Happy Sunday! That’s right, it’s Sunday. I’m late getting our show notes posted (again).
Hope you are having a great weekend. Last week’s show (episode 29) was posted on Memorial Day. I hope you took a moment to remember the men and women who made the ultimate sacrifice for our country and our freedom. That’s what Memorial Day is all about.
Our show last week was a new thing for us. We recorded and intro, listened to L0pht’s Capitol Hill testimony from May 19th 1998, and recorded a short close. I like to listen to this recording once each year as a reminder of where we came from and to help keep me grounded. It’s good stuff!
Last week was a short one, but it was busy. Spent a couple of days with some awesome people in Montvale, NJ before returning home for a full-day offsite strategy meeting (with the FRSecure executive leadership team). Friday was full of meetings, but much more low-key.
Yesterday (Saturday) was a no work day. Do you have a day that you’ve set aside for no work? Part of keeping balance in my life is to not work (at all) on Saturdays. I’ve compromised on this rule too many times in the past few months, and I’m actually a little ashamed about it. No more! Saturday’s are back to off limits. Today’s Sunday. 😉
What’s up this week? Brad’s leading the Unsecurity podcast, and he’s got some good things planned for us to talk about. These are his show notes.
SHOW NOTES – Episode 30
Date: Monday, June 3rd, 2019
Evan would have been on time but I got caught up with some IR work that totally threw off my Thursday and Friday, so show notes are coming out on Saturday (turned out to be Sunday).
- Incident Response
[Brad] Good morning, today is June 3rd (How is it already June?!?!) and it’s time for another episode of the Unsecurity podcast. I’m Brad Nigh and I will be hosting this week. With me again is Evan Francen, good morning Evan.
[Evan] Talks about something fun he did over the weekend. – (Added by Evan: not really. I cleaned gutters, stained my fence, did some landscaping, and mowed the lawn).
[Brad] Okay so a couple weeks ago you were at the Denver ISSA and did a workshop titled “Incident Management – Panic or Plan”. Let’s talk about that a little bit…
Open discussion around the IR workshop and IR in general
[Brad] There is so much around IR that people still struggle with, hopefully this discussion helped clear things up a bit. Let’s hit some news stories real quick.
- Researcher Exploits Microsoft’s Notepad to ‘Pop a Shell’ – https://threatpost.com/researcher-exploits-microsofts-notepad-to-pop-a-shell/145242/
- A million devices still vulnerable to ‘wormable’ RDP hole – https://nakedsecurity.sophos.com/2019/05/30/a-million-devices-are-vulnerable-to-bluekeep/
- 93% of Companies Are Overconfident of Their Ability to Stop Data Breaches – https://www.infosecurity-magazine.com/news/93-of-companies-overconfident-data-1/
- Checkers and Rally’s Victims of Data Breach – https://www.infosecurity-magazine.com/news/checkers-rallys-victims-data-breach-1/
- Unpatched Docker bug allows read-write access to host OS – https://nakedsecurity.sophos.com/2019/05/31/unpatched-docker-bug-allows-read-write-access-to-host-os/
[Brad] Alright, another good show. We could talk about incident response every week and never run out of material. Lots of news and lots to do. Thank you Evan. Don’t forget, you can follow me or Evan on Twitter; @BradNigh and @evanfrancen. Email us on the show at firstname.lastname@example.org. That’s a wrap! Have a great week.