From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 453 - 6:00PM

Recorded February 25th 2016

This week we interview not one, but two, Jeff's from SANS GIAC, Jeff Frisk and Jeff Pike! Security News this week will cover how to plan for Hacker Summer Camp, one of Larry's favorites: document metadata, and Linux Mint's not so fresh outlook on security. All that and more so stay tuned!

Episode Audio



  • InfoSec World 2016, returning to Disney’s Contemporary Resort on April 4-6, 2016, will present over 100 industry experts who will share hands-on, practical advice on a range of security topics. From understanding your adversary to learning about the zero-day exploit market to bridging the gap between security and the business, InfoSec World 2016 will offer an opportunity for security professionals to learn something new and test ideas with peers. Join us in Orlando to increase your information security knowledge, and help the security community get one step closer to Unlocking Security's Message.

Interview with Jeff Frisk & Jeff Pike, SANS GIAC - 6:00PM-7:00PM

  1. GIAC released ‘digital badges’, what is that, hows it going?
  2. GIAC updated cert renewal program, what changed?
  3. Ways to earn CPEs without SANS training
  4. Adding up CPEs to get the 36 I need
  5. CPE categories and timing
  6. CPE tracking
  7. earning CPEs by earning other infosec credentials
  8. CPE sharing with other organizations
  9. How to renew multiple certifications
  10. what about that GSE?
  11. what new cert sare GIAC developing?
  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.

Stories of the Week - 7:00PM-8:00PM

Paul's Stories

  1. Hacker Summer Camp Planning Guide · System Overlord
  2. What It Takes to Master Security (Hint: It's Not Certs) - OpenDNS Blog
  3. GitHub - enddo/smod: MODBUS Penetration Testing Framework
  4. Practical TEMPEST Attack
  5. Hackers could hijack your computer via its vulnerable wireless mouse or keyboard
  6. Life with the Nest Protect: Are “smart” smoke detectors a dumb idea?
  7. Linux Mint Forum Database Compromised for at Least a Month Before Announcement
  8. "Patient monitors altered
  9. "With few options
  10. How an audit can shore up your security strategy
  11. Nissan LEAF cloud security fail leaves drivers exposed
  12. Judge Confirms DoD Funded Research to Decloak Tor Users
  13. "Confirmed: Carnegie Mellon University Attacked Tor

Larry's Stories

  1. Hunting Automated Pentest Unicorns - an excellent read.
  2. iSuper iRainbow iNternetofShit
  3. IoT security assessor?
  4. Simpli-not-so-safe - And in a follow up, one can use an SDR/Yard Stick ONE to do the same
  5. My old passion, metadata - Dr. Krawetz drops more metadata knowledge on us and some good tools.
  6. Why cbersecurity isn't So Hard - /me firmly places tongue into cheek.

Jack's Stories

Joff's Stories

Carlos' Stories

Michael's Stories

  1. Cyber security startups face funding drought --> Right. Or not.
  2. Are you prepared to respond to ransomware the right way? --> This is a piece I wrote based on a discussion with Rob Gresham. And it's a topic I hoped to cover last week.

Jeff's Stories

Kevin's Stories