Primal Security Podcast









April 2019
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30


Winter is coming and HBO is already feeling the chill…well maybe. This month we are joined by Zack, Luke, Lane, and Andrew talking about news items, and their normal random banter. This is the first podcast in a while we don’t mention Marissa Mayer from some breach…ah crap, well we will get it next time.


Direct download: Primal_Security_Podcast_Episode_30.mp3
Category:general -- posted at: 10:32am PDT

With our first update of the summer we address multiple compromises, electoral hacks, and much much more!

1) WANNACRY/Ransomware Update

2) Kmart Pwned Again...

3) Chipotle hacked (hide your burritos)!

4) Gamestop hacked (I'm running out of valid credit cards)

5) Macron campaign hack and reaction

6) Russia accessed voter data/systems in 39 states

7) Shadowbrokers subscription and crowdfunding

8) XP isn't quite EoL yet

Direct download: PrimalSec-Ep29_-__The_Hot_One.mp3
Category:general -- posted at: 3:18pm PDT

Tanium breaches trust with customer data to get new customers:


Unicode phishing:


Shadow Brokers New Release of Stuff:


Mastercard reveals fingerprint biometric to replace pin: 


Massive Oracle Quarterly Patch Not the Only Worry with Solaris and Apache Struts 2:



Direct download: PrimalSec-Ep28_-__Shoneys_Guns_and_Unicorns.mp3
Category:general -- posted at: 5:59am PDT

Direct download: PrimalSec-Ep27-StPattysMalware.mp3
Category:general -- posted at: 10:57am PDT

News Items:
APT-28 and APT-29, Fancy Bear and Cozy Bear:
Massive Data breaches
Hospitals make up 88% of all data breaches:
Cyber attacks on hospitals grew 63% in 2016:
Healthcare industry suffers 6.2 billion dollars in data breaches:
Yahoo Got Hit Hard in 2016 - they got breached by all the things multiple times:
Direct download: Episode_26_-_Happy_Holidays.mp3
Category:general -- posted at: 5:31am PDT

Octoberfest -> Micah just released python parser for untapped


Mirai Botnet DNS Attacks (IoT)

Joomla Vuln (CVE-2016-8869, 8870) - Unauth Account creation and priv esc Joomla core 3.4.4-3.6.3 (patched 3.6.4) PoC is out on this several examples.

Dirtyc0w exploit (CVE-2016-5195)

BSidesDC 2016:

  • We Spoke
  • Sean Metcaf Spoke on Powershell
  • Micah Spoke on how to get connected in the security industry


BSidesJXN - 5 Ways We Break into a Network

  1. Phishing
  2. Web App Vulns
  3. Multicast Name Resolution Poisoning
  4. SMB Relay Attacks
  5. Account Compromise 
Direct download: PrimalSec-Ep25-Hacktoberfest.mp3
Category:general -- posted at: 10:18am PDT

This episode of Primal Security podcast is hosted by Andrew, Lane, Luke, and Zack with guest speaker Dan Amodio.

Dan is an expert with all things penetration testing and red teaming and discusses his experiences with getting started in the industry. A lot of people want to become the super cool "hacker", but where do you start? Dan explains that the actual day to day of a penetration tester is far more than just performing penetration testing, you are a trusted consultant for your customer who often has to work long hours to ensure you complete the project.

If you are new to security, or want to learn how to grow into a penetration testing role check out this podcast.

Direct download: PrimalSec_Podcast_Episode_24-_Getting_started_with_PenTesting.mp3
Category:general -- posted at: 6:04am PDT

Direct download: PrimalSec_Podcast_Ep._23-_Getting_Started_with_Python.mp3
Category:general -- posted at: 5:15am PDT

News Items:


Technical Segment: Email Spoofing and Phishing

Highlight: If a company is using Google Apps for Work and has not set up SPF/DKIM/DMARC their domain can be leveraged to spoof emails..very reliably.

  • Surprise surprise, people click links! Do you even need to be crafty? No probably not, but lets discuss some ways anyhow.
  • You can spoof Emails - It can happen: Great write-up from Cobalt Strike
    • If you are new to the email spoofing you should really read this article
  • Telnet to the mail server, and attempt to manually craft the email. This works in default configurations on many Email servers and security appliances - SPF/DKIM/DMARC may not be setup allowing you to send email from the domain unauthenticated - The Cobalt Strike blog demonstrates that.
  • This can also be done in Gmail! - Shows up as spoofed in normal gmail, but what about Google Apps for Work - You do not have SPF/DKIM/DMARC setup and can very easily spoof emails from that domain - both two the target domain and externally, and it will very frequently bypass security controls - we will release code on how to do that.
  • We are normally targeting organizations that leverage Outlook - It will only grab the name portion of the email header (not the email) and present that to users, so you can have a Gmail email (can bypass controls since its Gmail/legit) and you can send email using Python (or another scripting language), and modify the name to be a quazi-spoof.
Direct download: PrimalSec-Ep22-Phishers-Paradise.mp3
Category:general -- posted at: 3:51pm PDT

This month's podcast is hosted by Andrew, Lane, Luke, Matt, Zack, and guest speaker Eric Peterson from BreakPoint Labs. Eric has an extensive background in hunting for malware on enterprise networks and shares his knowledge on Ransomware.

Direct download: PrimalSec-Ep21-Ransomware.mp3
Category:general -- posted at: 4:13pm PDT

This month’s podcast is hosted by Andrew, Luke, Zack, Lane, and special guest Tyrone Wilson CEO of Cover6 Solutions.  We quickly discuss some news items over this past month and then talk about the D.C. Cyber Security Professionals Meetup group led by Tyrone Wilson.

Direct download: 0324PrimalSecPodcast.mp3
Category:general -- posted at: 7:48am PDT

Quick news Items:

FBI vs. Apple Iphone

Kohls Cash Fraud

Spotify Account Compromise


Then we discuss OSCP, and talk about our experience with OSCP.

Direct download: PrimalSec-Ep20-OSCP.mp3
Category:general -- posted at: 5:38am PDT

This months podcast is hosted by Lane, Luke, Zack, Andrew, and Matt with guest speaker Shawn Wells.  We cover news items over the last month and Shawn digs into OpenSCAP, and Docker security.

Direct download: PrimalSec-Ep18-SCAP-Docker.mp3
Category:general -- posted at: 5:37am PDT

Guest Speak Micah Hoffman discusses his conference talk on the security issues surrounding fitness devices and web applications.  Great talk from someone who really cares about security, and loves to share knowledge.


Direct download: PrimalSec_Ep17.mp3
Category:general -- posted at: 7:34pm PDT

We go over some news items from the last month, cover a new computer search engine, and to a tech segment on Mobile Security.

Direct download: PrimalSec_Ep16.mp3
Category:general -- posted at: 8:16am PDT

How to Start Your InfoSec Career

Direct download: PrimalSec_Podcast_Ep15.mp3
Category: -- posted at: 5:32pm PDT

Show Notes:

Google Firing Range to scan and test XSS

Black Hat Python by @jms_dot_py

Overview of Data Breaches:

Nvisium Seccasts is now free

EMET 5.1 Bypass

OSWE needs to come online now!

OMFG Windows Vulns:

Drupageddon: Drupal 7.31 PreAuth SQLi

CryptoPHP Web Malware

Irongeek posted Hack3rCon Videos 

Direct download: PrimalSec_11-21-2014_-_11_21_14_8.19_PM.m4a
Category:general -- posted at: 5:32pm PDT

Show Notes:

1. DerbyCon Recap
2. DerbyCon CTF
3. Corelan Advanced Training
4. Shell_Shock 6 CVEs
5. Overview of data breaches for September: (iCloud, Home Depot, Jimmy Johns, ObamaCare, JPMorgan, Gmail, etc.)
6. Endless Celebrity nudes
7. Kali Nethunter
8. VulnHub Persistence Challenge Complete
9. OWASP Testing Guide 4.0
10. Upcoming Books: Black Hat Python - No Starch Press

Direct download: PrimalSec_Oct2014_-_10_7_14_7.13_PM.m4a
Category:general -- posted at: 4:24pm PDT

In this podcast we talk about some recent conferences we attended (Black Hat, Def Con), and some upcoming conferences (DerbyCon/Corelan Training).  We briefly discuss some of the different training options in InfoSec, and go over some of PrimalSec's new tutorial series.

1. Black Hat Talk Summary
2. Def Con Talk Summary
3. DerbyCon 4.0 Family Rootz
4. Microsoft Pass-The-Hash Patch - harmjOy
5. Search Engine "Indexeus" indexes user account information acquired from more than 100 recent data breaches
6. Python Tutorial Series - From "Hello World" to Python Malware - Take my hand and walk into the darkness.
7. Exploit Tutorial Series (In-Progress) - Low level exploit tutorial series, writing your own exploits

Direct download: primalsecpodcast_August_2014.mp3
Category:general -- posted at: 2:18pm PDT

Primal Security Podcast May 2014
Direct download: PrimalSec2014_May_Small-_5_4_14_4.00_PM.m4a
Category:general -- posted at: 1:04pm PDT

Direct download: PrimalSec_Podcast_April_14-med.m4a
Category:general -- posted at: 12:17pm PDT

We've been gone for a while, but we're back with some new news. 

Direct download: PrimalSec_ReturnoftheJobin.m4a
Category:general -- posted at: 7:00am PDT

This is Primal Security Podcast #3 for November 2013.

Direct download: PrimalSec-November.m4a
Category:general -- posted at: 5:57pm PDT

This is the first episode of the Primal Security Podcast. July 2013

Blog with show notes can be found at

Direct download: Primal_Sec_2.m4a
Category:general -- posted at: 9:32am PDT