From Paul's Security Weekly
Paul's Security Weekly #544
Recorded January 18, 2018 at G-Unit Studios in Rhode Island!
Interview: Adam Gordon, ItPro.TV - 6:00PM-6:45PM
Adam currently enables customers to learn to leverage their portfolio of hardware, software, and services in order to maximize the success of their IT systems and processes. Working with complex technologies and solutions such as SharePoint, Lync, VMware, Enterprise Messaging, Directory Services, Citrix, and DRP/BCP, Adam is able to create a customized roadmap to allow the value of your IT infrastructure investments to be fully realized through industry best practices and sound architectural planning.
Ahas a proven track record extending over 30 years in the IT industry. He has extensive experience in providing technical guidance and architecting solutions for major customers. Adam’s continual success is due to his breadth of knowledge, innovative approach and experience with the different aspects of the network computing environment. This includes application support, network integration and security. His diverse experience gives him the ability to support leading edge projects that meet client’s objectives while solving their business problems. Adam has held a number of positions during his career including CISO, CTO, Consultant, and Solutions Architect. He has been instrumental in implementing numerous projects resulting in increased customer satisfaction, productivity and cost reduction.
Adam has worked on many large implementations involving multiple customer program teams for delivery. On any given day, Adam is interfacing with Fortune 500 companies around the world to help architect, configure, and implement a customized solution developed to fit the needs and requirements of that company.
Adam has been invited to lead projects for companies such as Microsoft, Citrix, Lloyds Bank TSB, Campus Management, US Southern Command (SOUTHCOM), Amadeus, World Fuel Services, Baptist Health South Florida, Petrotrin, Office Depot, Burger King, Miami Dade Aviation Department (MDAD), Florida Power and Light (FPL), Seaboard Marine, the United Nations, Digicel, and (ISC)².
- How did you get your start in information security?
- With all of the protections available today, why is ransomware a threat to the enterprise? Or is it?
- What are the weaknesses ransomware preys upon?
- What is a tabletop exercise?
- Why are they so useful for ransomware?
- For practitioners listening, why should they love tabletop exercises and step away from the keyboard?
- How do you execute on the lessons learned in tabletop exercises?
Interview: Rebekah Brown, Rapid7 - 6:45-7:45PM
Security News - 7:45PM-8:30PM
- BIND Comes Apart Thanks To Ancient Denial Of Service Vuln - The software, DNS, that runs the Internet suffers from the same crufty open-source vulnerabilities, just like all software. This code has been around forever, is it supposed to be more secure or less secure? Software does change over time, but no one is going back to look at the existing issues.
- Text Bomb Is Latest Apple Bug - I've heard about many different variantions of this attack, which calls into question Apple's code when handling text messages....I also believe many people believe that iOS is the more secure platform than other smartphone OSes, not so sure...
- Intel fix causes reboots and slowdowns
- YouTube raises subscriber, view threshold for Partner Program monetization - Big fear, you host with a provider for free, you help them make money, and they can drop you at any time. Booo.
- Potent Skygofree Malware Packs 'Never-Before-Seen' Features - Everyone says that security companies should know better, and not get hacked. But do security companies get paid to secure their own networks? No, they get paid to break into or secure other people’s companies…
- Hackers Exploiting Three Microsoft Office Flaws to Spread Zyklon Malware - These are all vulnerabilities published last fall. Up your game on patching, and you will be okay, at least for this malware...
- IOHIDeous, exploring IOS....the hard way?
- Your car may know about more about you than you think....
- Brickerbot, taking out your IoT one device at a time
- WiFi alliance announces WPA3 and updates to WPA2
- New processor based attacks....that are under embargo