Episode524

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly #524


Recorded August 3, 2017 at G-Unit Studios in Rhode Island!

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist & certified security curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Interview: Danny Miller, Ericom Software - 6:00PM-7:00PM

    Danny Miller of Ericom Software joins us to discuss how enterprises can protect themselves utilizing new approaches to security, such as isolated browsing techniques!

    Danny is the Director of Product Marketing at Ericom Software. He has more than 15 years of industry experience in corporate and product marketing, business development, and product management supporting an array of technology services, hardware and software solutions – with a strong focus on cybersecurity in recent years. Daniel holds a Bachelor's degree in Behavioral Sciences, a Master's degree in Psychology, and an Executive MBA.

    Tech Segment: VaporTrail with Larry Pesce and Galen Alderson, InGuardians - 7:00-7:30PM


    Fresh outta high school, Galen still has the new car smell. Galen has many years to become a curmudgeon by getting broken in as an intern at InGuardians.

    As red team members and even "evil attackers", we've been finding numerous ways to exfiltrate data from networks with inexpensive hardware: Ethernet, WiFi and cellular (2G, 3G and LTE). The first two are highly detectable, while the latter is expensive and both leave a paper trail. We found a way to use a medium that is right under everypony's nose; low power, broadcast FM radio. With a Raspberry Pi and a length of wire, we can send text and raw binary data with a method nopony (until now) would think to look for. We receive the data with an RTL-SDR, putting our overall hardware budget at $20. In this demo, we will show you how to build and use this system. We'll share tales of the custom software and transmission protocols. You want to see it in action? We've got demos. You want the software? Yep, you can have that too. We're excited to offer Vapor Trail to you, the first FM radio data exfiltration tool. Sure, HAM radio folks have had digital modes for years, but we've done better AND cheaper. We've effectively created our own RF digital mode for pwnage, HAM radio data transfer and redundant communication methods. Why? Because we can. We want to go undetected with current capabilities. Turns out, our approach is quite novel for pulling data right from a network via pcaps or tool output.

    Links

    http://vaportrail.io

    Security News - 7:30-8:30PM

    Paul's Stories

    1. Making Infosec Meetings More Inclusive
    2. How Engineers Hacked 113 Year Old Subway System Signs
    3. Chromes built-in adblocker arrives for early adopters
    4. Researchers display CAN do skill in vehicle DoS
    5. An Insight into Security Static Analysis Tools
    6. WannaCry Hero Arrested, One of Two Charged with Distribution of Kronos Malware
    7. New IoT Bill Proposes Security Standards for Smart Devices
    8. Hackers Behind WannaCry Ransomware Withdraw $143,000 From Bitcoin Wallets
    9. FBI Arrests Researcher Who Found 'Kill-Switch' to Stop Wannacry Ransomware
    10. FCC has no documentation of DDoS attack that hit net neutrality comments
    11. Google Tracks Ransomware Payments at Scale With Machine Learning

    Larry's Stories

    1. Sonic attacks against GPS/gimbal, etc
    2. Pre-pwned android phones for sale on Amazon - There is a time to buy name brand stuff folks...
    3. Billboard hax - We drink because you don't change your default passwords.
    4. IoT security analysis tool- Um, I am confused....
    5. Malwarebyteblog arrested at DEF CON - yeah the guy that "stopped" wanna cry by registering the killswitch domain...
      1. BREAKING NEWS He's tied to the Kronos Banking trojan.
      2. MOAR BREAKING NEWS: The funds from the WannaCry malware are being transferred out of the assigned wallets.
    6. Updates to killlerbee and Wireshark for more functionality to include WirelessHART
    7. Hacking a smart gun with high tech and low tech attacks - This one is damned neat one WiFi based attack, the other with....cheap magnets. The vendor response is also priceless.

    Joff's Stories

    1. Microsoft Expands Bug Bounty Program
    2. Endpoint Monitoring on a Shoestring Budget