From Security Weekly Wiki
Revision as of 23:38, 2 March 2017 by Jeff (talk | contribs)
Jump to navigationJump to search

Paul's Security Weekly - Episode 503

Episode Audio

[] Coming Soon

Recorded March 2nd, 2017


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jeff Man
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Jack Daniel
    Co-Founder of Security BSides and certified security wizard.


Interview: Alan White, Dell SecureWorks/US Army - 6:00PM-7:00PM

Alan White is the Global Regions Consulting and Services Director for Dell SecureWorks, and is part of the US Army's Computer Emergency Research Team. Previously, Alan was the Director of Security and Risk Consulting (SRC) – Asia Pacific Japan, responsible for managing teams delivering Incident Response, Forensics, Technical Testing and Compliance Services. He built the first Security Operations Center (SOC) in APJ located in Tokyo. As an expert in computer security Alan assists clients in achieving better security awareness, managing threats effectively, and efficiently responding to incidents. He is also an active Lieutenant Colonel in the United States Army National Guard and leads a Cyber Computer Network Defense Team.

Alan has lead each of the service practices and all SRC for North America prior to his role in APJ. His responsibilities entail performing strategic consulting including: incident response management, information risk management, compliance audits (PCI, SOX, SAS70, GLBA, FFIEC, NCUA, HIPAA, ISO27001/2, FISMA/NIST), security strategy, gap analysis and controls assessment, policy development, business impact analysis, and best practices assessment (CERT, CIS, NSA, NIST, ISO, ITIL, CMM, COBIT, OCTAVE). Alan also performs various professional services including: vulnerability assessments, application security assessments, incident response, compliance assessments, penetration testing, database security assessments, and instructing. He has won the SANS Hacker Competition and DoD Cyber Championships.

Alan recently authored the "Red Team Field Manual".

Security News - 7:00-8:30PM

Paul's Stories

  1. Siemens RUGGEDCOM NMS Equipment Vulnerable to CSRF, XSS
  2. Slack Fixes Cross-Origin Token Theft Bug
  3. Cloudbleed Triggered 1.2M Times, Damage Kept to Minimum
  4. We found a hidden backdoor in Chinese Internet of Things devices researchers
  5. White Hat Hackers Warn Of Easy To Hack Household Robots
  6. Yahoo's Marissa Mayer Loses Cash Bonus Over Security Breaches
  7. Three Years after Heartbleed, How Vulnerable Are You?
  8. Researchers find severe flaw in WordPress plugin with 1 million installs
  9. Researchers uncover PowerShell Trojan that uses DNS queries to get its orders
  10. Recent Security Issues Show Vulnerability of the Cloud
  11. Use an Android password manager? Your private information could be at risk
  12. Over a million websites could be at risk from critical WordPress gallery plugin flaw
  13. Week in review: Mac ransomware, women in infosec, and the death of SHA-1 - Help Net Security
  14. Alarming number of businesses hit by hackers in past year: poll

Larry's Stories

  1. I took a leak on my teddybear
  2. Airport security lapses...
  3. Leveraging expired domains for red team engagements

Jack's Stories

Jeff's Stories

  1. It’s the End of SHA-1 and I Feel Fine
  2. Jeff visited the National Cryptologic Museum
  3. Watson will make Jeff a drink!
  4. What happened to the Amazon Cloud???
  5. Amazon S3 Outage is What Happens When One Site Hosts Too Much of the Internet
  6. (PCI Corner) More on Bluetooth POS Skimmers
  7. Howard A. Schmidt Appreciation
  8. Trump, Russia, WTF?

Carlos's Stories