Episode608

From Paul's Security Weekly
Revision as of 15:57, 11 June 2019 by Wheat Loaf (talk | contribs) (Tech Segment: - 6:30 - 7:30PM)
Jump to: navigation, search

Recorded June 13, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor


  • Announcements

    • We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who's evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.

    Interview: Peter Smith, Edgewise - 6:00-6:30PM

    Peter Smithis the Founder & CEO of Edgewise
    Peter Smith, Edgewise Founder and CEO, is a serial entrepreneur who built and deployed Harvard University’s first NAC system before it became a security category. Peter brings a security practitioner’s perspective to Edgewise with more than ten years of expertise as an infrastructure and security architect of data centers and customer-hosting environments for Harvard University, Endeca Technologies (Oracle), American Express, Fidelity UK, Bank of America, and Nike. Most recently, Peter was on the founding team at Infinio Systems where he led product and technology strategy.


    Tech Segment: Corey Thuen, Gravwell - 6:30 - 7:30PM

    Corey Thuen
    is the Co-Founder at Gravwell.
    Corey Thuen co-founded Gravwell to enable log management of every data type an organization might need for success -- analyzing binary packets alongside syslog with a dash of business KPIs enables analytics that improve the entire organization, not just reduce security risk. Prior to founding Gravwell, Corey conducted security assessments on anything from power equipment to vehicle computers to over-engineered juicers while working for companies such as IOActive, Digital Bond, and Southfork Security. Before that Corey did cybersecurity work for the US Department of Energy at Idaho National Laboratory and the FBI.



    Security News - 7:30PM-8:30PM

    Paul's Stories

    1. VMware addressed flaws in its Workstation and Tools
    2. Streaming Video Fans Open to TV Hijacking
    3. When Security Goes Off the Rails - Perhaps most interesting are the training findings: "Amtrak did not provide sufficient training on all characteristics of the Charger locomotive," and "Engineers could better master the characteristics of a new locomotive with the use of simulators." How many of us have gotten "sufficient training" on "all characteristics" of the software we use to get our jobs done? What would that even mean for a systems administrator? How long is sufficient RedHat system administration training? What does it mean to get sufficient training on an Amazon Web Services component, which is subject to change at any time? How many of us have ever used a simulator or range?
    4. Experts Call For IoT Security Regulation
    5. YouTube bans kids live-streaming without an adult present
    6. 0patch experts released unofficial Patch Available for Recent Windows 10 Task Scheduler Zero-Day
    7. 440 Million Android Users Plagued By Extremely Obnoxious Pop-Ups - Attackers are getting more sneaky and patient: For instance, it takes a little sleep before swinging into action. “These ads do not immediately bombard the user once the offending application is installed, but become visible at least 24 hours after the application is launched,” the researchers said. “For example, obtrusive ads did not present themselves until two weeks after the application ‘Smart Scan’ had been launched on a Lookout test device.”
    8. PLATINUM APT Found Using Text-based Steganography to Hide Backdoor - The Steganographic Nature of Whitespace or SNOW for short, is a steganographic covert messaging technique that involves “…concealing messages in ASCII text by appending whitespace to the end of [sentence] lines” (Kwan, 2013). The technique exploits the fact that most text viewer applications do not show spaces and tabs which hide encrypted messages that are unreadable even if detected without the correct decryption key.
    9. Exclusive: Cisco SVP Jeff Reed Talks Firewall of the Future - SDx
    10. Apple's Find My feature requires two devices, boasts extreme security safeguards
    11. It's Time To Pay Attention To Zorin OS 15, The Best Desktop Linux Distro You've Never Heard Of
    12. Switching to Windows? These Are the Best Mac Alternatives
    13. How to Bypass UAC & Escalate Privileges on Windows Using Metasploit

    Larry's Stories

    Lee's Stories

    1. Firm Tech Data Leaks 264gb of data Security settings are now fixed, another store of unsecured data in the cloud. Studies are emerging showing cloud data leak root causes are customer configuration.
    2. GoldBrute botnet targets RDP GoldBrute Botnet brute-forces exposed RDP services. 1.5M nodes compromised, not necessarily using Bluekeep. This underscores risks of exposed RDP services.
    3. Mystery signal was shutting down keyless fobs in an Ohio Neighborhood Home-brew security device was transmitting on 315Mhz, covered by FCC Part 15 rules, disrupting keyless entry devices.
    4. HSM Vulnerabilities disclosed, allows remote exploit Researchers publish paper on exploiting weakness in unnamed HSM vendor's product to allow remote takeover of HSM. Unnamed vendor has released a patch.
    5. Gaming site Emuparadise breach of 1.1M accounts Emuparadise used to host gaming ROMs for emulators. Suffered breach in April 2018, database of accounts was distributed June 9th.