From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 439 - 6:00PM

Episode Media


Intro, Sponsors & Announcements


This week we discuss threat intelligence and how to make the most of it, in the stories of the week we will tell you how to become a pen tester and how to turn your clunker into a smart car. All that and more so stay tuned!'


Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting sniffed, systems aren't the only things getting penetrated, functions are the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!

  • Looking for a career change? Tenable Network Security is hiring! Everything from programmers to researchers, check out all of the available positions at http://securityweekly.com/tenablejobs. If you are listening to this show, check out the following two positions, both technical and both are work from home: Nessus Vulnerability Research Engineer and C Software Engineer
  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 439 for Thursday, October 22th 2015


  • Look for a big discount on Hack Naked shirts coming soon and the availability of limited edition Security Weekly 10-year anniversary hoodies available in the store!

Segment: Making The Most Of Threat Intelligence

EmbedVideo received the bad id "C9Jmt84SWQk"" for the service "youtube".

Make it more about prevention!

  1. Information about threats must be correlated with vulnerability data and remediation prioritized accordingly and tied to patch management,
  2. A standard for configuration across the organization’s systems must be put in place and enforced, taking in information from threat intel and other sources
  3. User awareness - take what you’ve learned and discovered and communicate it to the organization. The toughest organizations to breach in the world have this in common, their users are in tune with threats and know how to respond. Securing the Human, Lance Spitzner and https://www.securityinnovation.com/ - Developer training and user training
  4. Know which systems are critical and which systems hold critical data, and analyze those systems and events first and respond
  5. Know what malware is doing against your environment, and specifically which weaknesses its exploiting and patch / fix those
  6. Know which exploits are out there in the wild, both commercial and free, fix those first.
  7. Have a plan to patch and harden everything else, pen testing can help identify some of the weak paths.
  8. Use this is a guide: http://bit.ly/1hTkWFv (http://malwarearchaeology.com/s/Windows-Logging-Cheat-Sheet.pdf) it contains two things
    1. A guide to which logging activities to enable on Windows systems
    2. A guide to configuring Splunk to detect anomalies in the Windows logs you’ve enabled

Stories of the Week - 7:00PM-8:00PM

EmbedVideo received the bad id "2HSRC3PMUpI"" for the service "youtube".


  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!
  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com


Paul's Stories

  1. How to become a pentester | Corelan Team
  2. Mathy Vanhoef: Advanced WiFi Attacks Using Commodity Hardware
  3. How to Commandeer a Store PA System
  4. Don’t Be Fooled by Fake Online Reviews Part II
  5. "Apple tells judge it's ""impossible"" to unlock a device running iOS 8 or higher"
  6. Fitbit Vulnerability Means Your Tracker Could Spread Malware
  7. IoT security threats and how to handle them
  8. Smartwatch – A Fashionable and Dangerous Gadget
  9. Attackers hijack CCTV cameras and network-attached storage devices to launch DDoS attacks
  10. To Find The Needle
  11. The First Rule Of Zero-Days Is No One Talks About Zero-Days
  12. Teen Who Hacked CIA Director's Email Tells How He Did It
  13. German Govt Mulls Security Standards For SOHOpeless Routers
  14. Hackers Make Cars Safer. Don't Ban Them From Tinkering
  15. Apple CEO Tim Cook Blasts Encryption Backdoors

Michael's Stories

  1. This Device Will Turn Your Clunker Into A Smart Car for $200 —> everyone racing (bad pun?) to get in on connected cars. What about security?
  2. OMB preps cyber sprint follow-up —> 30 days to find and address gaps. This demonstrates a total lack of leadership — see next story
  3. Stop focusing on gaps to gain influence as a security leader —> my recent article on the why leaders don’t focus on gaps
  4. Facebook alert warns of state-sponsored hacking —> and… ? does this help or hurt us? Does it matter? Did they roll attribution dice?
  5. ‘Response and Recovery’ Emphasized for Cyber Attacks —> this is a piece about insurance. Insurance is an effective strategy. And it’ll drive change. This is basically calling for ‘anticipate breach” - no, not assume
  6. Smart leaders need to ‘anticipate breach’ to protect their companies —> I wrote this. It’s an evolution from the defeatist mindset of “continuous” breach and even the earlier position I held on “assume (you can)” | the right word for leadership is ‘anticipate. The insurance companies seem to agree
  7. Majority of online shoppers are afraid of being hacked while buying online —> conflation? Is this ultimately good?
  8. How a criminal ring defeated the secure chip-and-PIN credit cards --> Wait. What? Chip and PIN was supposed to save us. Remind me the *value* of this. Again. Please.