Paul Battista – CEO & Founder at Polarity

Paul Battista is CEO and Co-Founder of Polarity.io. Prior to Polarity, Paul was an intelligence officer for the United States Government and participated in all elements of the intelligence cycle from planning operations through dissemination to senior policy makers in the White House. Before his government service, Paul was a senior engineer for Aetna Inc., a penetration tester, and incident responder for multiple fortune 100 customers.

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

Rick Howard – CSO at The CyberWire

Rick is the Chief Analyst, Chief Security Officer, and Senior Fellow at The CyberWire, a cybersecurity podcasting network. His prior jobs include the Palo Alto Networks CSO, the TASC CISO, the iDefense GM (A commercial cyber threat intelligence service at Verisign,) the Counterpane Global SOC Director (one of the original MSSPs), and the Commander of the U.S. Army’s Computer Emergency Response Team where he coordinated network defense, network intelligence and network attack operations for the Army’s global network. He was one of the founding players that created the Cyber Threat Alliance (an ISAC for security vendors) and he also created and still runs the Cybersecurity Canon; a Rock & Roll Hall of Fame for cybersecurity books. Rick holds a Master of Computer Science degree from the Naval Postgraduate School and an engineering degree from the US Military Academy. He also taught computer science at the Academy from 1993 to 1999. He has published many academic papers on technology, security, and risk and has contributed as an executive editor to two books: “Cyber Fraud: Tactics, Techniques and Procedures” and “Cyber Security Essentials.”

Joff Thyer

Security Analyst at Black Hills Information Security

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

Joff Thyer

Security Analyst at Black Hills Information Security

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

1. FragAttacks + Antenna for Hire™: The Perfect Storm in Your Network Airspace –
2. Can the “Gorilla” Deliver? Assessing the Security of Google’s New “Thread” Internet of Things (IoT) Protocol –
3. Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software –
4. Here’s how we got persistent shell access on a Boeing 747 – Pen Test Partners –

Paul Asadoorian

Founder at Security Weekly

1. Cybersecurity leaders lacking basic cyber hygiene – Help Net Security – This is interesting? – “48% of cybersecurity leaders use their work computer to log on to social network platforms. Further, 77% are willing to accept connection/friend requests from unknown individuals—especially on LinkedIn (63%).”
2. Introducing Security By Design – But what is the incentive? – “That’s why we’ve launched Security by Design on Google Play Academy to help developers identify, mitigate, and proactively protect against security threats. The Android ecosystem, including Google Play, has many built-in security features that help protect developers and users. The course Introduction to app security best practices takes these protections one step further by helping you take advantage of additional security features to build into your app.”
3. nginx 1.20.0 DNS Resolver Off-By-One Heap Write –
4. Bypassing Container Image Scanning – This is awesome, and a simple little trick to lock down the container: “For example, try building RUN apt-get remove apt into the image after all of it’s essential packages have been installed. The packages will remain on the image, but the runtime scanner will be unable to query with apt list, therefore resulting in 0 vulnerabilities found.” Of course, you should not be running as root anyhow. Ooooh and this: “If you know exactly where and how the runtime scanner binary gets injected, find a way to prevent it. For example in the microscanner case above, we know it will add the scanner binary at /microscanner . In this case, we can add a layer before the microscanner gets written that creates a symlink to /dev/null. Meaning at image build time the microscanner binary gets discarded instead of written to the filesystem.”
5. Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack –
6. Kali Linux team releases Kaboxer, a tool for managing applications in containers – Help Net Security –
7. “Unpatchable” vuln in Apple’s new Mac chip – what you need to know – “According to Hector Martin, this register can be read from by userland programs running at EL0, though he doesn’t know what the register is actually used for, if anything. However, userland programs aren’t supposed to be able to write into it, given that it’s a system register and supposedly off-limits to EL0 programs. But Martin discovered that userland code can write to just two individual bits inside this register – bits that are apparently otherwise unused and therefore might be considered unimportant or even irrelevant… …and those bits can then be read out from any other userland program.”
8. New Rowhammer Vulnerability Exploits Increasingly Smaller DRAM Chips –
9. NASA identified 1,785 cyber incidents in 2020 –
10. Let’s Stop Blaming Employees for Our Data Breaches –
11. Hackers used macOS 0-days to bypass privacy features, take screenshots – “According to Jamf researchers Jamf researchers Jaron Bradley, Ferdous Saljooki, and Stuart Ashenbrenner, the malware controls legit applications that can capture screen records or screenshots without requiring user consent as soon as it infects the device.”
12. CVE-2021-21551: Learning Through Exploitation –
13. Bosses putting a ‘digital leash’ on remote workers could be crossing a privacy line –
14. The Colonial pipeline ransomware hackers had a secret weapon: self-promoting cybersecurity firms – “. By publicizing its tool, Bitdefender alerted DarkSide to the lapse, which involved reusing the same digital keys to lock and unlock multiple victims. The next day, DarkSide declared that it had repaired the problem, and that “new companies have nothing to hope for.””
15. M1RACLES: An Apple M1 Vulnerability –
16. Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now! –
17. Vulnerability in VMware product has severity rating of 9.8 out of 10 –
18. Bluetooth bugs open the door for attackers to impersonate devices –
19. SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern – CyberScoop – Backpedaling: ““What happened at the congressional hearings where we attributed it to an intern was not appropriate, and was not what we are about or is not what we are about,” he said. “We have learned from that and I want to reset it here by saying that we are a very safe environment, and we want to attract and retain the best talent.”” and this: ““As we look back, they were doing very early [reconnaissance] activities in January of 2019,” he said.”
20. Bose Corporation discloses breach after ransomware attack. – CyberWorkx –
21. Leaky John Deere API’s: Serious Food Supply Chain Vulnerabilities Discovered by Sick Codes, Kevin Kenney & Willie Cad – Awesome write-up, down the rabbit hole we go: “Suddenly they had a private vulnerability disclosure program. It did not exist when we started. 24 hours later, I received the invitation to the program… I was the only researcher in the program The program was created that day Every single asset had no bounty The company does not allow public disclosure”
22. How to protect your Wi-Fi devices from new FragAttacks vulnerabilities –
23. The Full Story of the Stunning RSA Hack Can Finally Be Told –
24. Global Socket – If you trust someone else’s computers…
25. Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software –
26. Getting a persistent shell on a 747 IFE – This was neat. Windows NT!