Difference between revisions of "Episode589"

From Security Weekly Wiki
Jump to navigationJump to search
Line 46: Line 46:
 
== Lee Neely's Stories ==
 
== Lee Neely's Stories ==
 
#[https://www.itpro.co.uk/security/32662/adobe-releases-emergency-fixesacrobat-reader/ Adobe releases emergency fixes for Acrobat Reader] Bugs let an attacker execute arbitrary code and allowed privilege escalation via six iterations of the software
 
#[https://www.itpro.co.uk/security/32662/adobe-releases-emergency-fixesacrobat-reader/ Adobe releases emergency fixes for Acrobat Reader] Bugs let an attacker execute arbitrary code and allowed privilege escalation via six iterations of the software
 
+
#[https://www.fifthdomain.com/newsletters/2019/01/04/china-is-hacking-americas-secrets-can-legislation-stop-it/ China is hacking America's Secrets. Can Legislation stop it?] This is about proposed legislation to create an office to track these activities.
 +
#[https://thehill.com/policy/cybersecurity/424166-national-security-center-launches-program-to-help-us-firms-guard-against/ NCSC launches program to help US firms guard against foreign hackers ] This is an information sharing project under ODNI to provide information othewise not available to businesses about the threats and mitigations.
 
<br><br>
 
<br><br>

Revision as of 20:13, 8 January 2019

Recorded January 10, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Jason Wood
    Threat hunter at CrowdStrike, penetration tester, sysadmin, and Founder of Paladin Security.


  • Announcements

    • RSA Conference 2019 is the place to be for the latest in cybersecurity data, innovation and thought leadership. From March 4 – 8, San Francisco will come alive with cybersecurity’s brightest minds as they gather together to discuss the industry’s newest developments. Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.


    Interview: Bryson Bort, Scythe - 6:00-6:30PM

    Bryson Bortis the Founder/CEO of GRIMM

    Bryson Bort is the Founder and CEO of GRIMM. Prior to GRIMM, Bryson led an elite research & development (R&D) division that directly contributed towards National Security priorities and interest. At the former, he served as the Deputy CTO for the company where he developed the corporate R&D program cybersecurity strategy, and was previously the Program Director of a business unit focused on supporting technology research and global infrastructure for DoD and the Intelligence Community.
    As a U.S. Army Officer, Bryson led a tactical communications platoon in support of Operation Bright Star in September 2001. He served as a Battle Captain and as a Brigade Engineering Officer in support of Operation Enduring Freedom before leaving the Army at the rank of Captain.


    Tech Segment: - 6:30 - 7:30PM



    Security News - 7:30PM-8:30PM

    Paul's Stories

    1. Why Hyatt Is Launching a Public Bug Bounty Program - They had a small private bounty program, but now its public. Also this: The Hyatt bug bounty program prohibits the use of social engineering tactics for the program. Social engineering could include the use of phishing emails to trick a user to click on something malicious as well as fraudulent voice phone calls. Additionally, the program does not include point-of-sale (PoS) terminals at the hotel. PoS attacks at hotel chains have led to data breaches at multiple hotels in the past, including a 2015 incident in hotels operated by Hyatt.
    2. Consumers Demand Security from Smart Device Makers - I just don't believe it: When asked what factors play into their shopping decisions, security came on top at 21%, followed by value for money (20%), ease of use (11%), trusted brand (9%), and ease of setup (7%). Ninety percent of consumers think any piece of smart tech can be hacked, according to the survey. Galen's post is here: https://azure.microsoft.com/en-us/blog/new-smart-device-security-research-consumers-call-on-manufacturers-to-do-more/
    3. Reddit Alerts Users to Possible Account Breaches - Some security experts noted that the reported activity fit the profile of a specific attack. In an emailed statement to Dark Reading, Jarrod Overson, director of engineering at Shape Security, wrote, "Whenever there is a massive account takeover wave unrelated to a system compromise, it is very likely it is due to a credential stuffing attack." He explained that credential stuffing involves using automated tools to use usernames and passwords stolen from one site to try to gain access to another.
    4. Heathrow flights disrupted by yet another drone
    5. Enterprise iPhones will soon be able to use security dongles - iPhone users will hate this, enterprises don't want to manage mobile devices and when they do it fails often, yet here we are: What’s really important here isn’t just the news that enterprises can now look to deploy hardware-based security around their mobile systems, but also that this development reflects how important Apple’s products are becoming to the enterprise. While no one really likes using dongles, they do enhance Apple’s already industry-leading reputation for security, making it possible to deploy these devices in even more mission-critical situations.
    6. The Promise and Peril or 5G - Don't believe we will see security issues at scale until the cost comes down, much like WiFi: The immense buzz around 5G makes sense given what it promises: It aims to deliver 10 to 100 times faster throughput than existing 4G networks, allowing tens of thousands of simultaneous users to receive at least 1Gbps, which is as fast as the top tier of a cable connection at home. But 5G isn’t just a bigger, better version of LTE—its view is broader than that.
    7. Cutting Through the Jargon of AI & ML: 5 Key Issues
    8. Web Vulnerabilities Up, IoT Flaws Down - Ugh, now Dark Reading tells me I've hit my limit of articles, too bad as this was likely a sponsored post, all we have to go on is that a web security vendor says there are more web vulnerabilities than IoT: The number of flaws found in WordPress and its associated plugins have tripled since 2017, while Internet of Things vulnerabilities dropped significantly, according to data collected by Imperva.
    9. Ironic turn Kaspersky Labs helped NSA to catch alleged data thief
    10. Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security
    11. New Systemd Privilege Escalation Flaws Affect Most Linux Distributions - I miss init: The first two flaws are memory corruptions issues, while the third one is an out-of-bounds read issue in systemd-journald that can leak sensitive process memory data. Researchers have successfully created proof-of-concept exploits, which they are planning to release in the near future. "We developed an exploit for CVE-2018-16865 and CVE-2018-16866 that obtains a local root shell in 10 minutes on i386 and 70 minutes on amd64, on average," the researchers write in an advisory published Wednesday.
    12. Who cracked El Chapo's encrypted chats and brought down the Mexican drug kingpin? Er, his IT manager - Whew, this dude has some cojones, or did the feds have something on him? I have no proof, just love of conspiracy theories: Prosecutors told the court earlier in the trial that a key witness – which turns out to be Rodriguez – had suffered a "nervous breakdown" in 2013 because of "stress" of working for El Chapo – although the stress was more likely due to the fact that he was working undercover for the Feds while in charge of the comms network of an extremely violent criminal enterprise. Eventually, Rodriguez left the cartel – it's not clear under what circumstances or if the Feds helped. But by then Guzman and Cifuentes had grown suspicious that their IT guy may have flipped and various enforcers turned up looking for Rodriguez – something that didn't exactly improve his sense of personal safety. Rodriguez is still expected to appear as a witness at some point in the trial: The sysadmin who took down a drug lord.
    13. Security Matters When It Comes to Mergers & Acquisitions

    Larry's Stories

    Lee Neely's Stories

    1. Adobe releases emergency fixes for Acrobat Reader Bugs let an attacker execute arbitrary code and allowed privilege escalation via six iterations of the software
    2. China is hacking America's Secrets. Can Legislation stop it? This is about proposed legislation to create an office to track these activities.
    3. NCSC launches program to help US firms guard against foreign hackers This is an information sharing project under ODNI to provide information othewise not available to businesses about the threats and mitigations.