show episodes
 
Cybersecurity with 1337% ABV. BarCode is a place where Cybersecurity professionals can unite in a relaxed atmosphere while getting to hear experts opensource their wisdom and insight....outside of conference walls. Untap the knowledge of an industry guru, find out what fuels their drive, or simply kick back, relax, and listen to their story. Due to COVID-19 restrictions, most bars are limited or closed for on-prem service. Therefore, each episode will feature Tony, a virtual bartender who wi ...
 
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
 
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a communit ...
 
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
 
Hacked Off demystifies the world of cybersecurity. Hosted by Secarma's Managing Director, Holly Grace Williams, it features weekly interviews delving beneath the headlines of the latest hacks, breaches and vulnerabilities, providing expert advice on how to stay safe online. This podcast is brought to you by global cybersecurity and penetration testing company, Secarma.
 
Interviews with people who have transitioned and got jobs in #infosec and #cybersecurity so you can learn and be inspired from their experience. There is no linear path into the field of Information Security, so the hope is that you will resonate with at least one of the guests. Some of my guests were teachers, paralegals, librarians, military vets, developers, and IT help desk techs (to name a few) before transitioning. Also featuring "spoof" ads poking fun at the industry.
 
Former US Most Wanted Cybercriminal turned Good Guy, Brett Johnson, Reboots the AnglerPhish Podcast with Season 3. AnglerPhish is filled with information you need to protect yourself from the type of person Brett used to be. Filled with information on cybercrime, fraud, scams, and the latest cybersecurity issues, as well as life experiences from the man who invented internet crime as we now know it. Enlightening, educational, and entertaining--The AnglerPhish Podcast with Brett Johnson (epis ...
 
The TRIBE OF HACKERS is a series of books written by Marcus J Carey and Jennifer Jin. This podcast features contributors to the books interviewed by Ray [REDACTED] on a wide variety of information security and information technology topics. The ToH Podcast believes in giving back to the community, so each episode will also feature a "reverse sponsor," which is one non-profit organization or social cause that the ToH Podcast would like to advocate.
 
Loading …
show series
 
Hey friends! We're continuing our series on pentest dropbox building - specifically playing off last week's episode where we started talking about automating the OS builds that go on our dropboxes. Today we'll zoom in a little closer and talk about some of the specific scripting we do to get a Windows 2019 Active Directory Domain Controller install…
 
We have three very special guests today. All come from different backgrounds but share a common interest in gaming - the kind that can be used to teach you things, like how to become better at handling security incidents or winning a historical insurrection. This podcast is sponsored by the We Hack Purple Academy. Volko Ruhnke is a renowned wargame…
 
ORIGINALLY AIRED ON JANUARY 20, 2021 Articles discussed in this episode: https://www.theregister.com/2021/01/20/malwarebytes_solarwinds_hack_latest/ https://threatpost.com/solarwinds-malware-arsenal-raindrop/163153/ https://threatpost.com/dnspooq-flaws-allow-dns-hijacking-of-millions-of-devices/163163/ The post Talkin’ About Infosec News – 1/20/202…
 
Today we talk about a cool product called Deep Freeze, which, as its name implies, can "freeze" your computer in a known/good/frozen state. Then you can do whatever the flip you want to the machine (install icky things, tamper with C:\windows, pack your browser full of shady plugins, and more!), and then just reboot to restore! Note: this is not a …
 
This week Chris Hadnagy joins us to talk about the psychology behind social engineering, choosing effective pretexts, as well as the science behind how we make decisions. My 3 main takeaways were 1) how to identify personality types and communicate effectively using DISC 2) how Oxytocin and Amygdala hijacking influence our behavior and 3) How to ge…
 
On this week’s show Dmitri Alperovitch, Sherrod DeGrippo and Joe Slowik join host Patrick Gray to talk through the week’s news: MalwareBytes the latest victim in the increasingly poorly-named “SolarWinds campaign” FireEye issues helpful guidance, tools, to help orgs detect “golden SAML” and related techniques Rob Joyce, Anne Neuberger, Michael Sulm…
 
Secure RPC issue - Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472 – Microsoft Security Response Center How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (microsoft.com) Netlogon Domain Controller Enforcement …
 
A few short years ago, penetration testers did not have to work too hard for their malware command channels to execute. Fast forward to today in the age of Endpoint Detection and Response, User Behavior Analytics, and advanced built-in O/S defenses, your standard toolkit for malware generation/execution does not work anymore. All is not lost! […] T…
 
Grayson Milbourne is the Security Intelligence Director for Webroot, Inc., an OpenText company that focuses on endpoint security and threat intelligence. He joins me at the bar to discuss new and emerging threats, securing our homes during the COVID era, IoT security and cybersecurity trends we should expect to develop in 2021 and beyond. Deepfake …
 
Originally aired on January 13, 2021 Articles discussed in this episode: https://www.theregister.com/2021/01/13/darkmarket_europol_shutdown/ https://www.theregister.com/2021/01/12/microsoft_linux_edr/ https://threatpost.com/mimecast-certificate-microsoft-supply-chain-attack/162965/ https://threatpost.com/hackers-leak-pfizer-covid-19-vaccine-data/16…
 
This week Fabio Viggiani hangs out to talk about supply chain attacks, ransomware, mapping your software dependencies and assuming breach. My 3 main takeaways were 1) his insights into reverse engineering the SolarWinds Orion malware 2) Up-in-coming trends he sees in ransomware and 3) how he runs incident response investigations For more informatio…
 
Joe Slowik and Katie Nickels are guest co-hosts in this week’s edition of the show. They join Patrick Gray to talk about: Mimecast having some stolen certificate, errr, “problems” The confusing reports about JetBrains Analysis of the malware used in the SolarWinds campaign Australian man arrested in Germany and charged with running DarkMarket The G…
 
Dream Doxxed: Minecraft YouTuber Dream Doxxed Following Speedrun Controversy (screenrant.com) Def Noodles on Twitter: "STANS TAKING IT TOO FAR: Dream doxed after posting a picture of his kitchen on his 2nd Twitter account. Dream has not published statement about situation yet in his public accounts. https://t.co/QuKpIYRODQ" / Twitter Osint issues… …
 
Section 230. It protects platforms like Facebook and Twitter from being responsible for user-generated content. Thomas O'Malley visits AnglerPhish to discuss Section 230 in the Trump Era. We also discuss Twitter recently de-platforming Donald Trump after the US Capitol was attacked January 6th. An attack on Free Speech? And what might happen next? …
 
These Soap Box editions of the show are wholly sponsored. If that’s not your thing and you’re looking for the weekly news edition of the show, just scroll one show back in your feed. This soap box edition is brought to you by AttackIQ. They make a Breach and Attack Simulation platform that’s designed to test the effectiveness of your security contr…
 
Dr. Eric Cole's career has been a mixed of sixth-sense chance encounters and wisdom / foresight of the future. His uncanny ability while younger to see the opportunity in cybersecurity combined with the wisdom to listen to those smarter than him is why he is where he is today. He is an accomplished cybersecurity hacker and executive advisor. His in…
 
Meet Roderick Graham. Rod is one of the reasons you go to Twitter to learn instead of complain. Director of the Cybercrime Program at Old Dominion University. PhD in Sociology. Active in understanding and combatting online crime. But Rod is so much more. Rod has his fingers on the pulse of much of what is currently wrong in American Society. I sit …
 
Happy new year! This episode continues our series on DIY pentest dropboxes with a focus on automation - specifically as it relates to automating the build of Windows 10, Windows Server 2019, Kali and Ubuntu VMs. Here's the resources I talk about in more detail on today's episode that helps make the automagic happen: Windows VMs This article from Wi…
 
This week Josh Sokol joins the show talk about managing risk with a focus on keeping it simple, turning a free open source project into a business and his suggestions on how to get started in InfoSec. My 3 main takeaways were 1) the three components of risk mitigation 2) the different level of maturity within risk management programs and 3) his pro…
 
On this week’s show, Patrick Gray talks to Joe Slowik and Dmitri Alperovitch about the APT campaign that impacted the US government and FireEye via SolarWinds’ supply chain. Alex Stamos also joins the show to chime in more generally on supply chain interference before discussing some other news, like: Apple losing (most of) its case against Corelli…
 
Currently the Senior Director for Cyber Intelligence Strategy for Anomali, A.J. Nash is a cyber intelligence strategist and public speaker focused on building cyber intelligence programs that capitalize on disparate data and information to create and deliver tactical, operational, and strategic intelligence to protect personnel, facilities, data, a…
 
A fierce visionary, Ron Gula has redefined the security landscape and continues to do so. From co-creating Tenable, developing Dragon IDS, and now serving as President of Gula Tech Adventures, his incredible story is far from over. He joins me at the bar to discuss Tenable, the COVID era, Cybersecurity’s #1 myth, advice for entrepreneurs and his ne…
 
Does the news on SUNBURST and SUPERNOVA have you feeling like you’re flapping in the (Solar)Wind? Join John Strand, Jonathan Ham, and Jake Williams as they discuss the implications of the breaches in this no-FUD webcast. No, we won’t be discussing “cyber Pearl Harbor” – because lets be honest, that’s just hyperbole. Join us to […] The post Webcast:…
 
Today, Gh0sthax and I talk about week 3/4 of the CRTP - Certified Red Team Professional training, and how it's kicking our butts a bit. Key points include: We agree this is not a certification for folks who are new to pentesting Don't expect to be following along "live" with the instructor during the training sessions You'll need to do a flippin' t…
 
Merry Christmas! Happy holidays! Please enjoy the last cyber news edition of 2020, brought to us by our good pal Gh0stHax. Stories covered include: You've probably heard this by now, but FireEye had a breach that was truly sophisticated. Here's a really nice plain English breakdown of the situation for folks who may not be interested in the deep te…
 
Originally aired on December 21, 2020 Articles discussed in this episode: https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/ https://theintercept.com/2020/12/17/russia-hack-austin-texas/ The post Talkin’ About Infosec News – 12/21/2020 appeared first on Black Hills Information Secur…
 
January 20. Trump's Last Day on the Job. That means it's Pardon Time! We all expect pardons for Ivanka, Jarod, Trump Jr., Rudy, and Bannon. But who else? Assange, Snowden, Bernie Madoff, Ross Ulbricht...Joe Exotic? Brett sits down with Former Federal Prosecutor and Friend Thomas O'Malley to discuss some of the names being thrown into the Pardon Dis…
 
Today's episode continues part 1 of our series on the Certified Red Team Professional certification. Key points from today's episode include: It's probably a better idea to run Bloodhound on your local machine so you don't crush the student VM's resources Running Invoke-Command is one of my new favorite things. Check this post for a bunch of cheats…
 
Loading …

Quick Reference Guide

Copyright 2021 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login