Episode482

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly - Episode 482

Recorded: September 22, 2016


Episode Audio

MP3

Announcements

  • Visit http://securityweekly.com/hotseat for the latest edition happening on Sept 13th 2PM EST, register today! We wile sit down with Yolonda Smith, Director of Product Management with Pwnie Express. We will dig into the shift in the number, types, and ownership of devices showing up on enterprise networks, and how you can protect your company from new threats from these devices. We will also get into some cool tech for monitoring and securing your enterprise from wireless, bluetooth, cellular and even good old wired device threats.
  • Make sure you visit http://securityweekly.com/subscribe and subscribe to our new shows including Enterprise Security Weekly and Startup Security Weekly. You can also subscribe to all shows individually, as well as a main feed which contains this show, Hack Naked TV and Enterprise Security Weekly.

Interview: Kobi and Doron Naim, Cyberark Labs - 7:00-7:30 PM

Kobi Ben-Naim Senior Director of Cyber Research Kobi is an accomplished information security professional, well-known for his pioneering work in the field of Advanced Persistent Threats (APTs) and Zero-Day Attacks. Before leading the research teams in Modiin Branch for CyberArk Kobi was co-founder of CYBERTINEL, an Israeli successful Startup. Prior to CyberTinel Kobi served as an Information Security Specialist with the Israeli Ministry of Foreign Affairs, where he led the ministry’s anti-hacking team.


Doron Naim Malware Research Team Leader at CyberArk, focused on dissecting and analyzing techniques used by malware and advanced attackers for fun and profit on customer and partner networks. At CyberArk, Naim and his team have crafted multiple cutting edge mitigation techniques, some of them patent-pending. Prior to CyberArk Naim was part of the pre-sale and malware research team at CYBERTINEL, conducting worldwide customer malware analysis, including behavioral analysis and reverse engineering projects for new/unknown threats. In that role Naim analyzed and documented some of the most sophisticated recent attacks through proactive cyber research or for CYBERTINEL customers in financial, government and intelligence sectors. Before of that, Naim was a member of Israel Defense Forces, taking part in operation squads in the IDF’s Technology & Intelligence Unit 8200.

  • When you first hear of a Windows "safe mode" attack, you instantly think the attacker needs physical access, but this is not the case?
  • Some will say the mitigation is to not allow attackers to gain administrator rights, and those people are in trouble, how easy is it?
  • What can be bypassed when in Safe Mode?
  • Which attacks are possible in Safe Mode?
  • Tell us about COM objects and how they aid in the attack
  • What can you do to not indicate to the user that they are in Safe Mode?
  • What advantages does this have for bypassing endpoint protection? Is it s global bypass for all endpoint protection?
  • How can this attack be mitigated?
  • Can you log everything that happens in Safe Mode?
  • Can you disable Safe Mode?
  • What security protections can be put in place when in Safe Mode?

Tech Segment: How To Try To Make A Secure Shell Script - Introducing DisplayGoat - 6:30PM-7:00PM

https://github.com/pasadoorian/displaygoat

Security News - 6:00PM-6:30PM

Paul's Stories

  1. Alibaba fires employees for hacking their way to free mooncakes
  2. How I gained access to TMobile’s national network for free – Medium
  3. Malware Evades Detection with Novel Technique
  4. Cisco Warns of Command Injection Flaw in Cloud Platform
  5. Employees download new malware every four seconds
  6. North Korea accidentally allows world to access its entire internet
  7. New legislation seeks to prevent US voting systems from being hacked
  8. Malicious Android Apps Due To Increase By 400 Percent In 2016
  9. ICANN Will Switch The Root Zone Signing Key
  10. Malware Infected USB Sticks Posted To Australia Homes
  11. Massive DDoS Attack Launched At Brian Krebs
  12. "Yahoo Expected To Confirm Hack Of 200M Users

Larry's Stories

Jeff's Stories

Michael's (Santa) Stories

Carlos's Stories

Jack's Stories