Liquidmatrix Security Digest Podcast

Liquidmatrix Security Digest

The Liquidmatrix Security Digest Podcast - Information Security News and Commentary from Professionals.

  1. 07/26/2024

    Liquidmatrix Security Digest Podcast - Episode 7E

    Episode 0x7E The one after the outage... We keep talking about how it's amazing that this is still happening and it really is. But I think we're done with that talk now. I was having a conversation with a CTO at another cloud service provider and he had a poster on his home office wall... "Consistency is what transforms average into excellent." Thanks for being a consistent listener / viewer! Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of (approximately) 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary North Korean Spy Hired by KnowBe4 Mandiant Shines Spotlight on APT45 Behind North Korea's Digital Military Machine Walkin... walking away. Wiz doesn't need Googley Money. Breaches Over 3,000 GitHub accounts used by malware distribution service Meta nukes massive Instagram sextortion network of 63,000 accounts SCADA / Cyber, cyber... etc CrowdStrike CSO Apology. This is how you do this. Much Respect. Mailbag Dear Liquidmatrix I'm fighting with DNS records and SSL certificates and I'm losing my mind. Why is this stuff still so difficult in 2024? Is there anything you can do to help? Love, a frustrated guy Briefly -- NO ARGUING OR DISCUSSION ALLOWED First round of the Sector.ca briefings were released this week. Yes, The Canadian edition of the Fail Panel is back for the 12th time! Anyone can Access Deleted and Private Repository Data on GitHub Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Obviously not here. We don't know where he is. Assume something about the Militant Wing of the Girl Guides. Jamie: - PTO Countdown is real. I'm not obsessing about it... but... I am. Matt: - My calendar is screwed. Wheeeeeee > Advertising - pay the bills... Vulnerable U - The other place you can learn from Matt Closing Thoughts Seacrest Says: You're not the boss of me. I can say whatever I want. It makes me happy to be a butterfly. Creative Commons license: BY-NC-SA

    51 min

  2. 07/23/2024

    Liquidmatrix Security Digest Podcast - Episode 7D

    Episode 0x7D It's just a dream... There's a lot going on as we head into summer here in the northern hemisphere. I think it's pretty cool but also worry a little bit that we're staying too focused on the wrong things. You ever have the feeling that you've bought into the wrong game? Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of (approximately) 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary AT&T Breach and Continuing Snowflake Saga  Nearly all AT&T cell customers call and text records breached The Dark Web - See your The Dark Web footprint for free! US sanctions alleged Russian hackers who claimed attacks on US water facilities Breaches Hollywood Fears of a Major Hack Are Growing  Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages DERP Chromium browser? Google knows more about you than you want. Briefly -- NO ARGUING OR DISCUSSION ALLOWED How to tell if you've been hacked - Great techcrunch article Meshtastic - distributed comms for when the centralized system goes down CloudFlare State of AppSec - 22 min from PoC to exploit. 7% of all traffic is DDoS. 1/3 of all Internet traffic is bots. North Korean Hackers Update BeaverTail Malware to Target MacOS Users Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Summer camp, this fall: Singpore, Ireland, Portugal Jamie: - (insert Griswoldian music here) Matt: - Thanks for everyone who came to SnooSec. Summer Camp! Advertising - pay the bills... Vulnerable U - The other place you can learn from Matt Closing Thoughts Seacrest Says: These kids - they keep growing up damn them. Also, get off my lawn!! Creative Commons license: BY-NC-SA

    36 min

  3. 07/11/2024

    Liquidmatrix Security Digest Podcast - Episode 7C

    Episode 0x7C Yup, this is a habit now. It's all fun and games until somehow you find yourself actually planning and not doing that whole "maybe we will, maybe we won't" thing. It's happening. We're back and making a habit of this! Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of (approximately) 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary Russia forces Apple to remove dozens of VPN apps from App Store   Dark Money tied to war on Apple's encryption OpenAI had an oopsie and forgot to mention it...   But they're also just plain making mistakes at the basics too Hackers reverse-engineer Ticketmaster's barcode system to unlock resales on other platforms Breaches The human cost of breaches at Hospitals - this one is awful Sightline Security for non-profits SCADA / Cyber, cyber... etc A really good assessment of the great Rogers outage of 2022 DERP DON'T LIE ABOUT YOUR BREACHES DAMMIT Mailbag Dear Liquidmatrixes, What's the deal with The Cloud? I really like hugging my servers and I give them special names, how do you hug a cloud? Even better, how do I secure it? Thanks all y'all. Legacy Folk. Just sign up for CloudSLAW Briefly -- NO ARGUING OR DISCUSSION ALLOWED Ollama - run some great LLMs on your laptop Microsoft Midnight Blizzard Saga Continues Eight Nations Issue Warning About Speed Of Chinese Hackers' Operations Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Global News talking about Ticketmaster yesterday Matt: - SnooSec NYC Jamie: - Starlink terminal connection end point... SOMEWHERE. Advertising - pay the bills... Vulnerable U - Mattjay's other news. Sign up or else. Closing Thoughts Seacrest Says: I'm Europe now, very fine. Not worry about my doing well. Creative Commons license: BY-NC-SA

    41 min

  4. 07/05/2024

    Liquidmatrix Security Digest Podcast - Episode 7B

    Episode 0x7B Penta-pod! Five down, we should probably do some more. It seems like people enjoy these things. Or at least our subscribers say so. Why don't you tell your friends! Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of (approximately) 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary No flaws like the old flaws. It's time to MOVEit, MOVEit... AGAIN RockYou2024: 10 billion passwords leaked in the largest compilation of all time Breaches Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers Neiman Marcus confirms data breach, claims Snowflake account was hacked SCADA / Cyber, cyber... etc A group of Rabbit R1 jailbreakers found a massive security flaw DERP regreSSHion - you're supposed to hold on to this until August. Also, cute name and logo is so 10 years ago (Heartbleed was TEN YEARS AGO) Mailbag Hei Liquidmatrix, Are you going to be keeping it up? Especially as it is now summer time. ~Your friends from the blue and yellow furniture store Briefly -- NO ARGUING OR DISCUSSION ALLOWED I did a podcast for work with another CISO who isn't a curmudgeon. You might enjoy. TeamViewer: Hackers copied employee directory and encrypted passwords Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Summer Camp, Singapore in October, IRISCON and Websummit in November James: - The other end of a Starlink connection... in a forest. :) Advertising - pay the bills... MattJay's Vulnerable U - he's got more subscribers than we do. And he's got sponsors and shit. Closing Thoughts Seacrest Says: I'm on a vacation. Leave me alone. Creative Commons license: BY-NC-SA

    35 min

  5. 06/28/2024

    Liquidmatrix Security Digest Podcast - Episode 7A

    Episode 0x7A 4-peat 4-peat! Turns out this is actually habit forming. The weekly venting/ranting is excellent for the spirit! Hope you're able to vent as well. Feel free to scream while listening - it's not weird at all. Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of (approximately) 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary Biden bans Kaspersky - effective July 20. FINALLY. Stolen test data and NHS numbers published by hospital hackers  Information is beautiful - World's Biggest Data Breaches & Hacks Breaches The City of Hamilton breach continues. It's a farce. My property tax dollars going to no good purpose at all. Ongoing since Feb 25, no sign that they're any closer to getting the majority of systems up and running - and $5 million out of the door. Sigh.   The number of systems remaining offline is incredible. I'm pretty sure I could put together a crack team of 5 who could spend evenings and weekends for less than a month to knock out all of this list without extending our recruiting pool past Hamilton and Burlington. Sheesh. Car Dealerships Nationwide Hit by Massive Cyberattack—What It Means for You SCADA / Cyber, cyber... etc / DERP COMBO!!! An Open Letter to Security Vendors - John Masserini (2015) Vendor Rebuf - Andy Ellis (2017) 10 Rules for Cybersecurity Salespeople - Mark Weatherford (2018) Advice to cybersecurity companies selling to CISOs - Patricia Titus (2020) Mailbag Dearest Liquidmatrix, It was so good to hear Jamie lose his ever-lovin' mind last episode. Dave alluded to being cranky during the brieflies. Can you please un-mute him and let us all hear him lose his mind for this episode? THANKS! ~The Entire Internet Briefly -- NO ARGUING OR DISCUSSION ALLOWED Amazing how far software defined radio has come lately - go do some learnin' on your RTL-SDR things Hackers claim to have carried off an enormous data heist on AMD, selling info on employee and customer information, future products and specs Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Summer camp. (also, we will be adding GUESTS in the near future) James: - I'm trapped between Google Workspace, Slack, Jira, Salesforce, and Github. I can't find my way out. Help Advertising -  pay the bills... MattJay's Vulnerable U - he's got more subscribers than we do. And he's got sponsors and shit. Brawndo, the Thirst Mutilator. It's what plants crave. Closing Thoughts Seacrest Says: Inserting an old recording of Matt from early episode. Creative Commons license: BY-NC-SA

    37 min

  6. 06/14/2024

    Liquidmatrix Security Digest Podcast - Episode 79

    Episode 0x79 We have no idea what's going on either... But we're going to keep doing this as long as we can manage to schedule the appointment in our calendars and also show up... Upcoming this week... Lots of News Breaches SCADA / Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary Apple's AI Announcements - Private Cloud Compute But is it ok that there's no money going back and forth... so we are the product? Snowflake to Close Hacking Probe Into Attack Targeting Clients Breaches Chinese hackers breached 20,000 FortiGate systems worldwide DERP Major Data Breach New Section: Jamie Yells at Clouds PLG motion with Enterprise Customers and pushing your AI Feature Set - I'm tired of getting the requests to turn it on and it comes with vague pricing issues. Seriously... so tired. If you want to sell to your Enterprise Customers, how about you have a conversation with the person who signs the OF instead of the people who can't. ARGH. Briefly -- NO ARGUING OR DISCUSSION ALLOWED Bambu Lab Second Anniversary Sale - join us in the melty plastic revolution! Medical-Targeted Ransomware Is Breaking Records After Change Healthcare's $22M Payout China state hackers infected 20,000 Fortinet VPNs, Dutch spy service says Upcoming Appearances:  -- more gratuitous self-promotion Dave: - In will be speaking at the CIO Summit in Toronto James: - Still the forest. I need a break so bad, July can't get here soon enough. Matt:  - Europe - I'M ON A BREAK -- then Vegas... Closing Thoughts Seacrest Says: Have you made your plans for the Solstice? Go long or go short - depends on your latitude. Creative Commons license: BY-NC-SA

    39 min

  7. 06/07/2024

    Liquidmatrix Security Digest Podcast - Episode 78

    Episode 0x78 Surprise AGAIN So... y'all thought it was a flash in the pan... well... we're happy to disappoint you with a brand new episode of the Liquidmatrix Security Digest Podcast. Hold on, it's going to be a wild ride. Upcoming this week... Lots of News Breaches Cyber, cyber... etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary Snowflake (not)breach Surprise, the Canadian Government agency that is supposed to watch for mis- and dis- information says it's happening. And the Members of Parliament are arguing about the validity of the statements. :| PandaBuy pays ransom to hacker only to get extorted again Cyber, cyber... etc So Matt. You hate Chrome. It's all spyware. What's the point? Mailbag Ahoy there, First time mailer, long time listener - I see that you've got the skull thing going on, can I ask you about where the cross bones went? Inquiring minds would like to know. ~ Pirate Steve Briefly -- NO ARGUING OR DISCUSSION ALLOWED Go back and watch some of the old stuff... it's all still so valid it hurts. Microsoft Total Recall Vengeful Club Penguin Hackers Reportedly Steal 2.5 GB of Disney's Data Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Toronto CIO Conference James: - I'm looking forward to an appearance in the forest camping because I'm pretty much completely peopled out. Matt: - Some podcasts and maybe a summer camp appearance. Advertising - pay the bills... Vulnerable U Seacrest Says: It's not the AI. It's not the AI. It's the AI. Sorry. Creative Commons license: BY-NC-SA

    37 min

  8. 06/02/2024

    Liquidmatrix Security Digest Podcast

    Episode 0x77 I'm not cool and neither are you. Ok, so it's been a long time - but we're good :) August 1st 2022 was our last show. The next one is scheduled now for sometime in 2026. Upcoming this week... Lots of News Breaches finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs - no arguing or discussion allowed And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News and Commentary ICQ will Shut Down SOOOOON Hackers are using AI to find software bugs - but there is a downside Breaches Your Mom. DERP Salesforce / Slack AI situation and how it's been handled Mailbag So... Y'all going to actually keep this up? For real this time? ~a concerned patron Briefly -- NO ARGUING OR DISCUSSION ALLOWED Dave: I haz a new job! (a word about hiring market) Jamie: Hey, me too but at the same company. Working my way through the collision of responsibilities. Upcoming Appearances:  -- more gratuitous self-promotion Dave: - Gartner DC James: - You just missed me at Open Source Data Infrastructure Toronto Meetup. I'm trying to avoid doing anything like actual work for the next little while. Closing Thoughts Seacrest Says: Be Vulnerable - it's good for U Creative Commons license: BY-NC-SA

    44 min
See All (100)

4.8
out of 5
13 Ratings

About

The Liquidmatrix Security Digest Podcast - Information Security News and Commentary from Professionals.

Information