Changes

From Security Weekly Wiki
Jump to navigationJump to search
220 bytes added ,  20:14, 23 May 2017
= Episode Media =
[http://traffic.libsyn.com/pauldotcom/SecurityWeekly-397.mp3 MP3] < Not yet published!
= Announcements =
= Guest Interview: Paul Coggin =
<!--<center>{{#ev:youtube|eGMfR3NfnWg"YUDA2EJGpis}}</center>-->
# Pick two celebrities to be your parents.
= Stories =
= Stories =<center>{{#ev:youtube|V3U-8ZkWgpM"}}</center>
<!--<center>{{#ev:youtube|sy9HWpuORvg"}}</center>-->
== Sponsors ==
== Paul's Stories ==
 
You can find all of [http://securityweekly.com/pauls-rss-feeds/ Paul's RSS Feeds Here].
 
#[https://isc.sans.edu%2Fdiary%2FGuest%2Bdiary%253A%2BDetecting%2BSuspicious%2BDevices%2BOn-The-Fly%2F18993 "Guest diary: Detecting Suspicious Devices On-The-Fly]
#[http://seclists.org/bugtraq/2014/Nov/113 Bugtraq: WordPress 3 persistent script injection]
#[http://reversemode.com/index.php?Itemid=0&id=80&option=com_content&task=view Reversing Industrial firmware for fun and backdoors I] - Some updates posted here, I wonder if everyone has updated their firmware? Likely not... We seem to lack adequate testing tools, given the nature of embedded systems and how each one is unique. How does your enterprise ensure firmware updates across devices?
#[http://reversemode.com/index.php?Itemid=0&id=77&option=com_content&task=view Reversing DELL's DRAC firmware] - Turns out, this firmware does not use /etc/shadow. This means the backdoor found is not accessible remotely. Oh well. This happens when you are reverse engineering firmware. You find artifacts, but sometimes they are not used in the production environment. Maybe it was only used in a test environment or another hardware revision. Or sometimes the firmware is copied from a different hardware device and some features are not implemented.
 
== Larry's Stories ==
== Jack's Stories ==
Stories? You want stories? I'll tell ya stories. Why, when I was your age one time I... <br>No, wait, that wasn't me.<br><br>== Joff's musings from down under ==Oh, yeah. Have a CISSP or other (ISC)2 cert? VOTE. The Board elections are open. Vote. Just do it.
1,237

edits

Navigation menu