You can buy Bitcoin ATM malware for $25,000 in the Dark Web

August 8^th 2018 at 06:29

Malware targeting cryptocurrency-based ATMs commands high prices in the underground.

ZDNet | security RSS

Pentagon bans military from using GPS apps and fitness trackers

August 8^th 2018 at 07:05

Those on active duty are being told not to use devices and apps with GPS, but the policy may be difficult to impose.

ZDNet | security RSS

New Wi-Fi attack cracks WPA2 passwords with ease

August 8^th 2018 at 08:40

The common Wi-Fi security standard is no longer as secure as you think.

ZDNet | security RSS

DeepLocker: When malware turns artificial intelligence into a weapon

August 8^th 2018 at 10:00

In the future, your face could become the trigger for the execution of malware.

ZDNet | security RSS

OpenEMR security flaws could have exposed millions of patient records

August 8^th 2018 at 10:40

Over 20 severe bugs were found using only manual methods by a single cybersecurity group.

ZDNet | security RSS

Comcast customer portal vulnerabilities exposed sensitive data

August 9^th 2018 at 08:43

Two serious security flaws in Comcast systems may have left home addresses and social security numbers up for grabs.

ZDNet | security RSS

BIND DNS software vulnerability which could lead to DoS attacks exposed

August 9^th 2018 at 08:54

The bug impacts multiple versions of the open-source software.

ZDNet | security RSS

Smart city systems are riddled with critical security vulnerabilities

August 9^th 2018 at 10:00

Updated: Researchers have uncovered countless zero-day bugs which can be used to kill our critical city systems.

ZDNet | security RSS

Challenge accepted: 15-year-old plays Doom on 'unhackable' Bitfi

August 9^th 2018 at 10:29

Bitfi is becoming something of a joke as an "unhackable" device -- but there may be more to come.

ZDNet | security RSS

Open, Cortana: Voice assistant used to bypass locked Windows 10 machine security

August 9^th 2018 at 15:17

Exploit of Microsoft's Cortana did not require any external code.

ZDNet | security RSS

Crowdfense launches platform to source new zero-day vulnerabilities for sale

August 10^th 2018 at 06:44

Researchers will be given a platform to sell both zero-day security flaws and exploit chains.

ZDNet | security RSS

AWS error exposed GoDaddy business secrets

August 10^th 2018 at 09:33

Updated: It is believed information belonging to thousands of GoDaddy systems was leaked due to the failure.

ZDNet | security RSS

PayPal, Square vulnerabilities impact mobile point-of-sale machines

August 10^th 2018 at 11:18

Researchers have disclosed the existence of point-of-sale bugs which impact mobile payment services worldwide.

ZDNet | security RSS

Hackers can steal data from the enterprise using only a fax number

August 12^th 2018 at 22:00

Fax machines are still widely used by businesses and a communications protocol vulnerability is leaving them exposed to cyberattacks.

ZDNet | security RSS

25 Android smartphone models contain severe vulnerabilities off the shelf

August 13^th 2018 at 09:28

Researchers say that the swathe of bugs impacts major vendors.

ZDNet | security RSS

Apple macOS vulnerability paves the way for system compromise with a single click

August 13^th 2018 at 10:28

Tampering with two lines of code unveiled a serious bug which could lead to full system compromise.

ZDNet | security RSS

The future of IoT? State-sponsored attacks, say security professionals

August 13^th 2018 at 14:15

IT security professionals believe that nation states will begin to exploit smart, connected devices in the next 12 months.

ZDNet | security RSS

Man-in-the-Disk attacks take advantage of Android storage systems

August 14^th 2018 at 07:30

Updated: The novel attack technique relies on Android developers which use lazy storage protocols.

ZDNet | security RSS

Hackers can infiltrate police body cameras to tamper with evidence

August 14^th 2018 at 09:23

It is possible that crucial recordings could be modified or deleted due to vulnerabilities in body cam software.

ZDNet | security RSS

Beyond Spectre: Foreshadow, a new Intel security problem

August 14^th 2018 at 19:37

Researchers have broken Intel's Software Guard Extensions, System Management Mode, and x86-based virtual machines.

Paul's Security Weekly

Paul's Security Weekly - Episode 1

By paul@securityweekly.com — October 27^th 2005 at 12:00

💾

Paul's Security Weekly

Paul's Security Weekly - Special Edition - Marty Roesch Interview

By paul@securityweekly.com — November 4^th 2005 at 13:00

💾

Paul's Security Weekly

PaulotDotCom Security Weekly - Episode 2 - Nov 11, 2005

By paul@securityweekly.com — November 11^th 2005 at 13:02

💾

Paul's Security Weekly

PaulotDotCom Security Weekly - Episode 3 - Nov 18, 2005

By paul@securityweekly.com — December 4^th 2005 at 16:43

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 4 - Nov 25, 2005

By paul@securityweekly.com — December 4^th 2005 at 16:44

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 5 - Dec 2, 2005

By paul@securityweekly.com — December 4^th 2005 at 17:29

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 6 - Dec 9, 2005

By paul@securityweekly.com — December 11^th 2005 at 16:14

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 7 - Dec 16, 2005

By paul@securityweekly.com — December 18^th 2005 at 16:42

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 8 - Dec 16, 2005

By paul@securityweekly.com — December 23^rd 2005 at 00:02

💾

Paul's Security Weekly

Paul's Security Weekly - WMF Summary - Jan 5, 2006

By paul@securityweekly.com — January 6^th 2006 at 13:45

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 9 - Jan 5, 2006

By paul@securityweekly.com — January 6^th 2006 at 15:09

💾

Paul's Security Weekly

Paul's Security Weekly - Special Edition - Schmoocon Update - Jan 15 2006

By paul@securityweekly.com — January 15^th 2006 at 16:24

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 10 - Jan 13, 2006

By paul@securityweekly.com — January 15^th 2006 at 20:56

💾

Paul's Security Weekly

Paul's Security Weekly - Special Edition - Richard Bejtlich Interview - Jan 19 2006

By paul@securityweekly.com — January 20^th 2006 at 04:13

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 11 - Jan 20, 2006

By paul@securityweekly.com — January 23^rd 2006 at 13:19

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 12 - Jan 27, 2006

By paul@securityweekly.com — January 29^th 2006 at 21:51

We didn't think that this episode would ever make it to post-preduction (two dropped Skype calls and the primary and secondary recording devices failed. Good thing we were recording video, which we had problems with too). I think this episode officially has been cursed by ninjas, so listen at your own risk!

Here is a link to the audio stream from Larry's SANS What Works Webcast for Core Impact (Pimpin' All Over The World)
Please leave us comments in iTunes via the iTunes Store!
Create your own ISP? Send us what you think, what kind of servers, firewalls, routers wuld you use at your ISP?
Using Cain & Abel for good instead of evil?
Check out Irongeek's Web Site for printer hacking and other cool stuff
Ancient Flaws leave OS X vulnerable?
British Parliment attacked with WMF exploit
RI.gov's web site got hacked and they stole credit card numbers
And much more!

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 13 - Feb 3, 2006

By paul@securityweekly.com — February 6^th 2006 at 01:36

For the first time we will be releasing the audio and video versions of our show at the same time! Of course, we've still got some audio issues that need to be addressed, and hopefully we will have some better video content coming soon. Got some suggestions? Send us feedback!

We recommend CME for referencing since every anti-virus uses something diff
hack-a-day is cool, go check it out
Shmoocon DVDs are available, get em' here
Blackworm came and went
Google giving into the government?
WMF was sold for $4k
Planting rootkits in BIOS, very cool/dangerous
and more!

Full Show Notes here. .com

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 14 - Feb 12, 2006

By paul@securityweekly.com — February 13^th 2006 at 13:09

RI.gov website hacking details (In Russian) - We won't say where we got this one (Well, unless it involves a car battery and probes, then we'll tell), but its pretty cool, even if you don't speak Russian.
VPN 3000 Series DoS Saga Continues - So the latest version is 4.7.2D, does this fix the problem?
Will Vista Offer Improved Security?] - I am very skeptical as to whether or not Vista will improve the security of the Windows desktop OS. With new features that include "easy real-time wireless collaboration and online file sharing" their just asking for trouble. So, while it may fix some problems, its going to open the doors to so many new flaws.
Two more flaws found in windows - Return of WMF? Well , not exactly. And a bug found in Windows XP SP1.
U.S. Prepares to hack the world - Okay, so maybe not the world, but a country anyway.
And Much More!

💾

Paul's Security Weekly

Paul's Security Weekly - Special Edition - Mike Poor & Ed Skoudis Interview - Part I

By paul@securityweekly.com — February 17^th 2006 at 04:14

We are very excited to present to our listeners an exclusive interview with Mike Poor & Ed Skoudis of Intelguardians and The SANS Institute. Larry, The Mason, and myself spoke with Mike and Ed about a wide range of information security topics. This is part I of a two part interview. In part I we discuss:

First computers that Mike and Ed owned (NOT 0wn3d, see part II for that, kidding of course :)
How Mike and Ed got their start in the information technology field
They describe the primary courses they teach at SANS, GCIA and GCIH
A really good description of SANS EDU
Their experiences as incident handlers for The Internet Storm Center (ISC)
Recent security incident trends, such as more hackers going to jail
Botnet economics and strategies, plus ways to defend against the almighty botnet!
Current malware trends and defense mechanisms, including Mike Poor's commentary on IDS and malware

Fr more information including all feed links and direct downloads go here.

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 15 - Feb 17, 2006

By paul@securityweekly.com — February 19^th 2006 at 20:24

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Interview of Mike Poor and Ed Skodis Part I has been posted
Our Frapper Map service is available now, go to http://securityweekly.com and add yourself to the map!
One of our listeners recommends "Damn Small Linux" for a USB Thumb drives can boot Linux.
This Week's Show Links

For direct downloads and full show information go here.

💾

Paul's Security Weekly

Paul's Security Weekly - Special Edition - Mike Poor & Ed Skoudis Interview - Part II

By paul@securityweekly.com — February 20^th 2006 at 21:06

In part II of our interview we discuss:

Brazilian hacker groups
The physical manifestation of the NOP Sled
OS Security/Insecurity, Shmoocon OS X Hack, OS X predictions
Apple's move to Intel and its impact on security
Bastille for Mac OS X
Why not to hack your attacker
And more!

For direct downloads and all feed links go here.

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 16 - Feb 24, 2006

By paul@securityweekly.com — February 26^th 2006 at 17:59

Live from Paul's Dojo....

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Last weeks winner was Steve Murawski, who is now a proud 0wner of "Penetration Testing Open Source Toolkit"
Plesae go update our frapper map!
Paul talks about 2 Security incidents, Dos from Japan, Smurfs
Larry did no work this week
Nick has interns
and more!

here

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 17 - March 3, 2006

By paul@securityweekly.com — March 4^th 2006 at 15:28

Live from the Paul's Security Weekly Studio....

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Last weeks winner was William Day, congrats!
Please go update our frapper map!
Using Cain & Abel properly
mwcollectd, nepetheses, and differences between "Security Ninja" and "Ninja Fan"
Larry give us the update from SANS Orlando 2006
and more!

Full show notes, direct downloads, and feed links can be found here. .com

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 18 - March 9, 2006

By paul@securityweekly.com — March 10^th 2006 at 15:36

Live from the Paul's Security Weekly Studio....

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Please go update our frapper map!
Its not Twitchy's birthday this week
Smurf attacks are not so sweet
Our first audio comment!
Here are some good Bluetooth Links, Thanks Christian!
Hacking into voice mail, using good voice mail passwords
Please leave us feedback in the iTunes Store!
Detecting botnets from Sana Security, anyone using this product?
And More!

For direct downloads, full show notes, and feed links go here. .com

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 19 - March 16, 2006

By paul@securityweekly.com — March 18^th 2006 at 16:20

Live from the Paul's Security Weekly Studio....

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Please go update our frapper map!
Please leave us feedback in the iTunes Store!
Full Show Notes, Direct Downloads, and all feeds.

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 20 - March 23, 2006

By paul@securityweekly.com — March 24^th 2006 at 20:03

Live from the Paul's Security Weekly Studio....

Come join our very first "open show" on March 30, 2006 5:30PM EST you can Skype into our show and partiticapte on our show! The first topic will be "Piggybacking Wireless Networks: Is it legal? Moral? Ethical? Cool? Not Cool?". Come join us and let us know what you think!
Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Please go update our frapper map!
If you are in the Providence, RI area the week of April 1st you can come to ACUTA to hear Twitchy and I give presentations (separate ones)
Please leave us feedback in the iTunes Store!
Full Show Notes, Direct Downloads, and Feed Links

💾

Paul's Security Weekly

Paul's Security Weekly - SE - Interview with Josh Wright - Part I

By paul@securityweekly.com — March 27^th 2006 at 13:30

We are excited to bring you this exclusive interview with Joshua Wright of Aruba Networks. Josh is a good friend of ours and sits live in the Paul's Security Weekly studio to discuss everything from wireless security to fingerprinting microwaves. In part I we discuss:

How Josh got an "A" on an assignment in College and landed his first IT security job
His interested in wireless network security, or lack thereof, and the "hacking opportunities" they present
The story behind the weaknesses in LEAP and how the Asleap tool came to be
And More! Go here for full show notes, direct downloads, and feed links

.com

💾

Paul's Security Weekly

Paul's Security Weekly - SE - Interview with Josh Wright - Part II

By paul@securityweekly.com — March 31^st 2006 at 20:02

Part II of our exclusive interview with Joshua Wright of Aruba Networks. In part II we discuss:

The current state of wireless intrusion detection
Josh talks about wireless client insecurities, such as flaws in wireless drivers
WifiPedia - a free source of WLAN-related information initially brought to you by the Secure Programming Group at University of Oulu.
LORCON - Loss Of Radio Connectivity - A wireless driver abstraction layer
Hottspot insecurity, and dangers of Karma, hotspotter, Airpwn, and Raw Glue AP
And More! Go here for full show notes, direct downloads, and feed links

.com

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 21 - March 30, 2006

By paul@securityweekly.com — April 1^st 2006 at 18:11

Live from the Paul's Security Weekly Studio....

Come join our very first "open show" on March 30, 2006 5:30PM EST you can Skype into our show and participate on our show! The first topic will be "Piggybacking Wireless Networks: Is it legal? Moral? Ethical? Cool? Not Cool?". Come join us and let us know what you think!
Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Please go update our frapper map!
If you are in the Providence, RI area the week of April 1st you can come to ACUTA to hear Twitchy and I give presentations (separate ones)
Please leave us feedback in the iTunes Store!
Full Show Notes, Direct Downloads, and Feed Links

💾

Paul's Security Weekly

Paul's Security Weekly - Open Show - Wifi Piggybacking - Part I

By paul@securityweekly.com — April 2^nd 2006 at 23:12

Live from the Paul's Security Weekly Studio.... This was a very fun experiment that was a resounding success. I would like to extend a personal thanks to everyone who participated. We had some awesome commentary, and some fantastic guests that called into the show:

Chuck Tomasi from chuckchat.com
Jay Beale, from Intelguardians and Bastille Linux
Ovie and Bret from Cyberspeak
Martin Mckeay from the Network Security Podcast
My future brother-in-law and good friend Jon
Matt DeMatteo from the University Of Rhode Island Digital Forensics Center
And to all of our listeners who called into the show! Thanks so much for participating!

💾

Paul's Security Weekly

Paul's Security Weekly - Open Show - Wifi Piggybacking - Part II

By paul@securityweekly.com — April 3^rd 2006 at 00:19

Live from the Paul's Security Weekly Studio.... This was a very fun experiment that was a resounding success. I would like to extend a personal thanks to everyone who participated. We had some awesome commentary, and some fantastic guests that called into the show:

Chuck Tomasi from chuckchat.com
Jay Beale, from Intelguardians and Bastille Linux
Ovie and Bret from Cyberspeak
Martin Mckeay from the Network Security Podcast
My future brother-in-law and good friend Jon
Matt DeMatteo from the University Of Rhode Island Digital Forensics Center
And to all of our listeners who called into the show! Thanks so much for participating!

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 22 - April 6, 2006

By paul@securityweekly.com — April 7^th 2006 at 16:00

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Please leave us feedback in the iTunes Store!
Full Show Notes

💾

Paul's Security Weekly

Paul's Security Weekly - SE - Interview with Johnny Long

By paul@securityweekly.com — April 12^th 2006 at 14:40

We are very proud to bring you the exclusive interview with Johnny Long. I would like everyone to go out and buy two copies of his Google hacking book from Johnny's web site because 100% of the proceed go to charity, and everyone should have a copy for work and a copy for home :) Here are the links to purchase:

Purchase the book here - All proceeds benefit the Compassion International Children's Fund.

NOTE: There was some lag on this call, we're sorry, hoping to upgrading bandwith or replace Skype with something better.

How Johnny set a new world record for employment (well sorta)
The history of "Google Hacking"
How johnny.ihackstuff.com came to be the wonderful Google hacking source
Johnny discuss an assortment of Google hacking tools, such as BiDiHBLAH, bile, Wikto, and AdvancedDork
Hear the "behind the scenes" of Johnny's "Hacking Hollywood" presentation he gave at Schmoocon
Johnny discusses some of his other books, including "OS X for the Hackers Heart" and the Stealing the Network Series
Ethics, religion, and being yourself
Good advice for life, Kung Fu, and being a penetration tester

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 23 - April 13, 2006

By paul@securityweekly.com — April 14^th 2006 at 15:41

Live from the Paul's Security Weekly Studio....

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Please leave us feedback in the iTunes Store!
Full Show Notes

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 24 - April 20, 2006

By paul@securityweekly.com — April 21^st 2006 at 15:29

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire
Full Show Notes

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 25 - April 27, 2006

By paul@securityweekly.com — April 28^th 2006 at 14:43

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire
Full Show Notes

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 26 - May 4, 2006

By paul@securityweekly.com — May 5^th 2006 at 14:07

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire
Full Show Notes

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 27 - May 11, 2006

By paul@securityweekly.com — May 12^th 2006 at 14:10

Live from the Paul's Security Weekly Studio....

We had two special guests on the show, Kevin Amorin from Harvard and co-deveoper of Packet Fence, and Martin Mckeay of the Network Security Podcast.

This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net).

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire
Full Show Notes

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 28 - May 18, 2006

By paul@securityweekly.com — May 19^th 2006 at 21:07

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net).

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire
Full Show Notes

💾

Paul's Security Weekly

Paul's Security Weekly - Episode 29 - May 26, 2006

By paul@securityweekly.com — May 29^th 2006 at 14:25

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net).

Sponsored by Core Security, listen for the discount code at the end of the show
Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book!
Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference
Please go update our frapper map!
Full Show Notes

💾