Wednesday, June 19, 2019

7 Minute Security

7MS #367: DIY Two-Hour Risk Assessment

This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free! Hey! I'm on the road again - this time with a tale encompassing: How to conduct a mini risk assessment in just two hours. Some ways to consider adding value : A discussion of administrative and physical controls Create a network inventory using nmap and Eyewitness Conduct an external vulnerability scan with (https://www.tenable.com/products/nessus/nessus-professional) or OpenVAS How a guy with a gun turned a four-hour road trip into an epic eight hour adventure. Enjoy 🙂

7MS #366: Tales of Internal Pentest Pwnage – Part 3

This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free! Today's episode was recorded on the way to a new assessment, and since I had nothing but miles and time in front of me, I covered two major stories (probably not in order of importance): Why I had two get two haircuts in under and hour (spoiler: it's so I didn't look like an idiot for my client)! An internal pentesting pwnage story - including network and physical security this time around! Enjoy!

Brakeing Down Security

2019-023-Tanya Janca, Dev Slop, DevOps tools for free or cheap

Announcements: InfoSec Campout Conference (Eventbrite, social contract, etc): https://www.infoseccampout.com All Day Devops (https://www.alldaydevops.com) free talks online... Next conference starts 06 November 2019 ------ Tanya Janca (@shehackspurple) @wosectweets - Women of Security DevOps Tools for free/cheap.     They are all on github right, so...

2019-022-Chris Sanders-Rural_Tech_Fund-embracing_the_ATT&CK_Matrix

ANNOUNCEMENTS: INFOSEC CAMPOUT TICKETS ARE STILL ON SALE. Go to https://www.infoseccampout.com for Eventbrite link and more information.     Part 2 of our Discussion with Chris Sanders (@chrissanders88) Topics discussed: Companies dropping existing frameworks for ATT&CK Matrix, why? Rural Technology Fund - What it...

Crypto-Gram

Crypto-Gram May 15, 2019

In this issue: China Spying on Undersea Internet Cables G7 Comes Out in Favor of Encryption Backdoors Defending Democracies Against Information Attacks Protecting Yourself from Identity Theft First Physical Retaliation for a Cyberattack Leaked NSA Hacking Tools from the May 15, 2019 Crypto-Gram Newsletter by Bruce Schneier read by Dan Henage

Crypto-Gram April 15, 2019

In this issue: CAs Reissue Over One Million Weak Certificates Zipcar Disruption First Look Media Shutting Down Access to Snowden NSA Archives Mail Fishing TajMahal Spyware New Version of Flame Malware Discovered from the April 15, 2019 Crypto-Gram Newsletter by Bruce Schneier read by Dan Henage

Cyber Security Interviews

#071 – Renaud Deraison: Complexity Breeds Insecurity

Renaud Deraison is known in the global security community as the father of the Nessus vulnerability scanner. His original creation, Nessus, celebrated its 15th anniversary in 2013 and is considered the de facto standard for vulnerability scanning worldwide. Renaud co-founded Tenable Network Security in 2002. As Chief Technology Officer, he drives product strategy and development.… The post #071 – Renaud Deraison: Complexity Breeds Insecurity appeared first on Cyber Security Interviews.

#070 – Lorrie Cranor: Help Open The Doors

Lorrie Faith Cranor is the Director and Bosch Distinguished Professor in Security and Privacy Technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She also directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program. In 2016… The post #070 – Lorrie Cranor: Help Open The Doors appeared first on Cyber Security Interviews.

Darknet Diaries

Ep 40: No Parking

Take a ride with a red teamer. A physical penetration tester as he tries to make his away into unauthorized areas, steal sensitive documents, hack into the computers, and escape with company property.This episode was sponsored by CMD. Securing Linux systems is hard, let CMD help you with that. Visit https://cmd.com/dark to get a free demo.This episode was sponsored by Hostinger. Go to https://hostinger.com/darknet and use code DARKNET to get 15% off a hosting plan and check out this week’s free feature.For complete show notes and links go to darknetdiaries.com.Learn more about your ad choices. Visit megaphone.fm/adchoices

Ep 39: 3 Alarm Lamp Scooter

A talk at Defcon challenged people to find a way to destroy a hard drive. A young man was inspired by this challenge and was determined to find a way to destroy a hard drive. But this is not a typical young man, with a typical plan.For pictures of Daniel and his projects visit darknetdiaries.com/episode/39.This episode was sponsored by Nord VPN. Visit nordvpn.com/darknet and use promo code "DARKNET".This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet.Learn more about your ad choices. Visit megaphone.fm/adchoices

Defensive Security

Defensive Security Podcast Episode 236

Get well soon, Mr. Kalat!

Defensive Security Podcast Episode 235

https://www.theregister.co.uk/2019/03/20/steffan_needham_aws_rampage_prison_sentence_voova/https://www.zdnet.com/google-amp/article/study-shows-programmers-will-take-the-easy-way-out-and-not-implement-proper-password-security/https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/https://matrix.org/blog/2019/04/11/security-incident/index.html

Down The Security Rabbithole

Deeper Into the Microsoft Security Ecosystem

Thank you to Microsoft for sponsoring this show, and our podcast over the years...   Highlights from this week's show include... Rob discusses what "Microsoft Threat Protection" is, isn't, and why it's relevant today Rob gives us some context to "trillions of signals" - what does that mean? Rob provides perspective on the pillars of operational excellence required to make Microsoft's vision a reality in damn-near-real-time Rafal and Rob discuss what the ecosystem looks like, and how it's being released into production Rob answers whether Microsoft consumes its own tools… the answer may surprise you Guest: Rob Lefferts -...

DtSR Episode 350 – Deep Learning on Deep Packets

Show Note: As most of you know, this show has long refused to use advertisements, or ad revenue to keep itself going. That said, I openly welcome organizations who have something interesting to say and some extra marketing dollars to give, to sponsor an episode while still going through the same vetting process as everyone else. This is one of those shows. This week James and Rafal are joined by Saumitra Das, the Chief Technology Officer for an interesting little start-up called Blue Hexagon. If you find yourself nodding along and interested in hearing more, we encourage you to go...

Open Source Security

Episode 150 – Our ad funded dystopian present

Josh and Kurt talk about the future Chrome and ad blockers. There is a lot of nuance to unpack around this one. There are two versions of the Internet today. One with an ad blocker and one without. The Internet without an ad blocker is a dystopian nightmare. The actionable advice at the end of this one is to use Firefox.

Episode 149 – Chat with Michael Coates about data security

Josh and Kurt have a chat with Michael Coates from Altitude Networks. We cover what Altitude is up to as well as general trends we're seeing around data security in the cloud. Michael lays out his vision for "data first security".

Episode 148 – You just got pwnt, what now?

Josh and Kurt talk about public disclosure. We start out with a story about Canva, then discuss what do you do if you have a security incident? Who do you tell, what do you tell them. How do you tell your story? It's a really hard problem even if it's something you've done many times in the past.

OWASP 24/7

The Vanity of Diversity

Let's not talk around the subject here... women are under represented when it comes to speaking or participating in tech conferences. It's a male dominated culture. When I saw Lani Rosales had published, "The Ultimate list of Austin women who can speak at your tech event" in response to the complaint that there are no women speakers available in the tech industry, I called her right away. As co-founder of the world's largest DevOps conference, All Day DevOps, and as one of the core organizers of the global DevSecOps Days series of events, I wanted to hear how the list...

Creating Internal Tech Conferences

I produced my first concert at the San Anselmo Playhouse in 1979. It was the first in a series of events that has lasted 40 years. I have produced more than 300 events and participated in many hundreds more as a speaker and participant. As the producer of this many events, I have an internal map of what to do to make an event successful, the steps to create and manage the logistics of an event, and how to promote them. All Day DevOps, a live online conference I co-founded with Derek Weeks, has over 30,000 registrations yearly. This...

Purple Squad Security

Episode 57 – Tinker After Dark – Tinker Tales by the Fire

There were more than a few of you who were anxiously awaiting his return, and he’s back!  Tinker joins me once again to share some stories from his adventures in hackerland.  In addition, I have given Tinker free reign to speak as he chooses, and naturally I participate as well.  Fair warning, this is not safe for work or sensitive ears.  I do ask that you try not to be offended, as his stories...

Episode 56 – John Reads: Choose Your Own Red Team Adventure

A few weeks ago, Sam King on Twitter mentioned me in a tweet that included a link to a Medium post, but not just any Medium post.  Tim MalcomVetter had posted up an “Choose Your Own Red Team Adventure”, which I thought was just amazing!  I used to read a lot of choose your own adventure books as a kid, so I was naturally excited!  For this episode, I will be going through the...

Risky Business

Feature podcast: An interview with Jim Baker, former general counsel, FBI

This is the first edition of a new series of podcasts we’re doing here at Risky.Biz that will focus on cyber policy issues. The Hewlett Foundation approached us a while back to see if we’d be interested in doing this series we jumped at the opportunity. The Foundation funds a lot of interesting people and work in the cybersecurity space. So the idea is pretty simple: we can talk to some of Hewlett’s grant recipients or experts in its network about pressing policy issues and turn those conversations into podcasts. The whole idea is to get some policy perspectives out...

Risky Business #545 — US Government loses control of customs mugshot database

On this week’s show Adam Boileau and Patrick Gray discuss the week’s news, including: CBP loses photo and license plate database Some Android phones shipped with backdoor Info on Google’s cloud outage USG ramps up “defend forward” Trump and Mnuchin can’t get their stories straight on Huawei The latest from Baltimore, more on that RDP bug TalkTalk hacker sentenced Much, much more This week’s show is brought to you by Remediant! Remediant CEO Tim Keeler will be along this week to have a chinwag. We’ll talk about how simple security tech is really en...

SANS ISC

ISC StormCast for Wednesday, June 19th 2019

Critical Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707Bitdefender Releases GandCrap Decryptor https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behind/Google Launches New

ISC StormCast for Tuesday, June 18th 2019

TCP SACK Panic DoS in Linux https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md https://tools.ietf.org/html/rfc879Logitech Pointer Recall

ISC StormCast for Monday, June 17th 2019

Whats App Phishing https://www.heise.de/newsticker/meldung/Phishing-Mails-gaukeln-Ende-von-WhatsApp-Abonnement-vor-4447165.htmlEncrypted EMail Phishing https://www.bleepingcomputer.com/news/security/phishing-scam-asks-you-to-login-to-read-encrypted-message/Android Apps Link to

Security Now

SN 719: Exim Under Siege

• A new DRAM problem called "RAMBleed"• A bad Linux TCP SACK server kernel crashing flaw• Last week's patch Tuesday• A Bluetooth surprise• Another useless warning about the BlueKeep vulnerability• Microsoft misses a 90-day Tavis Ormandy deadline• Good news about GandCrab wrapup• Yubico's entropy mistake• Post-announce SQRL news• Our favorite iOS security app• Attacks on Exim mail servers and other pending disastersWe invite you to read our show notes at https://www.grc.com/sn/SN-719-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For...

SN 718: Update Exim Now!

• SandboxEscaper drops another 0-day• The still-not-yet-widely-exploited BlueKeep vulnerability• GoldBrute Botnet pounding on RDP servers (but not yet using BlueKeep)• The FBI issued an interesting advisory about not trusting secure sites just because they're secure• VLC receives 33 security bug fixes• Microsoft's Edge browser takes another step forward• Mozilla reorganizes• MUST HAVE utility of the week: DNS Query Sniffer• The first formal full release of SQRL• Anyone running an Exim mail server needs to update immediately!We invite you to read our show notes at https://www.grc.com/sn/SN-718-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now....

Security Weekly

Buzzword Bingo – Application Security Weekly #65

This week, we interview Shannon Lietz, the Director Information Security at Intuit, to talk about DevOps! In the Application Security News, there's no escape that will save you..., the privilege of running a Chrome extension, and Four practices towards DevSecOps!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode65   Visit https://www.securityweekly.com/asw for all the latest episodes! Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly

Nerdy Love Fest – Paul’s Security Weekly #608

This week, we welcome Peter Smith, Founder and CEO of Edgewise, to talk about Edgewise's 1 Click Micro Segmentation! In the second segment, we welcome back Corey Thuen, Co-Founder and CEO of Gravwell, to talk about security analytics using the new Sysmon DNS Logging that dropped this week! In the Security News, the rise of purple teaming, the World's largest beer brewer sets up a Cybersecurity team, a mystery signal shutting down key fobs in an Ohio neighborhood, why hackers ignore most security flaws, and warnings of real world-wide worm attacks are the real deal!   To get involved...

Shared Security

US Customs and Border Protection Data Breach, Sign in with Apple, Leaked Facebook Emails

This is your Shared Security Weekly Blaze for June 17th 2019 with your host, Tom Eston. In this week’s episode: the US Customs and Border Protection data breach, the new sign in with Apple button, and more leaked Facebook emails. Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order during checkout. Visit...

Quest Diagnostics Data Breach, Google’s Network Outage, US Visa Applicants and Social Media Names

This is your Shared Security Weekly Blaze for June 10th 2019 with your host, Tom Eston. In this week’s episode: the Quest Diagnostics and LabCorp Data Breach, what happens to your smart devices when the Internet goes down, and US visa applicants now required to share their social media names. Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity”...

Smashing Security

132: CBP cyber attack, an iPhone privacy boost, and Twitter list abuse

United States Customs and Border Protection had sensitive data stolen, but the hackers didn't have to breach its network. Apple has ambitious plans to make iPhone users safer online. And trolls are using Twitter lists to target their victims. All this and much much more is discussed in the latest edition of the MULTI-AWARD-WINNING "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis. Visit https://www.smashingsecurity.com/132 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our...

131: Zap yourself from the net, and patch now against BlueKeep

Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after your murder your podcast co-host? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who aren't joined by a special guest this week. Visit https://www.smashingsecurity.com/131 to check out this episode’s show notes and episode links. Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes. Remember: Subscribe on Apple Podcasts, or your favourite...

Sophos

Ep. 028 – SPEWS, Android security and scary Facebook messages

The Naked Security podcast tells you how to make your web signup forms safer, explains how Android phones can be used as security tokens, and looks into a Facebook "hidden message" that escaped into the wild.. With Anna Brading. Paul Ducklin and Matthew Boddy. This week's links: https://nakedsecurity.sophos.com/serious-security-how-web-forms-can-steal https://nakedsecurity.sophos.com/android-phones-transformed-into-anti-phishing https://nakedsecurity.sophos.com/facebook-admits-supply-chain-data-leak Music by: https://purple-planet.com/

Ep. 027 – Honeypots, GPS rollover and the MySpace data vortex

The Naked Security podcast reveals how long you can expect to go unnoticed online before crooks first come knocking on your door, explains why we still have applications where bandwidth is in such tight supply that every bit matters, and comes up with a new vocabulary for "data loss" when it happens on the scale of MySpace's music file implosion. With Anna Brading, Paul Ducklin, Matthew Boddy and Benedict Jones. This week's links: https://nakedsecurity.sophos.com/knock-and-dont-run https://nakedsecurity.sophos.com/ep-025 https://nakedsecurity.sophos.com/serious-security-gps-week-rollover https://nakedsecurity.sophos.com/myspace-songs-come-back Music by: https://purple-planet.com/

Ep. 026 – Android bloatware, hackable routers and website attacks

The Naked Security podcast looks into the annoying problem of bloatware on Android phones, explains a zero-day bug in a TP-Link router and how it turned into bad PR, and gives you advice on how to keep crooks out of your web server. With Anna Brading, Paul Ducklin, Matthew Boddy and Benedict Jones. This week's links: https://nakedsecurity.sophos.com/preinstalled-android-software https://nakedsecurity.sophos.com/tp-link-router-zero-day https://nakedsecurity.sophos.com/supermarket-patches-its-web Music by: https://purple-planet.com/

Southern Fried Security

Episode 100: Episode 208 – All Good Things…

It's been 9 years and over 210 different content items since we started this thing in January of 2010.  As much as we hate it we feel it's time to end this project and start thinking about What Comes Next. Don't worry - the episodes and website aren't going anywhere anytime soon so you'll still be able to download all the content.  We're also discussing some new ideas to stay engaged with the cybersecurity community so you'll want to keep this feed live on your podcast listening device to catch updates on where we are on that. All of...

Episode 99: Episode 207 – On the Front Porch with Yvette and Brandon

It's another Front Porch episode! Yvette talks to her friend Brandon Clark as his first novel "Ransomware" is about to be released.  "Ransomware" is part of Brandon's "Killchain Chronicles" series that will be coming out over time. You can find the book here:  https://www.amazon.com/gp/product/1732651108/ We will be back soon with more great new content.

The CyberJungle

The CyberJungle Episode406: * Around The Corner: Life After Google, by George Gilder * DarkWeb: XYRO CISO Steve Tcherchian on EHR, Ransomware and Healthcare...

Jan 7, 2019: * Around The Corner: Life After Google, by George Gilder * DarkWeb: XYRO CISO Steve Tcherchian on EHR, Ransomware and Healthcare InfoSec * Hacking attacks on your router: Why the worst is yet to come * It’s time for Apple to stop playing it safe * Meet the new Diet iPhone: Could a fresh formula boost Apple's bottom line?. See Show Notes/Links for Episode 406 at http://www.thecyberjungle.com

The CyberJungle Episode405: * SANS Netword Security: EXCLUSIVE-Tim Medin, Founder of Red Siege * PFIC2018: EXCLUSIVE-Joe McManus, CISO Automox * 0day: Embedded vids in MSFTOffice...

Oct 31, 2018: * SANS Netword Security: EXCLUSIVE-Tim Medin, Founder of Red Siege * PFIC2018: EXCLUSIVE-Joe McManus, CISO Automox * 0day: Embedded vids in MSFTOffice docs can hide malware * Deloitte: CEO and Board Risk Management Survey * DarkWeb: Laptop-Carrying Fed Infects Gov Network. See Show Notes/Links for Episode 405 at http://www.thecyberjungle.com

The CyberWire

Power grids, accidents, the challenge of forensics, and the nature of deterrence. BlueKeep considerations. Third- and fourth-party risks.

Investigation into Argentina’s power failure continues, with preliminary indications suggesting “operational and design errors were responsible for the outage. Russia reacts to reports that the US staged malware in its power grid. Iran says it stopped US cyberespionage. ISIS worries about its vulnerability to BlueKeep. A breach at EatStreet illustrates some of the features of third-party risk. Ben Yelin...

Cyber deterrence? What grid failure looks like (and it needn’t come from a cyberattack). EU complains of Russian info ops. Twitter takes down inauthentic...

The New York Times reports that the US has staged malware in Russia’s power grid, presumably as deterrence against Russian cyberattacks against the US. South America has largely recovered from a large-scale power outage that seems, so far, to have been accidental. An EU report claims that Russian information operations against the EU are increasing. Twitter takes down more...

The Silver Bullet

Show 150: Filippo Valsorda discusses programming languages and the dynamic world of cryptography

Listen as Gary and Filippo discuss programming languages and the role they play in software security, getting started in cryptography, open source security, blockchain and cryptocurrency, and more.

Show 149: Brittany Postnikoff discusses the maker culture and the problems with robots

Listen as Gary and Brittany discuss the maker culture, including embedded security for new technologies such as 3D printers and hands-on electronics, the problems with robots, from movement to the ethics of human-robot interactions, and more.

The Social-Engineer

Ep. 107 – All Your Bias Are Belong to Us with Paolo Gaudiano

Biases – we all have them.  Are they useful? What do they tell us about ourselves or corp culture? And most importantly, how can a social engineer use them. Join us with Paolo Gaudiano in this excellent podcast. July 09, 2018 Contents Download Get Involved Download Ep. 107 – All Your Bias Are Belong to Us with Paolo Gaudiano Get Involved Got a great idea for an upcoming podcast? Send us a quick message on the contact form! Enjoy the Outtro Music? Thanks to Clutch for allowing us to use Son of Virginia as our new SEPodcast Theme Music And check out a schedule for all our training...

Threatpost

Podcast: Behind-the-Scenes Look at Scattered Canary BEC Cybergang

At Infosecurity Europe, Threatpost gets a behind-the-scenes look at the discovery of BEC cybergang Scattered Canary.

Troy Hunt Weekly

Weekly Update 143

Presently sponsored by: Twilio: Learn what regulations like PSD2 mean for your business, and how Twilio can help you achieve secure, compliant transactionsWell this was a big one. The simple stuff first - I'm back in Norway running workshops and getting ready for my absolute favourite event of the year, NDC Oslo. I'm also talking about Scott's Hack Yourself First UK Tour where he'll be hitting up Manchester, London and Glasgow with public workshops. Tickets are still available at those and it'll be your last chance for a long time to do that event in the UK.Then there's Project...

Weekly Update 142

Presently sponsored by: Live Workshop! Watch the Varonis DFIR team investigate a cyberattack using our data-centric security stackI made it to the Infosecurity hall of fame! Yesterday was an absolutely unreal experience that was enormously exciting:It was an absolute honour to induct the fantastic @troyhunt into the @Infosecurity @InfosecurityMag Hall of Fame today at #Infosec19. Troy is a credit to our industry and also a really great guy. Congrats Troy, so well deserved 👏🏼 pic.twitter.com/grN4aALypV— Eleanor Dallaway (@InfosecEditor) June 6, 2019 But that wasn't all, there was also the European Security Blogger awards a couple of days...

Unsupervised Learning

Unsupervised Learning: No. 182

The US is supposedly ramping up attacks against Russian power grid through the use of new cyberattack powers granted by Trump. I am happy to hear of this, but it's an example of where we as outsiders can only know a tiny fragment of the story. But any signs that this administration sees Russia as a foe, and are treating it as such, are positive in my view. MoreAdobe is entering the deepfakes arena...

Unsupervised Learning: No. 181

Some absolutely fascinating research has just come out on what percentages and types of vulnerabilities are actually exploited in the wild. It found that only 5.5% of vulnerabilities discovered between 2009 and 2018 were actually exploited, with most of those being issues with a CVSS score of 9 or 10. The best part of the paper, however, was a discussion of optimal patching strategies, where they looked at different methodologies for what to patch...

Grit is the Ultimate Privilege

An argument that we should acknowledge grit as one of the most powerful causal factors in success, and figure out ways to bring its benefits to everyone.Support the show.