Paul's Security Weekly Subscribe

Donut Jokes – Paul’s Security Weekly #584

November 30, 2018

Full Audio

View Show Index

Segments

1. Wietse Venema & Dan Farmer, SATAN –

Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN), talk about their experience as developers, their journey to creating SATAN and their decision to keep SATAN a open source tool.

Full Show Notes: https://wiki.securityweekly.com/Episode584

Hosts

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Principal Consultant, Team Lead for Research at TrustedSec

https://www.trustedsec.com/

Sr. InfoSec Consultant at Online Business Sytems

https://www.obsglobal.com/

Product Security Research and Analysis Director at Finite State

@haxorthematrix

https://www.finitestate.io/, https://breakstuffforfun.com/

Senior Sales Engineer at Barkly

2. Sven Morgenroth, Netsparker

Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo.

Full Show Notes: https://wiki.securityweekly.com/Episode584 To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly

Hosts

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Principal Consultant, Team Lead for Research at TrustedSec

https://www.trustedsec.com/

Sr. InfoSec Consultant at Online Business Sytems

https://www.obsglobal.com/

Product Security Research and Analysis Director at Finite State

@haxorthematrix

https://www.finitestate.io/, https://breakstuffforfun.com/

Senior Cyber Advisor at Lawrence Livermore National Laboratory

Senior Sales Engineer at Barkly

3. “Dunkin” Donuts, Microsoft, & Marijuana –

Hackers breach Dunkin Donuts, how insiders are serious threats to security in an organization, the return of email flooding, Microsoft helps police shut down fake tech support in India, and how Las Vegas police are cracking down on Black Market marijuana sales!

Full Show Notes: https://wiki.securityweekly.com/Episode584

Hosts

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Principal Consultant, Team Lead for Research at TrustedSec

https://www.trustedsec.com/

Sr. InfoSec Consultant at Online Business Sytems

https://www.obsglobal.com/

Product Security Research and Analysis Director at Finite State

@haxorthematrix

https://www.finitestate.io/, https://breakstuffforfun.com/

Senior Cyber Advisor at Lawrence Livermore National Laboratory

Senior Sales Engineer at Barkly

4. “Dunkin” Donuts, Microsoft, & Marijuana – Paul’s Security Weekly #584

Hackers breach Dunkin Donuts, how insiders are serious threats to security in an organization, the return of email flooding, Microsoft helps police shut down fake tech support in India, and how Las Vegas police are cracking down on Black Market marijuana sales! Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly

5. Wietse Venema & Dan Farmer, SATAN – Paul’s Security Weekly #584

Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN), talk about their experience as developers, their journey to creating SATAN and their decision to keep SATAN a open source tool. Full Show Notes: https://wiki.securityweekly.com/Episode584 Follow us on Twitter: https://www.twitter.com/securityweekly

6. Sven Morgenroth, Netsparker – Paul’s Security Weekly #584

Sven will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function. He will show the format of serialized PHP Objects, explain PHP's magic methods and how to write an exploit for a PHP Object Injection vulnerability during his technical demo. Full Show Notes: https://wiki.securityweekly.com/Episode584 To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly Follow us on Twitter: https://www.twitter.com/securityweekly

Related

5G Hackathons – Casey Ellis – BTS #28

April 24, 2024

Casey recently was involved in an event that brought hackers and 5G technology together, tune-in to learn about the results and how we can use bug bounty programs to improve the security of "things". This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

Vulnerability Management

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland… – SWN #380

April 23, 2024

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News.

Network Security

The Challenges of Managing Security in an IT/OT Environment – John Germain – CSP #171

April 23, 2024

For manufacturing companies, technology has taken over a good deal of the day-to-day operations occurring on the manufacturing floor. Things like robotics, CNC machines and automated inventory management. There are even systems that track what tools are used, by whom and for how long. This technology often works outside of or flies under the radar ...