Episode407

From Paul's Security Weekly
Jump to: navigation, search


Episode Media

MP3

Announcements

Paul's Security Weekly - Episode 407 for February 19th, 2015

And now, from the dark corners of the Internet, where exploits run wild, packets aren’t the only things getting sniffed, and the beer flows steady its Paul’s Security Weekly!

  • This podcast is brought to you by the SANS Institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
  • And by Black Squirrel. Pentest Networks from Your Browser! Exploit the limits of network security through just a browser. Have a Chrome exploit in your toolkit? Good, but for the rest of us there's Black Squirrel. Visit blacksquirrel.io for more information.

"Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet..."

"Here's your host, a man who manages to identify every white whale in the security podcast industry...who's wildest keyshgning party involved a 55 gallon drum of lube, a midget lemons and a man nicknamed old dick and Paul Asadoorian"

  • Security Weekly Announcements:
    • Cold weather got you down? Warm up to Embedded Device Security Assessments, a 2-day hosted class at the SANS ICS Summit on February 25-26th, Security Weekly listeners receive a 10% discount when using the code SECWEEK10. Register Here Today!
    • Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Orlando April 11-18, Austin, TX May 18-23, Baltimore, MD (SANSFIRE) June 13-20, and Berlin, Germany June 22-27
    • Security Weekly listeners also receive 10% off products in our store with discount code 'IHACKNAKED'
    • Follow us on Facebook and Twitter, join our Google Groups mailing list, and subscribe to our YouTube channel.
    • B-Sides Boston 2015 is May 9th in Cambridge, MA. Got a great topic, or fresh new idea? Share it with the community at BSB 2015 call for papers is now open, CFP deadline is March 1st

Security Deathmatch

This week, Larry and Joff are the test rats for a new type of segment called Security Deathmatch.

EmbedVideo received the bad id "Xzb01Q4i9uM"" for the service "youtube".

Stories

EmbedVideo received the bad id "Vb5TWEOBKUs"" for the service "youtube".

Sponsors

  • Stories of the week is brought to you by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
  • And by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!

Paul's Stories

  1. Bank Employees targeted estimated $1B - 100's of Financial Institutions Worldwide
  2. Vulnerability in Netgear Devices
  3. How infosec hiring lost its way: Harsh findings in Leviathan report | ZDNet - Some interesting findings, LOTS of open positions in security. This article had somewhat a of a negative vibe, leaving me feeling depressed.
  4. Lack of CSPRNG Threatens WordPress Sites | Threatpost | The first stop for security news - VERY interesting. Bug was reported 8 months ago, not fixed. Bug finder went to a conference to get a hold of someone in person, blown off. Bug finder releases a patch, not applied to Wordpress code tree. Though it appears this bug is not easily exploitable today, things change.
  5. Why We Should Design Some Things to Be Difficult to Use - Such a cool article, great writing, and some great points. My example is of course Vim. Yea, its hard to use, at first. But once you master it you save time and have that feeling that you've mastered something. So I really get what the author is trying to say in this article. There are some security things in there too, such as we'd all be safer drivers if we put a spike pointing out from the steeting wheel of every car... Now just do the same thing when a user clicks on a link...
  6. Information disclosure flaw exposes Netgear wireless routers to attacks My embedded device vulnerability of the week. Wordpress and embedded systems, every week.
  7. Red Hat CEO: Today’s IT department is in a fight for its life Good article on Devops: Traditional IT departments are slow and methodical. Rule no. 1 was to never bring the systems down. They would take months, even years, to roll out new new software, testing everything carefully, often spending millions in the process. Devops eliminates that. Instead, IT departments tear their projects apart into teeny components that can be implemented in tiny changes every day.
  8. Mozilla's Flash-Killer 'Shumway' Appears In Firefox Nightlies - Interesting, will it be bug ridden like Adobe's product? Time will tell. Do you go with something that has fixed a bunch of stuff or something new...
  9. BadUSB Vulnerabilities Live in ICS Gear Too
  10. "You’re Not Paranoid
  11. Israel targeted by malware packaged with pornographic video
  12. "Christofer Hoff on Mixed Martial Arts
  13. Samsung smart TVs don't encrypt the voice data they collect
  14. "‘BadUSB’ Poses Threat to Industrial Control Systems
  15. Microgrids and Smart Grid Resilience
  16. End Users Causing Bulk Of Infosec Headaches
  17. "Critical 0-days in open source? The problem isn't code

Larry's Stories

  1. Custom metasploit payloads - Thanks Mark Bagett, for the tips, python SimpeHTTPServer and metasploit web download.
  2. Pentester’s pledge - Oh Ed. This is great. So, in a nutshell, the pledge: why use exploit after exploit when you have local creeds and can use psexec. Why run the risk of crashing machines?
  3. Samsung TV spying on you - Hi TV! Oh wait, now the TV is listening! Yes, and those complex commands (non built in ones) are sent over the internet to a third party….wait for it…unencrypted and in plain old audio formats. Now Samsung claims that audio is only sent in certain situations and that the microphone is not always active. I call bull shit on the last part, as how does the TV know when it hears “Hi TV!”. It would be interesting if some enterprising folks could trigger the send of audio remote.
  4. Lenovo Superfish - Hooray, vendor installed malware for injecting ads. Lenovo says it is now disabled and asks Superfish to disable until an auto-update patch is available. Dunno how they will do that, as the app effectively breaks SSL by inserting trusted CAs...
  5. Duplicate SSH keys - Shodan now indexes ssh fingerprints. Using the API, you can compare all of the fingerprints. Turns out several manufacturer, ISPs and vendors share the same SSH keys across hundreds of thousands of devices.
  6. State Tax ID fraud spikes after Feds improve: see Turbo Tax maybe shorter digest than Krebs

Joff's stories about his kangaroo pals

  1. Malware at the firmware level
  2. so says the president...