Episode367

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security
BlackSquirrel
Onapsis

SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here


Episode Media

Announcements

Paul's Security Weekly - Episode 367 for Thursday March 27th, 2014

  • This segment is brought to you by Black Hills Information Security, THE source for all of your penetration testing needs. Please visit www.blackhillsinfosec.com for more information and use the contact page to request a quote!
  • We are scheduling three upcoming webcasts, sponsors will be The SANS Institute, Palto Alto Networks and Pwnie Express, please check http://securityweekly.com/watch for the dates and topics! You can also subscribe to the Security Weekly Insider list and receive advanced notifications of all upcoming webcasts and webcast content.
  • SECURITY B-SIDES ORLANDO April 5-6th, 2014 : "COMMUNITY DRIVEN EVENT SEEKING TO BRING TOGETHER CENTRAL FLORIDA INFOSEC WITH A PASSION FOR MAKING, BREAKING, AND PROTECTING."
  • Paul is speaking at the Northeast Linux Fest which will be held on April 8th of 2014 at Harvard University, April 7-8 at SOURCE Boston (stay tuned to win a free SOURCE Boston ticket!), Charlotte ISSA conference on April 24, and the NOLA conference in New Orleans in June.



Stories

Paul's Stories

  1. How I got root with Sudo | Securus Global Blog - Some old tricks, such as when people still think its a good idea to sudo a shell script owned by root, which maybe calls a different shell script. Or give sudo to a script that does not yet exist.
  2. Redpoint: Discover & Enumerate BACnet Devices - Really neat to see this research, and glad they are doing it. BACnet is a common protocol used by building control systems. This means, you may have it in your environment. If you are not looking for it, you may not even know you have it. Now some Nmap nse scripts exist to find it. Sweet.
  3. Smarter People are More Trusting
  4. Brian Krebs Subject of Sony Pictures Movie Deal | The State of Security
  5. "A few updates on ""The Moon"" worm
  6. Most ATMs will remain on Windows XP after Microsoft pulls plug on OS support
  7. The Internet of Things is being used to mine digital currency
  8. Hackers Can Force ATMs to Spit Out Money With a Text Message
  9. Forget black hats – the best hackers are going grey and getting legit • The Register
  10. About 55k In San Francisco Impacted In Theft Of Sutherland Computers
  11. Metadata Poses Both Risks And Rewards
  12. Microsoft Outlook Users Face Zero-Day Attack
  13. Full Disclosure List Rises From the Ashes For Fresh Start

John's Stories

  1. Lets sue Trustwave!
  2. BlackHats going legit... To Legit... To Legit to quit
  3. Microsoft releases source code