The Bleeding Edge – Paul’s Security Weekly #585

This week, how Docker containers can be exploited to mine for cryptocurrency, WordPress sites attacking other WordPress sites, why the Marriott breach is a valuable IT lesson, malicious Chrome extensions, why hospitals are the next frontier of cybersecurity, and how someone is claiming to sell a Mass Printer Hijacking service! In our first Technical Segment, we welcome Marcello Salvati, Security Consultant at BHIS, to talk about SILENTTRINITY, a post-exploitation agent powered by Python, IronPython, C#/.NET! In our second Technical Segment, we air a pre-recorded interview of Lenny Zeltser, VP of Products at Minerva! Lenny will be discussing Evasion Tactics in Malware from the Inside Out!   Full Show Notes: https://wiki.securityweekly.com/Episode585 Visit https://www.securityweekly.com/psw for all the latest episodes!   To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly To learn more about Black Hills Information Security, go to: https://www.blackhillsin

View Show Index

Full Audio

Segments

1. Marcello Salvati, BHIS –

Marcello Salvati is a security consultant at BHIS, and is giving a technical segment on SilentTrinity. Marcello will solve the red team tradecraft problem of gaining dynamic access to the .net api without going through powershell.

To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW

Full Show Notes: https://wiki.securityweekly.com/Episode585

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory

2. Marriott Breach, Lame Printer Hack, and Docker –

This week, how Docker containers can be exploited to mine for cryptocurrency, WordPress sites attacking other WordPress sites, why the Marriott Breach is a valuable IT lesson, malicious Chrome extensions, why hospitals are the next frontier of cybersecurity, and how someone is claiming to sell a Mass Printer Hijacking service!

Full Show Notes: https://wiki.securityweekly.com/Episode585

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory

3. Lenny Zeltser, Minerva Labs –

Lenny Zeltser the VP of Products at Minerva, will be giving a technical segment on Evasion Tactics in Malware from the Inside Out. He will explain the tactics malware authors use to evade detection and analysis and find out how analysts examine these aspects of malicious code with a disassembler and a debugger.

To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly

Full Show Notes: https://wiki.securityweekly.com/Episode585

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory

4. Lenny Zeltser, Minerva Labs – Paul’s Security Weekly #585

Lenny Zeltser the VP of Products at Minerva, will be giving a technical segment on Evasion Tactics in Malware from the Inside Out. He will explain the tactics malware authors use to evade detection and analysis and find out how analysts examine these aspects of malicious code with a disassembler and a debugger. To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly Full Show Notes: https://wiki.securityweekly.com/Episode585 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

5. Marriott Breach, Lame Printer Hack, and Docker – Paul’s Security Weekly #585

This week, how Docker containers can be exploited to mine for cryptocurrency, WordPress sites attacking other WordPress sites, why the Marriott Breach is a valuable IT lesson, malicious Chrome extensions, why hospitals are the next frontier of cybersecurity, and how someone is claiming to sell a Mass Printer Hijacking service! Full Show Notes: https://wiki.securityweekly.com/Episode585 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

6. Marcello Salvati, BHIS – Paul’s Security Weekly #585

Marcello Salvati is a security consultant at BHIS, and is giving a technical segment on SilentTrinity. Marcello will solve the red team tradecraft problem of gaining dynamic access to the .net api without going through powershell. To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW Full Show Notes: https://wiki.securityweekly.com/Episode585 Follow us on Twitter: https://www.twitter.com/securityweekly

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
prestitial ad