Episode491

From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly - Episode 491

Recorded: December 1, 2016

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jeff Man
    Cryptanalyst
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Jack Daniel
    Co-Founder of Security BSides and certified security wizard.

Episode Audio

[] Coming Soon

Announcements

  • Make sure you visit http://securityweekly.com/subscribe and subscribe to our new shows including Enterprise Security Weekly and Startup Security Weekly. You can also subscribe to all shows individually, as well as a main feed which contains this show, Hack Naked TV and Enterprise Security Weekly.
  • Take our super cool survey! http://www.securityweekly.com/survey

Interview: John Hurd and Alex Valdivia, ThreatConnect - 6:00-7:00PM

  • John Hurd and Alex Valdivia

John Hurd is an Intelligence Research Analyst. Alex Valdivia is a Threat Intel Researcher. Together they are part of the ThreatConnect team. They know what it takes to work at the front lines of cyber defense. They know that they’re stronger together than we are apart. They're strategic business thinkers. Since 2011, ThreatConnect has led the threat intelligence revolution, building the industry’s most comprehensive threat intelligence platform along with its largest trusted cybersecurity community.

[1]

discuss our platform, our research team, and/or recent findings of interest by our team


  1. Three words to describe yourself.
  2. If you were a serial killer, what would be your weapon of choice?
  3. If you wrote a book about yourself, what would the title be?
  4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
  5. Choose two celebrities to be your parents.

Technical Segment: Jimmy Mesta, Containerizing your Security Operations Center - 7:00PM-7:30PM

Jimmy Mesta is an application security leader that has been involved in Information Security for nearly 10 years. He is the chapter leader of OWASP Santa Barbara and co-organizer of the AppSec California security conference. Jimmy has spent time on both the offense and defense side of the industry and is constantly working towards building modern, developer-friendly security solutions. His core focus has been in application and cloud security with an emphasis on secure architecture, automated testing, developer training and defensive techniques.

Security News - 7:30PM-8:30PM

Paul's Stories

  1. Senators Make Last-Ditch Attempt To Block Expanded Government Hacking Authority
  2. Protocol96 | Bugtraq: SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic
  3. Mirai Botnet Knocks Out Deutsche Telekom Routers
  4. Mirai Botnet Knocks Out Deutsche Telekom Routers
  5. Information Security: The Reporting Line of the CISO is Key to Success
  6. Information Security: The Reporting Line of the CISO is Key to Success
  7. Windows Malware Infections Spiked 106% From Black Friday To Cyber Monday
  8. Windows Malware Infections Spiked 106% From Black Friday To Cyber Monday

Larry's Stories

  1. Comma OpenPilot released opensource
  2. Calendar invite iCloud spam
  3. San Francisco MUNI hacked
  4. Mirai gets some upgrades
  5. PyExifil, Puthon for data Exfil
  6. Reverse Engineering TDDP in TP-Link routers for shell

Jack's Stories

Jeff's Stories

  1. Russian Propaganda Effort Helped Spread 'Fake News' During Election, Experts Say
  2. The Propaganda About Russian Propaganda

Comment from a friend: "a colleague of mine at the University of Maryland, is a Professor of Practice in the School of Journalism and continues to write for the Post. The Post suspects that there is an organized effort by unnamed Russian “operatives" to flood the comments sections attached to political reporting. The suspicion arises out of certain patterns of language that the Post's Russian speaking correspondents allege is likely to come from a native Russian speaker."

Michael's Stories