Episode435

From Paul's Security Weekly
Jump to: navigation, search


Paul's Security Weekly - Episode 435 - 6:00PM

Episode Media

Intro, Sponsors & Announcements

Paul

This week we interview Josh Pyorre from OpenDNS on honeypots and other such things, security news this week includes Cisco routers getting pwned hard, what the NSA is really doing with 0day exploits and the fan favorite: Wordpress insecurity. All that and more so stay tuned!'

Larry

Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting sniffed, systems aren't the only things getting penetrated, functions are the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!

  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
  • Looking for a career change? Tenable Network Security is hiring! Everything from programmers to researchers, check out all of the available positions at http://securityweekly.com/tenablejobs. If you are listening to this show, check out the following two positions, both technical and both are work from home: Nessus Vulnerability Research Engineer and C Software Engineer

Larry

Now, fire up a packet capture, pour yourself an adult beverage, and give the intern control of your botnet...

Larry: Here's your host, a man that gives YouTube trolls the finger, Paul Asadoorian!"

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 435 for Thursday, September 17th 2015

Announcements

  • Purchase Hack Naked T-Shirts and stickers online at http://shop.securityweekly.com get yours today! For a limited time only use the discount code "HACKNAKEDSUMMER" and get 50% your order! Its a summer blow-out sale and ends on September 23, 2015 (The first official day of fall).
  • Tenable is looking for a Technical Director (http://jobvite.com/m?3sIczhwH), works from home in the US.

Interview: Josh Pyorre - 6:05PM-6:55PM

EmbedVideo received the bad id "38y8jGT-UJs"" for the service "youtube".

Bio

Josh Pyorre is a security analyst with OpenDNS. Previously, he was a threat analyst at NASA, where he was part of the team to initially help build the Security Operations Center. He has also done some time at Mandiant. His career in computer security has spanned 15 years, with interests involving network, computer and data security and a continuing goal to maintain and improve the security of as many systems, data and networks as possible. Josh has presented at Defcon, multiple Bsides across the USA and Source Boston.

He will be speaking at DerbyCon, Source Seattle, BSides LA and DeepSec in Vienna, all within the next two months.

Links

  1. Twitter
  2. Bsides SF 2015
  3. OpenDNS Blog
  4. Phishing Content by ASN
  5. Paypal Phishing
  6. Anatomy of Facebook Phishing Campaign

Questions/Topics

  1. How did you get your start in information security?
  2. Tell us about your time working for NASA.
  3. Can you tell us about your interaction with eBay and their responsible disclosure program?
  4. In a recent article, you showed which providers had the most phishing data, can you explain what steps you took to gather this?


  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.


Stories of the Week - 7:00PM-8:00PM

EmbedVideo received the bad id "xbXrznRRhNk"" for the service "youtube".

Sponsors

  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!

Announcements

  • Submit your B-Sides Tampa CFP here. This is a four night cruise, the conference is two full days at sea with a stop in Cozumel Mexico. Accepted talks receive a free cabin for two.
  • Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Las Vegas, NV, September 14-19, and the Pentest Hackfest in November in Washington, DC and lots more places so be certain to check the SANS web site for more course offerings!

Paul's Stories

  1. Week 37 In Review – 2015 - More great stuff here! Tons of news this week.
  2. How $100 And Knowledge Of Wireless Protocols Could Bring Cities To A Standstill - In the lab, but still, this is bad.
  3. First-ever monthly Android security updates start to roll out - Whoohoo, now just get the carriers to play ball and we'll be in better shape, we hope.
  4. Microsoft Pushes a Dozen Security Updates — Krebs on Security - Microsoft released a bunch of patches, brings the count to 100. Curious if this means more people are reporting, there is more software to find bugs in, the code is getting worse, the code is getting better to find vulnerabilities, etc...
  5. September 2015 Adobe Shockwave Security Patch - We have a lot of things to patch.
  6. Spawning Binds with Bluetooth
  7. Proxying Bluetooth devices for security analysis using btproxy · Conor Patrick
  8. "thinkst Thoughts...: Canarytokens.org - Quick - Nice idea.
  9. attactics[dotorg: Extracting Hashes & Plaintext Passwords from Windows 10] - Good walkthrough.
  10. "The Wordpress Plugins Playground - Good article on some plugins that are searched for by bad guys.
  11. "Hacking Team - Bruce asks a great question, makes a lot of assumptions too. Basically, if someone else could breach Hacking Team, the NSA likely already did. Which means the NSA had the 0day. If NSA has the 0day, how come they don't report it and fix it to protect people?
  12. "Remember those Facebook ""Dislike Button"" scams? This time it's real..." - Its not a Dislike button, but comething different. Example, when someone posts "My bird just died", some people may like it, but there is no "I'm sorry" button, as liking when something dies indicates you are likely a serial killer.
  13. WordPress Patches Serious Shortcodes Core Engine Vulnerability - XSS in shortcodes is bad...
  14. Maker Kid Busted for Clock Handcuffed Wearing NASA T-Shirt - I hope the kid goes to MIT like he says. Keep makin' stuff dude! Hopefully we can get better at this security thing in the mean time.
  15. "Scary - The scary part is, this is a firmware replacement attack, and its been reported in the wild.
  16. Apple iOS 9 is out – with a LOT of security holes patched
  17. Exploiting MS15-100 Vulnerability (CVE-2015-2509) - Pretty good walkthrough, you have to get someone to click a LNK file and have it open with Windows Media Center. MS is up to its old games, ranks this as important, not critical. It also says "could allow", when clearly it "does allow" exploitation to take place. Looks like its limited to Win Vista, 7 and 8.
  18. iOS AirDrop vulnerability allows for malware installation on Apple devices - Directory traverasal attacks have been around for a LONG time. I will never forget my computer teacher in the 90's who said "simply by messing with the URL to certain web sites you can get interesting results". Now, granted, he was teaching a MS Office class, which was a requirement BTW, but that just re-enforced my drive to become a hacker...
  19. Self-Destructing Computer Chip - When the proper circuit is toggled, a small resistor within the substrate heats up until the glass shatters. According to Corning, it will continue shattering even after the initial break, rendering the entire chip unusable. Uhm, obvious question, what happens when an attacker can trigger this remotely and in an unauthorized fashion? BAD THINGS, very bad things...
  20. 5 Most Common Firewall Configuration Mistakes - Not sure I get #3 and #4 as it relates to firewalls, however this boils down to 1) Actually implement some rules 2) Harden your firewalls and 3) Collect and analyze the logs. The real question becomes as we move all our IT infrastructure to the cloud, how do you configure the equivilent of a firewall in the cloud? What are the best practices?

Santa's Stories