Psw665

From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly Episode #665 - September 03, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Lovable Security: Be a Data Custodian, Not a Data Owner - 06:00 PM-06:45 PM


Announcements

  • BSides Boston is back in action for their 10 year anniversary! The conference will be held on Saturday, September 26th & tickets are only $10! You can get yours at https://bsidesbos.org! Some of the Security Weekly team will be in our own channel on the BSides Boston Discord server answering questions and possibly doing some contests!

Description

Loveable Security: Flee's approach to cybersecurity is that is should be "loveable." He thinks cybersecurity perpetuates a myth of an elite, isolated team of stealth insiders who are seen as enforcers, instead of as enablers who accelerate innovation by removing obstacles. Data Privacy + CCPA: Flee believes that tech companies should operate as data custodians, instead of data owners, and that CCPA should be the bare minimum that companies do to ensure data privacy.



Guest(s)

Fredrick "Flee" Lee

Fredrick "Flee" Lee is the Chief Security Officer at Gusto, where he leads information and physical security strategies including consumer protection, compliance, governance and risk. Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts at large financial services companies and technology startups, most recently as Square's Head of Information Security. He previously held senior security and privacy roles at Bank of America, NetSuite and Twilio. Lee was born and raised in Mississippi and holds a bachelor's degree in computer engineering from the University of Oklahoma.


Hosts

2. Cybersecurity & Patient Safety - 07:00 PM-07:45 PM


Announcements

  • Security Weekly is ramping up our webcast/technical training schedule for the rest of 2020! In September you can Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network, Find out Why Traditional Data Security Can’t Be Zero Trust, and Learn how to reduce the blast radius of your cloud infrastructure. Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

Successful attacks on healthcare entities are steadily increasing. Sophisticated criminals and nation states are focusing more attention on healthcare than ever before. The main goals are to steal money, data and intellectual property, execute ransomware, and attack critical infrastructure. Why do the hackers continue to succeed and what are some effective strategies and tactics to combat this scourge of ransomware?


An Insider Look at Cybersecurity - registration required - https://info.meditech.com/webinar-an-insider-look-at-cybersecurity-0


Guest(s)

Justin Armstrong

Justin Armstrong is responsible for the security of MEDITECH applications and platforms, including coordinating critical updates to MEDITECH software and communicating with customers when questions arise about MEDITECH’s security stance. Justin stays up to date on evolving security standards and regulations, best practices, threats, and software vulnerabilities by remaining active in the security community inside and outside of MEDITECH. He is a Certified Information Systems Security Professional (CISSP) and a proud member of the FBI’s InfraGard program as well as the Cyber Health Working Group (CHWG), (ISC)2, ISSA, OWASP, EHRA Privacy and Security Workgroup, and the H-ISAC.


Hosts

3. Slack RCE, Tesla Dodges Ransomware, & Cisco Router 0-Day - 08:00 PM-09:30 PM

Announcements

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

The NSA Makes Its Powerful Cybersecurity Tool Open Source, The bizarre reason Amazon drivers are hanging phones in trees near Whole Foods, Elon Musk Confirms Serious Russian Bitcoin Ransomware Attack On Tesla, Foiled By The FBI, Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers, and the FBI is investigating after an alarmed pilot tells the LAX tower: We just passed a guy in a jet pack!


Hosts

Doug White's Content:

Articles

  1. IT Director gets jail time for selling government Cisco gear on ebay.
  2. Hackers are exploiting a flaw affecting 350000 Wordpress sites.

Joff Thyer's Content:

Articles

Larry Pesce's Content:

Articles

Lee Neely's Content:

Articles

  1. Texas University Expels China-Funded Visiting Scholars Amid US-China Tensions a Texas university has expelled visiting scholars who were funded by a Chinese government scholarship program.
  2. Miami-Dade Public Schools' remote learning platform endures days of cyber attacks The Miami Herald reported that the school district — the country's fourth largest — was hit with 12 cyber attacks Wednesday morning, some local and some from outside the United States. Attack overwhelmed servers, and they are implementing mitigation strategies.
  3. State voter registration systems have not been hacked, officials say Federal and state officials said Tuesday that despite fears to the contrary, there's no evidence that any state's voter registration database has been hacked this year.
  4. Lemon_Duck Cryptominer Malware Now Targets Linux Devices The Lemon_Duck cryptomining malware has reportedly been updated to allow attackers to compromise Linux systems using SSH brute-force attacks in order to exploit Windows systems vulnerable to the SMBGhost vulnerability (CVE-2020-0796) and infect servers running Hadoop and Redis.
  5. New APT Pioneer Kitten Linked to Iranian Government The Advanced Persistent Threat (APT) group known as Pioneer Kitten, believed to have ties to the Iranian government, has been gaining and maintaining access on North American and Israeli targeted networks. Also known as "Fox Kitten"- they have been seen scanning for publicly disclosed vulnerabilities in VPN applications.
  6. Former Cisco Employee Pleads Guilty to Hacking, Damaging Company Systems Last week in a federal court in San Jose, Calif., former Cisco employee Sudhish Kasaba Ramesh, 30, pleaded guilty to intentionally accessing a protected computer without authorization and causing damage five months after resigning from the company in April 2018.
  7. Russian Internet Trolls Hired U.S. Journalists to Push Their News Website, Facebook Says
  8. CISA Alert AA20-245A Technical Approaches to Uncovering and Remediating Malicious Activity Alert highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices. The purpose of this report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.

Matt Alderman's Content:

Articles

  1. CyberRisk Alliance Acquires Security Weekly - The link will work on Tuesday, 9/8/2020, at 10 AM EDT

Paul Asadoorian's Content:

Articles

  1. I Bought a New Router. It Told Me I Was Hacked.
  2. The Evolution of Phishing: Welcome "Vishing" | SecurityWeek.Com
  3. The NSA Makes Its Powerful Cybersecurity Tool Open Source
  4. The bizarre reason Amazon drivers are hanging phones in trees near Whole Foods
  5. Elon Musk Confirms Serious Russian Bitcoin Ransomware Attack On Tesla, Foiled By The FBI
  6. FBI investigating after alarmed pilot tells LAX tower: We just passed a guy in a jet pack
  7. Exclusive: Trojan apparently infects NCR, posing possible supply-chain risk
  8. Maximum Lifespan of SSL/TLS Certificates is 398 Days Starting Today
  9. Avoid this text message scam about package deliveries
  10. Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers - Help Net Security
  11. Critical vuln that lets miscreants hijack computers via Slack? *Sucks in air* We'll give you $1,750 for it
  12. FBI worried that Ring doorbells are spying on police
  13. Hackers tricked Apple into approving malicious Adobe Flash Player update Graham Cluley
  14. Persistent WordPress User Injection
  15. Cross-Origin Resource Sharing (CORS) and the Access-Control-Allow-Origin Header | Acunetix

Tyler Robinson's Content:

Articles

  1. [1] iranian-hackers-are-selling-access-to-compromised-companies-on-an-underground-forum
  2. [2] sendgrid-under-siege-from-hacked-accounts
  3. [3] former_cisco_engineer_aws_webex_teams