Friday, June 5, 2020

7 Minute Security

7MS #417: Vulnerability Scanning Tips and Tricks

This episode of the 7MS podcast is brought to you by ITProTV. It’s never too late to start a new career in IT or move up the later, and ITProTV has you covered. From CompTIA and Cisco to ECCouncil and VMWare. Get a 7-day free trial and save 30% off all plans by going to itpro.tv/7MS Today's episode is all about getting the most value out of your vulnerability scans, including: Why, IMHO you should only do credentialed scans Policy tweaks that will keep servers from tipping over and printers from printing novels of gibberish 😉 How to make...

7MS #416: Pi-hole 5.0

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today we're talking about some of my favorite features of Pi-hole 5.0. Including: WARNING! WARNING! Upgrading from 4.x is a one-way operation! Per-client blocking (you can setup, for example, a group machines called "kids" and apply specific domain block/allow lists and domains to them) More granular detail (especially if there are issues) when blocklists get updated Better, richer debug log output I also talk about a...

Brakeing Down Security

2020-021- Derek Rook, redteam tactics, blue/redteam comms, and detection of testing

**If Derek told you about us at SANS, send a DM to @brakeSec or email bds.podcast@gmail.com for an invite to our slack** OSCP/HtB/VulnHub is a game... designed to have a tester find a specific nugget of information to pivot or gain access to greater...

2020-020-Andrew Shikiar – FIDO Alliance – making Cybersecurity more secure

 Andrew Shikiar, executive director and CMO of the (Fast IDentity Online) FIDO Alliance.   What is FIDO? “ open industry association launched in February 2013 whose mission is to develop and promote authentication standards that help reduce the world’s over-reliance on passwords. FIDO addresses...

Crypto-Gram

Crypto-Gram April 15, 2020

In this issue: Work-from-Home Security Advice Emergency Surveillance During COVID-19 Crisis Security and Privacy Implications of Zoom Contact Tracing COVID-19 Infections via Smartphone Apps Ransomware Now Leaking Stolen Documents from the April 15, 2020 Crypto-Gram Newsletter by Bruce Schneier read by Dan Henage

Crypto-Gram March 15, 2020

In this issue: Policy vs. Technology Inrupt, Tim Berners-Lee's Solid, and Me Security of Health Information from the March 15, 2020 Crypto-Gram Newsletter by Bruce Schneier read by Dan Henage

Cyber Security Interviews

#089 – Ed Bellis: Complexity is the Enemy

Ed Bellis is a security industry veteran and expert and was once named “Information Security Executive of the Year”. He currently serves as the Chief Technology Officer and Co-founder of Kenna Security. He founded Kenna Security to deliver a data-driven risk-based approach to remediation and help IT teams prioritize and thwart would-be security threats.Ed is the former CISO of Orbitz and former Vice President, Corporate Information Security at Bank of America. He is an advisor to Dascena and former advisor to SecurityScoreboard.com, Dharma, and Society of Payment Security Professionals. Ed is a contributing author to the book, Beautiful Security....

#088 – Mikko Hyppönen: You Might Have an Enemy In the Future

Mikko Hypponen is a global security expert and has worked at F-Secure since 1991. Currently, he serves as F-Secure's Chief Research Officer.Mikko has written on his research for the New York Times, Wired, and Scientific American, and he frequently appears on international TV. He has lectured at the universities of Stanford, Oxford, and Cambridge. He was selected among the 50 most important people on the web by the PC World magazine and was included in the FP Global 100 Thinkers list.Mikko sits on the advisory boards of t2 and Social Safeguard and in the advisory panel for the Monetary...

Darknet Diaries

66: freakyclown

Freakyclown is a physical penetration tester. His job is to break into buildings to test the security of the building. In this episode we hear stories of some of these missions he’s been on.Thanks to Freakyclown for coming on the show and telling your story.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This episode was sponsored by Molekule, a new air purifier that completely destroys air pollutants to help you breath easier. https://molekule.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Presenting: The Jordan Harbinger Show featuring Jack Barsky former KGB Spy

This week, while we are busy making a new episode of Darknet Diaries, so we are going to play for you an episode from another podcast we think you'll really like. It's called the Jordan Harbinger show. In this episode he interviews Jack Barsky, a former KGB spy.We had Jordan on this podcast once, episode 56. https://darknetdiaries.com/episode/56/Subscribe to the Jordan Harbinger show, wherever you listen to podcasts or at https://www.jordanharbinger.com/podcasts/ Learn more about your ad choices. Visit megaphone.fm/adchoices

Defensive Security

Down The Security Rabbithole

DtSR Episode 397 – Modern-ish Vulnerability Management

Welcome Down the Security Rabbithole to yet another edition of the DtSR Podcast. We we roll on towards milestone episode 400 James and Rafal discuss a topic that doesn't get nearly enough airplay - vulnerability management. This isn't just your dad's vulnerability scanning though, or is it? Have we done anything exciting in this space in the last 15 years? Maybe... kind of...but the problem is much harder. Guest Ed Bellis Twitter: @ebellis LinkedIn: https://www.linkedin.com/in/bellis/  

DtSR Episode 396 – Verizon DBIR 2020 Analysis

It's Verizon Data Breach Investigations Report time again. This episode is a yearly walk-through of the DBIR, where Rafal and James once again welcome Gabe Bassett back to the show to talk data, graphics, and lessons we need to learn. Link to the report: https://enterprise.verizon.com/resources/reports/dbir/ Guest: Gabriel Bassett LinkedIn: https://www.linkedin.com/in/gabriel-bassett/ Twitter: https://twitter.com/gdbassett/

Open Source Security

Episode 199 – Special cases are special: DNS, Websockets, and CSV

Josh and Kurt talk about a grab bag of topics. A DNS security flaw, port scanning your machine from a web browser, and CSV files running arbitrary code. All of these things end up being the result of corner cases. Letting a corner case be part of a default setup is always a mistake. Yes always, not even that one time. Show Notes Bind advisory Robustness Principal eBay port scanning localhost OWASP CSV injection...

Episode 198 – Good advice or bad advice? Hang up, look up, and call back

Josh and Kurt talk about the Krebs blog post titled "When in Doubt: Hang Up, Look Up, & Call Back". In the world of security there isn't a lot of actionable advice, it's worth discussing if something like this will work, or ever if it's the right way to handle these situations. Show notes When in Doubt: Hang Up, Look Up, & Call Back Tech Support Scam podcast: Part 1, Part 2 STIR/SHAKEN Drill...

Episode 197 – Beer, security, and consistency; the newer, better, triad

Josh and Kurt talk about what beer and reproducible builds have in common. It's a lot more than you think, and it mostly comes down to quality control. If you can't reproduce what you do, you're not a mature organization and you need maturity to have quality. Show Notes Reinheitsgebot Josh's Blog Post Ken Thompson's reflections on trusting trust Tor Browser Deterministic Builds One line package broke npm create Donkey Kong 64 memory leak

OWASP 24/7

Exploring the LinkedIn Algorithm

In this episode of the DevSecOps Podcast, we’re going to go off script and explore the LinkedIn algorithm. I could tie this back to DevSecOps, and how all of us need visibility for our work, or how important it is to build a community around our ideas, but the real reason is… I find this fascinating. One of the largest community engagement platforms in the world encourages us to play their game, but doesn’t tell us what the rules are! How are we to determine the best way to participate, when we have no idea on how to best contribute...

The Demise of Symantec by Richard Stiennon

When I read Richard Stiennon's latest article in Forbes, The Demise of Symantec, I thought it was absolutely fascinating. Richard walks through the process of what happened at Symantec, how it was an acquisition engine for so many years, and now how it's started to decline. I got in touch with Richard and told him I'd like to have him read his article for the podcast, and he responded right away. What you'll hear in this episode is Richard talking about and reading from his article, The Demise of Symantec. Resources for this podcast: The Demise of Symantec, Forbes Online https://www.forbes.com/sites/richardstiennon/2020/03/16/the-demise-of-symantec/#6522117b5fc7 Security Yearbook 2020 https://www.security-yearbook.com/

Purple Squad Security

Episode 71 – A Casual Conversation with The Cyber Mentor

Heath "The Cyber Mentor" Adams stops by to have a nice casual chat about how he got into infosec, what he's currently working on, and how he's giving back to the community in a rather novel way. Definitely someone I respect as a great up-and-comer in the industry, this was a fantastic discussion for sure. Some links of interest: Website - https://www.thecybermentor.com/ Company - https://tcm-sec.com/ Discord - https://discord.gg/REfpPJB Twitter - https://twitter.com/thecybermentor YouTube - https://www.youtube.com/c/thecybermentor Twitch - https://www.twitch.tv/thecybermentor Udemy - https://www.udemy.com/course/practical-ethical-hacking/ Want to...

Episode 70 – Mul-Tea-Factor with Kat Sweet

Kat Sweet (@TheSweetKat) sits down to chat about incident response and security operations, all while sipping tea with me. Some links of interest: Kat's Twitter - @TheSweetKat Kat's Blog - thesweetkat.com Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Podcast Store: https://purplesquadsec.com/store Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more...

Risky Business

Risky Biz Soap Box: A better way to provision access to production environments

The Soap Box podcasts we run here at Risky.Biz are wholly sponsored affairs – everyone you hear in a soap box podcast, paid to be here. The idea is vendors get to come on to the show and chat about their products, what their stuff does, the thinking behind it, so on and so on. Today we’re hearing from Justin McCarthy of StrongDM. StrongDM is a bit of a niche player – essentially what they do is make a product that provisions secure access to engineers who need to access various back end services. You can think of them as an identity aware...

Risky Business #586 — Google TAGs Indian mercenaries

On this week’s show Patrick and Adam discuss the week’s security news, including: NSA warns of Sandworm Exim exploitation Huawei CFO extradition process to continue Google TAG implicates Indian hacker-for-hire outfits in espionage Black lives matter F–k police brutality This week’s sponsor interview is with Marco Slaviero of Thinkst Canary. He’ll be talking through a few of the partnerships Thinkst has entered into over the years. He’ll also talk a bit about some new Canary integrations, such as a new one with HD Moore’s Rumble. You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here. You...

SANS ISC

ISC StormCast for Friday, June 5th 2020

Anti-Debugging Technique Based on Memory Protectionhttps://isc.sans.edu/forums/diary/AntiDebugging+Technique+based+on+Memory+Protection/26200/ Suspending Suspicious Domain Feed/Update

ISC StormCast for Thursday, June 4th 2020

Polish Malspam Pushes ZLoader Malwarehttps://isc.sans.edu/forums/diary/Polish+malspam+pushes+ZLoader+malware/26196/ Cisco Patches IP-in-IP Flawhttps://securityaffairs.co/wordpress/104192/security/ip-in-ip-flaw-cisco.html Zoom

ISC StormCast for Wednesday, June 3rd 2020

Type 2 Strackstringshttps://isc.sans.edu/forums/diary/Stackstrings+type+2/26192/ More Details About AddTrust External CA Root

Security Now

SN 769: Zoom’s E2EE Design

Zoom gets end-to-end encryption. ACLU takes Clearview to court, but maybe they should worry about their own website firstThe state of drive-by malvertising downloadsGoogle will be bad listing notification abusing sitesWho else is doing the eBay-like ThreatMetrix port scanning?Facebook to require identity verification for high impact postersGoogle Messaging is apparently heading toward E2EEThe return of a much more worrisome StrandHoggThe SHA-1 hash to finally be dropped from OpenSSHWhat happens when you fuzz USB?Zoom's end-to-end encryption designWe invite you to read our show notes at https://www.grc.com/sn/SN-769-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now....

SN 768: Contact Tracing Apps R.I.P.

Contact tracing apps are not going to work.Why contact tracing apps are never going to workUnc0ver: There's a new iOS jailbreak in town, and as jailbreaks go, it looks VERY nice!Firefox 77 picks up a nifty new security trickNew features in Chrome 83: cookie management, "Safety Check," blocking third-party cookies by default in Incognito mode, and "Tab Groups"Adobe rushes out four out-of-cycle emergency updates to fix security flawsZerodium temporarily stops buying iOS remote code execution vulnerabilitiesThe NXNS Attack: A group of cybersecurity researchers in Israeli have responsibly disclosed details about a new way they worked out of using the...

Security Weekly

IP in IP Vulns, Anonymous Returns, & Deep Fakes – Wrap Up – SWN #40

Show news, Anonymous Returns, Deep Fakes and Deep Fake Hunters, IP in IP hacks, and IPv6.   Show Notes: https://wiki.securityweekly.com/SWNEpisode40 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Pyramid of Pain – ESW #186

This week, we talk Enterprise News, to talk about how SureCloud Launches Cyber Resilience Assessment Solution, Blackpoint Cyber launches 365 Defense - a Microsoft 365 security add-on for its MDR service, Endace and Palo Alto Networks Cortex XSOAR enable accelerated forensics of cyberthreats, Zscaler acquires Edgewise Networks, WatchGuard Technologies Completes Acquisition of Panda Security, and more! In our second segment, we welcome Alyssa Miller, Application Security Advocate at Snyk, to talk about Unraveling Your Software Bill of Materials! In our final segment, we welcome Aaron Rinehart, CTO and Co-Founder of Verica, and Casey Rosenthal, CEO and Co-Founder of Verica,...

Shared Security

First Amendment Rights and Twitter, Encryption Backdoors

In episode 123 for June 1st 2020: The controversy continues over fact checking and First Amendment rights on Twitter, and why government mandated encryption backdoors are bad for everyone’s security. ** Show notes and links mentioned on the show ** Trump to sign executive order aimed at cracking down on Facebook and Twitterhttps://www.cnbc.com/2020/05/28/trump-to-sign-executive-order-aimed-at-cracking-down-on-facebook-twitter.html The law enforcement backdoor debate continueshttps://www.helpnetsecurity.com/2020/05/26/backdoor-encryption/ OWASP Top 10 2020 Data Analysis Planhttps://owasp.org/www-project-top-ten/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday...

Episode 100 with Rachel Tobac and Kathleen Smith

In episode 100 of our May monthly show we discuss the history of the podcast, some of the most interesting cybersecurity and privacy news and events over the years, and speak with former guest Rachel Tobac, CEO and Co-Founder of SocialProof Security, about what she’s been up to and of course the David Lynch daily weather report! We also catch up with Kathleen Smith, CMO of ClearedJobs.net and CyberSecJobs.com to talk about the current cybersecurity job market, recruiting, and...

Smashing Security

181: Anti-cybercrime ads, tricky tracing, and a 5G Bioshield

Police are hoping to stop kids becoming cybercriminals by bombarding them with Google Ads, phishers rub their hands in glee at the NHS track and trace service, and just how does a nano-layer of quantum holographic catalyzer technology make a USB stick cost hundreds of pounds? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley. Visit https://www.smashingsecurity.com/181 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security...

180: Taking care of Clare

On this special splinter episode of the podcast, we're joined by actor and comedian Clare Blackwood in the hope of convincing her that cybersecurity is no laughing matter. Hear what happens in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Carole's cousin (!) Clare Blackwood. Visit https://www.smashingsecurity.com/180 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes. Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all...

Sophos

S2 Ep42: Apple auth attack, Octopus Scanner, Escobar escapades

END OF SERIES SPECIAL: This week Mark shares why Pablo Escobar’s brother is suing Apple for $2.6b, Greg talks about a malicious ‘Octopus Scanner’ targeting developers on Github and Duck discusses the “Sign in with Apple” account takeover flaw. Host Anna Brading is joined by Sophos experts Paul Ducklin, Mark Stockley and Greg Iddon. Related articles: Github uncovers malicious ‘Octopus Scanner’ targeting developers https://nakedsecurity.sophos.com/2020/06/01/github-uncovers-malicious-scanner-targeting-developers/ No password required! “Sign in with Apple” account takeover flaw...

S2 Ep41: Super-sized ransomware, FBI v Apple and AirPods hot or not

This week Peter shares how Ragnar Locker ransomware deploys a virtual machine to dodge security, Mark discusses the latest in the Apple v FBI saga and Duck talks "MagicPairing." Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Peter Mackenzie. Listen now! Related articles: Signal secure messaging can now identify you without a phone number https://nakedsecurity.sophos.com/2020/05/22/signal-secure-messaging-can-now-identify-you-without-a-phone-number/ Apple and Google launch COVID-19 contact tracing API https://nakedsecurity.sophos.com/2020/05/22/apple-and-google-launch-covid-19-contact-tracing-api/ VIDEO: What is the dark web? https://www.youtube.com/watch?v=9F3rz7GfPys&t=52s Ragnar Locker ransomware deploys...

S2 Ep40: Demonic printers, a sleazy stalker and 10 reasons to patch

This week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now. Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon. Related articles: Beware the DHL delivery message email – it could be a package scam https://nakedsecurity.sophos.com/2020/05/13/beware-the-dhl-delivery-message-email-it-could-be-a-package-scam/ Microsoft joins encrypted DNS club with Windows 10 option https://nakedsecurity.sophos.com/2020/05/15/microsoft-joins-encrypted-dns-club-with-windows-10-option/ Criminal forum trading stolen data suffers ironic data breach https://nakedsecurity.sophos.com/2020/05/13/criminal-forum-trading-stolen-data-suffers-ironic-data-breach/ Woman...

Southern Fried Security

The CyberJungle

The CyberWire

Nuisance-level hacktivism. Ongoing cyberespionage and cybercriminal campaigns. EU unhappy with Russia’s hacking the Bundestag. CISA has a new cybersecurity resource.

Nuisance-level hacktivism continues to surround US protests. The Higaisa APT is active in Southeast Asia. Goblin Panda is back, with USB-borne malware. A new strain of ransomware is described: “Tycoon.” The EU considers whether to sanction Russia over the GRU’s hack of Germany’s Bundestag. CISA launches a new public resource for cybersecurity. Zulfikar Ramzan from RSA on cybersecurity and...

Slacktivism and vandalism in a time of unrest. Ransomware operators continue to evolve. Email voting. Looking up how-to-guides to cybercrime during social isolation.

Protest groups sustain DDoS attacks, too. Old school denial-of-service afflicts police radio networks in Chicago: they’re being jammed with talk, music, and other noise. Influencers and wannabes continue to use unrest as an occasion for on-line branding. The Sodinokibi gang is selling data stolen in ransomware attacks, and Maze seems to be establishing a criminal cartel. Is email to...

The Silver Bullet

The Social-Engineer

Threatpost

Podcast: Why Identity Access Management is the New Perimeter

DivvyCloud discusses the changing nature of identity access management (IAM) - and what kind of challenges and opportunities that is creating for businesses.

Podcast: Shifting Cloud Security Left With Infrastructure-as-Code

Companies are looking to "shift left" with Infrastructure-as-Code (IaC) security capabilities to improve developer productivity, avoid misconfigurations and prevent policy violations.

Troy Hunt Weekly

Weekly Update 194

Cybersecurity Blogger Awards; HIBP Wiped a Ticketing System with a SQLi Email; The MPD “Hack” (that wasn’t); The “Lead Hunter” Breach; Sponsored by NordVPN https://www.troyhunt.com/weekly-update-194/

Weekly Update 193

The Privacy Impact of Returning to Restaurants Post COVID-19; HIBP “Fan Mail”; 6 New Data Breaches in HIBP; Sponsored by NordVPN https://www.troyhunt.com/weekly-update-193/

Unsupervised Learning

Unsupervised Learning: No. 231

US Protests & Unrest, Trump Goes Into the Bunker, NSA Warns on Exim, Octopus Scanner, Stanford's SIO Virality Project, Windows 10 Update, SHA-1 Deprecated in SSH, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Support the show.

Unsupervised Learning: No. 230

Twitter Bots, Face Recognition Headsets, Chrome Bug Memories, Virtual Currency, White House OPSEC, Realtime Language Translation, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Support the show.

Analysis of the 2020 Verizon Data Breach Report

In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. He looks at the key findings and talks about what they might mean to us going forward.Support the show.