From Security Weekly Wiki
Revision as of 20:12, 13 September 2018 by Jeff (talk | contribs)
Jump to navigationJump to search

Paul's Security Weekly #575

Recorded September 13, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Jeff Man
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Announcements

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • DerbyCon is holding its first-ever Mental Health & Wellness Workshop - to help support their efforts, please go to DerbyCon.com/wellness
    • Join us for our Webcast with LogRhythm about "Tips & Tricks for Defending the Enterprise Using Open Source Tools". The webcast will be held September 27 @3:00PM EST!

    Interview: Brian Coulson, LogRhythm - 6:00-6:45PM

    Brian Coulson
    is the Threat Research Sr Engineer at LogRhythm.

    Brian Coulson is a Senior Security Research Engineer in the Threat Research Group of LogRhythm Labs in Boulder, CO. His primary focus is the Threat Detection Modules such as UEBA, and NTBA. He also focuses on emerging threat trends and determining what can be derived from the attacks that can be used for hardening guidance, and detections for analysts and incident responders.

    Previously, he worked as a Lead Information Security Engineer at the largest commercial imaging satellite company in the United States where he was focused on incident response.

    Tech Segment: Eyal Neemany, Bypassing PAM - 6:50PM-7:25PM

    Eyal Neemany
    Sr. Cyber Security Researcher at Javelin-Networks

    Former Head of Israeli Air Force CERT & Forensics Team, Senior Security Researcher at Javelin Networks.

    Security News - 7:30-8:00PM

    Paul's Stories

    1. Microsoft accidentally let encrypted Windows 10 out into the world
    2. Kernel exploit discovered in macOS Webroot SecureAnywhere antivirus software | ZDNet
    3. US carriers introduce Project Verify to replace individual app passwords
    4. Is hiring a hacker ever a good idea? | ZDNet
    5. Neil deGrasse Tyson on Elon Musk: Let the Man Get High
    6. Postmortem: Multiple Failures Behind the Equifax Breach
    7. Whisky business: Uni of Edinburgh servers Irn-Scru'd by cyber-attack
    8. PowerShell Obfuscation Ups the Ante on Antivirus
    9. Google Outlines Incident Response Process for Cloud Customers
    10. Identity and Access Management Market to grow at 10%+ CAGR from 2018 to 2024
    11. Veeam leaves MongoDB database wide open, exposes 445m records
    12. Bomgar Buys BeyondTrust
    13. eSentire Launches Integrated MDR and SIEM Platform for Full Threat Visibility and Rapid Response
    14. two-open-source-alternatives-flash-player
    15. U.S. to Charge North Korean Spy Over WannaCry and Sony Pictures Hack

    Patrick's Stories

    Jeff's Stories

    1. British Airways Breach Caused by Credit Card Skimming Malware
    2. It took hackers just 22 lines of code to steal British Airways’ customer data
    3. The most popular "privacy" tool in Apple's Mac App Store was stealing users' browsing history and sending it to China
    4. Feedify Breach - not yet officially reported

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+

    1. Feedify Becomes Latest Victiom of the Magecart Malware Campaign
    2. Banking Trojans and Shady Apps Galore In Google Play