PSWEpisode623

From Paul's Security Weekly
Jump to: navigation, search

Recorded October 17, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.


  • Announcements

    • Register for one of our upcoming webcasts with Bryce Shroeder and Barbara Kay of ServiceNow, Kevin O'Brien of GreatHorn, or Steve Laubenstein of Core Security (or all of them!) by going to securityweekly.com -> Click the webcast dropdown & Select Registration! If you have missed any of our previously recorded webcasts, you can find our on-demand library by selecting on-demand from the webcast drop down! If you attend any of our webcasts, you will receive 1 CPE credit per webcast!
    • We're currently running our annual Listener Feedback Survey! Please visit securityweekly.com -> click the survey tab & select "2019 Listener Survey" to submit your responses!
    • The new Security Weekly website is officially live! Visit securityweekly.com to check out all of our new sorting and filtering functionality! Please let us know if you find any issues or have any feedback by sending to website@securityweekly.net
    • Paul will be providing his insights & predictions in the information & cyber security space at a local (ISC)2 RI Chapter Meeting on Monday, November 18th @ Gregg's Restaurant in Providence. If you would like to join us, go to securityweekly.com/isc2ri


    Interview: Daniel DeCloss, PlexTrac - 6:00-6:30PM

    DeClossis the President and CEO of PlexTrac
    Dan is the Founder and CEO of PlexTrac and has over 14 years of experience in Cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies including serving as a Principal Consultant for Veracode on the penetration testing tesm. Dan's background and expertise is in application security and penetration testing, involving hacking networks, websites, and mobile applications for clients. He has also served as a Principal Security Engineer for the Mayo Clinic and a Sr. Security Advisor for Anthem – a Fortune 40 health insurance firm. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program.

    Dan has a Master’s Degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally Dan holds the OSCP and CISSP certifications. Dan has a passion for helping everyone understand cybersecurity at a practical level, ensuring that there is a good understanding of how to reduce their overall risk.

    Segment Topic:
    What makes a good pentest report?

    Segment Description:
    The segment will focus on the importance of a high-quality report and what red and blue teamers should recognize goes into a good report. Often times, there’s no feedback loop after report delivery and collaboration can be limited post-engagement. That will lead into a demo of PlexTrac to highlight the efficiencies we provide when creating and receiving a report.

    Segment Resources:


    Security News - 7:30PM-8:30PM

    Paul's Stories

    1. Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted
    2. Planes, gates, and bags: How hackers can hijack your local airport | ZDNet
    3. Vulnerability found and fixed in HP bloatware | ZDNet
    4. 1 in 5 IT security professionals fear their connected toilets will be hacked | ZDNet
    5. Cybercrime Tool Prices Bump Up in Dark Web Markets
    6. Pen testers find mystery black box connected to ships engines
    7. Using Machine Learning to Detect IP Hijacking - Schneier on Security
    8. Baltimore to Buy $20M in Cyber Insurance Months After Attack | SecurityWeek.Com
    9. Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS
    10. Cisco Aironet Access Points Plagued By Critical, High-Severity Flaws
    11. Critical and high-severity flaws addressed in Cisco Aironet APs
    12. ISC Releases Security Advisories for BIND | CISA
    13. Older Amazon Devices Subject to Old Wi-Fi Vulnerability

    Larry's Stories

    1. D-Link routers remote exploit to remain unmatched
    2. FBI Warns of MFA bypass with SIM porting
    3. Android Privesc in the wild.
    4. Father of Unix Ken Thompson’s password finally cracked
    5. USB device security still lacking
    6. Free WiFi tracks your location even when you are not connected
    7. 36 pieces of consequential code

    Joff's Stories

    Lee's Stories

    1. An IRS employee stole identities and went on a 2-year spending spree An IRS employee stole multiple people's identities, and used them to open illicit credit cards to fund vacations and shop for shoes and other goods, according to a complaint unsealed last week in federal court. The complaint accuses the 35-year-old federal worker of racking up almost $70,000 in charges over the course of two years
    2. D-Link router models affected by RCE issue Older D-Link DIR-655, DIR-866L, DIR-652 & DHP-1565 families of routers will not be patched.
    3. HildaCrypt Ransomware developer releases Decryption Keys When variant discovered, developer decided to relesae master private key.
    4. White-hat hacks Mushtick ransomware gang and released Decryption Keys Targets QNAP NAS devices. German developer Tobias Frömel paid ransom, analyzed the code, then hacked the gang's server.
    5. UNIX Co-Founder Ken Thompson's BSE Password has finally been Cracked 39 year old BSD password finally cracked. BSD 3 passwords protected by DES-based crypt(3) finally cracked.
    6. Crypto “sextortionists” turn to Litecoin to avoid detection As non-obfuscated Bitcoin links are triggers to block potential Ransomware, other less known option such as Litecoin are starting to crop up.
    7. China’s “Great Nation” app Enable Spying on mobile devices This required (for diplomats, etc.) app uses excessive privileges to provide access to device information. Apple states iOS security will not allow this level of access.
    8. Any fingerprint unlocks Galaxy S10 Once a fingerprint is registered, any fingerprint will unlock. Don't enable function for now, or physically protect device. Software update will fix.
    9. Major Carding Forum BrainsClub Suffers Data Breach Forum with 26 million stolen credit cards are themselves compromised. Valid card data estimated at $500 each.


    Tech Segment: Peter Kruse, CSIS Security Group - 6:30 - 7:30PM

    Peter Kruse co-founded the Danish IT-security company CSIS in 2003 and is currently leading the eCrime department, which provides services mainly aimed at the financial sector. His ability to combine a keen appreciation of business needs and a profound technical understanding of malware has made CSIS a valued partner of clients not only in Scandinavia but also in the rest of Europe.
    Today, Peter is by far the most quoted IT-security expert in Denmark and considered among the most recognized in Europe. He has a long history of active participation in several closed and vetted top IT-security communities and has numerous international connections in the antivirus- and banking industry, law enforcement and higher education institutions.

    Segment Topic:
    Cybercrime, threat hunting, APT, spear phishing and tactics etc

    Segment Description:
    "Nothing specific but a Google search will provide numerous research I have been involved with and conferences I have spoken at including Kaspersky SAS, NCSC, Underground Economy, Virusbulletin, CARO, APWG, Hackdays, Confidence, Cyberhagen and many more."



    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+