TrustedSec Podcast Episode 3.20 – So Much is Broken

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, David Boyd, Justin Bollinger, and Alex Hamerstone!

Stories

Title: Hacker Releases ‘Unpatchable’ Jailbreak For All iOS Devices, iPhone 4s to iPhone X
URL: https://thehackernews.com/2019/09/bootrom-jailbreak-ios-exploit.html?m=1
Author: Mohit Kumar

Title: Researchers uncover 125 vulnerabilities across 13 routers and NAS devices
URL: https://www.helpnetsecurity.com/2019/09/17/vulnerabilities-iot-devices/

Title: Mozilla Won’t Turn on DoH as Default in the UK Like It’s Planning to Do in the US
URL: https://www.gizmodo.co.uk/2019/09/mozilla-doh-not-default-in-uk/
Author: Shabana Arif

Letters

We have good success using the historical DNS data available at https://securitytrails.com to locate the origin servers. This facilitates bypassing filtering to attack web applications.

Geoff Walton

Author: Geoff Walton

Geoff Walton is a Senior Security Consultant for Cleveland-based TrustedSec. He joined TrustedSec’s founder, David Kennedy, after years of working in information security. Geoff’s expertise in pen testing, network security, and software analysis comes from over ten years experience in a variety of information technology roles including software development, network operations, and information security specific functions; Geoff brings a broad vision to assessments and penetration test engagements. Geoff has been part of diverse IT teams at organizations both large and small. He has experience across several industries including retail, professional services, and manufacturing. Geoff has experience in performing static code analysis of mainframe code base to including Cobol. Geoff holds a degree in Information Science (cum Laude) from Baldwin Wallace College. Professionally Geoff has had an active role in developing information Security practices and has been responsible for network operations and security architecture throughout his career.