Difference between revisions of "Episode601"

From Security Weekly Wiki
Jump to navigationJump to search
Line 37: Line 37:
 
<!-- <center>{{#ev:youtube|iPHM80z9D9k}}</center>-->
 
<!-- <center>{{#ev:youtube|iPHM80z9D9k}}</center>-->
  
 +
[https://spectrum.ieee.org/aerospace/aviation/how-the-boeing-737-max-disaster-looks-to-a-software-developer I'll likely not be on the air this week (will be overseas in Canada!) but I think this story should be picked up in case you haven't seen it already - Jeff]
 
== Paul's Stories ==
 
== Paul's Stories ==
 
{{Template:PSWPaul601}}
 
{{Template:PSWPaul601}}

Revision as of 13:34, 22 April 2019

Recorded April 25, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor


  • Announcements

    • OSHEAN is hosting RI Cybersecurity Exchange Day on March 13th at the O'Hare Academic Building at Salve Regina in Newport, RI! Register Now @ OSHEAN.org/events.

    • We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who's evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.

    Interview: Haroon Meer, Thinkst - 6:00-6:30PM


    Tech Segment: Cloudneeti- 6:30 - 7:30PM



    Security News - 7:30PM-8:30PM

    I'll likely not be on the air this week (will be overseas in Canada!) but I think this story should be picked up in case you haven't seen it already - Jeff

    Paul's Stories

    1. Chrome 74 Patches 39 Vulnerabilities
    2. Serious Vulnerabilities Found in Fujifilm X-Ray Devices - I can't believe we are still talking about TELNET: a critical flaw related to the lack of authentication mechanisms for Telnet services (CVE-2019-10950). The second bug can be exploited to access the underlying operating system and possibly gain complete control of a vulnerable device. Not only that but lack of authentication!!!
    3. DNSpionage Hackers Use New Malware in Recent Attacks
    4. IoT Security- it's complicated
    5. Facebook Could Be Fined Up To $5 Billion Over Privacy Violations - To be clear the amount of fine is not what the FTC has announced or hinted yet; instead, it's an estimated due that Facebook disclosed on Wednesday in its first quarter 2019 financial earnings report.
    6. Hacker could locate thousands of cars and kill their engines... - Lorenzo Franceschi-Bicchierai, a hacker claims he managed to break into accounts belonging to users of GPS tracker apps, allowing him to monitor the locations of tens of thousands of vehicles, and even granting the ability to turn off the engine of some of them as they were moving.
    7. Ramblings of a Recovering Academic on the So-Called Lack of Security Talent - +1000 on this article, LOVE it: In reality, the false impression that available jobs are unattractive may be a symptom of miscommunication between candidates and employers, and misunderstandings about an academic researcher's skills and interests, which run deep in the industry. In turn, the inability to source candidates from academia may be leading to a perceived lack of senior technical talent in the field.
    8. 'Highly Critical' Unpatched Zero-Day Flaw Discovered In Oracle WebLogic - Oracle WebLogic application reportedly contains a critical deserialization remote code execution vulnerability that affects all versions of the software, which can be triggered if the "wls9_async_response.war" and "wls-wsat.war" components are enabled. The vulnerability, spotted by the researchers from KnownSec 404, allows attackers to remotely execute arbitrary commands on the affected servers just by sending a specially crafted HTTP request—without requiring any authorization.
    9. Those bootleg streaming devices have malware preinstalled - One app for pirated movies and live sports, called Mobdro, immediately forwarded his Wi-Fi network name and password to servers in Indonesia, he said. Other apps would collect data on the user, including photos and videos on the network, and upload them to the server. In one case, an app collected more than a terabyte of data after getting connected to Wolfe's network. These apps offered streams on movies that were still in theaters during the study time, like Aquaman and Green Book, as well as access to pay-per-views like UFC fights. One app, called "Free Netflix," used a network of stolen Netflix accounts that would constantly rotate so that hacked users would not become suspicious, Wolfe said.
    10. ISC Releases BIND Security Updates
    11. How a Nigerian ISP Accidentally Hijacked the Internet - BGP For The WI-er, Loss: China Telecom, one of MainOne's BGP peers, accepted the route advertisement and relayed it to its neighbors. Transtelecom, based in Russia, accepted this advertisement and relayed it to its peers. At this point, the advertisement had made it far enough into the Internet that many ASs began accepting it. For around 74 minutes, most traffic destined for Google and Cloudflare services from around the world was routed through Russia, into China, and on to MainOne in Nigeria.
    12. Password1, Password2, Password3 no more: Microsoft drops password expiration rec - FINALLY! the latest draft for the baseline configuration for Windows 10 version 1903 and Windows Server version 1903 drops this tedious requirement. The rationale for the previous policy is that it limits the impact a stolen password can have—a stolen password will automatically become invalid after, at most, 60 days. In reality, however, password expiration tends to make systems less safe, not more, because computer users don't like picking or remembering new passwords. Instead, they'll do something like pick a simple password and then increment a number on the end of the password, making it easy to "generate" a new password whenever they're forced to.
    13. Crooks abuse GitHub platform to host phishing kits - Since at least mid-2017, phishers have also been abusing free code repositories on the popular GitHub service to host phishing websites on the canonical $github_username.github.io domain.” reads the post published by Proofpoint. “threat actors establish a canonical code repository site within the github.io canonical domain that resembles the brand they are abusing.
    14. Supply Chain Hackers Snuck Malware Into Videogames

    Lee's Stories

    1. Hackers are stealing millions in Bitcoin Thieves use SIM swapping to get access to email and other data that allows access to cryptocurrency wallets, laundering millions.