Matt is a long time volunteer of BruCon and is going to let us know all the great things in store for 2013.

Philip Young, aka Soldier of Fortran, is a mainframe phreak! His love of mainframes goes back to when he watched Tron, wide eyed, for the first time. Though it would be decades until he actually got his hands on one he was always interested in their strangeness. Phil has always been in to security since his days as a sysop and playing around on Datapac (the Telenet of Canada). Some people build toy trains, others model airplanes, but Phil's hobby is mainframe security.

Zach will be going over how he does research on exploiting embedded systems and his exploit development framework bowcaster. Zachary Cutlip is a security researcher with Tactical Network Solutions, in Columbia, MD. At TNS, Zach develops exploitation techniques targeting embedded systems and network infrastructure. Since 2003, Zach has worked either directly for or with the National Security Agency in various capacities. Before embracing a lifestyle of ripped jeans and untucked shirts, he spent six years in the US Air Force, parting ways at the rank of Captain. Zach holds an undergraduate degree from Texas A&M University and a master's degree from Johns Hopkins University.

From the Bradley Manning sentencing to DDOSing your former employer, the guys at PSW cover all the interesting stories of the week.

Trying to wake up sleeping babies through hacking the baby monitor. Fire in the studio. Male to male plugs. Updating your pooty...and firefox. Fun ways to log in to your Leap Motion controlled Windows box and the iLO authentication bypass. Plus more on this week's Drunken Security News!

Denying Service to DDOS Protection Services

Dr. Diffie is a pioneer of public-key cryptography and was VP of Information Security and Cryptography at ICANN. He is author of Privacy on the Line: The Politics of Wiretapping and Encryption

Ty Miller is CEO and Founder of Threat Intelligence , has had many TV appearances, radio interviews, print newspaper and magazine articles, and regular online commentary & BlackHat Trainings. Ty Miller's experience not only covers penetration testing, it also expands into regulations like PCI, developing and running industry benchmark accreditations, performing forensic investigations, as well as creating and executing security training ranging from introductory security through to highly advanced security concepts and skillsets. Today he is here to do a tech segment on his product Threat Analytics.

All things Black Hat, DefCon. Making $15,000 to $20,000 per hour. Hijacking a Prius. Vulnerable printers. More SCADA hacking. Hacking toilets.

If you've seen one of mine, or John Strand's, presentations on offensive countermeasures, you know about Honeyports. If you've taken our class or read our book, you've seen this too! Just to recap: If you tell your host to listen for connections on a port, and make certain the client is making a full TCP connection, you can "shun" or block the remote IP address. A Honeyport is a port that nothing should be listening on. When something, or someone, makes a connection to this port, you create and implement a local firewall rule on the host to block that IP address. Previously we had shell scripts and a Windows command to make this happen. I wanted to extend this functionality, but quickly ran into limitations. So, I decided to write a Python script to implement this on all 3 platforms.

In this episode we talk about pwnedlist and how many companies are compromised and don't even know it. We also talk about how one should not throw stones in glass houses.

In this episode we talk about Prism, M$, HIPAA and Panic!!! In the financial sector!! Links for this episode: http://tinyurl.com/HNTV-HIPAA-Costs http://tinyurl.com/HNTV-Financial-collapse http://tinyurl.com/HNTV-MS-NSA

The OWASP Top Ten is an awareness document for web application security, representing broad consensus about the most critical web application security risks as determined by the OWASP community. The OWASP Top 10 is one of the earliest and longest running OWASP projects, first published in 2003, and updates have been produced in 2004, 2007, 2010, and now 2013.

Troy is a Software architect and Microsoft MVP, you'll usually find him writing about security concepts and process improvement in software delivery on his blog. He also has a free e-book out "OWASP Top 10 for .NET developers"

Selena Proctor, Alex Horan and Mariano Nunez join us from Onapsis.

Schuyler Towne is on a mission to recover as much information as possible about the lock-related patents that were lost to the patent office fire of 1836. His primary interest is in the history and the story of the creators of the lost locks, but his goal is to conduct all of the research in public, using Zotero, so everyone can follow along and those particularly inclined can even participate. That rough research will remain available indefinitely, but he will go on to curate and organize the work for publication on the website. Depending on what we recover we could potentially restore entire patents to the patent record, or 3D print working locks based on their drawings. We could solve a mystery, or rewrite history.

Kati Rodzon is the manager of Security Behavior Deisgn for MAD Security. Her last nine years have been spent studying psychology and ways to modify human behavior. From learning about the power of social pressure on groups, to how subtle changes in reinforcement can drastically change individual behavior, Kati has spent the better part of a decade learning how humans work and now applies that to security awareness. Mike Murray has spent more than a decade helping companies to protect their information by understanding their vulnerability posture from the perspective of an attacker. Mike co-founded MAD Security, where he leads engagements to help corporate and government customers understand and protect their security organization.

Matt "Level" Bergin, age twenty four, works for CORE Security as a Senior Security Consultant where his day job consists of discovering, exploiting, and mitigating vulnerabilities in their client’s network environments. Before joining CORE, Matt became well recognized in the industry through his activities in the US Cyber Challenge and publications of vulnerability research such as his discovery of the Microsoft IIS 7.5 FTP Heap Overflow.

In this episode we talk about the importance of being able to detect insider threats.

Paul's talking about clickjacking your computer's camera, HTML5, security issues in iOS personal hotspot while Jack is asking why we're slow to detect breaches and brings up the $100,000 bug bounty.

Bro is a passive, open-source network traffic analyzer and was originally developed by Vern Paxson, who continues to lead the project now jointly with a core team of researchers and developers at the International Computer Science Institute in Berkeley, CA; and the National Center for Supercomputing Applications in Urbana-Champaign, IL. Liam Randall and Seth Hall are on to give us additional insight into how Bro IDS is used.

We have JP Bourget and Bruce Potter on the show to announce their ball busting ride across the USA, CycleOverride . CycleOverride is planning a series of rides over the coming years that revolve around information security and fundraising for organizations important to the infosec community. Support the EFF in support of Cycle Override