From Paul's Security Weekly
Recorded February 7, 2019 at G-Unit Studios in Rhode Island!
- RSA Conference 2019 is coming up March 4 – 8 in San Francisco! Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass! If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
- Join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
- Registration is now open for the first Security Weekly webcast of 2019! You can register for our "Rise Above Complex Workflows: Practical Ways To Accelerate Incident Response" webcast now by going to https://securityweekly.com/webcasts.
Tech Segment: Chris Long, Palantir - 6:00-6:30PM
Topic: DetectionLab is a collection of Vagrant and Packer scripts that allows you to automate the creation of a small active directory network that is pre-loaded with endpoint security tooling and logging best practices with a single command. It's cross-platform and the only requirements to bring up the lab are are Virtualbox / VMware and Vagrant.
The goal of the project is ultimately to save people time from having to create lab environments by hand and to provide them with a solid baseline of logging and security tooling. Defenders can use it as a way to see what types of artifacts are generated by specific malicious tools or techniques and red teamers can use it to ensure their TTPs aren't generating unwanted logs/signals that defenders would be able to spot. It would also be a great environment for evaluating endpoint security software, especially if ActiveDirectory is a prerequisite.
Security News - 6:30 - 7:30PM
- 5G networks must be secured from hackers, bad actors, US senator says
- Unlimited crypotocurrency? Zcash fixes counterfeiting flaw
- National pen test execution standard would improve network security
- Security expert Marco Ramilli released for free the Malware Hunter tool
- Zero-day Vulnerability Highlights the Responsible Disclosure Dilemma | SecurityWeek.Com
- What do successful pentesting attacks have in common? - Help Net Security
- Lookalike domains: Artificial intelligence may come to the rescue - Help Net Security
- 8 months of GDPR: 59,000+ reported breaches, 91 fines - Help Net Security
- Flaw in Multiple Airline Systems Exposes Passenger Data
- When 911 Goes Down: Why Voice Network Security Must Be a Priority
- Micro-segmentation Security Firm Illumio Raises $65 Million | SecurityWeek.Com
- Security Bugs in Video Chat Tools Enable Remote Attackers
- Half of IoT devices let down by vulnerable apps
- Original WWII German message decrypts to go on display at National Museum of Computing
- Today is Shine a Light on Slavery Day Born out of the belief that even one person trapped in slavery is too many, #ENDITMOVEMENT is a coalition of the leading organizations in the world in the fight for freedom.
- Fewer Breaches in 2018, But More Sensitive Data Spilled
- What Can We Learn from the Healthcare Data Breach 'Wall of Shame'?
- Tribe of Hackers FREE PDF Cybersecurity advice from the best hackers in the world
- Does HIPAA Apply to Medical Marijuana Facilities?
- Authentication and Key Management flaws in 5G Authentication and Security issues are being revealed in 5G which allow MITM and collection of other mobile user information. May also impact 4G & 3G protocols. Expect fixes by end of 2019 with second phase deployment.
- Phone number porting scam Scenario where you're being asked to call someone who says you must provide a PIN first, this is the PIN for completing a phone port to Google Voice of your number.
- Discarded smart lightbulbs can reveal your passwords Discarded Lifx lightbulbs were found to store WiFi passwords and RSA private keys in the clear.
- LibreOffice and OpenOffice RCE flaw disclosed. Exploits the Python file parsing code to call functions and pass parameters. LibreOffice has a patch. Workaround: disable python support by renaming or removing pythonscrypt.py
- Vaporworms - a new variant of fileless malware threat. Preditcted to be the scourge of 2019 - vaporware is a new twist on fileless malware which is harder to track and find, e.g. payload in one registry key, and execution command in another.
- Apple Releases Multiple Security Updates iOS 12.1.4 and OS X 10.14.3 Supplimental Update to address Group FaceTime issue. Group FaceTime still appears disabled even with those updates applied as of the broadcast.
Interview: Connie Mastovich, InfoSec World '19 - 7:30PM-8:30PM