Paul's Security Weekly - Episode 388 for Thursday September 18th, 2014
And now, from the dark corners of the Internet, where exploits run wild, packets aren’t the only things getting sniffed, and the beer flows steady its Paul’s Security Weekly!
- This segment is sponsored by Palo Alto Networks creators of THE next-generation firewalls, helping you enforce network security policies based on applications, users, and content. Visit them on the web at www.paloaltonetworks.com
- and by The SANS institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
"Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet..."
"Here's your host, a man who [insert something witty here], Paul Asadoorian"
- Announcement - The PVS contest from Tenable! Register Here to enter a contest and win an AR Drone! You must use the PVS to find something cool, details on the registration page.
- Announcement - Join Paul Asadoorian for an awesome webcast titled 5 Things You’re Not Doing With Your Vulnerability Scanner. I promise to keep it real, have ridiculous pictures in the presentation, and show you how to stay regular, with your vulnerability scanner of course!
- Security Weekly Updates:
- SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here.
- Larry is teaching SEC617: Wireless Ethical Hacking, Penetration Testing, and Defenses at SANS Las Vegas from October 20-25th.
- You can purchase Hack Naked T-Shirts online via http://shop.securityweekly.com get yours today!
- Attend the show live if you are in the RI area, check http://securityweekly.com/attend for details
Interview: Michael Gough
This weeks episode is with Michael Gough from Hacker Hurricane, MI2security and BSides Texas.
Michael has 20 years experience in IT and Information Security. In the past Michael has been a consultant for HP and other consultancies, an analyst for the financial sector, health care and State of Texas. Michael now focuses his talents as a Blue Team Defender, malarian fighter and malware archeologist, protecting his employer from nefarious ne'er-do-wellers.
Michael also runs BSides Texas with Michelle Klinger and leads the BSides Austin conference held in March. Michael and his partner in cyber crime discovered the WInNTI malware 10 months before Kasperski released their report. They also discovered and exploited a major Card Key system flaw back in 2010 which can be found on YouTube and were dubbed "The Thoughtful Hackers" when they were on the show in 2011.
In his last venture Michael and his partner have developed out of necessity, a malware discovery tool called "Malware Sentinel" utilizing the Malware Management Framework to find malware on Windows based systems. Michael also developed the 6 page "Windows Logging Cheat Sheet" to provide a starting point on detailed logging for Windows hosts.
HackerHurricane.com – Personal Blog MI2security.com/blog – Malware & Logging Blog MalwareSentinel.com – Malware Discovery tool
MI2security.com/blog - Windows Logging Cheat Sheet MalwareManagementFramework.Org – How to perform Malware Management MI2Security.com/malware-reporting-standard – What indicators to report for malware
- Three words to describe yourself
- If you were a serial killer, what would be your weapon of choice?
- If you wrote a book about yourself, what would the title be?
- In the popular game of ass grabby grabby do you prefer to go first or second?
- Pick two celebrities to be your parents.
Pwnie Express "Not Kevin" - Pwnplug R3
A Security Weekly drawing that people can enter through our website with this link http://info.pwnieexpress.com/securityweeklyspecial as well as a button that will be placed on our homepage by 5pm today titled “Security Weekly Drawing”.
By completing all info required in the form all entries will also receive a $100 discount code towards the Pwn Plug R3.
- Also by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com
- Brought to you by Black Hills Information Security, the leaders in penetration testing and active defense. Email email@example.com to request a quote today!
- Stories of the week is sponsored by http://www.blacksquirrel.io/ - Pentest Networks from Your Browser! Exploit the limits of network security through just a browser. Have a Chrome exploit in your toolkit? Good, but for the rest of us there's Black Squirrel. Visit blacksquirrel.io for more information.
- Also by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
- This segment is brought to you by Tenable Network Security, the creators of Nessus, the worlds best vulnerability scanner. Check out the new Nessus Enterprise and Nessus Enterprise cloud, engage your IT department in the vulnerability management process today!
- Why (Cyber) Insurance Is Sexy
- Medical Records For Sale in Underground Stolen From Texas Life Insurance Firm
- "In Home Depot Breach
- Top 10 Security Issues for REST APIs
- Mucking About With SquashFS
- Meet The Next Next-Gen Firewall
- 7 Reasons To Love Passwords
- Why hackers may be stealing your credit card numbers for years
- Apple blames 'targeted attack' for leaked nude celebrity photos
- Rich Mogull on Apple Pay
- "Hacker ""weev"" has left the United States"
- Protecting yourself against the celebrity iCloud hackers
- TKIP and RC4 is broken - Yup. this seems interesting though
- credit where credit is due - Apple back to it’s own tricks with not crediting bug finders
- banks pwned for 12 years - Hey, these logs might have been helpful…although they were in so long that the bad traffic was likely found as part of the baseline...
- YAY CARLOS - Blogs you should be reading….you all ask us how to stay up to date? well, here is a good start.
- Best XSS EVAR - You’ll want sound, and JS. Wait for the drop, and scroll. Hooray DNS TXT records.
Jack's Stories of Joy and Wonder
- invisible.im has a big announcement this week, with coverage at Wired and Pat Gray's post on why he started the project.
- Hearing first complaints about failing internal resolving due to .prod TLD
- Create your own Personal Threat Level image just like the one used by the Department of Homeland Security An image generator that allows you to create your own Personal Threat Level image just like the one used by the Department of Homeland Security, here's a good sample from Alien at 44Con
- Errata Security: Rebuttal to Volokh's CyberVor post
- IT Security Conundrum, AKA disclosure gone wrong. This kind of thing is why it is irresponsible to use the term "responsible disclosure".
- IBM cuts pay by 10% for workers picked for training IBM has initiated a new training program that will result in a 10% pay cut for (non-voluntary) participating employees.
- How to Choose the Best Vulnerability Scanning Tool for Your Business NO, NO, NO. This is so very bad.
- Using Metadata to find Paul Revere
- An Open Letter to Tim Cook and Apple’s Security Team from Jonathan Zdziarski. Come on Apple, treat the dude fairly.
- Idoneous Security: A tenuous grasp on reality.
- Apple’s “warrant canary” disappears, suggesting new Patriot Act demands
- Microsoft lays off 2,100 employees and Microsoft's Trustworthy Computing group, which works on security and privacy issues, is being broken up.
- 56 million customers hit in latest estimate of the scope of the Home Depot breach
- Former Home Depot managers say security was a low priority. One moment please- let me find my shocked face.