Difference between revisions of "Episode515"

From Security Weekly Wiki
Jump to navigationJump to search
Line 45: Line 45:
  
 
== Jack's Stories ==
 
== Jack's Stories ==
 +
#[http://www.cairnspost.com.au/news/cairns-hospital-suffers-software-catastrophe-with-possible-loss-of-patient-data/news-story/c828de3f4a0f73132ec3d19284cbae88 Dodged a bullet and stepped in front of another one.] Patching wannacry has broken Cairns Hospital's electronic patient records system.

Revision as of 23:01, 25 May 2017

Paul's Security Weekly - Episode 515

Episode Audio

[] Coming Soon

Recorded on May 25, 2017

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.
  • Jeff Man
    Cryptanalyst
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Jack Daniel
    Works for Tenable Network Security and Co-Founder of Security BSides.
  • Announcements

    Interview: Branden Williams - 6:00PM-7:00PM

    Dr. Branden R. Williams has twenty years of experience in business, technology, and information security as a consultant, leader, and an executive. Branden has world for well known Information Security companies as well as founded two. He’s an author, blogger, pilot, and lover of bourbon. In his spare time, you will find him flying airplanes, chasing storms, or manning a barbecue pit.

    • Research: I gave an RSA talk on some research I published last year about how consumers don’t care/recognize breaches. The talk was about security as a business enabler (meaning, stop wielding the stick but give in to the carrot). Could be interesting.
    • Research” I recently did on how much money the PCI Council pulls in for revenue/fees every year.
    • General Topics I’m passionate about: IoT Security and the economics of who should pay for this, CISO Issues, Endpoint security, Security Strategy, DLP, the Business of Security.

    Tech Segment: How Compromise Happens: Active Directory is Vulnerable with Guy Franco and Almog Ohayon, Javelin Networks - 7:00-7:30PM

    Guy Franco,CTO and Co-Founder at Javelin Networks

    Guy is a highly experienced Security Researcher & Developer. He performed as both Red Team and Blue Team attack and defense, in the Israeli intelligence unit of the cyber division and worked commercially as a security consultant. He is highly skilled in the field of Forensics and Security Analysis, with special development and research of cyber defense tools and offensive techniques for networks.

    Almog Ohayon,@md5session,Co- Founder of Javeling NEtworks

    Almog is a Network & Security Architect who served in the Israeli Air Force as part of the OFEK unit. Afterwards, in the private sector was a leader in companies like Cisco and Orange Telecom. He has designed and implemented hundreds of secured infrastructure networks all over the world.

    Security News - 7:30-8:30PM

    Paul's Stories

    1. Gravityscan, keeping WordPress sites safe
    2. Police swoop on gang that planted banking Trojan on 1m phones
    3. Ransomware and the Internet of Things
    4. Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub
    5. A wormable code-execution bug has lurked in Samba for 7 years. Patch now!
    6. Top 10 Tips on How to Avoid Damage From Insider Threats
    7. Twitter Flaw Allowed You To Tweet From Any Account
    8. The Man Who Made The Mistake Of Trying To Help Wikileaks
    9. Latest Cb Defense UX Features Intuitive Design, Easy Access to Answers - Carbon Black
    10. CrowdStrike Raises $100M to Advance Internet Security
    11. How to Become Insanely Well-Connected | First Round Review
    12. IoTruth: IoT is Just a Consumer Issue - ForeScout

    Larry's Stories

    1. Pwning VLC (and others) with subtitle tracks
    2. WiFi to see through walls - We’ve covered this before, but it has reared it’s head again. Not practical.
    3. ALL IT jobs are security jobs - Security is everyone’s responsibility…I seem to remember hearing that before. What is old is new again.
    4. SambaCry - RCE in Samba that’s been there for a loooong time.

    Jeff's Stories

    Jack's Stories

    1. Dodged a bullet and stepped in front of another one. Patching wannacry has broken Cairns Hospital's electronic patient records system.