Episode499

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly - Episode 499

Episode Audio

[] Coming Soon

Recorded February 2, 2017

Hosts

  • Jeffrey Man - Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon
  • Jack Daniel - Works for Tenable Network Security and is a co-founder of Security BSides.
  • Larry Pesce, Director of Research and Senior Managing Consultant at InGuardians
    • Larry Pesce, Swami of Security, Oracle of the Online and Hotshot Of Hacking
    • Larry Pesce, destroyer of embedded systems and injector of RF energy.
  • Michael Santarcangelo - founder of SecurityCatalyst.com, author of Into the Breach, and creator of the leadership-driven Straight Talk Framework - with our favorite question, "What problem are you trying to solve?"
  • Joff Thyer - SANS Instructor, Penetration Tester and Security Researcher with Black Hills Information Security.
    • Joff Thyer, Geeking out with the best of them. Known to attract multiple waitresses with a single smile and utterance of g'day. Deployer of cocktail recipes in desperate situations. Hacker of many a thing! If it's got code running on it, it can be hacked.
    • Joff Thyer, musician, proud father, and friend to many.
  • Paul Asadoorian - He is a male who is extremely charming in manner because of his gentlemanly behavior. He has good looks and thinks that women are better than men. He also has a high pain tolerance and likes it kinky.

Announcements

  • ITPro.TV courses include Cybersecurity Analyst+, CCNA Cyber Ops, ITIL Operational Support and Analysis, Penetration Testing, Ethical Hacking v9. ITProTV is introducing a new membership level soon. All current Premium Members will be granted the highest membership level available, so ​sign up today! Visit​ itpro.tv/securityweekly and use code ​ SW30.
  • InfoSecWorld - Your 10% off discount code to promote to your members is OS17-SW. This will give them 10% off the main conference or the World Pass.
  • SCADA Security has always been, and continues to be, a hot topic in our industry. Our sponsor Waterfall Security is offering a free book for the first 100 listeners to register titled "SCADA Security: What's Broken and How To Fix It" by Andrew Ginter, Waterfall's VP of Industrial Security. Visit http://securityweekly.com/scada to get your free copy today!
  • Get out and vote for your favorite security blogs and podcast! Security Weekly has been nominated for the 2017 RSA Social Security Awards Best Security Podcast, cast your vote today by visiting securityweekly.com/vote!
  • Attend the InfoSecWorld conference on April 3-5 in Orlando Florida, tons of great talks and Security Weekly listeners get10% off by using the code OS17-SW. Find out more at infosecworld.misti.com
  • Attend SOURCE Boston on April 24-27th for training and awesome talks! Use the code SECURITYWEEKLY for $100 off either a conference ticket or one of the trainings. Find out more at source conference.com

Interview: Katherine Teitler, MISTI - 6:00PM-7:00PM

Katherine Teitler is the Director of Content for MISTI, where she is responsible for programming information security conferences, workshops, and summits. Katherine also writes on a variety of security topics for the company’s Infosec Insider, and contributes articles to third-party security media. Previously, Katherine was the Director of Content at IANS, where she built the research program for subscription clients, and has held various editorial and sales roles at CFO Research, Forrester Research, and Bitpipe (acquired by TechTarget).

Tech Segment: Nathaniel "Q" Quist, LogRhythm - 7:00PM-7:30PM

Security News - 7:30-8:30PM

Paul's Stories

  1. Trump Cyber Executive Order Calls for 60-Day Review
  2. Bring out your dead! Firm wants to pay big bucks for old bugs
  3. IDG Contributor Network: A patchwork quilt of IoT security
  4. Is your office printer vulnerable to being attacked?
  5. Multiple vulnerabilities discovered in popular printer models, (Thu, Feb 2nd)
  6. Flaws in popular printers can let hackers easily steal printed documents
  7. WordPress: Why We Didn't Tell You About A Big Zero-Day We Fixed Last Week
  8. How Google fought back against a crippling IoT-powered botnet and won
  9. Radio stations that ignored major vulnerability start playing anti-Trump song
  10. HD Moore Joins Research-Driven Consulting Firm

Riley's Stories

  1. The best breach in baseball

Michael has some stories, too =

  • Cops use pacemaker data to charge homeowner with arson, insurance fraud
  • 'That chip on your credit card isn't stopping fraud after all. Although the special new security chips, which have become increasingly ubiquitous at stores across the nation, have made it harder for criminals to counterfeit credit and debit cards, fraud has actually risen over the last year, according to a new study. Thieves, it appears, have figured out new ways to pilfering cash through the plastic in your wallet. (Fortune)' ==> predicted this a few years ago. Highlights why we need to ask, "What problem are we trying to solve?" and get it right.