Difference between revisions of "Episode542"

From Security Weekly Wiki
Jump to navigationJump to search
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
= Paul's Security Weekly #542 =
 
= Paul's Security Weekly #542 =
 +
''Recorded January 4, 2018 at G-Unit Studios in Rhode Island!''
  
<!-- <div align="center">
+
==Episode Audio ==
 +
<div align="center">
 
{{#widget:SoundCloud
 
{{#widget:SoundCloud
|id=366788456
+
|id=379986182
 
|width=75%
 
|width=75%
 
|height=100
 
|height=100
Line 9: Line 11:
 
|visual=false
 
|visual=false
 
}}
 
}}
</div> -->
+
</div>
  
=== Hosts ===
+
== Hosts ==
  
 
{{Template:Paul}}
 
{{Template:Paul}}
Line 23: Line 25:
 
= Interview: Marcello Salvati, Coalfire Labs- 6:00PM-6:45PM =
 
= Interview: Marcello Salvati, Coalfire Labs- 6:00PM-6:45PM =
  
[[File:Marcello.jpg|right|220px|thumb|<center>'''[https://twitter.com/byt3bl33d3r Marcello Salvati]'''<br> is a senior security consultant at [https://www.coalfire.com/ Coalfire]. [</center>]]
+
[[File:Marcello.jpg|right|220px|thumb|<center>'''[https://twitter.com/byt3bl33d3r Marcello Salvati]'''<br> is a senior security consultant at [https://www.coalfire.com/ Coalfire]. </center>]] Marcello Salvati is a senior security consultant at Coalfire Labs by day and by night a tool developer who discovered a novel technique to turn tea, sushi and dank memes into somewhat functioning code. He is an active member of the InfoSec community who has created numerous open-source tools (CrackMapExec, DeathStar, MITMf), has presented at multiple security conferences such as Defcon, BlackHat, 44Con, DerbyCon, and contributed articles to security publications. <center>{{#ev:youtube|jbeigUo8_aQ}}</center>
Marcello Salvati is a senior security consultant at Coalfire Labs by day and by night a tool developer who discovered a novel technique to turn tea, sushi and dank memes into somewhat functioning code. He is an active member of the InfoSec community who has created numerous open-source tools (CrackMapExec, DeathStar, MITMf), has presented at multiple security conferences such as Defcon, BlackHat, 44Con, DerbyCon, and contributed articles to security publications.
 
<!-- <center>{{#ev:youtube|PF69klX4LQU}}</center> -->
 
  
  
Line 33: Line 33:
  
 
= Security News - 7:45PM-8:30PM =
 
= Security News - 7:45PM-8:30PM =
 
+
<center>{{#ev:youtube|a4l86nxkqnY}}</center>
<!-- <center>{{#ev:youtube|PF69klX4LQU}}</center> -->
 
 
 
 
== Paul's Stories ==
 
== Paul's Stories ==
  
Line 53: Line 51:
 
#[http://www.fairinstitute.org/blog/ponemon-report-on-the-true-cost-of-compliance-a-missed-opportunity Jack Jones takes aim at the bogus Ponemon "Cost of data breach" report] and Jack methodically tears it apart.
 
#[http://www.fairinstitute.org/blog/ponemon-report-on-the-true-cost-of-compliance-a-missed-opportunity Jack Jones takes aim at the bogus Ponemon "Cost of data breach" report] and Jack methodically tears it apart.
  
 +
== Keith's Stories ==
 +
#[https://twitter.com/security_craig/status/948933112972660736 Google Chrome guidance for mitigating Spectre / Meltdown]
  
 
{{SocialMedia}}
 
{{SocialMedia}}

Latest revision as of 19:23, 12 July 2018

Paul's Security Weekly #542

Recorded January 4, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jack Daniel
    Co-Founder of Security BSides and certified security wizard.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Not Kevin
    Senior Security Engineer at Barkly, Co-Founder of Vermont Hackspaces, definitely Not Kevin.
  • Keith Hoodlet
    is the Senior Manager of Global DevSecOps at Thermo Fisher Scientific; Co-Founder of the InfoSec Mentors Project .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Interview: Marcello Salvati, Coalfire Labs- 6:00PM-6:45PM

    Marcello Salvati
    is a senior security consultant at Coalfire.

    Marcello Salvati is a senior security consultant at Coalfire Labs by day and by night a tool developer who discovered a novel technique to turn tea, sushi and dank memes into somewhat functioning code. He is an active member of the InfoSec community who has created numerous open-source tools (CrackMapExec, DeathStar, MITMf), has presented at multiple security conferences such as Defcon, BlackHat, 44Con, DerbyCon, and contributed articles to security publications.


    Tech Segment: John Strand, Black Hills Information Security - 6:45-7:45PM

    John will be talking about the new mimikatz event log clearing feature.

    Security News - 7:45PM-8:30PM

    Paul's Stories

    1. 10 Things In Cybersecurity That You Might Have Missed In 2017
    2. Flaw In Major Browsers Allows 3rd-Party Scripts to Steal Your Saved Passwords
    3. Critical Flaw Reported In phpMyAdmin Lets Attackers Damage Databases
    4. Beware Of A VMWare VDP Remote Root Issue
    5. How To Protect Your Home Router From Attacks
    6. Meltdown And Spectre: How Chip Hacks Work
    7. Intel In Security Hot Seat Over Serious CPU Design Flaw

    Larry's Stories

    1. Meltdown writeup
    2. Crashing HDDs with sound. The new Brown Note?
    3. Dockerize your C2

    Jeff's Stories

    1. Forever 21 Provides Details of its Breach Findings

    Jack's one lonely story

    1. Jack Jones takes aim at the bogus Ponemon "Cost of data breach" report and Jack methodically tears it apart.

    Keith's Stories

    1. Google Chrome guidance for mitigating Spectre / Meltdown


    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+