From Security Weekly Wiki
Revision as of 19:27, 12 July 2018 by Johnny (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Paul's Security Weekly #546

Recorded February 1, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


    Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
    Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
    Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
    Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
    Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.
    Jeff Man
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
    John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Announcements

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand. Currently On-Demand we have webcasts with: Cybereason, Black Hills, Onapsis, Signal Sciences, and Stealthbits!
    • Check out our friends at ItProTV for an awesome library of OnDemand training head on over to ITPro.TV/securityweekly!
    • InfoSec World is March 19-21st of 2018. It is at Lake Buena Vista, Florida. Security Weekly subscribers can save 15% off the InfoSec World 2018 Main Conference or World Pass with the code OS18-SW!

    Interview: Mark Arnold & Will Gragido, InfoSecWorld Speakers - 6:00PM-6:45PM

    Will Gragido
    is the Director of Advanced Threat Protection of Digital Guardian.

    Will Gragido is an internationally recognized information security specialist. He has more than twenty years of experience network and host security, protocol analysis, incident response, design, penetration & red teaming, vulnerability and malware analysis, protocol exploitation, threat intelligence and counterintelligence. He began his career in the United States Marine Corps data communications security and intelligence community. After concluding his military service, Will began applying his skills in national and international consultancies, most notably as a Principal Consultant with the internationally acclaimed International Network Services. His work and experience also led to a contributing role in the creation of the internationally recognized risk management and assessment tool, Trust Check.
    Will has worked with some of the industries most respected threat research organizations including the security practice at International Network Services (now BT INS), Internet Security Systems X-Force, McAfee, Damballa, Cassandra Security, HP TippingPoint DVLabs (now TrendMicro), and Digital Shadows. Most recently Will has returned to the world of product management taking on a strategic role with industry data protection luminaries, Digital Guardian.
    Will is a sought after international speaker, author, and subject matter expert with years of experience working with the media. Recently, Will has appeared as a subject matter expert on ShowTime’s Darknet series discussing ransomware and has co-authored a number of papers and three books for Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats (Syngress, 2011), Blackhatonomics: An Inside Look at The Economics of Cybercrime (Syngress, 2012), and Threat Forecasting: Leveraging BigData for Predicative Analysis (Syngress, 2016).

    Mark Arnold
    is the Sr. Director and CISO at Navisite.

    Mark Arnold brings more than 20 years of technical and leadership experience to his role as a Senior Director of Security and Compliance and CISO at Navisite. Arnold oversees all aspects of security and compliance including managed security services, security product roadmap, and strategy development. He is building a cloud-focused security framework to mature the security postures of Navisite and its clients. Arnold’s broad security experience spans multiple disciplines, including project management, cloud security, identity and access management, network and application security, penetration testing methodology and risk assessment. Additionally, Arnold is an advisor for SOURCE Conference in charge of content. SOURCE Conference runs shows in 5 cities (Boston, Seattle, Mesa, Austin, and Dublin), bringing together security leaders, researchers, and hackers from cross disciplines. Arnold also serves as an Open Web Application Security Project (OWASP) Boston board member and content advisor to the Source Security Conference, giving him unique access to the security research community. Arnold leveraged this access to co-launch the Boston Application Security Conference (BASC) in 2010. Before joining NaviSite, Arnold served as a cloud security researcher building maturity models to help a broad array of verticals mature and grow efficient cloud security programs. Arnold has also held the role of director of information security at PTC. Before that, Arnold established and maintained vulnerability management programs and security engineering at Thermo Fisher Scientific and TJX, both Fortune 200 companies. Under Arnold’s leadership, TJX formed and led its first advanced threats team. Previously, Arnold served as regional security architect at Computershare, where he was responsible for building the company’s application security practice. He also worked as a security architect at @stake, which was acquired by Symantec in 2004. Arnold holds several industry certifications including the Certified Information Systems Security Professional (CISSP) from ISC2 and a Certified Information Security Management (CISM) from ISACA and the SANS Exploit Researcher and Advanced Pentesting (GXPN) certification. Arnold holds an A.M. and Ph.D. from Harvard University in Comparative Semitics where he was a Harvard Teaching Fellow. Arnold has a bachelor’s degree in electrical engineering from Stanford University and an MDiv from Princeton Theological Seminary.

    1. How did you get your start in information security?
    2. With all of the protections available today, why is ransomware a threat to the enterprise? Or is it?
    3. What are the weaknesses ransomware preys upon?
    4. What is a tabletop exercise?
    5. Why are they so useful for ransomware?
    6. For practitioners listening, why should they love tabletop exercises and step away from the keyboard?
    7. How do you execute on the lessons learned in tabletop exercises?

    Tech Seg: Want to test the MITRE Attack technique matrix? Look no further than Caldera - 6:45-7:45PM

    This fantastic tool automates the checks for a large portion of MITREs awesome framework.

    Security News - 7:45PM-8:30PM

    Paul's Stories

    1. This smart vibrator can be "easily" hacked and remotely controlled by anyone
    2. CT, MRI machines face the greatest risk of cyberattack, researchers warn | ZDNet
    3. Threat or menace? Autosploit tool sparks fears of empowered script kiddies
    4. Bitcoin exchange robbed by real-life bank robbers with real-life guns
    5. Subway Elevators and Movie-Plot Threats
    6. Subway Elevators and Movie-Plot Threats
    7. Deepfakes AI celebrity porn channel shut down by Discord
    8. Multiple vulnerabilities in 7-Zip. Get it updated now!
    9. Millennials, careless with passwords, spur shift to biometrics study
    10. What is microsegmentation? How getting granular improves network security
    11. A real-life armed robbery of an online Bitcoin exchange
    12. California Senate defies FCC, approves net neutrality law
    13. NSA Exploit Use On Rise For Crypto Currency Mining
    14. Security Breaches Don't Affect Stock Price
    15. Dissecting the Latest Koobface Facebook Campaign
    16. Lies and More Lies
    17. First Jackpotting Attacks Hit U.S. ATMs
    18. Estimating the Cost of Internet Insecurity

    Jeff's Stories

    1. Releasing Autosploit: Threat or Menace?
    2. White House: Strava heat map is a "security risk" (Or is it?)

    Larry's Stories

    1. IBMPCjr 0-day
    2. Cisco RCE - also this
    3. Time to update some TTPs
    4. Automated hash cracking with Hate_Crack
    5. SATAN of the future, aka dbautopwn? No, it's AutoSploit!
    6. Strava, but different. Sure, finding military bases are awesome, but also reveals so much more. Turn this to the personal stalky side too.

    Jack's Stories

    Joff's Stories

    Keith's Stories