From Security Weekly Wiki
Jump to navigationJump to search
3,953 bytes added ,  18:36, 10 July 2019
no edit summary
==Episode Audio==
<!-- <div align="center">
</div> -->
=== Hosts ===
= Interview: Paul Ewing, [ Endgame] - 6:00-6:30PM =
[[File:PaulEwing.png|right|250px|thumb|<center>'''[ Paul Ewing]'''is a Partner the Director of Detection & Intelligence of [ Endgame]</center>]] Paul leads Endgame's adversary hunt efforts by prototyping analytics to detect malicious behaviors and techniques used by cyber threats. Paul has over nine years of experience supporting incident responses and leading hunting teams. His career began as a computer programmer, but transitioned from software design to the pursuit of Advanced Persistent Threats.<br><br>Topic: Nobody knows an organization’s environment better than its IT security team. Software deployment tools, networking and routing nuances, threat models, operational IT tasks, change controls, and more, prove that there are many things that make one infrastructure infinitely unique compared with another.<br><br>Yet security vendors try to solve the same problems for every organization in the same way. The most aggressive of preventions are disabled and often hidden, to avoid the deluge of false positives. Detections are suppressed until cloud services can analyze the stream of events and identify an attack, stopping potential alert fatigue and hiding inaccuracy, yet opening a threat window for adversaries to exploit.<br><br>In this episode of Paul’s Security Weekly, we will talk with Paul Ewing of Endgame about how to close the ‘breakout window’ between detection and response, and hear about Endgame’s recently announced technology, Reflex, that was built with customized protection in mind.<br><br>Segment Resources:
* About Endgame Reflex:
* Reflex announcement:
* EQL Github repository:
= Tech Hacker Mental Health and Wellness Segment: Paul Asadoorian, [ DomainTools] - 6:30 - 7:30PM =
<!-- [[File:Justin Murphy.jpg|right|250px|thumb|<center>'''[ Justin Murphy]'''<br>is the Cloud Security CS at [ CISCO].</center>]] -->
Paul's tips to mental health and wellness for infosec professionals:
# Have a great home office - Many of us work from home, either full-time or part-time. Balancing life with work is a challenge and I find it is an advantage to be able to work from home. I tend to work either early in the morning or late at night to catch up on various projects. This is a great time to work as it is quiet, and with busy family life can provide more time during the day to spend on non-work related activities, without falling behind. The key for me is to have a really awesome work environment at home that is separate from the rest of the house and has accommodations that allow you to look forward to going to work (nice sounding headphones and speakers, 3 monitors, comfy chair, plenty of USB hubs, SD card readers, a dedicated and fast workstation, etc...).
# Find a hobby outside of tech - The fun part here is that you get to pick! Sports, music, carpentry, whatever, pick something.
# Go on vacation - Planning vacations has never been my strong suit, however, it is important to plan them, having something to look forward to. My recent family vacation was wonderful for the entire family, provided us a nice break and allowed us to experience things together outside of the daily grind. Insert non-formatted text here
= Security News - 7:30PM-8:30PM =
 <!-- <center>{{#ev:youtube|iPHM80z9D9kmha6iT1bB0U}}</center>-->
== Paul's Stories ==
== Larry's Stories ==
#[ Exim 0-day “the worlds most popular e-mail server”]
#[ Apple announced the ‘Sign in with Apple’ API, and restrictions on location-tracking]
#[ Tap ’n Ghost] - Researchers have created a novel proof-of-concept (PoC) attack named Tap ‘n Ghost, which targets Near Field Communication (NFC)-enabled Android smartphones. This allows an attacker to take control of a target phone simply by tricking the victim into placing their handset on a specially crafted surface, such as a table in a public space that has been maliciously implanted
#[ 12m records exposed via Quest….and others, Optum360, AMCA - American Medical Collection Agency]
#[] Rogue TV broadcasts with smart TVs
#[ TVA fails DHS audit] - The Tennessee Valley Authority (TVA) inspector general has reported that 115 TVA registered domains were found not meeting the Department of Homeland Security (DHS) standards for cybersecurity during an audit earlier this year. A memo published by the TVA Inspector General's Office on May 29, 2019, reported that internal auditors also found that encryption requirements were inadequate on 20 TVA websites.
#[ cDc releases behind the scenes video of the BO2K release and talk]
== Lee's Stories ==
#[ Russian Government Requires Tinder to share user data] Tinder is being compelled to cooperate with FSB, while they have registered, they are not yet sharing data. Last app that refused, Telegram, is now banned in Russia.
#[ Chinese Military to give up on Windows for custom OS] Back in 2014 China laid out plans for removing Windows from all government computers. They also don't trust Linux as an OS source, so they will be writing their own OS. I guess the foot's on the other hand now.
#[ ANU Suffers second hack in a year] Good news: new controls implemented were able to detect this attack. Bad News: not enough completed (in the last two weeks) to prevent the attack. The attack came in late 2018, so there was a delay detecting.
#[ How likely are weaponized cars?] Security considerations including secure updates, testing, recall, and life-cycle, become increasingly important at scale.
#[ Unit 42 Discovers Vulnerabilties in Acrobat and Reader and Foxit Reader, shares at BlueHat Shanghai 2019.] Palo Alto Unit 42 is actively seeking and sharing vulnerabilities discovered.

Navigation menu