Courses:

Offensive Countermeasures: The Art Of Active Defense: SANSFIRE June 15-16, Blackhat USA July 27-28 & 29-30


Conferences:

Check out the entire PaulDotCom crew at BsidesRI June 14-15th!



Subscribe:

Blog:
Videos:
Podcast:


PaulDotCom Español


Hack Naked TV


Hack Naked At Night


Stogie Geeks


Sponsored By:


www.coresecurity.com


www.tenablesecurity.com


www.sans.org



Follow Us On:


twitter.com/pauldotcom

PaulDotCom YouTube Channel


June 2012 Archives

Episode 294 with Marcus Sachs Tonight 6pm ET

By
Paul Asadoorian
on June 28, 2012 4:20 PM |

We have on

Episode 294 of PaulDotCom Security Weekly Marcus Sachs!. Come participate in our IRC channel or sit back and enjoy it live via our Ustream channel:

NOTE: The video will play the most recent show up until we are live!

For interactive live video, audio, and chat during each episode you can visit PaulDotCom Live!, just hang out in our IRC channel, or if you prefer, visit the Episode 294 show notes page.

Don't forget to follow us on Twitter: Paul Asadoorian, Larry Pesce, Jack Daniel, Carlos Perez, John Strand and Mike Perez.

Drunken Security News Episode 293

By
Paul Asadoorian
on June 25, 2012 10:10 PM |

Tripping, puking, and more!

Episode 293 Show Notes

Episode 293 Part 1 (mp3)

Episode 293 Part 2 (mp3)

Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

Analyzing Web Applications Using Fiddler2 - Episode 293

By
Paul Asadoorian
on June 25, 2012 10:08 PM |

Sometimes a web application is independent of a browser. How does one perform a web application pen test on such a setup? Watch this for some tips on how!

Episode 293 Show Notes

Episode 293 Part 1 (mp3)

Episode 293 Part 2 (mp3)

Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

Jonathan Cran Interview - Episode 293

By
Paul Asadoorian
on June 25, 2012 10:01 PM |

Getting hacked hardcore by Turkish dude, cool penetration testing tools and the latest with Pwnie Express!

Episode 293 Show Notes

Episode 293 Part 1 (mp3)

Episode 293 Part 2 (mp3)

Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

Hack Naked TV Episode 39

By
John Strand
on June 22, 2012 12:26 PM |

In this episode we talk about the linkedIn lawsuit. We also discuss the importance of shoes and training management.

Because if you don't, they go on the floor.

<


Links for this episode:


  • LinkedIn sued for 5 million dollars
  • Top Breach Mistakes
  • We are going to need more security people


    Links to cool stuff our awesome sponsors are providing:

    black-cp.jpeg

    CloudPassage offers a free Basic version of Halo that includes extensive cloud security features, such as host-based firewalls, vulnerability management, security event alerting, server account management and intrusion detection. Halo works with any cloud provider and makes server security portable across environments. The convenient Halo portal allows you to manage all your security from one screen, whether it's in public, private or hybrid clouds – even traditional data centers.

    Check it out here

    LogLogiclogo.png

    Manage your Big Data with the most scalable log & security intelligence platform for the Enterprise & Cloud.Don’t take our word. Try it for yourself! For a limited time, download here

    Video Feeds:

    • Episode 293 with Pentestify-er Jonathan Cran Thursday night 6pm ET

    By
    Mike Perez
    on June 19, 2012 8:00 AM     |

    We have on

    Episode 293 of PaulDotCom Security Weekly features newly minted Pwnie Express CTO and Pentestify blogger Jonathan Cran. Come participate in our IRC channel or sit back and enjoy it live via our Ustream channel:

    NOTE: The video will play the most recent show up until we are live!

    For interactive live video, audio, and chat during each episode you can visit PaulDotCom Live!, just hang out in our IRC channel, or if you prefer, visit the Episode 293 show notes page.

    Don't forget to follow us on Twitter: Paul Asadoorian, Larry Pesce, Jack Daniel, Carlos Perez, John Strand and Mike Perez.

    Parsing Nessus CSV Output Using Bash - Episode 292

    By
    Paul Asadoorian
    on June 18, 2012 3:31 PM     |

    A quick tip on parsing some Nessus results and making the output compatible with some other tools.

    Episode 292 Show Notes

    Episode 292 Part 1 (mp3)

    Episode 292 Part 2 (mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Thomas Ptacek Interview - Episode 292

    By
    Paul Asadoorian
    on June 18, 2012 3:29 PM     |

    We talk to Thomas about web security, encryption, and so much more!

    Episode 292 Show Notes

    Episode 292 Part 1 (mp3)

    Episode 292 Part 2 (mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Drunken Security News #292

    By
    Paul Asadoorian
    on June 18, 2012 3:26 PM     |

    Security FAIL - BigIP, MySQL, grid certificates and more!

    Episode 292 Show Notes

    Episode 292 Part 1 (mp3)

    Episode 292 Part 2 (mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Hack Naked TV Episode 38

    By
    John Strand
    on June 15, 2012 9:39 AM     |

    In this episode we talk about bring your own devices, we discuss how God can impact exploit development, and we cover the BigIP big vulnerability, because it is just funny.


    Links for this episode:


  • BYOD should be DOA
  • A new MySQL Hack
  • Testing Web Services
  • BigIP = BigFail


    Links to cool stuff our awesome sponsors are providing:

    black-cp.jpeg

    CloudPassage offers a free Basic version of Halo that includes extensive cloud security features, such as host-based firewalls, vulnerability management, security event alerting, server account management and intrusion detection. Halo works with any cloud provider and makes server security portable across environments. The convenient Halo portal allows you to manage all your security from one screen, whether it's in public, private or hybrid clouds – even traditional data centers.

    Check it out here

    LogLogiclogo.png

    Manage your Big Data with the most scalable log & security intelligence platform for the Enterprise & Cloud.Don’t take our word. Try it for yourself! For a limited time, download here

    Video Feeds:

    • Episode 292 with Thomas Ptacek, Tim Tomes & Raphael Mudge

    By
    Mike Perez
    on June 14, 2012 9:00 AM     |

    Episode 292 of PaulDotCom Security Weekly will feature Matasano founder Thomas Ptacek as well as a Tech Segment by Tim Tomes on Malware Deployment Techniques. The awesomeness will be followed by a special announcement from Raphael "ArmitageHacker" Mudge. Come participate in our IRC channel or sit back and enjoy it live via our Ustream channel:

    NOTE: The video will play the most recent show up until we are live!

    For interactive live video, audio, and chat during each episode you can visit PaulDotCom Live!, just hang out in our IRC channel, or if you prefer, visit the Episode 292 show notes page.

    Don't forget to follow us on Twitter: Paul Asadoorian, Larry Pesce, Jack Daniel, Carlos Perez, John Strand and Mike Perez.

    What's That Web Server? - Enumerating HTTP Services

    By
    Paul Asadoorian
    on June 12, 2012 10:48 AM     |

    Learn how to use some useful scripts and tools to create an index page of all discovered HTTP(S) services:

    Episode 291 Show Notes

    Episode 291(mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Drunken Security News #291

    By
    Paul Asadoorian
    on June 12, 2012 10:46 AM     |

    Malware overloading printers, Linked in mess, VUPEN exploits leaked?, getting revenge on the TSA:

    Episode 291 Show Notes

    Episode 291(mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Software Defined Radio on the Cheap for Penetration Testing

    By
    Paul Asadoorian
    on June 12, 2012 10:42 AM     |

    Remember a while back we talked about using a "police scanner" to monitor POCSAG and Flex pager traffic, as well as listening in to 900Mhz baby monitors and cordless phones. Well, that was pretty fun, but it took a couple hundred dollars in gear AND a laptop. What if there was a better way?:

    Episode 291 Show Notes

    Episode 291(mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Episode 291 - Friday Night Podcast 7PM ET

    By
    Mike Perez
    on June 7, 2012 7:00 AM     |

    Slight schedule change this week - Episode 291 of PaulDotCom Security Weekly will be recorded on Friday at 7PM ET, but our regular Thursday timeslot resumes next week. Come spend your Friday night in our IRC channel or sit back and enjoy it live via our Ustream channel:

    NOTE: The video will play the most recent show up until we are live!

    For interactive live video, audio, and chat during each episode you can visit PaulDotCom Live!, just hang out in our IRC channel, or if you prefer, visit the Episode 291 show notes page.

    Don't forget to follow us on Twitter: Paul Asadoorian, Larry Pesce, Jack Daniel, Carlos Perez, John Strand and Mike Perez.

    Exploiting RFI Using Metasploit

    By
    Paul Asadoorian
    on June 4, 2012 10:26 PM     |

    Shout out to the fine folks at Offensive Security who wrote Metasploit Unleashed:

    Episode 290 Show Notes

    Episode 290 Part 1 (mp3)

    Episode 290 Part 2 (mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Fun With SQL Injection - Special Guest Allison Nixon

    By
    Paul Asadoorian
    on June 4, 2012 10:14 PM     |

    SQL Injection Primer:

    SQL Injection Examples:

    Episode 290 Show Notes

    Episode 290 Part 1 (mp3)

    Episode 290 Part 2 (mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Overcoming Anti-Forensics & The Forensics Challenge

    By
    Paul Asadoorian
    on June 4, 2012 10:07 PM     |

    The fine folks at LMG tell us all about a fun challenge and give you some technical tips on network forensics:

    Episode 290 Show Notes

    Episode 290 Part 1 (mp3)

    Episode 290 Part 2 (mp3)

    Tune in to PaulDotCom Security Weekly TV, Hack Naked TV, and Hack Naked At Night episodes on our YouTube Channel or our Bliptv channel.

    Hack Naked TV Episode 37

    By
    John Strand
    on June 1, 2012 9:48 AM     |

    In this episode we talk about hype, how to save kittens and more HIPAA violations.



    Links for this episode:

  • Flame on Flame
  • NASA SSL MITM
  • 750,000 is a lot go money to blow on HIPAA violations
  • Offensive Countermeasures at BlackHat


    Links to cool stuff our awesome sponsors are providing:

    black-cp.jpeg

    CloudPassage offers a free Basic version of Halo that includes extensive cloud security features, such as host-based firewalls, vulnerability management, security event alerting, server account management and intrusion detection. Halo works with any cloud provider and makes server security portable across environments. The convenient Halo portal allows you to manage all your security from one screen, whether it's in public, private or hybrid clouds – even traditional data centers.

    Check it out here

    LogLogiclogo.png

    Manage your Big Data with the most scalable log & security intelligence platform for the Enterprise & Cloud.Don’t take our word. Try it for yourself! For a limited time, download here

    Video Feeds:
    • « May 2012 | Main Index | Archives | July 2012 »