From Paul's Security Weekly
Jump to: navigation, search

Paul's Security Weekly #578

Recorded October 10, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Jason Wood
    Threat hunter at CrowdStrike, penetration tester, sysadmin, and Founder of Paladin Security.
  • Jeff Man
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist & certified security curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Announcements

    Interview: Lee Neely, Lawrence Livermore National Lab - 6:00-6:30PM

    Lee Neely
    is the Senior Cyber Analyst at LLNL.
    Lee Neely is a senior IT and security professional at LLNL with over 25 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He currently leads LLNL’s Entrust team and is the CSP lead for new technology adoption specializing in mobility. He teaches cyber security courses, and holds several security certifications including GMOB, GPEN, GWAPT, GAWN, CISSP, CISA, CISM and CRISC. He is also the Past President of the ISC2 Eastbay Chapter, Member of the SANS NewsBites Editorial Board and SANS Analyst.

    Tech Segment: Omer Yair, Javelin - 6:30PM-7:00PM

    Omer Yair
    is lead of the End-Point team at Javelin Networks.
    Omer is the End-Point team lead at Javelin Networks. The team focuses on methods to covertly manipulate OS internals. Before Javelin Networks, he was a malware researcher at IBM Trusteer for two years focusing on financial malware families and lectured about his research on Virus Bulletin and Zero Nights conferences. In the past he has worked at Algotec for six years developing medical imaging software and at IDF's technology unit for three years as dev team lead. In his free time he revives historical photographic processes.

    Security News - 7:30 - 8:30PM

    Paul's Stories

    1. Security warning: Attackers are using these five hacking tools to target you | ZDNet
    2. Kanye's '000000' Password Makes iPhone Security Great Again
    3. Deep Dives: New Security Flaws in Apple and Microsoft products at Black Hat Europe
    4. World's largest CCTV maker leaves at least 9 million cameras open to public viewing
    5. Google+ users, upset over data leak, sue Google
    6. Not All Multifactor Authentication Is Created Equal
    7. Derbycon 2018 Videos (Hacking Illustrated Series InfoSec Tutorial Videos)
    8. List of Operating Systems for OSINT (Open-Source Intelligence) - PenTestIT
    9. SD-WAN Harvester 0.99 Packet Storm
    10. Another Bloomberg Story about Supply-Chain Hardware Attacks from China - Schneier on Security
    11. Hackers breach web hosting provider for the second time in the past year | ZDNet
    12. US weapons systems can be 'easily hacked'
    13. Now, watch this... Network time protocol bugs sting Juniper operating system

    Larry's Stories

    1. Dutch cyberattacks from the Russians
    2. Most Feds could steal Govt data. No shit. In other news insider threats are a thing
    3. Bloomberg’s china implants…fake news
    4. Bloomberg is back at it again, but this time with more credibility with China with implants at telecom
    5. More confirmation on the Supermicro ethernet port implants
    6. Windows Server 2019 to feature Kubernetes

    Joff's Stories

    Jason's Stories

    1. Stealthy Fake Adobe Flash Updates Tout Malicious Crypto Miners
    2. Arrest of top Chinese intelligence officer sparks fears of new Chinese hacking efforts
    3. Five years later, Italian police identify hacker behind 2013 NASA hacks

    Jeff's Stories