Bud’s Budtender – PSW #720
This week, we kick off the show with an interview featuring Shailesh Athalye, Senior Vice President of Product Management at Qualys joins to discuss why Cybersecurity is an Unfair Game! Then, we jump straight into the Security News for this week: Stop hiding your secrets in plain sight, Detecting Wildcard DNS Abuse, $5 setup that hacks biometrics, Managing passwords with pen and paper, Windows 10 Zero Days, & why The Matrix (might be) the best hacker movie!! Finally, we close out the show with a special pre-recorded interview featuring Sven Morgenroth, Security Researcher at Netsparker, where we discussed Auth Vulnerabilities!
Visit https://securityweekly.com/qualys to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
1. The 2021 Security Landscape & What Lies Ahead – Shailesh Athalye – PSW #720
What are the key security challenges that customers faced this year? What did attackers do differently in 2021, and why are they succeeding more often? What can we expect in 2022? Shailesh will discuss the latest defense strategies and how security teams can plan for the year ahead.
This segment is sponsored by Qualys.
Visit https://securityweekly.com/ to learn more about them! This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
As Senior Vice President of Product Management, Shailesh leads the product management team and drives the Qualys product vision helping customers assess and improve their IT, security and compliance posture. Since joining Qualys in 2012, he has worked in various security and compliance roles driving innovative solutions, including remote endpoint protection, endpoint detection and response, and SaaS security. In addition, Shailesh headed engineering, research and product management for Qualys Policy Compliance and File Integrity Monitoring, where he helped customers go beyond compliance to drive their IT GRC objectives. Before Qualys, he focused on security research for Symantec ESM and Compliance solutions. Shailesh holds a master’s degree in computer applications (MCA) from the Vishwakarma Institute of Technology and has various security certifications including CISA, CRISC, CISM. He is also a regular speaker at industry conferences.
2. Bypassing Biometrics, Hiding in Plain Sight, Hacker Cinema, & High Aspirations – PSW #720
In the Security News for this week: Stop hiding your secrets in plain sight, Detecting Wildcard DNS Abuse, $5 setup that hacks biometrics, Managing passwords with pen and paper, Windows 10 Zero Days, & why The Matrix (might be) the best hacker movie!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
- 1. Don’t Hide Your Secrets in Plain SightPretty good write-up of some of the ways in which to store and access secrets in AWS.
- 2. VirusTotal Introduces ‘Collections’ to Simplify IoC SharingPretty neat addition to the platform: "Collections...are live reports that contain, alongside a title and an optional description, a group of IoCs such as domain addresses, file hashes, IPs, and URLs, which can be enhanced with VirusTotal analysis metadata."
- 3. How Decryption of Network Traffic Can Improve SecurityAgree or Disagree? - "Today, it’s nearly impossible to tell the good from the bad without the ability to decrypt traffic securely."
- 4. Play Your Cards Right: Detecting Wildcard DNS Abuse
- 5. Printing Shellz: Critical bugs impacting 150 HP printer models patchedThis is so interesting: "while the scanner board communicates with the communication board using normal network, the printer board seems to use CAN bus to interact with the formatter, making the architecture of this MFP somewhat similar to vehicles" Shodan is proof some people don't do this: "Secondly, since an attacker in the same network segment can exploit the vulnerability by communicating directly to JetDirect TCP/IP port 9100, it is recommended to place the printers into a separate, firewalled VLAN" Full research (A GREAT read): https://labs.f-secure.com/assets/BlogFiles/Printing-Shellz.pdf
- 6. SmartNICs set to infiltrate enterprise networks
- 7. How Red Canary and Microsoft can help reduce your alert fatigue – Microsoft Security Blog
- 8. Zoom Launches Auto-Update Feature For Windows And Mac ClientsHave to give Zoom some credit here: "Their most recent step in this regard has been the launch of end-to-end encryption followed by two-factor authentication." and now they have automatic updates. Though does not appear to support Linux clients for me and the other person using the Linux client.
- 9. Multiple Vulnerabilities Spotted In Zoom Video Conferencing AppOh and they fixed a couple of vulnerabilities: "Following the report from the researcher, Zoom patched both the vulnerabilities with the latest releases. Users can take a look at the list of affected products shared in Zoom’s advisory to know about the security status of their apps. Whereas it’s ideal to ensure still updating the respective Zoom apps to the latest releases to receive any patches anyway."
- 10. Hacking Fingerprints With a $5 Setup To Bypass Biometric AuthenticationAwesome: "For our final step, we add some wood glue on top of the print to bring to life a fake fingerprint that we can use on a scanner."
- 11. Organizations Now Have an Average 76 Security Tools to Manage
- 12. Attackers exploiting Windows Installer vulnerability despite patching
- 13. Thousands of AT&T customers in the US infected by new data-stealing malware
- 14. Despite the popularity of password managers, many still use pen and paper – Help Net Security
- 15. Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
- 16. Insulet OmniPod Insulin Management System vulnerability
- 17. New Windows 10 zero-day gives admin rights, gets unofficial patch
- 18. This stealthy malware hides behind an impossible date
- 19. ‘The Matrix’ Is the Best Hacker Movie
- 20. “High” aspirations: 5 cannabis jobs you never knew existed
- 21. Perv dubbed ‘Dr Magic Flute’ claimed he could cure women’s cancer by having sex
3. Authentication Vulnerabilities – PSW #720
Sven will present common vulnerabilities and issues that arise when implementing authentication and authorization in web applications.
This segment is sponsored by Invicti.
Visit https://securityweekly.com/invicti to learn more about them!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Sven Morgenroth is a security researcher at Netsparker. He found filter bypasses for Chrome’s XSS auditor and several web application firewalls. He likes to exploit vulnerabilities in creative ways and has hacked his smart TV without even leaving his bed. Sven writes about web application security and documents his research on the Netsparker blog.