Paul's Security Weekly #536
Recorded November 9, 2017 at G-Unit Studios in Rhode Island!
Interview: Amanda Berlin, NetWorks Group and Lee Brotherston, Wealthsimple - 6:00PM-7:00PM
Amanda Berlin is a Sr. Security Analyst for a consulting firm in Southern Michigan. She has spent over a decade in different areas of technology and sectors providing infrastructure support, triage, and design. Amanda has been involved in implementing a secure Payment Card Industries (PCI) process and Health Insurance Portability and Accountability Act (HIPAA) compliance as well as building a comprehensive phishing and awards-based user education program.
Amanda is an avid volunteer and has also presented at a large number of conventions, meetings and industry events. Some examples of these are: DerbyCon, CircleCityCon, GrrCon, and DEFCON. She is the author for a Blue Team best practices book called "Defensive Security Handbook: Best Practices for Securing Infrastructure" through O'Reilly Media. She is a co-host on the Brakeing Down Security podcast and writes for several blogs. While she doesn't have the credentials or notoriety that others might have, she hopes to make up for it with her wit, sense of humor, and knack for catching on quick to new technologies.
Lee has worked within Information Security for over a decade. In that time he has held positions ranging from hands-on practitioner through to management with overall responsibility for Information Security in multiple organizations He has spoken on topics ranging from malware analysis to network security and surveillance.
- Three words to describe yourself.
- If you were a serial killer, what would be your weapon of choice?
- If you wrote a book about yourself, what would the title be?
- In the popular game of ass grabby-grabby, do you prefer to go first or second?
- Choose two celebrities to be your parents.
Tech Segment: Sven Morgenroth, Netsparker - 7:00-7:30PM
Sven Morgenroth is a security researcher at Netsparker. He found filter bypasses for Chrome's XSS auditor and several web application firewalls. He likes to exploit vulnerabilities in creative ways and has hacked his smart TV without even leaving his bed. Sven writes about web application security and documents his research on the Netsparker blog.
Security News - 7:30-8:30PM
- Ex-NSA Director Says Companies Should Never Hack Back Because They Could Start Wars
- Marissa Mayer Subpoenaed To Testify Before Senate On Yahoo Breaches
- Mr. Robot eps3.4_runtime-err0r.r00 the security review
- Microsoft Provides Guidance on Mitigating DDE Attacks
- Eavesdropper Vulnerability Exposes Mobile Call, Text Data
- No jail time for botnet creator who promises to go straight
- Hackers hired for year-long DDoS attack against former employer
- Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies
- Hacking a Fingerprint Biometric
- Stealthy New PLC Hack Jumps the Air Gap
- Vault 8: WikiLeaks Releases Source Code For Hive - CIA's Malware Control System
- Backdoor in SATNAV systems...used by navy ships?
- Don't hack back
- When I test my cryptocurrency code, I do it in production with millions of "dollars" on the line
- An infused review of Ready Player One
- Hacking spirit, building illicit handmade computers in the 80's