From Security Weekly Wiki
Jump to navigationJump to search


PaulDotCom Security Weekly - Episode 241 for Thursday April 28th, 2011.

  • PaulDotCom Blackhat Training Part 1 Sign up for "Offensive Countermeasures: Making Defense Sexy" as a two-day course at Blackhat July 30-31. Every student gets a FREE "Hack Naked" t-shirt and sticker!
  • PaulDotCom Blackhat Training Part 2 Sign up for "Advanced Vulnerability Scanning Techniques Using Nessus" July 30-31 or August 1-2
  • Larry is teaching SANS 617 SEC617: Wireless Ethical Hacking, Penetration Testing, and Defenses in the only country he is licensed to teach in - Canada! Catch him in Victoria May 9 to May 14th.
  • Register now for the 8th Annual Charlotte ISSA Security Summit featuring the 3 most adorable men in InfoSec: PaulDotCom, Ed Skoudis, and Chris Hadnagy, all on May 5th.
  • DerbyCon : Louisville, Kentucky – September 30th to October 2, 2011. Catch Carlos Perez's training session - "Automating Post Exploitation with Metasploit".

Guest Tech Segment: Andrew Case

Andrew Case is a security researcher at Digital Forensics Solutions where he is responsible for source code audits and pen testing. Andrew's primary research focus is physical memory analysis, and he's on the show today to give an update on his recent BlackHat presentation on De-Anonymizing Live CDs

  1. Before we get started, tell us a little about the recent blog posts on the 2.0 release of the Scalpel tool and the Windows 7 Registry backup.
  2. What are the challenges with gathering evidence from live CDs?
  3. Tell us about AUFS
  4. Why is file carving useless?
  5. What did TAILs do to mitigate forensics analysis?

Stories For Discussion

Larry's Stories

Paul's Stories

Darren's Stories

  1. YOUR OUT! - This is what you get for being a Yankees fan. Also sometimes you don't need a vuln just a dumb employee. We all know there is no patch for human stupidity.

Carlos' Stories