Episode318

From Security Weekly Wiki
Jump to navigationJump to search


Episode Media

Episode 318

MP3

Test:

Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 318 for Thursday January 31st, 2013

  • Security BSides Rhode Island HUGE ticket announcement
  • New tech segment on SQL injection and PHP at http://pauldotcom.com by intern Patrick Laverty - "From '1' to Pwned: Using SQL Injection and PHP to Own the Box"

SANS is running a special promotion for Forensic Online courses.

To learn more about the 15% discount on online forensic classes, visit SANS Specials Training page, which will also tell you how to access the many FREE forensic resources available from SANS. Hurry, the discount will only be valid through February 20.

Interview: Dr. Gene Spafford

Dr. Spafford is one of the senior, most recognized leaders in the field of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security and intelligence, education, cybercrime and computing policy to a number of major companies, law enforcement organizations, academic and government agencies... [With over three decades of experience as a researcher and instructor, Professor Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy, and computing curriculum design. Dr. Spafford is a professor with an appointment in Computer Science at Purdue University, where he has been a member of the faculty since 1987.]

Announcement

  • Join us on our 3d ever Google+ Hangout! Add PaulDotCom on Google+ and join us in the Google Hangout.
  • We are in the process of archiving and cataloging our technical segments, please visit the PaulDotCom Technical Library and we indexed all of the interviews we have conducted. We are also working on updating all of the articles, so check the newsletter or if you want to help in exchange for some free guidance and security training please email me.

Stories

Paul's Stories

Larry's Stories

Jack's Stories that would make Motley Crue blush

  1. The New York Times was hacked by evil Chinese hackers. Or maybe the story is not completely accurate?
  2. Once More Into The (PRC Aggregated) Breaches an informative post by Bob Rudis on the challenges of interpreting aggregated data sources.
  3. Security No-Man's Land Mike Rothman reminds us of the "have-nots" of InfoSec as we approach the RSA conference. Echoing some of what Dan Geer wrote about the week before, and some of Wendy Nather's "Security Poverty Line" work- it is important to remember that imnproving security for Fortune 1000 companies falls far short of actually improving security overall.
  4. Robert Graham's ten-year retrospective on the SQL Slammer worm
  5. Remember the college kid tossed from school for reporting a vulnerability? It turns out his story isn't quite as innocent as it was portrayed by some. Still dumbness and overreaction IMHO, but more has come to light, including this letter of expulsion.

Allison's Stuff