Very Exciting & Very Scary – PSW #694
View Show IndexSegments
1. How Hacking Naked Changed My Life – Alex Chaveriat – PSW #694
"I hack naked" - Not my best choice of a phrase to use with a prospective client though, now that it is done, might as well go through with this terrible idea... This is the story of a kick-off call I had early in my career that revealed a truth that changed the way I present myself in professional settings.
Segment Resources:
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
My name’s Alex. I’m a hacker and information security geek. I love looking at cybersecurity through the lens of an attacker and solving problems. I am always striving to become a more knowledgeable and happier hacker.
I am a professional hacker living in the US with about 15-years of cybersecurity, ethical hacking, and penetration testing experience. I co-founded a company named Tuik Security Group that is growing and thriving. I am a lifelong learner that loves geeking out about new things and recently started a YouTube channel (https://youtube.com/alexchaveriat) to share my passions and stories. Subscribe and Hack on!
Hosts
2. Attack Surface Mapping w/ AMASS – PSW #694
Learn how to use Amass to collect information about your Internet exposed assets. We'll cover usage of the configuration file (heavily), then put it altogether by integrating Nmap and a screenshot tool called Eyewitness.
Gallery Images
Announcements
Security Weekly listeners save $100 on their RSA Conference 2021 All Access Pass! RSA Conference will be a fully virtual experience from May 17th-20th, 2021. Security Weekly will be live streaming Monday-Thursday in the virtual broadcast alley, interviewing some of the top sponsors and speakers for the event. To register using our discount code, please visit https://securityweekly.com/rsac2021 [securityweekly.com] and use the code 5U1CYBER! We hope to "see" you there!
Hosts
3. Executive Order, New & Old Wifi Vulns, Pipeline Hack, & Distro-Less Linux – PSW #694
This week in the Security News: President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, and the cryptowars continue!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Hosts
- 1. Executive Order on Improving the Nation’s CybersecurityPolicy Updates, Increased Threat Sharing, Modernizing Federal Cybersecurity, Supply Chain Security, Improved Detection and Response, NSS requirements, and more.
- 2. Cyberattack Forces a Shutdown of a Top U.S. PipelineThe operator, Colonial Pipeline, said it had halted systems for its 5,500 miles of pipeline after being hit by a ransomware attack. They shut down the pipeline, which it says carries 45 percent of the East Coast’s fuel supplies, in an effort to contain the breach.
- 3. All Wi-Fi devices impacted by new FragAttacks vulnerabilitiesNewly discovered Wi-Fi security vulnerabilities collectively known as FragAttacks (fragmentation and aggregation attacks) are impacting all Wi-Fi devices back to 1997. Three of the flaws are reported to be related to the Wi-Fi 802.11 standard design, while others are reported as programming mistakes in Wi-Fi products.
- 4. Researchers track down five affiliates of DarkSide ransomware serviceResearchers have provided the details of an investigation into cyberattacker activity linked to DarkSide ransomware. On Tuesday, FireEye researchers documented five separate clusters of activity suspected of being connected to DarkSide, the RaaS network responsible for the Colonial Pipeline security incident.
- 5. US and Australia warn of escalating Avaddon ransomware attacksThe FBI and the ACSC have issued a warning about an ongoing "Avaddon" ransomware campaign targeting organizations operating in the government, finance, energy, manufacturing, and healthcare industries around the world.
- 6. Hackers target Windows users exploiting a Zero-Day in ReaderAdobe has confirmed that hackers are actively exploiting a use-after-free memory corruption vulnerability (CVE-2021-28550) affecting its Adobe Reader for Windows in limited attacks in order to execute arbitrary code on targeted systems.
- 7. Russian Actors Change Techniques After UK and US Agencies Expose ThemAfter having its TTPs outed last month by U.K. and U.S. security agencies, APT29 has responded to the exposure by leveraging red-teaming software to infiltrate victims' networks under the guise of conducting a trusted pentesting exercise.
- 8. Facebook removes Ukraine political ‘influence-for-hire’ networkFacebook has taken down a network of hundreds of fake accounts and pages targeting people in Ukraine and linked to individuals previously sanctioned by the United States for efforts to interfere in US elections, the company said on Thursday.
- 9. Microsoft Detected a BEC Campaign Targeted at More than 120 OrganizationsMicrosoft says it has uncovered a large-scale BEC program leveraging typo-squatted domains that are designed to make bogus emails appear to originate from legitimate senders in the consumer products, process manufacturing, agriculture, real estate, distinct manufacturing, and professional services industries in attacks targeting more than 120 organizations.
- 10. CISA MAR report provides technical details of FiveHands RansomwareU.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant Threat Intelligence. Group "UNC2447" exploited a zero-day issue (CVE-2021-20016) affecting SonicWall Secure Mobile Access (SMA) devices that had not been patched.
- 11. New tsuNAME Flaw Could Let Attackers Take Down Authoritative DNS ServersResearchers disclosed a new and critical vulnerability dubbed "TsuNAME" on May 6 that affects DNS resolvers and could be exploited by attackers to conduct reflection-based DoS attacks targeting authoritative nameservers.
- 12. CaptureRx Data Breach Impacts Healthcare ProvidersThree U.S. healthcare providers have disclosed they suffered a data breach after San Antonio, Texas-based healthcare technology firm CaptureRx experienced a ransomware attack on Feb. 6.
- 13. City of Tulsa, is the latest US city hit by ransomware attackThe city of Tulsa, Okla. has revealed it suffered a ransomware attack on May 7 that impacted its government network as well as a portion of its infrastructure and forced it to shut down its official website last weekend.
- 14. City of Chicago Emails Compromised During Data Transfer To Law FirmThe city of Chicago on Friday said that employee emails were stolen in a Jones Day data breach during a data transfer to Accellion’s FTA file sharing service.