2017-018-SANS_course-EternalBlue_and_Samba_vulnerabilities-DerbyCon contest details

We discuss SANS courses, including the one I just took (SEC504). How did I do in class? You can listen to the show and find out. Since it's been a few weeks, we also discuss all the interesting WannaCry reports, the ease at which this vulnerability was exploited, and why would a company allow access to SMB (tcp port 445) from the Internet? We discuss some upcoming training that we are holding starting 14 June. Ms. Sunny Wear will be doing 3 sessions discussing the use of Burp, and showing how to exploit various web application vulnerabilities.  Details are in the show notes and in our Slack Channel.   Ms. Sunny Wear is doing a web app security class Starts June 14th at 1900 Eastern (1600 Pacific, 2300 UTC)  Sign up for the class at the $20 dollar Patreon level (if you plan on attending) Sign up for immediate video access at the $10 Patreon level (cannot attend class, but want to follow along) Everyone will have access to the Slack Channel to follow along with the class, ask questions, etc (join our #slack channel for more information) https://www.patreon.com/bds_podcast   Direct Link:   http://traffic.libsyn.com/brakeingsecurity/2017-018-SANS_course-EternalBlue-Samba-DerbyCon.mp3 RSS: www.brakeingsecurity.com/rss   Youtube Channel:  https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw iTunes Store Link:  https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2  #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast   -------- Jay Beale's Class "aikido on the command line: hardening and containment" JULY 22-23 & JULY 24-25    AT BlackHat 2017 https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html   --------- Join our #Slack Channel! Sign up at https://brakesec.signup.team #iHeartRadio App:  https://www.iheart.com/show/263-Brakeing-Down-Securi/ #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: [email protected] Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/      SHOW NOTES:   SANS experience Pity Quincenera - I (bryan) sucked Need more experience Speed kills (I (bryan) got flustered and I shutdown) you took speed? No Kali - was surprised, until I thought of why :D Was not helpful to my team (jacek, ryan, Michael C., David) John Strand was phenomenal Frank Kim was great The audio was not, unfortunately :(     Samba/SMB (port 445) vulns Use case for having it exposed? **** OPEN TO SUGGESTIONS ***** What does that say about the company? No security team, or the security team is ineffectual about telling people about the risks? What MS17-010 is the new MS08-067 http://thehackernews.com/2017/05/samba-rce-exploit.html Over 400,000 open to the web https://en.wikipedia.org/wiki/WannaCry_ransomware_attack   Training announcement:   Ms. Sunny Wear doing a web app security class Starts June 14th Sign up for the class at the $20 dollar Patreon level Sign up for immediate video access at the $10 Patreon level  https://www.patreon.com/bds_podcast     Who's Slide is it Anyways? @ImprovHacker https://docs.google.com/forms/d/e/1FAIpQLSeLS0barWRdKVjPPyZ82lvC0UQMaDTJXRwF11qItlbZOrrf6A/viewform?c=0&w=1   #infosec #podcast #webAppSec #application #security