Security Weekly
Paul's Security WeeklySubscribe

Donut Jokes – Paul’s Security Weekly #584

This week, Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN) Sven Morgenroth of Netsparker will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function, and the crew will wrap the show with the Security News! Full Show Notes: https://wiki.securityweekly.com/Episode584 To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly Follow us on Twitter: https://www.twitter.com/securityweekly  

View Show Index

Full Audio

Segments

1. Wietse Venema & Dan Farmer, SATAN –

Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN), talk about their experience as developers, their journey to creating SATAN and their decision to keep SATAN a open source tool.

Full Show Notes: https://wiki.securityweekly.com/Episode584

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jeff Man
Jeff Man
Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
Not Kevin
Not Kevin
Senior Sales Engineer at Barkly

2. Sven Morgenroth, Netsparker

Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo.

Full Show Notes: https://wiki.securityweekly.com/Episode584

To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jeff Man
Jeff Man
Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Not Kevin
Not Kevin
Senior Sales Engineer at Barkly

3. “Dunkin” Donuts, Microsoft, & Marijuana –

Hackers breach Dunkin Donuts, how insiders are serious threats to security in an organization, the return of email flooding, Microsoft helps police shut down fake tech support in India, and how Las Vegas police are cracking down on Black Market marijuana sales!

Full Show Notes: https://wiki.securityweekly.com/Episode584

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jeff Man
Jeff Man
Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems
Larry Pesce
Larry Pesce
Product Security Research and Analysis Director at Finite State
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Not Kevin
Not Kevin
Senior Sales Engineer at Barkly

4. “Dunkin” Donuts, Microsoft, & Marijuana – Paul’s Security Weekly #584

Hackers breach Dunkin Donuts, how insiders are serious threats to security in an organization, the return of email flooding, Microsoft helps police shut down fake tech support in India, and how Las Vegas police are cracking down on Black Market marijuana sales! Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

5. Wietse Venema & Dan Farmer, SATAN – Paul’s Security Weekly #584

Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN), talk about their experience as developers, their journey to creating SATAN and their decision to keep SATAN a open source tool. Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

6. Sven Morgenroth, Netsparker – Paul’s Security Weekly #584

Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo. Full Show Notes: https://wiki.securityweekly.com/Episode584 To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

Related

Privacy
Bringing Transparency and Security to IoT with ioXt – Grace Burkard – ESW #310

The ioXt Alliance is a group of manufacturers, industry alliances, labs, and government organizations, dedicated to harmonizing best security practices and establishing testable standards. Our goal is to bring security, upgradability and transparency to the market and directly into the hands of consumers. Come learn about Smart Product security and...
prestitial ad