Primal Security Podcast

Winter is coming and HBO is already feeling the chill…well maybe. This month we are joined by Zack, Luke, Lane, and Andrew talking about news items, and their normal random banter. This is the first podcast in a while we don't mention Marissa Mayer from some breach…ah crap, well we will get it next time. NIST 800-63 Updated In June – TLDR you don't need to change passwords all the time and you don't need to require special characters, longer passwords better and harder to crack Shocker: Free VPN really isn't that secure or private Chrome Extensions being hijacked to inject ads HBO Hacked #WinterIsComing Putin Bans VPNs Windows 10 Detecting PS attacks maybe? Skimmers Sending Texts Now – Card Fraud and Chill? MalwareTech Arrested for alleged ties to Kronos HaveIBeen PWND Passwords (300M) to download Dont bash researchers offensive tools in vendor ads (it back fires) #MimikatzStopsCarbonBlack Interesti

With our first update of the summer we address multiple compromises, electoral hacks, and much much more! 1) WANNACRY/Ransomware Update https://isc.sans.edu/forums/diary/What+did+we+Learn+from+WannaCry+Oh+Wait+We+Already+Knew+That/22444/ https://labsblog.f-secure.com/2017/05/13/wcry-knowns-and-unknowns/ https://community.rapid7.com/community/infosec/blog/2017/05/12/wanna-decryptor-wncry-ransomware-explained 2) Kmart Pwned Again... https://krebsonsecurity.com/2017/05/credit-card-breach-at-kmart-stores-again/ 3) Chipotle hacked (hide your burritos)! http://money.cnn.com/2017/05/28/technology/chipotle-credit-card-hack/ 4) Gamestop hacked (I'm running out of valid credit cards) https://threatpost.com/gamestop-online-shoppers-officially-warned-of-breach/126172/ 5) Macron campaign hack and reaction https://www.nytimes.com/2017/05/08/world/europe/macron-hacking-attack-france.html 6) Russia accessed voter data/systems in 39 states https://www.engadget.com/2017/06/13/report-russia-hacked-election-systems-in-39-us

Tanium breaches trust with customer data to get new customers: https://arstechnica.com/security/2017/04/security-vendor-uses-hospitals-network-for-unauthorized-sales-demos/   Unicode phishing: https://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html   Shadow Brokers New Release of Stuff: http://www.pwn3d.org/posts/1721872-from-git-clone-to-pwned-owning-windows-with-doublepulsar-and-eternalblue-part-1   Mastercard reveals fingerprint biometric to replace pin: http://www.bbc.com/news/technology-39643453    Massive Oracle Quarterly Patch Not the Only Worry with Solaris and Apache Struts 2: https://threatpost.com/record-oracle-patch-update-addresses-shadowbrokers-struts-2-vulnerabilities/125046/   Breaches: https://krebsonsecurity.com/2017/04/intercontinental-hotel-chain-breach-expands/ https://krebsonsecurity.com/2017/04/shoneys-hit-by-apparent-credit-card-breach/

Besides NOVA 2017 "Im Cuckoo for Malware": https://www.youtube.com/watch?v=iHCj8wZiQSU IoT cloudpets hacked http://thehackernews.com/2017/02/iot-teddy-bear.html , https://nakedsecurity.sophos.com/2017/02/28/data-and-kids-voice-messages-exposed-in-cloudpets-breach/ Breaking Google Captcha v2 PoC https://east-ee.com/2017/02/28/rebreakcaptcha-breaking-googles-recaptcha-v2-using-google/ Yahoo Hacked.......again: https://arstechnica.com/security/2017/03/marissa-mayer-forgoes-bonus-after-yahoo-botches-hack-investigation/ RIP SHA-1: https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/ S3 Outage: https://aws.amazon.com/message/41926/ WordPress Vuln that popped the steal mountain of primalsec: https://blog.sucuri.net/2017/02/wordpress-rest-api-vulnerability-abused-in-defacement-campaigns.html SMBv3 Vuln: https://isc.sans.edu/forums/diary/Windows+SMBv3+Denial+of+Service+Proof+of+Concept+0+Day+Exploit/22029/

News Items:   APT-28 and APT-29, Fancy Bear and Cozy Bear: https://www.recordedfuture.com/russian-apt-toolkits/ https://www.crowdstrike.com/blog/danger-close-fancy-bear-tracking-ukrainian-field-artillery-units/   Massive Data breaches https://www.identityforce.com/blog/2016-data-breaches http://blog.gemalto.com/security/2016/09/20/data-breach-statistics-2016-first-half-results/   Hospitals make up 88% of all data breaches: http://www.beckershospitalreview.com/healthcare-information-technology/hospitals-are-hit-with-88-of-all-ransomware-attacks.html   Cyber attacks on hospitals grew 63% in 2016: http://www.darkreading.com/attacks-breaches/major-cyberattacks-on-healthcare-grew-63--in-2016/d/d-id/1327779   Healthcare industry suffers 6.2 billion dollars in data breaches: http://www.darkreading.com/threat-intelligence/healthcare-suffers-estimated-$62-billion-in-data-breaches/d/d-id/1325482   Yahoo Got Hit Hard in 2016 - they got breached by all the things multiple ti

Octoberfest -> Micah just released python parser for untapped https://github.com/WebBreacher/untappdScraper   Mirai Botnet DNS Attacks (IoT) https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/ Joomla Vuln (CVE-2016-8869, 8870) - Unauth Account creation and priv esc Joomla core 3.4.4-3.6.3 (patched 3.6.4) PoC is out on this several examples. https://medium.com/@showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.7kwnegsvj Dirtyc0w exploit (CVE-2016-5195) https://dirtycow.ninja/ BSidesDC 2016: https://www.youtube.com/channel/UCVImyGhRATNFGPmJfxaq1dw We Spoke Sean Metcaf Spoke on Powershell Micah Spoke on how to get connected in the security industry   BSidesJXN - 5 Ways We Break into a Network https://breakpoint-labs.com/5-ways-we-get-on-your-network/ Phishing Web App Vulns Multicast Name Resolution Poisoning SMB Relay Attacks Account Compromise 

This episode of Primal Security podcast is hosted by Andrew, Lane, Luke, and Zack with guest speaker Dan Amodio. Dan is an expert with all things penetration testing and red teaming and discusses his experiences with getting started in the industry. A lot of people want to become the super cool "hacker", but where do you start? Dan explains that the actual day to day of a penetration tester is far more than just performing penetration testing, you are a trusted consultant for your customer who often has to work long hours to ensure you complete the project. If you are new to security, or want to learn how to grow into a penetration testing role check out this podcast.

News Items: Bug Bounty via Hacker One for Porn Hub Blind XSS on Go Daddy Support Submission ImageTragick HTML PoC + Exploit PoC Cybrary Session Wednesday: How to Break Into A Company From the Internet Pt.1 Pwndlist got Pwned Facebook CTF platform Verizon 2016 DBIR released... And it is a source of controversy Ransomware on house of Reps have increased dramatically, resulting in the blocking of yahoo mail List of Panama Papers Officials released   Technical Segment: Email Spoofing and Phishing Highlight: If a company is using Google Apps for Work and has not set up SPF/DKIM/DMARC their domain can be leveraged to spoof emails..very reliably. Surprise surprise, people click links! Do you even need to be crafty? No probably not, but lets discuss some ways anyhow. You can spoof Emails - It can happen: Great write-up from Cobalt Strike If you are new to the email spoofing you should really read this article Telnet to the mail server, and attempt to manually craft the email. This works in default co

This month's podcast is hosted by Andrew, Lane, Luke, Matt, Zack, and guest speaker Eric Peterson from BreakPoint Labs. Eric has an extensive background in hunting for malware on enterprise networks and shares his knowledge on Ransomware.

This month’s podcast is hosted by Andrew, Luke, Zack, Lane, and special guest Tyrone Wilson CEO of Cover6 Solutions.  We quickly discuss some news items over this past month and then talk about the D.C. Cyber Security Professionals Meetup group led by Tyrone Wilson.

Quick news Items: FBI vs. Apple Iphone Kohls Cash Fraud Spotify Account Compromise   Then we discuss OSCP, and talk about our experience with OSCP.

This months podcast is hosted by Lane, Luke, Zack, Andrew, and Matt with guest speaker Shawn Wells.  We cover news items over the last month and Shawn digs into OpenSCAP, and Docker security.

Guest Speak Micah Hoffman discusses his conference talk on the security issues surrounding fitness devices and web applications.  Great talk from someone who really cares about security, and loves to share knowledge. Talk: https://www.youtube.com/watch?v=4XED-r29_Iw

We go over some news items from the last month, cover a new computer search engine Censys.io, and to a tech segment on Mobile Security.

How to Start Your InfoSec Career

Show Notes: Google Firing Range to scan and test XSS Black Hat Python by @jms_dot_py Overview of Data Breaches: Stables USPS JP Morgan NOAA Nvisium Seccasts is now free EMET 5.1 Bypass OSWE needs to come online now! OMFG Windows Vulns: IE OLE Automation Array RCE - CVE-2014-6332 Schannel Bug WinShock Kerberos Bug CVE_2014-6324 Drupageddon: Drupal 7.31 PreAuth SQLi CryptoPHP Web Malware Irongeek posted Hack3rCon Videos 

Show Notes: 1. DerbyCon Recap 2. DerbyCon CTF 3. Corelan Advanced Training 4. Shell_Shock 6 CVEs 5. Overview of data breaches for September: (iCloud, Home Depot, Jimmy Johns, ObamaCare, JPMorgan, Gmail, etc.) 6. Endless Celebrity nudes 7. Kali Nethunter 8. VulnHub Persistence Challenge Complete 9. OWASP Testing Guide 4.0 10. Upcoming Books: Black Hat Python - No Starch Press

In this podcast we talk about some recent conferences we attended (Black Hat, Def Con), and some upcoming conferences (DerbyCon/Corelan Training).  We briefly discuss some of the different training options in InfoSec, and go over some of PrimalSec's new tutorial series. 1. Black Hat Talk Summary 2. Def Con Talk Summary 3. DerbyCon 4.0 Family Rootz 4. Microsoft Pass-The-Hash Patch - harmjOy 5. Search Engine "Indexeus" indexes user account information acquired from more than 100 recent data breaches 6. Python Tutorial Series - From "Hello World" to Python Malware - Take my hand and walk into the darkness. 7. Exploit Tutorial Series (In-Progress) - Low level exploit tutorial series, writing your own exploits