Difference between revisions of "Episode194"

From Security Weekly Wiki
Jump to navigationJump to search
Line 37: Line 37:
  
 
= Stories For Discussion =
 
= Stories For Discussion =
 +
#[http://www.zerodayinitiative.com/advisories/ZDI-10-031/ See, the Blink Tag IS Evil!] - [Larry] - HAHHAHA.  REmote code execution in Webkit due to a failure in an unregiseted call back in the blink container....
 
#[http://go.theregister.com/feed/www.theregister.co.uk/2010/04/08/bofa_atm_hack_charges/ Your Insider threat can be anywhere] - [Larry] - Even your IT department!  Ouch, BofA IT employee writes and deploys software to ATMs that does not record cash withdrawrals…
 
#[http://go.theregister.com/feed/www.theregister.co.uk/2010/04/08/bofa_atm_hack_charges/ Your Insider threat can be anywhere] - [Larry] - Even your IT department!  Ouch, BofA IT employee writes and deploys software to ATMs that does not record cash withdrawrals…
 
#[http://www.f-secure.com/weblog/archives/Shadows_In_The_Cloud.pdf Shadowservers' analysis of Ghostnet] - [Larry] - After infiltration, they performed a thorough analysis of the compromise methods, C&C infrastructure, and where the attacks were targets.  Interesting read for the metrics alone.
 
#[http://www.f-secure.com/weblog/archives/Shadows_In_The_Cloud.pdf Shadowservers' analysis of Ghostnet] - [Larry] - After infiltration, they performed a thorough analysis of the compromise methods, C&C infrastructure, and where the attacks were targets.  Interesting read for the metrics alone.

Revision as of 20:00, 8 April 2010


Sponsors

  • Tenable Network Security - This episode sponsored by Tenable network security. Tenable is a developer of enterprise vulnerability, compliance and log management software, but most notably the creators of Nessus, the worlds best vulnerability scanner. Tenable Security Center software extends the power of Nessus through reporting, remediation workflow, IDS event correlation and much more. Tenable also offers a Nessus Professional Feed to detect vulnerabilities in your network today! Tenable – Unified Security Monitoring!
  • Core Security - This episode is also sponsored by Core Security Technologies, helping you penetrate your network. Now version 10.0 with WiFi-fu good to go! Rock out with your 'sploit out! Listen to this podcast and qualify to receive a 10% discount on Core Impact, the worlds best penetration testing tool.
  • Trustwave Spiderlabs - Trustwave's SpiderLabs - providing advanced information security services to planet Earth. Visit them online at trustwave.com/spiderlabs!

Shameless Plugs & General Announcements

PaulDotCom Security Weekly - Episode 194 - For Thursday April 8th.

  • Notacon! - April 15th - 18th in Cleveland, Mick will be presenting two talks and be a part of a panel discussion! You may also try to get him to discuss hockey! ;-)
  • QuahogCon - This will be the next conference that we will be attending. We will have t-shirts and other special things to give away and sell. Larry is giving not one, but TWO talks!

Guest Interview: RSnake!

INFO

RSnake is the CEO of SecTheory, blogger at ha.ckers.org, and enjoys long walks on the beach, roasting puppies, and chopping wood as his muscles ripple in the hot summer air. He's worked for Digital Island, Exodus Communications and Cable & Wireless in varying roles and currently contributes to the security strategy of several startup companies.

RSnake roasting puppies

Questions

  1. Why do you hate Google? That practically means you hate the Internet!
  2. Do you like public DNS servers?
  3. What keeps you awake at night?
  4. Why do people like attempting to hack your site so much?

Stories For Discussion

  1. See, the Blink Tag IS Evil! - [Larry] - HAHHAHA. REmote code execution in Webkit due to a failure in an unregiseted call back in the blink container....
  2. Your Insider threat can be anywhere - [Larry] - Even your IT department! Ouch, BofA IT employee writes and deploys software to ATMs that does not record cash withdrawrals…
  3. Shadowservers' analysis of Ghostnet - [Larry] - After infiltration, they performed a thorough analysis of the compromise methods, C&C infrastructure, and where the attacks were targets. Interesting read for the metrics alone.
  4. Orphaned SSL root cert? - [Larry] - This has potential to be full of fail. Two root certs listed in Firefox and Safari, claim to not owned by the folks who have names on them. Of course this could be due to misplacement from MAA fallout. I loved the comment from Jack Daniel on this one…
  5. The iPad bandwagon - Security in the Enterprise - [Larry] - Yeah, I'm going there. Let's talk about the features and failures (VPN, Device encryption, passwords, management) and how one might or might not allow these in your organization.
  6. A fre things that you need to get right for security? - [Larry] - Not all that technical, but some VERY important things to be aware of from a procedural and posture peerspective.
  7. So Easy Nicole Ritchie can do it - [Larry] - Yes, Nicole Ritchie is a social engineer and hacker. She was able to convince the password for some celebrity friends Twitter accounts from a third party, and "fraped" her friends. SURPRISE!
  8. SSH Netcat mode - [Larry] - Wow, netcat killer? Now with SSH encryption?
  9. New Jeresy and e-mail privacy - [Larry] - Ok, coproration has rights to your e-mail? what about Lawyer client confidentiality. Personal e-mail from a work computer? To a lawyer. oooh, messy.

Other Stories