Paul Asadoorian

Paul Asadoorian's picture
As founder and CEO of Security Weekly, Paul remains one of the world’s foremost experts on all things cybersecurity. Security Weekly is a one-stop resource for podcasts, webcasts and other content, informing community members about penetration testing, vulnerability analysis, ethical hacking and embedded device testing. Previously, Paul served as a lead IT security specialist for Brown University, and as an instructor with The SANS Institute. At Tenable, Paul is a Product Strategist for the vulnerability management market.

Hunting For Shellshock Using Nessus

The best way to test for the Shellshock vulnerability is to do a credentialed local check against the Unix/Linux distribution. Nessus contains a number of plugins that make sure the operating system is patched.

On the Security of “Things”

The security ramifications of the "Internet of Things" (IoT) is a hot topic lately. That’s not to say the security community has not been aware of this problem; and dealing with it for some time (or ignoring it as the case may be).

Detecting Hidden Backdoors in Your BIOS With Nessus

One of the inherent qualities of malware is the ability to hide from the system and the user. It is in the best interest of the bad guys to not be detected, and various forms of malware implement different methods of hiding. However, one method that is very scary is the ability to hide inside the components of the PC, rather than in the operating system. This is the case with malware targeting the BIOS or the unified extensible firmware interface (UEFI) in more modern computers. The dangers is that software running in this area of the system can gain full control of any functions (such as all connected hardware) and bypass protections put in place by the operating system. It makes detection extremely difficult and will persist across system restores and rebuilds.