POPULARITY
Categories
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Live Linux IR with UAC https://isc.sans.edu/diary/Live%20Linux%20IR%20with%20UAC/29480 Bitwarden Phishing https://community.bitwarden.com/t/phishing-website-bitwardenlogin-com/49704 https://www.reddit.com/r/Bitwarden/comments/10k2aj5/google_search_ads_showing_fake_bitwarden_web/ PY#RATION Attack Campaign Leverages Fernet Encyrption and Websockets https://www.securonix.com/blog/security-advisory-python-based-pyration-attack-campaign/ Skyhigh Security Secure Web Gateway: XSS in Single Sign On Plugin https://www.redteam-pentesting.de/en/advisories/rt-sa-2022-002/-skyhigh-security-secure-web-gateway-cross-site-scripting-in-single-sign-on-plugin Windows Crypto API Vuln PoC https://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689 BIND Patches https://kb.isc.org/docs/cve-2022-3094
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
First Malicious OneNote Document https://isc.sans.edu/diary/A%20First%20Malicious%20OneNote%20Document/29470 Guidance for Securing Remote Monitoring and Management Software https://media.defense.gov/2023/Jan/25/2003149873/-1/-1/0/JOINT_CSA_RMM.PDF Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts https://www.darkreading.com/cloud/microsoft-azure-kerberos-attacks-open-cloud-accounts Microsoft Blocking XLL Files Downloaded From Internet https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=115485 Lexmark Vulnerablities https://publications.lexmark.com/publications/security-alerts/CVE-2023-23560.pdf VMware VRealize Update https://www.vmware.com/security/advisories/VMSA-2023-0001.html
00:00 – PreShow Banter™ — Wade's Googly Eyes00:41 – BHIS – Talkin' Bout [infosec] News 2023-01-2301:26 – Story # 1: BIG TECH LAYOFFS. LAYOFFS! DOOM! RECESSION! The post Talkin' About Infosec News – 1/25/2023 appeared first on Black Hills Information Security.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Apple Patch Summary https://isc.sans.edu/forums/diary/Apple%20Updates%20%28almost%29%20Everything%3A%20Patch%20Overview/29472/ ManageEngine News; https://github.com/vonahisec/CVE-2022-47966-Scan KSMBD Vulnerability https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow/ BitWarden Server Side Iterations https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/ Packet Tuesday: Neighbor Advertisements https://www.youtube.com/watch?v=CoaZjuuY1do
At the 2022 Cyber Marketing Con, the CyberWire presented a CISO Q&A panel session on how to help cyber marketers reach CISOs and other security executives in the industry. The panel included Rick Howard, CSO of N2K Networks, Jaclyn Miller, Head of InfoSec and IT at DispatchHealth, Ted Wagner, CISO of SAP NS2, and was moderated by board director & and operating partner, Michelle Perry. Listen in as the panel discusses: What works and doesn't work in getting a security executive's attention. Message trust, message fatigue, and what you can do about it. Trusted information sources and how security executives use them. Positioning and messaging that is actually meaningful to decision makers. The security executive's purchasing behavior and why skepticism is the driving force. Stay tuned until the end to hear us answer some additional bonus questions submitted by attendees.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Who's Resolving This Domain https://isc.sans.edu/forums/diary/Who's%20Resolving%20This%20Domain%3F/29462/ Apple Updates Everything https://support.apple.com/en-us/HT201222 NSA IPv6 Security Guidance https://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI_IPV6_SECURITY_GUIDANCE.PDF Roaming Mantis Implements new DNS Changer in tis malicious mobile app https://thehackernews.com/2023/01/roaming-mantis-spreading-mobile-malware.html
GuestsAllison A. Sakara, Executive Director, High Alert Institute [@High-Alert-Inst]On ITSPmagazine | http://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/allison-a-sakaraDr. Maurice A Ramirez, Founder and President, High Alert Institute [@High-Alert-Inst]On ITSPmagazine | http://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/dr-maurice-a-ramirezSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinHost: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode's SponsorsBugcrowd
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Imortance of Signing in Windows Environments https://isc.sans.edu/diary/Importance%20of%20signing%20in%20Windows%20environments/29456 FanDuel Discloses Data Breach Caused by Recent Mailchimp Hack https://www.bleepingcomputer.com/news/security/fanduel-discloses-data-breach-caused-by-recent-mailchimp-hack/ OneNote Documents Used to Embed Malicious Office Documents https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trojanized-onenote-document-leads-to-formbook-malware/ Cisco Unified Communications Manager SQL Injection https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-sql-rpPczR8n Possible KeePass Vulnerability https://twitter.com/vomanc/status/1617135599030530054
Guest: Indus Khaitan, CEO and Founder at Quolum [@QuolumHQ]On LinkedIn | https://www.linkedin.com/in/khaitan/On Twitter | https://twitter.com/1ndusHost: Brendon RodOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/brendon-rod____________________________This Episode's SponsorsAre you interested in sponsoring an ITSPmagazine Channel?
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SPF and DMARC use on 100k most popular domains https://isc.sans.edu/diary/SPF%20and%20DMARC%20use%20on%20100k%20most%20popular%20domains/29452 Sysmon Exploit Released CVE-2022-41120, CVE-2022-44704 https://github.com/Wh04m1001/SysmonEoP ManageEngine CVE-2022-47966 Technical Deep Dive https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/ Netcomm Router Vulnerablities https://kb.cert.org/vuls/id/986018 Microsoft Pushes Outdated Office Install Check https://www.bleepingcomputer.com/news/microsoft/microsoft-pushes-kb5021751-to-check-for-outdated-office-installs/
Guest: PinkDraconian aka Robbe Van Roey, Hacker Manager at Intigriti [@intigriti]On LinkedIn | https://www.linkedin.com/in/robbe-van-roey-365666195/On Twitter | https://twitter.com/PinkDraconianOn YouTube | https://www.youtube.com/c/PinkDraconianHost: Phillip WylieOn ITSPmagazine
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Malicious Google Ads for Fake Notepad++ Lead to Aurora Stealer https://isc.sans.edu/diary/Malicious%20Google%20Ad%20--%3E%20Fake%20Notepad%2B%2B%20Page%20--%3E%20Aurora%20Stealer%20malware/29448 Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpujan2023.html QT QML Vulnerability https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml/ sudo sudoedit vulnerablity https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf
In this episode, Eric Landes addresses a question he received while delivering a class on Applying Professional Scrum. The student was a security specialist and was trying to figure out how Scrum teams handle the work needed to maintain security and compliance. If you are interested in attending Scrum training, check out our public Scrum training courses. How Does Security Fit into a Scrum Team? When conducting Scrum training, teams ask about different roles and how they fit on a team that only has developer, Scrum Master, and Product Owner accountabilities. It is a valid question, when I introduce the Scrum framework, it can be confusing how current jobs fit into the Scrum framework accountability. The good news is that the Scrum framework talks about accountabilities, not job descriptions. So, the writers of the Scrum guide understand that existing job roles are not necessarily supplanted by the accountability. But Scrum does say that your Scrum team needs to be able to complete their work to make it potentially shippable. A student asked how it could be shippable without their security group, InfoSec approving this. This specific organization, had to have a security review before any release could make it to production. How does the Scrum framework handle these organizational constraints? The Scrum guide says "Scrum Teams are cross-functional, meaning the members have all the skills necessary to create value each Sprint." And the Scrum team self-manages to make sure they have the right capabilities for the team. The Scrum guide is lightweight and not very prescriptive as you have probably noticed. I would answer that question using my experience, letting your team self-manage with this information. Practically speaking here are four ways your team could practice that self-management to help with this question: Add someone with security expertise to your team - The team would coordinate with the folks in charge of security to add that skill set to the team. This would involve coordinating when that person would be needed. Have someone knowledge transfer with security people - Similar to number one, by having a security expert work with the team for a sprint or two, knowledge transfer can happen. A team member volunteers to learn, the security folks agree on when this can be done, and now your team has someone with the skills to get those security policies implemented. The security Infosec team can now work with other Scrum teams to help them add these skillsets. Add security policies to your definition of done - Adding security checks to a team's Definition of Done might help the team by providing guidance as to what can be done. In combination with 4, this might have the least amount of time spent learning for the team. Security gives teams automation to do security checks. - If your security organization is creating automation to validate security issues, your team should use this. So, a conversation or two or more, with the security folks is needed to validate what tools are available for your team. This could be the least intrusive option for your team. These are 4 options that your team may want to adopt to help with Infosec or security requirements on a Scrum team. Your team may self-manage to a better option for your organization. Discussing what can be done within the team is a great first step! Want to Learn More or Get in Touch? I'd love to hear what you think. If you have a question or a comment, please email us at podcast@agilethought.com. For more information on AgileThought's available courses, go to agilethought.com/services/training-certifications. This information is also available on the page of this podcast. Thanks for listening! From
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
Steve Gibson shares some important notes found on the LastPass website. Gibson briefly explains the handling of client master passwords regarding PBKDF2. Great information on Security Now with Steve Gibson and Leo Laporte. For the full episode, goto: twit.tv/sn/906 Hosts: Leo Laporte and Steve Gibson You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: acilearning.com
Steve Gibson shares some important notes found on the LastPass website. Gibson briefly explains the handling of client master passwords regarding PBKDF2. Great information on Security Now with Steve Gibson and Leo Laporte. For the full episode, goto: twit.tv/sn/906 Hosts: Leo Laporte and Steve Gibson You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: acilearning.com
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
GuestBarry PhetteplaceCTO at Censis Technologies, Inc. [@CensisTech]On LinkedIn | https://www.linkedin.com/in/barry-phetteplace-083841________________________________HostsTed HarringtonOn ITSPmagazine
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Finding that one GPO setting in a pool of hundreds of GPOs https://isc.sans.edu/diary/Finding%20that%20one%20GPO%20Setting%20in%20a%20Pool%20of%20Hundreds%20of%20GPOs/29442 GIT Code Audit https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif/ Azure SSRF Flaws https://orca.security/resources/blog/ssrf-vulnerabilities-in-four-azure-services/ SMB Insecure Guest Auth Off By Default In Windows 11 Pro https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-insecure-guest-auth-now-off-by-default-in-windows-insider/ba-p/3715014 Packet Tuesday: IPv6 Router Advertisements https://www.youtube.com/watch?v=uRWpB_lYIZ8
We're aren't recording this holiday week, so enjoy this BSW throwback episode! Main host Matt Alderman selected this episode to share as it's still relevant to the InfoSec business community today. This week, we welcome Jim Routh, Former CSO, Board member, Advisor at Virsec, to discuss The 3 Mistakes All First Time CISOs Make That No One Tells You! Show Notes: https://securityweekly.com/bsw227 Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://twitter.com/securityweekly Follow us on Facebook: https://facebook.com/secweekly
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
PSA: Why you must run an ad blocker when using Google https://isc.sans.edu/diary/PSA%3A%20Why%20you%20must%20run%20an%20ad%20blocker%20when%20using%20Google/29438 NortonLifeLock Password Manager Bruteforcing https://webcache.googleusercontent.com/search?q=cache%3A91Bmx_jTJIkJ%3Ahttps%3A%2F%2Fago.vermont.gov%2Fwp-content%2Fuploads%2F2023%2F01%2F2023-01-09-NortonLifeLock-Gen-Digital-Data-Breach-Notice-to-Consumers.pdf&cd=3&hl=de&ct=clnk&gl=de CVE-2023-0179 Linux kernel stack buffer overflow in nftables: PoC and writeup https://seclists.org/oss-sec/2023/q1/20 MSI (in)Secure Boot https://dawidpotocki.com/en/2023/01/13/msi-insecure-boot/
We're aren't recording this holiday week, so enjoy this BSW throwback episode! Main host Matt Alderman selected this episode to share as it's still relevant to the InfoSec business community today. This week, we welcome Jim Routh, Former CSO, Board member, Advisor at Virsec, to discuss The 3 Mistakes All First Time CISOs Make That No One Tells You! Show Notes: https://securityweekly.com/bsw227 Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://twitter.com/securityweekly Follow us on Facebook: https://facebook.com/secweekly
00:00 – PreShow Banter™ — Ralph's Guide to Satellite Bands 04:33 – BHIS – Talkin' Bout [infosec] News 2023-01-16 05:25 – Story # 1: Microsoft's new AI can simulate anyone's […] The post Talkin' About Infosec News – 1/17/2023 appeared first on Black Hills Information Security.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Elon Musk Themed Crypto Scams Flooding YouTube Today https://isc.sans.edu/diary/Elon%20Musk%20Themed%20Crypto%20Scams%20Flooding%20YouTube%20Today/29434 Microsoft Text to Speech Synthesizer https://arxiv.org/pdf/2301.02111.pdf Missing Windows Start Menu https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-22H2#2998msgdesc
GuestLarry NemecekInquirer, recorder, portrayer, preserver of Star Trek...Doctor of Trekland, via PORTAL 47On Twitter | https://twitter.com/larrynemecekOn YouTube | https://www.youtube.com/user/larryn77On Instagram | https://www.instagram.com/larrynemecekstrekland/On Facebook | https://www.facebook.com/pg/Larry-Nemeceks-Trekland-121273617091/posts/HostsMarco CiappelliCo-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliSean MartinCo-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin_____________________________This Episode's SponsorsAre you interested in sponsoring an ITSPmagazine Channel?
GuestShubham KhichiFounder & President Nexus Infosec [@nexusinfosec]On LinkedIn | https://www.linkedin.com/in/shubhamkhichi/On Twitter | https://twitter.com/infosecbrooHostPhillip WylieOn ITSPmagazine
Robert D. Rodriguez is the Chairman & Founder of SINET and a Venture Partner at SineWave Ventures. Previously, Robert advised and coordinated the public - private sector outreach for The Department of Homeland Security and other institutions, and served 22 years as a Special Agent with the United States Secret Service. https://www.linkedin.com/in/rdrod/ https://www.security-innovation.org
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Prowler v3: AWS & Azure security assessments https://isc.sans.edu/diary/Prowler%20v3%3A%20AWS%20%26%20Azure%20security%20assessments/29430 Certified Pre-Pw0ned Android TV https://github.com/DesktopECHO/T95-H616-Malware Revolte Attack https://revolte-attack.net NGFW Data Exfiltration https://cymulate.com/blog/data-exfiltration-firewall/
00:00 – PreShow Banter™ — Twitch Airways International00:59 – BHIS – Talkin' Bout [infosec] News 2023-01-1003:56 – Story # 1: How ChatGPT could become a hacker's friendhttps://betanews.com/2023/01/05/how-chatgpt-could-become-a-hackers-friend/14:05 – Story # […] The post Talkin' About Infosec News – 1/12/2023 appeared first on Black Hills Information Security.
Today's guest is Steve Walbroehl, Chief Technology Officer / Chief Security Officer and cofounder of Halborn. Halborn is a blockchain cybersecurity firm that aims to secure the blockchain and protect users against data and monetary. Operating across the software development lifecycle, Halborn provides a suite of products and services designed to identify and close vulnerabilities in Web3 applications, helping to create the security standards that the market lacks. The company serves a diverse global client base spanning Layer 1 blockchains, infrastructure providers, financial institutions, and application and game developers. Halborn was founded in 2019 and is based in Miami, Florida. Steve has over 15 years of experience in cybersecurity, he is an expert, trainer, and technical leader in penetration testing, ethical hacking, web application, and cloud security, infrastructure security, vulnerability scanning and detection, IT compliance, and risk mitigation. He's worked with Fortune 500 companies spanning the Financial, Insurance, Mortgage, Technology, Utilities, Hospitality, and Blockchain industries. He holds several information technology and security certifications, including CISSP, CEH, CRISC, OSCP, OSWP, CISM, GWAPT, GAWN, AWS Solutions Architect Associate, CCNA, and Six Sigma. We begin our conversation by discussing the differences between traditional and crypto cybersecurity. Steve explains why security is the most important sector of industry, the crypto. We discuss why being a security specialist in crypto is very stressful. We discuss the connection between regulation and cybersecurity. We stress that regulation can foster decentralization and provide better user protection guidelines. Steve shares how the internet regulation during the early days of the internet could provide a blueprint for how to foster proper regulation and compliance in crypto. Our next conversation topic centered around the systemic risks that developed in DeFi due to greed. We discuss how greed fueled flawed protocol design spurring the wrong incentives resulted in the collapse of various centralized institutions. Steve expresses his concern about proof-of-stake as a centralizing force. Steve shares a story where he explains the systemic risks that can come from cross-chain liquidity, similar to the 2008 financial crisis. We transition our conversation to focus on the security risks in crypto. Steve explains the full spectrum of vulnerabilities that are present in crypto. We discuss how these vulnerabilities can be exploited and why a particular type of protocol is targeted more routinely than others. Steve explains that security in crypto requires taking into account technical vulnerabilities and socio-economic incentives to properly assess a project's vulnerabilities. Our next conversation topic centered around Halborn. Steve shares that one of the requirements to work as a security engineer at Halborn is to hack their way in. We discuss how coding and security testing is both an art and a science. We discuss the security of SHA-256 and why Bitcoin was a cryptography marvel. Our conversation transitions to focus on Seraph, the world's first blockchain security notary platform powered by Halborn. Steve explains how Seraph can help provide a security framework and guardrails for projects looking to standardized security practices. Our final discussion topic centered around the connection between adoption and security. Steve explains how increased security will lead to increased adoption of DeFi. Please enjoy my conversation with Steve Walbroehl.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Passive Detection of Internet-Connected Systems Affected by Exploited Vulnerabilities https://isc.sans.edu/diary/Passive%20detection%20of%20internet-connected%20systems%20affected%20by%20vulnerabilities%20from%20the%20CISA%20KEV%20catalog/29426 Unauthenticed Remote DoS in ksmbd NTLMv2 Authentication https://seclists.org/oss-sec/2023/q1/4 Cisco RV Series Vulnerabilities CVE-2023-20025 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5 Zoom Updates https://explore.zoom.us/en/trust/security/security-bulletin/ Gootkit Abusing VLC https://www.trendmicro.com/en_us/research/23/a/gootkit-loader-actively-targets-the-australian-healthcare-indust.html
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft January 2023 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20January%202023%20Patch%20Tuesday/29420 Cacti Unauthenticated Remote Code Execution https://www.sonarsource.com/blog/cacti-unauthenticated-remote-code-execution/ On the Security Vulnerabilities of Text-to-SQL Models https://arxiv.org/pdf/2211.15363.pdf
We've talked about how quantum computers are enabling extraordinary use cases now, long before the machines will threaten cryptography. Some of these applications can even help companies protect against immediate security threats and vulnerabilities. We explore one such exciting experiment: Using quantum to stop kill chains that allow network exploitation and the Chinese paper causing all the ruckus, claiming that cryptography could be hacked any day now. Join host Konstantinos Karagiannis for a chat about these hacker topics with Mark Carney from Quantum Village.For more on Quantum Village, visit www.quantumvillage.org/.To read Mark's paper on stopping kill chains, visit https://arxiv.org/abs/2211.13740.Read the Chinese paper causing all the ruckus on potentially cracking RSA sooner than expected: https://arxiv.org/abs/2212.12372Visit Protiviti at www.protiviti.com/postquantum to learn more about how Protiviti is helping organizations get post-quantum ready.Follow host Konstantinos Karagiannis on Twitter and Instagram: @KonstantHacker and follow Protiviti Technology on LinkedIn and Twitter: @ProtivitiTech. Contact Konstantinos at konstantinos.karagiannis@protiviti.com.Questions and comments are welcome!Theme song by David Schwartz. Copyright 2021.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
New Year Old Tricks: Hunting for CircleCI Configuration Files https://isc.sans.edu/diary/New%20year%2C%20old%20tricks%3A%20Hunting%20for%20CircleCI%20configuration%20files/29416 Amazon S3 Encrypts New Objects By Default https://aws.amazon.com/blogs/aws/amazon-s3-encrypts-new-objects-by-default/ MatrixSSL Buffer Overflow https://github.com/matrixssl/matrixssl/security/advisories/GHSA-fmwc-gwc5-2g29 Auth0 JsonWebToken Vulnerability CVE-2022-23529 https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/
GuestRishabh JainCo-Founder & CEO @ FERMÀT [@fermatcommerce]On LinkedIn | https://www.linkedin.com/in/rishabhmjain/On Twitter | https://twitter.com/rishabhmjainHostBrendon RodOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/brendon-rod____________________________This Episode's SponsorsAre you interested in sponsoring an ITSPmagazine Channel?