From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly #560

This week, we welcome Mathew Silva. Mathew is the Undergraduate student attending Roger Williams University in the Cybersecurity and Networking program and is the President of Cybersecurity and Intel Club at Roger Williams University. Our technical segment this evening will be all about configuring a small router that you can travel with to provide many connectivity options and a VPN tunnel. In the Security News this week Nest hates password reuse, Turkey is hacking its own people, UPnP needs to die, Trump eliminates a cyber security position, Wapiti web scanner and prioritizing vulnerability fixes.

Recorded May 17, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jason Wood
    Threat hunter at CrowdStrike, penetration tester, sysadmin, and Founder of Paladin Security.
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Jeff Man
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist & certified security curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Announcements

    • Go to itpro.tv/securityweekly and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • Our upcoming webcast with Javelin Networks on Overcoming the Limitations of Privilege Account Management is being held on May 24 from noon - 1:00pm

    Interview: Matthew Silva, Roger Williams University - 6:00PM-6:45PM

    Matthew Silva
    is the President and Founder of Cybersecurity & Intel Club at Roger Williams University.
    Undergraduate student attending Roger Williams University. B.A. Cybersecurity and Networking, double minor in Computer Science and Digital Forensics. President of Cybersecurity and Intel Club [CIC] at Roger Williams University.

    Technical Segment: Configuring Your Own Travel Router with OpenVPN - 6:45-7:45PM

    Sometimes you just need a router handy when traveling. This allows you to connect multiple devices, use a VPN for all of them, and allow you to connect to a network via Wifi, Ethernet or USB 4G modem/Tether. All this for just $32 and a little configuration time! Learn how in this technical segment.

    Slides here: https://securityweekly.com/configure-your-own-travel-router-with-openvpn/

    Security News - 7:45PM-8:30PM

    Paul's Stories

    1. Google Project Zero Calls Windows 10 Edge Defense ACG Flawed
    2. 2 million lines of source code left exposed by phone company EE
    3. Nest turns up the temperature on password reusers
    4. The Enterprise of Thing's troubling lack of security
    5. Turkey's Government Tried to Hack Hundreds of Protesters Over Twitter, Researchers Say
    6. US cell carriers are selling access to your real-time phone location data
    7. Attackers Use UPnP to Sidestep DDoS Defenses
    8. Don't Roll the Dice When Prioritizing Vulnerability Fixes
    9. VMware Releases Security Update | US-CERT
    10. 25% of Businesses Targeted with Cryptojacking in the Cloud
    11. Wapiti Web Application Vulnerability Scanner 3.0.1 Packet Storm
    12. Bejtlich Joining Splunk
    13. Google CTF 2018 is here
    14. UPnP joins the 'just turn it off on consumer devices, already' club
    15. RedHat admins, patch now dont let your servers get pwned!
    16. All these vulnerabilities, rarely matter.
    17. Sending Inaudible Commands to Voice Assistants - Schneier on Security

    Larry's Stories

    1. PGP, FUD, e-mail
    2. Detecting GPS and apply to augmented reality
    3. Securus, the cell phone company used by law enforcement, hacked
    4. detecting the evil password spray with Active Directory

    Jeff's Stories

    1. Here's How eFail Attack Works Against PGP and S/MIME Encrypted Emails
    2. Senate Approves Overturning FCC's Net Neutrality Repeal
    3. Trump eliminates national cyber-coordinator job, gives Bolton keys to the cybers
    4. DHS Releases New Cybersecurity Strategy

    Jason's Stories

    1. CIA’s “Vault 7” mega-leak was an inside job, claims FBI
    2. As the Web moves toward HTTPS by default, Chrome will remove “secure” indicator

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+