From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 505

Episode Audio

Recorded March 16th, 2017


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jeff Man
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Jack Daniel
    Co-Founder of Security BSides and certified security wizard.


Interview: Andrew Whitaker, Rapid7 - 6:00PM-7:00PM

Arlo HD Security Camera[1]

Andrew Whitaker (M.Sc., Metasploit Pro Professional, Network Assault Professional, Application Assault Professional, Master Assault Certified Expert, CISSP, CEH, CEPT, CPT, LPT, MCT, CEI, CICP, CHFI, ECSA, CCNP, CCSP, CCVP, CCDP, CCNA:Security, CCDA, CCENT, MCTS, MCSE, CNE, EMCPA, CTP, A+, Network+, Security+, Convergence+, Linux+, CEREA, WAPT, CSSA, LPI-1) is a Director of Global Services at Rapid7. In his role, Andrew leads Rapid7’s penetration testing services that helps organizations around the world gain insight into real-world risk and remediation guidance. Andrew is a subject matter expert on computer hacking, an author of best-selling networking and security books, and an award winning technical trainer. His books include Penetration Testing and Network Defense (Cisco Press) and Chained Exploits: Advanced Hacking Attacks From Start to Finish (Addison-Wesley).

Tech Segment: Brad Haines (a.k.a. Render Man) on Internet of Dongs - 7:00-7:30PM

Brad Haines[2]

The Dong Man - Security enthusiast with a focus on security threats of all sorts (including Dongs). Wireless security is a particular specialty as well as physical. Generally focused on improving technology, dongs, and security through non-traditional approaches and brute force if necessary. I am the person your sysadmin warned you about.

Security News - 7:30-8:30PM

Paul's Stories

  1. Why is IR Automation and Orchestration So Hot?
  2. 10 Must-Read Books for Information Security Professionals - I can't believe John and I made the list!
  3. UK's National Cyber Security Centre bungles simple Twitter Rickroll - This statement is awesome: A question and answer session organised by the NCSC on Twitter featured, for reasons nobody understands, “sociotechnical security experts” responding to the great unwashed’s inane queries on the controversy-stricken microblabbing website. And you can learn how not to Rickroll someone. NCSC, you should give up, you let me down.
  4. Fileless Malware Campaigns Tied to Same Attacker
  5. Swastikas all over Twitter what you need to do
  6. Four Men Charged With Hacking 500M Yahoo Accounts
  7. Using Intel's SGX to Attack Itself
  8. Hackers Take Down Reader, Safari, Edge, Ubuntu Linux at Pwn2Own 2017 - Interesting: Unlike last year, when it was partially broken, it appears Google Chrome will emerge from this year’s Pwn2Own unscathed. There are currently no exploits scheduled against the browser for the competition’s second day today. Tencent’s Team Sniper attempted to break the browser with a SYSTEM-level escalation hack yesterday but couldn’t complete their exploit chain in time.
  9. How did Yahoo get breached? Employee got spear phished, FBI suggests - In the process, he discovered two key assets, according to the FBI: Yahoo's User Database (UDB) and an administrative tool called the Account Management Tool. The article suggests that Yahoo employees were phished to gain these tools, whoops.
  10. The Origin of Threat Hunting
  11. Retro Hunting!, (Wed, Mar 15th) - Pretty neat, automated blacklist searches using MISP and Splunk. I like it, saves time, more automation could be used for incident response, ticket creation, etc...
  12. Where Have All The Exploit Kits Gone? - Yep, deeper: after Nuclear and Angler went dormant, criminals behind exploit kits have downsized and gone deeper underground focusing on private development and smaller campaigns.
  13. New Cloaking System Makes Connected Cars Undetectable
  14. MikroTik As A Credential Harvester - Not a very well-written article to say the least, however, Microtik makes a neat little router: https://routerboard.com/RBmAPL-2nD which can be used to harvest credentials. Its small and consumes very little power. Might be worth a look for the pen testers in the audience.
  15. The world's most wanted hacker is basically a nerdy supervillain - He's holding a pet Bengal cat while wearing leopard pajamas while wearing sunglasses indoors.
  16. Machine learning can also aid the cyber enemy: NSA research head - But what if an attacker gets inside the network or perhaps was even inside the network before the machine learning process started? "Their behaviour now becomes part of the norm. So in a sense, then, what I'm doing is that I'm protecting the insider. That's a problem,"

Larry's Stories

  1. Firmware and PCI attacks. More to come?
  2. Sound hax
  3. Your microwave is spying on you Not to be political, but looks like there was some misunderstanding….Sounds like Mrs. Conway got a briefing on stand-off collection, but did not understand all of the terms the were used, and in what context.

Jack's Stories

Jeff's Stories

Spaf remembers Kevin Zeise, Howard Schmidt, and Becky Bace

Joff's Stories