Paul's Security Weekly Subscribe

It Compiled & It Ran – Paul’s Security Weekly #595

February 22, 2019

This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years! Full Show Notes: https://wiki.securityweekly.com/Episode595 To learn more about our sponsor Black Hills Information Security, visit: https://securityweekly.com/bhis To see the SILENTTRINITY code itself on Github, visit: https://github.com/byt3bl33d3r/SILENTTRINITY Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://sec

View Show Index

Full Audio

Segments

1. SILENTRINITY Updates, BHIS –

Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTRINITY!

Sign up for the BHIS Mailing List to receive updates about upcoming webcasts, blogs, and open-source tools from our testers at: https://securityweekly.com/bhis

Full Show Notes: https://wiki.securityweekly.com/Episode595

Hosts

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Jason Wood

Senior Researcher at CrowdStrike

Joff Thyer

Joff Thyer

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Larry Pesce

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Matt Alderman

Matt Alderman

VP, Product at Living Security

2. Steve Brown, SecureWorld Keynote –

Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation!

Full Show Notes: https://wiki.securityweekly.com/Episode595

Hosts

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Jason Wood

Senior Researcher at CrowdStrike

Larry Pesce

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Matt Alderman

Matt Alderman

VP, Product at Living Security

3. Passwords, Splunk, & Nest Microphones –

In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years!

Full Show Notes: https://wiki.securityweekly.com/Episode595

Hosts

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Jason Wood

Senior Researcher at CrowdStrike

Joff Thyer

Joff Thyer

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Larry Pesce

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Matt Alderman

Matt Alderman

VP, Product at Living Security

4. Passwords, Splunk, & Nest Microphones – Paul’s Security Weekly #595

In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years! Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

5. Steve Brown, SecureWorld Keynote – Paul’s Security Weekly #595

Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

6. SILENTRINITY Updates, BHIS – Paul’s Security Weekly #595

Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTRINITY! Sign up for the BHIS Mailing List to receive updates about upcoming webcasts, blogs, and open-source tools from our testers at: https://securityweekly.com/bhis Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian

Paul Asadoorian

Founder at Security Weekly

https://securityweekly.com

Related

Our data is our biggest asset, however most organizations do not know where it is! – Trace Woodbury – ISW23 #1

September 25, 2023

With all of the fancy tools, equipment, and logos most organizations are unable to understand where their data is and how it can be accessed. In the world of work from wherever and whenever orgs need a better handle on what this means. Ridge has worked to curate a set of solutions to meet and implement this need! This segment is sponsored by Ridg...

Asset Management

Weaponizing Asset Intelligence: Defending Against Bad Actors – Brian Contos – ISW23 #1

September 25, 2023

As long as there are profits to be made, cybercriminals will continue to monetize enterprise assets—whether they be devices, applications, data, or users. It only takes one weak or unknown asset to compromise an entire organization. Brian will discuss why enterprises need to move away from assumption-based approaches to asset data and decision maki...

Stop Executive & Employee PII Exposure on the Public Web. – Reuben Moretz – ISW23 #1

September 25, 2023

Each employee serves as a potential gateway to their organization, and the personal information of your workforce is readily accessible and exposed on the internet, making the organization susceptible to threats. DeleteMe is the solution that locates and eliminates personal data from the open web, safeguarding your organization. This segment is sp...