Hack Naked TV May 22 2015

From Paul's Security Weekly
Jump to: navigation, search
Black Hills Information Security

In this episode we talk about a number of vulnerabilities, and breaches that occurred over the last two weeks. Also, we talk about security companies extorting organizations to sell a service. Lastly, a demo of a command and control channel over ICMP is performed.

Episode Media

EmbedVideo received the bad id "2jb_F4r3YtI"" for the service "youtube".

Sponsors

  • Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!

Beau's Stories

  1. 1.1 million records stolen in Carefirst breach
  2. Potentially thousands of Charter Communications customer records leaked
  3. Venom virtualization software escape
  4. Downgrade TLS connections via vulnerability in Diffie-Hellman key exchange
  5. Remotely exploitable kernel stack buffer overflow in millions of routers
  6. Possible extortion from a security vendor in order to get more work - LabMD & Tiversa
  7. Command and control channel over ICMP
  8. Mored command and control channels written in PowerShell