From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 451 - 6:00PM

Recorded February 11th 2016

Episode Audio



proXPN is a leading VPN service offering free accounts, excellent premium features, and an outstanding commitment to privacy and security online. Use the discount code WEEKLY and save 50% for life!

  • Vote for us in the RSA Social Security Bloggers Awards for Best Podcast! We were NOT nominated this year, so you have to write in "Security Weekly". Go vote at http://securityweekly.com/vote
  • InfoSec World 2016, returning to Disney’s Contemporary Resort on April 4-6, 2016, will present over 100 industry experts who will share hands-on, practical advice on a range of security topics. From understanding your adversary to learning about the zero-day exploit market to bridging the gap between security and the business, InfoSec World 2016 will offer an opportunity for security professionals to learn something new and test ideas with peers. Join us in Orlando to increase your information security knowledge, and help the security community get one step closer to Unlocking Security's Message.

Segment Video: Interview with Mike Strouse CEO of ProXPN - 6:00PM-7:00PM

  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.

Stories of the Week - 7:00PM-8:00PM

Paul's Stories

  1. 5 Big Incident Response Mistakes
  2. D-Link DSL-2750B Remote Command Execution
  3. ASUS Router Administrative Interface Exposure
  4. "Beta Testers Wanted: Use a Raspberry Pi as a DShield Sensor
  5. Weird Fitbit data helps one man discover his wife is pregnant
  6. "We might use your IoT stuff to spy on you
  7. IoT’s Day of Reckoning on the Horizon
  8. Power Grid Honeypot Puts Face on Attacks
  9. "We're Going To Use Your Toothbrush To Spy On You
  10. How To Hack The Power Grid Through Home Air Conditioners
  11. Cisco Security Kit Wide-Open To IKE Bug
  12. Hackers aren't smart -- people are stupid

Larry's Stories

  1. A theory? - From a discussion at work I’d love some feedback on. Mass deployments of crypto locker using compromised crews, why the increase? Some thoughts: After OPM breach Chinese sponsored mercenaries are out of work and are now looking to pay the bills with resources that nation states don’t seem to care about. Mistakes get made, and things get tracked to weird places but who cares? Another thought is, maybe nation states are willing to share information, as some of them have more than enough date for the time being, so spreading the love with other compromised hosts and those other nations don't have the same agenda; pain and profit versus information gathering
  2. [http://blog.erratasec.com/2016/02/hackers-arent-smart-people-are-stupid.html Hackers aren’t smart, people are stupid}
  3. Cisco IKE remote code execution - LOL, wut?
  4. https://github.com/jh00nbr/Routerhunter-2.0 RouterHunterBR] - On the converse, Paul, seems like a great way to start building honeypots…*cough*

Jack's Stories

Joff's Stories

Carlos' Stories

Michael's Stories

Jeff's Stories

Kevin's Stories