T1SP: Episode 25

[ Subscribe to the Podcast: iTunes | Android | RSS ]

News

* [ ] TrendMicro node.js server listening on localhost can execute commands; exposed to the internet

* [ ] SSH backdoor found in Fortinet firewalls

* [ ] SSH client vulnerability

* [ ] Australia’s Cybercrime Online Reporting Network (ACORN) received over 39K reports of criminal activity in 2015

* [ ] Hyatt names 250 hotels hit by malware, includes the one for DerbyCon

* [ ] Web sense rebranding as Forepoint, acquires Intel’s firewall business

* [ ] Twitter might be ending its 140 character limit

* [ ] Major vulns still being found in Health and Fitness mobile apps

* [ ] Angler exploit kit continues to evade detection

* [ ] LostPass attack is a phishing email attack that works against LastPass (showed at Shmoocon this weekend)

* [ ] Virus just took down the Melbourne Health computer system

* [ ] Lastpass has found a workaround for the LostPass attack

* [ ] A bit match fixing problem has been found in Tennis

* [ ] Trustwave is being sued by Affinity for supposedly missing an second hack that was going on while they were there to fix an initial hack

Ideas, updates, and discussion

* [ ] IR is messy and dangerous; assume compromise; assume continued compromise; be extremely careful saying that things were contained; if you’re not Mandiant you’re probably not doing a great job

* [ ] Smartphone encryption and the gun debate: same coin? ISIS supposedly has its own encryption app. What next, make murder illegal?

Tools, talks, and projects

* [ ] FIR – Fast Incident Response Management Platform

* [ ] DIVA damn insecure and vulnerable Android app

* [ ] Kill Chain for Kali Linux 2.0 : recon, weaponization, delivery, exploit, installation, c2, actions

* [ ] EZ-Wave: exploiting Z-Wave networks using SDR

* [ ] GoPhish: open source phishing framework

* [ ] V3n0m SQLi scanner

* [ ] VScan : uses NSE scripts to find vulns

* [ ] SleepyPuppy Burp Extension

* [ ] DBDAT — Database Assessment Tool — https://github.com/foospidy/DbDat

Announcements

* [ ] Speaking at AppSec Cali next week (Tuesday) on ATM

* [ ] Shmoocon hiring list: http://www.room362.com/2016/01/2016-shmoocon-hiring-list.html

Miscellaneous

* [ ] Great security news source: https://security.didici.cc/news

* [ ] Thanks to Tripwire for giving a shoutout to the podcast on Twitter

[ Subscribe to the Podcast: iTunes | Android | RSS ]

Notes

* The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Support the show: https://danielmiessler.com/support/