Episode574

From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly #574

Recorded September 6, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Patrick Laverty
    is a Pentester for Rapid7
  • Jack Daniel
    Co-Founder of Security BSides and certified security wizard.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Carlos Perez
    is currently the Principal Consultant, Team Lead for Research at TrustedSec.
  • Announcements

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • DerbyCon is holding its first-ever Mental Health & Wellness Workshop - to help support their efforts, please go to DerbyCon.com/wellness
    • Join us for our Webcast with LogRhythm about "Tips & Tricks for Defending the Enterprise Using Open Source Tools". The webcast will be held September 27 @3:00PM EST!

    Interview: Wim Remes, Wire Security bvba - 6:00-6:45PM

    Wim Remes
    is the CEO and Founder of Wire Security bvba.
    Wim is the founder of and principal consultant at Wire Security, based in Belgium. He leverages 15+ years of security leadership experience to advise clients on reducing their risk posture by solving complex security problems and by building resiliency into their organizations.

    Topic: Pentesting?SDLC?The state of security?Life of a (virtual) CISO? certifications? … you throw the ball and I’ll hit it.


    Beacon Analysis Tech Segment: Chris Brenton, Active Countermeasures - 6:50PM-7:25PM

    • Powerpoint Slides from Tech Segment - File:Psw.pdf (To Open: Click File and then click the Adobe logo]]



    Chris Brenton
    is the Chief Operating Officer Active Countermeasures.
    Hello, my name is Chris Brenton. I have been a leader in IT and security for over 20 years. I’ve written multiple books on networking and security including “Mastering Cisco Routers” and “Mastering Network Security”. I’ve been involved with a number of key security projects such as a founding member of the Honeynet Project (https://www.honeynet.org/), and an active contributor to the PCI special interest group responsible for the standards for credit card processing in public cloud environments (https://www.pcisecuritystandards.org/pdfs/pr_130205_Cloud_SIG.pdf). I’ve also developed security training, including complete courses for SANS where I served as a Fellow Instructor (https://www.sans.edu/bios/chris-brenton), and for the Cloud Security Alliance where I authored and presented all of their online training material (https://cloudsecurityalliance.org/education/white-papers-and-educational-material/courseware/). I currently run the day to day operations at Active Countermeasures (https://www.activecountermeasures.com/), where we provide inexpensive tools that that simplify the process of threat hunting your network.

    Topic:

    Beacon analysis is an integral part of threat hunting. If you are not looking for beacons you take the chance of missing compromised IoT devices or anything that does not have a threat mitigation agent installed. I'll talk about what makes beacon hunting so hard, and how the open source tool RITA can simplify the process.

    The blog post I mentioned that talks about clearly defining what's part of a threat hunt: https://www.activecountermeasures.com/tightly-defining-cyber-threat-hunting/
    Info on RITA, the tool I discussed, as well as a link to download it: https://www.activecountermeasures.com/rita/


    Security News - 7:30-8:00PM

    Paul's Stories

    1. Spanish driver tests positive for every drug in test
    2. Remotely exploitable flaw in Schneider Electric PLCs is a danger to OT networks - Help Net Security
    3. Vulnerabilities found in the remote management interface of Supermicro servers | ZDNet
    4. Google fixes Chrome issue that allowed theft of WiFi logins | ZDNet
    5. Localhost HTTP debugging with Fiddler
    6. Red Flags Someone Is Spying on Your Computer | Reader's Digest
    7. Browser Extensions: Are They Worth the Risk? Krebs on Security
    8. Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild
    9. U.S. to Charge North Korean Spy Over WannaCry and Sony Pictures Hack
    10. HTTPS crypto-shame: TV Licensing website pulled offline
    11. How to manipulate Apple's podcast charts, and get yourself a top-rated show
    12. The Vulnerability Disclosure Process: Still Broken
    13. Cisco warns customers of critical security flaws, advisory includes Apache Struts | ZDNet

    Patrick's Stories

    Doug's Stories

    Jack's Stories

    Carlos' Stories

    Keith's Stories

    Joff's Stories

    Kevin's Stories

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+