View More PSW Episodes

PSW #735 – Sean Metcalf & Jay Beale

This week, we start the show off with an interview Sean Metcalf, the Founder & CTO of Trimarc, where we talk “Active Directory, Azure AD, & Okta Oh My!” An interview featuring featuring Jay Beale, the CEO of InGuardians, about Kubernetes & Container security! Finally, in the Security News for this week: Ransomeware that was a breeze, getting an eyeful while charging your electric vehicle, scanning for secrets, find my iphone is useful, WTF Apple moments and why I run Linux, Wyze is not very wise, stopping teen hackers, and ranking endpoint detection! All that and more, on this episode of Paul’s Security Weekly! Segment Resources: -Peirates, a Kubernetes penetration testing tool:...

Full Show Notes
Segment One

Identity Security Challenges – Active Directory, Azure AD, & Okta Oh My! – Sean Metcalf – PSW #735

Attackers are targeting the systems that control access. This includes Active Directory, Azure AD, and recently Okta. Once they have access to identity, attackers can move onto systems that provide access to data and persistence.

Guest
https://www.trustedsec.com

Sean Metcalf is an Identity Security Architect at TrustedSec. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) Active Directory certification, is a Microsoft MVP, and has presented on Active Directory, Azure AD, & Microsoft Cloud attack and defense at security conferences such as Black Hat, BSides, DEF CON, and DerbyCon.

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Segment Two

Hacking Kubernetes – Jay Beale – PSW #735

Jay comes on the show to talk about container and Kubernetes architecture and security (or lack thereof).

Segment Resources:

Peirates, a Kubernetes penetration testing tool: https://www.inguardians.com/peirates/

Free Kubernetes workshops: https://inguardians.com/kubernetes/

DEF CON Kubernetes CTF https://containersecurityctf.com/

Jay's Black Hat Kubernetes Attack and Defense Training https://www.blackhat.com/us-22/training/schedule/index.html#abusing-and-protecting-kubernetes-linux-and-containers-26473

Guest

Jay Beale (@jaybeale) works on Kubernetes and cloud native security, both as a professional threat actor and in his open source work. He’s the architect of the Peirates attack tool for Kubernetes & the @Bustakube CTF cluster. He created Bastille Linux and the CIS Linux scoring tool, used by hundreds of thousands. Since 2000, he has led training classes on Linux & Kubernetes security at the Black Hat, RSA, CanSecWest and IDG confs. An author and speaker, Beale has contributed to nine books, two columns and over 100 public talks. He is a co-founder and CEO of the infosec consulting company InGuardians.

Announcements

  • Security Weekly listeners, save $100 on your RSA Conference 2022 Full Conference Pass! RSA Conference will be live in San Francisco June 6th-9th, 2022. Security Weekly will be there in full force, delivering real-time, live coverage and interviewing some of the event’s top speakers and sponsors. To register using our discount code, please visit https://securityweekly.com/rsac2022 and use the code 52UCYBER. We hope to see you there!

Segment Three

Teen Hackers, WTF Apple, Finding iPhones, & Getting Wise to Wyze – PSW #735

In the Security News for this week: Ransomware that was a breeze, getting an eyeful while charging your electric vehicle, scanning for secrets, find my iPhone is useful, WTF Apple moments and why I run Linux, Wyze is not very wise, stopping teen hackers, ranking endpoint detection, & more!

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

List of Articles

Paul Asadoorian

  1. A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems
    "Nordex did not disclose technical details of the cyberattack, but the fact that it was forced to shut down part of its IT infrastructure suggests that it felt victim to a ransomware attack."
  2. Electric Vehicle Chargers Hacked to Show Porn
    Gives a whole new meaning to a supply chain attack: "We are saddened to learn that a third-party web address displayed on our electric vehicle (EV) signage appears to have been hacked."
  3. Peace through Pegasus: Jordanian Human Rights Defenders and Journalists Hacked with Pegasus Spyware – The Citizen Lab
  4. GitHub Advanced Security: Introducing security overview beta and general availability of secret scanning for private repositories
    Nice: "Expanded secret scanning’s pattern coverage to cover tokens from more than 35 partners, Added an API and webhooks for secret scanning alerts, Started sending notifications to commit authors (as well as admins) when they commit secrets"
  5. Hackers have found a clever new way to steal your Microsoft 365 credentials
  6. Cash App notifies 8.2 million US customers about data breach
  7. Establishment of the Bureau of Cyberspace and Digital Policy – United States Department of State
    "The CDP bureau includes three policy units: International Cyberspace Security, International Information and Communications Policy, and Digital Freedom."
  8. Ukrainians use ‘Find My iPhone’ to see where Russians took their stolen Apple devices
    "Thefts include technology, allowing Ukrainians to use Apple's 'Find My iPhone' feature to track troop movements. "Ukrainians are locating their devices on the territory of the Homiel region, Belarus, where part of the Russian army retreated" - You'd think that tech stolen by Russian troops would go into RF shielding bags/cases, but no, they are being tracked (thankfully).
  9. Apple Neglects to Patch Two Zero-Day, Wild Vulnerabilities for macOS Big Sur, Catalina – The Mac Security Blog
    This is why I run Linux (and no, not because it does not have vulnerabilities, but at least MOST security issues are out in the open and at least there if you look for them).
  10. Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition
    Interesting to see the results, Microsoft coming in at #6 especially.
  11. Vulnerabilities Identified in Wyze Cam IoT Device
    It seems like the authentication bypass has not yet been fixed, but the other two issues were addressed. But get this, Wyze did a terrible job handling the disclosure. Also, Bitdefender was generous and gave them like 18 months before they published. This is one hot mess for sure.
  12. I’m done with Wyze
  13. A Former Teen Hacker Explains Why It’s So Hard to Stop Teen Hackers
    Actually, he (Marcus Hutchins who is interviewed for this article) doesn't explain it at all but does provide some insights.
  14. Critical GitLab vulnerability lets attackers take over accounts
  15. Cybercriminals Fighting Over Cloud Workloads for Cryptomining
Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Episodes

Related Content

You can skip this ad in 5 seconds