Episode594

From Paul's Security Weekly
Jump to: navigation, search

Recorded February 14, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist & certified security curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Patrick Laverty
    is a Pentester for Rapid7
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.


  • Announcements

    • RSA Conference 2019 is coming up March 4 - 8 in San Francisco! Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass! If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request! Submission deadline for interviews or briefings is February 22nd @ 3:00pm ET.

    • Join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!

    • OSHEAN is hosting RI Cybersecurity Exchange Day on March 13th at the O'Hare Academic Building at Salve Regina in Newport, RI! Register Now @ OSHEAN.org/events.

    • SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting secureworldexpo.com and using the code 'SecurityWeekly'.



    Interview: Harry Sverdlove, Edgewise - 6:00-6:30PM

    Harry Sverdlove
    is the CTO of Edgewise.
    Harry Sverdlove, Edgewise’s Chief Technology Officer, was previously CTO of Carbon Black, where he was the key driving force behind their industry-leading endpoint security platform. Earlier in his career, Harry was principal research scientist for McAfee, Inc., where he supervised the architecture of crawlers, spam detectors and link analyzers. Prior to that, Harry was director of engineering at Compuware Corporation (formerly NuMega), and principal architect for Rational Software, where he designed the core automation engine for Rational Robot.


    Tech Segment: Enterprise-ish Network Security - Part 1 - The Components- 6:30 - 7:30PM



    There are quite a few choices for selecting open-source and inexpensive hardware to build your network and provide tools to monitor for security events. In this segment we'll discuss some of the options, the pros and cons of each, limitations and really cool features! Includes coverage of Qotom hardware, how to procure enterprise-grade switches, the right cabling and OPNSense and pfSense.

    91x8dvdaRbL.jpg S-l1600.jpg 61m+dY44YUL. SL1000 .jpg 71Ksz76nq3L. SL1500 .jpg

    Selecting Hardware

    https://www.amazon.com/dp/B074XPR3VJ/?coliid=I1LUWJ263F88IR&colid=YNABNID4NRUW&psc=0&ref_=lv_ov_lig_dp_it - QOTOM Q355G4 w/ 8GB RAM 16GB SSD, Industrial PC Gateway Firewall Router for pfSense - Intel i5 AES-NI, 4 Gigabit NICs

    https://www.amazon.com/dp/B00WD017BG/?coliid=I2GPE79Z669RDM&colid=YNABNID4NRUW&psc=0&ref_=lv_ov_lig_dp_it - Cat 6 Ethernet Cable 100 ft Flat White, Slim Long Internet Network Lan patch cords, Solid Cat6 High Speed Computer wire with clips & Rj45 Connectors for Router, modem, faster than Cat5e/Cat5, 100 feet

    https://www.ebay.com/itm/Cisco-WS-C3560G-48TS-E-48-Port-10-100-1000-3560G-Switch-1-Year-Warranty/232160253731?hash=item360dd45723:g:6xYAAOSwB09YPziv:rk:1:pf:0 - Cisco WS-C3560G-48TS-E 48-Port 10/100/1000 3560G Switch - 1 Year Warranty

    https://www.amazon.com/gp/product/B01D92SSX6 - Vilros Raspberry Pi 3 Kit with Clear Case and 2.5A Power Supply

    Selecting Software

    https://opnsense.org/download/ -

    https://www.pfsense.org/ -

    https://www.zabbix.com/download -

    https://pi-hole.net/ -

    Security News - 7:30PM-8:30PM

    Paul's Stories

    1. How to Defend Against The runC Container Vulnerability - Lots of ways to detect this: identified the modification of both the container’s “/bin/sh” and the host’s “/usr/bin/docker-runc.” We also would have notified customers of the outbound network connection from the host for the reverse shell.
    2. InfoSec Institutes Top Podcasts to Take Your Computer Skills to the Next Level
    3. Ten Quotes to Get Your Boss to Take IT Security Seriously- I like this one: “One of the tests of leadership is the ability to recognize a problem before it becomes an emergency.” – Arnold H. Glasow Author & Businessman
    4. Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes - The vulnerability is found in Snapd, Canonical's open-source toolkit for packaging and running applications via systemd. Exploiting the flaw would allow an attacker to elevate their access from unprivileged process to that of the root user, essentially allowing a complete takeover of the system. Moberly found that, by abusing the way Snapd's API handles HTTP data requests, the tool could be tricked into believing the user has a uid of 0, aka the root user.
    5. IoT providers need to take responsibility for performance
    6. USB Cable with Embedded Wi-Fi Controller - When plugged into a Linux, Mac, or Windows computer, this cable is detected by the operating system as a HID or human interface device. As HID devices are considered input devices by an operating system, they can be used to input commands as if they are being typed on a keyboard. Created by security researcher Mike Grover, who goes by the alias _MG_, the cable includes an integrated WiFi PCB that was created by the researcher. This WiFi chip allows an attacker to connect to the cable remotely to execute command on the computer or manipulate the mouse cursor.
    7. Is Porn Becoming a Monopoly? Member Feature Stories
    8. Security Spills: 9 Problems Causing the Most Stress
    9. How to Create a Dream Team for the New Age of Cybersecurity - Alternatively, CISOs can choose to outsource parts of the security function to expert managed security service providers (MSSPs). No matter how you choose to assemble your team, it is critical that your security team understands your specific business and network context as well as your focus on improving cyber-resilience, and have the needed skills and tools to protect business-critical assets while continuously improving security posture.
    10. Google Paid Out $3.4 Million for Vulnerabilities Reported in 2018
    11. Threatpost Poll: Over Half of Firms Asked Struggle with Mobile Security
    12. Big Themes Set to Emerge at RSA Conference 2019
    13. New Professional Development Institute Aims to Combat Cybersecurity Skills Shortage
    14. Researchers hide malware in Intel SGX enclaves

    Jeff's Stories

    1. Valentine's Day PSA: No Sweethearts This Year!
    2. Why It's Way Too Easy to Sell Counterfeit Goods on Amazon Two-year old article but a continuing problem for No Starch Press
    3. RunC Vulnerability Gives Attackers Root Access on Docker, Kubernetes Hosts I'm not gonna say, "I told you so..."
    4. You CAN Get a Windows 95 Emulator for Windows 10, Linux, or MAC now I just have to find all my old 'Return to Zork' CD's
    5. DEF CON Goes to Washington
    6. Former US Counterintelligence Agent Charged with Espionage on Behalf of Iran

    Larry's Stories

    1. Hacking cranes with RF
    2. Inside Ubiquiti discovery service, and finding bugs
    3. Company sues employee for falling for a phishing attempt
    4. Reverse RDP attack, running code on the clients
    5. Hacking android with just a PNG

    Joff's Stories


    1. Guess what, I got nothing because Paul and Jeff took all the good ones.
    2. Happy Valentines day people. Hope you managed to avoid the romantic landmines that abound. Oh yeah, "Oh SNAP"... D! That made your day, and you know it.

    Patrick's Story

    1. Teen won't tell Apple how he hacked MacOS