Episode606

From Paul's Security Weekly
Revision as of 14:24, 30 May 2019 by Haxorthematrix (talk | contribs) (Larry's Stories)
Jump to: navigation, search

Recorded May 30, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor


  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Interview: Lisa Forte, Red Goat Cyber Security - 6:00-6:30PM

    Lisa Forte is an expert in the human side of cyber security and social engineering. In 2018 she won the “Top 100 Women In Tech” Awards recognising her achievements and contributions to the cyber security industry. Lisa Forte delivers dynamic and engaging presentations based on her expert personal experiences of dealing with cybercrime cases and the research she has done into how cyber criminals use psychological principles in their activities. An experienced cyber security trainer, Lisa knows how to effectively communicate her message to all types of audience in a lively, informative and engaging manner.

    Lisa began her career in counter-terrorism intelligence for a UK Government agency before moving into one of the UK Police Cyber-Crime Units dealing with serious cybercrime cases both in the UK and abroad. Through these experiences she has gained a unique insight into darker side of human nature and has led to her becoming one of the leading experts on cybercrime cases involving social engineering and psychological manipulation.

    Lisa founded Red Goat Cyber Security in 2017 to teach companies about the methodologies used by cyber criminals. Her areas of expertise include social engineering, the psychology of persuasion, insider threats and rehearsing for a cyber attack. She has conducted groundbreaking research into the psychology behind insider threats and created the first ever GCHQ certified social engineering course. Lisa’s has appeared on national and international radio and is a frequent contributor to BBC news and similar news publications. Lisa has also been recognised for her pro-bono work with charities and the UK National Health Service. She also works closely with the Women’s Tech Hub helping to increase diversity in the tech sector.


    Tech Segment: Eric Butash & Mike Klein, Highlander Institute - 6:30 - 7:30PM

    Eric Butash
    is the Director of Digital Platforms at Highlander Institute.
    Eric Butash is Director of Digital Platforms for InnovateEdu out of NYC. Eric oversees national K-12 data interoperability initiatives such as ProjectUnicorn and DataViz. He just moved to InnovateEdu from the Highlander Institute where he was the Director of Operation. The Institute is an innovation "hub" for redesigning K12 classrooms in to be more personalized. Prior to that, Eric has spent 15 years in various technology leadership roles across K-12. He currently serves as the Sr. Advisor to the K12 National Advisory Council on Cybersecurity Executive Board, CommonSense Media National Ambassador, and 2017 Recipient of ISTE's Making IT Happen Award.







    Mike Klein
    is the Professional Learning Coordinator at Highlander Institute.
    As Professional Learning Coordinator at Highlander Institute, Michael Klein leads coaching and capacity building for a team of 12 educational consultants in addition to directly supporting teachers, school leaders and district leaders with change management in urban, suburban and rural districts across the country. Michael also serves on the Board of Directors for the Edcamp Foundation. Michael was a founding teacher at High Tech High’s newest middle school in Chula Vista, California and worked as an elementary school teacher in Brooklyn and Harlem. In addition to teaching, Michael worked as research assistant to Tony Wagner on his book Creating Innovators: The Making of Young People Who Will Change the World, and has experience as part of two fast-growing education technology companies. Michael earned his undergraduate degree in History at Vassar College and his Master’s in Education at Bank Street College.



    Security News - 7:30PM-8:30PM

    Paul's Stories

    1. Redditor can stay anonymous, court rules
    2. The industrys best-kept secret: why mobile ad fraud prevention is just too good to be true
    3. Spies with that? Police can snoop on McDonald's and Westfield wifi customers
    4. 8 Ways to Authenticate Without Passwords
    5. Flipboard Resets User Passwords in Response to Data Breach | SecurityWeek.Com
    6. Eternally Blue: Baltimore City leaders blame NSA for ransomware attack
    7. Docker Vulnerability Gives Arbitrary File Access to Host | SecurityWeek.Com
    8. Trends in Cybersecurity to Watch
    9. Majority of CISOs plan to ask for an increase in cybersecurity investment - Help Net Security
    10. Hackers actively exploit WordPress plugin flaw to send visitors to bad sites
    11. Virus-packed laptop sells as artwork for over RM5.5mil
    12. Technology is Not Our Problem | SecurityWeek.Com
    13. What a teen grade hackers confession can teach us
    14. The cryptominer that kept coming back
    15. InfoSec Handlers Diary Blog - Analyzing First Stage Shellcode
    16. Malware Found on PoS Systems at Checkers and Rally's Restaurants | SecurityWeek.Com
    17. High-Risk Flaws Found in Process Control Systems From B&R Automation | SecurityWeek.Com
    18. macOS Gatekeeper Bypass Exploits Trust on Network Shares | SecurityWeek.Com
    19. InfoSec Handlers Diary Blog - nmap Service Fingerprint
    20. Killer SecOps Skills: Soft Is the New Hard
    21. Old Threats Are New Again

    Larry's Stories

    1. Researchers have discovered one million devices that are vulnerable to a “wormable” Microsoft flaw, which could open the door to a WannaCry-like cyberattack
    2. Researcher Filippo Cavallarin disclosed a bug in the macOS security feature Gatekeeper that allows malicious code execution on systems running the most recent version of Mojave (10.14.0)
    3. Up to 50,000 servers were infected over the past four months as part of a high-profile cryptojacking campaign, believed to orchestrated by Chinese-language adversaries

    Lee's Stories