A 55 Gallon Drum Cut In Half – PSW #668

October 1, 2020

This week, in our first segment, Paul will take you through his process for creating a docker container for running NGINX as an RTMP proxy for streaming video to multiple services; complete with SSL and authentication! In our second segment, we welcome Chris Sanders, Founder of the Applied Network Defense & Rural Technology Fund, to talk about Intrusion Detection Honeypots! In the Security News, Rumored Windows XP Source Code Leaked Online, Hospitals hit by countrywide ransomware attack, China-linked 'BlackTech' hackers start targeting U.S, a 13-year-old student was arrested for hacking school computers, Who caused the 14 state Monday 911 outage, and A Return to 'Hackers' Is "Being Actively Considered," Says Director!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. NGINX As An RTMP Proxy – PSW #668

Paul will discuss his process for creating a docker container for running NGINX as an RTMP proxy for streaming video to multiple services; complete with SSL and authentication.

Announcements

It's official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly's 15th Anniversary. Visit securityweekly.com/unlocked to submit your presentation & register for free!

Hosts

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Jeff Man

Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems

https://www.obsglobal.com/

Joff Thyer

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

trob#6466

http://darkelement.io/

2. Intrusion Detection Honeypots: Detection Through Deception – Chris Sanders – PSW #668

Intrusion Detection Honeypots are fake services, data, and tokens placed inside the network to lure attackers into interacting with them to give away their presence. If you can control what the attacker sees and thinks, you can control what the attacker does.

Announcements

Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Chris Sanders

Founder at Applied Network Defense & Rural Technology Fund

http://www.appliednetworkdefense.com

Chris Sanders is a security instructor, author, and consultant. He is the founder of Applied Network Defense and the Director of the Rural Technology Fund. He is the author of Applied Network Security Monitoring and Practical Packet Analysis. His research is focused on the intersection of cognitive psychology and security investigations.

Hosts

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Jeff Man

Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems

https://www.obsglobal.com/

Joff Thyer

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

trob#6466

http://darkelement.io/

3. Ryuk Ransomware Attack, Windows XP Server Leak, & Potential Return to ‘Hackers’ – PSW #668

In the Security News, Rumored Windows XP Source Code Leaked Online, Hospitals hit by countrywide ransomware attack, China-linked 'BlackTech' hackers start targeting U.S, a 13-year-old student was arrested for hacking school computers, Who caused the 14 state Monday 911 outage, and A Return to 'Hackers' Is "Being Actively Considered," Says Director!

Announcements

Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Hosts

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Jeff Man

Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems

https://www.obsglobal.com/

Joff Thyer

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

trob#6466

http://darkelement.io/

Vulnerability management

Super(conductive) Graphene, Yandex Leak, No Fly Lists, & Thinkpad Servers – PSW #771

February 1, 2023

In the Security News for this week: defending against cleaning services, catastrophic mutating events and the future, myths and misconceptions, finding vulnerabilities in logs (And not log4j), SSRF leads to RCE with a PoC, SQLi with XSS bypasses WAF FTW, thinkpad as a server, RPC directory traversal for the win, just directory traversal for the win...

Vulnerability management

The Power of Purple Teaming: Using Runbooks to Standardize and Collaborate – Dan DeCloss – PSW #771

February 1, 2023

In a recent survey on purple teaming, 89 percent of respondents who had used the method deemed purple teaming activities “very important” to their security operations. Purple teaming exercises conducted regularly have the power to improve collaboration across teams, ensure issues are identified and remediated more proactively, and provide a means t...

Threat intelligence

The Trends and Future with Cloud (PaaS and IaaS) – Erik Hart – CSP #107

January 31, 2023

Join Erik Hart, CISO at Cushman & Wakefield, and Eden Naftali, CTO Operations at Wiz, for a discussion around key trends in the cloud with the rapid pace of innovation and new technologies in IaaS and PaaS. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them!

A 55 Gallon Drum Cut In Half – PSW #668

Full Audio

Segments

1. NGINX As An RTMP Proxy – PSW #668

Announcements

Hosts

2. Intrusion Detection Honeypots: Detection Through Deception – Chris Sanders – PSW #668

Announcements

Guest

Hosts

3. Ryuk Ransomware Attack, Windows XP Server Leak, & Potential Return to ‘Hackers’ – PSW #668

Announcements

Hosts

Related

Super(conductive) Graphene, Yandex Leak, No Fly Lists, & Thinkpad Servers – PSW #771

The Power of Purple Teaming: Using Runbooks to Standardize and Collaborate – Dan DeCloss – PSW #771

The Trends and Future with Cloud (PaaS and IaaS) – Erik Hart – CSP #107