Paul's Security Weekly - Episode 405 for February 5th, 2015
And now, from the dark corners of the Internet, where exploits run wild, packets aren’t the only things getting sniffed, and the beer flows steady its Paul’s Security Weekly!
- This interview is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
- And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
- And by Black Squirrel. Pentest Networks from Your Browser! Exploit the limits of network security through just a browser. Have a Chrome exploit in your toolkit? Good, but for the rest of us there's Black Squirrel. Visit blacksquirrel.io for more information.
"Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet..."
"Here's your host, a man who is excited to be back touching python...again."
- Security Weekly Announcements:
- Cold weather got you down? Warm up to Embedded Device Security Assessments, a 2-day hosted class at the SANS ICS Summit on February 25-26th, Security Weekly listeners receive a 10% discount when using the code SECWEEK10. Register Here Today!
- Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Orlando April 11-18, Austin, TX May 18-23, Baltimore, MD (SANSFIRE) June 13-20, and Berlin, Germany June 22-27
- Security Weekly listeners also receive 10% off products in our store with discount code 'IHACKNAKED'
- Follow us on Facebook and Twitter, join our Google Groups mailing list, and subscribe to our YouTube channel.
Tech Segment: Larry Pesce
Larry goes over sniffing GSM with rtl-sdr and gnuradio.
- Stories of the week is brought to you by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
- And by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
- And by Black Hills Information Security, the leaders in penetration testing and active defense. Email firstname.lastname@example.org to request a quote today!
- Today is the last day to purchase an Encryption is not a crime t-shirt and support the EFF and Hackers for Charity here and get 10 dollars off a Hack Naked t-shirt. Forward invoice from booster to kris at security weekly dot com.
- Wordpress Plugin vulnerability
- Unlocking a BMW with no keys
- D-Link routers vulnerable to DNS hijacking
- Welcome to my sit-stand desk nightmare | Ars Technica
- 3 Disturbing New Trends in Vulnerability Disclosure
- BMW's Software Security Patch A Sign Of Things To Come
- Adobe Flash Zero Days Prove Signatures Are Dead
- Adobe Begins Patching Third Flash Player Zero Day
- Siemens Sighs: SCADA Bugs Abound
- Attackers exploit zero-day flaw in popular WordPress plug-in
- "Critical Ghost bug could haunt WordPress and PHP apps
- Security 101: Show Your List!
- Anthem Hacked – US Health Insurance Provider Leaks 70 Million Records
- Yet Another Emergency Flash Player Patch — Krebs on Security
- "The Shadow File: Patching
- GDS - Blog - BadSamba - Exploiting Windows Startup Scripts Using a Malicious SMB Server
- delvelabs/vane · GitHub
Joff's stories of his teenage mates of past days
Jack's lack of stories
- Warning – Microsofts Outlook app for iOS breaks your company security
- Canary Watch website
- The World’s Email Encryption Software (GPG) Relies on One Guy, Who is Going Broke so let's donate to GPG
- Skills shortage... Oh, my. Jack may rant.
- Marcus Ranum's comments on the breach at [$COMPANY_NAME$]