Hackers Hitting Below The Belt – Scott Scheferman – PSW #671

October 22, 2020

In 2020 attackers are increasingly targeting firmware and hardware - going below the operating system to hide from traditional security solutions and gain persistence. Both nation state actors and criminals are exploiting vulnerable, exposed firmware on network and VPN devices, and recently a new UEFI rootkit dubbed #MosaicRegressor was found in the wild. We'll discuss how and why attackers are targeting firmware and hardware, and the steps security professionals can take to gain visibility into this attack surface and protect enterprise devices.

This segment is sponsored by Eclypsium.

Visit https://securityweekly.com/eclypsium to learn more about them!

Announcements

Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it's too late! Visit https://securityweekly.com/unlocked to view the line-up and register!

Guest

Scott Scheferman

Principal Cyber Strategist at Eclypsium

shagghie#8490

Scott, aka “Shagghie” in the community, is a public speaker, thought leader and cyber strategist. With decades of cyber consulting in both Federal and Commercial domains, he brings strong opinions and insight into any topic covering cyber, privacy, AI/ML, or the intersections of these. Winner of the first defcon badge-hacking contest and a defcon music artist, he currently works to bring urgent awareness to the device and firmware attack surface now being readily exploited.

Hosts

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Doug White

Professor at Roger Williams University

https://securedigitallife.com/

Jeff Man

Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems

https://www.obsglobal.com/

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

trob#6466

http://darkelement.io/

Incident response

Applied Research & the Power of Sustained Thinking – Casey Smith – ESW #309

March 16, 2023

Tap, tap - is this thing on? Why do defenders still struggle to detect attacks and attacker activities? Why do so many tools struggle to detect attacks? Today, we've got an expert on detection engineering to help us answer these questions. Thinkst's Canary and Canarytokens make in catching penetration testers and attackers stupidly simple. Thinkst...

Managed services

MSP = More Security Please? The state of Managed Service Providers – Raffael Marty – ESW #307

March 2, 2023

The MSP space has undergone a lot of changes in the past few decades, with the emphasis on security increasing dramatically in the last 5-10 years. We discuss how ConnectWise, which builds and sells solutions to MSPs, has tackled this challenge. We'll be asking questions both from Raffael's point-of-view, selling to MSPs, but also from the customer...

Incident response

Supply Chain Breaches and Hacking the Cloud: Lessons Learned from IR – Lina Lau – ASW #230

February 27, 2023

Join us for this segment with Lina Lau to learn lessons from real incident response engagements covering types of attacks leveraged against the cloud, war stories from supply chain breaches seen in the last 1-2 years, and how defenders and enterprises can better protect and proactively defend against these attacks. Segment Resources: Attacking and...