From Paul's Security Weekly
Jump to: navigation, search

Recorded December 6, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is the Sr Cyber Analyst at LLNL,SANS Analyst
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.

  • Announcements

    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Go to https://go.stealthbits.com/2019trends to register for stealthBITS webcast "Emerging & Continuing Trends in 2019: Privacy Regulations, Active Directory Security & Machine Learning" for an in-depth discussion from Rod Simmons and Paul Asadoorian. You can also view their assessment at: https://www.stealthbits.com/assessment.

    Interview: Lenny Zeltser, Minerva Labs - 6:00-7:00PM

    Lenny Zeltser
    the VP of Products for Minerva Labs.
    Lenny Zeltser is a seasoned business and tech leader with extensive information security expertise. He builds innovative endpoint defense solutions as VP of Products at Minerva Labs. Beforehand, as a product portfolio owner at NCR, he delivered the financial success and expansion of the company’s security services and SaaS products. Earlier in his career he managed the US team of service professionals, aligning their expertise to the firm’s cloud offerings as the national lead of the security consulting practice at Savvis (acquired by CenturyLink).
    Lenny helps shape global infosec practices by teaching incident response and malware defenses at SANS Institute and by sharing knowledge through writing, public speaking and community projects. He has earned the prestigious GIAC Security Expert professional designation and developed the Linux toolkit REMnux, which is used by malware analysts throughout the world. Lenny is on the Board of Directors of SANS Technology Institute.

    Tech Segment: Marcello Salvati, BHIS - 7:00PM-7:30PM

    Marcello Salvati
    is a security consultant at BHIS.
    Marcello Salvati (@byt3bl33d3r) is a security consultant at BlackHills Infosec by day and by night a tool developer who discovered a novel technique to turn tea, sushi and dank memes into somewhat functioning code. He's also really good at writing bios. I know, at this point you're probably asking yourself: " Wait, how good of a bio writer is this guy? I need a quantifiable metric in order to come to a conclusion! The suspense is killing me!". Well John Strand hired him so that he could continue to write them. Yeah... that's how good. Checkmate Atheists! *dab* *mic drop*

    Security News - 7:30 - 8:30PM

    Paul's Stories

    1. Top 5 New Open Source Vulnerabilities in November 2018 - Security Boulevard
    2. 10 Steps to Recover from a Hacked Website - Security Boulevard
    3. Hashcat Advanced Password Recovery 5.1.0 Source Code Packet Storm
    4. This is how Docker containers can be exploited to mine for cryptocurrency | ZDNet
    5. A botnet of over 20,000 WordPress sites is attacking other WordPress sites | ZDNet
    6. Adobe Flash zero-day exploit... leveraging ActiveX embedded in Office Doc... BINGO!
    7. Trumps Cybersecurity Advisor Rudy Giuliani Thinks His Twitter Was Hacked Because Someone Took Advantage of His Typo
    8. Manipulated White House Video Exposes Real Risks to Enterprises
    9. Why Marriott Breach Includes Some Valuable IT Lessons
    10. Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea
    11. Siemens Wants to Release Security Advisories on Patch Tuesday | SecurityWeek.Com
    12. Cyber security: Hackers step out of the shadows with bigger, bolder attacks | ZDNet
    13. Steps to strengthen Cybersecurity for Automobile Industry
    14. Someone Is Claiming to Sell a Mass Printer Hijacking Service
    15. Why hospitals are the next frontier of cybersecurity - Help Net Security

    Larry's Stories

    1. being a good domain steward
    2. more Marriott...
    3. more than one Mariott security breach
    4. Wordpress cannibalism: 20,000 pwned sites searching for more