Paul's Security Weekly Subscribe

Angry Floppy Birds – Paul’s Security Weekly #574

September 7, 2018

Full Audio

View Show Index

Segments

1. Wim Remes, Wire Security bvba –

Wim Remes from Wire Security bvba comes on the show to talk about pentesting, SDLC, the state of security, life of a (virtual) CISO, and certifications.

Full Show Notes: https://wiki.securityweekly.com/Episode574

Hosts

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Principal Consultant, Team Lead for Research at TrustedSec

https://www.trustedsec.com/

Professor at Roger Williams University

https://securedigitallife.com/

Security Wizard at Co-Founder of Security BSides

http://www.securitybsides.com/w/page/12194156/frontpage

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Senior Sales Engineer at Barkly

Patrick Laverty

Security Consultant at Rapid 7

http://patricklaverty.com/

2. Beacon Analysis, Chris Brenton –

Beacon analysis is an integral part of threat hunting. If you are not looking for beacons you take the chance of missing compromised IoT devices or anything that does not have a threat mitigation agent installed. I'll talk about what makes beacon hunting so hard, and how the open source tool RITA can simplify the process.

Full Show Notes: https://wiki.securityweekly.com/Episode574

Hosts

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Principal Consultant, Team Lead for Research at TrustedSec

https://www.trustedsec.com/

Professor at Roger Williams University

https://securedigitallife.com/

Security Wizard at Co-Founder of Security BSides

http://www.securitybsides.com/w/page/12194156/frontpage

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Senior Sales Engineer at Barkly

Patrick Laverty

Security Consultant at Rapid 7

http://patricklaverty.com/

3. Supermicro, Apache Struts, & HTTPS –

In the security news, Spanish driver tests positive for every drug test, vulnerabilities found in the remote management interface of Supermicro servers, Apache Struts 2 flaw in the wild, HTTPS crypto-shame, and how to manipulate Apple's podcast charts!

Full Show Notes: https://wiki.securityweekly.com/Episode574

Hosts

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Principal Consultant, Team Lead for Research at TrustedSec

https://www.trustedsec.com/

Professor at Roger Williams University

https://securedigitallife.com/

Security Wizard at Co-Founder of Security BSides

http://www.securitybsides.com/w/page/12194156/frontpage

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Senior Sales Engineer at Barkly

Patrick Laverty

Security Consultant at Rapid 7

http://patricklaverty.com/

4. Beacon Analysis, Chris Brenton – Paul’s Security Weekly #574

Beacon analysis is an integral part of threat hunting. If you are not looking for beacons you take the chance of missing compromised IoT devices or anything that does not have a threat mitigation agent installed. I'll talk about what makes beacon hunting so hard, and how the open source tool RITA can simplify the process. Powerpoint Slides in Full Show Notes Full Show Notes: https://wiki.securityweekly.com/Episode574 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly

5. Wim Remes, Wire Security bvba – Paul’s Security Weekly #574

Wim Remes from Wire Security bvba comes on the show to talk about pentesting, SDLC, the state of security, life of a (virtual) CISO, and certifications. Full Show Notes: https://wiki.securityweekly.com/Episode574 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly

6. Supermicro, Apache Struts, & HTTPS – Paul’s Security Weekly #574

In the security news, Spanish driver tests positive for every drug test, vulnerabilities found in the remote management interface of Supermicro servers, Apache Struts 2 flaw in the wild, HTTPS crypto-shame, and how to manipulate Apple's podcast charts! Full Show Notes: https://wiki.securityweekly.com/Episode574 Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly

Related

Vulnerability Management

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland and More.. – SWN #439

December 20, 2024

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News.

Final fundings for 2024, Blackberry sells Cylance cheap, Product Testing Drama – ESW #388

December 19, 2024

In the enterprise security news, a final few fundings before the year closes out Arctic Wolf buys Cylance from Blackberry for cheap, a sentence that feels very weird to say the quiet HTTPS revolution passkeys are REALLY catching on resilience keeps showing up in the titles of news items Apple Intelligence insults the BBC’s intelligence MITRE ATT...

Risk Assessments/Management

D3FEND 1.0: A Milestone in Cyber Ontology – Peter Kaloroumakis – ESW #388

December 19, 2024

Since D3FEND was founded to fill a gap created by the MITRE ATT&CK Matrix, it has come a long way. We discuss the details of the 1.0 release of D3FEND with Peter in this episode, along with some of the new tools they've built to go along with this milestone. To use MITRE's own words to describe the gap this project fills: "it is necessary tha...