Difference between revisions of "Psw661"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
(Added By Paul's Craptastic PPWorks Code)
 
(19 intermediate revisions by the same user not shown)
Line 10: Line 10:
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 
-->
 
-->
= 1. Observing Disinformation Campaigns - 07:00 PM-07:30 PM  =
+
= 1. SWVHSC: Observing Disinformation Campaigns - 07:00 PM-07:45 PM  =
 
<!--   
 
<!--   
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
-->
 
-->
  
 +
<center>{{#ev:youtube|3W_Ao1I39Xo }}</center>
  
 +
 +
=== Sponsored By ===
 +
<gallery mode="packed" widths=150px heights=150px>
 +
Image:DomainTools_logo_bg-2.jpg
 +
</gallery>
 +
<center><strong>Visit http://domaintools.com/ for more information!</strong></center>
 +
 +
 +
=== Announcements ===
 +
<ul style="margin-left: 50px;">
 +
 +
<li> <p>Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!</p></li>
 +
 +
</ul>
  
 
=== Description ===
 
=== Description ===
  
 +
Chad talks about the DomainTools COVID research (and how they stumbled on the CovidLock Android ransomware), mapping the Reopen Campaigns in more detail. He will then touch on some of the work he is doing that will be released that maps Twitter hunting into a nice, observable dashboard for the lazy.
 +
 +
This segment is sponsored by DomainTools.
 +
 +
Visit https://securityweekly.com/domaintools to learn more about them! This segment is sponsored by DomainTools. Visit http://domaintools.com/ to learn more about them!
 +
 +
 +
To learn more about the research, visit: http://domaintools.com/
  
  
Line 28: Line 51:
 
<gallery mode="nolines" widths=175px heights=175px>
 
<gallery mode="nolines" widths=175px heights=175px>
  
Image:ChadAnderson-0.jpg|'''[https://twitter.com/@piffey Chad Anderson]''' is Senior Security Researcher at Domain Tools<br>
+
Image:ChadAnderson-0.jpg|'''[https://twitter.com/@piffey Chad Anderson]''' is Senior Security Researcher at DomainTools<br>
  
 
</gallery>
 
</gallery>
Line 49: Line 72:
  
 
Image:Paul_Asadoorian-0.png|<center>[https://twitter.com/@securityweekly Paul Asadoorian]  - Founder & CTO at Security Weekly</center>
 
Image:Paul_Asadoorian-0.png|<center>[https://twitter.com/@securityweekly Paul Asadoorian]  - Founder & CTO at Security Weekly</center>
 
Image:Tyler_Robinson-0.png|<center>[https://twitter.com/@tyler_robinson Tyler Robinson]  - Managing Director of Network Operations at Nisos, Inc</center>
 
  
 
</gallery>
 
</gallery>
  
= 2. TBD - 07:30 PM  =
+
= 2. SWVHSC: Netgear Flaws, Satellite Spying, & Stealing UltraLoq Keys - 08:00 PM-08:45 PM  =
 
<!--   
 
<!--   
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
-->
 
-->
  
 +
<center>{{#ev:youtube|TZPi8kFmmhs }}</center>
  
 +
 +
 +
=== Announcements ===
 +
<ul style="margin-left: 50px;">
 +
 +
<li> <p>Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!</p></li>
 +
 +
</ul>
  
 
=== Description ===
 
=== Description ===
 +
 +
How hackers could spy on satellite internet traffic with just $300 of home TV equipment, Smart locks opened with nothing more than a MAC address, 17-Year-Old 'Mastermind' and 2 Others Behind the Biggest Twitter Hack Arrested, Flaw in popular NodeJS express-fileupload module allows DoS attacks and code injection, and how Netgear Won't Patch 45 Router Models Vulnerable to a Serious Flaw!
  
  
Line 67: Line 99:
 
==Hosts==
 
==Hosts==
  
<gallery mode="nolines" widths=175px heights=175px>
 
  
Image:Paul_Asadoorian-0.png|<center>[https://twitter.com/@securityweekly Paul Asadoorian] - Founder & CTO at Security Weekly</center>
+
==[https://twitter.com/@MrJeffMan Jeff Man]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:Jeff_Man_2-0.jpg
 +
</gallery>
 +
{{Template:PSW661NewsJeffMan}}
 +
 
 +
==[https://twitter.com/@joff_thyer Joff Thyer]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:Joff_Thyer-0.jpg
 +
</gallery>
 +
{{Template:PSW661NewsJoffThyer}}
 +
 
 +
==[https://twitter.com/@haxorthematrix Larry Pesce]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:larry_headshot-0.jpg
 +
</gallery>
 +
{{Template:PSW661NewsLarryPesce}}
 +
 
 +
==[https://twitter.com/@lelandneely Lee Neely]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:Lee_Neely-0.jpg
 +
</gallery>
 +
{{Template:PSW661NewsLeeNeely}}
 +
 
 +
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:MattAlderman-0.png
 +
</gallery>
 +
{{Template:PSW661NewsMattAlderman}}
  
 +
==[https://twitter.com/@securityweekly Paul Asadoorian]'s Content: ==
 +
<gallery mode="nolines" widths=150px heights=150px>
 +
Image:Paul_Asadoorian-0.png
 
</gallery>
 
</gallery>
 +
{{Template:PSW661NewsPaulAsadoorian}}
  
= 3. Automating your Vulnerability Management Program - 08:00 PM  =
+
 
 +
= 3. Automating Your Vulnerability Management Program - 09:30 PM-10:15 PM  =
 
<!--   
 
<!--   
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
-->
 
-->
  
 +
<center>{{#ev:youtube|-bZicZO7BoE }}</center>
  
 +
 +
=== Sponsored By ===
 +
<gallery mode="packed" widths=150px heights=150px>
 +
Image:1920x1080-VMDR_2nd_test-0.png
 +
</gallery>
 +
<center><strong>Visit https://securityweekly.com/qualys for more information!</strong></center>
 +
 +
 +
=== Announcements ===
 +
<ul style="margin-left: 50px;">
 +
 +
<li> <p>Learn How to Create and Run a Conference, from some of the geniuses behind Layer8 Conference and Wild West Hackin Fest on August 19th! Our next technical training on August 27th will teach you about BootHole, <span class="caps">SIGR</span>ed and <span class="caps">SMB</span>leed&#8230;Best Practices To Prioritize And Remediate Now! Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network on September 10th! Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!</p></li>
 +
 +
</ul>
  
 
=== Description ===
 
=== Description ===
 +
 +
In this segment we discuss the importance of automating the Vulnerability Management Program and discuss Qualys VMDR which takes vulnerability management to the next level bringing detection and response to vulnerability management.
 +
 +
For your free trial of Qualys VMDR, visit: https://securityweekly.com/qualys
 +
 +
  
  

Latest revision as of 19:09, 17 August 2020

Paul's Security Weekly Episode #661 - August 06, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. SWVHSC: Observing Disinformation Campaigns - 07:00 PM-07:45 PM


Visit http://domaintools.com/ for more information!


Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

Chad talks about the DomainTools COVID research (and how they stumbled on the CovidLock Android ransomware), mapping the Reopen Campaigns in more detail. He will then touch on some of the work he is doing that will be released that maps Twitter hunting into a nice, observable dashboard for the lazy.

This segment is sponsored by DomainTools.

Visit https://securityweekly.com/domaintools to learn more about them! This segment is sponsored by DomainTools. Visit http://domaintools.com/ to learn more about them!


To learn more about the research, visit: http://domaintools.com/


Guest(s)

Chad Anderson

Chad has a particular interest in automation, network security and their intersection. His primary focus leans heavily on leveraging open source technologies to improve deployments, network security and systems administration at DomainTools.


Hosts

2. SWVHSC: Netgear Flaws, Satellite Spying, & Stealing UltraLoq Keys - 08:00 PM-08:45 PM


Announcements

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

Description

How hackers could spy on satellite internet traffic with just $300 of home TV equipment, Smart locks opened with nothing more than a MAC address, 17-Year-Old 'Mastermind' and 2 Others Behind the Biggest Twitter Hack Arrested, Flaw in popular NodeJS express-fileupload module allows DoS attacks and code injection, and how Netgear Won't Patch 45 Router Models Vulnerable to a Serious Flaw!


Hosts

Jeff Man's Content:

Articles

  1. VPN security alert: 900 servers hit by huge data breach
  2. Blackbaud data breach: What you should know
  3. Capital One fined $80 million for data breach involving 100 million Americans
  4. Intel hacked, first wave of stolen chip data released in 20GB dump
  5. For DevOps, Application Programming Integration (API) Is A Major Security Vulnerability

Joff Thyer's Content:

Articles

Larry Pesce's Content:

Articles

  1. Blocking telemetry in Windows hosts filled now flagged by Windows Defender
  2. It appears Garmin paid the ransom
  3. Bitsight’s data on remote worker attack surface - From yesterday’s Summer camp preso, but amazing data too good not to share again]
  4. Arrested Coalfire Pentesters tell their tale
  5. Insecure satellite data interception

Lee Neely's Content:

Articles

  1. Iranian Hacker Group Becomes First Known APT to Weaponize DNS-over-HTTPS (DoH) "Oilrig" (APT34) group is the first to leverage DNS-over-HTTPS (DoH) to silently exfiltrate sensitive data from targeted networks. Using a new utility dubbed "DNSExfiltrator" and began using it as part of its intrusions into hacked networks.
  2. NSA Warns that Mobile Device Location Services Constantly Compromise Spies and Soldiers NSA has issued a new guide titled "Limiting Location Data Exposure" that provides advice for properly securing fitness trackers, smartphones, and tables that "store and share device geolocation data by design" and create a security risk for those working in defense and national security.
  3. Flaw in Popular NodeJS 'express-fileupload' Module Allows DoS Attacks and Code Injection
  4. Vermont Taxpayers Warned of Data Leak Over the Past Three Years Vermont Department of Taxes is warning taxpayers who filed property tax returns via its online filing site between Feb. 1, 2017, and July 2, 2020, that their personal information may have been leaked due to vulnerability in the system.
  5. EU Sanctions China, Russia, and North Korea for Past Hacks EU imposed first-of-their kind economic sanctions consisting of a travel ban and an asset freeze against China, North Korea, and Russia for conducting past cyber attacks that targeted EU business and citizens. Also a prohibition on EU citizens doing business with the three businesses and six individuals on the sanction list.
  6. Smart locks can be opened with nothing more than a MAC address In the case of the U-Tec $139.99 UltraLoq, marketed as a "secure and versatile smart deadbolt that offers keyless entry via your Bluetooth-enabled smartphone and code." Tripwire researchers have disclosed a misconfiguration error and other security issues that leaked data and allowed attackers to steal unlock tokens with nothing more than a MAC address.

Matt Alderman's Content:

Articles

  1. 29 Years Ago Today, The First Web Page Went Live
  2. 2019 Breach Leads to $80 Million Fine for Capital One
  3. Twitter hack teen's court date 'Zoombombed' with porn
  4. Researchers warn of an Achilles' heel security flaw for Android phones

Paul Asadoorian's Content:

Articles

  1. Cisco alert: Four high-severity flaws in routers, switches and AnyConnect VPN for Windows
  2. How hackers could spy on satellite internet traffic with just $300 of home TV equipment
  3. Smart locks opened with nothing more than a MAC address
  4. Starting a Career in Information Security | Offensive Security
  5. 17-Year-Old 'Mastermind', 2 Others Behind the Biggest Twitter Hack Arrested - Graham Clark has reportedly been charged with 30 felonies of communications and organized fraud for scamming hundreds of people using compromised accounts.
  6. Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
  7. Trump says he will ban popular Chinese video app TikTok in the US
  8. Flaw in popular NodeJS express-fileupload module allows DoS attacks and code injection - Prototype pollution is a term that was coined many years ago in the JavaScript community to designate libraries that added extension methods to the prototype of base objects like "Object", "String" or "Function".
  9. Hackers can abuse Microsoft Teams updater to deliver malicious payloads
  10. Black Hat 2020: 'Zero-Click' MacOS Exploit Chain Uses Microsoft Office Macros
  11. Botnet abuses Docker servers & crypto blockchain to deliver Doki backdoor - The botnet attackers exploit their victims by scanning for misconfigured, openly accessible Docker API ports, and then establish their own malware-serving containers on the host. The malicious containers are based on abused images that are available through Docker hub.
  12. Netgear Won't Patch 45 Router Models Vulnerable to Serious Flaw - For instance, one such Modem Router that won’t receive an update, the AC1450 series, is as old as 2009. Other router models, while newer, have reached EOL: The R6200 and R6200v2 wireless routers reached EOL in 2013 and 2016, respectively; while the Nighthawk R7300DST wireless router reached EOL in the first half of 2017, said Henry.
  13. Twitter hack teen's court date 'Zoombombed' with porn
  14. Exploiting Google Cloud Platform With Ease


3. Automating Your Vulnerability Management Program - 09:30 PM-10:15 PM


Visit https://securityweekly.com/qualys for more information!


Announcements

  • Learn How to Create and Run a Conference, from some of the geniuses behind Layer8 Conference and Wild West Hackin Fest on August 19th! Our next technical training on August 27th will teach you about BootHole, SIGRed and SMBleed…Best Practices To Prioritize And Remediate Now! Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network on September 10th! Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

In this segment we discuss the importance of automating the Vulnerability Management Program and discuss Qualys VMDR which takes vulnerability management to the next level bringing detection and response to vulnerability management.

For your free trial of Qualys VMDR, visit: https://securityweekly.com/qualys




Guest(s)

Mehul Revankar

Mehul is a cybersecurity professional with over 15 years of experience in Vulnerability Management, Policy Compliance and Security Operations. He leads the product management and engineering functions for VMDR (Vulnerability Management, Detection and Response) at Qualys. Before joining Qualys, Mehul led development of vulnerability and patch management products at SaltStack, and prior to that he led multiple research teams at Tenable.

Sumedh Thakar

As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform to meet the Payment Card Industry (PCI) Data Security Standard (DSS) requirements. Today, more than 69 percent of ASVs and 50 percent of QSAs worldwide use Qualys PCI to perform PCI DSS certification.


Hosts