Mike Assante is the Director of Critical Infrastructure and ICS for the SANS Institute. He clears up the confusion of Dragonfly 2.0 and explains control systems and how those attacks work.
Full Show Notes: https://wiki.securityweekly.com/Episode530 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com
Follow us on Twitter: @securityweekly
Larry had a technical problem that he needed to solve. Larry demonstrates a new capture-the-flag scenario. Larry explains how to capture a particular wireless packet in the middle of all this noise.
Full Show Notes: https://wiki.securityweekly.com/Episode527
Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg
Security Weekly Website: http://securityweekly.com
Follow us on Twitter: @securityweekly
Printer attacks have been around for some time. Paul describes some of the latest techniques and research into printer hacking, including capturing print jobs, manipulating print jobs and other attacks. These are useful on penetration tests (believe it or not). Defenders take note, printers must be on your radar.
Full Show Notes: https://wiki.securityweekly.com/Episode525
Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg
Security Weekly Website:
http://securityweekly.com
Follow us on Twitter:
@securityweekly
Larry and his intern, Galen Alderson, present a demo of their Vaportrail project! Galen shows us how to exfiltrate data from networks using broadcast FM radio and other inexpensive materials.
Full Show Notes: https://wiki.securityweekly.com/Episode524
Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg
Security Weekly Website: http://securityweekly.com
Follow us on Twitter: @securityweekly
This is a random technical segment on implementing random number generators in Linux. Don shows us the ins and outs of the entropy pool, the different between /dev/random and /dev/urandom, and some awesome hardware that can increase entropy.
Full Show Notes: https://wiki.securityweekly.com/Episode522
Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg
Security Weekly Website: http://securityweekly.com
Follow us on Twitter: @securityweekly
Paul Ewing from Endgame talks about the different types of threat hunting (network, host and logs) and the pros and cons of each!
Full Show Notes: https://wiki.securityweekly.com/Episode521
Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg
Security Weekly Website: http://securityweekly.com
Follow us on Twitter: @securityweekly
Learn how to use Windows Event Logs to catch attackers in your network, including domain admin group enumeration and mimikatz attacks! Justin Henderson (@SecurityMapper) categorizes these techniques as "reverse attack analysis for detection" and shows us how to do it in this technical segment! References to Mark Baggett's work on freq.py are made as well (https://isc.sans.edu/forums/diary/Detecting+Random+Finding+Algorithmically+chosen+DNS+names+DGA/19893/)
Full Show Notes: https://wiki.securityweekly.com/Episode519
Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg
Security Weekly Website: http://securityweekly.com
Follow us on Twitter: @securityweekly