Difference between revisions of "PSWEpisode656"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
(Added By Paul's Craptastic PPWorks Code)
Line 81: Line 81:
 
With bug bounties becoming more and more main stream for organizations. The bounty hunters are turning to more and more automation. Open source intelligence gathering can be automated with the use of python and a handful of other opensource tools such as Recon-NG, Amass, and others.
 
With bug bounties becoming more and more main stream for organizations. The bounty hunters are turning to more and more automation. Open source intelligence gathering can be automated with the use of python and a handful of other opensource tools such as Recon-NG, Amass, and others.
  
 +
 +
 +
 +
==Guest(s)==
 +
 +
 +
===Ryan Hays===
 +
<gallery mode="nolines" widths=175px heights=175px>
 +
 +
Image:RyanHays-0.png|'''[https://twitter.com/@_ryanhays Ryan Hays]''' is Offensive Security Manager at RSA Security<br>
 +
 +
</gallery>
 +
Ryan has 15 years of experience in the IT field, he has worked in a variety of capacities, currently specializing in offensive security and threat emulation techniques. During his career, he has worked with a multitude of Fortune 500 and 1000 companies, along with various U.S. Government Intelligence agencies on both sides of the field in offensive and defensive capacities. Ryan takes pride in giving back to the infosec community by presenting at multiple conferences as well as providing training and mentorship to people across the globe.<br>
  
  

Revision as of 22:33, 29 June 2020

Paul's Security Weekly Episode #656 - July 02, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Interview - Work From Home Cyber Security - 06:00 PM-06:45 PM

Announcements

  • With all the recent changes to BlackHat and DefCon, we realized we can keep doing what we do best - host virtual podcasts! I’m proud to announce Hacker Summer Camp 2020, a Security Weekly Virtual, Live-Stream Event, August 3 - August 6, 2020. To reserve your slot now, visit: securityweekly.com/summercamp2020

Description

Hackers know that more people are working from home now and accessing/ sending/ sharing sensitive company data through their home networks. How can businesses help employees secure their home networks?



Guest(s)

Jerry Chen

Before founding Firewalla, Jerry spent nearly 20 years working at Cisco Systems, where he was a senior manager and ran many projects in Security Technology Group, Core Routing Group, and Consumer Business Unit. He was also a member of the Cisco InfoSec Team, focusing on data protection. "I invented Firewalla after my daughter's baby camera was hacked, and my goal is to prevent such things from happening to other families. " Jerry graduated from University of California at Santa Barbara with MS and BS in Electrical Engineering.


Hosts

2. Interview - OSINT Scraping with Python - 07:00 PM-07:45 PM

Announcements

  • In our first July webcast, you will learn how to stitch and enrich flow data for security with VIAVI Solutions! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

With bug bounties becoming more and more main stream for organizations. The bounty hunters are turning to more and more automation. Open source intelligence gathering can be automated with the use of python and a handful of other opensource tools such as Recon-NG, Amass, and others.



Guest(s)

Ryan Hays

Ryan has 15 years of experience in the IT field, he has worked in a variety of capacities, currently specializing in offensive security and threat emulation techniques. During his career, he has worked with a multitude of Fortune 500 and 1000 companies, along with various U.S. Government Intelligence agencies on both sides of the field in offensive and defensive capacities. Ryan takes pride in giving back to the infosec community by presenting at multiple conferences as well as providing training and mentorship to people across the globe.


Hosts

3. News - Security News - 08:00 PM

Description

Hosts

Paul Asadoorian's Content:

Articles

  1. Cisco Releases Security Advisory for Telnet Vulnerability in IOS XE Software | CISA - Proof of concept code that is currently available results in high CPU usage on the affected device. To recover the device, a power cycle needs to occur.
  2. Apache Releases Security Advisory for Apache Tomcat | CISA
  3. The man behind Cardplanet credit card market sentenced to 9 years in prison
  4. Python Arbitrary File Write Prevention: The Tarbomb - As an example of how this could work, imagine you’re on your MacBook trying to open a file you just downloaded from your email, accounts_2020_06.tar.gz. From your downloads folder, you would expect the archive to be extracted into a new folder named accounts_2020_06. However, what if the archive contained a file with the path ../.bash_profile and contained a modified version of a bash profile that opened a backdoor on your system? If taken literally, this malicious file would overwrite your valid bash profile and you wouldn’t even know it. Luckily, the macOS archive utility and many other decompression tools check for these scenarios. However, not all do, case in point — tarfile, part of the python standard library, is vulnerable to this type of attack when used out of the box.
  5. Unpatched Wi-Fi Extender Opens Home Networks to Remote Control
  6. The Internet is too unsafe: We need more hackers
  7. Remote employees encounter 59 risky URLs per week - Help Net Security
  8. How To Build A Secure Browser For Organizations - Lots of stuff here, but I want more details on this: Our idea is to create an Active Policy Agent AI Agent in the Broker module, one ideally updated by private blockchain like the one in BETA at Oasis Labs. The policies in the browser could be updated from a reliable source in real-time while the AI module makes decisions about safety based on derived variants of the threats before they are found by threat researchers. He also mentions one of our sponsors, ExtraHop (the author does not work for ExtraHop).
  9. Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems | SecurityWeek.Com
  10. Researchers Show How Hackers Can Target ICS via Barcode Scanners | SecurityWeek.Com
  11. Things that happen every four years: Olympic Games, Presidential elections, and now new Mac ransomware - Malwarebytes director of Mac and Mobile Thomas Reed said in one sample he analyzed, the malware posed as an installer for the legit, and highly useful, network monitoring tool Little Snitch. EvilQuest has also been spotted pretending to be music-making suite Ableton Live and tuning software Mixed in Key. K7 threat researcher Dinesh Devadoss also reported discovering the ransomware masquerading as a Google software update.
  12. Firefox 78 is out with a mysteriously empty list of security fixes - This is bad: At the moment [2020-07-01T11:00Z], the security fixes in the new version are a mystery! The release notes directed us to the official security fixes page, but there wasn’t any entry for Firefox 78.
  13. Securing the International IoT Supply Chain - Schneier on Security - The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our solution is: enforce the regulations on the domestic company that's selling the stuff to consumers.
  14. Netgear is releasing fixes for ten issues affecting 79 products - All around the world its the same song, er vulnerability: Multiple Netgear devices contain a stack buffer overflow in the httpd web server’s handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root privileges.
  15. Microsoft fixes two RCE flaws affecting Windows 10 machines - Help Net Security - What initially seemed like critical out-of-band patches for Windows 10 and Windows Server 2019 systems turned out to be slightly less urgent patches since the flaws affect only Windows 10 systems and only those users who have installed the optional HEVC or “HEVC from Device Manufacturer” media codecs from Microsoft Store, limiting thusly the pool of machines open to attack.
  16. Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking - The attacks stem one of the two possible ways the gateway can be taken over: either by a compromised machine inside the corporate network that leverages an incoming benign connection to attack the Apache gateway or a rogue employee who uses a computer inside the network to hijack the gateway.
  17. 'GoldenSpy' Malware Targets Businesses Operating in China | SecurityWeek.Com
  18. Running nmap as an unprivileged user - SecWiki
  19. Exploring Kernel Networking: BPF Hook Points, Part 1
  20. Exploring Kernel Networking: BPF Hook Points, Part 2 - Say "hello" to my little friend! - Articles for Developers Building High Performance Systems
  21. New A Shared File System for Your Lambda Functions | Amazon Web Services