T1SP: Episode 25

[ Subscribe to the Podcast: iTunes | Android | RSS ]

News

* [ ] TrendMicro node.js server listening on localhost can execute commands; exposed to the internet
* [ ] SSH backdoor found in Fortinet firewalls
* [ ] SSH client vulnerability
* [ ] Australia’s Cybercrime Online Reporting Network (ACORN) received over 39K reports of criminal activity in 2015
* [ ] Hyatt names 250 hotels hit by malware, includes the one for DerbyCon
* [ ] Web sense rebranding as Forepoint, acquires Intel’s firewall business
* [ ] Twitter might be ending its 140 character limit
* [ ] Major vulns still being found in Health and Fitness mobile apps
* [ ] Angler exploit kit continues to evade detection
* [ ] LostPass attack is a phishing email attack that works against LastPass (showed at Shmoocon this weekend)
* [ ] Virus just took down the Melbourne Health computer system
* [ ] Lastpass has found a workaround for the LostPass attack
* [ ] A bit match fixing problem has been found in Tennis
* [ ] Trustwave is being sued by Affinity for supposedly missing an second hack that was going on while they were there to fix an initial hack

Ideas, updates, and discussion

* [ ] IR is messy and dangerous; assume compromise; assume continued compromise; be extremely careful saying that things were contained; if you’re not Mandiant you’re probably not doing a great job
* [ ] Smartphone encryption and the gun debate: same coin? ISIS supposedly has its own encryption app. What next, make murder illegal?

Tools, talks, and projects

* [ ] FIR – Fast Incident Response Management Platform
* [ ] DIVA damn insecure and vulnerable Android app
* [ ] Kill Chain for Kali Linux 2.0 : recon, weaponization, delivery, exploit, installation, c2, actions
* [ ] EZ-Wave: exploiting Z-Wave networks using SDR
* [ ] GoPhish: open source phishing framework
* [ ] V3n0m SQLi scanner
* [ ] VScan : uses NSE scripts to find vulns
* [ ] SleepyPuppy Burp Extension
* [ ] DBDAT — Database Assessment Tool — https://github.com/foospidy/DbDat

Announcements

* [ ] Speaking at AppSec Cali next week (Tuesday) on ATM
* [ ] Shmoocon hiring list: http://www.room362.com/2016/01/2016-shmoocon-hiring-list.html

Miscellaneous

* [ ] Great security news source: https://security.didici.cc/news
* [ ] Thanks to Tripwire for giving a shoutout to the podcast on Twitter

[ Subscribe to the Podcast: iTunes | Android | RSS ]

Notes

* The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.