- 1 Paul's Security Weekly #555
- 2 Announcements
- 3 Interview: Ron Gula, Gula Tech Adventures - 6:00PM-7:00PM
- 4 Tech Seg: Got Privs? Extract and Crack the Creds by Joff Thyer - 7:00-7:30PM
- 5 Security News - 7:30PM-8:30PM
Paul's Security Weekly #555
Recorded April 12, 2018 at G-Unit Studios in Rhode Island!
- Go to itpro.tv/securityweekly and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
- Check out SOURCE Boston 2018 from May 9th - 10th! Go to sourceconference.com and register using the code SW75WMKW to get a $75 discount!
Interview: Ron Gula, Gula Tech Adventures - 6:00PM-7:00PM
Ron started his cybersecurity career as a network penetration tester for the NSA. At BBN, he developed network honeypots to lure hackers and he ran US Internetworking's team of penetration testers and incident responders. As CTO of Network Security Wizards, Ron pioneered the art of network security monitoring and produced the Dragon Intrusion Detection System which was recognized as a market leader by Gartner in 2001. As CEO and co-founder of Tenable Network Security, Ron led the company's rapid growth and product vision from 2002 through 2016. He helped them scale to more than 20,000 customers worldwide, raise $300m in venture capital and achieve revenues in excess of $100m annually.
Tech Seg: Got Privs? Extract and Crack the Creds by Joff Thyer - 7:00-7:30PM
In the bad old days we used to exploit LSASS memory to dump hashed credentials from memory. When dealing with a domain controller, and a large environment this is dangerous. This segment will address a safer way to extract hashed credentials from the environment for subsequent download, and cracking.
Joff has over 15 years of experience in the IT industry in roles such as enterprise network architect and network security defender. He has experience with intrusion detection and prevention systems, penetration testing, engineering network infrastructure defense, and software development.
Security News - 7:30PM-8:30PM
- Trollcave: 1.2 ~ VulnHub
- Malicious IoT hackers have a new enemy
- Warranty void stickers 'not valid' in US
- Portspoof - Spoof All Ports Open & Emulate Valid Services
- The Truth Hurts - The Hacker Factor Blog
- InfoSec Handlers Diary Blog - Threat Hunting & Adversary Emulation: The HELK vs APTSimulator - Part 2
- When Identity Thieves Hack Your Accountant Krebs on Security
- This Radio Hacker Could Hijack Citywide Emergency Sirens to Play Any Sound
- One in five serverless apps has a critical security vulnerability
- Microsegmentation: Strong Security in Small Packages
- Hacker Can Steal Data from Air-Gapped Computers through Power Lines - Well, the same group of researchers has previously demonstrated various out-of-band communication methods to steal data from a compromised air-gapped computer via light, sound, heat, electromagnetic, magnetic and ultrasonic waves.
- Protecting Routers and Other Network Equipment - Security Boulevard
- Outlook Bug Allowed Hackers to Use .RTF Files To Steal Windows Passwords
- Hijacking emergency sirens
- Hacking 757's
- cheaper wifi cactus
- Russia has figured out how to jam US drones