From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 432 - 6:00PM

Episode Media


Intro, Sponsors & Announcements


This week Jack Daniel will lead us off with a series of rants, we don't know quite what to expect, but we're giving him the floor in his own segment. Stories of the week will include embedded device company that tried to implement security, but got it wrong (and its not what you think), more Ashley Madison drama, and more so stay tuned!

  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • Looking for a career change? Tenable Network Security is hiring! Everything from programmers to researchers, check out all of the available positions at http://securityweekly.com/tenablejobs. If you are listening to this show, check out the following two positions, both technical and both are work from home: Nessus Vulnerability Research Engineer and C Software Engineer
  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/


Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting sniffed, systems aren't the only things getting penetrated, functions are the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!

Now, fire up a packet capture, pour yourself an adult beverage, and give the intern control of your botnet...

Jack: Here's your host, <FUNNY COMMENT HERE> Paul Asadoorian!"

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 432 for Thursday, August 27th 2015


  • Purchase Hack Naked T-Shirts and stickers online at http://shop.securityweekly.com get yours today! For a limited time only use the discount code "HACKNAKEDSUMMER" and get 50% your order! Its a summer blow-out sale and ends on September 23, 2015 (The first official day of fall).
  • Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Las Vegas, NV, September 14-19, and the Pentest Hackfest in November in Washington, DC and lots more places so be certain to check the SANS web site for more course offerings!

Rant Segment: Jack Daniel - 6:05PM-6:55PM

EmbedVideo received the bad id "S1jF_sXyjR8"" for the service "youtube".

Stories of the Week - 7:00PM-8:00PM

EmbedVideo received the bad id "rirmJidiBW0"" for the service "youtube".


  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!


  • Submit your B-Sides Tampa CFP here. This is a four night cruise, the conference is two full days at sea with a stop in Cozumel Mexico. Accepted talks receive a free cabin for two.

Day 1 - Depart in the afternoon

Day 2 - Sea day (BSides day 1)

Day 3 - Cozumel, Mexico

Day 4 - Sea day (BSides day 2)

Day 5 - Back at Tampa

Paul's Stories

  1. "Web.com Hacked! Credit Card information of 93
  2. Flash: Web Browser Plugins Are Vulnerable
  3. WordPress Compromises Behind Spike in Neutrino EK Traffic
  4. Patched Ins0mnia Vulnerability Keeps Malicious iOS Apps Hidden
  5. Why is the smart home insecure? Because almost nobody cares
  6. We're Just At The Beginning Of The Auto-Hacking Era
  7. Samsung Smart Fridge Leaves Gmail Logins Open To Attack
  8. Suicides Have Started Over The Ashley Madison Hack
  9. Ashley Madison Leak Reveals Its Ex-CTO Hacked Competing Site
  10. Grsecurity Stable Being Free To All Is Over

Santa's Stories

  1. Court: FTC can bring down the hammer on companies with sloppy cybersecurity ==> but what are the bounds?
  2. How developing and disguising software bugs can help cybersecurity
  3. More than 80% of healthcare IT leaders say their systems have been compromised
  4. How To Connect With Anyone You Just Met With 5 Questions -- this is a great article for some ideas on how to connect and work with others (solid add-on to what "HappyJack" brought up during the "Hour of Optimism")

Jack's Stories

Kevin's Stories

  1. Associated Press sues FBI over fake news story
  2. Should companies be held responsible for a customer data breach?
  3. New Spear Phishing Campaign Pretends to be EFF