Paul's Security Weekly - Episode 462 - 6:00PM
Recorded April 28th, 2016
- We will have Sean Metcalf on the show today
First segment 6:00PM-7:00PM
Our guest on the show will be Sean Metcalf:
Sean Metcalf (@PyroTek3) is a Microsoft Certified Master (MCM) / Microsoft Certified Solutions Master (MCSM) in Directory Services (Active Directory Windows Server 2008 R2) which is an elite group of Active Directory experts (only about 100 worldwide). As of 2016, he is also a Microsoft Most Valuable Professional (MVP). Sean performs security research focused on the Microsoft platform and has identified interesting Kerberos behavior as well as other unique research. He has spoken on Active Directory attack & defense at BSides Charm (Baltimore), Shakacon, Black Hat, DEF CON, and DerbyCon security conferences. Slides & videos (if available) from these presentations can be found on the Presentations page. Sean Metcalf is Founder of & Principal Security Consultant for Trimarc, an information security consulting firm focused on improving enterprise security. He is a Security Architect and Enterprise Security SME for several customers providing Active Directory and Microsoft enterprise security expertise. He also performs Active Directory security assessments identifying security configuration issues typically leveraged by attackers to compromise the enterprise. ADSecurity.org (Active Directory Security) is a place where he shares Microsoft enterprise security guidance and information about current threats to enterprise networks & mitigation for these threats, Active Directory design and configuration tips, as well as leveraging PowerShell in an Active Directory environment.
- Three words to describe yourself.
- If you were a serial killer, what would be your weapon of choice?
- If you wrote a book about yourself, what would the title be?
- In the popular game of ass grabby-grabby, do you prefer to go first or second?
- Choose two celebrities to be your parents.
Stories of the Week - 7:00PM-8:00PM
In the Press: Redmond Magazine published an article on PowerShell security quoting my post on Detecting Offensive PowerShell Attack Tools. The same article also ran on MCPMag.com. IT World Canada reached out to me in late 2015 to help with an article on Active Directory attack & defense. IIT World Canada also requested comments for a second story titled: “22 tips for preventing ransomware attacks“.
- "Kippos Cousin Cowrie
- Gamekeeper turns poacher? The ex-Tor developer who unmasked Tor users for the FBI
- US-CERT to Windows Users: Dump Apple Quicktime — Krebs on Security
- "Linux infosec outfit does a Torvalds
- Time for a patch: six vulns fixed in NTP daemon
- Batten down the hatches! OpenSSL preps fix for high impact vuln
- Spotify Denies Hack After Users' Personal Data Shows Up On Pastebin
- "Businesses Pay $100
- All Phones In India To Be Equipped With Panic Buttons From 2017
- Why it’s easier to fix a broken product than a broken team
- German Nuclear Power Plant Infected With Malware
- 10 Newsmakers Who Shaped Security In the Past Decade
- How To Stay Secure At The Hotel On A Business Trip
- Office365 Auth bypass - FIXED - Damn, this could have been huge had they not decided to disclose. I hope they got some bug bounty $$ for this one. MS took it seriously as they fixed it in 7 hours.
- TBT - Creepy - Remember the tool, Creepy for pulling geolocation stuff out of Twitter? It got updated somewhere along the way and now includes other social media platforms, and plugin architecture. Oh, and easy installers for all sorts of platforms...
- FBI wont tell apple how it unlocked "the" iPhone - you know, the one they allegedly paid 1.3 million dollars to unlock? Yeah, turns out they just bought the ability to do so, not the technical details. Sounds like someone sold a $500 hammer…
- SWIFT, India, Firewall? - Yeah, no firewall on your network gets you pwned to the tune of $81M
- Minecraft Forum hacked - I read somewhere that it was 7 million users, but turns out that it was only about 16,000 on a site that went belly up right after the hack. Passwords were hashed with MD5; discuss on who is really at fault; the admins or the forum software creators…