Changes

From Security Weekly Wiki
Jump to navigationJump to search
4,153 bytes added ,  17:38, 14 February 2015
no edit summary
And now, from the dark corners of the Internet, where exploits run wild, packets aren’t the only things getting sniffed, and the beer flows steady its Paul’s Security Weekly!
* This interview podcast is sponsored brought to you by The the SANS institute Institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
* And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
"Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet..."
"Here's your host, a man who is excited to be back touching pythonplays a 10 year old on the internet...again10 year podcaster."
* Security Weekly Announcements:
** B-Sides Boston 2015 is May 9th in Cambridge, MA. Got a great topic, or fresh new idea? Share it with the community at BSB 2015 [http://www.securitybsides.com/w/page/91964571/BSidesBOS_CFP call for papers is now open, CFP deadline is March 1st]
= Guest Interview: Deviant Ollam = <!center>{{#ev:youtube|Jy-4J8IVK9c"}}</center> == Bio == While paying the bills as a security auditor and penetration testing consultant with The CORE Group, Deviant is also a member of the Board of Directors of the US division of TOOOL, The Open Organisation Of Lockpickers. Every year at DEFCON and ShmooCon Deviant runs the Lockpick Village, and he has conducted physical security training sessions for Black Hat, SANS, DeepSec, ToorCon, HackCon, ShakaCon, HackInTheBox, ekoparty, AusCERT, GovCERT, CONFidence, the FBI, the NSA, DARPA, the National Defense University, the United States Naval Academy at Annapolis, and the United States Military Academy at West Point. His favorite Amendments to the US Constitution are, in no particular order, the 1st, 2nd, 9th, & 10th. You can reach Deviant at the following email: deviant at deviating dot netPGP key on major serversFBED 2740 858D 4544 C4DA 4DFE DEF9 5F3C 48BC FD28 == Links == You can learn more about Deviant by checking out the following links: http://enterthecore.net/new-core-group-student-training-equipment/ http://enterthecore.net/physical-penetration-training-orlando-fl/ http://deviating.net/firearms http://deviating.net/lockpicking = Guest Interview: Onapsis =  <center>{{#ev:youtube|7OW0YOa6CYsk-kaFS7Q5dM"}}</center>-->
= Stories =
<!--<center>{{#ev:youtube|y71oSn7MoiYjr5mx-YzJDk"}}</center>-->
== Sponsors ==
== Paul's Stories ==
# [http://www.securityintelligence.com/datingapps] Just in time for Valentine's Day: More than 60 percent of mobile dating apps are vulnerable to cyber attacks ]#[https://xato.net/passwords/ten-million-passwords/ Today I Am Releasing Ten Million Passwords]#[http://www.darkreading.com/vulnerabilities---threats/a-winning-strategy-must-patch-should-patch-cant-patch/a/d-id/1319014 "A Winning Strategy: Must Patch]#[http://www.v3.co.uk/v3-uk/news/2394788/microsoft-plugs-41-internet-explorer-flaws-in-patch-tuesday-release Microsoft Plugs 41 Internet Explorer Flaws]#[http://threatpost.com/chinese-hackers-compromised-forbes-com-using-ie-flash-zero-days/110996 "Chinese Hackers Compromised Forbes.com Using IE]#[http://www.theregister.co.uk/2015/02/12/hacker_kicks_one_bit_xp_to_10_windows_scroll_goal/ Hacker kicks one bit XP to 10 Windows scroll goal]#[http://news.hitb.org/content/anthem-data-breach-cost-likely-smash-100-million-barrier Anthem data breach cost likely to smash $100 million barrier]#[http://news.hitb.org/content/hacker-finds-vulnerability-facebook-can-delete-your-photo-albums "Hacker finds vulnerability in Facebook]#[http://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/ Anthem Breach May Have Started in April 2014]#[http://labs.bromium.com/2015/02/02/exploiting-badiret-vulnerability-cve-2014-9322-linux-kernel-privilege-escalation/ "Exploiting “BadIRET” vulnerability (Frank suggestion)CVE-2014-9322]#[http://www.tripwire.com/state-of-security/vulnerability-management/microsoft-packing-more-cves-into-fewer-security-bulletins/ Microsoft Packing More CVEs into Fewer Security Bulletins]#[http://www.pythonforpentesting.com/2015/01/nscan-fast-internet-wide-scanner.html Nscan: Fast Internet Wide Scanner | Python for Pentesting]#[http://blog.didierstevens.com/2015/02/02/airpcap-channel-hopping-with-python/ AirPcap Channel Hopping With Python | Didier Stevens]#[https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls - OWASP]#[http://www.darknet.org.uk/2015/02/droopescan-plugin-based-cms-security-scanner/ Droopescan – Plugin Based CMS Security Scanner]#[http://1raindrop.typepad.com/1_raindrop/2015/02/the-year-the-security-dog-caught-the-car.html The year the security dog caught the car]
== CarlosLarry's Stories ==
== Joff's stories #[http://arstechnica.com/security/2015/02/pwned-in-7-seconds-hackers-use-flash-and-ie-to-target-forbes-visitors/ Forbes targeted drive by]#[http://arstechnica.com/security/2015/02/15-year-old-bug-allows-malicious-code-execution-in-all-versions-of his teenage mates of past days ==-windows/ MS15-011]
== Jack's lack of stories ==
# [http://www.digitalmunition.me/2015/02/chinese-hacking-group-codoso-team-uses-forbes-com-watering-hole/] And now, from Adobe brings you ... "Chinese Hacking Group Codoso Team Uses Forbes.com As Watering Hole" (Frank suggestion)]#[http://1raindrop.typepad.com/1_raindrop/2015/02/the-year-the-security-dog-caught-the-car.html The year the security dog caught the car] A great take on the state of security from Gunnar Peterson#[https://threatpost.com/markey-car-security-report-just-the-start-for-automakers/110962 Markey Car Security Report Just the Start for Automakers] The car biz is awretched hive of scum and villainy#[http://www.slate.com/blogs/future_tense/2015/02/10/samsung_s_smarttv_disabling_its_eavesdropping_could_violate_dmca.html Stopping a Smart TV From Eavesdropping On You Could Be a Felony]
842

edits

Navigation menu