Changes

From Security Weekly Wiki
Jump to navigationJump to search
220 bytes added ,  20:14, 23 May 2017
= Episode Media =
[http://traffic.libsyn.com/pauldotcom/SecurityWeekly-397.mp3 MP3] < Not yet published!
= Announcements =
= Guest Interview: Paul Coggin =
<!--<center>{{#ev:youtube|eGMfR3NfnWg"YUDA2EJGpis}}</center>-->
# Pick two celebrities to be your parents.
= Stories =
= Stories =<center>{{#ev:youtube|V3U-8ZkWgpM"}}</center>
<!--<center>{{#ev:youtube|sy9HWpuORvg"}}</center>-->
== Sponsors ==
== Paul's Stories ==
 
You can find all of [http://securityweekly.com/pauls-rss-feeds/ Paul's RSS Feeds Here].
 
#[https://isc.sans.edu%2Fdiary%2FGuest%2Bdiary%253A%2BDetecting%2BSuspicious%2BDevices%2BOn-The-Fly%2F18993 "Guest diary: Detecting Suspicious Devices On-The-Fly]
#[http://seclists.org/bugtraq/2014/Nov/113 Bugtraq: WordPress 3 persistent script injection]
#[http://www.infosecurity.us/blog/2014/11/21/all-your-base-are-encrypted "All Your Base] - Eff makes efforts to encrypt the Internet. "The biggest obstacle to HTTPS deployment has been the complexity, bureaucracy, and cost of the certificates that HTTPS requires." Its true, the barriers to properly implementing and maintaining TLS are huge. The big guys get it right, sometimes. Curious to see what comes next...
#[http://reversemode.com/index.php?Itemid=0&id=80&option=com_content&task=view Reversing Industrial firmware for fun and backdoors I] - Some updates posted here, I wonder if everyone has updated their firmware? Likely not... We seem to lack adequate testing tools, given the nature of embedded systems and how each one is unique. How does your enterprise ensure firmware updates across devices?
#[http://reversemode.com/index.php?Itemid=0&id=77&option=com_content&task=view Reversing DELL's DRAC firmware] - Turns out, this firmware does not use /etc/shadow. This means the backdoorfound is not accessible remotely. Oh well. This happens when you are reverse engineering firmware. You find artifacts, but sometimes they are not used in the production environment. Maybeit was only used in a test environment or another hardware revision. Or sometimes the firmware is copied from a different hardware device and some features are not implemented. == Larry's Stories ==
== Jack's Stories ==
Stories? You want stories? I'll tell ya stories. Why, when I was your age one time I... <br>No, wait, that wasn't me.<br><br>== Joff's musings from down under ==Oh, yeah. Have a CISSP or other (ISC)2 cert? VOTE. The Board elections are open. Vote. Just do it.
1,237

edits

Navigation menu