Episode426

From Paul's Security Weekly
Jump to: navigation, search


Paul's Security Weekly - Episode 426 - 6:00PM

Episode Media

MP3

Intro, Sponsors & Announcements

Paul

[Cut to Paul Live Shot]

This week we interview Andrew Hay, Director of Research for OpenDNS. Stories of the week will include Adobe Flash 0Day, hackers gone free and a hacking team that got hacked. All that and more so stay tuned!

[Cut to Jack Live shot]

Jack

Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting sniffed, and the cocktails flow steady its Paul’s Security Weekly!

[Cut to sponsor logo]

  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/

[Cut to security weekly logo]

Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet...

[Cut to live shot of Paul]

Larry: Here's your host, a man who doesn't read Fortune, but he has eaten a lot of their cookies its Paul Asadoorian!"

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 426 for Thursday, July 9th 2015

  • Introduce hosts and guests

Announcements

EmbedVideo received the bad id "UaKVMWPTpFo"" for the service "youtube".

[Cut to Announcement graphics]

  • Ready to learn Combat Firmware Analysis? Register for Paul's Blackhat course "Embedded Device Security Assessments", a 2-day hosted class at Blackhat Las Vegas. Registration includes breakfast, lunch, and access to the Blackhat Briefings Business Hall, Sponsor Workshops, Sponsor Sessions, and Arsenal! Visit http://securityweekly.com/iot to register today!

[Cut to shot on Paul]

Guest Interview: Andrew Hay - 6:05PM-6:55PM

Bio

Andrew Hay is the Director of Research at OpenDNS where he leads the research efforts for the company. Prior to joining OpenDNS he was the Director of Applied Security Research and Chief Evangelist at CloudPassage, Inc. Prior to that, Andrew served as a Senior Security Analyst for 451 Research's Enterprise Security Practice (ESP) providing technology vendors, private equity firms, venture capitalists and end users with strategic advisory services – including competitive research, new product and go-to-market positioning, investment due diligence and tactical partnership, and M&A strategy.

Links

@andrewsmhay

Questions/Topics

  1. How did you get your start in information security?

Five Questions

  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.

Stories of the Week - 7:00PM-8:00PM

EmbedVideo received the bad id "ghLC-v8wR_w"" for the service "youtube".

[Play music, Cut to sponsor logo, THEN START RECORDING]

Sponsors

  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!
  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com

Announcements

[Cut to announcement Graphics]

  • Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Las Vegas, NV, September 14-19, and lots more places so be certain to check the SANS web site for more course offerings!

[End Music]

Paul's Stories

  1. Your Wi-Fi Network’s Soft Underbelly
  2. DMZ and Headless Chickens
  3. Finnish Decision is Win for Internet Trolls
  4. The Risks of Mandating Backdoors in Encryption Products
  5. Infamous Hacking Team Has Been Hacked
  6. Steer Clear Of Low-Tech Hacks: How To Keep Your Information Safe
  7. Ford's 400
  8. Adobe Tackles New Flash Threat After Hacking Team Leak
  9. Yet Another High Severity Bug Found In OpenSSL
  10. Three UK Politicians 'Hacked' Using Insecure WiFi

Editor's Stories

  1. BlackBerry Admits defeat

Jack's Stories and Stuff

  1. The BSides Las Vegas 2015 Pros vs. Joes CTF is teaming up with the Social Engineering CTF this year. The calls for Pros and Joes are open now.
  2. Finally, a solution to IT integration. Thanks to Spaf for the link.
  3. Caspar Bowden, tireless defender of online privacy, dies.
  4. Violet Blue's story on How spyware peddler Hacking Team was publicly dismantled

Joff's Stories of Hippie Love

  1. DARPA's awesome competition down to lucky seven