Difference between revisions of "Episode531"

From Security Weekly Wiki
Jump to navigationJump to search
Line 49: Line 49:
 
== Jeff's Stories ==
 
== Jeff's Stories ==
 
#[https://www.csoonline.com/article/3227910/security/hackers-create-memorial-for-a-cockroach-named-trevor.html Remembering Trevor the Roach #Trevorforget]
 
#[https://www.csoonline.com/article/3227910/security/hackers-create-memorial-for-a-cockroach-named-trevor.html Remembering Trevor the Roach #Trevorforget]
 +
#[https://krebsonsecurity.com/2017/09/source-deloitte-breach-affected-all-company-email-admin-accounts/ Et tu, Deloitte???]
 +
#[https://www.forbes.com/sites/melissaagnes/2017/09/25/are-the-equifax-sec-and-deloitte-cybersecurity-breaches-desensitizing-society-to-this-threat/ Is Society Becoming Desensitized to the loss of Personal Data?]

Revision as of 16:56, 28 September 2017

Paul's Security Weekly #531

Recorded September 28, 2017 at G-Unit Studios in Rhode Island!

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jeff Man
    Cryptanalyst
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Interview: Jim Nitterauer, AppRiver - 6:00PM-7:00PM

    Jim Nitterauer, CISSP is currently a Senior Security Specialist at AppRiver, LLC. His team is responsible for global network deployments and manages the SecureSurf global DNS and SecureTide global SPAM and Virus filtering infrastructure as well as all internal applications and helps manage security operations for the entire company. He presents regularly at local regional and national conferences. He writes regularly for the AppRiver blog, Tripwire and Peerlyst. He is also well-versed in ethical hacking and penetration testing techniques, has joined the staff of BSides Las Vegas and has been involved in technology for more than 20 years.

    Five Questions

    1. Three words to describe yourself.
    2. If you were a serial killer, what would be your weapon of choice?
    3. If you wrote a book about yourself, what would the title be?
    4. In the popular game of ass grabby-grabby, do you prefer to go first or second?
    5. Choose two celebrities to be your parents.

    Interview: Ed Skoudis, CounterHack - 6:30-7:00PM

    Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost. Ed led the team that built NetWars, the low-cost, widely used cyber training and skills assessment ranges relied upon by military units and corporations with major assets at risk. His team also built CyberCity, the fully authentic urban cyber warfare simulator that was featured on the front page of the Washington Post. He was also the expert called in by the White House to test the security viability of the Trusted Internet Connection (TIC) that now protects US Government networks and lead the team that first publicly demonstrated significant security flaws in virtual machine technology. He has a rare capability of translating advanced technical knowledge into easy-to-master guidance as the popularity of his step-by-step Counter Hack books testifies.

    Security News - 7:00-8:00PM

    Paul's Stories

    1. Worried by PGP private key exposure stories? You dont have to with contemporary Identity-Based Encryption.
    2. Broadening HSTS to secure more of the Web
    3. Signal taps up Intel's SGX to (hopefully) stop contacts falling into hackers, cops' hands
    4. Cardiac Scan Authentication Your Heart As Your Password
    5. 2-Year-Old Linux Kernel Issue Resurfaces As High-Risk Flaw
    6. Dark-Web Drug Dealer Arrested After He Travelled US for World Beard Championships
    7. Internet Explorer bug can reveal the contents of your address bar
    8. Woman says hacker spied on her through the baby monitor
    9. Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug
    10. If Bill Gates really thinks ctrl-alt-del was a mistake, he should have fixed it himself
    11. Remote Wi-Fi Attack Backdoors iPhone 7

    Jeff's Stories

    1. Remembering Trevor the Roach #Trevorforget
    2. Et tu, Deloitte???
    3. Is Society Becoming Desensitized to the loss of Personal Data?