Paul's Security Weekly (Video)

We've let the compliance world drive security for so long there are folks that literally have no idea what 'reasonably secure' looks or feels like because they've never seen it before. Segment Resources: phobos.io/orbital Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw697

This week in the Security Weekly News, Paul and the Crew Talk: Nagios exploits, hacking a Boeing 747, bypass container image scanning, unpatchable new vulnerability in Apple M1 chips, stop blaming employees (Especially interns), spying on mac users, don't tip off the attackers, security researcher plows John Deere, when FragAttacks, security by design, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696

Rick Howard joins to talk about his Cybersecurity Canon project, the rock and roll hall of fame for Cybersecurity literature! The Cybersecurity Canon Committee has announced it's hall of winners for 2021. Segment Resources: https://icdt.osu.edu/cybercanon Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696

Training is critical but it is tough to break away from the day to day. Polarity is running free 15 minute training sessions that leverage our community edition to leave you with a new ability to automate search and save time. Examples include, how to write basic regular expressions, how to find exploit code faster, basics of cyberchef, or how to read a malware sandbox report. Segment Resources: Sign up page: https://polarity.io/ctt/ Past 15min session with GreyNoise: https://youtu.be/sEWQbRU4Duc Teaser for future session on searching malware sandboxes: https://youtu.be/qo3GxeVSdGg Teaser for future session on searching for exploit code: https://youtu.be/mGcA8_8dPfg Teaser for future session on searching for YARA rules: https://youtu.be/Fx8d_fIeFy8 Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw696

Join Qualys researcher Wheel for a discussion on the team's recent discovery and disclosure of multiple critical vulnerabilities in the Exim mail server. This includes discussion of the vulnerabilities that can be chained together to obtain full remote unauthenticated code execution and gain root privileges. Segment Resources: https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw695

Five years after Sounil Yu originally introduced the Cyber Defense Matrix at the 2016 RSA conference, he just wrapped up the third workshop based on the framework. CDM has its own website, is an official OWASP project and has a forthcoming book. We talk to Sounil today to learn more about where the CDM came from, why people find it so useful and where it might be headed in the future. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw695

This week in the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw695

This week in the Security News: President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, and the cryptowars continue! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw694

Learn how to use Amass to collect information about your Internet exposed assets. We'll cover usage of the configuration file (heavily), then put it altogether by integrating Nmap and a screenshot tool called Eyewitness. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw694

"I hack naked" - Not my best choice of a phrase to use with a prospective client though, now that it is done, might as well go through with this terrible idea... This is the story of a kick-off call I had early in my career that revealed a truth that changed the way I present myself in professional settings. Segment Resources: https://youtube.com/alexchaveriat Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw694

This week in the Security Weekly News the crew talks: Pingback is back, was it ever really gone?, damn QNAP ransomeware, anti-anti-porn software, Qualcomm vulnerabilities, spreading pandas on Discord, the always popular Chinese APTs, exploits you should be concerned about, job expectations, westeal your crypto currency, quick and dirty python (without lists), new spectre attacks, Github says don't post evil malware and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw693

US Congressman Jim Langevin joins to talk about Executive Orders, International Interest in Cyber, & more in this gripping interview! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw693

Risk-based vulnerability management is more than just a vulnerability scan or assessment. It incorporates relevant risk context and analysis to prioritize the vulnerabilities that pose the greatest risk to your organization This segment will explore the elements of a successful vulnerability management program and impactful ways to build upon your foundation. Segment Resources: https://www.coresecurity.com/blog/how-mature-your-vulnerability-management-program https://www.coresecurity.com/blog/when-use-pen-test-and-when-use-vulnerability-scan https://www.digitaldefense.com/blog/infographic-risk-based-vulnerability-management/ This segment is sponsored by Core Security, A Help Systems Company. Visit https://securityweekly.com/coresecurity to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw693

This week in the Security News, Penetration testing leaving organizations with too many blind spots, A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks, Apple AirDrop Vulnerability Exposes Users' Personal Information, Darkside Ransomware gang aims at influencing the stock price of their victims, Security firm Kaspersky believes it found new CIA malware, and a Hacker leaks 20 million alleged BigBasket user records for free! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw692

Currently, in the United States, there are over 87 billion square feet of commercial real estate. Smart Building control systems pervasive throughout these buildings and helped increase efficiency, profitability, and the occupant experience. This increase of this technology has exponentially increased the attack surface of companies. In this episode, Fred Gordy will discuss findings, attacks, and IT-induced events that he and his team have seen from the thousands of assessments they have performed in the US, Canada, and overseas. He will also provide low-cost basic practices to decrease exposure to these events. Segment Resources: Intelligent Buildings - https://www.intelligentbuildings.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw692

Fleming will cover the vulnerabilities of a hybrid workforce and how employees are now working from anywhere, not just their homes. Zero trust will play a large part in securing workforces in the future as well as password managers for corporate and personal use. He will expand his point of view on the topics in the prep call next week. This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw692

This week in the Security News, U.S Formally Attributes SolarWinds Attack to Russian Intelligence Agency, FBI Clears ProxyLogon Web Shells from Hundreds of Orgs, Justice Dept. Creates Task Force to Stop Ransomware Spread, Facebook faces mass legal action over data leak, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw691

This conversation will introduce Wickr to the PSW listeners. Joel Wallenstrom will discuss the importance of end-to-end encrypted collaboration and communication as it relates to enterprise and federal space. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw691

With the U.S. facing a shortage of roughly 314,000 cybersecurity professionals in the workforce, according to CSIS, there is an urgent need to build cybersecurity skills and fill the workforce pipeline with students who are prepared to pursue cybersecurity careers. The aftermath of the SolarWinds breach has shown that there is a desperate need to expand K-12 cybersecurity education across the country. Since its inception in 2007, over 21,500 teachers have enrolled in CYBER.ORG's content platform and over 14,000 teachers have been trained to use CYBER.ORG content for cybersecurity education. Kevin and the CYBER.ORG team are currently finalizing nationwide K-12 cybersecurity learning standards with the goal of having all 50 states adopt them. Expected in the fall, these standards will ensure that all students have equal access to standardized K-12 cybersecurity education. Segment Resources: https://cyber.org/standards https://cyber.org/about-us/our-impact https://cyber.org/news/k-12-cybersecurity-learning-standards-review-session-completed https://www.businesswire.com/news/home/20200914005156/en/CYBER.ORG-Kicks-Off-National-K-12-Cybersecurity-Learning-Standards-Development Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw691

This week in the Security News, Polish blogger sued after revealing security issue in encrypted messenger, The Facebook dump and Have I Been Pwned, LinkedIn and more_eggs, APTs targeting Fortinet, SAP Applications Are Under Active Attack again, Is your dishwasher trying to kill you?, Ubiquiti All But Confirms Breach Response Iniquity, Cyber Threat Analysis, 11 Useful Security Tips for AWS and other stuff too, Signal Adds Cryptocurrency Support and Not everyone is a fan, Zoom 0-click exploit, when firmware attacks, attackers blowing up Discord. Register for Joff's Fun Regular Expressions class here: https://bit.ly/JoffReLife Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw690

Less than 15% of enterprise customers are primarily cloud native. With so many companies still in early stages of cloud migration, what are the key lessons learned from early adopters as well as digitally native companies? What are common mistakes and how can one avoid them? Register for Joff's Fun Regular Expressions class here: https://bit.ly/JoffReLife Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw690

Nzyme is a new kind of WiFi IDS (WIDS) that detects adversaries by looking at hard to spoof characteristics of an attacker. Existing WIDS tend to look at extremely easy to spoof metadata like channels or BSSIDs. The new approach of nzyme looks at hardware fingerprints and physical attributes like signal strengths. For example, it constantly tries to follow the signal "track" of every WiFi access point in range and alerts once a second track appears because this is most likely someone spoofing the legitimate access point from a different location. Segment Resources: https://www.nzyme.org/ Register for Joff's Fun Regular Expressions class here: https://bit.ly/JoffReLife Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw690

npm netmask library has a critical bug, when AI attacks, firmware attacks on the rise, Microsoft Hololens and order 66, a real executive order 13694, The Ubiquity breach saga, the FreeBSD and wireguard saga, is the cloud more secure? Hopefully for PHP it is, software updates limit muscle car to 3 HP, a brand new Windows 95 easter egg just in time for, well, easter, and aging wine in space, does it make a difference? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689

Paul, and the rest of the PSW Hosts, will talk to Robert about how he got his start in InfoSec. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689

With an uptick in malware scams and email compromises, the best thing we can do is educate the cryptocurrency community about risks and security best practices. https://www.youtube.com/playlist?list=PL1fKlftNZ_xGh8AFVy46suO193IIQ7lnq https://www.kraken.com/en-us/features/security/kraken-security-labs https://www.canisecure.com/ https://blog.kraken.com/security-labs/ Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw689

Learn what redirects are, the different types, how they work and how they are exploited by attackers. Oh, also learn how to defend against redirect attacks! Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688

This week in the Security News: Doom exploit wins an award, a puzzle honors Alan Turing, anyone can create a deepfake, Jabber bugs, unquoted service paths, Nim malware, Deadly sins of secure coding, & are we living in the toughest time of Cybersecurity? Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688

Almost weekly, hackers discover and exploit vulnerabilities in popular programs like SolarWinds and Microsoft Exchange Server, impacting thousands. While it would be great to eradicate these vulnerabilities in the programs themselves, it is unlikely to happen any time soon. That's why patching vulnerabilities quickly is important, yet even when patches are available, companies often fail to patch promptly. We'll discuss barriers companies face that delay patching and Qualys' experience with creating free services that help companies detect specific vulnerabilities and patching remotely for events like the SolarWinds and Microsoft Exchange incidents. The session will include a brief demo of Qualys free 60-day service to detect, prioritize, and patch vulnerable Exchange servers, and to detect environments missing compensating controls. This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them! Show Notes: https://securityweekly.com/psw688 Visit https://www.securityweekly.com/psw for all the latest episodes!

The first episode of Security Weekly's podcast mini-series with PlexTrac "Getting the Real Work Done in Cybersecurity" starts with PlexTrac's bread and butter, Purple Teaming! The group - along with special guest Bryson Bort of SCYTHE - discuss the ins and outs of purple teaming. Topics covered on the show include the importance of collaboration within your security team, the idea of a milestone-based approach to security, purple teaming engagements, and much more. This segment is sponsored by Plextrac. Visit https://securityweekly.com/plextracseries to learn more about them! Visit https://www.securityweekly.com/series to view the entire PlexTrac Mini Series! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687

In the Security News, If software got a security grade, most would get an F, SolarWinds hackers got some source code, new old bugs in the Linux kernel, hack stuff and get blown up, stop hacking "beer", weekly Chrome zero day, Mirai lives, long live Marai, how attackers could intercept your text messages, and rigging the election, the Homecoming Queen election that is. Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687

Dan will run through some customer testimonials on how they are using Plextrac effectively to get the real work done in security! This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw687

Assaf Dahan, Sr Director, Head of Threat Research at Cybereason, discusses current trends in ransomware research. What happens when we're not watching or watching the wrong indicators? And threat actor handoff off pillaging to Cyber Merenaries. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw686

Microsoft Exchange had some vulnerabilities, how could you not hear about them?, Russians try to throttle Twitter, silicon valley security camera company has been breached and we get to see what it looks like as they make Teslas in China, Did I mention that there was an Exchange hack?, free tool release to help secure the supply chain (but not Russians with bags of cash), the best practices aren't always the best, advanced Linux malware and how not to encrypt C2 and hide files, and network-based multi-domain macro-segmentation situational awareness for compliance, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw686

David has been studying the structure, size and scope of illicit markets for over 10 years. He has come to realize just how fragmented illicit markets are, how a few select vendors often control most of the sales, and how important social bonds are even in the context of anonymous illicit markets. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw686

This week, In the Security News, Calling all people who know how to patch MS Exchange servers, we need you, Rockwell Automation PLC flaws and what you can't do about it, a book review I agree with, be careful what you expose at home, yet another Chrome 0day, jailbreak your iPhone, the cybersecurity consolidation, and taking back the term "Hacker", for real this time! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw685

Paul recently built a new PC for daily work and security-related tasks. It's a monster PC! The build was researched heavily, and in this segment, Paul will share all the tips and tricks to you can build the same or similar PC! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw685

Phillip will discuss his passion for offensive cybersecurity education, mentoring, and getting started in pentesting. He co-authored a book based on his conference talk "The Pentester Blueprint: Starting a Career as an Ethical Hacker." He will also talk about his community involvement with the Innocent Lives Foundation, The Pwn School Project, and Hacking is NOT a Crime. His book: https://www.wiley.com/en-us/The+Pentester+BluePrint%3A+Starting+a+Career+as+an+Ethical+Hacker-p-9781119684305 The Pwn School Project meetup: https://pwnschool.com/ INE (https://ine.com), Phillip's employer offers a free starter pass for training in four different areas of technology; Penetration Testing Student, Getting started in networking, Azure fundamentals, first steps in data science with Python: https://checkout.ine.com/starter-pass Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw685

This week In the Security News, Nvidia tries to throttle cryptocurrency mining, Digging deeper into the SolarWinds breach, now with executive orders, NASA's secret message on Mars, vulnerabilities in Python and Node.js, hacking TVs and AV gear, nation state hacking galore, patch your VMWare vCenter, and is a password manager worth your money!?! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw684

Bryan will talk about how and why he wire-tapped the US Secret Service and FBI, how he used his Marine Corps training, cyber abilities, social engineering, and OSINT to rescue his foster daughter from being trafficked. Bryan will then explain what he does with Cyemptive, his day job. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw684

Peter will tell the story behind the story of his new book "Confessions of a CIA Spy - The Art of Human Hacking" including key highlights from the book regarding data protection. Peter's new book is available on Amazon: https://amazon.com Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw684

"Wheel" was part of the team that discovered the heap overflow vulnerability in SUDO, Baron Samedit (CVE-2021-3156), that impacted major Unix-like operating systems included Linux, macOS, AIX and Solaris. He'll provide an overview of the vulnerability and then dive into a technical discussion of the research. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw683

This week in the Security News, Police Playing copyrighted music to stop video of them being posted online, Border agents can search phones freely under new circuit court ruling, Microsoft warns enterprises of new 'dependency confusion' attack, Old security vulnerability left in millions of IoT devices, A 'Simple And Yet Robust' Hand Cipher, Zero Trust in the Real World , Clubhouse And Its Privacy & Security Risks, Google launches Open Source Vulnerabilities database, Hacker Tries to Poison Water Supply , Cyberpunk 2077 makers CD Projekt hit by ransomware hack, Multiple Security Updates Affecting TCP/IP, Microsoft's Remote Desktop Web Access Vulnerability, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw683

In this segment we'll unpack "Zero Trust", what does it mean and how can it be applied as a concept to information security today? It certainly begs the question what and who do you trust? Often without too much thought, we trust software, machines, and people. Each time you run an "apt upgrade" (using sudo!), you are implying trust. When you deploy that enterprise monitoring software (*cough* Solarwinds *cough*), you have to trust it, but to what degree? Tune in to find out more! This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscaler to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw683

Security in a Complex World, Huawei's HarmonyOS embodies "Fake it till you make it", Hackers Infiltrating the World of Online Gaming, Sloppy patches breed zero-day exploits, Dutch researcher hacks prepaid vending machines, When was the last time you said: "Hey, that web app on that IoT/network device was really secure!"? Test Amber Alert accidentally sent out warning of Chucky from the Child's Play horror movies, Major Vulnerabilities Discovered in Realtek RTL8195A Wi-Fi Module, New Linux malware steals SSH credentials from supercomputers, From Microsoft: how not to run Docker in Azure Functions. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw682

Bill will provide insight on best practices for internet safety, for work from home, family-friendly internet habits which leads to the conversation of secure chats/files, & more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw682

Small federal contractors are being required to become compliant with a new standard, CMMC. They've never had to do the level of security and compliance maturity that it requires! What do they do? Who can they talk to? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw682

In the Security News, why privacy is like bubble wrap, South African government releases its own browser just to re-enable flash support, former Lulzsec hacker releases VPN zero-day used to hack hacking team, how a researcher broke into Microsoft VS code's Github, & how criminals use a deceased employee's account to wreak havoc! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw681

Today's segment will discuss effective assessments, the maturity of your security posture, and the composition of your team. Specific topics in the episode include the what, when, and how of conducting assessments, addressing the cybersecurity talent shortage, and facilitating automated assessments. Lastly, we'll discuss what makes you feel ready for what's headed your way. This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw681

What is XDR? How do we know the security protections we're investing in are working? All this and Paul's CBD Pineapple Pizza Drink on this week's show. This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw681

In the Security News, How two authors became part of WRT54G hacking history, European police and German law enforcement have taken down the illegal "DarkMarket" online marketplace, 70 unpatched Cisco vulnerabilities and why these are not a big deal, Adobe is blocking Flash content, most containers still run as root, watching private videos on YouTube is more like silent films, and get a free bag of weed when you get your vaccine! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw680