From Paul's Security Weekly
Paul's Security Weekly #550
Recorded March 8, 2018 at G-Unit Studios in Rhode Island!
- Today’s determined attackers easily bypass even the most advanced network defenses. Trying to ramp up staff to detect their backdoors can cost thousands of dollars and take months, even years. With Active Countermeasures AI-Hunter we enable even junior analysts to detect even the most advanced backdoors in a matter of hours. Sign up for a demo and purchase our product today by visiting activecountermeasures.com/psw. Active Countermeasures: Make every analyst a hunter!
- Go to itpro.tv/securityweekly and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
- We’ve recently added “The State of Security Education and Training” webcast with ITProTV & RWU to our content available On-Demand at: securityweekly.com/ondemand.
- InfoSec World is March 19-21st of 2018. It is at Lake Buena Vista, Florida. Security Weekly subscribers can save 15% off the InfoSec World 2018 Main Conference or World Pass with the code OS18-SW!
- Ticket Sales are open for the Social Engineering RI Conference. This is taking place on Saturday, June 6th at Salve Regina University in Newport RI. Go to - http://se-ri.org/ to register! Patrick Laverty will be joining us for an interview next week. Stay tuned to hear more about this conference!
Interview:Stefano Righi, UEFI - 6:00PM-6:45PM
- What is UEFI Specification?
- What problems is UEFI solving?
- When did UEFI first come to the market?
- What makes UEFI different from other BIOS systems/bootloaders?
- What are some of the things that can go wrong when updating?
- What can we do to prevent and/or recover quickly from an update?
- What's it like to work for a company focused on a targeted area of computing such as the BIOS?
- What are some of the advances made in BIOS technology that are significant?
- We don't often see the BIOS screen flash any longer on modern computers, how come?
- Why don't more companies implement secure boot processes? How could this help security? – we can’t speak to why other’s don’t implement it, but we implement the secure boot process.
- What are some of the really cool implementations of UEFI?
Tech Seg: Sven Morgenroth, Netsparker - 6:45-7:45PM
Slides for this Tech Segment
Security News - 7:45PM-8:30PM
- Cisco hardcoded passwords
- Memcahed DDoS will be a big deal - and some more, and a killswitch
- CTFR - Subdomain bruteforcing via TLS certificate transparency....scripted]
- Kali on windows