Yard Sale – PSW #708
Full Audio
View Show IndexSegments
1. Working With OpenVAS – PSW #708
Gain some insights into the OpenVAS project, why you might want to use it and some of the best implementations. This segment will dive right into the extended setup by compiling OpenVAS, and all components, from source code.
Announcements
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
Hosts
2. Trends in Mac Malware & Apple Security – Patrick Wardle – PSW #708
Apple's new M1 systems offer a myriad of benefits for both macOS users, and unfortunately, to malware authors as well.
In this talk Patrick details the first malicious programs compiled to natively target Apple Silicon (M1/arm64), focusing on methods of analysis.
Announcements
CyberRisk Alliance, in partnership with InfraGard, has launched the Critical Infrastructure Resilience Benchmark study. Measure your readiness for ransomware by completing the survey and getting your score. Visit https://securityweekly.com/CIRB to take the survey
Guest
Patrick Wardle is the founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.
Hosts
3. Yard Sales, Bitcoin Thief Charged, Mouse Privilege Escalation, & LED Eavesdropping – PSW #708
This week in the Security News: Some describe T-Mobile security as not good, if kids steal bitcoin just sue the parents, newsflash: unpatched vulnerabilities are exploited, insiders planting malware, LEDs can spy on you, hacking infusion pumps, PRISM variants, 1Password vulnerabilities, plugging in a mouse gives you admin, & yard sales!
Announcements
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Hosts
- 1. Iran prison abuse exposed by hackers’ CCTV leak
- 2. 4 Steps Organizations Can Take to Increase Diversity in Cybersecurity
- 3. T-mobile hacker: Their security is awful
- 4. Razer Mouse Grants Windows Admin Privileges
- 5. Reversing SMART Health Cards
- 6. Advisory: Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the Supply Chain – IoT Inspector
- 7. Botnet targets hundreds of thousands of devices using Realtek SDK
- 8. Eavesdropping By LED
- 9. Field Notice: FN – 63697 – Protective Boot on Certain Network Cables Might Push the Mode Button and Cause an Unexpected Reset on the 48-Port Models of Cisco Catalyst 3650 and 3850 Series Switches – Workaround Provided
- 1. Linux turns 30: Linus Torvalds on his “just a hobby” operating systemThank you Gus! In 1991, Unix was an important but secondary x86 operating system. That year, on August 25, a mild-mannered Finnish graduate student named Linus Benedict Torvalds announced on the Usenet group comp.os.minix that he was working on "a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones." No one knew it, not even Torvalds, but the technology was going to change forever.
- 2. Cloudflare thwarts 17.2M rps DDoS attack — the largest ever reportedEarlier this summer, Cloudflare’s autonomous edge DDoS protection systems automatically detected and mitigated a 17.2 million request-per-second (rps) DDoS attack, an attack almost three times larger than any previous one that they are aware of. For perspective on how large this attack was: Cloudflare serves over 25 million HTTP requests per second on average. This refers to the average rate of legitimate traffic in 2021 Q2. So peaking at 17.2 million rps, this attack reached 68% of their Q2 average rps rate of legitimate HTTP traffic.