All content for 3 Security Buddies is the property of Paul Kehrer, Robert Clark, Matias Brutti and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Weekly podcast where three security buddies discuss security topics.
Episode 1 follow up:
Signal continues to make the news. This time hacking Privacy
Topics:
CocoaPods Trunk: Remote Code Execution found
Cosign - container image signing.
TBONE hacking Tesla from a drone with zero clicks.
SAML XML Injections
Tinker Twitter threat on: real & physical occupational hazard for infosec.
1Password Secrets Automation
Google mandatory MFA
Paul’s rant:
-blockchain tuna tracking
Links:
https://signal.org/blog/the-instagram-ads-you-will-never-see/
https://blog.cocoapods.org/CocoaPods-Trunk-RCE/
https://justi.cz/security/2021/04/20/cocoapods-rce.html
https://blog.1password.com/introducing-secrets-automation/
https://kunnamon.io/tbone/
https://research.nccgroup.com/2021/03/29/saml-xml-injection/
https://security.googleblog.com/2021/05/making-internet-more-secure-one-signed.html
https://twitter.com/TinkerSec/status/1388107620574171140
https://blog.google/technology/safety-security/a-simpler-and-safer-future-without-passwords/
Hosts:
Paul Kehrer @reaperhulk
Robert Clark @hyakuhei
Matías Brutti @MrBrutti
Post-Production:
Matias Brutti @MrBrutti
3 Security Buddies
Weekly podcast where three security buddies discuss security topics.
