Salesforce, Dropbox, BeyondTrust, Pentesting, and Defcon – Paul’s Security Weekly #525

Mystery bug bounties, Marcus Hutchins pleads not guilty, a password guru regrets past advice, Dropbox and offline two-factor authentication, and more security news!

Paul’s Stories

  1. Mystery Company Offers $250,000 Bounty for VM Escape Vulnerabilities
  2. Hacker Marcus Hutchins To Plead Not Guilty To Malware Development
  3. Password Guru Regrets Past Advice
  4. Salesforce Sacks Security Engineers For Their Defcon Talk
  5. .why .its .time .to .fix .localhost
  6. Juniper Issues Security Alert Tied to Routers and Switches
  7. Dropbox Adds an Offline Way to Do Two-Factor Authentication
  8. Patched Flash Player Sandbox Escape Leaked Windows Credentials
  9. BeyondTrust Delivers a Privileged Access Management Platform Available on Google Cloud
  10. Tech Support Scammers Cast a Wider Net
  11. Are You Ready for Your Pen Test?
  12. Automating Defenses Against Assembly-Line Attacks
  13. Microsoft issues out-of-band security updates for Outlook, Office

Larry’s Stories

  1. Sales forced out
  2. CarbonBlack leaking data? – [ https://www.carbonblack.com/2017/08/09/directdefense-incorrectly-asserts-architectural-flaw-in-cb-response/ ….and their response]
  3. WiFi Deauther on the cheap
  4. the week of evading MS ATA – Remember back in the day when the week of/month of was a thing?
  5. Malware hidden in synthetic DNA – What the actual fsck…..

Jeff’s Stories

  1. Speaking of Bob and Alice…

Full Show Notes

Subscribe to YouTube Channel