Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 295 for Thursday July 5th, 2012

• Register today for Offensive Countermeasures: Defensive Tactics That Actually Work at SANSFIRE July 7, 2012 - July 8, 2012 with the freewheeling, piano playing & bunker building John Strand!

• Episode 300 of PaulDotCom Security Weekly will be recorded and streamed live on Friday August 31st in support of of a cure for Breast Cancer. We will broadcast live from 10am until 6PM Eastern time and the show will feature tech segments, round table discussions and special guests. Mark it on your calendars today!

• The first person to solve the LMG Forensics Contest is Steve B! Steve did an excellent writeup and got the bonus as well. For being the first person to solve the puzzle, Steve will win the a Netgear Powerline AV+ 200 Adapter Kit and a copy of the Network Forensics: Tracking Hackers through Cyberspace book. The grand prize for most elegant solution, the BlackHat Black Card, is still up for grabs!

Interview: Randy Marchany

Randy is the CISO for Virginia Tech and a co-author of the original FBI/SANS Institute "Top 10/20 Internet Security Vulnerabilities" document that has become a standard for most computer security and auditing software. He is the co-author of the SANS Institute's "Responding to DDOS Attacks" document that was prepared at the request of the White House in response to the attacks of 2000. He is also acknowledged as one of the North American masters of the hammer dulcimer.

Tech Segment: TBD

Teasers & Plugs

• Larry is teaching SANS SEC 617 on Wirelss Pwnage, check out Larry's very own dedicated page on the SANS web site for a complete list, Next up is SANS at Syndey in November.
• Larry will be delivering the Keynote at Hack3rcon^3 Doomsday Eve. Hackers and prepping, what could be better?

Teasers & Plugs

• DerbyCon Call for Papers and Ticket Registration is: available online. If you have not yet registered or submitted a talk, please do so now.

• Episode 296 will feature interviews with Ben & Lawrence of the Pentesticles Blog

Stories

Teasers & Plugs

• Security BSides everywhere: Cleveland, Las Vegas, Los Angeles more. http://www.securitybsides.com/ - We have 5 BSides tickets (only 3 left) to give away! Listen to the instructions at the end of Episode 282 for complete details, or submit a technical segement!

Paul's Stories

Larry's Stories

Jack's Totally Rad Stories

1. Ramon Krikken responds to the backlash against his WAF comments. Worth a read, he makes some good points, and doesn't simply cop out and blame the journalist for the tome of the article.
2. Twitter Transparency Report An interesting look at requests for user information, and takedown/removal requests received by Twitter.
3. Feeble data breach bill is feeble It may sound good, but it isn't. This would preempt data breach laws in 49 US states and territories, and doesn't even set a deadline for disclosure. This is A Very Bad thing disguised as a good thing.
4. But there is a move to strengthen SEC reporting laws At least Sen. Rockefeller thinks we need more real disclosure.