Security Headlines Firo Solutions
-
- News
Security Headlines is a podcast about the latest
security vulnerabilities with in the cyber security field.
So if your interested about the latest security
holes no mather if you are a tech savy penetration tester,
a devops person, a programmer or just generally interested
in the latest technology security news.
Security headlines is here for you
Security headlines is perfect to listen on when you want a quick update, on the
way to work or when you are taking a walk out side
The podcast is produced by firosolutions.com
-
Introducing Hacker Talk
Subscribe to Hacker Talk and listen to the latest episodes at:
https://anchor.fm/hacker-talk -
Fuzzing with Patrick Ventuzelo
In this episode of Security Headlines we deep dive into fuzzing with Patrick Ventuzelo.
topics that we cover:
being niched in cyber security
patricks background, doing pentests on telecom networks, doing security research on the android kernel for the french DoD, reverse engineering, development
Zero days in the android kernel
choicing a target when fuzzing
blackbox and whitebox fuzzing
fuzzing golang projects
fuzzing rust projects
setting up fuzzing enviroments
webassembly security
fuzzing webassembly
invalid web assembly opcodes
the next generation of browser exploits
javascript runtimes
exploiting webassembly in the browser
fuzzing blockchain applications
how to write a fuzzer
what to look for while fuzzing
fuzzing javascript
writing fuzzers in python
ataris fuzzer for python code
libfuzzer
llvm
analysing code repositories and finding bad patterns
golang built in fuzzing(go-fuzz, fuzzing draft)
fuzzing ethereum solidity smart contracts
fuzz bench by google
fuzzing the android kernel
beacon fuzz
reporting security bugs
github security advisory
favorite security conferences
External links:
https://fuzzinglabs.com/
http://stackoverflow.com/questions/43153964/ddg#43154559
https://www.youtube.com/channel/UCGD1Qt2jgnFRjrfAITGdNfQ
telegram fuzzlab lab
https://googleprojectzero.blogspot.com/2021/01/in-wild-series-chrome-exploits.html -
Osint Special with Jay Townsend
In this episode of Security Headlines, we are joined by Jay Townsend who is
maintaining several infosec tools such as the harvester and discover.
The harvester is a very popular tool for doing Osint analysis. Tune into this episode
as we deep dive into Osint, the opensource information gathering realms.
In this episode we cover:
what is osint and how can we use it?
discover, lee baird
the harvester
dnsrecon
bash
python
backtrack
wifi security, wep
wifi pineapple, bash bunny, hack5
hack the box, try hack me, hack this site.org
sysadmin, ansible
finding passwords in log files
how to apply security hardenings, systemctl hardenings
running weekly security scans
bug bounties
penetration tests
finding old applications in production
burpsuit
using the harvester
harvester in kali linux, parrotsec, blackarch and debian
porting the harvester to python 3
screen-shooting websites with the harvester
hidden features in the harvester
fierce dns hacking
dnsrecon
how to perform osint analysis on yourself and others
how to protect yourself against osint attacks
using throw away email addresses
how to use osint during penetration tests
python development
docker
linux firmware, wifi drivers
visual code
the latest windows exploits
Links:
https://en.wikipedia.org/wiki/PyCharm
https://www.parrotsec.org/
https://github.com/leebaird
https://www.youtube.com/watch?v=F9UZdPokkhw
https://github.com/laramies/theHarvester
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workaround-for-windows-10-serioussam-vulnerability/
https://en.wikipedia.org/wiki/Open-source_intelligence
https://twitter.com/jay_townsend1
https://bloodhound.readthedocs.io/en/latest/
https://www.ansible.com/ -
Security Headlines with Kolja Weber
In this episode of Security Headlines, Kolja Weber the creator of flokinet.is joins us.
In this episode we talk about:
flokinet
internet privacy
german pirate party
internet privacy laws
Iceland
starting an internet service provider
running an internet service provider
ipv4 addresses
adoption of privacy friendly tools
handling abuse requests
starting an internet service provider
RIPE
denial of service attacks
mitigating denial of service attacks
starting a privacy focused internet service provider
DNS amplification attacks
security
free speech
adoption of https, starttls and dkim
external links:
https://flokinet.is
https://twitter.com/frelsisbaratta
https://www.afrinic.net/
https://ripe.net
https://en.wikipedia.org/wiki/RIPE_NCC
https://en.wikipedia.org/wiki/AFRINIC
https://letsencrypt.org/
https://www.qubes-os.org/ -
ChalmersCTF with Michael Dubell
In this episode of Security Headlines, we are joined by Michael Dubell who co-founded Sweden's first student security
capture the flag team. What is capture the flag and how do you play it? How can you into hacking through the doors of playing
ctf's? Michael started playing around with security as a teenager and the journey led him the capture the flag team, known
as "ChalmersCTF".
Today, Michael is working with security during the day, and during the night he is developing the soon to
be released "bountrystrike"(which you can find on bountystrike.io) tool.
Tune in as we talk about CTF, and a lot more!
In this episode we cover:
halo one online
wallhack
war games
hacking on forums
hack this site
over the wire
https://www.hellboundhackers.org/
chalmers
chalmers CTF
how to start a "capture the flag" team
organizing capture the flag meetups
beginner ctfs
over the wire
the capture the flag scene in Sweden
over the wire
whitebox pentesting
bug bounties
automating scanning and automating bug bounties
vulnerability management
finding bugs in bug bounty programs
## External links:
https://github.com/search?q=capture%20the%20flag%20writeups&type=Everything&repo=&langOverride=&start_value=1
https://github.com/zardus/ctf-tools
https://ctftime.org
https://chalmersctf.se/
https://overthewire.org
https://twitter.com/StevenVanAcker
https://bountystrike.io/
https://dubell.io/ -
Security Headlines with Antoine Jacoutot
In this episode of Security Headlines, we are joined by one of the minds behind the OpenBSD project, Antoine Jacoutot. He is responsible
for porting over 300 packages into OpenBSD. He is also involved in syspatch which handles security binary upgrades for OpenBSD.
Tune in, as we talk about development, security, programming, OpenBSD and a lot more!
## Topics that we cover:
OpenBSD's community
opensource
rcctl
init systems
classic BSD
background daemons in OpenBSD
OpenBSD desktops in the wild
companies running OpenBSD
writing shellcode
openup
binary patches in OpenBSD
How OpenBSD handle security issues
how security binary patches are carried out.
syspatch
porting software to OpenBSD
Gnome on OpenBSD
OpenBSDs future with Amazon AWS
sysmerge
submitting feature requests to OpenBSD
tmux
advice for first-time OpenBSD users
## External links:
https://www.OpenBSD.org/errata.html
https://bsdfrog.org/
https://twitter.com/ajacoutot
https://OpenBSD.org
https://gnome.org
https://www.OpenBSD.org/faq/ports/ports.html
https://man.OpenBSD.org/syspatch
https://man.OpenBSD.org/sysmerge
https://github.com/ajacoutot
https://man.OpenBSD.org/rcctl