Paul's Security Weekly #538
Recorded November 30, 2017 at G-Unit Studios in Rhode Island!
Interview: Allison Miller - 6:00PM-6:45PM
Allison Miller has been working in the intersection of cybersecurity, human behavior, and predictive analytics for almost two decades. A proven innovator in the security industry, she has pioneered the use of data-driven detection technologies within security, anti-fraud/anti-abuse, and payments/commerce systems around the world. In addition, Allison is active in the security community as an advisor and leader, and continues to conduct and share research on topics in risk, cybersecurity, and economics — both locally in the SF Bay and internationally.
Tech Segment: Network Telemetry with Mick Douglas, SANS Institute - 6:45-7:45PM
Even when his job title has indicated otherwise, Mick Douglas has been doing information security work for over 10 years. He received a bachelor's degree in communications from Ohio State University. He is the managing partner for InfoSec Innovations. He is always excited for the opportunity to share with others so they do not have to learn the hard way! By studying with Mick, security professionals of all abilities will gain useful tools and skills that should make their jobs easier. When he's not "geeking out" you'll likely find Mick indulging in one of his numerous hobbies; photography, scuba diving, or hanging around in the great outdoors.
I am planning on showing a *hella* cool lab from SANS 555. We'll be showing how to feed common and default logs into an ELK stack, so you can instantly generate an asset inventory... and use network telemetry to find unauthorized hosts. This is a **CRITICAL** problem at many organizations, so much so that it's the very first entry on the 20 Critical Controls. Yes, you're reading this right... simply looking for NTP traffic can help you find unauthorized systems.
- Very quick overview of ELK
- Finding unauthorized NTP use
- Validating hosts through Nessus scan results
- Going forward... next steps.
Security News - 7:45PM-8:30PM
- Pay Attention to SD-WAN Security
- WordPress 4.9.1 Debuts with Updates to Harden Security
- Cisco Patches Critical Playback Bugs in WebEx Players
- The History and Reinvention of NAC
- Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser
- HP Silently Installs Telemetry Bloatware On Your PCHere's How to Remove It
- Why <blank> Gets You Root
- NSA "Red Disk" Data Leak
- Cisco Releases Security Updates
- Apple Releases Security Update for macOS High Sierra
- NSA Contractor, Who was it? - I'm particularly proud and humbled by this one...
- Hey, I forgot the root password
- Why <blank> Gets You Root #iamroot
- Who Was the NSA Contractor Arrested for Leaking the Shadow Brokers Hacking Tools?
- NSA Hit by Yet Another Leak
- Hackers are Taking Advantage of Uber's Security Breach
- 1.7M Accounts Breached in Imgur Attack that Occurred in 2014
- Sexual Assault Also Impacts the Hacker Community