Primal Security Podcast

About this podcast   English    United States

Primal Security Podcast is a show for people who want to hear about the latest security news and hear about the security industry.
24 episodes · since Jul, 2013
In this podcast

Primal Security Podcast

Machine generated. There may be errors. Report errors to us.
Aug. 14, 2017 · transcript
Winter is coming and HBO is already feeling the chill…well maybe. This month we are joined by Zack, Luke, Lane, and Andrew talking about news items, and their normal random banter. This is the first podcast in a while we don’t mention Marissa Mayer from some breach…ah crap, well we will get it next time. NIST 800-63 Updated In June – TLDR you don’t need to change passwords all the time and you don’t need to require special characters, longer passwords better and harder to crack Shocker: Free VPN really isn’t that secure or private Chrome Extensions being hijacked to inject ads HBO Hacked #WinterIsComing Putin Bans VPNs Windows 10 Detecting PS attacks maybe? Skimmers Sending Texts Now – Card Fraud and Chill? MalwareTech Arrested for alleged ties to Kronos HaveIBeen PWND Passwords (300M) to download Dont bash researchers offensive tools in vendor ads (it back fires) #MimikatzStopsCarbonBlack Interesting Burp Extension: Burpa DEF CON: Most talks/workshops are up, here is a good one BH/DC: Hackers were able to compromise voting systems easily with physical access. Wanna cry hackers blocked from laundering bitcoins  Sweden leaks personal data of nearly all citizens Brooks Brothers discloses year long data breach  
June 26, 2017
With our first update of the summer we address multiple compromises, electoral hacks, and much much more! 1) WANNACRY/Ransomware Update https://isc.sans.edu/forums/diary/What+did+we+Learn+from+WannaCry+Oh+Wait+We+Already+Knew+That/22444/ https://labsblog.f-secure.com/2017/05/13/wcry-knowns-and-unknowns/ https://community.rapid7.com/community/infosec/blog/2017/05/12/wanna-decryptor-wncry-ransomware-explained 2) Kmart Pwned Again... https://krebsonsecurity.com/2017/05/credit-card-breach-at-kmart-stores-again/ 3) Chipotle hacked (hide your burritos)! http://money.cnn.com/2017/05/28/technology/chipotle-credit-card-hack/ 4) Gamestop hacked (I'm running out of valid credit cards) https://threatpost.com/gamestop-online-shoppers-officially-warned-of-breach/126172/ 5) Macron campaign hack and reaction https://www.nytimes.com/2017/05/08/world/europe/macron-hacking-attack-france.html 6) Russia accessed voter data/systems in 39 states https://www.engadget.com/2017/06/13/report-russia-hacked-election-systems-in-39-us-states/ 7) Shadowbrokers subscription and crowdfunding https://www.cryptocoinsnews.com/shadow-brokers-dumps-bitcoin-zcash-monthly-dump-subscription/ http://mashable.com/2017/05/30/shadow-brokers-nsa-exploits-hacking-wannacry/#2eoUgMY9kmqT 8) XP isn't quite EoL yet http://www.zdnet.com/article/microsoft-warns-of-destructive-cyberattacks-issues-new-windows-xp-patches/
April 27, 2017
Tanium breaches trust with customer data to get new customers: https://arstechnica.com/security/2017/04/security-vendor-uses-hospitals-network-for-unauthorized-sales-demos/   Unicode phishing: https://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html   Shadow Brokers New Release of Stuff: http://www.pwn3d.org/posts/1721872-from-git-clone-to-pwned-owning-windows-with-doublepulsar-and-eternalblue-part-1   Mastercard reveals fingerprint biometric to replace pin: http://www.bbc.com/news/technology-39643453    Massive Oracle Quarterly Patch Not the Only Worry with Solaris and Apache Struts 2: https://threatpost.com/record-oracle-patch-update-addresses-shadowbrokers-struts-2-vulnerabilities/125046/   Breaches: https://krebsonsecurity.com/2017/04/intercontinental-hotel-chain-breach-expands/ https://krebsonsecurity.com/2017/04/shoneys-hit-by-apparent-credit-card-breach/
March 13, 2017
Besides NOVA 2017 “Im Cuckoo for Malware”: https://www.youtube.com/watch?v=iHCj8wZiQSU IoT cloudpets hacked http://thehackernews.com/2017/02/iot-teddy-bear.html , https://nakedsecurity.sophos.com/2017/02/28/data-and-kids-voice-messages-exposed-in-cloudpets-breach/ Breaking Google Captcha v2 PoC https://east-ee.com/2017/02/28/rebreakcaptcha-breaking-googles-recaptcha-v2-using-google/ Yahoo Hacked.......again: https://arstechnica.com/security/2017/03/marissa-mayer-forgoes-bonus-after-yahoo-botches-hack-investigation/ RIP SHA-1: https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/ S3 Outage: https://aws.amazon.com/message/41926/ WordPress Vuln that popped the steal mountain of primalsec: https://blog.sucuri.net/2017/02/wordpress-rest-api-vulnerability-abused-in-defacement-campaigns.html SMBv3 Vuln: https://isc.sans.edu/forums/diary/Windows+SMBv3+Denial+of+Service+Proof+of+Concept+0+Day+Exploit/22029/
Dec. 29, 2016
News Items:   APT-28 and APT-29, Fancy Bear and Cozy Bear: https://www.recordedfuture.com/russian-apt-toolkits/ https://www.crowdstrike.com/blog/danger-close-fancy-bear-tracking-ukrainian-field-artillery-units/   Massive Data breaches https://www.identityforce.com/blog/2016-data-breaches http://blog.gemalto.com/security/2016/09/20/data-breach-statistics-2016-first-half-results/   Hospitals make up 88% of all data breaches: http://www.beckershospitalreview.com/healthcare-information-technology/hospitals-are-hit-with-88-of-all-ransomware-attacks.html   Cyber attacks on hospitals grew 63% in 2016: http://www.darkreading.com/attacks-breaches/major-cyberattacks-on-healthcare-grew-63--in-2016/d/d-id/1327779   Healthcare industry suffers 6.2 billion dollars in data breaches: http://www.darkreading.com/threat-intelligence/healthcare-suffers-estimated-$62-billion-in-data-breaches/d/d-id/1325482   Yahoo Got Hit Hard in 2016 - they got breached by all the things multiple times: http://thehackernews.com/2016/12/yahoo-hacking.html
Oct. 31, 2016
Octoberfest -> Micah just released python parser for untapped https://github.com/WebBreacher/untappdScraper   Mirai Botnet DNS Attacks (IoT) https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/ Joomla Vuln (CVE-2016-8869, 8870) - Unauth Account creation and priv esc Joomla core 3.4.4-3.6.3 (patched 3.6.4) PoC is out on this several examples. https://medium.com/@showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.7kwnegsvj Dirtyc0w exploit (CVE-2016-5195) https://dirtycow.ninja/ BSidesDC 2016: https://www.youtube.com/channel/UCVImyGhRATNFGPmJfxaq1dw We Spoke Sean Metcaf Spoke on Powershell Micah Spoke on how to get connected in the security industry   BSidesJXN - 5 Ways We Break into a Network https://breakpoint-labs.com/5-ways-we-get-on-your-network/ Phishing Web App Vulns Multicast Name Resolution Poisoning SMB Relay Attacks Account Compromise 
Sept. 2, 2016
This episode of Primal Security podcast is hosted by Andrew, Lane, Luke, and Zack with guest speaker Dan Amodio. Dan is an expert with all things penetration testing and red teaming and discusses his experiences with getting started in the industry. A lot of people want to become the super cool "hacker", but where do you start? Dan explains that the actual day to day of a penetration tester is far more than just performing penetration testing, you are a trusted consultant for your customer who often has to work long hours to ensure you complete the project. If you are new to security, or want to learn how to grow into a penetration testing role check out this podcast.
May 15, 2016
News Items: Bug Bounty via Hacker One for Porn Hub Blind XSS on Go Daddy Support Submission ImageTragick HTML PoC + Exploit PoC Cybrary Session Wednesday: How to Break Into A Company From the Internet Pt.1 Pwndlist got Pwned Facebook CTF platform Verizon 2016 DBIR released... And it is a source of controversy Ransomware on house of Reps have increased dramatically, resulting in the blocking of yahoo mail List of Panama Papers Officials released   Technical Segment: Email Spoofing and Phishing Highlight: If a company is using Google Apps for Work and has not set up SPF/DKIM/DMARC their domain can be leveraged to spoof emails..very reliably. Surprise surprise, people click links! Do you even need to be crafty? No probably not, but lets discuss some ways anyhow. You can spoof Emails - It can happen: Great write-up from Cobalt Strike If you are new to the email spoofing you should really read this article Telnet to the mail server, and attempt to manually craft the email. This works in default configurations on many Email servers and security appliances - SPF/DKIM/DMARC may not be setup allowing you to send email from the domain unauthenticated - The Cobalt Strike blog demonstrates that. This can also be done in Gmail! - Shows up as spoofed in normal gmail, but what about Google Apps for Work - You do not have SPF/DKIM/DMARC setup and can very easily spoof emails from that domain - both two the target domain and externally, and it will very frequently bypass security controls - we will release code on how to do that. We are normally targeting organizations that leverage Outlook - It will only grab the name portion of the email header (not the email) and present that to users, so you can have a Gmail email (can bypass controls since its Gmail/legit) and you can send email using Python (or another scripting language), and modify the name to be a quazi-spoof.
April 22, 2016
This month's podcast is hosted by Andrew, Lane, Luke, Matt, Zack, and guest speaker Eric Peterson from BreakPoint Labs. Eric has an extensive background in hunting for malware on enterprise networks and shares his knowledge on Ransomware.