Lenny Zeltser the VP of Products at Minerva, will be giving a technical segment on Evasion Tactics in Malware from the Inside Out. He will explain the tactics malware authors use to evade detection and analysis and find out how analysts examine these aspects of malicious code with a disassembler and a debugger. To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly Full Show Notes: https://wiki.securityweekly.com/Episode585 Follow us on Twitter: https://www.twitter.c...
Dec 08, 2018•1 hr 7 min
Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN), talk about their experience as developers, their journey to creating SATAN and their decision to keep SATAN a open source tool. Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly
Dec 02, 2018•59 min
Hackers breach Dunkin Donuts, how insiders are serious threats to security in an organization, the return of email flooding, Microsoft helps police shut down fake tech support in India, and how Las Vegas police are cracking down on Black Market marijuana sales! Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly...
Dec 01, 2018•1 hr 18 min
Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo. Full Show Notes: https://wiki.securityweekly.com/Episode584 To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly Follow us on Twitter: https://www.twitter.com/securityweekly...
Dec 01, 2018•32 min
7 new Spectre/Meltdown attacks, Hacking ATM's for free cash is easier than Windows XP, AI can now fake fingerprints fooling ID scanners, and Japan's cybersecurity minister admits he's never used a computer! Full Show Notes: https://wiki.securityweekly.com/Episode583 Follow us on Twitter: https://www.twitter.com/securityweekly
Nov 19, 2018•1 hr 16 min
John is a Senior Product Manager at DFLabs, where he performs a wide variety of tasks from product management to content development and partner management. John Moran talks about IncMan SOAR and how DFLabs Automation & Response platform helps automate, orchestrate, and measure CSIRTs and SOCs. To learn more about DFLabs, go to: www.dflabs.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/Episode583 Follow us on Twitter: https://www.twitter.com/securityweekly...
Nov 18, 2018•40 min
Jon Buhagiar is responsible for Network Operations at Pittsburgh Technical College for the past 19 years. Jon is currently a Network+ Review Course Instructor at Sybex, and he joins us to talk about Network Operations at Sybex. Full Show Notes: https://wiki.securityweekly.com/Episode583 Follow us on Twitter: https://www.twitter.com/securityweekly
Nov 17, 2018•49 min
Cisco accidentally released Dirty Cow exploit code, Apache Struts Vulnerabilities, Zero Day exploit published for VM Escape flaw, Spam spewing IoT botnet infects 100,000 routers, and some of these vibrating apps turn your phone into a sex toy! Full Show Notes: https://wiki.securityweekly.com/Episode582 Follow us on Twitter: https://www.twitter.com/securityweekly
Nov 12, 2018•43 min
Former Head of Israeli Air Force CERT & Forensics Team, Senior Security Researcher at Javelin Networks. Eyal will be discussing securing remote administration, remote credentials, explains that Jump Servers aren’t as good, and show you have to connect to remote machines using AD. Full Show Notes: https://wiki.securityweekly.com/Episode582 Follow us on Twitter: https://www.twitter.com/securityweekly...
Nov 11, 2018•51 min
Corin Imai is Sr. Security Advisor for DomainTools. Corin began her career working on desktop virtualization, networking, and cloud computing technologies before delving into security. This interview, they talk about DNS, phishing tools, and tease what DomainTools has in store for 2019. Full Show Notes: https://wiki.securityweekly.com/Episode582 Follow us on Twitter: https://www.twitter.com/securityweekly...
Nov 10, 2018•28 min
AWS Security Best Practices, Masscan and massive address lists, Bleedingbit vulnerabilities, and Cisco Zero-Day exploited in the wild, ! All that and more, on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode581 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly...
Nov 05, 2018•1 hr 14 min
Matt Toussain a Security Analyst at Black Hills Information Security, will be giving a tech segment on remote access tools (RAS). To learn more about BHIS, go to: https://www.blackhillsinfosec.com/PSW Full Show Notes: https://wiki.securityweekly.com/Episode581 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly...
Nov 04, 2018•36 min
Aleksei Tiurin is the Senior Security Researcher for Acunetix. Aleksei is giving a technical segment on insecure deserialization in Java/JVM and explains what polymorphism is. Aleksei Tiurin is a security researcher and pentester with over 8 years of experience in penetration testing and with a particular focus on ERP and banking systems and Windows-networks. To learn more about Acunetix, go to: https://www.acunetix.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/Episode581 →...
Nov 03, 2018•40 min
Fear of AI attacks, the FDA releases cybersecurity guidance, watch hackers steal a Tesla, serious D-Link router security flaw may never be patched, and California addresses default passwords! All that and more, on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode580 Follow us on Twitter: https://www.twitter.com/securityweekly...
Oct 29, 2018•1 hr 6 min
Yossi Sassi is the Co-Founder and Cybersecurity Researcher at CyberArtSecurity.com. Yossi joins us for a tech segment to talk about using windows powershell, discussing DCSync, DCShadow, creative Event Log manipulation & thoughts about persistence. To learn more about Javelin Networks, Go To: www.javelin-networks.com Full Show Notes: https://wiki.securityweekly.com/Episode580 Follow us on Twitter: https://www.twitter.com/securityweekly...
Oct 28, 2018•58 min
Veronica Schmitt is the Sr. Digital Forensic Scientist for DFIRLABS. Veronica explains what SRUM is in WIndows 10. She explains how SRUM can be a valuable tool in Digital Forensics. Full Show Notes: https://wiki.securityweekly.com/Episode580 Follow us on Twitter: https://www.twitter.com/securityweekly
Oct 27, 2018•55 min
How to use the Shodan search engine to secure an enterprise's internet presence, Apache access vulnerability could affect thousands of applications, vulnerable controllers could allow attackers to manipulate marine diesel engines, & ICS Security Plagued with Basic, and avoidable mistakes! Full Show Notes: https://wiki.securityweekly.com/Episode579 Follow us on Twitter: https://www.twitter.com/securityweekly...
Oct 22, 2018•49 min
John Walsh the DevOps Evangelist for CyberArk joins us on the show. John talks about the articles he wrote for CyberArk about Kubernetes, DevSecOps, and how to strengthen your container authentication with CyberArk. Sponsor Landing Page: https://www.conjur.org/asw Full Show Notes: https://wiki.securityweekly.com/Episode579 Follow us on Twitter: https://www.twitter.com/securityweekly...
Oct 21, 2018•40 min
Mark Dufresne explains why MITRE created their tool and what the MITRE attack framework is. Full Show Notes: https://wiki.securityweekly.com/Episode579 Follow us on Twitter: https://www.twitter.com/securityweekly
Oct 20, 2018•46 min
New Apple and Microsoft security flaws at Black Hat Europe, CCTV makers leaves at least 9 million cameras public, upset Google+ users are sueing Google, US weapons systems apparently can be easily hacked, not all multifactor authentication is created equal, and Kanye's '000000' password makes iPhone security great again! Full Show Notes: https://wiki.securityweekly.com/Episode578 Follow us on Twitter: https://www.twitter.com/securityweekly...
Oct 15, 2018•40 min
Omer is End-Point team lead at Javelin Networks. The team focuses on methods to covertly manipulate OS internals. Before Javelin Networks, he was a malware researcher at IBM Trusteer for two years focusing on financial malware families and lectured about his research on Virus Bulletin and Zero Nights conferences. Full Show Notes: https://wiki.securityweekly.com/Episode578 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly...
Oct 14, 2018•28 min
Lee Neely is a senior IT and security professional at LLNL with over 25 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. Full Show Notes: https://wiki.securityweekly.com/Episode578 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly...
Oct 13, 2018•53 min
In the security news, Russian Hackers use Malware that can survive OS reinstalls, Facebook’s 2-Factor authentication With a phone number isn’t only for security, it’s used for ads ,FBI warns companies about hackers increasingly abusing RDP connections, NSA employee who brought hacking tools home sentenced to 66 months in prison, new Linux Kernel Bug affects Red Hat, CentOS, and Debian Distributions, and Baddies just need one email account with clout to unleash phishing hell, and more! Full Show ...
Oct 01, 2018•43 min
Carlos Perez delivers the Technical Segment on How to Operate Offensively Against Sysmon. He talks about how SysMon allows him to create rules, and track specific types of tradecraft, around process creation and process termination. He dives into network connection, driver loading, image loading, creation of remote threats, and more! Full Show Notes: https://wiki.securityweekly.com/Episode577 Visit https://www.securityweekly.com/psw for all the latest episodes!...
Sep 30, 2018•29 min
Mike Nichols is the VP of Product Management at Endgame, and he manages the Endgame endpoint protection platform. Keith McCammon is the Chief Security Officer and Co-Founder of Red Canary, and he runs Red Canary’s Security Operation Center. Shawn Smith is the IT Security Manager at Panhandle Educators Federal Credit Union. They discuss the problems Shawn had that led him to choose Red Canary and Endgame as his solution, skill shortages in vendors, what he did to convince his management to approv...
Sep 29, 2018•42 min
Senate can't protect senators staff from Cyber Attacks, Equifax fined by ICO over data breach that hit Britons, US Military given the power to hack back and defend forward,and AmazonBasics Microwave works with Alexa! Full Show Notes: https://wiki.securityweekly.com/Episode576 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly...
Sep 25, 2018•57 min
Apollo Clark goes through inventory management, access management, config management, patch management, automated remediation, logging and monitoring, and deployment tools. Full Show Notes: https://wiki.securityweekly.com/Episode576 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly...
Sep 23, 2018•30 min
Mike Ahmadi oversees IoT security solutions and technical implementations for DigiCert customers across various verticals that include industrial, transportation, smart city, consumer devices and healthcare. Full Show Notes: https://wiki.securityweekly.com/Episode576 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly...
Sep 22, 2018•49 min
Microsoft accidentally lets encrypted Windows 10 out the the world, Kernel exploit discovered in macOS, PowerShell obfuscation ups the anty on anti virus, Google outlines incident response process, BombGar buys BeyondTrust, and Neil DeGrasse Tyson speaks on Elon Musk saying: Let the man Get High! All that and more, on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode575 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.t...
Sep 17, 2018•1 hr 17 min
Eyal Neemany describes how to bypass Linux Pluggable Authentication Modules provide dynamic authentication support for applications and services in a Linux or GNU/kFreeBSD system. Eyal Neemany is the Senior Security Researcher for Javelin Networks. →Full Show Notes: https://wiki.securityweekly.com/Episode575 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly...
Sep 16, 2018•40 min
