Episode613

From Security Weekly Wiki
Jump to navigationJump to search

Recorded July 25, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Jeff Man
    Cryptanalyst
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.


  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Interview: Troels Oerting, WEforum - 6:00-6:30PM

     
    Troels Oertingis the Chairman of the C4C Board at WEforum

    Troels Oerting is the Head of the Global Centre for Cybersecurity established by World Economic Forum in 2018. He has been working in cyber/security ‘first line’ for the last 38 years and has held a number of significant posts both nationally and internationally, and has an extensive network covering both public and private institutions.

    Before joining World Economic Forum Troels Oerting worked as Group Chief Information Security Officer (CISO) and Group Chief Security Officer (CSO) with end to end responsibility of all security in Barclays Group, responsible for more than 3000 security experts World Wide protecting the banks 50 million customers and 140.000 employees.

    Previously Troels also held the position as Director of the European Cybercrime Centre (EC3), an EU wide centre located in EUROPOL with the task to assist Law Enforcement Agencies in protecting 500 million citizens in the 28 EU Member States from cybercrime or loss of privacy. As an expert in cyber security Troels has constantly been looking for new legislative, technical or cooperation opportunities to efficiently protect privacy and security for users of the Internet. He has been pioneering new methodologies to prevent crime in Cyberspace and protect innocent users from losing their digital identity, assets or privacy online. As Director of EC3 he also initiated the establishment of the International ‘Joint Cybercrime Action Task Force’ (J-CAT) including global leading law enforcement agencies, prosecutors and Interpol’s Global Centre of Innovation and the J-CAT has since been recognized as the leading international response to the increasing threat from Organized Cyber Criminal networks. He has been Cyber adviser for the EU Commission and Parliament and been a permanent delegate in many governance organisations i.e. INTERPOL, ICANN, ITU and The Council of Europe and used by several governments and organisations as adviser in cyber related questions. He also established a vast global Outreach program including law enforcement, NGO’s, key tech companies and industry who together with Academic Research Institutes established a multifaceted global coalition against cyber criminal syndicates and networks, with the aim to enhance online security without harming privacy and to invent new ways of protecting users of the Internet.

    Before joining Europol as Director for the European Cybercrime Centre (EC3) Troels Oerting held the position as Assistant Director for Europol Organized Crime department as well as the Counter Terrorist Department and he also held positions as Director of Operation in the Danish Security Intelligence Service and Director for the Danish Serious Organised Crime Agency (SOCA).

    Troels is also an extern lecturer in cybercrime at a number of Universities and Business Schools and has been Internationally awarded several times by global law enforcement agencies for his international leadership in fighting cyber- and organised crime. He is author of a political thriller published in Danish: Operation Gamma.

    Segment Description:
    Security, Privacy, Integrity through Prevention, Protection and Prosecution via

    People, Tech and Processes.


    Security News - 6:30PM-7:30PM

    Paul's Stories

    1. How to improve the hiring and retaining of infosec professionals? - Help Net Security
    2. Every minute, $2.9 million is lost to cybercrime - Help Net Security
    3. Answer These 9 Questions to Determine if Your Data Is Safe
    4. Fact vs Fiction: The Truth About Breach and Attack Simulation Tools | SecurityWeek.Com
    5. Crypto-Mining Botnet Implements BlueKeep Scanner | SecurityWeek.Com
    6. If youre struggling with Windows 10 migration, updates will be an even bigger challenge - Help Net Security
    7. Average data breach cost has risen to $3.92 million - Help Net Security
    8. InfoSec Handlers Diary Blog - May People Be Considered as IOC?
    9. How GDPR is Forcing the Tech Industry to Rethink Identity Management & Authentication
    10. When it comes to the IoT, Wi-Fi has the best security
    11. How IoT Opens the Door for Insider Attacks Against Industrial Infrastructure | SecurityWeek.Com
    12. Picture Perfect: How JPG EXIF Data Hides Malware - OpenDNS Umbrella Blog
    13. Mirai-Like Botnet Wages Massive Application-Layer DDoS Attack
    14. U.S. Warns of 5G Wireless Network Security Risks | SecurityWeek.Com
    15. PKWARE contributing to the development of PCI Security Standards - Help Net Security
    16. Kazakhstan Begins Intercepting HTTPS Internet Traffic Of All Citizens Forcefully
    17. Security or compliance? Stop choosing between them - Help Net Security
    18. Science Fiction Writers Helping Imagine Future Threats - Schneier on Security
    19. Rapper Who is Very Concerned with Password Security
    20. Security Considerations in a BYOD Culture
    21. Programmer from hell plants logic bombs to guarantee future work
    22. US Attorney General Says Encryption Creates Security Risk | SecurityWeek.Com

    Larry's Stories

    1. APT17 aka DeputyDog has been revealed as an operation of Chinese Ministry of State Security
    2. The list of laboratories and other healthcare clients affected by the data breach at American Medical Collection Agency continues to grow - as does the number of patients whose data may have been exposed
    3. And the Huawei plot thickens… - Huawei secretly helped North Korea build and maintain its 3G mobile network, potentially breaking US sanctions in the process, a new report has sensationally claimed. A former employee leaked sensitive internal documents to The Washington Post, allegedly revealing a number of projects related to building out 3G in the hermit state. The documents are said to refer to North Korea, and countries like Iran and Syria, by code.

    Lee's Stories

    1. Phishing Scheme Targets Amex Cardholders Bougus account update Email used. Malicious URL split in two to avoid filters.
    2. Analysis of Elusive MegaCortex Ransomware Attacks Domain Cotroller, installs Cobalt Strike, leverages PsExec to deliver ransomware as winnit.exe.
    3. Kazakhstan Government Requires Root Certificate install The Kazakhstan government is requiring all citizens to install their root certificates on system as a protection mechanism, it also allows interception of HTTPS traffic as their certificate will be trusted.
    4. Apple Releases multiple updates watchOS 5.3, macOS 10.14.6, Safari 12.1.2, tvOS 12.4, iOS 12.4 (and 10.3.4, 9.3.6 for older devices), iCloud and iTunes also updated.
    5. Scientists Find Key to Sending Data Trhough Music: Van Halen Audio Stenography works best with rock music. Encode message (e.g. URL) so human ear cannot decode, but any device with app can.
    6. 7.5TB Breach Reveals Secret Russian IT Projects Twitter account @0v1ruS seems to be tied to @D1G1R3V (DigitalRevolution) who is motivated by information freedom in Russia.
    7. Equifax, Regulators Close to signing $700M Settlement $700M to settle data breach lawsuits. Options include 6 more years credit monitoring, reimbursement up to $20K, and extended monitoring for affected minors.
    8. Silk Road Drug Dealer caught when converting bitcoin to cash Poor operational security choices exposed the blockchain to DHS who traced the Bitcoin origins to Silk Road rather than claimed successful Bitcoin Mining.
    9. New Phishing for O365 users Fake login page, which tests credentials immediately using IMAP, plus real error page, which isn't often done. Mitigation: MFA plus disable legacy protocols such as IMAP/POP.
    10. VPN Flaw in Global Connect allows authentication bypass. CVE-2019-1579 allows login to Palo Alto VPN bypassing username/password. While here is a fix, older code still online. 22 servers operated by Uber were identified.

    Jeff's Stories

    1. Facebook's 5 Billion FTC Fine is Just the Start of its Problems
    2. Two charged with terrorism over Bulgaria's biggest data breach
    3. Marriott Faces Massive $123 Million GDPR Fine For 2018 Security Breach
    4. Louisiana governor declares state emergency after local ransomware outbreak



    Interview: Murray Goldschmidt, Sense of Security - 7:30PM-8:15PM

     
    Murray Goldschmidt
    is the COO & Co-founder of Sense of Security.

    Murray has over 20 years’ experience in commercial information security. Prior to co-founding Sense of Security, he held senior consulting positions at Dimension Data and other leading information security management companies in South Africa.
    Murray defines the company’s business strategy, and is responsible for revenue forecasting. He also maintains key client relationships.
    A recognised industry expert, Murray holds ISC2 CISSP, ASCS IRAP, and PCI SSC QSA credentials, among others.

    Segment Topic:
    DDoS

    • Intro to Sense of Security
    • DDoS in 2019
    • New trends
    • How to address these issues