Episode430

From Paul's Security Weekly
Jump to: navigation, search


Paul's Security Weekly - Episode 430 - 6:00PM

Episode Media

Intro, Sponsors & Announcements

Paul

[Cut to Paul Live Shot]

This week we do what we want. All that and more so stay tuned!

[Cut to Jack Live shot]

Larry

Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting DROPPED, systems aren't the only things getting hardened, functions ARE the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!

[Cut to sponsor logo]

  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/

[Cut to security weekly logo]

Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet...

[Cut to live shot of Paul]

Larry: Here's your host, a man who at the tender age of six invented threat intelligence by actually digging to China, it's Paul Asadoorian, Right in the POOP CHUTE!"

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 430 for Thursday, August 13th 2015

  • Introduce hosts and guests

Announcements

[Cut to Announcement graphics]

  • Purchase Hack Naked T-Shirts and stickers online at http://shop.securityweekly.com get yours today!
  • Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Las Vegas, NV, September 14-19, and the Pentest Hackfest in November in Washington, DC and lots more places so be certain to check the SANS web site for more course offerings!
  • Submit your B-Sides Tampa CFP here. This is a four night cruise, the conference is two full days at sea with a stop in Cozumel Mexico. Accepted talks receive a free cabin for two.

Guest Interview: Daniel Miessler - 6:05PM-6:30PM

Bio

Daniel Miessler is Principal Security Architect with HP based out of San Francisco, California. He specializes in application security with specific focus in web and mobile application assessments, helping enterprise customers build effective application security programs, and speaking with executives about how to best leverage technologies and processes to reduce real-world risk. In his spare time he enjoys reading and writing, programming, rowing, and table tennis.

Links

  1. Personal Website
  2. GitHub
  3. OWASP Internet of Things Top 10
  4. Twitter

Questions/Topics

Stories of the Week - 7:00PM-8:00PM

Sponsors

  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more

Paul's Stories

  1. Russian hackers accessed Pentagon's unclassified email system
  2. New malware turns your computer into a cellular antenna
  3. Ubiquity Stung $46.7 Million USD In E-Mail Spoofing Fraud
  4. XSS flaw put Salesforce accounts at risk of hijacking
  5. How to hack a Corvette with a text message
  6. It's alive! Patch Tuesday survives for Windows 10
  7. Dropbox Ups Its Security Game With USB Two Factor Authentication
  8. Your BMW Or Benz Could Also Be Vulnerable To That GM OnStar Hack
  9. Lenovo Hit With Criticism Over Second Rootkit-Like Utility
  10. Cisco warns customers about attacks installing rogue firmware on networking gear


Kevin's Stories

  1. Lenovo used Windows anti-theft feature to install persistent crapware
  2. The NSA Playset: Espionage tools for the rest of us
  3. Stingray-like phone spying machine used to blackmail and rig state tenders
  4. 32 hackers and traders charged with $100m in "insider trading" using stolen press releases
  5. Stagefright: Mission Accomplished?
  6. Chaos Communication Camp live streams