Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-037-asset_management.mp3
We started off the show talking to Mr. Boettcher about what DDE is and how malware is using this super legacy Windows component (found in Windows 2) to propogate malware in MS Office docs and spreadsheets. We also talk about how to protect your Windows users from this.
We then get into discussing why it's so important to have proper asset management in place. Without knowing what is in your environment, you could suffer gaps in coverage of your anti-virus/EDR software, unable to patch systems properly and even make it easier for lateral movement.
Finally, we discuss our recent "Introduction to Reverse Engineering" course with Tyler Hudak (@secshoggoth), and Ms. Berlin's upcoming trip to New Zealand.
RSS: http://www.brakeingsecurity.com/rss
Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2
#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast
Join our #Slack Channel! Sign up at https://brakesec.slack.com/join/shared_invite/enQtMjY2NDAyMzgxNjAwLWFjZTc1YzVlYWExM2U5ZjhiNDYwZTIzN2UxNjM1OWIwYzBkMjgzYmY4ZjA2MzViNzQ2ZTUzMGQ2YWYwYWY3NTM or DM us on Twitter, or email us.
#iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/
#SoundCloud: https://www.soundcloud.com/bryan-brake
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://player.fm/series/brakeing-down-security-podcast
#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr
#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
SHOW NOTES:
Oreilly con report
Malware report from Mr. Boettcher
DDE (Dynamic Data Exchange), all the rage
https://en.wikipedia.org/wiki/Windows_2.0
https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/27000/PD27325/en_US/McAfee_Labs_Threat_Advisory-W97MMacroLess.pdf
http://home.bt.com/tech-gadgets/computing/10-facts-about-windows-2-11364027546216
https://www.ghacks.net/2017/10/23/disable-office-ddeauto-to-mitigate-attacks/
Why asset management?
Know what’s in your environment
CIS Top 20...no wait, it’s the TOP THREE of the 20.
It all builds on this…
Know what’s in your environment
http://www.open-audit.org/
https://metacpan.org/pod/App::Netdisco