Episode533

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly #533

Recorded October 12, 2017 at G-Unit Studios in Rhode Island!

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Jack Daniel
    Works for Tenable Network Security and Co-Founder of Security BSides.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Tech Segment: Matthew Toussain, SANS Institute - 6:00PM-6:45PM

    Matthew Toussain
    Matt is a teacher, writer, and hacker.

    Matt is a teacher, writer, and hacker. He served as the Senior Cyber Tactics Development Lead for the U.S. Air Force. He is a guest instructor at UTSA and the SANS Institute as well as the author of SEC460. Matt is an avid supporter of cyber competitions including CCDC, Netwars, and CDX.

    Tech Segment: Pausing and Resuming Processes with PowerShell with Mick Douglas, SANS Institute - 6:45-7:45PM

    Mick Douglas
    Mick Douglas has been doing information security work for over 10 years.

    Bio

    Even when his job title has indicated otherwise, Mick Douglas has been doing information security work for over 10 years. He received a bachelor's degree in communications from Ohio State University. He is the managing partner for InfoSec Innovations. He is always excited for the opportunity to share with others so they do not have to learn the hard way! By studying with Mick, security professionals of all abilities will gain useful tools and skills that should make their jobs easier. When he's not "geeking out" you'll likely find Mick indulging in one of his numerous hobbies; photography, scuba diving, or hanging around in the great outdoors.

    Synopsis

    You can pause processes with PowerShell. You can even do that without third party apps. This is an awesome opening for defenders, you can now pause a potentially malicious executable and then investigate. If it's malicious, you can kill the process. If it's not... you can simply unpause.

    Security News - 7:45-8:45PM

    1. Windows Phone is now officially dead: A sad tale of what might have been
    2. iOS Password Prompts are Ripe for Abuse
    3. Disqus Hacked: More than 17.5 Million Users' Details Stolen in 2012 Breach
    4. FBI Arrests A Cyberstalker After Shady "No-Logs" VPN Provider Shared User Logs
    5. Warning: Millions Of P0rnHub Users Hit With Malvertising Attack
    6. OnePlus Secretly Collects Way More Data Than It Should Heres How to Disable It
    7. Israel Hacked Kaspersky, Caught Russian Spies Hacking American Spies, But...
    8. MS Office Built-in Feature Allows Malware Execution Without Macros Enabled
    9. Equifax Takes Down Compromised Page Redirecting to Adware Download
    10. Security No. 1 Inhibitor to Microsoft Office 365 Adoption
    11. Equifax Now Faces Potential Breach of Customer Help Page
    12. North Korea Escalating Cyber-Attacks With Little Fear of Retaliation
    13. Kaspersky Lab and the AV Security Hole