Difference between revisions of "Episode570"
|Line 67:||Line 67:|
== Jeff's Stories ==
== Jeff's Stories ==
== Jason's Stories ==
== Jason's Stories ==
Revision as of 20:00, 2 August 2018
- 1 Paul's Security Weekly #570
- 2 Announcements
- 3 Interview: Joshua Abraham, Praetorian - 6:00PM-6:45PM
- 4 Technical Segment: Larry Pesce, Getting Started with FL2k- 6:45-7:45PM
- 5 Security News - 7:45PM-8:30PM
Paul's Security Weekly #570
Recorded August 2, 2018 at G-Unit Studios in Rhode Island!
- Endgame Webcast is being held on August 16, 2018 @3-4pm on Phishing Prevention. Go to securityweekly.com/endgame to register!
- Come to our Pool Cabana @ Black Hat and Def Con to pick up a free copy of "Cyber Hero Adventures". Here you will be able to get the comic book signed by Gary Berman.
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
Interview: Joshua Abraham, Praetorian - 6:00PM-6:45PM
Josh is a key member of the technical execution team. In this capacity, he is responsible for leading, directing, and executing client-facing engagements that include Praetorian’s tactical and strategic service offerings. Prior to joining Praetorian, Josh spent six years at Rapid7 where he helped build the company’s professional services division, defined the firm’s core methodologies, and trained new employees on the latest hacking techniques.
Over the years, Josh has become a well-known resource for his contributions to the information security space. An avid researcher and presenter, Josh has spoken at numerous conferences including BlackHat, Def Con, ShmooCon, Derby Con, BSides, The SANS Pentest Summit, Infosec World, SOURCE Barcelona, CSI, OWASP, LinuxWorld and Comdex.
Josh has a contributed to numerous open source security projects and is a respected security resource to the media and has been quoted by news outlets such as ComputerWorld, DarkReading, and SC Magazine. Josh holds a BS in Computer Science from Northeastern University.
Contributed a good deal to Metasploit in the past.
- Built the initial version of the Metasploit nexpose plugin.
Author of GISKismet!
Technical Segment: Larry Pesce, Getting Started with FL2k- 6:45-7:45PM
An introduction to FL2K: Software Define Radio is all the rage for detecting unknown signals and transmitters. We'll show you how to set up and use a surreptitious transmitter to start your journey.
Security News - 7:45PM-8:30PM
- Microsoft Edge Flaw Lets Hackers Steal Local Files
- Ransomware attack forces town's employees to go back to typewriters
- 200K MikroTik Routers Exploited to Serve Cryptocurrency Miner
- Facebook Removes 17 Profiles Involved in Political Meddling
- High-schoolers data put up for sale after being scraped from surveys
- Google Secretly Planning to Launch a Censored Search Engine in China
- Yale University discloses old school data breach | ZDNet - "Back in 2008-2009 very few companies were aware of such a cyber threat, nor were they taking the necessary precautions," Huh?
- 5 Steps to Fight Unauthorized Cryptomining - Two of the five are worth discussing: Avoid unauthenticated platforms and application programming interfaces (APIs) and Keep your cloud credentials out of the public side of GitHub. I think we are throwing around the term "API security" without knowing what it really means. Phrasing!
- The Making of the Top 100 Researcher List
- Drink this potion, Linux kernel, and tomorrow you'll wake up with a WireGuard VPN driver
- Facebook's security boss to leave firm
- Reddit Discloses Data Breach Due to Intercept of SMS 2FA - "Already having our primary access points for code and infrastructure behind strong authentication requiring two factor authentication (2FA), we learned that SMS-based authentication is not nearly as secure as we would hope, and the main attack was via SMS intercept,"
- Multifactor Acquisition: Cisco Plans to Buy Duo for $2.35B
- ThreatList: Spam's Revival is Tied to Adobe Flashs Demise - “The demise of Adobe Flash as one of the most popular plugins on websites has shifted criminals away from exploit kits, which enabled the attack vector known as drive-by downloads,” researchers wrote. They believe that the discontinuation of Flash support might eventually lkill off exploit kits as a viable business model for attackers altogether. “We’ve reduced criminals to spam, one of the least-effective methods of infection,” said Sean Sullivan, an F-Secure security adviser.
- The Secret to Securing Smart Buildings | SecurityWeek.Com
Funny Story Of The Week: Clean Boobies
- SDR based cryptocurrency - Interesting concept, and I can see how this can be used for the future, all Sci-Fi like
- Virtualbox 3D acceleration sucks
- HP starts bug bounty program for printers - I could not find it though...
- 20yo steals 5 million in bitcoin from 40 people bu hacking mobile devices
- Reddit hack......bypassing SMS 2FA