Episode429

From Security Weekly Wiki
Jump to navigationJump to search


Paul's Security Weekly - Episode 429 - 6:00PM

Episode Media

Intro, Sponsors & Announcements

Paul

[Cut to Paul Live Shot]

This week we do what we want. All that and more so stay tuned!

[Cut to Jack Live shot]

Someone

Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting DROPPED, systems aren't the only things getting hardened, functions ARE the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!

[Cut to sponsor logo]

  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/

[Cut to security weekly logo]

Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet...

[Cut to live shot of Paul]

Larry: Here's your host, a man who at the tender age of six invented threat intelligence by actually digging to China, it's Paul Asadoorian, Right in the POOP CHUTE!"

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 429 for Thursday, July 30th 2015

  • Introduce hosts and guests

Announcements

[Cut to Announcement graphics]

  • Listening to this while on your way to Defcon? Make sure you come by the vendor area at Defcon this year (located in Paris). We will have the following stuff for sale:
    • Hack Naked T-Shirts - Hack Naked (in back and red), Ladies Hack Naked (Black with pink naked girl or guy), Smoke Naked. We have all sizes up to XXL! $10 cash / $12 Credit
    • While supplies last we will have Black Hills t-shirts, buy anything from us and you get a free BHIS shirt, they have cool zombies on them and another new design
    • Cigars - We will have some Oktoberfest cigars that go great with beer, and some really awesome Wynwood Factory Fresh cigars. Most are $8 a stick and we have box deals
    • Glasses - Limited edition Hack Naked shot and rocks glasses, again extremely limited! Limited edition Hack Naked girl logo with nipple!
    • Vape - We have a limited amount of Aspire vape devices for $80 per kit. We also have some of the best e-liquids on the planet, so tasty!
    • Books - Come see us to purchase our book on active defense, we'll even sign it
    • Come see us at the booth to say hello and if you're not in the buying mood grab some stickers, they are free!
    • Security Weekly videos will be playing in the booth the entire time, so come check it out and make fun of the dorks on the screen podcasting
    • We now accept both cash and credit (no bitcoins, sorry)
  • Purchase Hack Naked T-Shirts and stickers online at http://shop.securityweekly.com get yours today!
  • Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Las Vegas, NV, September 14-19, and the Pentest Hackfest in November in Washington, DC and lots more places so be certain to check the SANS web site for more course offerings!

Sponsors

  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more

Paul's Stories

  1. Buffer Overflow & Format String Attacks: Basics-Part 1
  2. Critical Remotely Exploitable Bug Haunts BIND
  3. Researchers Manipulate Rifle’s Precision Targeting System
  4. "OwnStar Device Can Remotely Locate
  5. Goodbye Internet Explorer
  6. Under 18s should get the right to remove themselves from the internet
  7. Researchers Hack Air-Gapped Computer With Cell Phone
  8. Gamers Steaming Over Dumb Valve Password Vuln
  9. Major Flaw In Android Phones Would Let Hackers In With Just A Text
  10. Security Industry Failing To Keep Pace With Hacker Innovation
  11. Xen fixes another “virtual machine escape” bug

Larry's Stories

  1. Hacking the self aiming rifle
  2. $10 device for cloning access cards
  3. Writable NFC implant ca be used to clone access cards
  4. Windows 10 WiFi-Sense - who thought this was a good idea, and disabling and oping out sucks.


Joff's Stories

  1. Hacking Back - includes Black Hills InfoSec!
  2. Yay Windows 10