We take a look back at some of the big stories of 2015, at least, as we see it.

Plus the round up & more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Episode 227: Oracle’s EULAgy #oraclefanfic

• Oracle Chief Security Officer, Mary Ann Davidson, makes a blog post railing against reverse engineering and security research
• Claims Oracle is pretty good at finding bugs in their own code, and doesn’t need anyone else’s help, and that is violates their EULA
• The blog post was quickly taken down, but this is the Internet, it doesn’t work like that

Episode 196: Sony’s Hard Lessons

• Bruce Schneier walks us through what we can learn from the hack of Sony’s corporate network

Episode 217: An Encryptioner’s Conscience

• A recurring theme: firmware is terrible
• Replace your router with something that runs a real OS
• Luckily, more and more routers finally have enough hardware to run a minimal Linux or BSD install
• Smaller APU and Atom machines can run full OS or appliance software like pfSense

Episode 211: The French Disconnection

• Episodes recorded live in the studio always have a different feel to them, especially when it happens to be the 4th anniversary of the show
• The top story in this episode was about how to detect when your network has been breached
• Some great detail, and discussion of the Target and Sony hacks as examples of what to do, and what not to do

Episode 212: Dormant Docker Disasters

• The man who broke the music business
• Detailing the infinalside story of how some of the most popular music albums made it onto the internet before they were even in stores
• Again, in person episodes are always special

Episode 237: A Rip in NTP

• Recap of my visit to the OpenZFS

Round Up:

• Maltrail, a new MIT licensed open source malicious traffic detection system
• Making malware that is harder to detect, breaks some disassemblers
• “Firestorm”, a new vulnerability in “next generation” firewalls
• CryptoWall 4 – The Evolution Continues
• McAfee Enterprise Security Manager failed to manage own security. Authentication bypass vulnerability found
• Tutorial: How to reverse unknown protocols using Netzob
• Don’t be a victim of Tax Refund Fraud in 2016, Krebs has tips to protect yourself
• Tutorial: Fake WiFi Access Point, create a rough AP or an “Evil Twin”