Download - 2019-005: Security Researcher attack, disabling SPECTER, and Systemd discussion | Podbean

Discover

Podcast Features
Your all-in-one podcasting solution.

Blog to Podcast
Turn your blog into an engaging podcast.
Livestream
High-performing audio live, without limits.

Podcast Studio
Easy-to-use audio recorder app.
Podbean AI
AI-Enhanced Audio Quality and Content Generation.

Podcast App
The best podcast player & podcast app.

Ads Marketplace
Join Ads Marketplace to earn money
through sponsorship on your podcast.

PodAds
Manage your ads with dynamic ad insertion capability.
Apple Podcasts Subscriptions Integration
Effortlessly publish and manage exclusive episodes for your
Apple Podcasts subscribers directly from Podbean.
Live Streaming
Receive livestream rewards from your audience and earn
recurring income from your Fan Club membership.

All Arts Business Comedy Education
Fiction Government Health & Fitness History Kids & Family
Leisure Music News Religion & Spirituality Science
Society & Culture Sports Technology True Crime TV & Film
Live

How to Start a Podcast
How to Start a Live Podcast
How to Monetize a podcast
How to Promote Your Podcast
How to Use Group Recording

Log in
Start your podcast for free

Podcasting
Monetization
Advertisers
Enterprise
Pricing
Discover

Log in

Sign up free

BrakeSec Education Podcast

News:Tech News

2019-005: Security Researcher attack, disabling SPECTER, and Systemd discussion

2019-02-11

Download Right click and do "save link as"

SpecterOps Class: https://www.eventbrite.com/e/adversary-tactics-red-team-operations-training-course-boston-june-2019-tickets-54970050902

https://www.secjuice.com/security-researcher-assaulted-ice-atrient/

https://www.csoonline.com/article/3338112/security/vendor-allegedly-assaults-security-researcher-who-disclosed-massive-vulnerability.html

Tweet of application teardown: https://twitter.com/duniel_pls/status/1093565709630824448

https://www.zdnet.com/article/linux-kernel-gets-another-option-to-disable-spectre-mitigations/

https://liliputing.com/2019/02/mozillas-project-fission-brings-site-isolation-to-firefox-spectre-and-meltdown-protection.html

https://capsule8.com/blog/exploiting-systemd-journald-part-1/

Segue from systemd/journald into:

“Super daemon for all daemons”

Replaced things like sysvinit, rc.d, and even inetd

Lennart Poettering and Kay Sievers

Systemd (PID1)

Configured using only text files

.service

.device

.swap

.timer (.service file of the same time must exist)

‘Transient timers can be created’

https://wiki.archlinux.org/index.php/Systemd/Timers

/etc/systemd/system/foo.timer

[Unit]
Description=Run foo weekly and on boot

[Timer]
OnBootSec=15min
OnUnitActiveSec=1w

[Install]
WantedBy=timers.target

Logs are in binary format

Cgroups - control groups

Isolates resource usage (CPU, memory, disk I/O, network, etc) of processes

Bound by the same criteria

Used a lot of places (hadoop, k8s, docker, LXC)

http://without-systemd.org/wiki/index.php/Arguments_against_systemd

https://www.freedesktop.org/wiki/Software/systemd/TipsAndTricks/

https://lwn.net/SubscriberLink/777595/a71362cc65b1c271/

http://0pointer.de/blog/projects/systemd.html

https://en.wikipedia.org/wiki/Systemd

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

#Brakesec Store!:https://www.teepublic.com/user/bdspodcast

#Spotify: https://brakesec.com/spotifyBDS

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

view more

More Episodes

Tanya Janca Talks secure coding, Semgrep Academy, and community building, and more!

2024-06-01

Josh Grossman - building Appsec programs, bridging security and developer gaps

2024-04-15

Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox

2024-04-09

p2-accidentalCISO, building trust in new places

2024-02-13

AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec

2024-02-02

1st show of 2024! Our 10th Anniversary...

2024-01-09

Brakesec Call to Action 2023

2023-12-18

How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!

2023-12-04

25Oct - okta breached (again), Energy company hit by supply chain attack, and you can help hire the best people

2023-10-26

Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs

2023-09-23

John Aron, letters of marque, what does a "junior" job look like with AI?

2023-09-03

Megan Roddie - co-author of "Practical Threat Detecion Engineering"

2023-08-25

meeting new people, walking on your keyboard causes issues, even google gets phone numbers wrong.

2023-07-21

Bsides Seattle and Austin, SecureBoot patch, and more

2023-05-27

lynsey wolf, conducting insider threat investigations, CASB and UEBA utlization to good use.

2023-04-30

3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence

2023-04-08

Dish Network is still busted, John Deere avoiding OSS requests, Is DAST dead?

2023-03-24

Nickolas Means talks about Security, Devops velocity, blameless orgs, and conferences infosec should attend

2023-03-04

SPECIAL INTERVIEW: John Aron and Jerod Brennen

2023-02-10

Layoff discussions, another TMO breach, OneNote Malware, and more!

2023-01-24

←
1
2
3
4
5
6
7
8
9
10
→

012345678910111213141516171819

Get this podcast on your
phone, FREE

Download Podbean app on App Store

Download Podbean app on Google Play

Create your
podcast in
minutes

Full-featured podcast site
Unlimited storage and bandwidth
Comprehensive podcast stats
Distribute to Apple Podcasts, Spotify, and more
Make money with your podcast

Get started

It is Free

Podcast Services
MONETIZATION & MORE
KNOWLEDGE BASE
Support
Podbean

Privacy Policy
Cookie Policy
Terms of Use
Consent Preferences
Copyright © 2015-2024 Podbean.com