Michael Aminov – Founder & Chief Architect at Perception Point

Michael Aminov works with the Product, Marketing, and Sales teams to bring exceptional value to Perception Point’s customers. He aims to position Perception Point as the top solution for protecting digital communication channels. Michael was formerly the Chief Architect of CyActive, acquired by Paypal, and is a veteran of the Intelligence Corps of the IDF. Michael has spent the last 15 years in the cybersecurity industry and holds a BA in Computer Science from Ben-Gurion University of the Negev.

Josh Marpet

Executive Director at RM-ISAO

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

Paul Asadoorian

Founder at Security Weekly

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

Marcus Sachs – Deputy Director for Research at McCrary Institute for Cyber and Critical Infrastructure Security, Auburn University

Marcus (Marc) Sachs is the Deputy Director for Research at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. He also serves as the Chief Security Officer of Pattern Computer. He is a retired US Army Officer and was a White House appointee in the George W. Bush administration. His private sector experience includes serving as the Deputy Director of SRI International’s Computer Science laboratory, as the Vice President for National Security Policy at Verizon Communications, and as the Senior Vice President and Chief Security Officer of the North American Electric Reliability Corporation (NERC) where he directed the Electricity Information Sharing and Analysis Center (E-ISAC). He was also the Director of the SANS Internet Storm Center and has co-authored several books on information security. He holds degrees in civil engineering, computer science and technology commercialization, and is an avid collector of mechanical cipher equipment.

Josh Marpet

Executive Director at RM-ISAO

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

Joff Thyer

Security Analyst at Black Hills Information Security

Josh Marpet

Executive Director at RM-ISAO

Larry Pesce

Principal Managing Consultant and Director of Research & Development at InGuardians

1. How a new generation of IoT botnets is amplifying DDoS attacks –
2. VMWare Identity Manager Attack: New Backdoor Discovered –
3. CVE-2022-21449: Psychic Signatures in Java –
4. Brave’s browser can automatically bypass Google’s AMP pages –
5. Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System –
6. ESET uncovers vulnerabilities in Lenovo laptops –
7. Cory Doctorow on Twitter –

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

1. What Google is getting wrong about expired domains – TechCrunch – Expired domains are being leveraged to lure users from legitimate backlinks to the prior legitimate site.
2. Hack DHS: Homeland Security’s first bug bounty turns up 122 vulnerabilities – DHS is drinking their own Kool-AId. VDP participation, per BOD 21-01, is now complete for their internet facing sites, and they are now hiring vetted researchers to test them.
3. Static SSH host key in Cisco Umbrella allows stealing admin credentials – Cisco has addressed a high-severity vulnerability (CVE-2022-20773) affecting its Umbrella Virtual Appliance (VA) that could be exploited by attackers to remotely steal administrator credentials.
4. Docker servers hacked in ongoing cryptomining malware campaign – The operators of the “Lemon_Duck” botnet have been spotted conducting a large-scale Monero crypto-mining campaign in which they are exploiting misconfigured Docker systems in order to hide their wallets behind proxy pools.
5. Atlassian Patches Critical Authentication Bypass Vulnerability in Jira – Atlassian has patched a critical authentication bypass vulnerability (CVE-2022-0540) in the Jira and Jira Service Management “Seraph” web authentication framework and could be exploited by attackers to bypass authentication and authorization by sending a specially crafted HTTP request.
   ==> Patch your Jira environment
6. T-Mobile confirms Lapsus$ had access its systems – T-Mobile has confirmed that the “Lapsus$” extortion group managed to breach its network in March 2022, giving the gang access to its systems.

   Team chat messages show LAPSUS$ members continuously targeted T-Mobile employees, whose access to internal company tools could give them everything they needed to conduct hassle-free ‘SIM swaps’

7. Organizations Warned of Attacks Exploiting WSO2 Vulnerability – WSO2’s API Manager, Identity Server, Enterprise Integrator, and Open Banking products are impacted by an arbitrary file upload vulnerability (CVE-2022-29464) that has already been exploited in the wild. Time to roll the update.
8. Group behind Emotet botnet malware testing new methods to get around Microsoft security – Those behind the “Emotet” botnet have been spotted altering their existing methods and testing new attack approaches on a “very small and limited scale,” related to Microsoft actions taken in February to block macros that facilitated malware execution.
9. One-third of employees who quit their jobs take company IP with them? – More bad security news from the Great Resignation: Code42’s new research on Wednesday said that when employees quit their jobs, there’s now a 37% chance the organization will lose intellectual property.

   The research also adds that some 96% of all companies surveyed say they have experienced challenges in protecting corporate data from insider risks.

10. Auction of Dorsey tweet NFT—listed at $48M—closes at high of $280 – The cryptocurrency entrepreneur who bought a NFT of Twitter founder Jack Dorsey’s first tweet was hoping to sell it for $48 million, more than 16 times the $2.9 million he paid for it. But after an auction that lasted a week, the highest bid offered was a mere $280.

Paul Asadoorian

Founder at Security Weekly

1. Major cryptography blunder in Java enables “psychic paper” forgeries – Interesting: “If you are running one of the vulnerable versions then an attacker can easily forge some types of SSL certificates and handshakes (allowing interception and modification of communications), signed JWTs, SAML assertions or OIDC id tokens, and even WebAuthn authentication messages. All using the digital equivalent of a blank piece of paper.”
2. Hackers are exploiting 0-days more than ever – “Mandiant and Project Zero each have a different scope for the types of zero-days they track. Project Zero, for example, doesn’t currently focus on analyzing flaws in Internet-of-things devices that are exploited in the wild. As a result, the absolute numbers in the two reports aren’t directly comparable, but both teams tracked a record high number of exploited zero-days in 2021. Mandiant tracked 80 last year compared to 30 in 2020, and Project Zero tracked 58 in 2021 compared to 25 the year before. The key question for both teams, though, is how to contextualize their findings, given that no one can see the full scale of this clandestine activity.”
3. Musk’s plans to make Twitter’s algorithms public raises disinformation conundrum – “Another advantage of open source is that people can learn from the code,” said Wysopal. “Even if Twitter doesn’t implement improvements, it could lead to better social media algorithms on other or new platforms.” – This could also open up a cat and mouse game, as people figure out how to cheat the algorithms, Twitter then has to implement defenses, those defenses are open-source, rinse, lather and repeat.
4. Hackers can infect >100 Lenovo models with unremovable malware. Are you patched? –
5. The Nimbuspwn Linux Flaw Allows Root Access –
6. 5-Year Vulnerability Trends Are Both Surprising and Sadly Predictable –
7. Zero-Day Vulnerabilities Are on the Rise – Schneier on Security –
8. ‘Bossware is coming for almost every worker’: the software you might not realize is watching you –
9. Atlassian fixes critical Jira authentication bypass vulnerability – “The flaw is tracked as CVE-2022-0540 and comes with a severity rating of 9.9. It allows a remote attacker to bypass authentication by sending a specially crafted HTTP request to vulnerable endpoints.” – just when I think there is a glimmer of hope…
10. Docker servers hacked in ongoing cryptomining malware campaign –
11. These hackers showed just how easy it is to target critical infrastructure –
12. AWS’s Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation –
13. Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System –
14. Elon Musk to Acquire Twitter –
15. A $3 Billion Silk Road Seizure Will Erase Ross Ulbricht’s Debt – “Last year, prosecutors quietly signed an agreement with Ulbricht stipulating that a portion of a newfound trove of Silk Road bitcoins, seized from an unnamed hacker, will be used to cancel out the more than $183 million in restitution Ulbricht was ordered to pay as part of his 2015 sentence, a number calculated from the total illegal sales of the Silk Road based on exchange rates at the time of each transaction.”

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element