Direct Link:  http://traffic.libsyn.com/brakeingsecurity/2018-005-Securing_CMS_and_mobile_devices-phishing_story.mp3

Topics:

Discussion of Ms. Berlin's course

CAPEC discussion

RTF malware MS Office

A Phishing story...

Mobile Supply Chain Security

CMS Supply Chain Security

Ms. Berlin’s course - recap of 2nd session

Brakeing Down IR -date?

Any malware of note?

Upgrade your Office!  Just double-clicked, used rtf and document never opened, just the script ran.

Supply chain isn’t just Hardware… software stacks abound and not followed

Wordpress plugins, CMS plugins/themes… not monitored, weakly secure

Keeping track is as important as asset management

Do you know what your CMS is running, plugin wise?

And if plugins aren’t bad enough, you have PHP to deal with

Suggestions:

Buy plugins - you get what you pay for

Check what support  you get (always a good idea)

Require reviews for new plugins, and old ones, esp if they haven’t updated in a while

Are they still maintained? (abandonware bad)

New owners? (many plugins and apps get bought and then start changing permissions, or worse, serving malware)

Joomla -

Vulnerable Extensions list - https://vel.joomla.org/live-vel

Wordpress - WPScan     https://wpvulndb.com/plugins

https://capec.mitre.org/

https://theconversation.com/explainer-how-malware-gets-inside-your-apps-79485

PYPI - https://arstechnica.com/information-technology/2017/09/devs-unknowingly-use-malicious-modules-put-into-official-python-repository/

CCleaner -

https://www.theverge.com/2017/9/18/16325202/ccleaner-hack-malware-security

News:

https://hotforsecurity.bitdefender.com/blog/uh-oh-how-just-inserting-a-usb-drive-can-pwn-a-linux-box-19586.html

Adversary generation systems

Red Baron - https://www.coalfire.com/Solutions/Coalfire-Labs/The-Coalfire-LABS-Blog/february-2018/introducing-red-baron

https://github.com/uber-common/metta

https://github.com/NextronSystems/

https://www.kitploit.com/2018/02/venom-1015-metasploit-shellcode.html

Quickly building Redteam Infrastructure

https://rastamouse.me/2017/08/automated-red-team-infrastructure-deployment-with-terraform---part-1/

#Spotify: https://brakesec.com/spotifyBDS

RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel:  http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site:  https://brakesec.com/bdswebsite

Join our #Slack Channel! Email us at bds.podcast@gmail.com

or DM us on Twitter @brakesec

#iHeartRadio App:  https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec