Episode491

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly - Episode 491

This week John Hurd and Alex Valdivia from ThreatConnect join us for an update on some interesting threat intelligence topics, our technical segment tonight will be with Jimmy Mesta on Containerizing your Security Operations Center. In the security news discussion for the week a new Mirai worm takes out German ISP customers, Raspbian tries to lock down their platform, silent fixes from Microsoft, MUNI eats it, Russians spread election-related propaganda, and we'll discuss Rule 41, the one that has nothing to do with sexual fetishes, well maybe... All that AND more on this edition of Paul's Security Weekly. Recorded: December 1, 2016

Hosts

Template:Hosts Template1

  • Michael Santarcangelo[1] - founder of SecurityCatalyst.com, author of Into the Breach, and creator of the leadership-driven Straight Talk Framework - with our favorite question, "What problem are you trying to solve?"
  • Joff Thyer[2] - SANS Instructor, Penetration Tester and Security Researcher with Black Hills Information Security.
  • Paul Asadoorian[3] -Embedded Device Researcher, Security Podcaster, CEO of Offensive Countermeasures

Episode Audio

MP3

Announcements

  • Make sure you visit http://securityweekly.com/subscribe and subscribe to our new shows including Enterprise Security Weekly and Startup Security Weekly. You can also subscribe to all shows individually, as well as a main feed which contains this show, Hack Naked TV and Enterprise Security Weekly.
  • Take our super cool survey! http://www.securityweekly.com/survey

Interview: John Hurd and Alex Valdivia, ThreatConnect - 6:00-7:00PM

  • John Hurd and Alex Valdivia

John Hurd is an Intelligence Research Analyst. Alex Valdivia is a Threat Intel Researcher. Together they are part of the ThreatConnect team. They know what it takes to work at the front lines of cyber defense. They know that they’re stronger together than we are apart. They're strategic business thinkers. Since 2011, ThreatConnect has led the threat intelligence revolution, building the industry’s most comprehensive threat intelligence platform along with its largest trusted cybersecurity community.

[4]

discuss our platform, our research team, and/or recent findings of interest by our team


  1. Three words to describe yourself
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.

Technical Segment: Jimmy Mesta, Containerizing your Security Operations Center - 7:00PM-7:30PM

Jimmy Mesta is an application security leader that has been involved in Information Security for nearly 10 years. He is the chapter leader of OWASP Santa Barbara and co-organizer of the AppSec California security conference. Jimmy has spent time on both the offense and defense side of the industry and is constantly working towards building modern, developer-friendly security solutions. His core focus has been in application and cloud security with an emphasis on secure architecture, automated testing, developer training and defensive techniques.

Security News - 7:30PM-8:30PM

Paul's Stories

  1. New Mirai Worm Knocks 900K Germans Offline
  2. A security update for Raspbian PIXEL - Raspberry Pi
  3. Microsoft Silently Fixes Kernel Bug That Led to Chrome Sandbox Bypass
  4. Who Hacked The Lights In Ukraine?
  5. 'Dronejacking' may be the next big cyber threat
  6. Microsoft Azure Flaw Exposed RHEL Virtual Machines to Hacking Risk
  7. Shamoon wiper malware returns with a vengeance
  8. Firefox Patched for Zero-Day Vulnerability
  9. Can We Please Stop Pretending Car Hacking Is a Grave Threat? - The Drive
  10. Senators Make Last-Ditch Attempt To Block Expanded Government Hacking Authority
  11. Protocol96 | Bugtraq: SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic
  12. Mirai Botnet Knocks Out Deutsche Telekom Routers
  13. Information Security: The Reporting Line of the CISO is Key to Success
  14. Windows Malware Infections Spiked 106% From Black Friday To Cyber Monday
  15. Why Credentials Are 'The New Perimeter'

Larry's Stories

  1. Comma OpenPilot released opensource
  2. Calendar invite iCloud spam
  3. San Francisco MUNI hacked
  4. Mirai gets some upgrades
  5. PyExifil, Puthon for data Exfil
  6. Reverse Engineering TDDP in TP-Link routers for shell

Jack's Stories

  1. The US government says there is no cybersecurity skills shortage contradicting most of the common wisdom.
  2. Rule 41 it's OK, I'm sure this won't be abused.
  3. The Saudis seem to be under "cyberattack" again although the details are not really details yet.
  4. A great post on health and wellness in infosec from Lesley Carhart (aka @hacks4pancakes)
  5. Time is running out for NTP. NTP is overworked and underfunded, and critical. Not a good combo.
  6. tumblr starts encrypting blogs by default thanks to @Aloria.

Jeff's Stories

  1. Russian Propaganda Effort Helped Spread 'Fake News' During Election, Experts Say
  2. The Propaganda About Russian Propaganda

Comment from a friend: "a colleague of mine at the University of Maryland, is a Professor of Practice in the School of Journalism and continues to write for the Post. The Post suspects that there is an organized effort by unnamed Russian “operatives" to flood the comments sections attached to political reporting. The suspicion arises out of certain patterns of language that the Post's Russian speaking correspondents allege is likely to come from a native Russian speaker."