking wiki http://www.lockwiki.com/index.php/Lockpicking Одни из лучших образовательных видео, чувак реально доходчиво объясняет и адекватное качество картинки, а не пиксели: https://www.youtube.com/user/bosnianbill Например: Building Your First Lock Pick Kit https://www.youtube.com/watch?v=nYOTJh7NV68 Improve Your Lock Picking Skills (for Beginners) https://www.youtube.com/watch?v=fI7Lx-73lU0 Building Your First Lock Pick Kit https://www.youtube.com/watch?v=nYOTJh7NV68 How to Detect and Beat Spool Pins (for Beginners) https://www.youtube.com/watch?v=d3H2rK-3FaQ Вендоры: http://www.sparrowslockpicks.com/ https://www.southord.com/ https://www.thinkpeterson.com/ https://www.youtube.com/watch?v=UOlJHiY4NJg https://www.youtube.com/watch?v=xFEa_j3D97E  (тут называется Raking, но по-идее,это zipping ) SPP https://www.youtube.com

Intro / Outro Mt Eden DnB and Imogen Heap - The walk https://www.youtube.com/watch?v=bzxI0BbEVdA&list=PL9CDAF3A7B5B6D344&index=46 Yahoo wants to kill passwords with revamped Mail app http://goo.gl/YlFZkK Two-Factor Authentication - Duo Security https://www.duosecurity.com/ Интернет-омбудсмен увидел вред для РФ от вложений в IT-специалистов http://goo.gl/sy7lX6 UISGCon 11 CFP https://11.uisgcon.org/ua/call-papers Интервью с Евгением Пилянкевичем о проекте Themis https://cossacklabs.com/themis.html Блог https://www.cossacklabs.com/blog.html и твиттер https://twitter.com/cossacklabs компании Даниэль Канеман “Думай медленно... решай быстро” https://goo.gl/jciKEV John McAfee Launches Presidential Bid With Surprisingly Low Key Video http://goo.gl/oDcswO China arrests hacking suspects on behalf of the US http://t.co/TR6LKmv1OV?ssr=true Створення кіберполіції https://goo.gl/nldK6s Вимоги до інспекторів та спецагентів http://goo.gl/OqtcFY What’s in a Boarding Pass Barcode? A Lot http://goo.gl/e4kFpj Migrate to

Intro / Outro Гуцул Калiпсо - Звiзда https://www.youtube.com/watch?v=5NDIJLOS3VM Интервью с Игорем Блюменталем. Связаться можно с помощью facebook или twitter Bugsheet. Bug Bounties & Disclosure Programs http://bugsheet.com/directory Cobalt https://cobalt.io/programs Hackerone https://hackerone.com/ Первая всеукраинская олимпиада и форум по кибербезопасности http://www.hackit-ukraine.com/ SYNful Knock - A Cisco router implant - Part I https://goo.gl/yQKUw6 IoT vigilante Linux.Wifatch 'malware' may be patching up security flaws http://goo.gl/omNGX8 You should traceroute bad.horse right now http://goo.gl/KGM4vV and https://twitter.com/mikko/status/648227292821487616 President Obama says the U.S. and China have agreed to broad anti-hacking principles http://bloom.bg/1Muxe2a Analysis: China-US hacking accord is tall on rhetoric, short on substance http://goo.gl/4E0X1J The Cost of Mobile Ads on 50 News Websites http://goo.gl/TXz8F5 Patreon was warned of serious website flaw 5 days before it was hacked http://g

Intro / Outro DJ Orkidea - Beautiful https://goo.gl/xba4Cx Да здравствует UISGCon 11! https://11.uisgcon.org/ Мосгорсуд взыскал с Google 50 тысяч рублей за чтение личной переписки http://ria.ru/incidents/20150916/1255277367.html iOS Ad-Blocking Apps Top Apple Inc.'s App Store Paid List Shortly After iOS 9 Launch http://goo.gl/eSmnFl Ex-Ashley Madison CTO Threatens Libel Suit http://goo.gl/ZuA7C2 Ashley Madison passwords like “thisiswrong” tap cheaters’ guilt and denial http://goo.gl/tqDfpz Researcher discloses zero-day vulnerability in FireEye http://goo.gl/XNp3o6 FireEye, Kaspersky hit with zero-day flaw claims http://goo.gl/lyQgij FireEye 0day details (as much of them as legally possible) https://t.co/lFXTwFagA5?ssr=true Stagefrightened? http://goo.gl/jPwBb2 Android 5.x Lockscreen Bypass (CVE-2015-3860) http://goo.gl/VboNqC iOS 8.4.1 AirDrop Exploit Demo https://www.youtube.com/watch?v=j3JODDmk2Hs FBI: $1.2B Lost to Business Email Scams http://goo.gl/DX4IYH BitPay Hacked, 5 000 Bitcoins Stolen - CCN: Fi

Intro / Outro ELEPHANT - Moon https://soundcloud.com/user-612343039/elephant-moon A New Encryption Standard of Ukraine: The Kalyna Block Cipher https://eprint.iacr.org/2015/650 Держспецзв'язку впроваджує нові стандарти криптографічного захисту інформації http://goo.gl/0Rj22Y База патентів України. Спосіб шифрування двійкових блоків даних http://goo.gl/vvmZ78 A Meet-in-the-Middle Attack on Reduced-Round Kalyna-b=2b (pdf) https://eprint.iacr.org/2015/762.pdf Быстродействие http://ko.com.ua/files/u125/kalyna_1.jpg Kupyna http://www.slideshare.net/oliynykov/kupyna Who Hacked Ashley Madison? http://t.co/zKb5r3dbcZ?ssr=true Exposed Ashley Madison members targeted by scammers and extortionists http://t.co/V6OuEBttWk?ssr=true Troy Hunt: Here’s what Ashley Madison members have told me http://goo.gl/HS768U Ashley Madison execs hacked competitors, wrote screenplay http://t.co/dy0n9S0sVf?ssr=true Ashley Madison faces proposed class-action suit over half-deleted data http://t.co/DVQB60hPHt?ssr=true Lessons learned from c