Encryption, Intrusion detection, Social engineering, Threat hunting

PSW #654

June 5, 2020

Octopus Scanner Sinks Tentacles into GitHub Repositories, RobbinHood and the Merry Men, Zoom Restricts End-to-End Encryption to Paid Users, Hackers steal secrets from US nuclear missile contractor, and Had a bad weekend? Probably, if you’re a Sectigo customer, after root cert expires and online chaos ensues!Visit https://www.securityweekly.com/psw for all the latest episodes!
Full Episode Show Notes

Root Cert Chaos, Octopus Scanner, & RobbinHood & the Merry Men

Hosts

Doug White

Doug White – Professor

Joff Thyer

Joff Thyer – Security Analyst

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Announcements

  • Join us at InfoSecWorld 2020 – June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!

Paul delivers a Technical Segment on Lightweight Vulnerability Management using NMAP!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Full Episode Show Notes

Lightweight Vulnerability Management Using NMAP

Hosts

Doug White

Doug White – Professor

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Announcements

  • Learn how hidden vulnerabilities lead to application compromise in our next webcast with Snyk! Our second June webcast will be with Google Cloud teaching you how to prevent account takeover attacks! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Sponsored By

sponsor
Visit https://securityweekly.com/gravwell for more information!

Threat hunting activities often require packet capture analysis but capturing and storing PCAP at scale is rough. This segment covers open source tools for collecting packet captures on demand within a threat hunting use case in Gravwell.

To learn more about Gravwell, visit: https://securityweekly.com/gravwell
To check out Packet Fleet, visit: https://github.com/gravwell/ingesters/tree/master/PacketFleetVisit https://www.securityweekly.com/psw for all the latest episodes!
Full Episode Show Notes

PCAPS Or It Didn’t Happen- Corey Thuen

https://github.com/gravwell/ingesters/tree/master/PacketFleet

https://github.com/google/stenographer

https://www.gravwell.io/blog/pcap-collection-and-analysis-on-demand-with-gravwell-packet-fleet

Hosts

Doug White

Doug White – Professor

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Guests

Corey Thuen

Corey Thuen – Co-Founder

Announcements

  • Layer 8 is Going Virtual! The conference will still be held on Saturday June 6th. Security Weekly listeners save $20 on their ticket by visiting layer8conference.com and using the promo code “SecurityWeekly” before selecting your ticket type! Please consider supporting Layer8 or one of their partner organizations when purchasing your ticket! Some of the Security Weekly team will be in our own channel on the Layer8 Discord server answering questions and possibly doing some contests!
prestitial ad