PSWEpisode663

From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly Episode #663 - August 20, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - Advanced Actionable Threat Intelligence - 06:00 PM-06:45 PM

Announcements

  • With all the recent changes to BlackHat and DefCon, we realized we can keep doing what we do best - host virtual podcasts! I’m proud to announce Hacker Summer Camp 2020, a Security Weekly Virtual, Live-Stream Event, August 3 - August 6, 2020. To reserve your slot now, visit: securityweekly.com/summercamp2020

Description

Many are collecting bits of data we call threat intelligence, IoCs and TTPs. You should do this, however you can benefit from going deeper and collecting intel earlier in the cycle and understanding your adversaries motives, methods and how they use the tools.



Guest(s)

Jeff Bardin

Jeff Bardin is the Chief Intelligence Officer for Treadstone 71 with clients on 4 continents. In 2007, Jeff received the RSA Conference award for Excellence in the Field of Security Practices. His team also won the 2007 SC Magazine Award – Best Security Team. Jeff sits or has sat on the Board of Boston Infragard, Content Raven, Journal of Law and Cyber Warfare, and Wisegate and was a founding member of the Cloud Security Alliance. Jeff served in the USAF as a cryptologic linguist and in the US Army / US Army National Guard as an armor officer, armored scout platoon leader. Mr. Bardin has extensive experience in cyber intelligence lifecycle services, program builds, targeted research and support, cyber counterintelligence services and analysis, deception planning, and cyber operations.


Hosts

2. Interview - Qualys - 07:00 PM

Description

Hosts

3. News - Security News - 08:00 PM

Description

Hosts

Paul Asadoorian's Content:

Articles

  1. Xcode becomes vector for new Mac malware attack
  2. Tesla is finally fixing this major security flaw
  3. InfoSec Handlers Diary Blog - ISC Blocked
  4. InfoSec Handlers Diary Blog - Using API's to Track Attackers - Turns out attackers are also bad at key management!
  5. Critical Jenkins Server Vulnerability Could Leak Sensitive Information
  6. Are CSRF Tokens Necessary?
  7. Secret Service reportedly paid to access phone location data
  8. Telehealth is the future of healthcare, but how secure is it? - Help Net Security - But, but, none of these articles about the security of Telehealth tell us anything interesting or useful: “However, the first step is to assess how the data is encrypted and who is authorized to access this data. From there, IT teams should work closely with leadership to fill in the security gaps on telehealth solutions that protect patients while also providing the convenience.”
  9. New Microsoft Defender ATP Capability Blocks Malicious Behaviors - Called “endpoint detection and response (EDR) in block mode,” the capability is meant to provide post-breach blocking of malware and other malicious behaviors, by taking advantage of Microsoft Defender ATP’s built-in machine learning models, Microsoft says.
  10. The Sounds a Key Make Can Produce 3D-Printed Replica
  11. Voice Phishers Targeting Corporate VPNs - “For a number of reasons, this kind of attack is really effective,” said Allison Nixon, chief research officer at New York-based cyber investigations firm Unit 221B. “Because of the Coronavirus, we have all these major corporations that previously had entire warehouses full of people who are now working remotely. As a result the attack surface has just exploded.”
  12. FritzFrog Botnet Attacks Millions of SSH Servers
  13. Google fixes major Gmail bug seven hours after exploit details go public
  14. 6 Ingenious Ways Hackers Break Into the Worlds Most Secure Computers
  15. CVE Turns 21: How it Made it to This Milestone
  16. Disrupting a power grid with cheap equipment hidden in a coffee cup - “Without touching the solar inverter, without even getting close to it, I can just place a coffee cup nearby and then leave and go anywhere in the world, from which I can destabilize the grid,” Al Faruque said. “In an extreme case, I can even create a blackout.” Solar inverters convert power collected by rooftop panels from direct to alternating current for use in homes and businesses. Often, the sustainably generated electricity will go into microgrids and main power networks. Many inverters rely on Hall sensors, devices that measure the strength of a magnetic field and are based on a technology that originated in 1879.
  17. Out-of-Band Update Patches Privilege Escalation Flaws in Windows 8.1, Server 2012
  18. CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack
  19. IBM finds vulnerability in IoT chips present in billions of devices - As IBM notes, the role that machines with EHS8 modules fill makes this a critical security flaw. Medical devices that an attacker penetrates could be manipulated to cover up concerning vital signs, create false panic situations, overdose patients, or cut off essential life-saving functions. In the energy and utilities sector, a compromised EHS8 module could be used to manipulate smart meter readings, shut down meters to cut off power, or damage the power grid itself.