Octopus Scanner Sinks Tentacles into GitHub Repositories, RobbinHood and the Merry Men, Zoom Restricts End-to-End Encryption to Paid Users, Hackers steal secrets from US nuclear missile contractor, and Had a bad weekend? Probably, if you're a Sectigo customer, after root cert expires and online chaos ensues! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode654...
Jun 06, 2020•1 hr 17 min
Threat hunting activities often require packet capture analysis but capturing and storing PCAP at scale is rough. This segment covers open source tools for collecting packet captures on demand within a threat hunting use case in Gravwell. To learn more about Gravwell, visit: https://securityweekly.com/gravwell To check out Packet Fleet, visit: https://github.com/gravwell/ingesters/tree/master/PacketFleet Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wi...
Jun 06, 2020•43 min
Paul delivers a Technical Segment on Lightweight Vulnerability Management using NMAP! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode654
Jun 05, 2020•48 min
In this week's Security News, NSA warns Russia-linked APT group is exploiting Exim flaw since 2019, Hackers Compromise Cisco Servers Via SaltStack Flaws, OpenSSH to deprecate SHA-1 logins due to security risk, all this and more with Special Guest Ed Skoudis, Founder of Counter Hack and Faculty Fellow at SANS Institute! To check out the SANS Pen Test HackFest and Cyber Range Summit, visit: https://www.sans.org/event/hackfest-ranges-summit-2020 Visit https://www.securityweekly.com/psw for all the ...
May 30, 2020•1 hr 44 min
"Burn-In: A Novel of the Real Robotic Revolution" (May 26 release) is a new kind of novel+nonfiction. It uses the technothriller format as a way to share real research on the ways that AI+automation will shape our future, but also leave it vulnerable to a new scale of risks. That is, it is a fictional story following an FBI agent as she and a new partner hunt a new kind of terrorist bent on holding the entire city hostage in a way previously impossible. But baked into the story are some 300 macr...
May 29, 2020•45 min
The MITRE ATT&CK framework has had a major impact on the cybersecurity industry and has given a defenders a haystack in which to focus their defensive efforts. What’s most interesting, perhaps, is where and how these TTPs intersect and how we can use that information to determine patterns and disrupt attacks by analyzing historical datasets. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode653...
May 29, 2020•48 min
In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.security...
May 23, 2020•1 hr 16 min
HTTP security headers are an easy and effective way to harden your application against all kinds of client side attacks. We'll discuss which security headers there are, what functions they have and how to use them properly. Security Header Whitepaper: https://www.netsparker.com/whitepaper-http-security-headers/ Slide Show: https://securityweekly.com/http-security-headers-in-action/ To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/p...
May 23, 2020•1 hr 2 min
The guests on Trust Me I'm Certified have dropped some real knowledge and I'd like to distill that down as well as talk about building technical skills, looking at your career as a 'thing' that needs care and feeding, and the BSidesNH conference. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode652...
May 22, 2020•1 hr 3 min
In the Security News, Palo Alto Networks Patches Many Vulnerabilities in PAN-OS, Zerodium will no longer acquire certain types of iOS exploits due to surplus, New Ramsay Malware Can Steal Sensitive Documents from Air-Gapped Networks, vBulletin fixes critical vulnerability so patch immediately!, U.S. Cyber Command Shares More North Korean Malware Variants, and The Top 10 Most-Targeted Security Vulnerabilities! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https...
May 16, 2020•1 hr 34 min
We use terms such as Social Distancing, Quarantine, and Contact Tracing on a regular basis amid the current crisis. How do these apply to Information and Network Security? To learn more about Edgewise Networks or to request a Demo, visit: https://securityweekly.com/edgewise Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode651...
May 15, 2020•54 min
In this episode of Paul's Security Weekly, we will dive into the recently published MITRE ATT&CK second-round evaluation based on APT29. While MITRE does not declare a "winner," stressing that the results enable users to make informed decisions on what tools meet their needs, It's notable how many vendors claimed victory shortly after the results were published. We will discuss how organizations can interpret the results relative to their own security strategy using the free and open ATT&...
May 15, 2020•53 min
In the Security News, Naikon APT Hid Five-Year Espionage Attack Under Radar, PoC Exploit Released for DoS Vulnerability in OpenSSL, 900,000 WordPress sites attacked via XSS vulnerabilities, Kaiji, a New Linux Malware Targets IoT Devices in the Wild, Another Stuxnet-Style Vulnerability Found in Schneider Electric Software, and remembering the ILOVEYOU virus! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode650...
May 11, 2020•1 hr 34 min
Lots of IT and security professionals do not want to use the CLI, which has set them back. Fantastic exposes the same power as the CLI in an easy to use GUI that is more consistent and hopefully easier to navigate/use than the native GUI tools. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode650...
May 08, 2020•46 min
Public utilities are under fire from malicious actors now, more than ever. At the same time, authorities for National Guard units are expanding, allowing greater levels of support. However, this only works when relationships already exist. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode650...
May 08, 2020•30 min
The crew talks about how to accomplish asset management, vulnerability management, prioritization of remediation, and the actual remediation steps! No small task! Then check out a deep dive demonstration of Qualys VMDR that includes, you guessed it, Asset Management, Vulnerability Management, Threat Detection & Prioritization, and Response! To learn more about Qualys and VMDR, please visit: https://securityweekly.com/qualys Visit https://www.securityweekly.com/psw for all the latest episodes...
May 02, 2020•1 hr 32 min
In the Security News, Half a Million Zoom Accounts Compromised by Credential Stuffing, Sold on Dark Web, Scammers pounce as stimulus checks start flowing, NSA shares list of vulnerabilities commonly exploited to plant web shells, Using Pythons pickling to explain Insecure Deserialization, How to encrypt AWS RDS MySQL replica set with zero downtime and zero data loss, 9 Skills That Separate Beginners From Intermediate Python Programmers, Hackers are exploiting a Sophos firewall zero-day, and more...
May 02, 2020•59 min
Jeremy Miller, a former Green Beret and current CEO of Lionfish Cyber Security, will discuss how mission set tactics used by Special Forces can be applied directly to the cyber war being waged today. These mission sets are very relevant for the front line of cybersecurity professionals, who are the next generation of Special Operation forces. These are the men and women that protect our country, our businesses and our families. Approaching the cyber war with this mindset, Miller is re-aligning h...
May 01, 2020•52 min
In the Security News, Legions of cybersecurity volunteers rally to protect hospitals during COVID-19 crisis, Wanna hack a Satellite? The Navy will let you…, IBM 0-day released for days after notification - IBM said “won’t fix!”, Zoom Dropped by Big Business Despite Addressing Security Flaws, Android Users Beware: Google Just Banned These Devious Apps With 69 Million Installs, NSA shares list of vulnerabilities commonly exploited to plant web shells, German Government Loses 'Tens of Millions' in ...
Apr 25, 2020•1 hr 26 min
Patrick Laverty created and co-organizes the Layer 8 Conference with Lea Snyder. This year will be the 3rd annual conference that solely focuses on social engineering and OSINT topics. Ori Zigindere is an offensive security professional with a background in software engineering. He works with a wide range of companies in all major industries to help them improve their security posture against day to day threats. Patrick and Ori join us today to talk about the Layer8 Conference, and WorkshopCon! ...
Apr 25, 2020•40 min
Steven Bay has over 16 years of cybersecurity experience, spanning the military, government, consulting, and enterprise security. For 10 of those years, he supported the National Security Agency both as a member of the military and a contractor. In 2013 he hired Edward Snowden to a contract position in Hawaii and was his manager when Snowden fled the country with top-secret NSA data. Following this, he moved into commercial cybersecurity where he provided IR and Threat Intelligence services to F...
Apr 24, 2020•59 min
This week in the Security News, How to teach your iPhone to recognize you while wearing a mask, Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic, VMware plugs critical flaw in vCenter Server, Russian state hackers behind San Francisco airport hack, Macs Are More Secure, and Other Jokes You Can Tell Yourself, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode647...
Apr 18, 2020•1 hr 24 min
Many people inaccurately use vulnerability scans or vulnerability assessments as terms that are synonymous with penetration tests. Those that do know the difference often think you have to choose between the two. But that’s not the case. This segment will cover why and how pen testing can be used to validate vulnerability scanner results. To learn more about Core Security, visit: https://securityweekly.com/coresecurity Visit https://www.securityweekly.com/psw for all the latest episodes! Show No...
Apr 18, 2020•25 min
Defining key areas of investment that organizations need to consider in their programs. Within the areas of investment, we talk about functional areas and defining capabilities within each functional area. The end goal is to have a framework that folks can use to document their security program, measure evolution over time, share best practices, organize content and data, and be used as a reference architecture based on community input. To learn more about Rapid7 or to request a demo, visit: htt...
Apr 17, 2020•49 min
A little about Zoom vulnerabilities and data leaks and Cisco Webex vulnerabilities. We talk about security Kubernetes and how the same security principals apply, vulnerabilities in ICS systems and how hackers can help improve society. Oh, and smart toilets that scan your, er, logs. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode646...
Apr 11, 2020•1 hr 8 min
In the second part of our interview series with the legend Jeff Man, he continues his discussion with Paul, Matt, and Lee, about the many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA. Vis...
Apr 11, 2020•1 hr 28 min
We welcome Security Weekly's own Tyler Robinson for a Technical Segment, to talk about how individuals are tracked and then demonstrates different TTPs Nisos uses to hunt and track people of interest. Using a modified version of Trape, ngrok, and DNS setup, Tyler shows how much information and tracking data can be gathered and further used for ongoing operations by simply clicking a link or visiting a page with embedded JavaScript. To view ngrok, visit: https://www.ngrok.com/ To check out the Tr...
Apr 10, 2020•59 min
This segment will largely focus on the recent Zoom vulnerabilities and the responses from security researchers, the security community and enterprises. Should you stop using Zoom? Tune in to find out! (Hint: Uhm, probably not). Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645
Apr 04, 2020•1 hr 33 min
At Carnegie Mellon University we are designing a usable security and privacy label for smart devices to help consumers make informed choices about Internet of Things device purchases and encourage manufacturers to disclose their privacy and security practices. The label includes information on privacy and security practices of the smart device, such as the type of data the device collects and whether or not the device gets automatic security updates. Based on research with both consumers and exp...
Apr 04, 2020•50 min
Matt and the Security Weekly crew will discuss how the interaction between network engineers and security operations has changed over the years, as well as the value of the network when identifying security threats and performing remediation. For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode645...
Apr 03, 2020•50 min
