Changes

From Security Weekly Wiki
Jump to navigationJump to search
2,248 bytes added ,  17:58, 13 May 2019
no edit summary
==Episode Audio==
<!-- <div align="center">
{{#widget:SoundCloud
|id=496965687618656553
|width=75%
|height=100
|visual=false
}}
</div> -->
=== Hosts ===
{{Template:Larry}}
{{Template:Jeff}}
{{Template:Joff}}
{{Template:LeeNeely}}
= Interview: Lesley Carhart, Dragos Inc. - 6:00-6:30PM =
[[File:LesleyCarhart.jpg|right|250px|thumb|<center>'''[https://twitter.com/hacks4pancakes Lesley Carhart]'''is the Principal Threat Analyst at [https://dragos.com/ Dragos Inc.]]</center>]] Lesley has been performing digital forensics and incident response on unconventional systems and advanced adversary attacks for over a decade. Some people, certification companies, and awards presenters think she might be pretty okay at it. In her free time, she fights (willing?) people with knives, and answers people’s infosec questions on Twitter instead of sleeping. Her goal in 2019 is to earn enough exp to become a level 14 rogue.<!--<center>{{#ev:youtube|WJAiTXAvtRQKRUKpPl841I}}</center>-->
<br>
= Interview: Chris Sanders, Applied Network Defense & Rural Technology Fund - 6:30 - 7:30PM =
[[File:ChrisSanders.jpg|right|250px|thumb|<center>'''[https://twitter.com/LogRhythm Chris Sanders]'''<br>is the Founder of [https://chrissanders.org/about/ Applied Network Defense & Rural Technology Fund].</center>]] Chris Sanders is the founder of Applied Network Defense, a company focused on delivering high quality, accessible information security training. He is also the Director of the Rural Technology Fund, a non-profit that donates scholarships and equipment to public schools to further technical education in rural and high poverty areas. He is the author of Applied Network Security Monitoring and Practical Packet Analysis. You can connect with Chris on his blog at http://www.chrissanders.org or on Twitter @chrissanders88.<br><br>Chris blogs at http://www.chrissanders.org. You can learn more about Applied Network Defense at http://www.appliednetworkdefense.com and the RTF at http://www.ruraltechfund.org. <center>{{#ev:youtube|eHGJnGJwfWM}}</center>
<br><br>
= Security News - 7:30PM-8:30PM =
 <!-- <center>{{#ev:youtube|iPHM80z9D9kEvyhDKGz5kc}}</center>-->
== Paul's Stories ==
== Larry's Stories ==
#[https://www.cnet.com/news/tenants-win-rights-to-physical-keys-over-smart-locks-from-landlords/ Tenants win rights to have physical keys over smart locks]
#[https://www.scmagazine.com/home/security-news/lightneuron-backdoor-receives-secret-commands-via-microsoft-exchange-email-servers-russian-link-suspected/ backdoor getting commands from exchange]
#[https://www.advanced-intel.com/blog/top-tier-russian-hacking-collective-claims-breaches-of-three-major-anti-virus-companies Russians compromise three major AV companies]
#[https://www.cnet.com/news/ever-app-reportedly-trained-facial-recognition-tech-on-users-photos-without-telling-them/ Ever, a photo storage and backup app, reportedly used millions of images uploaded to the service to train a commercial facial recognition system that it offers to law enforcement and private companies. The problem, according to NBC News, Ever didn't disclose this to its app users.]
#[https://www.scmagazine.com/home/security-news/hackers-hold-275m-records-on-indian-citizens-for-ransom-after-removing-them-from-open-database/ One week after a researcher revealed a publicly configured database exposing more than 275 million sensitive records on Indian citizens, a hacking group removed that data and replaced it with an apparent ransom note.]
== Jeff's Stories ==
#[https://techcrunch.com/2019/05/07/freedom-mobile-data-leak/ Freedom Mobile Server Leak Exposed Customer Data] Log files, that explains it. But why were they passed to a third party?
#[https://www.itworldcanada.com/article/no-reason-to-ship-credit-card-data-to-third-parties-says-former-freedom-mobile-ciso/417823 No Reason to Ship Credit Card Data to Third Parties, Says Former Freedom Mobile CISO] So much wrong with what is described here - and all fingers point to Freedom Mobile not the third party
#[https://arstechnica.com/information-technology/2019/05/baltimore-city-government-hit-by-robbinhood-ransomware/ “RobbinHood” ransomware takes down Baltimore City government network]
== Lee's Stories ==
#[https://devblogs.microsoft.com/commandline/announcing-wsl-2/ Microsoft WSL 2 Announced] WLS 2 will include a Linux kernel, with better integration. Still includes Debian package manager.
#[https://www.theatlantic.com/science/archive/2019/04/looping-created-insulin-pump-underground-market/588091/ Discontinued Insulin pump with security flaw in high demand] Users are hacking old Insulin pumps, using OpenAPS, to provide looping of insulin for better quality of life.
 
== Johnny's Stories ==
#[https://threatpost.com/airbnb-hidden-camera-bedroom/144508/ Airbnb Superhost Secretly Recorded Guests with Hidden Bedroom Camera] The article states: "The unfortunate guest told local news outlets that she worked in information security, and so was more vigilant than the average person when it came to always checking her hotel rooms for signs of surveillance devices. After inspecting and unscrewing the router, the guest found that there was a digital memory card inside." - Honestly, amazing discovery of a hidden camera. Who would think to look inside the router, finding a hidden cam, and then finding out the AirBnB host was filming people in the bedroom since March 19'. Hats off, and check your s#&*!!
 
<br><br>
1,061

edits

Navigation menu