• 3SB-2: BlockChain Tuna

  • May 11 2021
  • Length: 1 hr and 6 mins
  • Podcast
  • Summary

  • Episode 1 follow up:

    • Signal continues to make the news. This time hacking Privacy 


    Topics:

    • CocoaPods Trunk: Remote Code Execution found 
    • Cosign - container image signing. 
    • TBONE hacking Tesla from a drone with zero clicks. 
    • SAML XML Injections 
    • Tinker Twitter threat on: real & physical occupational hazard for infosec.
    • 1Password Secrets Automation 
    • Google mandatory MFA


    Paul’s rant:

    • -blockchain tuna tracking 


    Links:

    • https://signal.org/blog/the-instagram-ads-you-will-never-see/
    • https://blog.cocoapods.org/CocoaPods-Trunk-RCE/ 
    • https://justi.cz/security/2021/04/20/cocoapods-rce.html
    • https://blog.1password.com/introducing-secrets-automation/
    • https://kunnamon.io/tbone/
    • https://research.nccgroup.com/2021/03/29/saml-xml-injection/
    • https://security.googleblog.com/2021/05/making-internet-more-secure-one-signed.html 
    • https://twitter.com/TinkerSec/status/1388107620574171140
    • https://blog.google/technology/safety-security/a-simpler-and-safer-future-without-passwords/


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer:  The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 

    Show More Show Less

What listeners say about 3SB-2: BlockChain Tuna

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.

In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.