Episode518

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly - Episode 518

Episode Audio


Recorded on June 15, 2017

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Announcements

    Interview: Trey Forgety - 6:00PM-7:00PM

    Trey Forgety is Director of Government Affairs and Information Security Issues at NENA: The 9-1-1 Association. A physicist, lawyer, sailor, and inveterate tinkerer, Trey served two years as Presidential Management Fellow with tours in DHS, the FCC, and NTIA, where he worked with the White House to develop policy for a nation-wide LTE network for public safety, known as FirstNet. Trey spoke at DEF CON 24 and will speak again at DEF CON 25, both times on InfoSec issues in Public Safety.

    Five Questions

    1. Three words to describe yourself.
    2. If you were a serial killer, what would be your weapon of choice?
    3. If you wrote a book about yourself, what would the title be?
    4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
    5. Choose two celebrities to be your parents.

    Tech Segment: ProxyCannon with Carrie Roberts, Black Hills Information Security - 7:00-7:30PM

    Carrie Roberts is a penetration tester at Black Hills Information Security. Prior to that position, she was a web application developer and an application developer for PC’s and mobile devices. Carrie frequently presents at InfoSec conferences and is a GIAC Certified Security Expert (GSE).

    Reference Carrie's blog post for more information on this technical segment.

    Five Questions

    1. Three words to describe yourself.
    2. If you were a serial killer, what would be your weapon of choice?
    3. If you wrote a book about yourself, what would the title be?
    4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
    5. Choose two celebrities to be your parents.

    Security News - 7:30-8:30PM

    Paul's Stories

    1. 1 Million Endpoints Exposed on Public Internet via Microsoft File-Sharing Services
    2. credmap The Credential Mapper
    3. Inside a Porn-Pimping Spam Botnet
    4. Fileless malware targeting US restaurants went undetected by most AV
    5. Login-stealing phishing sites conceal their evil with lots of hyphens in URL
    6. Researcher Says Fixes To Windows Defender's Engine Incomplete
    7. NSA Links WannaCry Worm To North Korea
    8. Google's New Tool Lets You Easily Backup & Sync Your Entire PC to the Cloud
    9. Wikileaks Unveils 'Cherry Blossom' Wireless Hacking System Used by CIA

    Larry's Stories

    1. IoT is broken, even without malicious actors
    2. 39 state election breach….bu the russians
    3. Underwriters Laboratories is on the path to be the go to for cyber certification
    4. Post exploitation of Puppet and Ansible