Changes

From Security Weekly Wiki
Jump to navigationJump to search
986 bytes added ,  01:15, 6 May 2015
no edit summary
== Episode Media ==
[http://traffic.libsyn.com/pauldotcom/SecurityWeekly-416.mp3 MP3] <-- Not yet recorded!
== Intro, Sponsors & Announcements ==
''On the show tonight we have a special guest interview with Dan McInerney! He'll show us how to script our life in Python and inject HTML or JavaScript into user sessions! Get our take on the RSA conference, and I can assure you that Jack is extra grumpy this week. Jeff Man joins us in studio, for extra grumpiness, and stories of the week will include, wait for it, Wordpress vulnerabilities! All that and more on this edition of Security Weekly."
[Cut to Security Weekly graphicJack Live shot]
=== Jack ===
== Announcements ==
[Cut to Sponsor logosAnnouncement graphics]
* Ready to learn Combat Firmware Analysis? Register for my Blackhat course "Embedded Device Security Assessments", a 2-day hosted class at Blackhat Las Vegas. Registration includes breakfast, lunch, and access to the Blackhat Briefings Business Hall, Sponsor Workshops, Sponsor Sessions, and Arsenal! Visit [http://securityweekly.com/iot http://securityweekly.com/iot] to register today!
* Don't forget to [http://www.securitybsides.com/w/page/91025139/Boston Register for BSides Boston] coming up on May 9th!
* Don't forget to [http://sourceconference.com/boston/ Register for SOURCE Boston] coming up April 25-28th!
[Cut to shot on Paul and Dan] = Guest InterviewTech Segment: Dan McInerney - 6:05PM-6:35PM =
''Brought to you by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com''
''And by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/''
<''And by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!--'' <center>{{#ev:youtube|LCoN5D9u6mgnukEMdt5ehs"}}</center>-->
== Bio ==
Dan wasted several years of life studying psychology in college before realizing that a.) he could teach himself everything he learned in college for free and more efficiently, and b.) he didn't actually want to go to school for another 12 years just a for a shot at a mediocre job. So he switched his router into WEP mode, cracked it, and was immediately and permanently addicted. His education from there on generally revolved around learning a security concept, then scripting it in Python to solidify the knowledge. This continued for the next several years until the end goal of his career was reached: getting onto PSW. Dan will likely cease all learning at this point as there is nothing left to achieve.
== Questions/Topics ==
 
 
== Five Questions ==
 
# Three words to describe yourself
# If you were a serial killer, what would be your weapon of choice?
# If you wrote a book about yourself, what would the title be?
# In the popular game of ass grabby-grabby, do you prefer to go first or second?
# Choose two celebrities to be your parents.
 
= Technical Segment: 6:35PM-7:00PM=
 
== Sponsors ==
''And by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!''== Links ==
== Announcements == * Don't forget to #[httphttps://sourceconferencegithub.com/boston/ Register for SOURCE BostonDanMcInerney Dan's Github] coming up April 25-28th! == segment == <!--<center>{{#ev[https:youtube|V7lCxWgpvjo"}}</center>-->/twitter.com/DanHMcInerney Dan on Twitter]
= Stories of the Week - 7:00PM-8:00PM =
<!--<center>{{#ev:youtube|hNmQhZD8w_gnIyPwGeX2E8"}}</center>-->
== Sponsors ==
== Paul's Stories ==
#[http://www.theregister.co.uk/2015/04/27/tesla_hijack/ Tesla Twitter Account And Website Hijacked]
#[http://www.theregister.co.uk/2015/04/27/wordpress_zero_day_xss/ Comments considered harmful: WordPress web hijack bug revealed]
#[http://www.v3.co.uk/v3-uk/news/2406023/wordpress-rushes-out-fix-for-zero-day-flaw-that-puts-one-in-five-sites-at-risk WordPress Rushes Out Fix For Zero-Day Flaw]
#[http://www.theregister.co.uk/2015/04/28/packet_of_death_how_to_crash_a_surgical_robot/ Surgery Bot Can Be Hacked To Hack You To Pieces]
#[http://www.darkreading.com/vulnerabilities---threats/note-to-vendors-cisos-dont-want-your-analytical-tools/a/d-id/1320185 Note To Vendors: CISOs Don't Want Your Analytical Tools]
#[http://www.darkreading.com/rsa-highlighted-impending-iot-troubles/d/d-id/1320191 RSA Highlighted Impending IoT Troubles]
#[http://arstechnica.com/security/2015/04/28/how-to-crack-any-master-lock-combination-in-8-tries-or-less/ How To Crack Many Master Lock Combinations In 8 Tries Or Less]
#[https://threatpost.com/google-releases-password-alert-extension-for-chrome/112484 Google Releases Password Alert Extension for Chrome]
#[https://threatpost.com/a-year-later-xss-vulnerability-still-exists-in-ebay/112493 A Year Later]
#[https://threatpost.com/wordpress-ecommerce-plugin-vulnerability-details-disclosed/112500 WordPress Ecommerce Plugin Vulnerability Details Disclosed]
== Larry's Stories ==  == Joff's Wallaby Stories ==   == Michael's Stories ==   == Carlos' Stories ==* Cool XSS Payloads [http://www.xss-payloads.com/ http://www.xss-payloads.com/]
842

edits

Navigation menu