BrakeSec Education Podcast
472 episodes - English - Latest episode: 25 days ago - ★★★★★ - 98 ratingsA podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
2020-009-Dave Kennedy, Offensive Tool release (Part 1)
March 12, 2020 04:59 - 34 minutes - 27.9 MBDave Kennedy (@hackingDave) TrustedSec Released SEToolkit, Pentester Framework (PTF) PoC release for “Shitrix” bug (was disclosed after Google zero initiative India group) Jeff Snover, Lee Holmes - Powershell gods Arguments against release Tools are released are utilized by the ‘bad guys’ Tooling makes it more difficult to fingerprint who are who they say they are “Fuzzy Weasel Vs. Psycho Toads” Makes the bad guys job harder by making them have to create the PoC (presumably m...
2020-008-Nemesis_Taylor Mutch
March 04, 2020 03:52 - 53 minutes - 42.6 MBNemesis: https://github.com/UnityTech/nemesis https://www.techrepublic.com/article/security-concerns-hampering-adoption-of-containers-and-kubernetes/ Nemesis - a auditing tool to check against a set of benchmarks (CIS GCP only) https://en.wikipedia.org/wiki/Center_for_Internet_Security What does CIS do well? What do the CIS benchmarks do poorly? K8s workload identity - GKE specific github.com/TaylorMutch @mutchsecure Amazon STS tokens https://www.eventb...
2020-007-Roberto_Rodriguez-threat_hunting-juypter_notebooks_data-science
February 26, 2020 05:57 - 1 hour - 51 MBBrakesec Podcast is now on Pandora! Find us here: https://pandora.app.link/p9AvwdTpT3 Book club Book club is starting up again with Hands-On AWS penetration testing with Kali Linux from Gilbert and Caudill. You read and get together to discuss or demo every Monday. Get the book, start reading and meet us for the kick off Monday the 24 at 10pm eastern. The book club meets virtually on zoom, and organizes on slack..get invited like this.” Book: https://smile.amazon.com/Hands-Penetra...
2020-006-Roberto Rodriguez, threat intel, threat hunting, hunter's forge, mordor setup
February 19, 2020 06:42 - 32 minutes - 25.8 MBFull notes and graphics are on www.brakeingsecurity.com Episode 2020-006 Book club “And maybe blurb for the cast could go something like this. Book club is starting up again with Hands-On AWS penetration testing with Kali Linux from Gilbert and Caudill. You read and get together to discuss or demo every Monday. Get the book, start reading and meet us for the kick off Monday the 24 at 10pm eastern. The book club meets virtually on zoom, and organizes on slack..get invited like this.” ...
2020-005-Marcus J Carey, red team automation, and Tribe of Hackers book series
February 10, 2020 03:23 - 43 minutes - 34.9 MBBrakeing Down Security Podcast on #Pandora- https://www.pandora.com/podcast/brakeing-down-security-podcast/PC:27866 Marcus Carey https://twitter.com/marcusjcarey Prolific Author, Defender, Enterprise Architect at ReliaQuest https://twitter.com/egyp7 https://www.darkreading.com/vulnerabilities---threats/reliaquest-acquires-threatcare/d/d-id/1335950 “GreyMatter integrates security data from security incident and event manager (SIEM), endpoint detection and response (...
2020-004-Marcus Carey, ShmooCon Report, threat simulation
February 05, 2020 06:22 - 31 minutes - 25.3 MBMarcus Carey https://twitter.com/marcusjcarey Prolific Author, Defender, Enterprise Architect at ReliaQuest https://twitter.com/egyp7 https://www.darkreading.com/vulnerabilities---threats/reliaquest-acquires-threatcare/d/d-id/1335950 “GreyMatter integrates security data from security incident and event manager (SIEM), endpoint detection and response (EDR), firewalls, threat intelligence feeds, and other security tools, and includes analysis functions and automation. Threat...
2020-003- Liz Fong Jones, tracking Pentesters, setting up MFA for SSH, and Developer Advocates
January 30, 2020 06:50 - 34 minutes - 27.9 MBWhat is Honeycomb.io? From the site: “Honeycomb is a tool for introspecting and interrogating your production systems. We can gather data from any source—from your clients (mobile, IoT, browsers), vendored software, or your own code. Single-node debugging tools miss crucial details in a world where infrastructure is dynamic and ephemeral. Honeycomb is a new type of tool, designed and evolved to meet the real needs of platforms, microservices, serverless apps, and complex systems.” ...
2020-002-Liz Fong-Jones discusses blog post about Honeycomb.io Incident Response
January 23, 2020 05:53 - 36 minutes - 29.5 MBMs. Berlin's appearance on #misec podcast - https://www.youtube.com/watch?v=Cj2IF0zn_BE with @kentgruber and @quantissIA Blog post: https://www.honeycomb.io/blog/incident-report-running-dry-on-memory-without-noticing/ What is Honeycomb.io? From the site: “Honeycomb is a tool for introspecting and interrogating your production systems. We can gather data from any source—from your clients (mobile, IoT, browsers), vendored software, or your own code. Single-node debugging tools...
2020-001- Android malware, ugly citrix bugs, and Snake ransomware
January 13, 2020 03:51 - 38 minutes - 30.6 MBEducause conference: https://events.educause.edu/security-professionals-conference/2020/hotel-and-travel Amanda’s Training that everyone should come to!!! https://nolacon.com/training/2020/security-detect-and-defense-ttx Follow twitter.com/infosecroleplay Part 1: New year, new things Discussion: What happened over the holidays? What did you get for christmas? PMP test is scheduled for 10 March Proposal: Anonymous Hacker segment Similar to “The Stig”...
2019-046-end of the year, end of the decade, predictions, and how we've all changed
December 23, 2019 04:39 - 1 hour - 62.6 MBEnd of year, end of decade Are things better than 10 years ago? 5 years ago? If there was one thing to change things for the better, what would that be? Good, Bad, Ugly Did naming vulns make things better? Which industries are doing a good job of securing themselves? Finance? What do you wished never happened (security/compliance wise)? Ransomware infections with no bounties Still have people believing “Nessus” is a pentest https://nrf.com/ ...
2019-045-Part 2-Noid, Dave Dittrich, empowered teams, features vs. security
December 18, 2019 04:09 - 1 hour - 49.9 MBThe day after part 1 Keybase halted the spacedrop the day after the first podcast is complete... Security failures in implementation “We need to push this to market, we’ll patch it later!” Risk management discussion for project managers (PMP) CIA Triad… where does ‘business goals’ fit? Security is at odds with the bottom line **Reference Noid’s Bsides Seattle talk and podcast earlier this year.** Other companies that have made security mistakes in the name of ...
2019-044-Noid and Dave Dittrich discusses recent keybase woes - Part 1
December 10, 2019 03:10 - 1 hour - 56.6 MBPatreon donor goodness: Scott S. and Ion S. @_noid_ @davedittrich Their response: “it’s not a bug, it’s a feature” “Don’t write a blog post that will point out the issue” “You pointing out our issues makes things more difficult for us” “It’s a free service, why are you hurting us?” https://keybase.io/docs/bug_reporting Nov 22nd Noid (@_noid_) Keybase discussion blog post https://www.whiskey-tango.org/2019/11/keybase-weve-got-privacy-problem.html ...
2019-043-Bea Hughes, dealing with realistic threats in your org
December 04, 2019 02:39 - 1 hour - 65 MBRealistic Threats Nation states aren’t after you https://twitter.com/beajammingh/status/1191884466752385025 https://twitter.com/beajammingh/status/1198671660150226946 https://twitter.com/beajammingh/status/1198671952824565762 https://www.leviathansecurity.com/blog/the-calculus-of-threat-modeling What are credible threats? Malicious insiders - Non-malicious insiders - https://www.scmagazine.com/home/security-news/not-every-insider-threat-is-malicious-but-all-ar...
2019-042-CircuitSwan, Gitlabs, Job descriptions that don't suck, layer8con
November 27, 2019 17:10 - 1 hour - 55.6 MBDiana Initiative @circuitswan @dianainitiative https://www.dianainitiative.org/ https://twitter.com/DianaInitiative Conference in Las Vegas (Aug 6-7, 2020) (Thu & Fri) [email protected] Topics Diana initiatives Past 2015 - idea at defcon 23 2016-17-18 growing but got too big! 2019 got our own space, ~800 tickets 2020 plans-westin again, 2 speaking tracks and 1 workshop track, solder village, career village, CTF, lock picking Mentoring both CFP an...
2019-041-circuitswan, diana initiative, diversity initiatives at conferences
November 21, 2019 06:04 - 38 minutes - 35.3 MBDiana Initiative @circuitswan https://www.dianainitiative.org/ https://twitter.com/DianaInitiative Conference in Las Vegas (Aug 6-7, 2020) (Thu & Fri) [email protected] Topics Diana initiatives Past 2015 - idea at defcon 23 2016-17-18 growing but got too big! 2019 got our own space, ~800 tickets 2020 plans-westin again, 2 speaking tracks and 1 workshop track, solder village, career village, CTF, lock picking Mentoring both CFP and presen...
2019-040-vulns in cisco kit, google's project 'nightmare', healthcare data issues, TAGNW conference update
November 12, 2019 05:34 - 1 hour - 53.5 MBTagnw.org Amazon Smile - brakesec.com/smile News: https://www.androidpolice.com/2019/11/11/google-project-nightingale-health-records-collection/ https://www.csoonline.com/article/3439400/secrets-of-latest-smominru-botnet-variant-revealed-in-new-attack.html https://blog.naijasecforce.com/the-jar-based-malware/ - ms. Infosecsherpa mailing list “nuzzle” https://www.axios.com/hospitals-cybersecurity-medical-information-hacking-076cb826-fc69-4ba6-b3fd-57ce19ab00c6.html ...
2019-039-bluekeep_weaponized-npm_security_cracks-grrcon_report
November 04, 2019 06:27 - 53 minutes - 43 MBGrrcon update 2019-039- bluekeep Weaponized… and more Bluekeep weaponized https://www.bleepingcomputer.com/news/security/bluekeep-remote-code-execution-bug-in-rdp-exploited-en-masse/ https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 https://www.microsoft.com/security/blog/2019/08/08/protect-against-bluekeep/ https://www.wired.com/story/bluekeep-hacking-cryptocurrency-mining NordVPN hacked: https://arstechnica.com/information...
2019-038-Deveeshree_Nayak-risk_analysis, and OWASP WIA
October 30, 2019 04:57 - 1 hour - 61.6 MBOWASP WIA - https://www.youtube.com/watch?v=umnt0qbOPsE https://www.owasp.org/index.php/Women_In_AppSec OWASP Women in AppSec Twitter: 2013_Nayak (reach and ask to be added) https://www.tagnw.org/events/ Risk in Infosec Risk - a situation which involves extreme danger and extensive amount of unrecovered loss What about risks that are positive in nature? PMP calls them ‘opportunities’ Risk Analysis - systemic examination of the components and characteristics of risk ...
2019-038- Ethical dilemmas with offensive tools, powershell discussion with Lee Holmes - Part2
October 22, 2019 06:46 - 52 minutes - 42.2 MBDerbycon9 talk - PowerShell Security Looking Back from the Inside - https://www.youtube.com/watch?v=DYWPtt7qszY&list=PLNhlcxQZJSm_ZDJBksg97I5q1XsdQcyN5&index=27&t=0s Encarta - https://en.wikipedia.org/wiki/Encarta Scott Hanselman’s twitter thread about Encarta: https://twitter.com/shanselman/status/1158780839464849409 Congrats on the black badge :) I like that you bring up execution policies. That it was never created to become a security control I started alert...
2019-037-Lee Holmes, Powershell logging, and why there's an 'execution bypass'
October 17, 2019 05:02 - 50 minutes - 45.8 MBDerbycon9 talk - PowerShell Security Looking Back from the Inside - https://www.youtube.com/watch?v=DYWPtt7qszY&list=PLNhlcxQZJSm_ZDJBksg97I5q1XsdQcyN5&index=27&t=0s Encarta - https://en.wikipedia.org/wiki/Encarta Scott Hanselman’s twitter thread about Encarta: https://twitter.com/shanselman/status/1158780839464849409 Congrats on the black badge :) I like that you bring up execution policies. That it was never created to become a security control I started alerting ...
2019-036-RvrShell-graphql_defense-Part2
October 09, 2019 05:20 - 57 minutes - 45.7 MBSecure Python course: https://brakesec.com/brakesecpythonclass PDF Slides: https://drive.google.com/file/d/1wmxrfgbaHu56kfccLoOd5M3Zz6bNP6Qi/view?usp=sharing GraphQL High Level https://graphql.org/ Designed to replace REST Arch Allow you to make a large request, uses a query language Released by FB in 2012 JSON Learn Enough to be dangerous https://blog.bitsrc.io/13-graphql-tools-and-libraries-you-should-know-in-2019-e4b9005f6fc2 WSDL: https://www.w3.or...
2019-035-Matt_szymanski-attack and defense of GraphQL-Part1
October 02, 2019 18:38 - 42 minutes - 34 MBDerbycon Discussion (bring Matt in) Python course: https://brakesec.com/brakesecpythonclass PDF Slides: https://drive.google.com/file/d/1wmxrfgbaHu56kfccLoOd5M3Zz6bNP6Qi/view?usp=sharing GraphQL High Level https://graphql.org/ Designed to replace REST Arch Allow you to make a large request, uses a query language Released by FB in 2012 JSON Learn Enough to be dangerous https://blog.bitsrc.io/13-graphql-tools-and-libraries-you-should-know-in-2019-e4b9005...
2019-034- Tracy Maleeff, empathy as a service, derbycon discussion
September 22, 2019 20:12 - 1 hour - 67.1 MBPodcast Interview (Youtube): https://youtu.be/4tdJwBMh3ow Tracy Maleeff (pronounced like may-leaf) - https://twitter.com/InfoSecSherpa https://medium.com/@InfoSecSherpa https://nuzzel.com/InfoSecSherpa Python secure coding class - November 2nd / 5 Saturdays @nxvl Teaching https://www.eventbrite.com/e/secure-python-coding-with-nicolas-valcarcel-registration-72804597511 Derbycon Talk: https://www.youtube.com/watch?v=KILlp4KMIPA Plugs: Nuzzel newsletter: ht...
2019-033-Part 2 of the Kubernetes security audit discussion (Jay Beale & Aaron Small)
September 16, 2019 05:13 - 44 minutes - 35.6 MBTopics: Infosec Campout report Jay Beale (co-lead for audit) *Bust-a-Kube* Aaron Small (product mgr at GKE/Google) Atreides Partners Trail of Bits What was the Audit? How did it come about? Who were the players? Kubernetes Working Group Aaron, Craig, Jay, Joel Outside vendors: Atredis: Josh, Nathan Keltner Trail of Bits: Stefan Edwards, Bobby Tonic , Dominik Kubernetes Project Leads/Devs Intervie...
the last Derbycon Brakesec podcast
September 07, 2019 03:43 - 50 minutes - 40.6 MBThis evening, we all came together to spend a bit of time talking about the final Derbycon. We talk to Mic Douglas about his 9 Derbycon appearances, Gary Rimar (piano player Extraordinare) talks about @litmoose's talk on how to tell C-Levels that their applications aren't good. We also got asked about how the show came about, and how we found each other. **Apologies for the echo in some parts... I did what I could to clean it up, but we were too close and the mics got a bit overz...
2019-032-kubernetes security audit dicussion with Jay Beale and Aaron Small
August 31, 2019 19:00 - 47 minutes - 37.8 MBTopics: Infosec Campout report Derbycon Pizza Party (with podcast show!) https://www.eventbrite.com/e/brakesec-pizza-party-at-the-derbycon-mental-health-village-tickets-69219271705 Mental health village at Derbycon Jay Beale (co-lead for audit) *Bust-a-Kube* Aaron Small (product mgr at GKE/Google) Atreides Partners Trail of Bits What was the Audit? How did it come about? Who were the players? Kubernetes Working Group Aaron, Craig, Jay, Joel ...
2019-031- Dissecting a Social engineering attack (Part 2)
August 16, 2019 03:27 - 50 minutes - 40.1 MBIntro - Ms. DirInfosec “Anna” Call Centers suffer from wanting to give good customer service and need to move the call along. Metrics are tailored to support an environment conducive to these kinds of attacks https://en.wikipedia.org/wiki/Social_engineering_(security) Social engineering will prey on people’s altruism “Pregnant woman needing help through the security door” “Person on crutches” “Delivery person with arms full” “Can’t remember information...
2019-030-news, breach of PHI, sephora data breach
August 09, 2019 00:46 - 53 minutes - 43.2 MBhttps://www.infosecurity-magazine.com/news/95-test-problems/ https://www.databreaches.net/a-misconfigured-aws-bucket-exposed-personal-and-counseling-logs-of-almost-300000-indian-employees/ https://www.scmagazine.com/home/security-news/data-breach/sephora-reports-data-breach-but-few-details/ https://www.infosecurity-magazine.com/news/93-of-organizations-cite-phishing/ https://tresorit.com/blog/the-top-6-takeaways-from-the-2019-cost-of-a-data-breach-report/ Good...
2019-029-dissecting a real Social engineering attack (part 1)
August 01, 2019 01:56 - 47 minutes - 37.7 MBIntro - Ms. DirInfosec “Anna” Call Centers suffer from wanting to give good customer service and need to move the call along. Metrics are tailored to support an environment conducive to these kinds of attacks https://en.wikipedia.org/wiki/Social_engineering_(security) Social engineering will prey on people’s altruism “Pregnant woman needing help through the security door” “Person on crutches” “Delivery person with arms full” “Can’t remember information, ot...
2019-028-fileless_malware_campaign,privacy issues with email integration-new_zip_bomb_record
July 24, 2019 03:02 - 59 minutes - 27.4 MBFIleless malware campaign - https://www.microsoft.com/security/blog/2019/07/08/dismantling-a-fileless-campaign-microsoft-defender-atp-next-gen-protection-exposes-astaroth-attack/ https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/fileless-threats https://www.andreafortuna.org/2017/12/08/what-is-reflective-dll-injection-and-how-can-be-detected/ https://www.extremetech.com/computing/294852-new-zip-bomb-stuffs-4-5pb-of-data-into-46mb-file https...
2019-027-GDPR fines for British Airways, FTC fines Facebook, Zooma-palooza
July 14, 2019 21:03 - 43 minutes - 39.7 MBMITRE Pre-Attack techniques https://attack.mitre.org/techniques/pre/ https://www.bbc.com/news/business-48905907 Zoom - https://www.wired.com/story/zoom-flaw-web-server-fix/ Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected] #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Y...
2019-026-Ben Johnson discusses hanging your shingle, going independent
July 09, 2019 06:00 - 38 minutes - 35 MBStarting a new business (hanging the shingle) What’s a way to become an independent consultant? Especially if you don’t have a reputation? Ben's reading list: “Mindset: the New Psychology of success” “Essentialism” “Extreme ownership” “Team of teams” Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email [email protected] #Brakesec Store!:https://www.teepublic.com/...
2019-025-Ben Johnson discusses identity rights management, and controlling your AuthN/AuthZ issues
July 02, 2019 05:30 - 41 minutes - 38.2 MBIdentity analytics “Identity analytics is the next evolution of the IGA (Identity Governance & Administration) market. Identity professionals can use this emerging set of solutions combining big data and advanced analytics to increase identity-related risk awareness and enhance IAM processes such as access certification, access request and role management.” --gartner Identity related risk awareness Access certification is the process of validating access rights within systems. .....
2019-024-Tanya_Janca-mentorship-WoSec_organizations_what-makes-a-good-mentor
June 24, 2019 02:42 - 53 minutes - 49.3 MBTanya Janca (@shehackspurple) DevOps Tools for free/cheap. They are all on github right, so they are all free? Python, Docker, k8s, Jenkins Licensing can be a problem Free-mium software, or trialware is useful? OWASP DevSlop Module Nicole Becker Pixie - insecure instagram “Betty Coin” SSLlabs - Qualys Mentoring Monday: What is “Mentoring Monday”? What does it take to be a good mentor? Should a mentee have a goa...
2019-023-Tanya Janca, Dev Slop, DevOps tools for free or cheap
June 18, 2019 05:31 - 40 minutes - 37.2 MBAnnouncements: InfoSec Campout Conference (Eventbrite, social contract, etc): https://www.infoseccampout.com All Day Devops (https://www.alldaydevops.com) free talks online... Next conference starts 06 November 2019 ------ Tanya Janca (@shehackspurple) @wosectweets - Women of Security DevOps Tools for free/cheap. They are all on github right, so they are all free? Python, Docker, k8s, Jenkins Licensing can be a problem Free-mium software, or trialware is ...
2019-022-Chris Sanders-Rural_Tech_Fund-embracing_the_ATT&CK_Matrix
June 09, 2019 22:15 - 1 hour - 56 MBANNOUNCEMENTS: INFOSEC CAMPOUT TICKETS ARE STILL ON SALE. Go to https://www.infoseccampout.com for Eventbrite link and more information. Part 2 of our Discussion with Chris Sanders (@chrissanders88) Topics discussed: Companies dropping existing frameworks for ATT&CK Matrix, why? Rural Technology Fund - What it is, how does it work, Who can help make it more awesome. https://chrissanders.org/2019/05/infosec-mental-models/ I’ve argued for some time that information...
2019-021-Chris Sanders discusses a cognitive crisis, mental models, and dependence on tools
June 04, 2019 06:09 - 47 minutes - 43.9 MBhttps://chrissanders.org/2019/05/infosec-mental-models/ I’ve argued for some time that information security is in a growing state of cognitive crisis… Demand outweighs supply Because so many organizations need experience, they are unable to appropriately invest in entry-level jobs and devote the necessary time for internal training. That’s an HR and hiring manager issue, right? --brbr No. --bboettcher Information cannot be validated or trusted There are few auth...
2019-020-email_security_controls-windows_scheduler
May 29, 2019 05:00 - 1 hour - 57.7 MBBryan got phished (almost) - story time! https://isc.sans.edu/forums/diary/Do+you+block+new+domain+names/17564/ Through OpenDNS https://learn-umbrella.cisco.com/product-videos/newly-seen-domains-in-cisco-umbrella Available January 2017, Umbrella filters newly seen or created domains. By using new domains to host malware and other threats, attackers can outsmart security systems that rely on reputation scores or possibly outdated block lists. Umbrella now stops these domains...
2019-019-Securing your RDP and ElasticSearch, InfoSec Campout news
May 20, 2019 02:26 - 53 minutes - 48.7 MBhttps://static1.squarespace.com/static/556340ece4b0869396f21099/t/5cc9ff79c830253749527277/1556742010186/Red+Team+Practice+Lead.pdf https://www.reddit.com/r/netsec/comments/bonwil/prevent_a_worm_by_updating_remote_desktop/ https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/ https://security.berkeley.edu/resources/best-practices-how-articles/system-application-security/securing-remote-desktop-rdp-system https://ww...
2019-018-Lesson's I learned, github breach, ransoming github repos
May 14, 2019 05:42 - 39 minutes - 36.4 MBThings I learned this week: https://www.securusglobal.com/community/2013/12/20/dumping-windows-credentials/ https://www.helpnetsecurity.com/2019/04/29/docker-hub-breach/ https://www.zdnet.com/article/a-hacker-is-wiping-git-repositories-and-asking-for-a-ransom/ https://attack.mitre.org/techniques/T1003/ https://github.com/giMini/PowerMemory https://en.wikipedia.org/wiki/Local_Security_Authority_Subsystem_Service https://attack.mitre.org/techniques/T1208/
2019-017-K8s Security, Kamus, interview with Omer Levi Hevroni
May 05, 2019 23:58 - 49 minutes - 22.8 MBK8s security with Omer Levi Hevroni (@omerlh) service tickets - Super-Dev Omer’s requirements for storing secrets: Gitops enabled Kubernetes Native Secure “One-way encryption” Omer’s slides and youtube video: https://www.slideshare.net/SolutoTLV/can-kubernetes-keep-a-secret https://www.youtube.com/watch?v=FoM3u8G99pc&&index=14&t=0s We’ve all experienced it: you’re working on a task, adding some code, and then you need to store some sensitive co...
2019-016-Conference announcement, and password spray defense
April 29, 2019 04:21 - 46 minutes - 42.3 MBAgenda: Announce the conference CFP: up soon CFW: up soon Campers: Friday night/Saturday night Like “toorcamp”, but if it sucks, you can drive home… :D Limiting tickets, looking for sponsors To support the conference and future initiatives: “Infosec Education Foundation” 501c3 non-profit (we are working on the charity part) www.infoseccampout.com Password spraying https://github.com/dafthack/DomainPasswordSpray Stories: https://blog.stea...
2019-015-Kevin_johnson-incident_response_aftermath
April 22, 2019 01:50 - 1 hour - 77.3 MBAnnouncements: https://www.workshopcon.com/ SpecterOps (red Team operations) and Tim Tomes (PWAPT) Bsides Nashville https://blog.secureideas.com/2019/04/we-take-security-seriously-and-other-trite-statements.html “We take security seriously and other trite statements“ Wordpress infrastructure (supply chain failure) WordPress plugin called Woocommerce was at fault. Vuln late last year: https://www.bleepingcomputer.com/news/security/wordpress-design...
2019-014-Tesla fails encryption, Albany and Sammamish ransomware attacks.
April 15, 2019 03:55 - 50 minutes - 46.4 MBAnnouncements: WorkshopCon Training with SpecterOps and Tim Tomes www.workshopcon.com redteam operations with SpecterOps PWAPT with Tim Tomes Source Boston: [Boston, MA 2019 (April 29 – May 3, 2019) (https://sourceconference.com/events/boston19/)Trainings: April 29 - April 30, 2019 | Conference: May 1 - 3, 2019 Cybernauts CTF meetup in Austin Texas at Indeed offices, 23 April at 5pm Central time. https://nakedsecurity.sophos.com/2019/04/02/wrecked-teslas-hang-onto-your-...
2019-013-ASVSv4 discussion with Daniel Cuthbert and Jim Manico - Part 2
April 07, 2019 19:00 - 56 minutes - 51.8 MBAnnouncements: SpecterOps and Tim Tomes are giving training at WorkshopCon https://www.workshopcon.com Rob Cheyne Source Boston - https://sourceconference.com/events/boston19/ Austin Cybernauts meetup - https://www.eventbrite.com/e/cybernauts-ctf-meetup-indeed-tickets-58816141663 SHOW NOTES: Architecture is not an implementation, but a way of thinking about a problem that has potentially many different answers, and no one single "correct" answer. https://github.com/OWASP/ASVS “...
2019-012: OWASP ASVSv4 discussion with Daniel Cuthbert and Jim Manico - Part 1
April 01, 2019 02:36 - 51 minutes - 47.5 MBShow Notes SpecterOps and Tim Tomes are giving training at WorkshopCon https://www.workshopcon.com Rob Cheyne Source Boston - https://sourceconference.com/events/boston19/ Architecture is not an implementation, but a way of thinking about a problem that has potentially many different answers, and no one single "correct" answer. https://github.com/OWASP/ASVS “is to normalize the range in the coverage and level of rigor available in the market when it comes to performing Web a...
2019-011-part 2 of our interview with Brian "Noid" Harden
March 24, 2019 23:00 - 47 minutes - 21.6 MBLog-MD story SeaSec East meetup Gabe (county Infosec guy) https://www.sammamish.us/government/departments/information-technology/ransomware-attack-information-hub/ New Slack Moderator (@cherokeeJB) Shoutout to “Jerry G” Mike P on Slack: https://www.eventbrite.com/e/adversary-tactics-red-team-operations-training-course-dc-april-2019-tickets-54735183407 www.Workshopcon.com/events and that we're looking for BlueTeam trainers please Any chance you can tag @w...
2019-010-Zach_Ruble-building_a_better_cheaper_C2_infra
March 18, 2019 05:34 - 1 hour - 33 MBShout-out to Thomas… Tried to meetup while at SEA comic-con Patreon Log-MD Hacker’s Health - Ms. Roddie is at TROOPERS (Ms. Berlin?) 4 podcasts? SpecterOps Training / workshopCon - https://www.workshopcon.com/events Zach Ruble- @sendrublez C2 infra using Public WebApps TARCE - Teaching Assistant RCE(?) - they run your code every week, don’t check for backdoors before running it... C2 Basics Local HTTPd server (bashfile) Python scrapes web server 3 compo...
2019-009- Log-MD story, Noid, communicating with Devs and security people-part1
March 12, 2019 01:44 - 51 minutes - 46.7 MBLog-MD story (quick one) (you’ll like this one, Mr. Boettcher) SeaSec East meetup "Gabe" https://www.sammamish.us/government/departments/information-technology/ransomware-attack-information-hub/ New Slack Moderator (@cherokeeJB) Shoutout to “Jerry G” Mike P on Slack: https://www.eventbrite.com/e/adversary-tactics-red-team-operations-training-course-dc-april-2019-tickets-54735183407 www.Workshopcon.com/events and that we're looking for BlueTeam trainers plea...
2019-008-windows retpoline patches, PSremoting, underthewire, thunderclap vuln
March 04, 2019 05:29 - 56 minutes - 19.2 MBBrakeingDownIR show #10 GrumpySec appearance? https://support.microsoft.com/en-us/help/4482887/windows-10-update-kb4482887 https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Mitigating-Spectre-variant-2-with-Retpoline-on-Windows/ba-p/295618 https://blogs.technet.microsoft.com/srd/2018/03/15/mitigating-speculative-execution-side-channel-hardware-vulnerabilities/ “Microsoft has added support for the /Qspectre flag to Visual C++ which currently enables some narrow com...