Episode570

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly #570

Recorded August 2, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist & certified security curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Jason Wood
    Security consultant, penetration tester, sysadmin, and Founder of Paladin Security.
  • Announcements

    • Endgame Webcast is being held on August 16, 2018 @3-4pm on Phishing Prevention. Go to securityweekly.com/endgame to register!
    • Come to our Pool Cabana @ Black Hat and Def Con to pick up a free copy of "Cyber Hero Adventures". Here you will be able to get the comic book signed by Gary Berman.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.

    Interview: Joshua Abraham, Praetorian - 6:00PM-6:45PM

    Joshua Abraham
    does tactical and strategic service offerings for Praetorian.
    Josh is a key member of the technical execution team. In this capacity, he is responsible for leading, directing, and executing client-facing engagements that include Praetorian’s tactical and strategic service offerings. Prior to joining Praetorian, Josh spent six years at Rapid7 where he helped build the company’s professional services division, defined the firm’s core methodologies, and trained new employees on the latest hacking techniques.

    Over the years, Josh has become a well-known resource for his contributions to the information security space. An avid researcher and presenter, Josh has spoken at numerous conferences including BlackHat, Def Con, ShmooCon, Derby Con, BSides, The SANS Pentest Summit, Infosec World, SOURCE Barcelona, CSI, OWASP, LinuxWorld and Comdex.

    Josh has a contributed to numerous open source security projects and is a respected security resource to the media and has been quoted by news outlets such as ComputerWorld, DarkReading, and SC Magazine. Josh holds a BS in Computer Science from Northeastern University.

    Contributed a good deal to Metasploit in the past.



    • modules/auxiliary/scanner/http/glassfish_login.rb
    • modules/auxiliary/scanner/http/sap_businessobjects_user_brute.rb
    • modules/auxiliary/scanner/http/sap_businessobjects_user_brute_web.rb
    • modules/auxiliary/scanner/http/sap_businessobjects_user_enum.rb
    • modules/auxiliary/scanner/http/sap_businessobjects_version_enum.rb
    • modules/auxiliary/scanner/smb/smb_enum_gpp.rb
    • modules/auxiliary/scanner/smb/smb_enumusers_domain.rb
    • modules/exploits/multi/http/axis2_deployer.rb
    • modules/exploits/multi/http/glassfish_deployer.rb
    • modules/exploits/windows/browser/adobe_flatedecode_predictor02.rb
    • modules/exploits/windows/browser/adobe_media_newplayer.rb
    • modules/exploits/windows/local/current_user_psexec.rb
    • modules/post/linux/manage/download_exec.rb
    • modules/post/windows/gather/enum_computers.rb
    • modules/post/windows/gather/enum_domain.rb
    • modules/post/windows/gather/enum_tokens.rb
    • modules/post/windows/manage/add_user_domain.rb



    • Built the initial version of the Metasploit nexpose plugin.

    Author of GISKismet!

    Technical Segment: Larry Pesce, Getting Started with FL2k- 6:45-7:45PM

    An introduction to FL2K: Software Define Radio is all the rage for detecting unknown signals and transmitters. We'll show you how to set up and use a surreptitious transmitter to start your journey.


    Security News - 7:45PM-8:30PM

    Paul's Stories

    1. Microsoft Edge Flaw Lets Hackers Steal Local Files
    2. Ransomware attack forces town's employees to go back to typewriters
    3. 200K MikroTik Routers Exploited to Serve Cryptocurrency Miner
    4. Facebook Removes 17 Profiles Involved in Political Meddling
    5. High-schoolers data put up for sale after being scraped from surveys
    6. Google Secretly Planning to Launch a Censored Search Engine in China
    7. Yale University discloses old school data breach | ZDNet - "Back in 2008-2009 very few companies were aware of such a cyber threat, nor were they taking the necessary precautions," Huh?
    8. 5 Steps to Fight Unauthorized Cryptomining - Two of the five are worth discussing: Avoid unauthenticated platforms and application programming interfaces (APIs) and Keep your cloud credentials out of the public side of GitHub. I think we are throwing around the term "API security" without knowing what it really means. Phrasing!
    9. The Making of the Top 100 Researcher List
    10. Drink this potion, Linux kernel, and tomorrow you'll wake up with a WireGuard VPN driver
    11. Facebook's security boss to leave firm
    12. Reddit Discloses Data Breach Due to Intercept of SMS 2FA - "Already having our primary access points for code and infrastructure behind strong authentication requiring two factor authentication (2FA), we learned that SMS-based authentication is not nearly as secure as we would hope, and the main attack was via SMS intercept,"
    13. Multifactor Acquisition: Cisco Plans to Buy Duo for $2.35B
    14. ThreatList: Spam's Revival is Tied to Adobe Flashs Demise - “The demise of Adobe Flash as one of the most popular plugins on websites has shifted criminals away from exploit kits, which enabled the attack vector known as drive-by downloads,” researchers wrote. They believe that the discontinuation of Flash support might eventually lkill off exploit kits as a viable business model for attackers altogether. “We’ve reduced criminals to spam, one of the least-effective methods of infection,” said Sean Sullivan, an F-Secure security adviser.
    15. The Secret to Securing Smart Buildings | SecurityWeek.Com

    Funny Story Of The Week: Clean Boobies

    Why people are rubbing toothpaste on their boobs to make them bigger

    Larry's Stories

    1. SDR based cryptocurrency - Interesting concept, and I can see how this can be used for the future, all Sci-Fi like
    2. Virtualbox 3D acceleration sucks
    3. HP starts bug bounty program for printers - I could not find it though...
    4. 20yo steals 5 million in bitcoin from 40 people bu hacking mobile devices
    5. Reddit hack......bypassing SMS 2FA
    6. Cisco buys DUO

    Jeff's Stories

    1. Reddit Breached after Hackers Bypass 2FA
    2. Cisco to Acquire Duo for $2.35B

    Jason's Stories

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+