Difference between revisions of "Episode374"

From Security Weekly Wiki
Jump to navigationJump to search
Line 68: Line 68:
=Tech Segment: Something Cool On Embedded Security=
=Tech Segment: Something Cool On Embedded Security=

Revision as of 01:36, 15 August 2014

Episode Media

MP3 pt1

MP3 pt2

MP3 pt3


Paul's Security Weekly - Episode 373 for Thursday May 22nd, 2014

And now, from the dark corners of the Internet, where exploits run wild, packets aren’t the only things getting sniffed, and the beer flows steady its Paul’s Security Weekly!

  • This segment is sponsored by Palo Alto Networks creators of THE next-generation firewalls, helping you enforce network security policies based on applications, users, and content. Visit them on the web at www.paloaltonetworks.com
  • and by Tenable Network Security, the creators of Nessus, the worlds best vulnerability scanner. Check out Tenable's other cool products such as the passive vulnerability scanner and SecurityCenter Continuous View. Visit them on the web at www.tenable.com

"Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet..."

"Here's your host, he's got a face for radio, voice for print, and penmanship of a 1st grader (the one he keeps locked in the basement, that is), Paul Asadoorian!"

Guest Interview: Oj Reeves (@TheColonial)


OJ also known as TheColonial, comes from a developer background. In 2013, he looked at changing paths and found the infosec community. He's worked with rapid7, improving meterpreter and a slew of other projects that are full of awesomeness including kiwi and the optimal sub encoder for metasploit.

  1. You where a Windows Developer before starting working on offensive security coding, what have you liked the most from the change?
  2. Tell us a little bit about what you did with meterpreter?
  3. How complex is to get changes and additions to the Windows Meterpreter code vs ruby code for modules and other areas?
  4. The WMI Query code is broken and you have a patch waiting for approval how can our listeners help push for Egypt and Tod to approve the fix already?
  5. What are the gotchas in terms of restrictions a Windows C++ developer your have when building a extension for Meterpreter use?
  6. Will you be maintaining the changes to the mimikats extensions as it gets expanded?
  7. What exactly is the sub encoder you built?
  8. What do you do in your spare time to brush up on your shellcode and exploit development skills? It looks like you do quite a bit based on your blog.
  9. what are your next projects?

Five Questions

  1. Three words to describe yourself
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of Ass Grabby Grabby do you prefer to go first or second?
  5. If you could have dinner with one celebrity, who would it be?

Ten more questions to ask at random:

  1. If you had super powers, what would they be?
  2. A penguin walks through that door right now wearing a sombrero. What does he say and why is he here?
  3. If we came to your house for dinner, what would you prepare for us?"
  4. Pick two celebrities to be your parents."
  5. What do you think about when you are alone in your car?
  6. What song best describes your life?
  7. If you were a Star Trek® [or Star Wars® ] character, which one would it be?
  8. If you were 80 years old, what would you tell your children?
  9. What is the record amount of time you have gone without a shower?
  10. What is the geekiest thing you've ever done/created/bought/said?

Tech Segment: Something Cool On Embedded Security


  • This segment is brought to you by http://www.blacksquirrel.io/ - Pentest Networks from Your Browser! Exploit the limits of network security through just a browser. Have a Chrome exploit in your toolkit? Good, but for the rest of us there's Black Squirrel. Visit blacksquirrel.io for more information.
  • and by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
  • and by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at pwnieexpress.com

Paul's Stories

  1. Why You Should Ditch Adobe Shockwave
  2. Disclosing vs. Hoarding Vulnerabilities - The world's militaries are investing more money in finding vulnerabilities than the commercial world is investing in fixing them. The vulnerabilities they discover affect the security of us all. No matter what cybercriminals do, no matter what other countries do, we in the US need to err on the side of security and fix almost all the vulnerabilities we find. But not all, yet. Hrm...
  3. Weev invoices feds for ‘kidnapping’ him for 3 years
  4. "Another Site Breached - Time to Change your Passwords! (If you can that is)
  5. Locked In: Keeping Your Enterprise Encryption Keys in Order - The important aspect of contingency key, however, is that your CISO, department head or info sec team has an emergency decrypt capability for the host of issues that can come up from unchecked encryption. But now we target the CSO...
  6. Good Ol’ SQLi Used to Hack Naval Database from Nuclear Carrier - Why is it taking so long for enterprises to perform the basic checks that would prevent these types of cyber-attacks? Good question.
  7. How to wiretap a country
  8. Bitly Installs Two-Factor Security After Insider Account Compromise
  9. Why Your Router Is A Security Risk & How To Fix It
  10. Schneider Electric asks users to patch Heartbleed again
  11. Another Internet Explorer Zero Day Surfaces
  12. Why is eBay burying news of its security breach from its users?
  13. Hacking the D-Link DSP-W215 Smart Plug
  14. eBay Urges Password Changes After Breach — Krebs on Security

Larry's Stories

  1. And I thought hacking from 35K feet was awesome - [LArry] - Yeah, do it from an aircraft carrier instead.
  2. Ebay hacked (Links everywhere) - [Larry] - Looks like a phishing attempt led to access to internal databases of ussr info and hashed passwords. Now, eBay has no apparent official notice on their site that I can find, so no actual note if the problem has been fixed. I wonder if all of the folks changing passwords are doing it too soon…
  3. iCloud hacked - [Larry] - Unconfirmed reports That hackers have broken iCloud. My understanding is the ultimate goal would be to unlock stolen devices.
  4. Paypal merchant account hijack - [Larry] - submitted as part of the bug bounty program. Basically, once you were authenticated it was possible to enumerate and access to other stores admin interfaces. As long as you had valid cookies, the session/user was not tracked.

Jack's Stories

  1. Update for Group Policy vuln and scripts to help improve security This is for MS014-25
  2. Dilbert nails phishing Someone always clicks. Often the PHB.
  3. eBay This has to be in the list, beaten to death but there it is.
  4. Non infosec, but it is Moxie telling pirate stories.
  5. For the crypto geeks: New algorithm shakes up cryptography The money quote is "It discredits several cryptographic systems that until now were assumed to provide sufficient security safeguards."
  6. Outlook on Android, what could possibly go wrong? Well, it could expose email messages and attachments. Note: this is the Outlook.com app, there isn't a "real" Outlook app for Android

Joff's Stories

  1. http://thehackernews.com/2014/05/microsoft-outlook-app-for-android.html - Mobile apps are commonly housing corporate data... Is this really a good thing?