Episode604

From Security Weekly Wiki
Jump to navigationJump to search

Recorded May 16, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor


  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Interview: Julian Zottl, Raytheon - 6:00-6:30PM

    Julian Zottlis the Cyber and Information Operations SME at Raytheon

    Julian Zottl is a Cyber and Information Operations Subject Matter Expert (SME) for Raytheon Intelligence, Information and Services (IIS) business. IIS is a leader in intelligence, surveillance reconnaissance; advanced cyber solutions; weather and environmental solutions and information-based solutions for homeland security. It also provides training, logistics, engineering, product support, and operational support services and solutions for the mission support, homeland security, space, civil aviation, counter-proliferation and counterterrorism markets.


    Tech Segment: How To Fix Identity & Access Management, Federico Simonetti - 6:30 - 7:30PM

    - Former ethical hacker (DDT)
    - Former professor of operating systems security at the University of Milan
    - Developed software for the Italian anti-terrorism and anti-pedophile police
    - Serial entrepreneur with several successful exits in his past
    - Hardcore software designer, with award-winning software titles on his resume

    Topic: How to fix Identity and Access Management
    All IAM solutions are logically flawed from a security standpoint, they either ask for a synchronized copy of the identity database or for open inbound ports on the firewall. But there is a design that fixes all those issues, making IAM much safer.


    Security News - 7:30PM-8:30PM

    Paul's Stories

    1. Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities - Help Net Security
    2. Passwords Are Dead, Long Live The Password
    3. A flaw in Google Titan Security Keys expose users to Bluetooth Attacks
    4. Severe Linux kernel flaw found in RDS
    5. Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability | US-CERT
    6. More Attacks against Computer Automatic Update Systems - Schneier on Security
    7. Google 0Day In the Wild project tracks zero-days exploited in the Wild

    Lee's Stories

    1. Singapore passes anti-fake-news law Requires debate to be based on a foundation of truth, honor and honesty. The definitions of falsehood and public interest in the bill remain concerns. This is one to watch.