Episode389

From Paul's Security Weekly
Jump to: navigation, search


Episode Media

MP3

Announcements

Paul's Security Weekly - Episode 389 for Thursday October 2nd, 2014

And now, from the dark corners of the Internet, where exploits run wild, packets aren’t the only things getting sniffed, and the beer flows steady its Paul’s Security Weekly!

  • This segment is sponsored by Palo Alto Networks creators of THE next-generation firewalls, helping you enforce network security policies based on applications, users, and content. Visit them on the web at www.paloaltonetworks.com
  • and by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more

"Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet..."

"Here's your host, a man who loves everone at Derbycon, especially when getting iced, Paul Asadoorian"

  • Announcement - The PVS contest from Tenable! Register Here to enter a contest and win an AR Drone! You must use the PVS to find something cool, details on the registration page.
  • Security Weekly Updates:

Interview: Don Murdoch

EmbedVideo received the bad id "DIUU3IseLA8"" for the service "youtube".

Bio

Don Murdoch, GSE, MBA is a leading information security professional with over 13 years in digital defense. His experience is in non profit, academic, and Fortune 500 settings. He has taught CISSP and intrusion analysis courses for the SANS Institute, and is both the NICCS Incident Response course lead and the ISSAP course lead for ExpandingSecurity.com. Don has numerous InfoSec IT certifications – CISSP, ISSAP, 10 SANS certifications, is a chartered SABSA security architect, and also is certified as a TOGAF Enterprise Architect.

Questions/Topics

Don will discuss his book, the Blue Team Handbook (http://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756/ref=sr_1_1)

  1. What got you to the point of writing a book? And such a cheap one at that? Shouldn’t you be charging more?
  2. When will you consider this a success? ( I have a great story to tell here…)
  3. Self publishing – discuss!
  4. What was the Biggest baddest mammajamma incident worked at ODU. In those words, I am in my 40’s, after all.
  5. So – tell me about the custom DDOS tool that got deployed to ODU?
  6. What advice can you give us on talking with HR and Legal in the corporate setting?
  7. I hear you have a funny story on you found your favorite brand of Scotch?
  8. From the vendor perspective, how are the SIEM guys doing?
  9. What can the SIEM guys be doing better (I don’t have an answer yet, curious what I will say…)
  10. Whats nest for Blue Team Handbook?
  11. Any chance of a Don M written Red Team Handbook?
  12. How many DMCA notices of take down have you issued? Were they malwarish?

Five Questions

  1. Three words to describe yourself
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby grabby do you prefer to go first or second?
  5. Pick two celebrities to be your parents.

Interview: Rob Wiess: SCADA CTF

EmbedVideo received the bad id "coammg8yYO0"" for the service "youtube".

Rob Weiss - Principal Engineer at Altamira Technologies Corporation

Shellshock: Bash bug discussion with special guest "Space Rogue"

EmbedVideo received the bad id "SuqdqaTmiIw"" for the service "youtube".

Sponsors

  • Also by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!

Stories

Sponsors

  • Stories of the week is sponsored by http://www.blacksquirrel.io/ - Pentest Networks from Your Browser! Exploit the limits of network security through just a browser. Have a Chrome exploit in your toolkit? Good, but for the rest of us there's Black Squirrel. Visit blacksquirrel.io for more information.
  • Also by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
  • This segment is brought to you by Tenable Network Security, the creators of Nessus, the worlds best vulnerability scanner. Check out the new Nessus Enterprise and Nessus Enterprise cloud, engage your IT department in the vulnerability management process today!


Paul's Stories

Larry's Stories

  1. Derbycon Videos are up! - Go watch. Now. Well, after this podcast is over….
  2. Nexus Nethunter - Oooh, cool. Kali on a Nexus!
  3. You sure that’s shellshock? - We are going to be doing this for a long time. Every time some unix device does something weird outbound from now on the immediate answer will be SHELLSHOCK! Well, sometimes a cigar is just a cigar. In the case mentioned, it was just a phone home via SSH looking for updates...
  4. Firechat - A pretty neat chat application, that can use your mobile device to stand up a secondary mesh network with your wireless card, which can enable chat. It works best on your cell enabled device, but still will work on just wifi. This is what the Chinese Protesters used. Be careful, as fire chat has some security issues - one that all of the chat and connection data is stored in cleartext on the device...

Also, take a look at the Serval Project that does similar, but with SMS and VOIP, and also with repeaters based on the TPlink 3020.

Jack's Stories of Joy and Wonder

Joff's Stories

  1. Security bug in XEN Hypervisor
  2. Windows 10 - yep they skipped 9
  3. Cops handing out spyware?