- 1 Paul's Security Weekly Episode #662 - August 13, 2020
- 2 1. Why Elastic Is Making Endpoint Security 'Free And Open' - 06:00 PM-06:45 PM
- 3 2. Adobe RCEs, Amazon Alexa Vulns, & TeamViewer Flaw - 07:00 PM-08:30 PM
- 4 3. Vulnerability Rich - Contextually Blind! - 09:30 PM-10:00 PM
Paul's Security Weekly Episode #662 - August 13, 2020
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. Why Elastic Is Making Endpoint Security 'Free And Open' - 06:00 PM-06:45 PM
Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!
Elastic believes that transparency and collaboration must be the new norm for the greater infosec community to succeed in stopping threats at scale.
With many individuals now working from home, new endpoints need to be secured and IT teams are rushing years of planning into a few months to onboard distributed employees and resources – all while managing a global shift that is bringing new adversary behaviors targeting the new remote workforce.
Organizations need to react fast, implement new controls, and do it all while managing existing budgets and staff. Making Elastic endpoint security completely free and open helps level the playing field for organizations that are struggling with the typically high cost and complexity of adopting effective endpoint security.
This segment is sponsored by Elastic. Visit https://securityweekly.com/elastic to learn more about them!
Mike Nichols is Head of Product, Elastic Security at Elastic
Mike leads Product Management at Elastic Security and is the former Vice President of Product Management at Endgame. He manages the PM team and ensures the product team is constantly listening to customers, researching the market, and deriving differentiated technology in order to choose the best strategic path for the company. Mike is also a Cybersecurity Strategy Instructor at Georgetown.
Larry Pesce - Senior Managing Consultant and Director of Research at InGuardians Tyler Robinson - Managing Director of Network Operations at Nisos, Inc
2. Adobe RCEs, Amazon Alexa Vulns, & TeamViewer Flaw - 07:00 PM-08:30 PM
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
This week, Amazon Alexa One-Click Attack Can Divulge Personal Data, Adobe tackles critical code execution vulnerabilities in Acrobat, Reader, Threat actors managed to control 23% of Tor Exit nodes, SANS Security Training Firm Hit with Data Breach, Unskilled hackers can breach about 3 out of 4 companies, TeamViewer flaw can allow hackers to steal System password, and more!
Jeff Man's Content:
- Cybersecurity Is About Attitude, Culture... Not Strictly Compliance Online Business Systems (my employer) is re-posting a five-part blog series I wrote for Wired blog five years ago after the Target breach. I asked them to do it because they were "archived" at Peerlyst, but Peerlyst is shutting down. I reviewed this to make sure it's still current, and surprise - I stand by every word I said.
- Security professionals lose ‘central watering hole’ with demise of Peerlyst in case you haven't heard.
- Report: Unskilled hackers can breach about 3 out of 4 companies Not my customers. Well, maybe a few.
- Vulnerability Prioritization: Are You Getting It Right?
- Google Chrome Browser Bug Exposes Billions of Users to Data Theft
- Pen Test Partners: Boeing 747s receive critical software updates over 3.5" floppy disks
Larry Pesce's Content:
- Cisco 7937G Conference Station vulns - most market as wont fix
- Snapdragon chip flaws - 1 billion devices affected.
- NCC group CREST exam “cheat sheets ” exposed
- SANS data incident IoCs
Lee Neely's Content:
- U.S. to Remove Chinese Products from Local Networks Under "Clean Network Plan" US Secretary of State launches the new "Clean Network Plan" that will provide a "comprehensive approach to guarding U.S. citizens' privacy and U.S. companies' most sensitive information from aggressive intrusions by malign actors, such as the Chinese Communist Party (CCP)."
- Don't let your children use TikTok, former MI6 intelligence chief urges Government Ministers A tricky genie to put back in the bottle, and OPSEC matters.
- DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns Per the CISA: CISA, FBI, and DOD are publishing this malware analysis report about the Taidoor variant to enable network defense and reduce exposure to Chinese government malicious cyber activity.
- The Cerberus Banking Trojan Is Up For Sale Anybody want to buy a banking trojan? Opening bid $50,000, or "buy it now" for $100,000
- CISA chief wants younger, more experienced hackers in federal government Move away from GSA hiring schedule and look to younger hackers who while still teenagers have 6 years of experience.
- ProctorU Confirms Data Breach after Database Leaked Online Livermore, Calif.-based online exam proctoring firm ProctorU has disclosed it suffered a data breach on July 27, 2020, in which hackers stole a database from Proctoru.com, and then released user records for some 444,000 users who registered for the service
- US Cyber Command is using unclassified networks to fight election interference U.S. Cyber Command is using unclassified networks and" publicly available communication platforms as it works to prevent foreign interference in the next presidential election.
- Hacking Medical Devices To Hijack Secure Facilities How implanted medical devices—such as pacemakers and insulin pumps— could be compromised to listen to conversations, access classified information, even expose the location of these secure facilities in a presentation at this year’s Black Hat conference
- CISA AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails Lots of C-19 themed phishing to be on the lookout for. An unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious re-directs and credential stealing.
Paul Asadoorian's Content:
- Amazon Alexa One-Click Attack Can Divulge Personal Data
- RedCurl cybercrime group has hacked companies for three years | ZDNet
- Chinese hackers have pillaged Taiwans semiconductor industry
- If your email is hacked, everything is
- TeamViewer flaw can allow hackers to steal System password
- Researcher Publishes Patch Bypass for vBulletin 0-Day
- Adobe tackles critical code execution vulnerabilities in Acrobat, Reader | ZDNet
- Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks | SecurityWeek.Com
- SANS Security Training Firm Hit with Data Breach
- Threat actors managed to control 23% of Tor Exit nodes
- Most security pros are concerned about human error exposing cloud data - Help Net Security
- Stick With The Plan Until It Not Longer Makes Sense | SecurityWeek.Com
- Black Hat USA 2020 Shines Spotlight on the Mental Challenges of Cybersecurity
- Hackers can eavesdrop on mobile calls with $7,000 worth of equipment
- SANS cybersecurity training firm suffers data breach due to phishing attack
Tyler Robinson's Content:
- Cybersecurity Firms Post Strong Quarter Despite Gloomy Economy
- The Cold War Bunker That Became Home to a Dark-Web Empire
- Tired of video calls? This device will let you talk in real time to a life-sized hologram of another person
- Unseen footage shows moment of Beirut explosion in 4K slow motion
- SpaceX and ULA win billions in Pentagon rocket contracts, beating out Blue Origin, Northrop Grumman
- Massive 20GB Intel IP Data Breach Floods the Internet, Mentions Backdoors (Intel Responds)
- SANS Data Incident 2020
- U.S. Government Contractor Embedded Software in Apps to Track Phones
- NSA and FBI Expose Russian Previously Undisclosed Malware “Drovorub” in Cybersecurity Advisory
3. Vulnerability Rich - Contextually Blind! - 09:30 PM-10:00 PM
Learn How to Create and Run a Conference, from some of the geniuses behind Layer8 Conference and Wild West Hackin Fest on August 19th! Our next technical training on August 27th will teach you about BootHole, SIGRed and SMBleed…Best Practices To Prioritize And Remediate Now! Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network on September 10th! Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!
It s not uncommon to find the traditional vulnerability assessment report buried under the CISO family picture, compliance books, and his latest blood pressure test. These reports highlight the never-ending battle between security and IT about what s more important: risks to servers and endpoints, or keeping the environment up-to-date and secured. There are even problems within the ranks of each unit. Dysfunctional processes, lack of efficient communication, and rudimentary tools put even more pressure on the CIO and CISO. This segment is sponsored by Vicarius.
Visit https://securityweekly.com/vicarius to learn more about them!
Michael Assraf is CEO & Co-Founder at Vicarius
Michael has more than ten years of experience in the startup world. He has been part of six different startups, filling out several positions up to VP R&D, both on the tech and operational sides. In his last position at Atlis, Michael built and managed an R&D department. He led the Israeli team of the startup on a daily basis from day one to the release of the product's GA. In his professional experience, Michael filled multiple positions from Network Engineer at Deltathree, Automation Engineer at Secure Islands (later acquired by Microsoft), Software Developer at Idomoo to VP R&D at Cellxpert and Atlis. Michael holds an MBA from Tel Aviv University and a BSc from the Jerusalem College of Engineering.