Episode480

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly - Episode 480

Recorded: September 8, 2016


Episode Audio

MP3

Announcements

  • Visit http://securityweekly.com/hotseat for the latest edition happening on Sept 13th 2PM EST, register today! We wile sit down with Yolonda Smith, Director of Product Management with Pwnie Express. We will dig into the shift in the number, types, and ownership of devices showing up on enterprise networks, and how you can protect your company from new threats from these devices. We will also get into some cool tech for monitoring and securing your enterprise from wireless, bluetooth, cellular and even good old wired device threats.
  • Make sure you visit http://securityweekly.com/subscribe and subscribe to our new shows including Enterprise Security Weekly and Startup Security Weekly. You can also subscribe to all shows individually, as well as a main feed which contains this show, Hack Naked TV and Enterprise Security Weekly.

Interview: Marcus J. Ranum, Tenable Inc.- 6:00PM-6:30PM

Marcus J. Ranum works for Tenable Security, Inc. and is a world-renowned expert on security system design and implementation. He has been involved in every level of the security industry from product coder to CEO of a successful start-up. He is an ISSA fellow and holds achievement and service awards from several industry groups.

  1. Given the events over the past several years in state-sponsored hacking, how have your views on cyber war been impacted? (War vs. Espionage/Sabotage/Spying)
  2. Compelling security metrics seem out of reach for many, what advice do you have for people today looking for good security metrics?
  3. What prompted your decision to not speak at conference that do not have an anti-harrassment policy?
  4. Are security people born with unique talents?o
  5. Tell us about your recent talk "No Quarter: The Ruthless Pursuit of Advanced Malware"
  6. What do you mean by "Low-rent security (do it yourself)"
  7. Tell us how to make soap!

Tech Segment: ODROID C2 vs. Raspberry PI 3 - Fight! - 6:30PM-7:30PM

Which hardware is best for your next nerdy security (or non-security) project? The Security Weekly crew will discuss the differences between two of the new model embedded Linux boards on the market today, the ODROID C2 and Raspberry PI Model B. We've used both in various project and will offer examples, tips, tricks and how-tos!

Security News - 7:30PM-8:30PM

Paul's Stories

  1. "Meet USBee - USBee works by sending USB drives a sequence of "0" in a way that causes the devices to generate detectable emissions at frequencies between the 240 megahertz and 480 Mhz. I love all of these attacks, no really I do. There are several research projects that have been focused on bridging the air-gapped networks. While there are many truly airgapped networks: No Internet, no Wifi, no Bluetooth, so many are configured incorrectly and don't even require this sophisticated of an attack. For the ones that are, you still need to get a wireless signal of some sort from the target, back to you. If you've ever tried to get cell phone signal from within an elevator, you know the struggle. Also, this attack requires malware, which is not as impossible to install as the article made it seem. In high security environments, there must be physical controls, and controls on personnel.
  2. Half of network management systems vulnerable to injection attacks - The products were Spiceworks Desktop, Ipswitch WhatsUp Gold, Castle Rock SNMPc, ManageEngine OpUtils, CloudView NMS, Opmantek NMIS, Opsview Monitor, Netikus EventSentry, and Opmantek NMIS. We've all known these systems contain vulnerabilities, the real problem is the network and sysadmins have a bitch of a time getting them working and configured properly, leaving security by the way side. We need to fix that problem, not merely point out vulnerabilities.
  3. Snagging creds from locked machines - Props to Mubix, hist post on this it completely awesome.
  4. FTC Panel Encourages Basic Security Hygiene to Counter Ransomware - many panelists agreed that better basic cyber hygiene can do a lot to help eliminate the problem up front. Hurray for hygiene! But WTF does that even mean? People talk, and they use words, and everyone nods because it sounds great. Hygiene is an over-used term in info sec. We should drink every time some says it. Being secure does not come from hygiene ' 'conditions or practices conducive to maintaining health and preventing disease, especially through cleanliness.. I mean really what you are saying is you must implement conditions or practices that contribute to security. Well, thanks for that captain obvious. Most of the defenders in the world know, or have a suspicion, that there are "things" we are not doing that are security risks. The real problem? Finding the appropriate tools, resources and support from all levels of the organization to get it done. Its so much more than just that word "hygiene". 1) You need to convince every in your organization what it takes to be secure (and define what secure means) 2) You need to have enough people and the right processes to pull it off and 3) You need tools to help you (hardware, software, training). I'm not saying this is a magic formula, but I am saying it takes more than just spouting on about good cyber hygiene.
  5. DHS Urges Vigilance in Protecting Networking Gear - Unlike hosts that receive significant administrative security attention and for which security tools such as anti-malware exist, network devices are often working in the background with little oversight—until network connectivity is broken or diminished Well, okay, here is a big "We told you so". And I hate saying that, but we did. Defcon 7 in 1999 had a talk called "Insecurities in Network Devices" and FX did a talk on Cisco router vulnerabilities in 2009. Frustrating? Yes. Lets fix it, put networking gear in the same category as other software and devices, understand the risk, and adjust your processes accordingly.
  6. How Spoofing An Ethernet Adapter Lets You Sniff PC Credentials
  7. "Hello
  8. Printers Now The Least Secure Things On The Internet - This article is poorly done, and really doesn't say anything new or really interesting. There, I saved you 3 minutes of your life you would have never gotten back (if you read this before you clicked the link).
  9. FAA Considers A Ban On Samsung's Exploding Smartphones
  10. "Ten-Year-Old Windows Media Player Hack Is The New Black - The Internet is an evil place: Now malware villains are packing popular movies with malicious links so that the DRM warning leads to sites where they're fooled into downloading trojans masquerading as necessary video codecs.

Larry's Stories

  1. A million bad key sins got worse
  2. 68 Million Dropbox accounts popped
  3. Defcon Wireless Monitoring Service - Damn, a cool project...
  4. a botnet of pwned embedded devices

Jeff's Stories

Michael's (Santa) Stories

Carlos's Stories

Jack's Stories

  1. Cry havoc and let slip the squirrels of war
  2. Foghorn DNS greylisting tool
  3. White House names retired Air Force general as first cyber security chief