Paul's Security Weekly #529
Recorded September 7, 2017 at G-Unit Studios in Rhode Island!
Interview: Michele Jordan, Under the Oak Consulting - 6:00PM-7:00PM
Michele Jordan has worked in IT and network security for over 35 years, starting with X.25 networks and migrating to today’s Internet. She currently runs Under the Oak Consulting in North Carolina and works with Computer Network Defence, LTD in Bath, England. In her work with CND, Michele has been the researcher responsible for the regular updating of the Computer Network Defence Cyber Threat Intelligence page, affectionately known as the Radar Page, for the last 10 years.
- How did you get your start in information security?
- What do you recommend folks do who want to break into the field of information security?
- What was it like making the transition from working for a company to being a consultant?
- What are some of you most rewarding security consultant gigs and why?
- What are some of the most common issues facing your customers today?
- What is the Radar Page?
- Why did you create the Radar Page? Who is the audience and what problems does it solve?
- Why did you choose to put the information on this page?
- How did you choose the information on this page and validate it?
- What are some of the best use cases for this page?
- Where can people find it?
- Three words to describe yourself.
- If you were a serial killer, what would be your weapon of choice?
- If you wrote a book about yourself, what would the title be?
- In the popular game of ass grabby-grabby, do you prefer to go first or second?
- Choose two celebrities to be your parents.
Tech Segment: Mobile Application Assessment with Chris Crowley, SANS Institute - 6:30-7:00PM
Chris Crowley has 15 years of industry experience managing and securing networks. He currently works as an independent consultant in the Washington, DC area focusing on effective computer network defense. His work experience includes penetration testing, security operations, incident response, and forensic analysis.
Mr. Crowley is the course author for for SANS Management 517 - Managing Security Operations and SANS Management 535 - Incident Response Team Management. He holds the GSEC, GCIA, GCIH (gold), GCFA, GPEN, GMOB, GASF, GREM, GXPN and CISSP certifications. His teaching experience includes FOR585, MGT517, MGT535, SEC401, SEC503, SEC504, SEC560, SEC575, and SEC580; Apache web server administration and configuration; and shell programming. He was awarded the SANS 2009 Local Mentor of the year award. "The Mentor of the Year Award is given to SANS Mentors who excel in leading SANS Mentor Training classes in their local communities."
Mr. Crowley spends his spare time mountain biking, rock climbing, and savoring epicurean treats.
Security News - 7:00-8:00PM
- Fixing, upgrading and patching IoT devices can be a real nightmare
- Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers
- Hackers Can Silently Control Siri, Alexa & Other Voice Assistants Using Ultrasound
- Wikileaks Unveils Project Protego: CIA's Secret Missile Control System
- ShadowBrokers Return With The Release Of UNITEDRAKE Exploit
- Facebook Uncovers Russian-Funded Misinformation Campaign
- How to Implement a Solid Identity and Access Management Strategy
- Victims of Payment Card Breaches Not Fully PCI DSS Compliant
- 10% of Ransomware Attacks on SMBs Targeted IoT Devices
- 10 Essential Bug Bounty Programs of 2017
- Linux 4.13 Kernel Launches With Accelerated Security Feature
- Trend Micro Offering $500K in Security Awards at Mobile Pwn2Own 2017
- Where are the Actionable Defense talks?
- Equifax Reports Data Breach Possibly Affecting 143 Million U.S. Consumers
- Cybersecurity is simply a matter of all of us speaking the same language
- Purdue #1 ranking for Cybersecurity Studies
- Hurricane Irma Impacts the North America PCI Community Meeting
- Equifax Executives Sold Stock Before Breach Announcement