Tag Archives: SCADA

Blackhat 2013 – WSWiR Episode 72

Details on Femtocell hacking, Mactans, and SCADA Honeypots

This is the week of the Blackhat and Defcon security conferences; two of the biggest security research conferences of the year. So rather than quickly summarize InfoSec newslike I do most weeksI’ll share details about three of my favorite talks from this year’s Blackhat show (Defcon is going on now).

Two of my favorite presentations fill in details about stories from past episodes. Both the researchers that hacked a Verizon femtocell, and the ones that created a malicious iOS charger, shared the technical details around these attacks. Want to learn how it’s done? Watch below.

The third interesting talk centers around using honeypots to learn who are attacking our SCADA systems. While the attacker profile data shared in the presentation was interesting, I was more concerned with how the researcher profiled his attackers. Essentially, he hacked them back. His hack back technique was at best legally grey area, and at worst totally illegal. And this researcher’s actions were not the exception. I attended a few talks this year where researchers used hacking techniques to out their attacks. Perhaps the industry is adopting “strike back” after all.

In any case, if you’d like a quick glimpse of some of my favorite presentations from the show, be sure to click play below. I will also post some written summaries about the talks I attended in the next few days. Finally, though I didn’t have time to cover the regular Infosec news this week, be sure to check the Reference section for links to a few fairly important industry stories.

(Episode Runtime: 15:15)

Direct YouTube Link: https://www.youtube.com/watch?v=-xBHxQUVJnU

Episode References:

Extras:

— Corey Nachreiner, CISSP (@SecAdept)

March Radio Free Security: Record Breaking DDoS

Record Breaking DDoS, Cracked Crypto, and ICS Honeypots

Radio Free Security (RFS) is a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you.

After a small unscheduled hiatus, Radio Free Security is back. Unfortunately, I had to skip our February episode due to a very busy work travel schedule. To make up for it, we return this month with a double heaping of information security (InfoSec) stories and news. Plus, we’ve thrown in a fun security-themed song parody to boot.

Here’s what to expect in this month’s episode:

  • Security Story of the Month (SSotM) [Pt.1 3:20 - 34:05, Pt.2 37:10 - 1:07:00] – During SSotM, Ben Brobak, Chris Shaiman, and Corey Nachreiner highlight the most concerning security stories and incidents from the month. Topics include a new weakness in a cipher associated with SSL and TLS, more zero day Java exploits, a severe sentence in a cyber security trial, the largest DDoS attack ever seen, and more. Follow along to learn which story takes the cake, and what you can do to defend your network.
  • WatchGuard’s Secure Shop Song Parody [34:19 - 37:10] –  We debut our latest security-themed song parody. A talented and creative group of WatchGuard employees wrote a song parody to Macklemore’s popular Thrift Shop rap. We’re proud of this rising Seattle-based rapper, so thought how better to celebrate his success than making our own tongue-in-cheek security tune in this honor. I think the song turned out great, and you can expect us to post the accompanying music video soon. Give it a listen (I will post a new direct link shortly).

So settle in, adjust your volume, and enjoy the show.

[runtime: 1:08:17]

You can always find the latest episode of Radio Free Security:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 56 – ICS Honeypot

Jailed Hackers, ICS Honeypots, and Krebs SWATing

Currently, I’m attending a security expo in Helsinki, Finland, so I had to produce this week’s episode quickly, while on the road. Nonetheless, it’s still been a busy security week so far, and there’s a lot of InfoSec news to cover

Today’s episode includes two unrelated stories that share a cyber-law theme, some interesting research about an ICS/SCADA honeypot that attracted a lot of attention from nation-state cyber attackers, and a story about a popular security journalist being targeted by a SWAT attack. Watch the video below for the full scoop, and check out the Reference section below if you’d like more details (and links to some extra InfoSec stories I didn’t have time to cover).

(Episode Runtime: 9:46)

Direct YouTube Link: http://www.youtube.com/watch?v=Lvv-KgcsI0w

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 53 – RSA 2013

RSA 2013: Big Data, Chinese APT, and User Awareness

This week’s InfoSec news video comes from the 2013 RSA Security Conference in San Francisco. As such, much of the episode covers the major themes from the show flow. However, cyber attackers don’t take a break just because the security industry is having a pow-wow. I also cover other big stories from the week, including an emergency Flash update, a cPanel breach, new nation-state malware, and even an HTML5 trick than can fill you hard drive. Check out the episode below.

As always, feel free to browse the Reference section for more details on any of these stories, and thanks for watching. Comment if you have any suggestions.

(Episode Runtime: 10:11)

Direct YouTube Link: http://www.youtube.com/watch?v=AJbDQnkUToE

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 52 – China APT1

China APT1 Attackers and Java 0day Breaches

Welcome to another week of InfoSec news. If you’re subscribed to the YouTube channel directly, you probably noticed I posted last week’s video late last Friday. Unfortunately, I was catching a plane at the time, so I decided to wait until today to post the video blog entry. If you missed any of last week’s big information and network security news, you’ve come to the right place.

This week’s “on the road” episode covers Apple and Facebook network compromises, the zero day Java exploit that caused them, and one security company’s research alleging the Chinese government is behind many recents advanced persistent threat (APT) attacks. I also recommend some critical updates for Windows, Linux, and OS X users, so make sure to watch below.

This week I’ll be attending the RSA security conference, and recording another episode on the go, which means I may also post next week’s episode earlier or later than normal depending on my travel and event schedule. Until then, thanks for watching and stay frosty out there.

(Episode Runtime: 6:39)

Direct YouTube Link: http://www.youtube.com/watch?v=MolGboEK7nE

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Reader 0day

Reader 0Day, Zombie Broadcast, and Bit9 Breach

Due to a busy work week, I was unable to create a fully produced InfoSec news summary video this week. I did post a very brief video (which you can find below), mostly to warn our YouTube subscribers about the missing episode. It contains very minimal detail about this week’s top security stories.

However, I won’t leave you hanging for your weekly security news fix. Below, you’ll find a bullet-list, which quickly summarizes many of this week’s most interesting Infosec news. See you next week.

  • Zero day Adobe Reader vulnerability – A security company, FireEye, discovered attackers exploiting a previously unknown vulnerability in Adobe Reader to install malware. Adobe hasn’t had time to fix it yet, but recommends you use “Protected View” mode to mitigate the issue. We’ll post more details when they patch.
  • President Obama signs cyber security executive order  - As many expected, President Obama signed a cyber security executive order this week that allows government organizations to share security intelligence with some private organizations  and asks critical infrastructure providers to up their security.
  • Bit9 breached and digital certificates stolen – A security company, Bit9, confirmed they were breached this week, and that attackers had stolen their digital certificates and used them to sign malware. Their excuse for the breach? They didn’t use their own product enough.
  • Hacked emergency broadcast system warns of zombie attack  – Folks in some Montana counties were surprise when their television emergency broadcast system warned of a zombie attack. Unsurprisingly, it turns out the system was hacked.
  • More Ruby on Rail vulnerabilities – Researchers have found more vulnerabilities, like SQL injections, in Ruby on Rails. If you are a web developer who uses this package, go patch.
  • Microsoft’s February Patch Day- As always, Microsoft released a bunch of security updates this week. They fixed flaws in Windows, Exchange, Internet Explorer, and a few lesser known products. I released details about the updates here, so hopefully you’ve already patched.
  • Adobe Flash and Shockwave updates – Adobe also released important Shockwave and Flash Player updates during Microsoft’s Patch Day. I talked about those earlier, too. Make sure to patch!
  • The dangers of losing your master password - A well-known security researcher, Jeremiah Grossman, shares a great anecdote on how very strong security practices can come back and bite you due to user error.

Direct YouTube Link: http://www.youtube.com/watch?v=wQP_5bXgHbg (Runtime: 2:08)

Extra Stories:

— Corey Nachreiner, CISSP (@SecAdept)

WatchGuard Security Week in Review: Episode 51 – Flash 0day

Flash Exploit, ICS Hacks, and Federal Reserve Bank Breach

We’ve had another busy week of security news, with more stories than I can cover in a short video. So I’ll stick to the highlights. Today’s episode talks about a couple Adobe Flash zero day vulnerabilities, the latest Anonymous hijinks, some cross-platform mobile malware, and more. If you missed this week’s InfoSec news, and want to learn about the biggest stories (including how to defend against the latest attacks), click the play button below. Also, check out the Reference section for links to some other interesting security stories I skipped.

Enjoy your weekend, and stay frosty out there.

(Episode Runtime: 8:03)

Direct YouTube Link: http://www.youtube.com/watch?v=B6YdI3NGwlg

Episode References:

— Corey Nachreiner, CISSP (@SecAdept)

January Radio Free Security: Red October, Java 0day, and More

Red October, Java Zero Day, and UPnP Problems

Radio Free Security (RFS) is a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you.

January was rife with security breaches, zero day, and other InfoSec related stories. That’s why this month the Radio Free Security analyst team spends much of the episode highlighting the big issues you should know about, and how you can protect yourself from some of the threats.

  • Security Story of the Month (SSotM) [Pt.1 3:43 - 26:50, Pt.2 40:34 - 1:00:50] – During SSotM, Richard Gilmour, Chris Shaiman, and Corey Nachreiner highlight the most concerning security stories and incidents from the month. Topics  include many Java zero day exploits, H.D. Moore’s UPnP security report, Red October, the Aaron Swartz suicide, and more. Listen in to learn which issue we thought has the most ramifications for our industry, and what you can do about them.
  • What’s Up with WatchGuard  [27:15 - 40:02] – Blazing Fast Hardware. Join us to learn the latest product news from WatchGuard. Nachreiner interviews the XTM appliance product manager, Brendan Patterson, to learn about some exciting new products that just released. They also discuss some of the highlight features in our most recent, 11.7 software release. If you own WatchGuard gear, you won’t want to miss this segment.

So settle in, adjust your volume, and enjoy the show.

[runtime: 1:02:14]

You can always find the latest episode of Radio Free Security:

— Corey Nachreiner, CISSP (@SecAdept)

December Radio Free Security: 2013 Security Predictions

WatchGuard’s 2013 Security Predictions Unveiled

Radio Free Security (RFS) is a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you.

Love ‘em or loath ‘em, security predictions have become a pretty regular part of the holiday season. Personally, I believe they contribute value to the information security (infosec) industry. After all, at their core, predictions are based on real industry trends; pundits and analysts (like me) just like to wildly extrapolate those trends to make them sound fun and entertaining. However, the true point of predictions—well, my true point anyway—is to educate and spread awareness. Hopefully, talking about these potential security issues can prepare you to avoid them before they happen to you.

A few weeks ago, you heard the Radio Free Security (RFS) co-hosts and I go over our 2012 security predictions, to see how we did. I’d say we earned a C+. During this month’s episode, I’ll see if I can score better by unveiling my 2013 security predictions to the same team. I purposely kept my annual forecasts from them until this recording, just so you’d get their honest, gut reactions. Do they whole-heartedly agree with my foretellings, or scoff at my foolhardy imaginings? Listen in to find out.

To give you a hint of what you’re in for, the predictions cover topics such as life-threatening hardware hacks, mobile device pick-pockets, cyber strike-back, zombie browsers, and much more. Whether or not our specific predictions come true, the episode explores many real infosec trends that everyone, from the smallest consumer to largest enterprise CSO, will face  in 2013. At the very least, I suspect my predictions will prove a little more accurate than the ancient Mayans’ one about December 21, 2012 (hope I don’t eat my words).

So, grab your favorite holiday beverage, get comfortable, and settle in for Radio Free Security’s final 2012 episode.

Note: Due to the seasonal sniffles, our web team cannot post this episode to its normal feeds until tomorrow. For now, you can download a ZIP version of the episode, or listen to it using the player below. The links to RFS’s normal locations will be updated shortly.

[runtime: 2:02:56]

You can always find the latest episode of Radio Free Security:

— Corey Nachreiner, CISSP (@SecAdept)

Radio Free Security: November 2012 Episode

2012 Security Predictions in Review: Win or Fail?

We’re nearing the end of the year, which means the season of holiday decorations, spiked eggnog, and Christmas music blaring in every store and on all the radio stations… It also means the season of annual predictions.

Every year, the WatchGuard security analysts and I pull out our crystal balls, tarot cards, and tea leaves, and try to forecast some of the security threats and trends you can expect in the following year. November’s episode of Radio Free Security (RFS) is the first of our two-part, end-of-the-year security prediction series.

In this first prediction episode, I invite my co-hosts from our regular Security Story of the Month segment to review our 2012 security predictions, and decide how we did. Were WatchGuard’s security predictions on the mark, or were they epic fails? In this episode, we learn the more people invited to weigh in, the harder it is to decide. In any case, whether you’re curious about the accuracy of our previous predictions, or just want a quick review of some of the biggest security incidents of the year, this episode is for you.

Of course, you can probably guess what we’ll cover in the second episode of our two-part series. That’s right! Our 2013 Security predictions. Rather than wait till the end of the month, we’ll post December’s RFS prediction episode in a week or so. That way you’ll have time to check out our new predictions before the year ends. In fact, I’ll share a little secret. You can already check out our 2013 predictions on our web page, but you should still listen in next week to see how the team reacts to a few of the more sensational forecasts.

By the way, for those new to Radio Free Security (RFS), it’s a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you.

So grab a steaming cup of holiday cocoa, settle into a plush chair by the fire, and join us for the 2012 prediction review episode of Radio Free Security.

You can always find the latest episode of Radio Free Security:

Or just listen to November’s episode using the player below [runtime: 1:24:34].

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,675 other followers

%d bloggers like this: