Summary: <p>We’re joined by a special guest to discuss the failures of campaign security, the disastrous consequences of a mismanaged firewall, and the suspicious case of Speck.</p> <p>Plus the latest vulnerabilities in Wireshark and OpenSSH, the new forensic hotness from Netflix, and some great introductions to cryptography. </p><p>Links:</p><ul> <li><a title="I’m teaching email security to Democratic campaigns. It’s as bad as 2016." rel="nofollow" href="https://www.washingtonpost.com/outlook/2018/09/04/im-teaching-email-security-democratic-campaigns-its-bad/">I’m teaching email security to Democratic campaigns. It’s as bad as 2016.</a></li> <li><a title="Botched CIA Communications System Helped Blow Cover of Chinese Agents" rel="nofollow" href="https://foreignpolicy.com/2018/08/15/botched-cia-communications-system-helped-blow-cover-chinese-agents-intelligence/">Botched CIA Communications System Helped Blow Cover of Chinese Agents</a></li> <li><a title="NSA-Designed Speck Algorithm to Be Removed From Linux 4.20" rel="nofollow" href="https://www.tomshardware.com/news/nsa-speck-removed-linux-4-20,37747.html">NSA-Designed Speck Algorithm to Be Removed From Linux 4.20</a></li> <li><a title="Vulnerability Affects All OpenSSH Versions Released in the Past Two Decades" rel="nofollow" href="https://www.bleepingcomputer.com/news/security/vulnerability-affects-all-openssh-versions-released-in-the-past-two-decades/">Vulnerability Affects All OpenSSH Versions Released in the Past Two Decades</a></li> <li><a title="Wireshark can be crashed via malicious packet trace files" rel="nofollow" href="https://www.helpnetsecurity.com/2018/08/31/wireshark-dos-vulnerabilities/">Wireshark can be crashed via malicious packet trace files</a></li> <li><a title="Service provider story about tracking down TCP RSTs" rel="nofollow" href="https://mailman.nanog.org/pipermail/nanog/2018-September/096871.html">Service provider story about tracking down TCP RSTs</a></li> <li><a title="The case of the 500-mile email" rel="nofollow" href="http://www.ibiblio.org/harris/500milemail.html">The case of the 500-mile email</a></li> <li><a title="Diffy: A cloud-centric triage tool for digital forensics and incident response" rel="nofollow" href="https://github.com/Netflix-Skunkworks/diffy">Diffy: A cloud-centric triage tool for digital forensics and incident response</a></li> <li><a title="An intensive introduction to Cryptography" rel="nofollow" href="https://intensecrypto.org/public/">An intensive introduction to Cryptography</a></li> <li><a title="The Manga Guide to Cryptography | No Starch Press" rel="nofollow" href="https://nostarch.com/mangacrypto">The Manga Guide to Cryptography | No Starch Press</a></li> </ul>
