Paul's Security Weekly - Episode 368 for Thursday April 3rd, 2014
- This segment is brought to you by Black Hills Information Security, THE source for all of your penetration testing needs. Please visit www.blackhillsinfosec.com for more information and use the contact page to request a quote!
- The are still processing, however all of the MA CCDC videos are posted here: http://securityweekly.com/maccdc2014
- We are scheduling three upcoming webcasts, sponsors will be The SANS Institute, Palto Alto Networks and Pwnie Express, please check http://securityweekly.com/watch for the dates and topics! You can also subscribe to the Security Weekly Insider list and receive advanced notifications of all upcoming webcasts and webcast content.
- Paul is speaking at the Northeast Linux Fest which will be held on April 8th of 2014 at Harvard University, April 7-8 at SOURCE Boston (stay tuned to win a free SOURCE Boston ticket!), Charlotte ISSA conference on April 24, and the NOLA conference in New Orleans in June.
- Come take SEC617 at Security West, May 10-15 in Sunny San Diego! Sign up through Larry's SANS page at: http://www.sans.org/instructors/larry-pesce
- BSides Boston May 9-10, 2014: Discover the great next big thing! http://www.bsidesboston.org
- First person to Tweet to @securityweekly during the show "I want the free SOURCE Boston ticket" wins it!
Guest Interview: Josh Abraham
At Praetorian, Josh is a key member of the technical execution team. In this capacity, he is responsible for leading, directing and executing client-facing engagements that include Praetorian's tactical and strategic service offerings.
Over the years, Josh has become a well-known resource for his contributions to the information security space. An avid researcher and presenter, Josh has spoken at numerous conferences including BlackHat, DefCon, BSides, ShmooCon, The SANS Pentest Summit, Infosec World, SOURCE, CSI, OWASP, LinuxWorld and Comdex.
- Prezi got Pwned: A tale of responsible disclosure - Engineering at Prezi
- 42 days to go for XP – 8 tips if you aren’t going to make it
- Meet the next-gen USB cable that could sweep away all others
- Android Botnet Targets Middle East Banks
- Amazon Web Services Combing Third Parties for Exposed Credentials
- DNS-Based Amplification Attacks Key on Home Routers
- What took you so long Apple? 26 remote exec bugs die in OS X Safari
- Google Wants Supreme Court To Rule On Street View Privacy Case
- "GUI Bugs Expose Information Disclosure
- "Microsoft: 0Day Exploit Targeting Word
- S4x14 Session: You Name It; We Analyze It
- California man who lasered two helicopters to face 14 years behind bars
- Dumb hackers leave encryption keys on victims' PCs
- Researcher Lights Fire Under Tesla Security
- Ad tracking: Is anything being done?
- Glonass Failure - [Larry] - For those that don't know, GLONASS is the Russian equivalent of US based GPS. Apparently, somehow, the GNSS satellites were uploaded incorrect information on how end receivers calculate satellite position. This is interesting to be because: 1. What if the Russians knew that this was happening and could ignore the bad info or perform additional calculations to correct it, 2. Could this happen to US based GPS (yes), and 3. Who did it? Human, computer error or threat actor? Think about what any of those scenarios mean, and put on your conspiracy hat while you do it.
- Crypto…Defense? - [Larry] - In a copycat move, the CryptoDefense malware authors encrypt files, and then demand payment in bitcoin to decrypt. If payment is not received (through their secretive TOR hidden service), in 4 days the price doubles. So, the files are encrypted with a 2048-bit RSA key…but the authors left the private key on disk in the application's install directory. That means they left behind everything needed to decrypt, no ransom needed. That said, in a couple of day period, they allegedly made $34,000.
- Target/Trustwave Update - [Larry] - One of the two banks pulled out from the suit against Trustwave about the Target breach. Hmmm, coming to their senses maybe? It is looking like more during the discovery process the bank realized that Trustwave did not provide some of the services alleged in the original filing. I love it when the lawyers don't understand technology, but it gets even worse when they cant understand technology contracts and SoWs.
- DumbTV, Phillips - [Larry] - Phillips left a default, unchangeable password on it's Smart TVs for the Miracast AP of "Miracast". Once connected it is possible to control the TV, download config files, and obtain files from connected USB devices, as well as obtain stored website cookies for sites browsed on the TV. Hooray internet of things.
- The NSA hacked into Huawei - [Larry] Uhhhhh…..
- Where's Jack? I'll be speaking at BSides Orlando, InfoSec World, and SANS, all in Orlando next week.
- DNS Blind Spot A good primer on the challenges of monitoring DNS.
- Be A Good Marketer And Win Over Your Analyst In 8 Slides OK, this is an "inside baseball" story, but if you are in the security biz and deal with analysts this is a great primer.
- Clean reviews preceded Target's data breach, and others This highlights the issues with point-in-time compliance, and maybe a few other issues, too.
- Sometimes you should read the comments This is one of the rare occasions where a comment on the Internet is thought provoking.
- It’s Time To Start A New Dialogue – Saying Goodbye to Booth Babes, Once And For ALL Look, I have nothing against attractive women- but when I want to talk about network taps, threat data, or pretty much anything else- "booth babes" are a distraction at best.
- Using SysInternals Tools Like a Pro A handy guide to the wonders of SysInternals.
- Get your Nest out of my nest Consumer Safety Notice for Nest Protect: Smoke + CO Alarm <- the Thingularity strikes, Nest pulls products from shelves until a fix is out.