Preview Mode Links will not work in preview mode

Feb 14, 2018

Direct Link:  http://traffic.libsyn.com/brakeingsecurity/2018-005-Securing_CMS_and_mobile_devices-phishing_story.mp3

Topics:

Discussion of Ms. Berlin's course

CAPEC discussion

RTF malware MS Office

A Phishing story...

Mobile Supply Chain Security

CMS Supply Chain Security

Ms. Berlin’s course - recap of 2nd session

 

Brakeing Down IR -date?

 

Any malware of note?

Upgrade your Office!  Just double-clicked, used rtf and document never opened, just the script ran.

 

Supply chain isn’t just Hardware… software stacks abound and not followed

 

Wordpress plugins, CMS plugins/themes… not monitored, weakly secure

Keeping track is as important as asset management

Do you know what your CMS is running, plugin wise?

And if plugins aren’t bad enough, you have PHP to deal with

 

Suggestions:

Buy plugins - you get what you pay for

Check what support  you get (always a good idea)

Require reviews for new plugins, and old ones, esp if they haven’t updated in a while

Are they still maintained? (abandonware bad)

New owners? (many plugins and apps get bought and then start changing permissions, or worse, serving malware)

 

Joomla -

Vulnerable Extensions list - https://vel.joomla.org/live-vel

Wordpress - WPScan     https://wpvulndb.com/plugins

https://capec.mitre.org/


https://theconversation.com/explainer-how-malware-gets-inside-your-apps-79485

PYPI - https://arstechnica.com/information-technology/2017/09/devs-unknowingly-use-malicious-modules-put-into-official-python-repository/

CCleaner -

https://www.theverge.com/2017/9/18/16325202/ccleaner-hack-malware-security

News:

https://hotforsecurity.bitdefender.com/blog/uh-oh-how-just-inserting-a-usb-drive-can-pwn-a-linux-box-19586.html

Adversary generation systems

Red Baron - https://www.coalfire.com/Solutions/Coalfire-Labs/The-Coalfire-LABS-Blog/february-2018/introducing-red-baron

https://github.com/uber-common/metta

https://github.com/NextronSystems/

https://www.kitploit.com/2018/02/venom-1015-metasploit-shellcode.html

Quickly building Redteam Infrastructure

https://rastamouse.me/2017/08/automated-red-team-infrastructure-deployment-with-terraform---part-1/

If you have an interesting security talk and fancy visiting Amsterdam in the spring, then submit your talk to the Hack In The Box #HITB Amsterdam conference, which will take place between 9 and 13 April 2018. Tickets are already on sale,  And using the checkout code 'brakeingsecurity' discount code gets you a 10% discount". Register at https://conference.hitb.org/hitbsecconf2018ams/register/

 

 

#Spotifyhttps://brakesec.com/spotifyBDS

RSShttps://brakesec.com/BrakesecRSS

#Youtube Channel:  http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site:  https://brakesec.com/bdswebsite

 

Join our #Slack Channel! Email us at bds.podcast@gmail.com

or DM us on Twitter @brakesec

#iHeartRadio App:  https://brakesec.com/iHeartBrakesec

#SoundCloudhttps://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypalhttps://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec