Difference between revisions of "Episode357"

From Security Weekly Wiki
Jump to navigationJump to search
Line 99: Line 99:
==Carlos Stories==
==Carlos Stories==
==Jack's Stories==
==Jack's Stories==
#[http://www.cerias.purdue.edu/site/blog/post/were_out_of_balance/ Spaf says we're "out of balance"] What's he talking about? "Computing, as a field in the USA, has had a low and almost constantly decreasing percentage of women going into the field and staying."
#[http://blog.erratasec.com/2014/01/why-we-have-to-boycott-rsa.html#.UsmlkbTWuMZ Robert Graham says "We have to boycott RSA"]
[https://gist.github.com/koenrh/8309232 and here is the scorecard] on those who have withdrawn talks or training from the RSA Conference.  [https://securosis.com/blog/firestarter-the-nsa-and-rsa the folks at Securosis see things differently in this video] and Martin McKeay has some thoughts [http://www.mckeay.net/2014/01/06/still-going-to-rsa/ in this blog post.]  You may be surprised to learn that I have a few thoughts myself.
==Joff's Stories==
==Joff's Stories==

Revision as of 22:50, 9 January 2014

Episode Media

[MP3 pt1]

[MP3 pt2]


PaulDotCom Security Weekly - Episode 357 for Thursday January 9th, 2014

  • Come see me speak next year! First and foremost I will be speaking at S4x14 this year on Jan 14th (on "OTDay"). Visit the conference web site and come to Miami in January.
    • I will, reluctantly, be attending RSA this year as a booth babe. Any requests for outfits are appreciated, send them to me on Twitter @pauldotcom using #whattowearatRSA2014
    • The Offensive Countermeasures Hack Lab at the Mid-Atlantic CCDC conference in 2014, and sticking around to MC the event and do a live Podcast!
    • I'm also slated to speak at the Charlotte ISSA conference in 2014 and the NOLA conference in New Orleans in June
  • We are looking for sponsors for our weekly webcasts and shows. Contact paul -at- hacknaked.tv for details, there are still a few slots available!
  • The Stogie Geeks Show! - Kick some ash with the Stogie Geeks, Thursday nights at 9:00PM EST. Come have a cigar with us! If you are in the Rhode Island area please visit our sponsor the Havana Cigar Club, its an awesome place to have a drink! Make sure you print out your $5.00 off coupon here!
  • Larry teaching SANS classes: Check out his SANS page for the details" 617 in DC in December, and in Orlando in March, Also 571 at RSA
  • Check out the SANS Holiday Hacking Challenge! [1]

Guest Host: Joff Thyer


Joff Thyer is a Security Researcher for the consulting division of Security Weekly, Black Hills Information Security and is on to add some Aussie flavor to the podcast. His loves are Beer, Hacking, Math and Wireless.

Guest Interview: Ian Iamit


Ian is currently serving as a Director of Services at the leading boutique security consulting company IOActive, where he leads the services practice in the EMEA region. He is one of the founders of the Penetration Testing Execution Standard (PTES), its counterpart – the SexyDefense initiative, and a core member of the DirtySecurity crew.

  1. Three words to describe yourself
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of Ass Grabby Grabby do you prefer to go first or second?
  5. Stranded in a desert island, which tablet would you bring along: a) iPad b) Surface c) Android d) All of the above e) None of the above?

Tech Segment: SANS SIFT with Rob Lee


Rob Lee is an entrepreneur and consultant in the Washington, DC area, specializing in information security, incident response, and digital forensics. Rob is currently the curriculum lead and author for digital forensic and incident response training at the SANS Institute in addition to owning his own firm.


Paul's Stories

  1. Critics Cut Deep on Yahoo Mail Encryption Rollout
  2. Drug overdose caused death of hacker | Security & Privacy - CNET News
  3. Yahoo enables default HTTPS encryption for Yahoo Mail
  4. Skipfish Scanner Used in Financial Sector Attacks | The State of Security
  5. avast! blog » Mobile malware a real threat in 2014
  6. "At CES
  7. Snapchat Hack Affects 4.6 Million Users
  8. Anatomy Of A 22-Year-Old X Window Bug: Get Root With Uncovered Flaw
  9. OpenSUSE forums hacked in ANOTHER vBulletin attack
  10. Mikko Hypponen Still Speaking at the RSA Conference
  11. Researchers publish Snapchat code allowing phone number matching after exploit disclosures ignored | ZDNet
  12. gizmodo/full (Gizmodo) Surprise! It's Super Easy to Identify People From Metadata
  13. Trojan program hijacks World of Warcraft accounts despite two-factor authentication
  14. "Flash Memory Cards Contain Powerful
  15. Probes Against Linksys Backdoor Port Surging
  16. OpenSSL Hackers Used Weak Password at Web Host to Deface Site
  17. "Noted speaker
  18. Growing human organs inside pigs in Japan
  19. Researcher Uncovers Backdoor In DSL Routers
  20. FireEye buys outfit that lifted the lid on Chinese cyber-espionage
  21. "Hacker backdoors Linksys
  22. ATM hacker Barnaby Jack's death blamed on accidental drug overdose • The Register

Larry's Stories

  1. [2] - [Larry] - So, Safari stores session states (you know when it closes your browser, and all the tabs come back when you re-open?) in an unencrypted plist file that is world readable. If any of the urls unclude username and password, game over. Looks like someone might need to add this to metasploit enum module…
  2. Redux from the Dragos isn't so crazy department - [Larry] - Recovering 4069 bit RSA keys using acoustic analysis of HF tones. You call BS? One of the researchers is Adi Shamir, the “S” in RSA and the “S” in the FMS WEP attack.
  3. Build your own Shodan - [Larry] - Great post from Robert Graham about leveraging the power of CCC’s 100-Gbps internet pope to do some portscans with masscan.
  4. Snapchat dump - [Larry] - A wretched hive of scum and villainy. Snapchat gets their API leveraged to tie a user to a phone number. 4.6 millions records harvested and released. Now the CSV is interesting in that some additional information was added - IE an attempt to map area code to state/location. Too bad they did it wrong; 617 is not in Michigan.
  5. More snapchat - - [Larry] - You too can now see the code used to partially dump snapchat. They have allegedly “fixed” the problem, with a totally lame response.
  6. Epic backdoor - [Larry] - So, that high number “random” port running on your consumer wireless router? Yeah, it does stuff. All sorts of stuff, including doing a reset, coughing up admin passwords, nvram dump, shell, and WPA PSK. Now we need two things: Shodan to index this port (see personal Shodan story), and for Nessus to gather this info for us. /me looks at Jack, then Paul.

Allison's Stories

Carlos Stories

Jack's Stories

  1. Spaf says we're "out of balance" What's he talking about? "Computing, as a field in the USA, has had a low and almost constantly decreasing percentage of women going into the field and staying."
  1. Robert Graham says "We have to boycott RSA"

and here is the scorecard on those who have withdrawn talks or training from the RSA Conference. the folks at Securosis see things differently in this video and Martin McKeay has some thoughts in this blog post. You may be surprised to learn that I have a few thoughts myself.

Joff's Stories

  1. http://www.securityweek.com/what-can-airport-security-teach-us-about-dealing-insider-threats
  2. http://www.securityweek.com/cyber-security-new-years-resolution-simplify-security
  3. http://www.darkreading.com/vulnerability/4-trends-in-vulnerabilities-that-will-co/240165067
  4. http://www.darkreading.com/monitoring/5-monitoring-initiatives-for-2014/240165105