7 Minute Security
534 episodes - English - Latest episode: over 1 year ago - ★★★★★ - 63 ratings7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
7MS #483: Desperately Seeking a Super SIEM for SMBs - Part 2
September 01, 2021 22:04 - 44 minutes - 40.8 MBToday we continue our series we started recently (part 1 is here about finding a super SIEM for SMBs. Specifically I have some updates on (and frustrations with) Arctic Wolf, Elastic, Milton Security and Perch Security. Here's the TLDL version: Arctic Wolf They remain a strong contender in my bake-offs. They also could tick several boxes for an org as they offer continuous internal/external vulnerability scanning as well as a managed SOC. (And yes, I'm probably a tiny bit biased because...
7MS #482: Creating Kick-Butt Credential-Capturing Phishing Campaigns - Part 3
August 26, 2021 21:20 - 13 minutes - 12.2 MBToday we're continuing our discussion on phishing campaigns - including a technical "gotcha" that might redirect your phishing emails into a digital black hole if you're not careful! As I mentioned last week, I've been heavy into spinning up and tearing down phishing campaigns, so I finally got around to documenting everything in episode 481. This week I ran into a bizarre issue where test phishes to myself suddenly disappeared from my Outlook altogether! After chatting with some folks o...
7MS #481: Creating Kick-Butt Credential-Capturing Phishing Campaigns - Part 2
August 19, 2021 18:15 - 27 minutes - 25.1 MBToday we're revisiting how to make a kick-butt cred-capturing phishing campaign with Gophish, Amazon Lightsail, LetsEncrypt, ExpiredDomains.net and a special little extra something that makes creating phishing landing pages waaaaaaayyyyyyyyyy easier! For some quicker review, you can check out part 1 and also the complementary YouTube video, but I wanted to revisit this kick-butt process and update a few items: First, this SingleFile extension is amaaaaaaaazing for making phishing landing...
7MS #480: Desperately Seeking a Super SIEM for SMBs
August 12, 2021 20:17 - 49 minutes - 45.2 MBToday we're talking about the SIEM bake-off for SMBs that we've recently embarked on. We're currently evaluating several solutions - either for customer-facing purposes, internal kick-the-tires fun, or both. Candiates include: Arctic Wolf Elastic Milton Security Protocol46 Sumo Logic First we're starting by running each vendor through a series of questions, then likely following up with a demo where we'll run some technical tests and simulated hacking to see which vendor or vendo...
7MS #479: A Prelude to PwnTown
August 06, 2021 17:43 - 7 minutes - 4.1 MBHey friends, today we're talking about a new security training offering 7MinSec has created called Light Pentest LITE - Live Interactive Training Experience. It's a 3-day course (with each class session being 3 hours long) consisting of live (via Zoom), hands-on, instructor-led sessions that are focused on teaching you how to find, exploit and defend against common Active Directory weaknesses! Check out today's episode to learn more and get a hint for an OSINT exercise that will get you 10...
7MS #478: Password Cracking in the Cloud - Part 4
July 29, 2021 17:23 - 37 minutes - 34.2 MBHey friends, today we're continuing our discussion of password cracking by sharing some methodology that has helped us get a high cred yield, and some tips on taking cracked passwords from multiple sources and Frankensteining them into a beautiful report for your customer. For some background, when 7MS started as a biz, we used to crack passwords in Paperspace but invested in an on-prem cracking rig a few years ago. That rig has been flipping sweet, but had some heating issues which prompt...
7MS #477: Cobalt Strike for Newbs
July 21, 2021 18:05 - 38 minutes - 35 MBToday we're talking about Cobalt Strike for newbs - including how to get it up and running, as well as some tools that will help you generate beacons while evading EDR at the same time! Some helpful things mentioned in today's episode: Wherever you spin up your CS instance, it's probably a good idea to lock down the firewall to only specific IPs. With Digital Ocean, I found this article helpful. When generating CS listeners, the C2Concealer from FortyNorth helped me get malleable C2 prof...
7MS #476: Tales of Pentest Pwnage - Part 28
July 16, 2021 21:03 - 25 minutes - 23.8 MB**STOP!** If you didn't listen to [last week's episode](https://7ms.us/7ms-475-tales-of-internal-network-pentest-pwnage-part-27/) you might want to, since this was a two-part tale of pwnage. Either way I'll get you up to speed and talk about why this was (of course) one of my favorite pentests ever.
7MS #475: Tales of Internal Network Pentest Pwnage - Part 27
July 08, 2021 19:24 - 56 minutes - 51.7 MBYeahhhhhh! Today's another fun tale of pentest pwnage, including: The importance of starting your pentest with an AD account that actually has access to...ya know...stuff The importance of starting your pentest plugged into a network that actually has...you know...systems connected to it! This BHIS article is awesome for finding treasures in SMB shares PowerUpSQL audits are a powerful way to get pwnage on a pentest - check out this presentation for some practical how-to advice IPMI/BMC...
7MS #474: Password Cracking in the Cloud - Part 3
June 30, 2021 22:06 - 46 minutes - 42.4 MBHey friends! Today we're dusting off an old mini-series about password cracking in the cloud (check out part 1 and part 2) and sharing some awesome info on building a monster of a cracking rig in AWS! One reason we haven't talked about password cracking in the cloud in a while is because back in winter of 2019 I built baby's first password cracking. Unfortunately, this week, Hashy (the name I gave to the rig) is overheating, and GPUs are impossible to find, so what's a pentester to do? W...
7MS #473: Interview with Nikhil Mittal
June 24, 2021 17:19 - 51 minutes - 46.8 MBHey everybody! Today Joe and I sat down with Nikhil Mittal of Pentester Academy and Altered Security to talk about a whole slew of fun security topics: How Nikhil first got involved in Pentester Academy Nikhil's hacker origin story How does Nikhil feel about his tools being used by baddies? What security tools/defenses would be good for SMBs to focus on? Active Directory security - is all hope lost? Will AI, ML, Terminator robots, etc. replace all of us who do pentesting for a living?
7MS #473: Interview with Nikhil Mittal
June 24, 2021 17:19Hey everybody! Today Joe and I sat down with Nikhil Mittal of Pentester Academy and Altered Security to talk about a whole slew of fun security topics: How Nikhil first got involved in Pentester Academy Nikhil's hacker origin story How does Nikhil feel about his tools being used by baddies? What security tools/defenses would be good for SMBs to focus on? Active Directory security - is all hope lost? Will AI, ML, Terminator robots, etc. replace all of us who do pentesting for a living?
7MS #472: Interview with Christopher Fielder
June 16, 2021 16:07 - 52 minutes - 48 MBToday our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including: How the Colonial Pipeline incident may have started from a weak VPN cred with no MFA. Silver lining (?) - they got some of the $ back. Was the federal government's response good enough? What should the government be doing to better handle and manage ransomware? Common ways ransomware gets in ou...
7MS #471: Cyber News - Ransomware Should Run Somewhere Edition
June 09, 2021 23:48 - 1 hour - 56.8 MBHey everybody, happy June! Our pal Joe is back to cover some great security stories with us, including: Peloton's leaky API Some Colonial Pipeline discussion (story 1, story 2) Amazon Sidewalk doesn't really share your Internet connection with neighbors/strangers. The Hacker News article doesn't do an awesome job of clearing that up either.
7MS #470: First Impressions of Meraki Networking Gear
June 02, 2021 17:50 - 36 minutes - 33.5 MBToday we're doing something new - a first impressions episode of Meraki networking gear. Note: this is not a sponsored episode, but rather a follow up to episode #460 where I talked about throwing all my UniFi gear into the ocean and replacing it with Meraki gear. At the end of that episode I asked if anybody was interested in a "first impressions" of the gear, and it turns out (at least 6) people are interested, so here we are! TLDL: Pros Super easy plug-and-play setup The mobile app...
7MS #469: Interview with Philippe Humeau of CrowdSec
May 26, 2021 23:15 - 48 minutes - 44.3 MBHey friends! Today we're talking with Philippe Humeau, CEO of CrowdSec, which is "an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network." I came into this interview not knowing much at all about CrowdSec, so I peppered Philippe with questions such as: What is CrowdSec? What problem does it solve? Who are...
7MS #468: Eating the Security Dog Food - Part 3
May 20, 2021 20:39 - 24 minutes - 22.9 MBToday we continue the series on eating your own security dog food! Specifically, we talk about: Keeping a log and procedure for sanitizing systems Keeping a log and procedure for provisioning systems A big "gotcha" to be aware of when using Windows system dropboxes - make sure your Windows user account doesn't expire, because Splashtop doesn't have any way to update it! To prevent this, set the account not to expire: wmic useraccount where "Name='LocalAdminAccount'" set PasswordExpires=...
7MS #467: How to Succeed in Business Without Really Crying - Part 9
May 12, 2021 18:13 - 55 minutes - 51 MBHey everybody! I stayed in a hotel for the first time in over a year and boy oh boy...I hope I didn't get COVID from the bedsheets! Anyhow, on that journey I thought of some things that I think will help your business on the marketing/project management/sales side to be more successful and less annoying. DISCLAIMER: I have no formal training in these areas, but I've been on both sides of the table for a number of years, and I think I'm getting a better idea of what clients do and don't lik...
7MS #466: Attacking and Defending Azure AD Cloud (CARTP)
May 05, 2021 13:00 - 1 hour - 55.7 MBWelp, I need another security certification like I needed a bunch to the retinas, but even after all the fun (and pain) of CRTP I couldn't help but sign up for the maiden voyage of Attacking and Defending Azure AD Cloud - a.k.a. CARTP. This cert comes to us from our friends over at Pentester Academy, and is all about pwning things in Azure AD which is mostly new ground for me. I this episode I talk about some of the TTPs covered in week 1 of this course, as well as: Likes: Courses offer...
7MS #465: Cyber News - The FBI Might Be Getting Into the IR Biz Edition
April 28, 2021 18:33 - 53 minutes - 48.9 MBHey friends! Today Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I talk about some of our favorite news stories, including: FBI removes hacker back doors NSA: 5 security bugs under active nation-state cyberattack Ubiquiti is accused of covering up a ‘catastrophic’ data breach — and it’s not denying it. On a side note, enjoy our podcast about how we lost our love for Ubiquiti a while back: 7MS #460: Why I'm Throwing My UniFi Gear Into the Ocean Codecov users warned after backdoor...
7MS #464: Interview with Christopher Fielder of Arctic Wolf
April 22, 2021 18:04 - 50 minutes - 46.7 MBToday our friend Christopher Fielder of Arctic Wolf joins us on the show again (check out his first appearance in episode #444 - this time to talk about the security journey, and how to start out in your "security diapers" and mature towards a stronger infosec program. Specifically, we talk about: When the company has one person in charge of IT/security, how can you start taking security seriously without burning this person out? First, it's probably a good idea to take note of what you hav...
7MS #463: DIY Pentest Dropbox Tips - Part 5
April 14, 2021 15:00 - 37 minutes - 34.8 MBIn the last two episodes of this series (#449 and #450) we've been diving into how to not only speed up the process of spinning up a DIY pentest dropbox, but how to automate nearly the entire build process! In today's episode we talk specifically about how to streamline the Windows 10 build process. As previously mentioned, this article is awesome for creating a core Win 10 answer file that will format C:, setup a local admin, login once to the configured desktop and then do whatever thing...
7MS #462: Pentesting with the Hak5 Key Croc
April 07, 2021 15:00 - 37 minutes - 34.5 MBToday we talk through our first engagement using Hak5 Key Croc to steal and exfil data. In the past, my internal monologue when a new Hak5 toy is released sounds like this: "I certainly don't need another Hak5 doo-dad! The last one didn't ever work that great, and ended up in a drawer full of past Hak5 doo-dads that didn't work that great." "Whaaaaat? A new cool and hip video for the INSERT_CATCHY_HAK5_TOOL_NAME is out? Pffft. I don't need that." 5 seconds go by... "Well it's just $100, ...
7MS #461: Tales of Internal Network Pentest Pwnage - Part 26
March 31, 2021 14:00 - 47 minutes - 44 MBOK I probably say this every time, but I'm gonna say it again: this tale of pwnage is my one of my favs - and not because of the tools/tradecraft, but because of why the company needed our help in the first place. I think I'd file this under the category of "rescue and recovery mission" more than a pentest, but it was a total blast. I also cover a few tangents, including how COVID shot #2 gave me nightmares about leprechauns and indirectly caused me to de-pants in front of a large Webinar ...
7MS #460: Why I'm Throwing My UniFi Gear Into the Ocean
March 24, 2021 19:02 - 40 minutes - 37.5 MBHey friends! Warning: this is not a "typical" 7MS episode where we try hard to deliver some level of security value. Instead, today is a big, fat, crybaby, first-world problems whine-fest about how I used to love my UniFi gear for many years, but then a few weeks ago I hit unhealthy levels of rage while working with it...and subsequently completely ripped it all out of the wall and threw it in a plastic bin. Let me say it one more time: if you don't like rants of rage, skip this episode ...
7MS #459: Cyber News - Microsoft Exchange Makes the World Cry Edition
March 17, 2021 15:00 - 1 hour - 58 MBHappy mid-March! Our good pal Gh0sthax joins us today for another hot dish of cyber news! Stories include: Microsoft Exchange cyber attack - Hacker News has a nice what we know so far story, but things have evolved really fast, so make sure you check Microsoft's primary advisory, the script to run on local servers and newer updates such as the recent one-click remediation for unsupported Exchange versions SonicWall zero day - yuck, looks like the SonicWall troubles we talked about recent...
7MS #458: Interview with Tanya Janca
March 11, 2021 15:52 - 59 minutes - 54.2 MBToday we're super excited to share a featured interview with Tanya Janca of WeHackPurple! Tanya has been in software development from the moment she was of legal age to work in Canada - beginning by working with some huge companies (Nokia/Adobe) before falling in love with application security and eventually starting a company of her own. Gh0sthax and I sat down with Tanya over Zoom to discuss: How to overcome your fears and present at conferences, write blog posts and even start your o...
7MS #457: Tales of Internal Network Pentest Pwnage - Part 25
March 04, 2021 17:57 - 31 minutes - 29 MBHi! This episode of pentest pwnage is a fun one because it was built for speeeeeeeeeeeeeeeed. Here's some of the things we're doing/running when time is of the essence: Get a cmd.exe spun up in the context of your AD user account: runas /netonly /user:samplecompany\billybob "C:\windows\system32\cmd.exe" Then get some important info in PowerView: Get-DomainUser -PreAuthNotRequired - find AD users with this flag set...then crack the hash for a (potentially) easy win! Get-NetUser -sp...
7MS #456: Certified Red Team Professional - Part 4
February 25, 2021 19:49 - 56 minutes - 52.1 MBHello friends! Today, Joe (Gh0sthax) and I complete our series on CRTP - Certified Red Team Professional - a really awesome pentesting training and exam based squarely on Microsoft tools and tradecraft. Specifically, Joe and I talk about: We don't think the training/exam is for beginners, despite how its advertised Both the lab PDF and PowerPoint have their own quirks - which may ultimately be teaching us not to be copy-and-paste jockeys, and instead build our own study guides and cheat...
7MS #455: Tales of Internal Network Pentest Pwnage - Part 24
February 19, 2021 18:03 - 52 minutes - 48 MBHey everybody! Sorry that we're late again with today's episode, but I got COVID shot #2 and it kicked my behind BIG TIME today. But I'm vertical today and back amongst the living and thrilled to be sharing with you another tale of pentest pwnage! Yeah! This might be my favorite tale yet because: I got to use some of my new CRTP skills! Make sure on your pentests that you're looking for "roastable" users. Harmj0y has a great article on this, but the TLDR is make sure you run PowerView with...
7MS #454: Cyber News - Lets Switch to Typewriters Edition
February 11, 2021 19:02 - 50 minutes - 46.3 MBHappy almost-mid-February! Today Gh0sthax cooked up some great news stories for us to chew on, including: Sudo bug gives root access to mass numbers of Linux systems! What the heck is hammering with GameStop stock? - this tweet does a great job of explaining it in plain English Solarwinds continues to be a gift that keeps on giving malware-laced gifts that people don't want Sonicwall was hacked using zero days in its own products. After recording this news segment, Sonicwall issued an...
7MS #453: Interview with Marcello Salvati
February 04, 2021 18:28 - 1 hour - 60.1 MBToday's featured interview is with Marcello Salvati of Black Hills Information Security. Marcello is a.k.a. byt3bl33d3r, and known for his many contributions to the security community. We here at 7MS first became familiar with his work after using CrackMapExec on our penetration tests, and today we sat down with Marcello to discuss: Brian's Chris Farley moment with Marcello Marcello's infosec origin story CrackMapExec, how it came to be, how it was named, and what's coming in the new vers...
7MS #452: Enterprise Attacker Emulation and C2 Implant Development
January 28, 2021 21:24 - 39 minutes - 35.9 MBHey everyone! Hope you're having a great week. Today Gh0sthax and I do a brain dump and recap of a cool (and mind-exploding) course we took last week called Enterprise Attacker Emulation and C2 Implant Development. In the tangent department, we also touch a bit on: The Fargo TV series Our upcoming interview with Marcello (a.k.a. byt3bl33d3r) from BHIS This Key and Peele sketch I just took my CRTP exam, which we've talked about a lot in the past 7MS is trying to up its pentest game b...
7MS #451: Deep Freeze
January 22, 2021 17:53 - 48 minutes - 44 MBToday we talk about a cool product called Deep Freeze, which, as its name implies, can "freeze" your computer in a known/good/frozen state. Then you can do whatever the flip you want to the machine (install icky things, tamper with C:\windows, pack your browser full of shady plugins, and more!), and then just reboot to restore! Note: this is not a sponsored episode, but will probably sound like one because I really dig this product and think you might too :-)
7MS #450: DIY Pentest Dropbox Tips - part 4
January 15, 2021 19:36 - 56 minutes - 51.7 MBHey friends! We're continuing our series on pentest dropbox building - specifically playing off last week's episode where we started talking about automating the OS builds that go on our dropboxes. Today we'll zoom in a little closer and talk about some of the specific scripting we do to get a Windows 2019 Active Directory Domain Controller installed and updated so that it's ready to electronically punch in the face with some of your mad pentesting skills! Specifically, we talk about these...
7MS #449: DIY Pentest Dropbox Tips - Part 3
January 07, 2021 21:38 - 1 hour - 61.4 MBHappy new year! This episode continues our series on DIY pentest dropboxes with a focus on automation - specifically as it relates to automating the build of Windows 10, Windows Server 2019, Kali and Ubuntu VMs. Here's the resources I talk about in more detail on today's episode that helps make the automagic happen: Windows VMs This article from Windowscentral.com does a great job of walking you through building a Windows 10 unattended install. A key piece of the automation is the autouna...
7MS #448: Certified Red Team Professional - Part 3
December 30, 2020 20:40 - 48 minutes - 44.8 MBToday, Gh0sthax and I talk about week 3/4 of the CRTP - Certified Red Team Professional training, and how it's kicking our butts a bit. Key points include: We agree this is not a certification for folks who are new to pentesting Don't expect to be following along "live" with the instructor during the training sessions You'll need to do a flippin' ton of studying and practicing on your own in between the live sessions As you follow along with the lab exercises, some things won't work - ...
7MS #447: Cyber News - The End of 2020 as We Know It Edition
December 23, 2020 18:18 - 58 minutes - 53.6 MBMerry Christmas! Happy holidays! Please enjoy the last cyber news edition of 2020, brought to us by our good pal Gh0stHax. Stories covered include: You've probably heard this by now, but FireEye had a breach that was truly sophisticated. Here's a really nice plain English breakdown of the situation for folks who may not be interested in the deep technical details. Chris Krebs, former CISA director, sues Trump campaign lawyer after death threats CSOOnline has a nice article on 4 security...
7MS #446: Certified Red Team Professional - Part 2
December 17, 2020 17:49 - 41 minutes - 37.6 MBToday's episode continues part 1 of our series on the Certified Red Team Professional certification. Key points from today's episode include: It's probably a better idea to run Bloodhound on your local machine so you don't crush the student VM's resources Running Invoke-Command is one of my new favorite things. Check this post for a bunch of cheatsheet tips for running commands in PowerShell against other hosts. Silver, gold and skeleton key attacks in AD - are they awesome? Yes? Do I s...
7MS #445: Certified Red Team Professional
December 09, 2020 23:25 - 56 minutes - 51.8 MBWelp, I need another certification like I need a hole in the head, but that didn't stop me from signing up for the Certified Red Team Professional. So I've started a series on sharing what I'm learning as I proceed through the certification path. (We're also talking about this on the 7MS forums) Here are some of the highlights from week 1: Boy oh boy is PowerView handy for extracting juicy info out of Active Directory. It works well when served with a side order of the Microsoft signed DL...
7MS #444: Interview with Christopher Fielder of Arctic Wolf
December 02, 2020 17:32 - 56 minutes - 52.1 MBHappy December! Today I virtually sat down with Christopher Fielder of Arctic Wolf, who started his career in security at 18 (I was just playing a lot of video games when I was that old)! Christopher has served in the Air Force, worked for a university and SANS, served for some three-letter organizations - and more! Christopher and I had a great chat about a variety of security topics, including: Threat hunting - why it's a term that means so many things to different people, how to get st...
7MS #443: Cyber News - Thankful for Patches Edition
November 26, 2020 18:09 - 41 minutes - 37.7 MBHappy Thanksgiving! While the turkey and pie settle in your belly, why not also digest some fantastic security news stories with our pal Gh0sthax? Today's stories include: It was another epic month of patching - both Threatpost and Krebs have great coverage of what you need to know. We don't support software pirating, but it's interesting that we just got a demo of Cobalt Strike spun up, and now the source code was leaked. Always download software updates from their source, not from not...
7MS #442: Tales of Internal Network Pentest Pwnage - Part 23
November 19, 2020 16:29 - 1 hour - 63.4 MBHey friends, I dare declare this to be my favorite tale of internal pentest pwnage so far. Why? Because the episode features: Great blue team tools alerting our customer to a lot of the stuff we were doing An EDR that we tried to beat up (but it beat us up instead) SharpGPOAbuse which we talked about extensively last week Separation of "everyday" accounts from privileged accounts Multi-factor authentication bypass! Some delicious findings in GPOs thanks to Ryan Hausec's great two ...
7MS #441: SharpGPOAbuse
November 15, 2020 04:40 - 39 minutes - 36.1 MBHello friends! Sorry to be late with this episode (again) but we've been heads-down in a lot of cool security work, coming up for air when we can! Today's episode features: A little welcome music that is not the usual scatting of gibberish I torture you with Some cool tools I'm playing with in the lab that we'll do future episodes on in the future: DetectionLab to practice detecting all the bad things! BadBlood to dirty up your AD (your test AD with groups, computers, permissions, etc.)...
7MS #440: Tales of Internal Network Pentest Pwnage - Part 22
November 08, 2020 23:00 - 33 minutes - 30.5 MBHi! Sorry to be so late with this episode, but I'm excited to share with you another fun tale of pentest pwnage! Key points from today's episode include: We do not do these episodes to brag or put down any company about their security posture. We do do (heh, I said "do do") these episodes to share what we're learning about pentesting it helps you become a better network defender and/or offender! Early in an engagement it can be fruitful to run Pcredz to find goodies in the clear like hashe...
7MS #439: Cyber News - Ransomware is Definitely Still a Thing Edition
October 29, 2020 01:18 - 1 hour - 63.6 MBHappy October and merry Halloween everybody! We're back with our buddy Joe "the machine" Skeen who is also now a Principal Security Engineer for 7MS! He's also working on a new cert, and speaking of certs, 7MS is now PCIP certified! Today's great cyber stories include: Azure AD is a single point of failure in many networks Ransomware sophistication continues to grow - as demonstrated in this story, this one and this one Ransomware such as Ryuk can go from phishing email to total domain...
7MS #438: PCI Professional Certification (PCIP) - Part 4
October 21, 2020 20:29 - 38 minutes - 35.3 MBYay - I'm a PCIP now! I welcome you to check out our past episodes on PCIP, but in some ways this will be the be all, end all episode on the topic. Today I cover: Study materials that helped me prepare: PCIP book by Linda Jones (I couldn't actually get this one in time but it looks awesome!) Flashcards from Cram Flashcards from Quizlet My flashcards from Quizlet (I'll need to sanitize these and give you the password. Contact me if interested) Flashcards from ProProfs Document...
7MS #437: Homecoming and Home ioT Security - Part 3
October 14, 2020 21:22 - 39 minutes - 36.4 MBHello! This episode is a true homecoming in that I actually recorded it from home. Yay! WARNING!!! WARNING!!! This episode contains a ton of singing. If you don't like singing, do not listen!!! With that said, I wanted to follow up on part 1 and 2 of this series and share some additional cool tools that others have told me about in regards to securing and monitoring all your ioTs! Home Assistant - is described on its Wikipedia page as "a free and open-source home automation software des...
7MS #436: Cleaning Up Your Cloud Clutter
October 07, 2020 21:25 - 48 minutes - 44.1 MBHey, hope you're having a great week! The last few weeks have had somewhat of a homecoming and home cleaning theme. To continue that train of thought, over the last few days I've gotten heavy into cleaning up my cloud clutter - cloud services, email, file sharing, etc. - in an effort to be more secure and have a reduced digital footprint. Today's tips include: Double-check that any device you have that supports full-disk encryption has it enabled On all your machines, clean up old stragg...
7MS #435: Homecoming and Home ioT Security - Part 2
October 02, 2020 03:55 - 41 minutes - 37.7 MBHi again! It's sort of fun to release two episodes in one week for a change. If you missed part 1 on our ioT security series, check it out here. Today we dive into some free/cheap monitoring solutions you can use to keep tabs on your ioT network (or any network, really): Nagios - it's old school but gets the job done. This article helped me get it going on an RPi. SolarWinds IP monitor - it was quick and easy to get up and running, but the 40 monitors you're allotted get burned up pretty q...