Announcements & Shameless Plugs
PaulDotCom Security Weekly - Episode 279 for Thursday February 23d, 2012
- John Strand will be teaching Offensive Countermeasures at SANS Orlando March 23-24th: Check it out here
- Larry is teaching SEC617: Wireless Ethical Hacking, Penetration Testing and Defenses 5 times this year: vLive!: April 16 - 22, 2012, SANS Cyber Guardian 2012, Baltimore: April 30 - 06, 2012, SANS Toronto 2012, Toronto: May 14 - 20, 2012, Community SANS Ottawa, Ottawa: June 11 - 17, 2012, SANS Sydney 2012, Sydney, AU: November 12 - 18, 2012
- Check out our new shows: Hack Naked TV with John Strand, Hack Naked At Night with Larry and Darren, PaulDotCom Espanol with Carlos Perez.
- Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Whether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being released and talk "Stogie Tech".
- Don't forget to Follow us on Twitter
Interview: Tanya Baccam
Tanya is a SANS senior instructor, courseware author and consultant on perimeter security, network infrastructure design, system audits, and Web server security. Tanya is a widely respected expert on Oracle Database security and owner of Baccam Consulting.
- Tell us how you got your start in Information Security
- Has the threat landscape changed towards databases since you began to focus on database security?
- What are your top things to check when it comes to tightening database security? What are some of the quick wins that companies should look at for database security?
- What tools do you use in your everyday work to defend and validate the information in your client's databases?
- What are your favorite tools for securing the perimeter?
- As we move towards a mobile workforce, have database vendors kept up with security or are they falling behind?
Guest Tech Segment: Doug Burk on Security Onion
Doug Burk is a SANS GSE and Community Instructor, Network Security Monitoring enthusiast and author of the Security Onion. He's on to give us an overview of Security Onion and it's main features.
Security Onion download
- The lost phone project - [Larry] - So what really happens when you lose your cellphone? Symantec tried an experiment, and intentionally lost 50 smartphones across the US and Canada. The phones with installed with tracking a tracking app, and just about all revealed that the finders snooped through the phones looking at the sensitive information, and trying the "stored passwords"
- Github/Rails hack - [Larry] - YAY!, github had a vulnerability in which third parties could insert thier oen keys into any project. The person who found it, added his keys to the rails project and added a humorous commit in order to perform the ntotification. Yikes. I'd argue 2 things: 1. audit all your keys in your git repositories. 2. Call for a code audit of your git projects.
- linode bitcoin heist - [Larry] - Attackers gain access to linode's network gear, then eventually get access to linodes management application, allowing full control of all of linode's shared hosts. From here, the attackers had full control of all of linode's servers, ad the attackers used this to transfer bitcoins out of the hot wallets of at least one bitcoin exchange.
- Chrome falls in Pwn2Own - [Larry] - … and more importantly, Pwnium, Google's Chrome hacking contest. In prior years, Chrome didn't fall, but apparently offering hefty bounties changes all that. It just goes to show, that as an attacker, if there is some monetary value to it, any application os worthy of an attack. Oh, and the bug found yesterday has already been fixed and released.
- NASA lost complete control of networks 13 times last year - [Larry] - Yikes. To quote from the congressional testimony, "In FY 2011, NASA reported it was the victim of 47 APT attacks, 13 of which successfully compromised Agency computers. In one of the successful attacks, intruders stole user credentials for more than 150 NASA employees – credentials that could have been used to gain unauthorised access to NASA systems. Our ongoing investigation of another such attack at [Jet Propulsion Labs] involving Chinese-based internet protocol (IP) addresses has confirmed that the intruders gained full access to key JPL systems and sensitive user accounts." Ooof.
- Kitties and Titties - [Larry] I mean, what's not to like. I'm still having a hard (huhhuhuhuhuuhuhuhu) time finding the kitties though.