PSW #642 | SC Media
Cloud security, Wireless security, Blue team

PSW #642

March 9, 2020

How SHAKEN/STIR and PKI will end the global robocall problem

Link to an article Mark wrote for Dark Reading:

https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285

Link to landing page with more info:
https://www.pkisolutions.com/shakenstir/

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Mark Cooper, PKI Solutions

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Joff Thyer

Joff Thyer – Security Analyst

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Mark Cooper

Mark Cooper – President and Founder

Announcements

  • Our first-ever virtual training is happening on March 19th at 11:00am ET with Adam Kehler & Rob Harvey from the Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming webcasts & trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
  • Join us at InfoSecWorld 2020 – March 30 – April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!

Active Directory & Microsoft Cloud (Azure AD & Office 365) Security, including a breakdown of Microsoft’s security offerings and recommendations for cloud migrations for Active Directory.

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Active Directory, Azure and Windows Security

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Joff Thyer

Joff Thyer – Security Analyst

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Guests

Sean Metcalf

Sean Metcalf – Founder & CTO

Announcements

  • Our first-ever virtual training is happening on March 19th at 11:00am ET with Adam Kehler & Rob Harvey from the Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming webcasts & trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
  • Join us at InfoSecWorld 2020 – March 30 – April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!

Apache Tomcat AJP exploit, malware in AWS, hacker movies and more!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Tomcat, AWS Malware, Hacker Movies

Why Doesn’t Software Get Sold With a List of Ingredients? Allan Friedman talks about the ‘Software Bill of Materials’
Time for cybersecurity to take back control of its story What do yours truly and Sulu have in common? THIS!Black Market White Washing: Why You Shouldn’t Take Legal Advice From Criminals
Backdoor malware is being spread through fake security certificate alerts
Shark Tank TV star loses almost $400,000 in Business Email…
Venezuela Power outage knocked out part of the internet connectivity
Researchers use ultrasound waves vibrating through tables to access cellphones
Apache Tomcat – AJP ‘Ghostcat File Read/Inclusion
WiFi Kr00K and plaintext traffic – and more
Exploiting WiFi OWE

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Joff Thyer

Joff Thyer – Security Analyst

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Announcements

  • Our first-ever virtual training is happening on March 19th at 11:00am ET with Adam Kehler & Rob Harvey from the Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming webcasts & trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
  • Join us at InfoSecWorld 2020 – March 30 – April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
prestitial ad