Donut Jokes – Paul’s Security Weekly #584

This week, Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN) Sven Morgenroth of Netsparker will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function, and the crew will wrap the show with the Security News! Full Show Notes: https://wiki.securityweekly.com/Episode584 To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly Follow us on Twitter: https://www.twitter.com/securityweekly  

View Show Index

Full Audio

Segments

1. Wietse Venema & Dan Farmer, SATAN –

Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN), talk about their experience as developers, their journey to creating SATAN and their decision to keep SATAN a open source tool.

Full Show Notes: https://wiki.securityweekly.com/Episode584

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Not Kevin
Not Kevin
Senior Sales Engineer at Barkly

2. Sven Morgenroth, Netsparker

Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo.

Full Show Notes: https://wiki.securityweekly.com/Episode584

To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Not Kevin
Not Kevin
Senior Sales Engineer at Barkly

3. “Dunkin” Donuts, Microsoft, & Marijuana –

Hackers breach Dunkin Donuts, how insiders are serious threats to security in an organization, the return of email flooding, Microsoft helps police shut down fake tech support in India, and how Las Vegas police are cracking down on Black Market marijuana sales!

Full Show Notes: https://wiki.securityweekly.com/Episode584

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Not Kevin
Not Kevin
Senior Sales Engineer at Barkly

4. “Dunkin” Donuts, Microsoft, & Marijuana – Paul’s Security Weekly #584

Hackers breach Dunkin Donuts, how insiders are serious threats to security in an organization, the return of email flooding, Microsoft helps police shut down fake tech support in India, and how Las Vegas police are cracking down on Black Market marijuana sales! Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

5. Wietse Venema & Dan Farmer, SATAN – Paul’s Security Weekly #584

Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN), talk about their experience as developers, their journey to creating SATAN and their decision to keep SATAN a open source tool. Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

6. Sven Morgenroth, Netsparker – Paul’s Security Weekly #584

Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo. Full Show Notes: https://wiki.securityweekly.com/Episode584 To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
prestitial ad