Difference between revisions of "Episode621"

From Security Weekly Wiki
Jump to navigationJump to search
(Created page with "''Recorded September 26, 2019 at G-Unit Studios in Rhode Island!'' ==Episode Audio== <!-- <div align="center"> {{#widget:SoundCloud |id=496965687 |width=75% |height=100 |colo...")
 
Line 40: Line 40:
  
 
== Larry's Stories ==
 
== Larry's Stories ==
 +
#[https://www.theregister.co.uk/2019/09/19/iowa_pentester_update/ Update on the Coalfire pentesters…]
 +
#[https://www.cnet.com/news/weworks-weak-wi-fi-security-leaves-sensitive-documents-exposed/ WeWork WiFi] - Documents sent on WeWork's unsecured network included financial records, bank account credentials and a cat photo of Nicolas Cage.  Play stupid games, win stupid prizes.
 +
#[https://www.theregister.co.uk/2019/09/18/github_code_analysis_biz_semmle/ Github Acquires Semmle] - does that mean we now get free code audits?
 +
#[https://www.cnet.com/news/justice-department-sues-edward-snowden-over-memoir/ Snowden sued for his memoir] - because he did not submit it to the publications office first…
 +
#[https://www.us-cert.gov/ncas/current-activity/2019/09/17/2019-cwe-top-25-most-dangerous-software-errors MITRE updates the top CWE 25]
  
 
== Lee's Stories ==
 
== Lee's Stories ==
  
 
<br><br>
 
<br><br>

Revision as of 20:12, 19 September 2019

Recorded September 26, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor


  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.


    Interview: - 6:00-6:30PM


    Tech Segment: Philippe Courtot, Qualys - 6:30 - 7:30PM


    Security News - 7:30PM-8:30PM

    Paul's Stories

    1. Top 5 Git Security Mistakes - Security Boulevard
    2. CrowdStrike-Ukraine Explained
    3. Security capabilities are lagging behind cloud adoption - Help Net Security
    4. Rise of RDP as a target vector - Help Net Security
    5. Google wins landmark case: Right to be forgotten only applies in EU
    6. Honeywell Launches New Industrial Cybersecurity Platform | SecurityWeek.Com
    7. Slideshows - Dark Reading
    8. What Is CrowdStrike and Why Is Donald Trump Blabbering About It to Ukraine
    9. Think You Don't Need a VPN? Use One Anyway
    10. Confused why Trump fingered CrowdStrike in that Ukraine call? You're not the only one...
    11. Magecart Targets Routers For Commercial Wi-Fi Networks
    12. Adopting DevOps practices leads to improved security posture - Help Net Security
    13. How can we thwart email-based social engineering attacks? - Help Net Security
    14. USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.
    15. Vimeo sued for storing faceprints of people without their say-so
    16. Cylance Founder Stuart McClure Leaves BlackBerry | SecurityWeek.Com
    17. There Is Life for the CISO After a Breach | SecurityWeek.Com
    18. Cisco Patches 13 High-Severity Router and Switch Bugs
    19. Most of Ecuadors Population gets hacked
    20. Botnet exploits recent vBulletin flaw to protect its bots
    21. Help! My AWS Server Has Been Hacked!

    Larry's Stories

    1. Update on the Coalfire pentesters…
    2. WeWork WiFi - Documents sent on WeWork's unsecured network included financial records, bank account credentials and a cat photo of Nicolas Cage. Play stupid games, win stupid prizes.
    3. Github Acquires Semmle - does that mean we now get free code audits?
    4. Snowden sued for his memoir - because he did not submit it to the publications office first…
    5. MITRE updates the top CWE 25

    Lee's Stories