- 1 Paul's Security Weekly - Episode 520
- 2 Announcements
- 3 Interview: Moses Hernandez, Cisco Systems - 6:00PM-7:00PM
- 4 Tech Segment:Admin hunting and methods of credential theft for high privileged accounts, Javelin Networks - 7:00-7:30PM
- 5 Security News - 7:30-8:30PM
Paul's Security Weekly - Episode 520
Recorded on June 29, 2017
Interview: Moses Hernandez, Cisco Systems - 6:00PM-7:00PM
Moses is a Consulting Systems Engineer for Cisco Systems, an instructor for the Penetration Testing Courses at SANS, and provides several days of Content for SEC642: Advanced Web Application Penetration Testing. He has been loosely involved in all things ‘computer’ since the mid 90 were when he ran bulletins boards as a teenager. Other than the regular types of jobs an info sec pro can hold, he has also worked as a platform operator automating application delivery and has given talks on working in the trenches with developers and operations. You can find him twittering and occasionally blogging at renegade.blog.
- Three words to describe yourself.
- If you were a serial killer, what would be your weapon of choice?
- If you wrote a book about yourself, what would the title be?
- In the popular game of ass grabby-grabby, do you prefer to go first or second?
- Choose two celebrities to be your parents.
Tech Segment:Admin hunting and methods of credential theft for high privileged accounts, Javelin Networks - 7:00-7:30PM
Guy is a highly experienced Security Researcher & Developer. He performed as both Red Team and Blue Team attack and defense, in the Israeli intelligence unit of the cyber division and worked commercially as a security consultant. He is highly skilled in the field of Forensics and Security Analysis, with special development and research of cyber defense tools and offensive techniques for networks.
Security News - 7:30-8:30PM
- Separating the Paranoid from the Hacked
- Choosing Windows for your organization should get you fired - I love this because it is to controvertial of a viewpoint, and rocks the boat: In the wake of yet another ransomware attack—this time named NotPetya—I have a special message specifically for those of you working in organizations that continue to run Microsoft Windows as the operating system on either your servers or your desktops: You are doing a terrible job and should probably be fired. I know. That’s harsh. But it’s true. If you haven’t yet replaced Windows, across the board, you absolutely stink at your job.
- Virus (cough, cough, Petya) goes postal at FedEx, shares halted - FedEx has suspended trading of its shares on the New York stock exchange after admitting that its subsidiary TNT Express has been hit by "an information system virus."
- US reveals new airport security measures to avoid expanding laptop ban
- IoT Vulns Draw Biggest Bug Bounty Payouts - Finding vulnerabilities tied to the Internet of Things (IoT) carries the potential to capture payouts that are considered among the most lucrative for bug hunters, according to reports released Wednesday by Bugcrowd and HackerOne. IoT and hardware bugs found in such devices as routers, webcams, wearables, and automobiles pay an average of $724 per submission, which is substantially higher than the overall average of $451 per submission last year, according to Bugcrowd. As a result, IoT and hardware targets are viewed as the targets with the highest value.'
- Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response
- The Life, Death, And Legacy Of iPhone Jailbreaking - Awesome article: Things, however, have changed. The jailbreaking community is fractured, with many of its former members having joined private security firms or Apple itself. The few people still doing it privately are able to hold out for big payouts for finding iPhone vulnerabilities. And users themselves have stopped demanding jailbreaks, because Apple simply took jailbreakers' best ideas and implemented them into iOS. I mean, you can also just buy a phone from Google and run Android...
- Doxing, DoS & Defacement: Today's Mainstream Hacktivism Tools
- Hacking nuclear submarines how likely is the nightmare scenario?
- Linux Systemd Bug Could Have Led to Crash, Code Execution
- WikiLeaks Reveals How CIA Malware Tracks Geo-Location of its Targeted
- Enterprises just as vulnerable to IT risk as SMBs, Netwrix survey finds
- How an Entire Nation Became Russia’s Test Lab for Cyberwar
- British Navy’s Advanced New Aircraft Carrier Reportedly Runs on Windows XP
- [www.telegraph.co.uk/news/2017/06/28/nato-assisting-ukrainian-cyber-defences-ransom-ware-attack-cripples/ Nato warns cyber attacks 'could trigger Article 5' as world reels from Ukraine hack]