From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 440 - 6:00PM

Episode Media


Intro, Sponsors & Announcements


This week we interview Michael Bazzell author of "Open Source Intelligence Techniques", "Hiding from the Internet" and the technical advisor for TV hacker drama "Mr. Robot" on the USA network. Stories of the week will include Kevin Spacey, a few traits of the Best Information Security Teams Ever and much more! Stay tuned! '


Broadcasting live from G Unit Studios in Rhode Island, the show where exploits run wild, packets aren’t the only things getting sniffed, systems aren't the only things getting penetrated, functions are the only things getting wrapped, bits aren't the only things getting banged and the cocktails flow steady its Paul’s Security Weekly!

  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!
  • And by Netsparker, the developers of the ONLY false positive free web application security scanners, enabling you to automatically identify vulnerabilities and security flaws in all your websites, web applications and web services. Netsparker scanners are available in two editions, Netsparker Desktop and Netsparker Cloud, the enterprise level online scanning service. For more information visit their website on https//www.netsparker.com/securityweekly/
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com

Paul: Hello everyone and welcome to Paul's Security Weekly - Episode 440 for Thursday, November 5th 2015


  • Use discount code "BLACKFRIDAY" and save 50% on all items in the store, including Hack Naked shirts and limited edition Security Weekly 10-year anniversary hoodies! Visit http://shop.securityweekly.com today!

Interview: Michael Bazzell

EmbedVideo received the bad id "iYhgwvCrDDc"" for the service "youtube".


Michael spent many years with the FBI's Cyber Crimes Task Force as an investigator. He's an expert in OSINT, maintains inteltechniques.com and computercrimeinfo.com. He is also the technical advisor for USA's Mr. Robot.


  1. How did you get your start in information security?
  2. What was it like in the early days investigating computer crimes?
  3. How has the computer crime laws changed over the years?
  4. what is the dumbest thing a computer criminal has done that you have uncovered (that you can talk about)?
  5. What can the average person do to avoid becoming the victim of computer crimes and fraud?
  6. What are the top 3 things you can do to protect your privacy online?
  7. How did you come to be the tech advisor for Mr. Robot?
  8. Did the directors and producers want to be accurate with the technology?
  9. Did you every suggest or create some technology for the show and have the final cut get it wrong?
  10. What do you identify with most from the main character, Eliott?
  11. Elliot uses GNOME and can be seen coding in Python, where these original to the script or did you work with the writers to get this added? We've never seen tech bits be so accurate...
  12. Do you get to read the entire script or just the technical parts?
  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.


  1. IntelTechniques.com
  2. ComputerCrimeInfo.com
  3. Twitter
  4. http://nerdist.com/mr-robot-michael-bazzell-hacking-accuracy/

Stories of the Week - 7:00PM-8:00PM

EmbedVideo received the bad id "IQcQDfhwzaM"" for the service "youtube".


  • This segment is sponsored by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
  • Looking for a career change? Tenable Network Security is hiring! Everything from programmers to researchers, check out all of the available positions at http://securityweekly.com/tenablejobs. If you are listening to this show, check out the following two positions, both technical and both are work from home: Nessus Vulnerability Research Engineer and C Software Engineer
  • Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
  • And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/


Paul's Stories

  1. webapps - vBulletin 5.1.x - PreAuth 0day Remote Code Execution Exploit
  2. The top 10 apps that companies hate
  3. Hackers Claim Million Dollar Bounty For iOS Zero Day Attack
  4. Kevin Spacey Hired To Put The Hollywood Into Cyber Security
  5. No C&C server needed: Russia menaced by offline ransomware
  6. Mature & Unconfident: The Best Information Security Teams Ever!
  7. Library of Congress Says It's OK to Hack Your Car | WIRED
  8. Saving Systems from SQLi | WhiteHat Security Blog
  9. Boasting about your binges on Facebook could hurt your credit score
  10. Undercover cop answers Craigslist ad for a hacker

Larry's Stories

  1. The Curious Case of API Security - I love me a discovered API on pen tests...
  2. Scary Haloween Pentest findings - Ok I lol’ed, mostly because they are true.
  3. Damn I wish Carlos was here - Are we measuring Blue/Red Teaming correctly?
  4. The machines are breeding
  5. Didier’s quick and dirty Office “MALDOC” analysis

Michael's Stories

Joff's Stories

Kevin's Stories

Jacks Stories

  1. The smartest people are successful because they're sarcastic