Welcome to Security Explained, where we strive to make the complex realm of cyber security better understood by everyone. Join our three hackers / hosts Christopher Grayson, Drew Porter, and Logan Lamb for approachable conversation and a few laughs on the world of hackers, how to think about privacy and security in today's rapidly changing world, and how to keep yourself and your loved ones safe.
When Confluence and Windows Go Bad
It's the last episode of our fourth season! The security gods were kind to us and gave us a softball with some exploits that are in the news recently; code execution in Confluence and a new ms-msdt code execution exploit in Windows. Lastly, we talk about preparations for DEF CON (we hope to see you there)!
We've loved his journey so far and are so thankful to have you all as listeners. Come say hi at DEF CON and grab a beer with us.
- Windows ms-msdt PoC - https://gist.github.com/tothi/66290a42896a97920055e50128c9f040
- Confluence OGNL Injection PoC - https://github.com/Nwqda/CVE-2022-26134
Anatomy of a Hack!
We directly address the question of how hacking actually works by going through some of the underlying issues that contribute to a hack, tell hacking stories, then wrap up with a very brief explanation of the differences with state sponsored hacking!
https://xkcd.com/327/ - Little Bobby Tables
https://www.saleae.com/ - Example Logic Analyzer
Security In The News May 2022
We cover 3 security related news events as well as 1 space related news event in this weeks episode.
From ransomware to NASA sending nudes into space, get your download of news that sparked our interest in this episode.
Radio Security & Ukraine
Join us as we discuss the black magic of radio communications! What is a radio? Why do phones have so many of them? After covering the basics of radio we delve into radio security (confidentiality/availability/integrity) and its implications with the war in Ukraine.
Privacy Rights and Legislation (CCPA & GDPR)
How inclined are you to use tobacco? What were your salaries at your previous jobs? Your family and friends may not know, but data brokers sure do!
Join us as we discuss CCPA and GDPR, two foundational privacy laws which lay the groundwork for taking back our privacy. We discuss actions citizens of California and EU can take to exercise the rights afforded to them under their respective laws.
Later in the conversation we discuss privacy as a human right, the impact of surveillance capitalism on our everyday actions, and possible ways of unwinding the assimilation of your private data into large machine learning models.
Links from the show:
Oofta - The Okta Breach
It's been a bit over a week since some troublesome photos were posted to Twitter that appeared to show a breach of Okta's administrative portal. In the days since there have been a number of statements from Okta that leave us... disappointed to say the least. When you're such a critical part of modern digital infrastructure (and a security product to boot) one would hope that a breach and the remediation process would be handled with diligence and care. That doesn't seem to be the case here.
Join us as we talk about Oofta, our new tag line for the Okta breach.
- Okta "We Made a Mistake" - https://www.bleepingcomputer.com/news/security/okta-we-made-a-mistake-delaying-the-lapsus-hack-disclosure/
- Okta Breach FAQ - https://support.okta.com/help/s/article/Frequently-Asked-Questions-Regarding-January-2022-Compromise?language=en_US
- Mandiant Forensic Report for Okta Breach - https://twitter.com/BillDemirkapi/status/1508527487655067660
- KrebsOnSecurity A Closer Look at the LAPSUS Group - https://krebsonsecurity.com/2022/03/a-closer-look-at-the-lapsus-data-extortion-group/
Great topics and easy to understand
A podcast for those who want to know more about security but are not techies.
Provides great points and fresh protectives not heard in other podcast or even the corporate media.
I enjoy every episode and love learning more every time I listen.
This podcast is great! These guys really know what they’re talking about, super thought provoking and helpful.
I love this podcast! 🙂