Difference between revisions of "PSWEpisode642"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
 
(20 intermediate revisions by 3 users not shown)
Line 1: Line 1:
''Recorded March 5, 2020 at G-Unit Studios in Rhode Island!''
+
 
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
= Paul's Security Weekly Episode 642 - 2020-03-05 =
  
 
==Episode Audio==
 
==Episode Audio==
<!-- <div align="center">
 
{{#widget:SoundCloud
 
|id=496965687
 
|width=75%
 
|height=100
 
|color=660202
 
|visual=false
 
}}
 
</div> -->
 
  
=== Hosts ===
+
<!-- 
{{Template:Paul}}
+
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
{{Template:Larry}}
+
-->
{{Template:LeeNeely}}
+
 
<br><br>
+
<p>[https://securityweekly.com Paul's Security Weekly Episode 642]</p>
 +
 
 +
== Announcements ==
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
<p>
 +
 
 +
<ul style="margin-left: 50px;">
 +
 +
<li>Our first-ever virtual training is happening on March 19th at 11:00am ET with Adam Kehler & Rob Harvey from the Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming webcasts & trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.</li>
 +
 +
<li>Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!</li>
 +
 +
<li>OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!</li>
 +
 +
</ul>
 +
 
 +
</p>
 +
= Interview: Active Directory, Azure and Windows Security - 6:00-6:45PM =
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
|<center>{{#ev:youtube|eViUg_WH_5w }}</center>
 +
|-
 +
|<p>'''Description:'''<br><br> Active Directory & Microsoft Cloud (Azure AD & Office 365) Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory.</p>
 +
 
 +
|}
 +
{|style="width: 100%;margin: auto; " cellpadding="5"
 +
 
 +
|'''Guest:'''
 +
|'''Bio:'''
 +
|-
 +
 +
|[[Image:SeanMetcalf-0.jpg|200px|thumb|<center>'''[https://twitter.com/@PyroTek3 Sean Metcalf]''' is Founder & CTO at </center>]]
 +
 +
|Sean Metcalf is founder and CTO at Trimarc (www.TrimarcSecurity.com), a professional services company which focuses on improving enterprise security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) certification, is a Microsoft MVP, and has presented on Active Directory & Microsoft Cloud attack and defense at security conferences such as Black Hat, BSides, DEF CON, and DerbyCon. He currently provides security consulting services to customers and posts interesting Active Directory security information on his blog, ADSecurity.org.
 +
|-
 +
 
 +
|}
 +
==Hosts==
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
 
 +
{|style="width: 100%;margin: auto; " cellpadding="1"
 +
 +
|[[Image:Jeff_Man_2-0.jpg|100px|thumb|<center>[https://twitter.com/@MrJeffMan Jeff Man]  - Sr. InfoSec Consultant at Online Business Systems</center>]]
 +
 +
|[[Image:Joff_Thyer-0.jpg|100px|thumb|<center>[https://twitter.com/@joff_thyer Joff Thyer]  - Security Analyst at Black Hills Information Security</center>]]
 +
 +
|[[Image:larry_headshot-0.jpg|100px|thumb|<center>[https://twitter.com/@haxorthematrix Larry Pesce]  - Senior Managing Consultant and Director of Research at InGuardians</center>]]
 +
 +
|[[Image:Lee_Neely-0.jpg|100px|thumb|<center>[https://twitter.com/@lelandneely Lee Neely]  - Senior Cyber Analyst  at Lawrence Livermore National Laboratory</center>]]
 +
 +
|}
 +
 
 +
= Fullaudio - None  =
 +
<!-- 
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
|<center>{{#ev:youtube|None }}</center>
 +
|-
 +
|<p>'''Description:'''<br><br> This week, we welcome back Sean Metcalf, Founder and CTO at Trimarc, to discuss Azure AD & Office 365 Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory! In the second segment, we welcome Mark Cooper, President and Founder of PKI Solutions, to talk about how SHAKEN/STIR and PKI will end the global robocall problem! In the Security News, Shark Tank Star Corcoran Loses $400K in Email Scam, Backdoor malware is being spread through fake security certificate alerts, Venezuela Power outage knocked out part of the internet connectivity, Experts warn of mass scans for Apache Tomcat Ghostcat flaw, 4 essential things security experts do to protect their own data, and more!
 +
 
 +
Link to an article Mark wrote for Dark Reading:
 +
https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285
 +
Link to landing page with more info:
 +
https://www.pkisolutions.com/shakenstir/
 +
Visit https:</p>
 +
 
 +
|}
 +
 
 +
 +
==[https://twitter.com/@MrJeffMan Jeff Man]'s Content: ==
 +
[[Image:Jeff_Man_2-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642FullaudioJeff Man}}
 +
 +
==[https://twitter.com/@joff_thyer Joff Thyer]'s Content: ==
 +
[[Image:Joff_Thyer-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642FullaudioJoff Thyer}}
 +
 +
==[https://twitter.com/@haxorthematrix Larry Pesce]'s Content: ==
 +
[[Image:larry_headshot-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642FullaudioLarry Pesce}}
 +
 +
==[https://twitter.com/@lelandneely Lee Neely]'s Content: ==
 +
[[Image:Lee_Neely-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642FullaudioLee Neely}}
 +
 +
==[https://twitter.com/@securityweekly Paul Asadoorian]'s Content: ==
 +
[[Image:Paul_Asadoorian-0.png|50px|thumb|left]]
 +
{{Template:PSW642FullaudioPaul Asadoorian}}
 +
 +
 
 +
= Interview: Mark Cooper, PKI Solutions - 6:00-6:45PM =
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
|<center>{{#ev:youtube|N3C-a3rtuAA }}</center>
 +
|-
 +
|<p>'''Description:'''<br><br> How SHAKEN/STIR and PKI will end the global robocall problem
 +
 
 +
Link to an article Mark wrote for Dark Reading:
  
= Announcements =
+
https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285
{{Template:Announcements}}
 
  
 +
Link to landing page with more info:
 +
https://www.pkisolutions.com/shakenstir/</p>
  
= Interview: Sean Metcalf, [https://securityweekly.com/microsoft Microsoft] - 6:00-6:45PM =
+
|}
<!-- [[File:SeanMetcalf.jpg|right|250px|thumb|<center>'''[https://twitter.com/badassbowden  Sean Metcalf]'''is the CEO of [https://securityweekly.com/microsoft Microsoft]</center>]] -->
+
{|style="width: 100%;margin: auto; " cellpadding="5"
  
<br>
+
|'''Guest:'''
<!-- <center>{{#ev:youtube|iPHM80z9D9k}}</center>-->
+
|'''Bio:'''
 +
|-
 +
 +
|[[Image:MarkCooper-0.jpg|200px|thumb|<center>'''[https://twitter.com/@thepkiguy Mark Cooper]''' is President and Founder at </center>]]
 +
 +
|Mark B. Cooper, president and founder of PKI Solutions, is known as “The PKI Guy” since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI.) PKI Solutions Inc. provides consulting, training - including online training - and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers' identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft's largest customers.
 +
|-
  
= Tech Segment: Mark Cooper, PKI Solutions- 6:45PM-7:30PM =
+
|}
[[File:MarkCooper.jpg|right|250px|thumb|<center>'''[https://twitter.com/thepkiguy Mark Cooper]'''is the President & Founder at [https://www.pkisolutions.com/ PKI Solutions].</center>]] Mark B. Cooper, president and founder of PKI Solutions, is known as "The PKI Guy" since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI). PKI Solutions Inc. provides consulting, training — including online training — and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers’ identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft's largest customers.<br><br>'''Segment Topic:'''<br>How SHAKEN/STIR and PKI will end the global robocall problem<br><br>'''Segment Description:'''<br>There is a new ecosystem underway that will impact everyone, especially the irritated people in the U.S. who have received more than 48 billion robocalls last year. This new ecosystem will hopefully put an end to these annoying and fraudulent robocalls calls, which the Federal Communications Commission (FCC) estimates will constitute more than half of all phone calls placed in the U.S. this year. The FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile are behind a new, global technology standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using ToKENs and Secure Telephony Identity Revisited) to combat robocalls and caller ID spoofing. This new standard addresses the issue of commercial robocallers who are impersonating other callers and committing fraud via Caller ID.<br><br>Public key infrastructure (PKI) is the backbone of the SHAKEN/STIR global technology standard. In order for the entire ecosystem to work, it needs to be created with a trusted PKI system as the base, using digital signatures in every single call, which are verified and authenticated.<br><br>'''Segment Resources:'''<br>
+
==Hosts==
* https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285
+
<!--
* https://www.pkisolutions.com/shakenstir/
+
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
<br>
+
-->
  
= Security News - 7:30-8:30PM =
+
{|style="width: 100%;margin: auto; " cellpadding="1"
 +
 +
|[[Image:Jeff_Man_2-0.jpg|100px|thumb|<center>[https://twitter.com/@MrJeffMan Jeff Man]  - Sr. InfoSec Consultant at Online Business Systems</center>]]
 +
 +
|[[Image:Joff_Thyer-0.jpg|100px|thumb|<center>[https://twitter.com/@joff_thyer Joff Thyer]  - Security Analyst at Black Hills Information Security</center>]]
 +
 +
|[[Image:larry_headshot-0.jpg|100px|thumb|<center>[https://twitter.com/@haxorthematrix Larry Pesce]  - Senior Managing Consultant and Director of Research at InGuardians</center>]]
 +
 +
|[[Image:Lee_Neely-0.jpg|100px|thumb|<center>[https://twitter.com/@lelandneely Lee Neely]  - Senior Cyber Analyst  at Lawrence Livermore National Laboratory</center>]]
 +
 +
|[[Image:Paul_Asadoorian-0.png|100px|thumb|<center>[https://twitter.com/@securityweekly Paul Asadoorian]  - Founder & CTO at Security Weekly</center>]]
 +
 +
|}
  
== Paul's Stories ==
+
= News - Tomcat, AWS Malware, Hacker Movies  =
{{Template:PSWPaul642}}
+
<!-- 
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
|<center>{{#ev:youtube|-RfBpscesOQ }}</center>
 +
|-
 +
|<p>'''Description:'''<br><br> Apache Tomcat AJP exploit, malware in AWS, hacker movies and more!</p>
  
== Larry's Stories ==
+
|-
 +
|<p>'''Content:'''<br><br> Why Doesn't Software Get Sold With a List of Ingredients? Allan Friedman talks about the ‘Software Bill of Materials’
 +
Time for cybersecurity to take back control of its story What do yours truly and Sulu have in common? THIS!Black Market White Washing: Why You Shouldn't Take Legal Advice From Criminals
 +
Backdoor malware is being spread through fake security certificate alerts
 +
Shark Tank TV star loses almost $400,000 in Business Email...
 +
Venezuela Power outage knocked out part of the internet connectivity
 +
Researchers use ultrasound waves vibrating through tables to access cellphones
 +
Apache Tomcat - AJP 'Ghostcat File Read/Inclusion
 +
WiFi Kr00K and plaintext traffic - and more
 +
Exploiting WiFi OWE</p>
  
== Lee's Stories ==
+
|}
  
<br>
+
{{SocialMedia}}
+
==[https://twitter.com/@MrJeffMan Jeff Man]'s Content: ==
 +
[[Image:Jeff_Man_2-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642NewsJeff Man}}
 +
 +
==[https://twitter.com/@joff_thyer Joff Thyer]'s Content: ==
 +
[[Image:Joff_Thyer-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642NewsJoff Thyer}}
 +
 +
==[https://twitter.com/@haxorthematrix Larry Pesce]'s Content: ==
 +
[[Image:larry_headshot-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642NewsLarry Pesce}}
 +
 +
==[https://twitter.com/@lelandneely Lee Neely]'s Content: ==
 +
[[Image:Lee_Neely-0.jpg|50px|thumb|left]]
 +
{{Template:PSW642NewsLee Neely}}
 +
 +
==[https://twitter.com/@securityweekly Paul Asadoorian]'s Content: ==
 +
[[Image:Paul_Asadoorian-0.png|50px|thumb|left]]
 +
{{Template:PSW642NewsPaul Asadoorian}}

Latest revision as of 16:39, 9 March 2020

Paul's Security Weekly Episode 642 - 2020-03-05

Episode Audio

Paul's Security Weekly Episode 642

Announcements

  • Our first-ever virtual training is happening on March 19th at 11:00am ET with Adam Kehler & Rob Harvey from the Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming webcasts & trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
  • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!

Interview: Active Directory, Azure and Windows Security - 6:00-6:45PM

Description:

Active Directory & Microsoft Cloud (Azure AD & Office 365) Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory.

Guest: Bio:
Sean Metcalf is Founder & CTO at
Sean Metcalf is founder and CTO at Trimarc (www.TrimarcSecurity.com), a professional services company which focuses on improving enterprise security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) certification, is a Microsoft MVP, and has presented on Active Directory & Microsoft Cloud attack and defense at security conferences such as Black Hat, BSides, DEF CON, and DerbyCon. He currently provides security consulting services to customers and posts interesting Active Directory security information on his blog, ADSecurity.org.

Hosts

Jeff Man - Sr. InfoSec Consultant at Online Business Systems
Joff Thyer - Security Analyst at Black Hills Information Security
Larry Pesce - Senior Managing Consultant and Director of Research at InGuardians
Lee Neely - Senior Cyber Analyst at Lawrence Livermore National Laboratory

Fullaudio - None

Description:

This week, we welcome back Sean Metcalf, Founder and CTO at Trimarc, to discuss Azure AD & Office 365 Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory! In the second segment, we welcome Mark Cooper, President and Founder of PKI Solutions, to talk about how SHAKEN/STIR and PKI will end the global robocall problem! In the Security News, Shark Tank Star Corcoran Loses $400K in Email Scam, Backdoor malware is being spread through fake security certificate alerts, Venezuela Power outage knocked out part of the internet connectivity, Experts warn of mass scans for Apache Tomcat Ghostcat flaw, 4 essential things security experts do to protect their own data, and more!

Link to an article Mark wrote for Dark Reading: https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285 Link to landing page with more info: https://www.pkisolutions.com/shakenstir/

Visit https:


Jeff Man's Content:

Jeff Man 2-0.jpg

Template:PSW642FullaudioJeff Man

Joff Thyer's Content:

Joff Thyer-0.jpg

Template:PSW642FullaudioJoff Thyer

Larry Pesce's Content:

Larry headshot-0.jpg

Template:PSW642FullaudioLarry Pesce

Lee Neely's Content:

Lee Neely-0.jpg

Template:PSW642FullaudioLee Neely

Paul Asadoorian's Content:

Paul Asadoorian-0.png

Template:PSW642FullaudioPaul Asadoorian


Interview: Mark Cooper, PKI Solutions - 6:00-6:45PM

Description:

How SHAKEN/STIR and PKI will end the global robocall problem

Link to an article Mark wrote for Dark Reading:

https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285

Link to landing page with more info:

https://www.pkisolutions.com/shakenstir/

Guest: Bio:
Mark Cooper is President and Founder at
Mark B. Cooper, president and founder of PKI Solutions, is known as “The PKI Guy” since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI.) PKI Solutions Inc. provides consulting, training - including online training - and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers' identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft's largest customers.

Hosts

Jeff Man - Sr. InfoSec Consultant at Online Business Systems
Joff Thyer - Security Analyst at Black Hills Information Security
Larry Pesce - Senior Managing Consultant and Director of Research at InGuardians
Lee Neely - Senior Cyber Analyst at Lawrence Livermore National Laboratory
Paul Asadoorian - Founder & CTO at Security Weekly

News - Tomcat, AWS Malware, Hacker Movies

Description:

Apache Tomcat AJP exploit, malware in AWS, hacker movies and more!

Content:

Why Doesn't Software Get Sold With a List of Ingredients? Allan Friedman talks about the ‘Software Bill of Materials’

Time for cybersecurity to take back control of its story What do yours truly and Sulu have in common? THIS!Black Market White Washing: Why You Shouldn't Take Legal Advice From Criminals Backdoor malware is being spread through fake security certificate alerts Shark Tank TV star loses almost $400,000 in Business Email... Venezuela Power outage knocked out part of the internet connectivity Researchers use ultrasound waves vibrating through tables to access cellphones Apache Tomcat - AJP 'Ghostcat File Read/Inclusion WiFi Kr00K and plaintext traffic - and more

Exploiting WiFi OWE


Jeff Man's Content:

Jeff Man 2-0.jpg


  1. Why Doesn't Software Get Sold With a List of Ingredients? Allan Friedman talks the ‘Software Bill of Materials’
  2. Time for cybersecurity to take back control of its story What do yours truly and Sulu have in common? THIS!
  3. T-Mobile Reveals Security Breach, Customers’ Data Exposed Can you see my data now?
  4. SpaceX Contractor Hit by Data Breach To infinity and beyond!
  5. 42% of IT and Security Managers Say Their Organizations Have Been Breached as a Result of User Password Compromise Which is why we drink

Joff Thyer's Content:

Joff Thyer-0.jpg

Template:PSW642NewsJoff Thyer

Larry Pesce's Content:

Larry headshot-0.jpg
  1. Fixed keys on MS exchange
  2. WiFi Kr00K and plaintext traffic - and more
  3. Exploiting WiFi OWE
  4. How to clone keys for toyota, hyundai, kia and tesla

Lee Neely's Content:

Lee Neely-0.jpg
  1. Shark Tank Star Corcoran Loses $400K in Email Scam That’s now how you get VC funding More info
  2. Android banking trojan steals Google two-factor authentication codes
  3. Don't run your 2FA authenticator app on these smartphones You're only as good as your weakest link. Old vulnerable OS not a good place to run your 2FA app.
  4. Killer software: 4 lessons from the deadly 737 MAX crashes Lessons include not relying on software to solve a hardware problem, and not omitting redundancy.
  5. NSF 20-051 Dear Colleague Letter: Announcing Creation of the Foundational Research in Robotics (Robotics) Program Research opportunity in foundational Robotics technology. Proposition is that both Foundational Research in Robotics and National Robots Initiative are a way to use robotics to manage complexity in the cyber physical arena.
  6. Citrix Vulnerability Used for Potential Defence Recruitment Database Access CVE-2019-19781 is critical due to wide spread exploitation in the wild and RCE risk.
  7. U.S. Government Warns of Continuous Election Meddling Efforts Election meddling includes fake social media accounts and impersonation, watch for social engineering of your vote.
  8. Let's Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug Improper domain ownership validation resulted in incorrect certificate issuing. Check your certificates Affected certificates must be manually renewed.

Paul Asadoorian's Content:

Paul Asadoorian-0.png
  1. Black Market White Washing: Why You Shouldnt Take Legal Advice From Criminals
  2. Backdoor malware is being spread through fake security certificate alerts | ZDNet
  3. Shark Tank TV star loses almost $400,000 in Business Email...
  4. Venezuela Power outage knocked out part of the internet connectivity
  5. Researchers use ultrasound waves vibrating through tables to access cellphones - Help Net Security
  6. Apache Tomcat - AJP 'Ghostcat File Read/Inclusion
  7. Experts warn of mass scans for Apache Tomcat Ghostcat flaw
  8. Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla
  9. AWS Servers Hacked: "Rootkit in the Cloud" Used to Exfiltrate Data
  10. Cisco Patches Remote Code Execution Flaws in Webex Player | SecurityWeek.Com
  11. These are the first passwords hackers will try when attacking your device | ZDNet
  12. China's new, combative response to hacking from the U.S.
  13. 4 essential things security experts do to protect their own data
  14. Chinese cybersecurity company accuses CIA of 11-year-long hacking campaign
  15. Windows 10 Alert: This Is The Default Setting You Must Change To Stay Safe
  16. Lets Encrypt discovers CAA bug, must revoke customer certificates
  17. Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums | ZDNet