From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 436 - 6:00PM

Episode Media


Intro, Sponsors & Announcements


This week we interview none other than our very own Larry Pesce! His recent DerbyCon talk got us thinking about practical password. Stories of the week will cover the usual Wordpress and D-Link security failures, an behind the scenes look at MS08-067, Nest's new wireless mesh protocol and a whole lot more so stay tuned!'


Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting sniffed, systems aren't the only things getting penetrated, functions are the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!

  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more


Now, fire up a packet capture, pour yourself an adult beverage, and give the intern control of your botnet...

Larry: Here's your host, a man that gave his contractor a soul and then shouted don't fax me bro!, Paul Asadoorian!"

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 436 for Thursday, October 1st 2015


  • Larry teaching SANS 617 Wireless Ethical Hacking and Defense coming up in Las Vegas, NV, September 14-19, and the Pentest Hackfest in November in Washington, DC and lots more places so be certain to check the SANS web site for more course offerings!

Discussion: Passwords with Larry - 6:05PM-6:55PM

EmbedVideo received the bad id "yvHdgTcwSBA"" for the service "youtube".

Stories of the Week - 7:00PM-8:00PM

EmbedVideo received the bad id "62H1s7OxDDM"" for the service "youtube".


  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!


Paul's Stories

  1. The Inside Story Behind MS08-067 - This is perhaps the best blog post I've read all year. Its a behind the scenes look at how Microsoft discovered the MS08-067 vulnerability. It was neat to see the reverse of reverse engineering as we typically think of it as they had the the crash dumps resulting from the exploit and reversed it to find the vulnerability(!).
  2. Jump ESP, jump! - Really cool write-up of a really bad IP camera. Not only insecure, but phoned home to China. Oh, and just slightly better password than my luggage (123456).
  3. Week 39 In Review – 2015
  4. "Mistakenly-deployed test patch leads to suspicious Windows update - I can't shame Microsoft for this, they successfully update 400+ million computers on a regular basis. Who else does that?
  5. Apple removes iPhone app that reports US drone strikes - Security is a tricky thing, and recently I see many big tech companies (Google, Facebook, Apple) take a stance on content. The lines are blurry, sometimes its in the name of security, sometimes to protect the children. This is my opinion, while we may fear the Government has too much control, its the big tech companies that are now dictating what content we can produce, and taking it down or banning it based on their own vague rules, opinions, feelings and agendas. This greatly concerns me, beyond the security implications...
  6. State Trooper Vehicles Hacked
  7. Microsoft's enterprise-grade security is coming to Windows 10 IoT - Bitlocker and Secure Boot on IoT devices is an idea I can get behind. You can get kits from Adafruit and get started!
  8. D-Link Accidentally Leaks Private Code-Signing Keys - I mean, at this point, no one should be surprised. Big question, will D-Link suffer financially as a company due to poor security practices as time goes on?
  9. Unsupported Honeywell Experion PKS Vulnerable to Public Attacks - Upgrade to the latest version, but what about just a patch to fix the vulnerability?
  10. Monica Lewinsky lawyer named as first outsider on secret US spy court - Have a cigar, you're gonna go far...
  11. It's baaaack: Stagefright 2.0 0day hoses all Android devices
  12. Poker Players Targeted By Card-Watching Malware
  13. Two-Week Old WordPress Malware Attack Is Blossoming Into Real Threat
  14. Security Wares Like Kaspersky Can Make You More Vulnerable To Attacks
  15. 650,000 Chinese smartphones used to launch ad network DDoS attack

Larry's Stories

  1. VW and the DMCA - One of the large proponents FOR the DMCA, IE the removing the ability to reverse engineer hardware and software running on a device that you own, got caught doing bad things. When the vehicle detected that only 2 wheels were spinning (IE on a dynamometer), it would modify emissions output to be cleaner than real readings. Why didn’t they want any one to reverse their stuff? So they would not get caught in the lie...
  2. Nest's new wireless mesh protocol - Thread is the name, and it uses IPv6/6lowPAN and 802.15.4 as it's base. It is allegedly "always secure". Now I bet they had smart folks at Google designing the protocol, but I'm not convinced, especially with some of the issues at the 802.15.4 layer. On behalf of the industry, I respond, "Challenge Accepted.".
  3. 1000’s of medical devices hackable - and of course they are dirtily connected to the internet and easily findable with Shodan.
  4. Owning a city with wireless protocol knowledge - Yes, with just a little protocol knowledge and some time and an SDR and standard wifi gear, one could take down some semi-critical infrastructure in many cities...
  5. 4 IoT issues you never thought about - Ok, well, I think I’ve thought about 3 of them, but maybe not the 4th...
  6. Exercise vague caution - This was a great article on a passive aggressive approach to dealing with video surveillance notification.

Kevin's Stories

Breaches of the Week:

  1. 15 Million T-Mobile customer records stolen (SSN, Birthdate, License/Passport ID #, Address, etc.)
  2. Potential Card Breach at Hilton Hotel Properties
  3. Trump Hotel Collection confirms breach
  4. Patreon: Some user names, e-mail and mailing addresses stolen