From Paul's Security Weekly
- 1 Paul's Security Weekly #574
- 2 Announcements
- 3 Interview: Wim Remes, Wire Security bvba - 6:00-6:45PM
- 4 Beacon Analysis Tech Segment: Chris Brenton, Active Countermeasures - 6:50PM-7:25PM
- 5 Security News - 7:30-8:00PM
Paul's Security Weekly #574
Recorded September 6, 2018 at G-Unit Studios in Rhode Island!
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
- DerbyCon is holding its first-ever Mental Health & Wellness Workshop - to help support their efforts, please go to DerbyCon.com/wellness
- Join us for our Webcast with LogRhythm about "Tips & Tricks for Defending the Enterprise Using Open Source Tools". The webcast will be held September 27 @3:00PM EST!
Interview: Wim Remes, Wire Security bvba - 6:00-6:45PM
Topic: Pentesting?SDLC?The state of security?Life of a (virtual) CISO? certifications? … you throw the ball and I’ll hit it.
Beacon Analysis Tech Segment: Chris Brenton, Active Countermeasures - 6:50PM-7:25PM
- Powerpoint Slides from Tech Segment - File:Psw.pdf (To Open: Click File and then click the Adobe logo]]
https://www.honeynet.org/), and an active contributor to the PCI special interest group responsible for the standards for credit card processing in public cloud environments (https://www.pcisecuritystandards.org/pdfs/pr_130205_Cloud_SIG.pdf). I’ve also developed security training, including complete courses for SANS where I served as a Fellow Instructor (https://www.sans.edu/bios/chris-brenton), and for the Cloud Security Alliance where I authored and presented all of their online training material (https://cloudsecurityalliance.org/education/white-papers-and-educational-material/courseware/). I currently run the day to day operations at Active Countermeasures (https://www.activecountermeasures.com/), where we provide inexpensive tools that that simplify the process of threat hunting your network.
Beacon analysis is an integral part of threat hunting. If you are not looking for beacons you take the chance of missing compromised IoT devices or anything that does not have a threat mitigation agent installed. I'll talk about what makes beacon hunting so hard, and how the open source tool RITA can simplify the process.
The blog post I mentioned that talks about clearly defining what's part of a threat hunt: https://www.activecountermeasures.com/tightly-defining-cyber-threat-hunting/
Info on RITA, the tool I discussed, as well as a link to download it: https://www.activecountermeasures.com/rita/
Security News - 7:30-8:00PM
- Spanish driver tests positive for every drug in test
- Remotely exploitable flaw in Schneider Electric PLCs is a danger to OT networks - Help Net Security
- Vulnerabilities found in the remote management interface of Supermicro servers | ZDNet
- Google fixes Chrome issue that allowed theft of WiFi logins | ZDNet
- Localhost HTTP debugging with Fiddler
- Red Flags Someone Is Spying on Your Computer | Reader's Digest
- Browser Extensions: Are They Worth the Risk? Krebs on Security
- Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild
- U.S. to Charge North Korean Spy Over WannaCry and Sony Pictures Hack
- HTTPS crypto-shame: TV Licensing website pulled offline
- How to manipulate Apple's podcast charts, and get yourself a top-rated show
- The Vulnerability Disclosure Process: Still Broken
- Cisco warns customers of critical security flaws, advisory includes Apache Struts | ZDNet