Container security, Cloud Security, Attack surface mgmt, Bug bounties, Configuration management

SWN #12

February 17, 2020

 

 

CIA pwns well, everyone in history, bluetooth hacking, Thousands of Docker Repositories are open to the internet, lots of ransomware, and is Apple giving up passwords?

Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

CIA Pwns Well, Bluetooth Hacking, Lots of Ransomware, Apple Giving up Passwords?

  1. Equifax Hack Info.
  2. Four Chinese Military Hackers indicted in Equifax Breach.
  3. Overconfidence in our security is the mindkiller.
  4. Thousands of Docker Repositories are open to the internet.
  5. Social media hacks and security flaws in Whatsapp.
  6. The CIA and BDN secretly owned Crypto AG for decades and built back doors into government crypto, secretly.
  7. SweynTooth allows to exploit BLE vulnerabilities in bluetooth.
  8. North Miami Beach Police hit with Ransomware for millions.
  9. Puerto Rico loses 2.6 million in phishing scam.
  10. Benton County Washington loses 740k in social engineering phishing attack.
  11. Estee Lauder exposed 440 million internal records.
  12. A Malware Attack on Boston Children’s Hospital Physicians.
  13. Every voter in Israel had their data leaked.
  14. Emotet evolves with new WIFI worm tool that allows spreading emotet to all nearby WIFI devices and networks.
  15. Red Teaming as a Service from Randori.
  16. Chrome will no longer allow insecure downloads.
  17. Apple joins the Fido Alliance to eliminate the use of passwords.
  18. Dell Support Assist Flaw.
  19. 5 Measures to Harden Election Technology.
  20. How can we make Election Technology Secure?
  21. The Billion Dollar campaign for disinformation.
  22. What was the first thing you ever watched on Netflix?

Hosts

Doug White

Doug White – Professor

Guests



This week in the Security Weekly News Wrap Up Dr. Doug talks: Pings are bad, m’kay, Yahoo Answers, Python ipaddress bugs and the curse of octal, Deepfakes, Qualcom, Spectre, First Horizon Bank, & the show Wrap Ups for this week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Yahoo Answer Babbies, Bad Pings, Python Bugs, & Spectre Attacks – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week in the Security Weekly News: Elon, Jerry Lee Lewis, Colonial Pipeline, Net Neutrality redux, Lemon Duck, Rico, & Jason Wood returns for Expert Commentary! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Elon Musk, Colonial Pipeline, Net Neutrality Redux, & Lemon Duck Botnet

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.



This week: Dr. Doug talks Elon tweets, Horse Ridge, Frag Attacks, Lots of Ransomware, Fightin’ Joe Biden, as well as show Wrap Ups & his Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

The Dogefather, Horse Ridge, Frags Return, Ransomware, & Fightin’ Joe – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



Sponsored By


sponsor
Visit https://securityweekly.com/barracuda for more information!

This week: the Security Weekly News, and special guest Fleming Shi joins for an expert commentary where he discusses API security and supply chain attacks, application security, supply chain security, how your supply chain can damage your reputation, and lessons learned from recent attacks on Sunburst!

In the news: Charlie bit my finger, Darkside in the People’s court, Big Sur, Trend Micro, and Russian Keyboards.

This segment is sponsored by Barracuda Networks.

Visit https://securityweekly.com/barracuda to learn more about them! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

DarkSide “Court”, TrendMicro, & Lessons Learned From Supply Chain Attacks

Guests

Fleming Shi

Fleming Shi – CTO at Barracuda Networks

@ShiFleming

Fleming joined Barracuda in 2004 as the founding engineer for the company’s web security product offerings, helping to create the first version of Barracuda’s message archiving product and paving the way for expansion into new content security product areas. As Chief Technology Officer, Fleming leads the company’s threat research and innovation engineering teams in building future technology platforms to deliver continued success in our security and data protection products. He has more than 20 patents granted or pending in network and content security.

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



Nobelium returns, M1RACLES Vuln, Bezos ‘The Devourer of Worlds’, Vulnhub Doug Rants about his Favorite Threat of the Week and more, on this Security Weekly News Wrap-Up! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Nobelium, Bezos, Apple Vulns, SonicWall Patches, & VMware RCM

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week in the Security News Dr. Doug talks: Hillbilly Cannibal Weekend, Siloscape, Amazon is listening, the FBI and the DHS got their eye on you, DHS requirements, Apple Announcements, and Jason Wood returns for his Expert Commentary! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

New Siloscape Malware, Amazon Sidewalk, DarkSide Crypto Repo, & Internet Outages

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.



This week in the Security Weekly News, Dr. Doug talks: Bezos in space, Steam, VMWARE, lots of ransomwmare, Siloscape, TikTok, of course the Show Wrap Ups, and his Favorite Threat for this Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Steam Malware, RCE Bug in VMWare, TikTok Biometrics, & Kubernetes Backdoors – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week in the Security Weekly News, Dr. Doug talks: Bezos in space, Steam, VMWARE, lots of ransomwmare, Siloscape, TikTok, of course the Show Wrap Ups, and his Favorite Threat for this Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Steam Malware, RCE Bug in VMWare, TikTok Biometrics, & Kubernetes Backdoors – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week Dr. Doug talks: Nuclear weapons, astrology, G7, cyber games, and we are joined by of Jason Wood for Expert Commentary on this episode of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Nuclear RDP, Instagram Bugs, Cyber Games, Risk in Utilities, & Crypto-Astrology

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.



This week Dr. Doug talks: Nuclear weapons, astrology, G7, cyber games, and we are joined by of Jason Wood for Expert Commentary on this episode of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Nuclear RDP, Instagram Bugs, Cyber Games, Risk in Utilities, & Crypto-Astrology

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.



This week Dr. Doug talks: Nuclear weapons, astrology, G7, cyber games, and we are joined by of Jason Wood for Expert Commentary on this episode of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Nuclear RDP, Instagram Bugs, Cyber Games, Risk in Utilities, & Crypto-Astrology

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.



This week, Dr. Doug talks: Pinchy Spider, Drones, Biden and Putin, Microsoft, CVS, along with the Show Wrap Ups & his Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Akamai Outages, Microsoft, Cyber Insurance, & Pinchy Spider – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week, Dr. Doug talks: Pinchy Spider, Drones, Biden and Putin, Microsoft, CVS, along with the Show Wrap Ups & his Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Akamai Outages, Microsoft, Cyber Insurance, & Pinchy Spider – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week, Dr. Doug talks: Pinchy Spider, Drones, Biden and Putin, Microsoft, CVS, along with the Show Wrap Ups & his Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Akamai Outages, Microsoft, Cyber Insurance, & Pinchy Spider – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week, Dr. Doug talks: Pinchy Spider, Drones, Biden and Putin, Microsoft, CVS, along with the Show Wrap Ups & his Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Akamai Outages, Microsoft, Cyber Insurance, & Pinchy Spider – Wrap Up

Hosts

Doug White

Doug White – Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.



This week in the Security Weekly News: Aaran Leyland guest hosts and talks Oddball, BDSM Videos, iPhone wifi hacks, South Korea, Russia, Carnival, and Google. All this and
the returning Expert Commentary of Jason Wood! Visit https://www.securityweekly.com/swn for all the latest episodes! Visit https://www.securityweekly.com/swn for all the latest episodes!

Full Episode Show Notes

Special Guest Host, ‘Oddball’ Malware, iPhone WIFI Hacks, & Russian VPN Bans

Hosts

Aaran Leyland

Aaran Leyland – CEO at Restricted Access, Ltd

Founder and Chief Executive Officer of Restricted Access Ltd, an organisation that believes that you need to be prepared by having the correct bespoke documentation and exercise using your documents.
Seasonal Worker for Security Weekly Productions since July 2018
CIR Advisory, Wargaming and Technical Manager at Deloitte 2018-2020
Cyber Security Manager at Royal Air Force 1995-2018

Jason Wood

Jason Wood – Founder; Primary Consultant at Paladin Security

@Jason_Wood

Jason Wood is the founder of Paladin Security and the primary consultant. Prior to starting Paladin Security, Jason was a Principal Security Consultant with Secure Ideas. At Secure Ideas, he performed penetration tests for clients in a wide range of industries. These include health care, financial services, SaaS businesses, government agencies and critical infrastructure.

prestitial ad