As Long As You’re Happy – PSW #685
Full Audio
View Show IndexSegments
1. Offensive Cybersecurity Education and Getting Started in Pentesting – Phillip Wylie – PSW #685
Phillip will discuss his passion for offensive cybersecurity education, mentoring, and getting started in pentesting. He co-authored a book based on his conference talk "The Pentester Blueprint: Starting a Career as an Ethical Hacker." He will also talk about his community involvement with the Innocent Lives Foundation, The Pwn School Project, and Hacking is NOT a Crime.
His book: https://www.wiley.com/en-us/The+Pentester+BluePrint%3A+Starting+a+Career+as+an+Ethical+Hacker-p-9781119684305
The Pwn School Project meetup: https://pwnschool.com/
INE (https://ine.com), Phillip's employer offers a free starter pass for training in four different areas of technology; Penetration Testing Student, Getting started in networking, Azure fundamentals, first steps in data science with Python: https://checkout.ine.com/starter-pass
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Phillip Wylie is an offensive cybersecurity instructor and practitioner with over two decades of information technology and cybersecurity experience. During his 9-year offensive cybersecurity career, he was worked as a pentester, web app pentester, and red team operator. When Phillip is not hacking, he is educating others. Phillip is the founder of The Pwn School Project, an education-focused cybersecurity organization. He co-authored the book, “The Pentester Blueprint: Starting a Career as an Ethical Hacker” based on his popular talk presented at numerous industry events. He is an Innocent Lives Foundation Ambassador and a ‘Hacking is NOT a Crime’ Advocate. Phillip’s uncommon journey into the field of cybersecurity is preceded by his colorful past as a pro wrestler, where he once wrestled a bear.
Hosts
2. How To Build A Kick-Ass PC – PSW #685
Paul recently built a new PC for daily work and security-related tasks. Its a monster PC! The build was researched heavily, and in this segment Paul will share all the tips and tricks to you can build the same or similar PC!
Gallery Images
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Hosts
3. Patching Exchange Servers, Book Reviews, Rockwell, & Forgotten AM Broadcasts – PSW #685
This week, In the Security News, Calling all people who know how to patch MS Exchange servers, we need you, Rockwell Automation PLC flaws and what you can't do about it, a book review I agree with, be careful what you expose at home, yet another Chrome 0day, jailbreak your iPhone, the cybersecurity consolidation, and taking back the term "Hacker", for real this time!
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!
Hosts
- 1. New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452
- 2. Three Top Russian Cybercrime Forums Hacked — Krebs on Security
- 3. GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence – Microsoft Security
- 4. Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
- 5. Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection
- 6. matt blaze on Twitter
- 7. HAFNIUM targeting Exchange Servers with 0-day exploits – Microsoft Security
- 1. US Telemarketing Biz Exposes 114,000 in Cloud Config ErrorA misconfigured, unsecured AWS S3 bucked belonging to U.S.-based telemarking firm CallX has been found exposed online containing some 114,000 files that include personally identifiable information (PII) belonging to "thousands of customers."
- 2. Mitigate Microsoft Exchange Server VulnerabilitiesMicrosoft has released out-of-band security updates to address four vulnerabilities in Exchange Server: CVE-2021-26855 allows an unauthenticated attacker to execute arbitrary code on vulnerable Exchange Servers, enabling the attacker to gain persistent system access, as well as access to files and mailboxes on the server and to credentials stored on that system.
- 3. Microsoft says a group of cyberattackers tied to China hit its Exchange email serversMicrosoft and outside researchers say the China-linked cyber espionage group "Hafnium" has been exploiting four previously undetected vulnerabilities affecting different versions of Microsoft's mail server software in a hacking campaign designed to steal emails from targeted mailboxes. Microsoft and outside researchers say the China-linked cyber espionage group "Hafnium" has been exploiting four previously undetected vulnerabilities affecting different versions of Microsoft's mail server software in a hacking campaign designed to steal emails from targeted mailboxes. The four newly disclosed vulnerabilities in Microsoft Exchange enable malicious actors to bypass authentication, remotely access email accounts, and deploy additional malware and are being tracked as CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.
- 4. https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03Rockwell recommends users requiring setup or deployment guidance for CIP Security should refer to the deployment reference guide. Users can also refer to Rockwell Automation’s System Security Design Guidelines (https://literature.rockwellautomation.com/idc/groups/literature/documents/rm/secure-rm001_-en-p.pdf) on how to use Rockwell Automation products to improve the security of their industrial automation systems. The authentication vulnerability does not affect CIP Security.
- 5. Experts found a critical authentication bypass flaw in Rockwell Automation softwareResearchers have identified a critical authentication bypass vulnerability (CVE-2021-22681) affecting the Logix Designer software used in Rockwall Automation's programmable logic controllers (PLCs) that could be exploited by unauthenticated, remote attackers to bypass verification mechanisms, connect to Logix controllers, and alter a controller's configuration.
- 6. NSA Publishes Guidance on Adoption of Zero Trust SecurityThe U.S. National Security Agency (NSA) has issued a document titled "Embracing a Zero Trust Security Model" to provide guidance to security professionals on how they can adopt and implement a "Zero Trust" security model to more adequately secure sensitive data.
- 7. Working Windows and Linux Spectre exploits found on VirusTotalWorking exploits targeting Linux and Windows systems not patched against Spectre were found by security researcher Julien Voisin on VirusTotal. The exploits require local access and a non-patched system.
- 8. Boat Building Giant Beneteau Says Cyberattack Disrupted ProductionFrench boat maker Groupe Beneteau is working on restoring operations after falling victim to a cyber-attack roughly ten days ago. After discover they reported the deployment of a backup application and systems.
- 9. Over 8 million COVID-19 test results leaked onlineIndian government websites have inadvertently leaked the COVID-19 test results of more than eight million West Bengali citizens, according to researchers and Bleeping Computer. Malicious actors have leveraged the pandemic to enhance social engineering campaigns, and the publicly leaked PII in this incident could be used to advance these operations.