Paul's Security WeeklySubscribe
Vulnerability Management, Security Staff Acquisition & Development

Bud’s Budtender – PSW #720

Full Audio

View Show Index

Segments

1. The 2021 Security Landscape & What Lies Ahead – Shailesh Athalye – PSW #720

What are the key security challenges that customers faced this year? What did attackers do differently in 2021, and why are they succeeding more often? What can we expect in 2022? Shailesh will discuss the latest defense strategies and how security teams can plan for the year ahead.

Segment Resources: https://www.qualys.com/cloud-platform/

This segment is sponsored by Qualys.

Visit https://securityweekly.com/ to learn more about them! This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!

Sponsored By

Qualys

Announcements

  • In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.

Guest

Sr. Vice President, Product Management at Qualys

As Senior Vice President of Product Management, Shailesh leads the product management team and drives the Qualys product vision helping customers assess and improve their IT, security and compliance posture. Since joining Qualys in 2012, he has worked in various security and compliance roles driving innovative solutions, including remote endpoint protection, endpoint detection and response, and SaaS security. In addition, Shailesh headed engineering, research and product management for Qualys Policy Compliance and File Integrity Monitoring, where he helped customers go beyond compliance to drive their IT GRC objectives. Before Qualys, he focused on security research for Symantec ESM and Compliance solutions. Shailesh holds a master’s degree in computer applications (MCA) from the Vishwakarma Institute of Technology and has various security certifications including CISA, CRISC, CISM. He is also a regular speaker at industry conferences.

Hosts

Principal Security Researcher at Eclypsium
Professor at Roger Williams University
Sr. InfoSec Consultant at Online Business Sytems
Retired Senior Cyber Advisor at Lawrence Livermore National Laboratory
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

2. Bypassing Biometrics, Hiding in Plain Sight, Hacker Cinema, & High Aspirations – PSW #720

In the Security News for this week: Stop hiding your secrets in plain sight, Detecting Wildcard DNS Abuse, $5 setup that hacks biometrics, Managing passwords with pen and paper, Windows 10 Zero Days, & why The Matrix (might be) the best hacker movie!

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Principal Security Researcher at Eclypsium
  1. 1. Don’t Hide Your Secrets in Plain Sight
    Pretty good write-up of some of the ways in which to store and access secrets in AWS.
  2. 2. VirusTotal Introduces ‘Collections’ to Simplify IoC Sharing
    Pretty neat addition to the platform: "Collections...are live reports that contain, alongside a title and an optional description, a group of IoCs such as domain addresses, file hashes, IPs, and URLs, which can be enhanced with VirusTotal analysis metadata."
  3. 3. How Decryption of Network Traffic Can Improve Security
    Agree or Disagree? - "Today, it’s nearly impossible to tell the good from the bad without the ability to decrypt traffic securely."
  4. 4. Play Your Cards Right: Detecting Wildcard DNS Abuse
  5. 5. Printing Shellz: Critical bugs impacting 150 HP printer models patched
    This is so interesting: "while the scanner board communicates with the communication board using normal network, the printer board seems to use CAN bus to interact with the formatter, making the architecture of this MFP somewhat similar to vehicles" Shodan is proof some people don't do this: "Secondly, since an attacker in the same network segment can exploit the vulnerability by communicating directly to JetDirect TCP/IP port 9100, it is recommended to place the printers into a separate, firewalled VLAN" Full research (A GREAT read): https://labs.f-secure.com/assets/BlogFiles/Printing-Shellz.pdf
  6. 6. SmartNICs set to infiltrate enterprise networks
  7. 7. How Red Canary and Microsoft can help reduce your alert fatigue – Microsoft Security Blog
  8. 8. Zoom Launches Auto-Update Feature For Windows And Mac Clients
    Have to give Zoom some credit here: "Their most recent step in this regard has been the launch of end-to-end encryption followed by two-factor authentication." and now they have automatic updates. Though does not appear to support Linux clients for me and the other person using the Linux client.
  9. 9. Multiple Vulnerabilities Spotted In Zoom Video Conferencing App
    Oh and they fixed a couple of vulnerabilities: "Following the report from the researcher, Zoom patched both the vulnerabilities with the latest releases. Users can take a look at the list of affected products shared in Zoom’s advisory to know about the security status of their apps. Whereas it’s ideal to ensure still updating the respective Zoom apps to the latest releases to receive any patches anyway."
  10. 10. Hacking Fingerprints With a $5 Setup To Bypass Biometric Authentication
    Awesome: "For our final step, we add some wood glue on top of the print to bring to life a fake fingerprint that we can use on a scanner."
  11. 11. Organizations Now Have an Average 76 Security Tools to Manage
  12. 12. Attackers exploiting Windows Installer vulnerability despite patching
  13. 13. Thousands of AT&T customers in the US infected by new data-stealing malware
  14. 14. Despite the popularity of password managers, many still use pen and paper – Help Net Security
  15. 15. Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
  16. 16. Insulet OmniPod Insulin Management System vulnerability
  17. 17. New Windows 10 zero-day gives admin rights, gets unofficial patch
  18. 18. This stealthy malware hides behind an impossible date
  19. 19. ‘The Matrix’ Is the Best Hacker Movie
  20. 20. “High” aspirations: 5 cannabis jobs you never knew existed
  21. 21. Perv dubbed ‘Dr Magic Flute’ claimed he could cure women’s cancer by having sex
Professor at Roger Williams University
Sr. InfoSec Consultant at Online Business Sytems
Security Analyst at Black Hills Information Security
Retired Senior Cyber Advisor at Lawrence Livermore National Laboratory
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

3. Authentication Vulnerabilities – PSW #720

Sven will present common vulnerabilities and issues that arise when implementing authentication and authorization in web applications.

This segment is sponsored by Invicti.

Visit https://securityweekly.com/invicti to learn more about them!

Sponsored By

Invicti

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Security Researcher at Netsparker

Sven Morgenroth is a security researcher at Netsparker. He found filter bypasses for Chrome’s XSS auditor and several web application firewalls. He likes to exploit vulnerabilities in creative ways and has hacked his smart TV without even leaving his bed. Sven writes about web application security and documents his research on the Netsparker blog.

Host

Principal Security Researcher at Eclypsium

Related

You can skip this ad in 5 seconds