From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly #559

Recorded May 10, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Jeff Man
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Patrick Laverty
    is a Pentester for Rapid7
  • Keith Hoodlet
    is the Senior Manager of Global DevSecOps at Thermo Fisher Scientific; Co-Founder of the InfoSec Mentors Project .
  • Announcements

    • Go to itpro.tv/securityweekly and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.

    Interview: Joe Gray, Advanced Persistent Security - 9:00PM-2:00AM

    Joe Gray
    hosts his own podcast Advanced Persistent Security. [

    Joe Gray is a native of East Tennessee. He joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Since leaving the Navy, Joe has lived and worked in St. Louis, MO, Richmond, VA, and Atlanta, GA. His primary experience is in the Information Assurance (IA) and Cyber Security compliance field. He has worked as a Systems Engineer, Information Systems Auditor, Senior UNIX Administrator, Information Systems Security Officer, and Director of IT Security.

    Joe's undergraduate and graduate degrees are also in Information Technology (with focus in Information Assurance and Security) from Capella University, where he graduated Summa Cum Laude for both degrees and completed some Graduate coursework in Business Intelligence. He also is a part-time (Adjunct) Faculty at Georgia Gwinnett College and at Gwinnett Technical College. He is also in the SANS Instructor Development pipeline and will be teaching SANS Security 504: Hacker Tools, Techniques, Exploits, and Incident Handling in the 4th Quarter of 2016.

    Joe holds the (ISC)² CISSP-ISSMP, GIAC GSNA, GCIH, CompTIA Security+, CompTIA Network+, and CompTIA A+ certifications. In his spare time, Joe enjoys reading news relevant to information security, blogging, bass fishing, and flying his drone in addition to tinkering with and testing scripts in R and Python.

    Visit Joe's website and blog: https://advancedpersistentsecurity.net/

    Joe's Podcast: Advanced Persistent Security

    Docker Security Incident - Lessons Learned: - 7:00PM-7:45PM


    Security News - 7:45PM-8:30PM

    Paul's Stories

    1. Microsoft Patches Two Zero-Day Flaws Under Active Attack
    2. Microsoft Adds Support for JavaScript in ExcelWhat Could Possibly Go Wrong?
    3. Self-destructing messages received on 'Signal for Mac' can be recovered later
    4. 5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws
    5. We Need Bug Bounties for Bad Algorithms
    6. Windows critical flaw: This security bug is under attack right now, says Microsoft | ZDNet
    7. Bikeshare System Hacked, Required to Manually Update 2,000 Bikes
    8. Mirai DDoS attack against KrebsOnSecurity cost device owners $300,000 | ZDNet
    9. Misunderstood Intel Documentation Leads to Multi-Vendor Vulnerability
    10. Risky Business: Deconstructing Ray Ozzie's Encryption Backdoor
    11. The final compliance countdown: Are you ready for GDPR? - Security Boulevard

    Jeff's Stories

    Keith's Stories

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+