Security Weekly
Paul's Security WeeklySubscribe
Careers, Leadership, Social engineering

As Long As You’re Happy – PSW #685

This week, we welcome Phillip Wylie, instructor at INE, to discuss Offensive Cybersecurity Education and Getting Started in Pentesting! In the second segment, I will personally be walking you through "How to Build a Kick-Ass PC"! Finally, In the Security News, Calling all people who know how to patch MS Exchange servers, we need you, Rockwell Automation PLC flaws and what you can't do about it, a book review I agree with, be careful what you expose at home, yet another Chrome 0day, jailbreak your iPhone, the cybersecurity consolidation, and taking back the term "Hacker", for real this time!

His book: https://www.wiley.com/en-us/The+Pentester+BluePrint%3A+Starting+a+Career+as+an+Ethical+Hacker-p-9781119684305

The Pwn School Project meetup: https://pwnschool.com/

INE (https://ine.com), Phillip's employer offers a free starter pass for training in four different areas of technology; Penetration Testing Student, Getting started in networking, Azure fundamentals, first steps in data science with Python: https://checkout.ine.com/starter-pass

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Offensive Cybersecurity Education and Getting Started in Pentesting – Phillip Wylie – PSW #685

Phillip will discuss his passion for offensive cybersecurity education, mentoring, and getting started in pentesting. He co-authored a book based on his conference talk "The Pentester Blueprint: Starting a Career as an Ethical Hacker." He will also talk about his community involvement with the Innocent Lives Foundation, The Pwn School Project, and Hacking is NOT a Crime.

His book: https://www.wiley.com/en-us/The+Pentester+BluePrint%3A+Starting+a+Career+as+an+Ethical+Hacker-p-9781119684305

The Pwn School Project meetup: https://pwnschool.com/

INE (https://ine.com), Phillip's employer offers a free starter pass for training in four different areas of technology; Penetration Testing Student, Getting started in networking, Azure fundamentals, first steps in data science with Python: https://checkout.ine.com/starter-pass

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Phillip Wylie
Phillip Wylie
Offensive Cyber Security Instructor at INE

Phillip Wylie is an offensive cybersecurity instructor and practitioner with over two decades of information technology and cybersecurity experience. During his 9-year offensive cybersecurity career, he was worked as a pentester, web app pentester, and red team operator. When Phillip is not hacking, he is educating others. Phillip is the founder of The Pwn School Project, an education-focused cybersecurity organization. He co-authored the book, “The Pentester Blueprint: Starting a Career as an Ethical Hacker” based on his popular talk presented at numerous industry events. He is an Innocent Lives Foundation Ambassador and a ‘Hacking is NOT a Crime’ Advocate. Phillip’s uncommon journey into the field of cybersecurity is preceded by his colorful past as a pro wrestler, where he once wrestled a bear.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Doug White
Doug White
Professor at Roger Williams University
Jeff Man
Jeff Man
Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

2. How To Build A Kick-Ass PC – PSW #685

Paul recently built a new PC for daily work and security-related tasks. Its a monster PC! The build was researched heavily, and in this segment Paul will share all the tips and tricks to you can build the same or similar PC!

Gallery Images

PaulsPCBuild-0-1.pdfGallery image for How To Build A Kick-Ass PC – PSW #685 segment from PPWorksGallery image for How To Build A Kick-Ass PC – PSW #685 segment from PPWorks

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Doug White
Doug White
Professor at Roger Williams University
Jeff Man
Jeff Man
Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

3. Patching Exchange Servers, Book Reviews, Rockwell, & Forgotten AM Broadcasts – PSW #685

This week, In the Security News, Calling all people who know how to patch MS Exchange servers, we need you, Rockwell Automation PLC flaws and what you can't do about it, a book review I agree with, be careful what you expose at home, yet another Chrome 0day, jailbreak your iPhone, the cybersecurity consolidation, and taking back the term "Hacker", for real this time!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. Review: Perlroth’s book on the cyberarms market
    I am not the only one who finds this book to be, well, just horrible on so many levels. Props to Robert for actually getting through the whole thing, I could not... On a positive note, Perlroth's colleague, David Sanger, did a nice job with "The Perfect Weapon". I did not do a complete fact-check on Sanger's book, but I did enjoy listening to it. There is also Halvar's review, which also points out several more inaccuracies and hyperbole: http://addxorrol.blogspot.com/2021/02/book-review-this-is-how-they-tell-me.html
  2. 2. Chinese Exchange Hack: At Best, Microsoft is Incompetent
    Interesting snippets: "Some suspect it’s a sneaky way to encourage customers to dump on-prem Exchange and use Office 365 instead." and "Alright, just finished patching our server. Started documenting at 9AM, had all steps ready at [noon], and it’s now exactly midnight, only because I’ve never updated Exchange server before and nobody else that’s left in IT knows how to do it."
  3. 3. Why We Need More Blue Team Voices at the Table
    "I'm going to tell you one of the dirty secrets of enterprise cybersecurity. There are a lot of practitioners that secretly wish their company would get attacked. Because at least then, someone would listen to them. These people tend to reside on what we frequently refer to as the blue team."
  4. 4. Microsoft Exchange Zero-Day Attackers Spy on U.S. Targets
    The rabbit hole is even deeper than this: "The fact that Microsoft chose to patch these flaws out-of-band rather than include them as part of next week’s Patch Tuesday release leads us to believe the flaws are quite severe even if we don’t know the full scope of those attacks,” Satnam Narang, staff research engineer at Tenable, said via email."
  5. 5. Russian cybercrime forum hacked, user details exposed. Oh dear. How unfortunate…
  6. 6. Several Cisco Products Exposed to DoS Attacks Due to Snort Vulnerability
    Interesting: "The vulnerability was found during the resolution of a support case and there is no evidence that it has been exploited in malicious attacks."
  7. 7. Is Your Browser Extension a Botnet Backdoor?
    LOL: "The founder and director of Infatica — a resident of Biysk, Russia named Vladimir Fomenko — did not respond to multiple requests for comment."
  8. 8. Okta to Buy Rival Auth0
    Also, Thycotic and Centrify have been merged. If you predicted there would be consolidation in cybersecurity, you'd be correct.
  9. 9. Hacking is not a crime – and the media should stop using ‘hacker’ as a pejorative
    You go Alyssa Miller, go on with ya bad self (we got your back too): "Using the term “hacker” to describe cyber criminals is an unfortunate habit that plagues modern media. The accompanying imagery of hoodie-clad individuals hunched over computer displays in darkened rooms exacerbates the issue. The predominance of associating hacker with cyber criminals has exploded as cyber-attacks and breaches have become regular topics in mainstream media. However, using “hacker” in such a pejorative manner is perilous, both for its lack of precision and the counter-productive impact it can have on society." BRAVO! (See also: https://securityweekly.com/shows/unraveling-your-software-bill-of-materials-alyssa-miller-esw-186/)
  10. 10. Qualys hit with ransomware: Customer invoices leaked on extortionists’ Tor blog
    Official statements from Qualys highlight their response: "Speaking of the actions the firm took to remediate, Qualys's CISO, Ben Carr, said: "The zero-day vulnerability affecting Accellion was discovered by Accellion in another customer’s environment and a hotfix to remediate the vulnerability was released on December 21, 2020. The Qualys IT team applied the hotfix to secure our Accellion FTA server on December 22, 2020."
  11. 11. Home-Office Photos: A Ripe Cyberattack Vector
    "Analysis of images of home-working environments has revealed work email inboxes, internal emails, names of individuals in emails, private web pages, potentially sensitive internal business correspondence, software installed on computers and internal identification numbers of devices"
  12. 12. Scan the whole internet while drinking coffee
  13. 13. Another Chrome zero-day exploit – so get that update done!
    Wondering how this transfers, or if it transfers, to other Chromium-based browsers, such as Chromium and Edge. I'm actually running Edge on Linux. And I actually like it so far.
  14. 14. AnyDesk UDP Discovery Remote Code Execution (CVE-2020-13160) – devel0pment.de
    Amazing write-up, if you are interested in reverse engineering and/or exploit development, this is the post for you. Also, really neat how they were able to reverse the protocol and make changes in the management client.
  15. 15. AnyDesk 5.5.2 Remote Code Execution
  16. 16. Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10
    Yikes: “Any affected Rockwell Logix controller that is exposed on the Internet is potentially vulnerable and exploitable,” said Sharon Brizinov, principal vulnerability researcher at Claroty, one of three organizations Rockwell credited with independently discovering the flaw. “To successfully exploit this vulnerability, an attacker must first obtain the secret key and have the knowledge of the cryptographic algorithm being used in the authentication process.” - SAY WHAT? - "Brizinov said that Claroty notified Rockwell of the vulnerability in 2019. Rockwell didn’t disclose it until Thursday."
  17. 17. Hackers release a new jailbreak tool for almost every iPhone – TechCrunch
  18. 18. Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process
Doug White
Doug White
Professor at Roger Williams University
  1. 1. Exchange servers need to be patched.
  2. 2. TALON surveillance cams can tell if you’ve been naughty or nice.
  3. 3. Global chip shortage may not resolve anytime soon.
  4. 4. Overclocking warranties die as the hobby dies.
  5. 5. GTX 970 rocks. Sure it’s old.
Jeff Man
Jeff Man
Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
  1. 1. New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452
  2. 2. Three Top Russian Cybercrime Forums Hacked — Krebs on Security
  3. 3. GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence – Microsoft Security
  4. 4. Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow
  5. 5. Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection
  6. 6. matt blaze on Twitter
  7. 7. HAFNIUM targeting Exchange Servers with 0-day exploits – Microsoft Security
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
  1. 1. US Telemarketing Biz Exposes 114,000 in Cloud Config Error
    A misconfigured, unsecured AWS S3 bucked belonging to U.S.-based telemarking firm CallX has been found exposed online containing some 114,000 files that include personally identifiable information (PII) belonging to "thousands of customers."
  2. 2. Mitigate Microsoft Exchange Server Vulnerabilities
    Microsoft has released out-of-band security updates to address four vulnerabilities in Exchange Server: CVE-2021-26855 allows an unauthenticated attacker to execute arbitrary code on vulnerable Exchange Servers, enabling the attacker to gain persistent system access, as well as access to files and mailboxes on the server and to credentials stored on that system.
  3. 3. Microsoft says a group of cyberattackers tied to China hit its Exchange email servers
    Microsoft and outside researchers say the China-linked cyber espionage group "Hafnium" has been exploiting four previously undetected vulnerabilities affecting different versions of Microsoft's mail server software in a hacking campaign designed to steal emails from targeted mailboxes. Microsoft and outside researchers say the China-linked cyber espionage group "Hafnium" has been exploiting four previously undetected vulnerabilities affecting different versions of Microsoft's mail server software in a hacking campaign designed to steal emails from targeted mailboxes. The four newly disclosed vulnerabilities in Microsoft Exchange enable malicious actors to bypass authentication, remotely access email accounts, and deploy additional malware and are being tracked as CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.
  4. 4. https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03
    Rockwell recommends users requiring setup or deployment guidance for CIP Security should refer to the deployment reference guide. Users can also refer to Rockwell Automation’s System Security Design Guidelines (https://literature.rockwellautomation.com/idc/groups/literature/documents/rm/secure-rm001_-en-p.pdf) on how to use Rockwell Automation products to improve the security of their industrial automation systems. The authentication vulnerability does not affect CIP Security.
  5. 5. Experts found a critical authentication bypass flaw in Rockwell Automation software
    Researchers have identified a critical authentication bypass vulnerability (CVE-2021-22681) affecting the Logix Designer software used in Rockwall Automation's programmable logic controllers (PLCs) that could be exploited by unauthenticated, remote attackers to bypass verification mechanisms, connect to Logix controllers, and alter a controller's configuration.
  6. 6. NSA Publishes Guidance on Adoption of Zero Trust Security
    The U.S. National Security Agency (NSA) has issued a document titled "Embracing a Zero Trust Security Model" to provide guidance to security professionals on how they can adopt and implement a "Zero Trust" security model to more adequately secure sensitive data.
  7. 7. Working Windows and Linux Spectre exploits found on VirusTotal
    Working exploits targeting Linux and Windows systems not patched against Spectre were found by security researcher Julien Voisin on VirusTotal. The exploits require local access and a non-patched system.
  8. 8. Boat Building Giant Beneteau Says Cyberattack Disrupted Production
    French boat maker Groupe Beneteau is working on restoring operations after falling victim to a cyber-attack roughly ten days ago. After discover they reported the deployment of a backup application and systems.
  9. 9. Over 8 million COVID-19 test results leaked online
    Indian government websites have inadvertently leaked the COVID-19 test results of more than eight million West Bengali citizens, according to researchers and Bleeping Computer. Malicious actors have leveraged the pandemic to enhance social engineering campaigns, and the publicly leaked PII in this incident could be used to advance these operations.
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

Related

Careers
Career Ladders In Information Security – Marc French – BSW Vault

Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020. Marc French has more than 25 years of technology experience in engineering, operations, product management, and security. Prior to his current role at CISO at Product Security Group, Marc was the SVP & Chi...
prestitial ad