Episode563

From Security Weekly Wiki
Revision as of 20:11, 7 June 2018 by Matt (talk | contribs)
Jump to navigationJump to search

Paul's Security Weekly #563

Recorded June 7, 2018 at G-Unit Studios in Rhode Island!

Hosts

  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Jeff Man
    Cryptanalyst
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Jason Wood
    Threat hunter at CrowdStrike, penetration tester, sysadmin, and Founder of Paladin Security.
  • Announcements

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • Ticket Sales are open for Social Engineering RI Conference. Saturday, June 6th at Salve Regina University in Newport RI. Go to - http://se-ri.org/ to register! We are giving away 2 tickets to this conference. Please send your best meme of Paul and Larry to psw@securityweekly.com.
    • How do you feel about User and Entity Behavior Analytics? What about your SEIM? Check out Logrhythm's webcast on June 14th at 3:00pm-4:00pm.

    Interview: Jake Reynolds, LogRhythm - 6:00PM-6:45PM

    Jake Reynolds
    is the Technology Alliances Engineer at LogRhythm.

    Jake Reynolds is the Technology Alliances Engineer at LogRhythm, where he is responsible for supporting the development and management of the company’s integrations with third-party technology providers. He has more than twenty-five years of experience in the IT industry, focusing the last fifteen on Security and Forensics. Prior to LogRhythm, he held multiple security architect and engineer roles, and most recently helped spearhead security analytics and threat research at a tier one telecom.


    • Quick update on LogRhythm, including acquisition by Thoma Bravo. It may get covered earlier in the week, but we have a spokesperson from LogRhythm on to comment :)…
    • Interview to focus on efficient, advanced SOC, including ecosystem. Topics to cover include, but not limited to:
      • LogRhythm native capabilities. Focus on Paul’s four basic areas:
        • Threat, Log, Packet, and Host/Endpoint
        • LogRhythm also adds User
      • Ecosystem integrations to enhance the offering, including:
        • Vulnerabilities
        • Configurations
        • Cloud
      • Integration Program/APIs
      • Automated Remediation, including
        • Native Capabilities with Smart Response
        • Integrations with other SOA tools
      • Any additions coming...
    • Final reminder on survey and webcast

    Security News - 7:45PM-8:30PM

    Paul's Suggested Stories

    1. Is Your SOC Flying Blind? - Is Your SOC Flying Blind?
    2. Further Down the Trello Rabbit Hole Krebs on Security
    3. Update Google Chrome Immediately to Patch a High Severity Vulnerability
    4. Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI
    5. Federal Agencies Face an Uphill Battle in Cyber-Preparedness
    6. VPNFilter Update - VPNFilter exploits endpoints, targets new devices
    7. Microsoft Just Put a Data Center on the Bottom of the Ocean
    8. Amazon and eBay pull 'hack risk' smart toys
    9. New Colorado Breach Notification Rules Signed Into Law
    10. Cisco fixes critical bug that exposed networks to hackers | ZDNet
    11. Flash zero-day exploit. Act now!
    12. In Case You Are Wondering, Sex With Robots May Not Be Healthy
    13. Insider attack resistance
    14. What happens if IoT security doesnt get solved?
    15. Researcher Succesfully Hacked In-Flight Airplanes - From the Ground

    Matt's Stories

    1. CounterTack adds advanced managed security services with GoSecure acquisition: https://451research.com/report-short?entityId=95087&type=mis&alertid=1690&contactid=0030e00002EiSYVAA3&utm_source=sendgrid&utm_medium=email&utm_campaign=market-insight&utm_content=newsletter&utm_term=95087-CounterTack+adds+advanced+managed+security+services+with+GoSecure+acquisition

    Jeff's Stories

    Doug's Stories

    https://hackercombat.com/three-state-departments-impacted-no-data-compromised-in-rhode-island-malware-incident/

    State Agencies are particular targets for phishing. This was described as a "generic phishing attack"

    https://www.darkreading.com/analytics/i-for-one-welcome-our-robotic-security-overlords/a/d-id/1331934 -- The return of Dixie Flatline and correlation of data via ai.

    https://threatpost.com/ticketfly-major-concert-venues-still-offline-after-hack/132436/

    http://www.hackwolrdwide.com/ticket-seller-ticketfly-is-the-victim-of-a-data-breach/technology-hacking/2018/

    Defaced by IsHaKdz and asked for 7500 ransom. Happened on 31 May and breached 26 million accounts. Wordpress.

    https://www.darkreading.com/attacks-breaches/vpnfilter-poses-broader-threat-than-first-thought-endpoints-at-risk-too/d/d-id/1331982

    -- Even more devices at risk from VPNFilter. They have added ASUS, Huawei, D-link, and ZTE.

    Technical Segment: John Kinsella, Layered Insight - 6:45-7:45PM

    John Kinsella
    is the Co-Founder and Head of Product for Layered Insight.

    John Kinsella is a co-founder and head of product for Layered Insight, a container security startup based in San Francisco, California. His 20-year background includes security and network consulting, software development, and datacenter operations. John is active in Cloud Security Alliance and NIST container security standards working groups, is a Member of the Apache Software Foundation, and a Linux user since 1992.



    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+