Haunted by SMB
We kick things off this episode talking to David Wells about his work with the Zero Day Research Team. He tells about recent bugs he’s found in Signal and an interesting bypass method for User Account Control in Windows. Then we hear from Satnam Narang about the latest vulnerabilities and patches (spoiler: there’s a lot of ghosts and SMB).
Tenable Research on Medium - https://medium.com/tenable-techblog
In this episode Bill and Gavin are joined by Wei Tai from the Data Science team to discuss Machine Learning and how accurate the team have identified the major vulnerabilities of 2019. Bill also learns how to press the record button so the team don’t have to record the podcast for a third time in a week.
Tenable’s OT Strategy with Marty Edwards
Marty Edwards has worked for an ICS asset owner, INL, DHS, ISA and late last year he made the move to a security product vendor, Tenable. This happened at the same time that Tenable acquired Indegy for $78M, indicating they are serious about OT security space. Dale Peterson talks with Marty a bit about his past career and then focus on why he moved to Tenable and what Tenable’s strategy is for the OT space.
- Marty’s impressions on what DHS / CISA / ICS-CERT has done since he left.
- Why Marty even considered working for a cybersecurity company?
- Did the Tenable acquisition of Indegy play a part in his decision?
- Is Tenable.OT rebranded Indegy product or something else?
- What are the plans to integrate the Indegy product into the Tenable.sc (Security Center) system? Is this simply a push of OT to SC? Or will it be bi-directional communication?
- What is Tenable’s commitment to the ICS security space? Given that Tenable and many others, McAfee, Symantec, Mandiant, …, have invested only to pull back in a bad quarter.
- Is Tenable an OT asset management solution? If so, what parts of asset management and how does it interact with the missing parts?
- How do the Tenable products prioritize vulnerabilities discovered in Tenable.OT or Tenable.SC?
What's the deal with Web App Scanning?
Satnam walks us through May’s Patch Tuesday which, even at 111 vulnerabilities, was a bit calmer than prior months’ releases. We also talk about vulnerabilities in vBulletin, Cisco, Salt Framework and Sophos XG Firewall - and more. Satnam highlights primary research including flaws Tenable Research found in Instacart’s website and social media scams. To round it out, Eric Detoisien, Director of Research for WAS Content, joins us to talk about web application scanning and how his small-but-brilliant team develops WAS plugins.
- SophosLabs on “Asnarök” Trojan - https://news.sophos.com/en-us/2020/04/26/asnarok/
- Second Grader Hacks System, Shows Kids How to Access Any Student Account - https://bocanewsnow.com/2020/05/12/coronavirus-massive-palm-beach-county-school-district-student-password-breach/
- WAS SSL/TLS plugins - https://www.tenable.com/plugins/was/families/SSL%2FTLS
Recently from Research:
Follow the Security Response Team on the Tenable Community.