Difference between revisions of "Episode346"

From Security Weekly Wiki
Jump to navigationJump to search
m (Text replacement - "\{\{\#ev\:bliptv\|(.*)\}" to "\[https://youtube.com/securityweeklytv Visit The Security Weekly YouTube Channel for all of our latest videos\!\]")
 
(19 intermediate revisions by 5 users not shown)
Line 2: Line 2:
  
 
= Episode Media =
 
= Episode Media =
[MP3 pt1]
+
[http://traffic.libsyn.com/pauldotcom/PaulDotCom-346-Part1.mp3 MP3 pt1]
 +
 
 +
[http://traffic.libsyn.com/pauldotcom/PaulDotCom-346-Part2.mp3 MP3 pt2]
  
 
= Announcements =
 
= Announcements =
  
PaulDotCom Security Weekly - Episode 346 for Thursday September 19th, 2013
+
Security Weekly - Episode 346 for Thursday September 19th, 2013
  
* [[Episode350|Episode 350]] of PaulDotCom will be recorded and streamed live on October 25, 2013. We are looking for submissions for technical segments, send them to psw -at - pauldotcom.com and we will pick the best ones to be featured on the show. We are looking for panel guests as well! Support our chosen charity: [http://www.wingsforwarriors.org Wings For Warriors]. This will be an all day event!
+
* [[Episode350|Episode 350]] of Security Weekly will be recorded and streamed live on October 25, 2013. We are looking for submissions for technical segments, send them to psw -at - securityweekly.com and we will pick the best ones to be featured on the show. We are looking for panel guests as well! Support our chosen charity: [http://www.wingsforwarriors.org Wings For Warriors]. This will be an all day event!
  
 
* We've released a book on Offensive Countermeasures!  Visit [http://tinyurl.com/OCM-Amazon tinyurl.com/OCM-Amazon] to add this to your summer reading list.
 
* We've released a book on Offensive Countermeasures!  Visit [http://tinyurl.com/OCM-Amazon tinyurl.com/OCM-Amazon] to add this to your summer reading list.
Line 20: Line 22:
 
<center>[[File:Vivek.jpeg]]</center>
 
<center>[[File:Vivek.jpeg]]</center>
  
<!---<center>{{#ev:bliptv|6639351}}</center>--->
+
<center>\[https://youtube.com/securityweeklytv Visit The Security Weekly YouTube Channel for all of our latest videos\!\]}</center>
  
 
Biography:
 
Biography:
Line 41: Line 43:
  
 
= Stories =
 
= Stories =
<!---<center>{{#ev:bliptv|6639360}}</center>--->
+
<center>\[https://youtube.com/securityweeklytv Visit The Security Weekly YouTube Channel for all of our latest videos\!\]}</center>
  
  
 
== Paul's Stories ==
 
== Paul's Stories ==
 
+
#[http://www.esecurityplanet.com/network-security/5-tips-to-protect-networks-against-shodan-searches.html 5 Tips to Protect Networks Against Shodan Searches - eSecurity Planet]
 +
#[http://codeinsecurity.wordpress.com/2013/09/09/installing-dropbox-prepare-to-lose-aslr/ Installing Dropbox? Prepare to lose ASLR. | codeinsecurity]
 +
#[http://volvent.blogspot.com/2013/09/cloning-infrared-disarming-remote-of.html Volvent Security R&D: Cloning an Infrared Disarming Remote of a Consumer Grade Home Security System]
 +
#[http://blog.pentbox.net/index.php?action=view&controller=post&id_post=4 "How did I get a root shell in my NAS]
 +
#[http://nakedsecurity.sophos.com/2013/09/13/would-you-believe-it-women-more-in-favour-of-porn-filters-than-men/ Would you believe it? Women more in favour of porn filters than men]
 +
#[https://isc.sans.edu/diary/Apple+DDOS%3F++Nope%2C+just+the+update+coming+down%21/16616 "Apple DDOS? Nope]
 +
#[http://news.hitb.org/content/nsa-contract-vupen-revealed NSA Contract With VUPEN Revealed]
 +
#[http://news.hitb.org/content/skimming-made-easier-hacked-portable-card-payment-machines Skimming made easier with hacked portable card payment machines]
 +
#[http://www.computerworld.com/s/article/9242472/Security_researchers_create_undetectable_hardware_trojans Security researchers create undetectable hardware trojans]
 +
#[http://www.theinquirer.net/inquirer/news/2294363/marissa-mayer-does-not-lock-her-iphone-with-a-passcode Marissa Mayer does not lock her iPhone with a passcode- The Inquirer]
 +
#[http://news.hitb.org/content/seagate-produce-5tb-hard-drive-next-year-20tb-2020 "Seagate to produce 5TB hard drive next year]
 +
#[http://news.hitb.org/content/apples-fingerprint-id-may-mean-you-cant-take-fifth Apple's Fingerprint ID May Mean You Can't 'Take the Fifth']
 +
#[http://www.darkreading.com/black-hat-announces-first-ever-west-coas/240161193 Black Hat Announces First Ever West Coast Trainings Event]
 +
#[http://www.darkreading.com/management/it-pros-lack-security-management-support/240161148 "IT Pros Lack Security Management Support]
  
 
==Greg's Stories==
 
==Greg's Stories==
Line 51: Line 66:
 
#[http://blogs.computerworld.com/android/22806/google-knows-nearly-every-wi-fi-password-world Android User? Google might have your WiFi passwords] Since Android 2.2 the ability to save and sync wifi passwords between Android devices.
 
#[http://blogs.computerworld.com/android/22806/google-knows-nearly-every-wi-fi-password-world Android User? Google might have your WiFi passwords] Since Android 2.2 the ability to save and sync wifi passwords between Android devices.
 
#[http://www.computerworld.com/s/article/9242374/Oracle_finally_adds_whitelisting_capabilities_to_Java Java adds whitelisting into 1.7U40]
 
#[http://www.computerworld.com/s/article/9242374/Oracle_finally_adds_whitelisting_capabilities_to_Java Java adds whitelisting into 1.7U40]
 +
#[http://magervalp.github.io/2013/09/12/os-x-passwords-leaked-during-login.html Mac OS pre 10.8.5 with config profiles expose passwords in clear text]
 +
#[http://www.engadget.com/2013/09/19/us-lawmakers-apple-ios-7-activation-lock/ iOS 7 introduces activation lock]
 +
#[http://blog.erratasec.com/2013/09/we-scanned-internet-for-port-22.html Errata Sec scanned the internets for SSH]
 +
#[http://www.forbes.com/sites/andygreenberg/2013/09/19/ios-7-bug-lets-anyone-bypass-iphones-lockscreen-to-hijack-photos-email-or-twitter/ Another iOS lock bypass bug]
  
 
==Patrick's Stories==
 
==Patrick's Stories==
 +
#[http://www.rollingstone.com/feature/the-geeks-on-the-frontlines Rolling Stone hackers article]
 +
#[http://thenextweb.com/lifehacks/2013/09/12/10-things-you-should-never-say-during-presentations-2/ 10 Things to Never Say During a Presentation]
 +
#[http://www.redmondpie.com/iphone-5s-touch-id-requires-a-live-finger-to-unlock-wont-work-with-one-thats-severed-from-body/ iPhone 5 and a severed finger]
 +
#[http://www.bbc.co.uk/news/technology-24108673 Netflix uses pirate sites to decide what to carry]
 +
#[http://www.darkreading.com/management/for-security-pros-maintaining-credibilit/240161320/ How often do you sound the alarm? Too much? Too little?]
 +
#[http://threatpost.com/nsa-bought-exploit-service-from-vupen-contract-shows/102314#.Ujgzvo9dvXk.twitter Another satisfied VUPEN customer...the NSA!]
 +
#[http://www.symantec.com/connect/blogs/hidden-lynx-professional-hackers-hire Hidden Lynx, a new "hackers for hire" group identified by Symantec]
 +
#[http://0xa.li/some-interesting-malicious-php-files/ I like shells]

Latest revision as of 16:28, 29 June 2017


Episode Media

MP3 pt1

MP3 pt2

Announcements

Security Weekly - Episode 346 for Thursday September 19th, 2013

  • Episode 350 of Security Weekly will be recorded and streamed live on October 25, 2013. We are looking for submissions for technical segments, send them to psw -at - securityweekly.com and we will pick the best ones to be featured on the show. We are looking for panel guests as well! Support our chosen charity: Wings For Warriors. This will be an all day event!
  • We've released a book on Offensive Countermeasures! Visit tinyurl.com/OCM-Amazon to add this to your summer reading list.
  • We are looking for sponsors for our weekly webcasts and shows. Contact paul -at- hacknaked.tv for details!
  • The Stogie Geeks Show! - Kick some ash with the Stogie Geeks, Thursday nights at 9:00PM EST. Come have a cigar with us! If you are in the Rhode Island area please visit our sponsor the Havana Cigar Club, its an awesome place to have a drink! Make sure you print out your $5.00 off coupon here!

Guest Interview: Vivek Ramachandran

Vivek.jpeg
\Visit The Security Weekly YouTube Channel for all of our latest videos\!\}

Biography:

Vivek Ramachandran is a world renowned security researcher and evangelist. His expertise includes computer and network security, exploit research, wireless security, computer forensics, embedded systems security, compliance and e-Governance. He is the founder of Security Tube and Pentester Academy .


Five Questions:

  • Three words to describe yourself
  • If you were a serial killer, what would be our weapon of choice?
  • In a game of ass grabby-grabby do you prefer to go first or second?
  • If you wrote a book about yourself, what would the title be?
  • Stranded on a desert island, which tablet would you bring with you if you could choose only one: Android, iPad or Surface?



Stories

\Visit The Security Weekly YouTube Channel for all of our latest videos\!\}


Paul's Stories

  1. 5 Tips to Protect Networks Against Shodan Searches - eSecurity Planet
  2. Installing Dropbox? Prepare to lose ASLR. | codeinsecurity
  3. Volvent Security R&D: Cloning an Infrared Disarming Remote of a Consumer Grade Home Security System
  4. "How did I get a root shell in my NAS
  5. Would you believe it? Women more in favour of porn filters than men
  6. "Apple DDOS? Nope
  7. NSA Contract With VUPEN Revealed
  8. Skimming made easier with hacked portable card payment machines
  9. Security researchers create undetectable hardware trojans
  10. Marissa Mayer does not lock her iPhone with a passcode- The Inquirer
  11. "Seagate to produce 5TB hard drive next year
  12. Apple's Fingerprint ID May Mean You Can't 'Take the Fifth'
  13. Black Hat Announces First Ever West Coast Trainings Event
  14. "IT Pros Lack Security Management Support

Greg's Stories

  1. Dropbox Opening your docs HoneyDocs a new tool from Marcus Carey aka threatagent found that when uploading files to dropbox it was opening the file with LibreOffice.
  2. Android User? Google might have your WiFi passwords Since Android 2.2 the ability to save and sync wifi passwords between Android devices.
  3. Java adds whitelisting into 1.7U40
  4. Mac OS pre 10.8.5 with config profiles expose passwords in clear text
  5. iOS 7 introduces activation lock
  6. Errata Sec scanned the internets for SSH
  7. Another iOS lock bypass bug

Patrick's Stories

  1. Rolling Stone hackers article
  2. 10 Things to Never Say During a Presentation
  3. iPhone 5 and a severed finger
  4. Netflix uses pirate sites to decide what to carry
  5. How often do you sound the alarm? Too much? Too little?
  6. Another satisfied VUPEN customer...the NSA!
  7. Hidden Lynx, a new "hackers for hire" group identified by Symantec
  8. I like shells