PSWEpisode642

From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly Episode 642 - 2020-03-05

Episode Audio

Paul's Security Weekly Episode 642

Announcements

  • Is your Open Source code secure? Learn how to verify your code during development, not after the build in our next webcast with Synopsys. Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand. Each webcast will earn you 1 CPE credit that we will submit on your behalf if you provide your ISC2 number.
  • Join us at InfoSecWorld 2020 - June 22nd-24th at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!

Interview: Active Directory, Azure and Windows Security - 6:00-6:45PM

Description:

Active Directory & Microsoft Cloud (Azure AD & Office 365) Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory.

Guest: Bio:
 
Sean Metcalf is Founder & CTO at Trimarc
Sean Metcalf is founder and CTO at Trimarc (www.TrimarcSecurity.com), a professional services company which focuses on improving enterprise security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) certification, is a Microsoft MVP, and has presented on Active Directory & Microsoft Cloud attack and defense at security conferences such as Black Hat, BSides, DEF CON, and DerbyCon. He currently provides security consulting services to customers and posts interesting Active Directory security information on his blog, ADSecurity.org.

Hosts

 
Jeff Man - Sr. InfoSec Consultant at Online Business Systems
 
Joff Thyer - Security Analyst at Black Hills Information Security
 
Larry Pesce - Senior Managing Consultant and Director of Research at InGuardians
 
Lee Neely - Senior Cyber Analyst at Lawrence Livermore National Laboratory

Fullaudio - None

Description:

This week, we welcome back Sean Metcalf, Founder and CTO at Trimarc, to discuss Azure AD & Office 365 Security, including a breakdown of Microsoft's security offerings and recommendations for cloud migrations for Active Directory! In the second segment, we welcome Mark Cooper, President and Founder of PKI Solutions, to talk about how SHAKEN/STIR and PKI will end the global robocall problem! In the Security News, Shark Tank Star Corcoran Loses $400K in Email Scam, Backdoor malware is being spread through fake security certificate alerts, Venezuela Power outage knocked out part of the internet connectivity, Experts warn of mass scans for Apache Tomcat Ghostcat flaw, 4 essential things security experts do to protect their own data, and more!

Link to an article Mark wrote for Dark Reading: https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285 Link to landing page with more info: https://www.pkisolutions.com/shakenstir/

Visit https:



Jeff Man's Content:


Template:PSW642FullaudioJeff Man

Joff Thyer's Content:


Template:PSW642FullaudioJoff Thyer

Larry Pesce's Content:


Template:PSW642FullaudioLarry Pesce

Lee Neely's Content:


Template:PSW642FullaudioLee Neely

Paul Asadoorian's Content:


Template:PSW642FullaudioPaul Asadoorian


Interview: Mark Cooper, PKI Solutions - 6:00-6:45PM

Description:

How SHAKEN/STIR and PKI will end the global robocall problem

Link to an article Mark wrote for Dark Reading:

https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285

Link to landing page with more info:

https://www.pkisolutions.com/shakenstir/

Guest: Bio:
 
Mark Cooper is President and Founder at PKI Solutions
Mark B. Cooper, president and founder of PKI Solutions, is known as “The PKI Guy” since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI.) PKI Solutions Inc. provides consulting, training - including online training - and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers' identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft's largest customers.

Hosts

 
Jeff Man - Sr. InfoSec Consultant at Online Business Systems
 
Joff Thyer - Security Analyst at Black Hills Information Security
 
Larry Pesce - Senior Managing Consultant and Director of Research at InGuardians
 
Lee Neely - Senior Cyber Analyst at Lawrence Livermore National Laboratory
 
Paul Asadoorian - Founder & CTO at Security Weekly

News - Tomcat, AWS Malware, Hacker Movies

Description:

Apache Tomcat AJP exploit, malware in AWS, hacker movies and more!


Content:

Why Doesn't Software Get Sold With a List of Ingredients? Allan Friedman talks about the ‘Software Bill of Materials’

Time for cybersecurity to take back control of its story What do yours truly and Sulu have in common? THIS!Black Market White Washing: Why You Shouldn't Take Legal Advice From Criminals Backdoor malware is being spread through fake security certificate alerts Shark Tank TV star loses almost $400,000 in Business Email... Venezuela Power outage knocked out part of the internet connectivity Researchers use ultrasound waves vibrating through tables to access cellphones Apache Tomcat - AJP 'Ghostcat File Read/Inclusion WiFi Kr00K and plaintext traffic - and more

Exploiting WiFi OWE


Jeff Man's Content:



  1. Why Doesn't Software Get Sold With a List of Ingredients? Allan Friedman talks the ‘Software Bill of Materials’
  2. Time for cybersecurity to take back control of its story What do yours truly and Sulu have in common? THIS!
  3. T-Mobile Reveals Security Breach, Customers’ Data Exposed Can you see my data now?
  4. SpaceX Contractor Hit by Data Breach To infinity and beyond!
  5. 42% of IT and Security Managers Say Their Organizations Have Been Breached as a Result of User Password Compromise Which is why we drink

Joff Thyer's Content:


Template:PSW642NewsJoff Thyer

Larry Pesce's Content:


  1. Fixed keys on MS exchange
  2. WiFi Kr00K and plaintext traffic - and more
  3. Exploiting WiFi OWE
  4. How to clone keys for toyota, hyundai, kia and tesla

Lee Neely's Content:


  1. Shark Tank Star Corcoran Loses $400K in Email Scam That’s now how you get VC funding More info
  2. Android banking trojan steals Google two-factor authentication codes
  3. Don't run your 2FA authenticator app on these smartphones You're only as good as your weakest link. Old vulnerable OS not a good place to run your 2FA app.
  4. Killer software: 4 lessons from the deadly 737 MAX crashes Lessons include not relying on software to solve a hardware problem, and not omitting redundancy.
  5. NSF 20-051 Dear Colleague Letter: Announcing Creation of the Foundational Research in Robotics (Robotics) Program Research opportunity in foundational Robotics technology. Proposition is that both Foundational Research in Robotics and National Robots Initiative are a way to use robotics to manage complexity in the cyber physical arena.
  6. Citrix Vulnerability Used for Potential Defence Recruitment Database Access CVE-2019-19781 is critical due to wide spread exploitation in the wild and RCE risk.
  7. U.S. Government Warns of Continuous Election Meddling Efforts Election meddling includes fake social media accounts and impersonation, watch for social engineering of your vote.
  8. Let's Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug Improper domain ownership validation resulted in incorrect certificate issuing. Check your certificates Affected certificates must be manually renewed.

Paul Asadoorian's Content:


  1. Black Market White Washing: Why You Shouldnt Take Legal Advice From Criminals
  2. Backdoor malware is being spread through fake security certificate alerts | ZDNet
  3. Shark Tank TV star loses almost $400,000 in Business Email...
  4. Venezuela Power outage knocked out part of the internet connectivity
  5. Researchers use ultrasound waves vibrating through tables to access cellphones - Help Net Security
  6. Apache Tomcat - AJP 'Ghostcat File Read/Inclusion
  7. Experts warn of mass scans for Apache Tomcat Ghostcat flaw
  8. Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla
  9. AWS Servers Hacked: "Rootkit in the Cloud" Used to Exfiltrate Data
  10. Cisco Patches Remote Code Execution Flaws in Webex Player | SecurityWeek.Com
  11. These are the first passwords hackers will try when attacking your device | ZDNet
  12. China's new, combative response to hacking from the U.S.
  13. 4 essential things security experts do to protect their own data
  14. Chinese cybersecurity company accuses CIA of 11-year-long hacking campaign
  15. Windows 10 Alert: This Is The Default Setting You Must Change To Stay Safe
  16. Lets Encrypt discovers CAA bug, must revoke customer certificates
  17. Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums | ZDNet