Taco Thursday – PSW #669
This week, in our first segment, we welcome Alexander Krizhanovsky, CEO at Tempesta Technologies, to talk about Fast And Secure Web! In our second segment, we welcome Tony Punturiero, Community Manager at Offensive Security, to discuss Assembling Your First Infosec Home Lab! In the Security News, US Air Force slaps Googly container tech on yet another war machine to 'run advanced ML algorithms', Rare Firmware Rootkit Discovered Targeting Diplomats - NGOs, Hackers exploit Windows Error Reporting service in new fileless attack, HP Device Manager vulnerabilities may allow full system takeover, Malware exploiting XML-RPC vulnerability in WordPress, and it's the 10 year anniversary of Stuxnet!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. Fast And Secure Web – Alexander Krizhanovsky – PSW #669
Tempesta FW is an open source hybrid of an HTTPS accelerator and a firewall aiming to accelerate web resources and protect them against DDoS and web attacks. The project is built into the Linux TCP/IP stack to provide performance comparable with the kernel bypass approaches (e.g. using DPDK), but still be well-integrated with the native Linux networking tools. We'll talk about Tempesta FW integration with IPtables/nftables to filter network traffic on all the layers and other tools to protect agains layer 7 DDoS and web attacks.
Announcements
It's official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly's 15th Anniversary. Visit securityweekly.com/unlocked to submit your presentation & register for free!
Guest

Alexander is the CEO of Tempesta Technologies, Inc., and is the architect of Tempesta FW, a high performance open source Linux application delivery controller. Alexander is responsible for the design and performance of several products in the areas of network traffic processing and databases. He designed the core architecture of a Web application firewall, mentioned in the Gartner Magic Quadrant, and MariaDB temporal data tables. Alexander gave talks at Netdev 2.1, 0x12, and 0x14, SCALE 17x and 18x, MariaDB user conferences in 2017 and 2018, All Things Open ’18 and ’20, FOSDEM’17, Percona Live’16, IBM CASCON’14 and many other conferences.
Hosts



2. Assembling Your First Infosec Home Lab – Tony “tjnull” Punturiero – PSW #669
Assembling an infosec home lab is great way to learn more about the ever-changing programs and systems in the cyber world. However, it can get complicated to figure out what you really need to get your own home lab assembled and running. In this segment Tony will go over the the things you need to think about and the resources he uses to build an infosec home lab.
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest

Tony Punturiero (aka @tjnull) to the OffSec is an experienced pentester and red teamer for a government contractor and is known for his great passion for educating and
mentoring others. TJ is also an Adjunct Professor for a Local Community
College teaching cybersecurity courses and coaches one of the top
Community College’s cyber team in the State of Maryland.
Hosts




3. 10 Years Since Stuxnet, Rare Bootkit Discovered, & Thin Client Vulnerabilities – PSW #669
US Air Force slaps Googly container tech on yet another war machine to 'run advanced ML algorithms', Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs, Hackers exploit Windows Error Reporting service in new fileless attack, HP Device Manager vulnerabilities may allow full system takeover, Malware exploiting XML-RPC vulnerability in WordPress, and it's the 10 year anniversary of Stuxnet: Is Your Operational Technology Safe?
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Guest

Tony Punturiero (aka @tjnull) to the OffSec is an experienced pentester and red teamer for a government contractor and is known for his great passion for educating and
mentoring others. TJ is also an Adjunct Professor for a Local Community
College teaching cybersecurity courses and coaches one of the top
Community College’s cyber team in the State of Maryland.
Hosts



