2018-001- A new year, new changes, same old trojan malware

1:05:37
 
Share
 

Manage episode 195705836 series 58350
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2018-001-A_new_year-new_changes-same_old_malware.mp3

The first show of our 2018 season brings us something new (some awesome new additions to our repertoire), and something old (ransomware).

Michael Gough is joining us to discuss a new a partnership with BrakeSec Podcast (you'll have to listen to find out, or wait a few weeks :D )

We discuss #Spectre and #meltdown vulnerabilities, wonder about the criticality of the vulnerabilities and mitigation of them, and debate why the patching was handled in such a poor manner.

We also discuss a news story about a school that spent an exorbitant amount of money to remove a trojan that Mr. Boettcher (@boettcherpwned) and Mr. Gough (@hackerhurricane) believe to be very simply handled. We talk about the need for state and local governments and institutions to have a some way to call for breaches or 'cyber' crisis that would have a no-blame assistance helpline.

I did a quick video, which has a demonstration of Dave Kennedy's security tool "Pentester Framework" (PTF). There's even a video of the demo on our Youtube Channel (https://youtu.be/sIc1ljkwE5Q)

Finally, we discuss our upcoming training with Ms. Berlin (@infosystir) "Disrupting the Cyber Kill Chain", which will start the first week of February and go for 4 weeks. More details next week!

#Spotify: https://brakesec.com/spotifyBDS

RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

Join our #Slack Channel! Email us at bds.podcast@gmail.com

or DM us on Twitter @brakesec

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

From our friends at Hack In the Box Amsterdam:

"We are gearing up for the Hack In The Box Amsterdam 2018, which is now on its 9th edition, and will take place between the 9th and 13th April at the same venue as last year, the Grand Krasnapolsky hotel in the center of Amsterdam: https://conference.hitb.org/hitbsecconf2018ams/ The list of trainings is already published and looking as awesome as ever: https://conference.hitb.org/hitbsecconf2018ams/training The CFP is open and the review board is already hard at work with the first submissions." "If you have an interesting security talk and fancy visiting Amsterdam in the spring, then submit your talk to the Hack In The Box Amsterdam conference, which will take place between 9 and 13 April 2018. The Call For Papers is open until the end of December, submission details can be found at https://cfp.hackinthebox.org/. Tickets are already on sale, with early bird prices until December 31st. And the 'brakeingsecurity' discount code gets you a 10% discount". ---Show Notes---

Music change

Couldn’t remember where I got the other music

Little more news than we used to

Try to shy away from news everyone will talk about

Brakeing Down Incident Response (BD-IR) podcast

Hosted by Mr. Boettcher and Michael Gough

Vendor talks

Sponsors (provisionally)

News:

http://www.zdnet.com/article/wpa3-wireless-standard-tougher-wifi-security-revealed/

https://threatpost.com/new-rules-announced-for-border-inspection-of-electronic-devices/129361/

https://www.tripwire.com/state-of-security/latest-security-news/school-district-spend-314k-rebuilding-servers-malware-attack/

Upcoming Training:

Amanda? - Cyber KillChain training

Dates: Feb 5-26 Mondays at 9:30pm (4 - 1 hour)

Matt Miller - Reverse Engineering course

More advanced, still working on details with him (no promises yet)

Michael Gough - Malware Archaeology

Austin - Feb or March - 1 Day Logging training - see AustinISSA.Org

Houston - April 3rd - 1 Day - HouSecCon

Preparing and Responding to an endpoint incident, what to configure, and look for

Tulsa - April 11-12th - 2 Days - BSides Oklahoma

Introduction to responding to an endpoint incident, Malware Discovery, what to configure, and look for

Job postings on our Slack

Sr. Manager, Vuln Mgmt, Amazon (Herndon, VA)

Michael Fourdraine @mfourdraine has several positions on his team in Bellevue, WA

He’s on Twitter (https://twitter.com/mfourdraine) or join us in our Slack

Many positions he has will relocate you to lovely Bellevue, WA

MG just posted “James Avery Information Security Manager”

Teaching a mentor course in Seattle (SEC504) starting March 1st.

Sign up: https://www.sans.org/mentor/class/sec504-seattle-01mar2018-bryan-brake

Great if you work a job where you get called a lot

Less likely to have to get up during class and walk away…

Bit of a technical discussion - PTF (pentester framework)

Setup, install software

Lighter than Kali

Works on debian, ubuntu, pretty much any linux

Slack

Invite only

Slack bot died

A new link every month is a bit of a PITA

Being popular invites bots… would like to reduce that risk by broadcasting an invite

Friend of mine was invited to speak on “A man’s view of women in technology” O.o (http://www.cmhwit.org/)

“ John ---- Actually, my plan at this point is to interview several of the successful woman I know in technology, followed by personal observations of how I've seen them become well respected leaders in the field.”

229 episodes available. A new episode about every 7 days averaging 61 mins duration .