Paul's Security Weekly #558
Recorded May 3, 2018 at G-Unit Studios in Rhode Island!
- Go to itpro.tv/securityweekly and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
- Check out SOURCE Boston 2018 from May 9th - 10th! Go to sourceconference.com and register using the code SW75WMKW to get a $75 discount!
Interview: Leonard Rose, Principal Security Architect at Limelight Networks - 6:00PM-6:45PM
Leonard Rose is a fellow hacker and UNIX geek who in 1991 was convicted of wire fraud. Once believed to be associated with the hacking group Legion Of Doom (which he was not), Leonard then went on to to become the founder of the Full Disclosure Mailing list and holds a position today as a Pricnipal Security Architect for a large provider.
- How did you get your start in information security?
- What is the Legion of Doom and how did it get started?
- Tell us about the Phrack article you wrote
- Who helped you along the way with your case?
- What was the focus early in your career after the conviction?
- Gotta ask, vi or emacs?
- Where do you work today and what is your role?
- What tools and/or techniques help you the most managing Linux systems?
- What do we need to do better to encourage more people to be in the security field?
Security News - 7:45PM-8:30PM
- Firms running Cisco WebEx are told to update their software... again!
- Volkswagen Cars Open To Remote Hacking, Researchers Warn
- Kitty Cryptomining Malware Cashes in on Drupalgeddon 2.0
- Medical devices vulnerable to KRACK Wi-Fi attacks
- Facebook fires engineer accused of stalking women
- Controversial biohacker is found dead
- Twitter: no big deal, but everyone needs to change their password
- No Computing Device Too Small For Cryptojacking
- iLo ransomware
- it’s specifically the Rar decoder. Fixed 7z executable is out too. .7z files can use Rar compression, so you’re not safe just because you’re not decoding a .rar file with it. But you can check the compression type without decoding
- schneider electric vulns...by tenable
- pentesters guide to hashes
- Cambridge Analytica dismantled for good? Nope: It just changed its name to Emerdata
- Amazon blocks domain fronting, threatens to shut down Signal’s account