Changes

From Paul's Security Weekly
Jump to: navigation, search

Episode604

987 bytes added, 18:32, 10 July 2019
no edit summary
==Episode Audio==
<!-- <div align="center">
{{#widget:SoundCloud
|id=496965687622542081
|width=75%
|height=100
|visual=false
}}
</div> -->
=== Hosts ===
{{Template:Paul}}
{{Template:Matt}}
{{Template:Larry}}
{{Template:LeeNeely}}
= Interview: Julian Zottl, Raytheon - 6:00-6:30PM =
[[File:JulianZottl.jpg|right|250px|thumb|<center>'''[https://twitter.com/sabreofsd Julian Zottl]'''is the Cyber and Information Operations SME at [https://raytheon.com Raytheon]</center>]] Julian Zottl is a Cyber and Information Operations Subject Matter Expert (SME) for Raytheon Intelligence, Information and Services (IIS) business. IIS is a leader in intelligence, surveillance reconnaissance; advanced cyber solutions; weather and environmental solutions and information-based solutions for homeland security. It also provides training, logistics, engineering, product support, and operational support services and solutions for the mission support, homeland security, space, civil aviation, counter-proliferation and counterterrorism markets.<!--br><center>{{#ev:youtube|WJAiTXAvtRQCYo74WzDTlM}}</center>-->
<br>
= Tech Segment: How To Fix Identity & Access Management, Federico Simonetti - 6:30 - 7:30PM =
[[File:FedericoSimonetti.jpg|right|250px|thumb|<center>'''[https://www.linkedin.com/in/backdream Federico Simonetti]'''is the CTO of [https://www.xiid.com/ Xiid Corporation]</center>]] - Former ethical hacker (DDT)<br>- Former professor of operating systems security at the University of Milan<br>- Developed software for the Italian anti-terrorism and anti-pedophile police<br>- Serial entrepreneur with several successful exits in his past<br>- Hardcore software designer, with award-winning software titles on his resume<br><br>Topic: How to fix Identity and Access Management<br> All IAM solutions are logically flawed from a security standpoint, they either ask for a synchronized copy of the identity database or for open inbound ports on the firewall. But there is a design that fixes all those issues, making IAM much safer.<center>{{#ev:youtube|LVLfl9LLlxs}}</center>
<br>
= Security News - 7:30PM-8:30PM =
 <!-- <center>{{#ev:youtube|iPHM80z9D9krmaiXWFKw6U}}</center>-->
== Paul's Stories ==
== Larry's Stories ==
#[https://thrangrycat.com/ thrangrycat, Cisco 0-day, and the first exploit named with only emoticon….]
#[https://mdsattacks.com/ MDS attacks, Rogue In-flight Data Load, and intel CPU hardware attacks.]
#[https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/ 0-day in Microsoft Remote Desktop Services, pre-authentication]
#[https://arstechnica.com/information-technology/2019/05/the-radio-navigation-planes-use-to-land-safely-is-insecure-and-can-be-hacked/ Plane radio navigation can be hacked with a $600 SDR…easily thwarted, but this article puts all of the parts together.]
#[https://arstechnica.com/information-technology/2019/05/google-warns-bluetooth-titan-security-keys-can-be-hijacked-by-nearby-hackers/ Google’s BLE titan security keys are easily hijacked]
#[https://www-01.ibm.com/support/docview.wss?uid=ibm10883628 …and because IBM felt left 0ut RCE in WebLogic]
== Lee's Stories ==

Navigation menu