From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly - Episode 517

Episode Audio

Recorded on June 8, 2017


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Announcements

    Interview: Graham Cluley - 6:00PM-7:00PM

    Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been a well-known figure in the computer security industry since the early 1990s when he worked as a programmer, writing the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Since then he has been employed in senior roles by companies such as Sophos and McAfee, and now runs his own security news website and podcast.

    1. How did you get your start in information security?
    2. Recently there has been a trend towards content leaking, for example Netflix losing OITNB episodes, do you see this as a trend that will continue?
    3. What is your take on the stream of headlines reporting that the Russian Government neddled with the US election ,beyondhacking the DNC?
    4. What do you recommend folks do to keep up with the security news and security trends?
    5. What are some of the biggest myths about WannaCry? Truths?
    6. What can we do to improve the IoT security lanscape? Regulations? Standard? Guidelines? What's working and what will not work?
    7. Should you keep Bitcoin on hand in case of Ransomeware attacks?
    8. What are some tips for our listeners to protect your privacy online, specifially in the browser?
    9. How concerned are you about attacks against you personally, and what extra opsec mesures do you take?
    10. What is your take on Microsoft's patching process this year and their play into the security market?

    Five Questions

    1. Three words to describe yourself.
    2. If you were a serial killer, what would be your weapon of choice?
    3. If you wrote a book about yourself, what would the title be?
    4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
    5. Choose two celebrities to be your parents.

    Tech Segment: Detecting The Empire's Death Star Attack - 7:00-7:30PM

    Recently, research was published on how to use Powershell Empire's API to obtain Domain Admin in an Active Directory environment with the click of a button. The original research, and tools called Empire and DeathStar, can be found in the post Automating the Empire with the Death Star: getting Domain Admin with a push of a button by byt3bl33d3r. Essentially, the entire process has been automated. Scary stuff. Some may ask, "How do I detect and prevent this attack?" Tune in to this segment to find out how to use products available from Javelin Networks to do just that!

    As the VP of Global Security Architecture for one of the world's largest providers of business outsourcing solutions, V.Jay LaRosa leads the team of security architects with responsibility for the global strategy, design, and implementation oversight of ADP’s global Security, Risk, and Privacy technologies, covering the enterprise, ADP products, physical security, and the fraud technology protections employed by ADP. Prior to his role at ADP, V.Jay worked for EMC for over 15 years where he served as the Principal Security Architect, as well as having the responsibility for the Critical Incident Response Team (CIRT) under the Global Security Organization. During his tenure, he was not only responsible for the design and implementation of EMC’s global technical security strategy, but also built and managed an enterprise class Critical Incident Response Center (CIRC) with a global focus on converged security, fraud, cyber criminal activity, and forensic investigations. V.Jay has a wealth of knowledge with over 23 years of experience in IT, converged security, and deployment/management of global business protection platforms. He is a Certified Information Systems Security Professional (CISSP), a member of the ACFE, and a member of the FBI Infragard program. V.Jay is also actively involved in many other industry and government cyber security research.

    Almog Ohayon is a Network & Security Architect who served in the Israeli Air Force as part of the OFEK unit. Afterwards, he entered the private sector for companies like Cisco and Orange Telecom. Almog has designed and implemented hundreds of secured infrastructure networks all over the world.

    Security News - 7:30-8:30PM

    Paul's Stories

    1. Beware! Fireball Malware Infects Nearly 250 Million Computers Worldwide
    2. FBI Arrests NSA Contractor for Leaking Secrets Here's How they Caught Her
    3. getsploit: Search & Download Exploits!
    4. Some non-lessons from WannaCry
    5. IDG Contributor Network: Top 5 InfoSec concerns for 2017
    6. VMware Patches Critical Vulnerabilities in vSphere Data Protection
    7. OneLogin Security Chief Reveals New Details Of Data Breach
    8. Most vulnerabilities first blabbed about online or on the dark web
    9. Authentication Bypass, Potential Backdoors Plague Old WiMAX Routers
    10. Linux Malware Enslaves Raspberry Pi To Mine Cryptocurrency
    11. Internet Cameras Have Hard-Coded Passwords You Can't Change
    12. Will Deception as a Defense Become Mainstream?
    13. How a few yellow dots burned the Intercepts NSA leaker
    14. TV Hack Sparks Middle East's Diplomatic Crisis
    15. 53 Percent of Enterprise Flash Installs are Outdated

    Larry's Stories

    1. Healthcare Industry Cybersecury Task Force report - outlook not so good: Issues identified included severe lack of security talent, legacy equipment, premature/over-connectivity, and vulnerabilities that impact patient care. It also mentioned “one legacy medical technology [that] had over 1,400 vulnerabilities.”
    2. Epic 2 factor - Active Directory authentication is denied until the user badge into the office building, and are tied to specific locations
    3. PowerPoint Malware, no macros needed - Woah.
    4. Automated path to DA with DeathStar
    5. Part 2 of locking down the Mr.Robot Vulnerable machine - With AppArmor