Cloud Security, Attack surface mgmt, Bug bounties, Configuration management, Attack simulation

SWN #8

January 31, 2020

 

 

DEFCON is cancelled!, Coronavirus , Ragnarok Ransomware Runs Ragged Rapidly, and 20 Board Members realize that Cybersecurity is more than just some guy named Ned in the Basement. All the show summaries and more.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Coronavirus, Ragnarok Ransomware, Ned In The Basement, Cisco

Security Weekly News — Week of 31 — January — 2020

  1. Coronavirus cancels DEFCON!
  2. State Department China Advisory
  3. Cruise ship passengers quarantined in Italy
  4. Avast suddenly stops selling your data to third parties and shutters Jumpshot
  5. How to shut off Avast data collection
  6. Cyberinsurance rates rise due to increased ransoms being paid in Q4 2019
  7. Technical Report of Bezo’s phone hack was acquired and released
  8. Apple’s state of the art security actually enabled the Bezo’s phone hack?
  9. Charges against Coalfire Red Team dropped in Dallas County Courthouse case.
  10. A critical patch for opensmtpd is released to stop a Morris like worm.
  11. Cisco launches an IoT and operational technology architecture
  12. The UK proposes stricter controls on the IoT you are buying.
  13. GE Healthcare devices have security flaws that allow Remote access, et. al.
  14. Board members of 20 major organizations, in a study, realized that cybersecurity risk was an existential threat.
  15. Chipotle and Target CISOs talk about repurposing employees into Cybersecurity roles.
  16. Tecmo Bowl, an ancient video game is reborn as an 8$ kitsch just prior to the Super Bowl.

Hosts

Doug White

Doug White – Professor

Guests

Announcements

  • Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.

This week, Dr. Doug Talks Billion USD Bitcoin Mystery Solved, Russian Bears Doxed, Oracle, Zoom Snooping, and Drugs, all this and show wrap ups on the Security Weekly News Wrap Up! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Billions of Bitcoins, Drugs, Zoom Snooping, & Doxing Russian Bears

None

Hosts

Doug White

Doug White – Professor

Sponsored By

sponsor
Visit https://securityweekly.com/rapid7 for more information!

Dr. Doug reviews all of the latest cyber security news and then discusses incident response strategy and scenario exercising with Joshua Harr, Sr. Advisory Services Consultant at Rapid7.

This segment is sponsored by Rapid7.

Visit https://securityweekly.com/rapid7 to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Virgin Hyperloops, GhiMod, Torisma, & Joshua Harr, Rapid7

None

Hosts

Doug White

Doug White – Professor

Guests

Joshua Harr

Joshua Harr – Sr. Advisory Services Consultant

This week, Doug talks Tianfu, Ghimob, Scalper bots, Animal Jam, Pay2Key, the Sad State Of 2FA, all this and Doug’s Threat of the Week on the Security Weekly News Wrap Up! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Tianfu, Ghimob, Scalper Bots, Animal Jam, & Pay2Key – Wrap Up

None

Hosts

Doug White

Doug White – Professor

This week, Dr. Doug talks Bumble, Facebook Scams, Mudge, CISA, Hidden Cobra, and Lazarus Group! All this and Jason Wood returns for Expert Commentary on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Facebook Scams, Mudge, CISA, & Hidden Cobra

Porn, Bumble, facebook scams, Mudge, CISA, Hidden Cobra, and along with Jason Wood.

Hosts

Doug White

Doug White – Professor

Jason Wood

Jason Wood – Founder; Primary Consultant

This week, Dr. Doug talks about IoT Legislature, Krebs is fired, DNS, Joff Thyer, Clearview, Cicada, and Funny Dream as well as the show Wrap Ups! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Krebs Fired at CISA, DNS Is Not Your Friend, & ‘Stone Panda’ – Wrap Up

None

Hosts

Doug White

Doug White – Professor

Sponsored By

sponsor
Visit https://cybrary.it/solved for more information!

Building High Performing Security Teams – The Skills Gap vs The Talent Shortage:

Cybrary CEO and Co-Founder Ryan Corey sits down with Security Weekly to chat about the trends they are seeing in Cybersecurity skill development among high performing teams. Ryan will share some highlights from Cybrary’s recent Cybersecurity Skills Gap Survey Report.

This segment is sponsored by Cybrary. Visit https://cybrary.it/solved to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

New Magecart Attacks, GoDaddy DNS Attacks, & Ryan Corey

None

Hosts

Doug White

Doug White – Professor

Guests

Ryan Corey

Ryan Corey – CEO & Co-Founder

This week, Dr. Doug talks Krebs, slack, docker vulnerabilities, Jeff Man finds fake news, a massive IoS article, and UEFI, all this and show wrap ups on the Security Weekly News Wrap Up! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

UEFI Trickboot, Krebs, Slack, & Docker Vulns – Wrap Up

None

Hosts

Doug White

Doug White – Professor

Sponsored By

sponsor
Visit https://securityweekly.com/synopsys for more information!

This week, Dr. Doug talks Amnesia:33, the NSA, IoT Laws, Trickbot returns from the dead, & IRS tax ID Pins! Tim Mackey, Principal Security Strategist at Synopsys, joins us for Expert Commentary to discuss the impact of the supreme court taking up the case of how broad the CFAA is and its impact on security research!

This segment is sponsored by Synopsys.

Visit https://securityweekly.com/synopsys to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Amnesia:33, NSA, IoT, Trickbot, & Tim Mackey

None

Hosts

Doug White

Doug White – Professor

Guests

Tim Mackey

Tim Mackey – Principal Security Strategist

This week, Dr. Doug talks Steam flaws, Zuck gets zucked, Black Mirror, Kerberos flaws in Windows, and the 15th Anniversary/Unlocked show! All this and show wrap ups on the Security Weekly News Wrap Up! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Steam Flaws, Kerberos Exploit, Facebook Lawsuit, & Black Mirror – Wrap Up

None

Hosts

Doug White

Doug White – Professor

This week, Dr. Doug talks about U.S Agencies hit by Foreign Adversaries, SolarWinds, New PyMicropsia Trojan, SoRel-20M, Naughty Cyberpunk 2077 glitches, and the return of Jason Wood! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

PyMicropsia Trojan, Alphabet Outages, SolarWinds, & Jason Wood

None

Hosts

Doug White

Doug White – Professor

Jason Wood

Jason Wood – Founder; Primary Consultant

prestitial ad