Episode495

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly - Episode 495

Episode Audio

MP3

Recorded January 5, 2017

Hosts

  • Jeffrey Man - Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon
  • Jack Daniel - Works for Tenable Network Security and is a co-founder of Security BSides.
  • Larry Pesce, Director of Research and Senior Managing Consultant at InGuardians
    • Larry Pesce, Swami of Security, Oracle of the Online and Hotshot Of Hacking
    • Larry Pesce, destroyer of embedded systems and injector of RF energy.
  • Michael Santarcangelo - founder of SecurityCatalyst.com, author of Into the Breach, and creator of the leadership-driven Straight Talk Framework - with our favorite question, "What problem are you trying to solve?"
  • Joff Thyer - SANS Instructor, Penetration Tester and Security Researcher with Black Hills Information Security.
    • Joff Thyer, Geeking out with the best of them. Known to attract multiple waitresses with a single smile and utterance of g'day. Deployer of cocktail recipes in desperate situations. Hacker of many a thing! If it's got code running on it, it can be hacked.
    • Joff Thyer, musician, proud father, and friend to many.
  • Paul Asadoorian - He is probably the coolest guy around, but he won't tell you that. He is the kind of guy you want by your side when fighting off an army of 10,000 pygmies with poison arrows. He can tell you what color your underwear is by looking into your eyes. He can eat a cheeseburger in one bite. Scientists have said that he is so hot, he may be the main reason for global warming. His shit doesn't stink; in fact, it smells like car polish. He was refused entry to the USA because his biceps were classified as weapons of mass destruction. He is in the Guinness Book of World Records for completing the most somersaults in a row (126,253).

Announcements

  • ITProTV is introducing a new membership level on February 1st. All current Premium Members as of February 1st will be granted the highest membership level available, so sign up today! Visit ​itpro.tv/securityweekly ​and use code ​SW30.
  • InfoSecWorld - Your 10% off discount code to promote to your members is OS17-SW. This will give them 10% off the main conference or the World Pass.

Interview: Joe McCray, Strategic Security - 6:00PM-7:00PM

Comprehensive background in computer security, networking, and system administration along with extensive experience with public speaking, and training.

Specialties: Well versed in both Network, and Application Penetration Testing with the unique ability to translate Geekenese to English.

Strategic Security is an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis (ex: PCI, HIPAA, ISO 27000, etc). We also provide guidance on integrating security into your software development lifecycle, building an enterprise security program, and much more…

Technical Segment: Forensic Toolkit (FTK), Doug White- 7:00PM-7:30PM

Forensic Toolkit, or FTK, is a computer forensics software made by AccessData. It scans a hard drive looking for various information. It can for example locate deleted emails and scan a disk for text strings to use them as a password dictionary to crack encryption.

Security News - 7:30PM-8:30PM

Paul's Stories

  1. Buying Internal Domain Access Rob 'mubix' Fuller
  2. Claudio Guarnieri on Security Without Borders
  3. Put walls around home Things, win $25k from US government
  4. Hackers Could Explode Horribly Insecure Smart Meters, Pwn Home IoT
  5. Florida Man Sues Verizon For $72m For Letting Him Commit Identity Theft
  6. MongoDB Databases Under Attack Worldwide
  7. What Hack? Burlington Electric Speaks Out
  8. FDA Releases Guidance for Medical Device Cybersecurity
  9. Android Patched by Google for 90 Vulnerabilities in January Update
  10. Linux 2017: With great power comes great responsibility | ZDNet

Larry's Stories

  1. Oh no, MONGO!
  2. FDA offers guidelines on ongoing security of medical devices
  3. FTC offers $25K Prize for proposals for automatic patching and security of IoT - I think th heart is in the right place, but is so mis guided. They want a “device” that can go on a network to protect and patch….this really grinds my gears on so many levels.
  4. Bobby Tables has a company