Update: You can now view a recording of the session while testing yourself against the "Expert" panel!
https://www.youtube.com/watch?v=VIS9fXZXJ44&feature=youtu.be&t=5h47m12s
"Wait, wait! Don't pwn Me!" is a live, security news game show that pits three security experts (Josh Corman, Chris Eng and Matt Tesauro) against each other in a game of wits. Host Mark Miller, selects topics from the week's security news, posing the news items as limericks, fill-in-the-blank, and audience participation questions. The panel competes against each other, and the audience, for speed and accuracy when answering the questions.
During the AppSec USA 2013 Conference, this was a rollicking, high spirited session, exposing the prevalence of security issues highlighted in the main stream news. It demonstrates how hard it is to keep up to date with security updates, even for the experts. Audience members should come prepared as we test their knowledge against the panel, trying to determine what is real news and what is fake.
This is a fun filled session where panelists and audience members compete for prizes from the OWASP store. It is sure to put you in a good mood for the rest of the conference.
3. ONLINE NEWS RESOURCES
Hacker News
CSO
CNN
ars technica
The Verge
Threat Post
NetworkWorld
SANS
Brian Krebs
Pandodaily
Forbes
Tesla
FBI.gov
Star Tribune
Errata Security
4. THE RULES
Each correct answer to the initial question is worth 3 points
A wrong answer subtracts 2 points
A pass on the question loses 1 point
If a question is answered incorrectly, the second response is worth 1 point
A correct answer from an audience member gets allocated 2 points to panelist of choice
The moderator may arbitrarily give
or take away points at any time
65. Feedly and Evernote went down from DDoS
attacks. What did the attackers want?
66. Feedly and Evernote went down from DDoS
attacks. What did the attackers want?
67. Name 2 of 5 companies that were held for
ransom recently, with the attackers
demanding to be paid in BitCoin.
68. Name 2 of 5 companies that were held for
ransom recently, with the attackers
demanding to be paid in BitCoin.
Vimeo, Mailchimp, Shutterstock, Feedly, Evernote
69. Robert Scoble called it “the stupidest, most
addictive app I’ve ever seen in my life.”
70. Robert Scoble called it “the stupidest, most
addictive app I’ve ever seen in my life.”
Full Disclosure
http://seclists.org/fulldisclosure/2014/Jun/index.html
http://www.koreaittimes.com/story/37751/household-name-lg-scores-poorly-defending-against-xss-attacks