Difference between revisions of "Episode408"

From Security Weekly Wiki
Jump to navigationJump to search
Line 51: Line 51:
== Paul's Stories ==
== Paul's Stories ==
#[http://www.v3.co.uk/v3-uk/news/2397144/lizard-squad-hackers-attack-lenovo-after-superfish-scandal Lizard Squad Hackers Attack Lenovo After Superfish Scandal]
#[http://www.v3.co.uk/v3-uk/news/2397144/lizard-squad-hackers-attack-lenovo-after-superfish-scandal Lizard Squad Hackers Attack Lenovo After Superfish Scandal]
#[http://www.theregister.co.uk/2015/03/02/twitter_triples_abuse_team_knocks_dox/ "Twitter Triples Abuse Team]
#[http://www.theregister.co.uk/2015/03/02/twitter_triples_abuse_team_knocks_dox/ Twitter Triples Abuse Team]
#[http://arstechnica.com/tech-policy/2015/03/us-air-traffic-control-computer-system-vulnerable-to-terrorist-hackers/ US Air Traffic Control Vulnerable To Terrorist Hackers]
#[http://arstechnica.com/tech-policy/2015/03/us-air-traffic-control-computer-system-vulnerable-to-terrorist-hackers/ US Air Traffic Control Vulnerable To Terrorist Hackers]
#[http://www.theregister.co.uk/2015/03/04/dlink_removes_fingers_from_ears_preps_mass_router_patch/ "D-Link Removes Fingers From Ears]
#[http://www.theregister.co.uk/2015/03/04/dlink_removes_fingers_from_ears_preps_mass_router_patch/ "D-Link Removes Fingers From Ears]

Revision as of 01:42, 6 March 2015

Episode Media

MP3 < Not yet published!


Paul's Security Weekly - Episode 408 for March 5th, 2015

And now, from the dark corners of the Internet, where exploits run wild, packets aren’t the only things getting sniffed, and the beer flows steady its Paul’s Security Weekly!

  • This podcast is brought to you by the SANS Institute the most trusted source for computer security training, certification and research. visit www.sans.org to learn more
  • And by Tenable Network Security, creators of Nessus, the world's best vulnerability scanner! Jumpstart your security program today and evaluate SecurityCenter CV, THE continuous monitoring solution. www.tenable.com
  • And by Pwnie Express - Check out the community edition and turn your Nexus 7 into a lean and mean pen testing machine. For all those hard to reach places, there's Pwnie Express, visit them on the web at http://pwnieexpress.com

"Now, fire up a packet capture, pour yourself a beer, and give the intern control of your botnet..."

"Here's your host, a man who manages to identify every white whale in the security podcast industry...who's wildest keyshgning party involved a 55 gallon drum of lube, a midget lemons and a man nicknamed old dick and Paul Asadoorian"

  • Security Weekly Announcements:
    • Cold weather got you down? Warm up to Embedded Device Security Assessments, a 2-day class at Blackhat USA this summer, August 1-2 and 3-4!. Find out more about the course and register here: Register Here Today!
    • Make sure you tune into my Tenable webcast, it is going to be EPIC: Eliminate Credential Headaches with Nessus Agents. Please register today!
    • Paul has a new mini, the Ratworx MRX Mini that is. Its a switchblade that is 2.996 inches length, making it longer than his own mini.

Guest Interview: Jayson Street

Fill out this survery and qualify to win a free PwnPhone!


Jayson E. Street The INFOSEC Ranger at PWNIE Express and author of the book “Dissecting the hack: The F0rb1dd3n Network” plus creator of the site http://dissectingthehack.com He's also spoken at DEFCON, BRUCON, UCON & at several other ‘CONs & colleges on a variety of Information Security subjects. His life story can be found on Google under “Jayson E. Street”. *He's a highly carbonated speaker who has partaken of Pizza from Beijing to Brazil. He does not expect anybody to still be reading this far but if they are please note he was chosen as one of Time’s persons of the year for 2006.



  • Stories of the week is brought to you by Onapsis the leading provider of solutions to protect ERP systems from cyber-attacks. Customers can secure their SAP and Oracle business-critical platforms from espionage, sabotage and financial fraud risks. Visit them on the web at http://www.onapsis.com/
  • And by Black Hills Information Security, the leaders in penetration testing and active defense. Email consulting@blackhillsinfosec.com to request a quote today!
  • And by Black Squirrel. Pentest Networks from Your Browser! Exploit the limits of network security through just a browser. Have a Chrome exploit in your toolkit? Good, but for the rest of us there's Black Squirrel. Visit blacksquirrel.io for more information.

Paul's Stories

  1. Lizard Squad Hackers Attack Lenovo After Superfish Scandal
  2. Twitter Triples Abuse Team
  3. US Air Traffic Control Vulnerable To Terrorist Hackers
  4. "D-Link Removes Fingers From Ears
  5. The C99Shell Is Not Dead
  6. Abusing Blu-ray Players Pt. 1 – Sandbox Escapes | NCC Group
  7. Pulling Remote Word Documents from RAM using Kali Linux | CYBER ARMS - Computer Security
  8. w00tsec: Extracting RAW pictures from memory dumps
  9. albinowax/ActiveScanPlusPlus · GitHub
  10. "The two most dangerous IT security sins
  11. Broadband routers: SOHOpeless and vendors don't care
  12. Listen to an actual Microsoft support scam as it happened

Jack's Shameless Self Promotion and Lack of Stories

There are BSides everywhere. CFPs are open, tickets available, magic is happening.

  1. BSides Las Vegas planning is in full swing. See the website for the Call for Papers, Call for Volunteers and Security, Call for Proving Ground speakers, Logo Contest and more are all happening now. And you can book your rooms in the BSidesLV room block at the Tuscany.
  2. Krypt3ia's Global Threat Intelligence Report: FEBRUARY 2015
  3. It's official: NSA spying is hurting the US tech economy

Joff's stories about his kangaroo pals

  1. Super TLS Freak
  2. GoPro Fun...