Lots of Smoke – PSW #635
This week, in the Security News, A Powerful GPG collision attack spells the end for SHA-1, an unpatched Citrix Flaw now has PoC Exploits, a Lottery hacker gets 9 months for his 5 cut of the loot, Windows 10 has a security flaw so severe the NSA disclosed it, and PayPal patches a high severity password vulnerability! In our second segment, we welcome Ryan Speers & Jeff Spielberg of River Loop Security, to talk about Embedded Product Security: Left of Ship! In our final segment, we will be airing our Hacker Culture Roundtable, recorded from the Security Weekly Christmas Extravaganza, with a boatload of hosts from the Security Weekly Family!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The world continues to see a proliferation of highly insecure IoT/embedded products. How can companies making embedded products design security in from the start, and why don t they do it today? Importantly, security needs to be baked in while remaining lean and moving quickly towards an MVP product. Discussions will range from hardware chip selection, cryptographic protocol design, and firmware security -- both at the design and security pen test phases.
Jeff Spielberg is a managing partner of River Loop Security. An electrical engineer by training, his primary cybersecurity interests and research focus on low-level hardware reverse engineering on embedded devices. He has performed security penetration testing on a wide array of embedded devices and often works on secure design and architecture projects for critical embedded and IoT applications.
Ryan is a managing partner of River Loop Security and has assessed a wide range of embedded devices, finding vulnerabilities by physical attacks, network access, firmware reversing, and other techniques. He has led design of remediations or new systems, frequently focusing on their cryptographic protocols and protections. Ryan is also known for his research on the security of radio protocols, including IEEE 802.15.4/ZigBee and maintenance of the KillerBee framework frequently used to assess these protocols.
We discuss the details and impact of the latest flaw, disclosed by NSA, in Windows 10 that allows attackers to pass off malware as signed applications and so much more. The Citric Netscaler vulnerability is a rare remote-easy-to-exploit opportunity for attackers. The crew also talks about book recommendations, backdoors in crypto (and why its bad), conspiracy theories and more!
This is the Hacker Culture Roundtable discussion from the Security Weekly Christmas podcast marathon and features almost all of our hosts and special guests.
Hacking is a term used to describe the activity of modifying a product or procedure to alter its normal function, or to fix a problem. The term purportedly originated in the 1960s, when it was used to describe the activities of certain MIT model train enthusiasts who modified the operation of their model trains. They discovered ways to change certain functions without re-engineering the entire device. These curious individuals went on to work with early computer systems where they applied their curiosity and resourcefulness to learning and changing the computer code that was used in early programs. To the general public, a "hack" became known as a clever way to fix a problem with a product, or an easy way to improve its function.
Bill has devoted his career to protecting critical infrastructure and Fortune100 companies from advanced cyber threats. He brings direct experience with being on the front lines, and an in-depth understanding of the challenges our customers are faced with — and what problems they are wanting to solve. Bill has a proven track record of creating, developing, and managing strong technical teams needed to provide Incident Response, Digital Forensics, Vulnerability Assessment, Penetration Testing, and Policy enforcement for large (Fortune 150) corporations such as CenturyLink and Sprint.
Trent is a seasoned security professional with a distinguished career defending a Tier 1 Network from skillful adversaries. His versatile background in both offense and defense has helped him architect visionary security solutions that are deployed within numerous Fortune 500 Companies. He is an established Security Researcher who has reported vulnerabilities in organizations like Microsoft, Google and Southwest Airlines. He is also the creator of ‘OvRfLoW’ (Microsoft Flow Attack Framework). Trent is a key contributor to Government Cyber Exercises like Cyber Shield and Cyber Storm. He has also built relationships on Threat Intelligence Sharing by speaking at the Network Security Information Exchanges (NSIE,) National Defense Information Sharing and Analysis Center (ND-ISAC) and Multilateral Network Security Information Exchanges (MNSIE.) Trent has worked with industry partners and government agencies to dismantle botnets like “3ve” and “themoon”.