• 3SB-2: BlockChain Tuna

  • May 11 2021
  • Length: 1 hr and 6 mins
  • Podcast

  • Summary

  • Episode 1 follow up:

    • Signal continues to make the news. This time hacking Privacy 


    Topics:

    • CocoaPods Trunk: Remote Code Execution found 
    • Cosign - container image signing. 
    • TBONE hacking Tesla from a drone with zero clicks. 
    • SAML XML Injections 
    • Tinker Twitter threat on: real & physical occupational hazard for infosec.
    • 1Password Secrets Automation 
    • Google mandatory MFA


    Paul’s rant:

    • -blockchain tuna tracking 


    Links:

    • https://signal.org/blog/the-instagram-ads-you-will-never-see/
    • https://blog.cocoapods.org/CocoaPods-Trunk-RCE/ 
    • https://justi.cz/security/2021/04/20/cocoapods-rce.html
    • https://blog.1password.com/introducing-secrets-automation/
    • https://kunnamon.io/tbone/
    • https://research.nccgroup.com/2021/03/29/saml-xml-injection/
    • https://security.googleblog.com/2021/05/making-internet-more-secure-one-signed.html 
    • https://twitter.com/TinkerSec/status/1388107620574171140
    • https://blog.google/technology/safety-security/a-simpler-and-safer-future-without-passwords/


    Hosts:

    Paul Kehrer @reaperhulk

    Robert Clark @hyakuhei

    Matías Brutti @MrBrutti


    Post-Production:

    Matias Brutti @MrBrutti


    Disclaimer:  The opinions and security statements on this podcast are our own and do not represent that of our respective past, current or future employers. 

    Show more Show less
activate_Holiday_promo_in_buybox_DT_T2

What listeners say about 3SB-2: BlockChain Tuna

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.