No Shit InfoSec

I discuss the issue of what makes a real hacker with my my sonSHOW NOTESIn this episode, I discuss the ever prominent question of "What is a real hacker?". So enjoy the discussion and give me your thoughts. This topic always gets peoples feathers ruffled, so agree, disagree? Leave your thoughts and let's discuss!Cool Shit:Has you email or phone number been in a breach?https://haveibeenpwned.com/Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

A short episode about the reaching effects of breaches and accounts you may have forgotten about.New Marriot Breach:https://techcrunch.com/2022/07/06/marriott-breach-again/Privacy Fix: How to Find Old Online Accounts from Consumer Reports:https://www.consumerreports.org/digital-security/how-to-find-old-online-accounts-a1266305698/Has you email or phone number been in a breach?https://haveibeenpwned.com/Cool Shit:Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

SHOW NOTES:Brady and I discuss people and technology; where it was, where we are, and where we are going. Put on your philosophy hats!xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxPodcast Stuff:Robert actually had an Atari 1200 XL:http://oldcomputers.net/atari-1200xl.htmlRay Ban Smart Glasses:https://www.ray-ban.com/usa/electronics/RW4002%20UNISEX%20ray-ban%20stories%20%7C%20wayfarer-shiny%20black/8056597489478?fbclid=IwAR08oSxzKyvMfsPYKa1PtvVkda6rJtAlAyJ24pDFSCo03tIqaIxDnVC9IWw&cid=PM-SBI_080622-1.US-RayBanStories-EN-B-Related-Exact_RayBan_Related_ray+ban+camera+glasses&gclid=c6b5a6ec15e015a94bb7c5f91c52a69c&gclsrc=3p.ds&msclkid=c6b5a6ec15e015a94bb7c5f91c52a69c&utm_source=bing&utm_medium=cpc&utm_campaign=1.US-RayBanStories-EN-B-Related-Exact&utm_term=ray%20ban%20camera%20glasses&utm_content=RayBan_RelatedGoogle Glass is Back:https://www.google.com/glass/start/Microsoft Research:https://www.microsoft.com/en-us/research/about-microsoft-research/Microsoft Open Source Blog:https://cloudblogs.microsoft.com/opensource/Microsoft Open Source Hardware:https://azure.microsoft.com/en-us/global-infrastructure/hardware-innovation/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxPicks of the Week:Brady's PicksDefeating the Hacker: A non-technical guide to computer security by Robert Schifreenhttps://www.amazon.com/Defeating-Hacker-non-technical-computer-security/dp/0470025557Robert's Pick:The Satanic Veres by Salman Rushdie https://en.wikipedia.org/wiki/The_Satanic_VersesxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxCool Shit:Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxEND OF SHOW NOTES Hosted on Acast. See acast.com/privacy for more information.

Season 1, Episode 13Mis-information, Dis-information, and Fake News. You are a product and target for all of it.Brady and I discuss Mis-information, Dis-information, and Fake News. We discuss what it is, how it is used, and we are all a product and target for all of it. We discuss ways to avoid deception which leads to a philosophical discussion about truth, morals, and ethics. Brady takes a moment on the couch discussing how understanding the matrix for what it is can affect you on a personal level.Links and Resources:Definitely NOT real NEWS, but FUN to read:The Onionhttps://www.theonion.com/The Weekly World Newshttps://weeklyworldnews.com/Mad Magazinehttps://www.madmagazine.com/Fight Disinformation with Fact Checking Sites:Snopes(almost everything including politics, history, science, and technology)https://www.snopes.com/Politifact(all about fact-checking political claims)https://www.politifact.com/FactCheck.org(political claims, rhetorics, deception, and lies)https://www.factcheck.org/fake-news/ProPublica(deep dive for hidden truth)https://www.propublica.org/OpenSecrets(politics)https://www.opensecrets.org/Washington Post Fact Checker(critical analysis to what politicians have said this week)https://www.washingtonpost.com/news/fact-checker/Full Fact(Fact-checking website focused on the UK and Europe)https://fullfact.org/and for most recenthttps://fullfact.org/latest/Alt News(fake claims and political misinformation in India)https://www.altnews.in/BOOM FactCheck(fact-checking website in India)https://www.boomlive.in/SM Hoax Slayer(fake information on social media platforms)https://smhoaxslayer.com/Reuters Fact Check(international news fact checking)https://www.reuters.com/fact-checkPicks of the Week:Brady's PicksTobii Pro: Optimizing User Experience and Advertising Research with Eye Trackinghttps://youtu.be/ConsSlIf6n4Hotjar: Website Heatmaps & Behavior Analytics Toolshttps://www.hotjar.com/Robert's Pick:House of the Dragon: The Game of Thrones prequelhttps://www.hbo.com/house-of-the-dragonCool Shit:Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

I have had a lot of questions over the years about how to proceed with a career, education, and certifications. So, I give my take on these and what they mean relative to my life experiences. Individual mileage may vary. I also discuss the need to have a public facing social media presence that is active and consistent. Hide the private Socials and search to see what actually shows up when searching for yourself. Your future employers will. Just sayin'.Links:Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

In this episode, I discuss basic social engineering with my son and how he can learn to detect it. Hosted on Acast. See acast.com/privacy for more information.

In this week's episode, I chat with R. Brady Frost about the little plumber vs the gigantic rock. Then we move in to a discussion about the fallacy of stupid users with some great stories of stupid things done by those of us who really should know better. The moral of the story, is that we are all human and nothing will ever change that. Instead, we need to be prepared for when humans are human. Hosted on Acast. See acast.com/privacy for more information.

In this episode, I talk about getting in to the field of cybersecurity or moving up in the field. I also talk about how keyboards could keep malware from going Boom on your system.Links:Try This One Weird Trick Russian Hackers Hatehttps://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/Fake VM Sandbox artifacts - not talked about in this episodehttps://github.com/NavyTitanium/Fake-Sandbox-ArtifactsHas your password been involved in a breach?https://haveibeenpwned.com/Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

In this episode, Brady and I have a discussion with our sons, Isaac and Devin, about Internet Security. This is after a security podcast for the average human, and who better fits that bill than our kids? Stayed tuned for outtakes at the end!Pics of the week:Elden Ring (Video Game)https://en.bandainamcoent.eu/elden-ring/elden-ringThe Boys (Amazon Prime Series)https://www.primevideo.com/detail/The-Boys/0KRGHGZCHKS920ZQGY5LBRF7MAR. Brady Frosthttps://www.rbradyfrost.com/https://www.rbradyfrost.com/blog/category/a-battle-mage-reborn/Links:Has your password been involved in a breach?https://haveibeenpwned.com/Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

In this episode, I have a discussion about data reduction with special guest and author, R. Brady Frost. The discussion revolves around the security risk of keeping too much data available, and things that can be done to mitigate those risks.Pics of the week:Hackers (The Movie)https://www.imdb.com/title/tt0113243/?ref_=fn_al_tt_1Our Flag Means Deathhttps://www.imdb.com/title/tt11000902/R. Brady Frosthttps://www.rbradyfrost.com/https://www.rbradyfrost.com/blog/category/a-battle-mage-reborn/Links:Has your password been involved in a breach?https://haveibeenpwned.com/Realtime Global Cyber Attack Maphttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

Picking up from the last episode, we are now delving in to the security measures we can implement to make ourselves a less attractive for Evil Steve. After implementing 2FA, we should now be setting up and using a password manager. Then we look for and changed passwords involved in known breaches (haveibeenpwned - link in show notes). The show is approximately 19 minutes long.Links:Has your password been involved in a breach?https://haveibeenpwned.com/Password Manager Reviews:https://www.tomsguide.com/us/best-password-managers,review-3785.htmlhttps://www.pcmag.com/picks/the-best-password-managershttps://www.nytimes.com/wirecutter/reviews/best-password-managers/Stand-Alone Password ManagersKeePasshttps://keepass.info/KeePassXChttps://keepassxc.org/Recent Authenticator App Reviewshttps://www.pcmag.com/picks/the-best-authenticator-appshttps://www.nytimes.com/wirecutter/reviews/best-two-factor-authentication-app/Google password manager articleshttps://privacycrypts.com/password-managers/guides/is-chrome-password-manager-safe/https://www.experian.com/blogs/ask-experian/is-google-passwordmanager-secure/Apple iCloud Keychainhttps://www.imore.com/icloud-keychainhttps://www.intego.com/mac-security-blog/mac-and-ios-keychain-tutorial-how-apples-icloud-keychain-works/https://www.podfeet.com/blog/2021/06/icloud-keychain-vs-1password/iCloud Keychain 2FA - how tohttps://www.guidingtech.com/use-icloud-keychain-two-factor-authentication/Apple iCloud Keychain security issueshttps://www.wired.com/story/keysteal-apple-keychain-attack-shenanigans/Microsoft Authenticator vs Google Authenticatorhttps://www.365tech.ca/which-one-is-better-microsoft-authenticator-or-google-authenticator/Google Authenticatorhttps://www.techdim.com/what-is-google-authenticator/Google Authenticator security issuehttps://privacypros.io/u2f/stop-using-google-auth/Microsoft Authenticatorhttps://www.androidauthority.com/microsoft-authenticator-987754/Microsoft Authenticator security issuehttps://www.transmitsecurity.com/blog/microsoft-authenticator-a-false-sense-of-securityPermanent link because it's very cool.https://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

Picking up from the last episode, we are now delving in to the security measures we can implement to make ourselves a less attractive for Evil Steve. Two Facor Authentication (2FA) is ata the top of the list.Links:https://www.pcmag.com/picks/the-best-authenticator-apps?https://www.ledger.com/es/academy/why-two-factor-authentication-2fa-matters-now-more-than-everPermanent link because it's very cool.https://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

Picking up from Episode 3: Picking up from the last episode, we delve a bit more into the types of threat actors (people) that are attacking us. We explore the run of the mill data theft hacker to the more professional Advanced Persistent Threats (APTs). The show is about 16 minutes long.Links to information about Threat Actors listed below:https://www.cisa.gov/https://www.cisa.gov/cybersecurityhttps://www.cisa.gov/certhttps://www.csoonline.com/article/3619011/the-10-most-dangerous-cyber-threat-actors.htmlhttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

Episode 3: Who the Fuck is Evil StevePicking up from Episode 2: Good Idea Fairy Hunting we continue exploring the concept of security as a people problem.This week we stop to take a moment to focus on the Who rather than the What is attacking us. In CyberSecurity, we tend to get caught up in things that happen to us, that we forget that it is actually a person attacking us. Learning more about who wants the information we have will tell us the ways they go about stealing it. This gives us information to better protect our assets and begin active threat hunting. The show is about 15 minutes long.Links to information about Threat Actors listed below:https://www.cisa.gov/https://www.cisa.gov/cybersecurityhttps://www.cisa.gov/certhttps://www.csoonline.com/article/3619011/the-10-most-dangerous-cyber-threat-actors.htmlhttps://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.

This is the beginning of a series where I am going to discuss how to handle and tackle security as a people problem. We often lose sight of the trees for the forest and vice versa. Let's get out from behind our desks and go meet the people that need our help, even if they don't know it yet. Hosted on Acast. See acast.com/privacy for more information.

Next week we will discuss Good Idea Fairy Hunting. Be sure to tune in! Hosted on Acast. See acast.com/privacy for more information.

In this pilot episode we talk about those pesky little things that everyone loves to hate: your password(s). More importantly, we talk about the real threat and things you can do to protect yourself and your family!Has your account information been compromised (email or phone number)?https://haveibeenpwned.com/A cool tool to test password strength. Please don't use your actual password, even though I trust this site. They are also a very highly recommended password manager:https://bitwarden.com/password-strength/Just because it's cool as shit: The Real-Time Global Cyber Attack Map:https://threatmap.checkpoint.com/ Hosted on Acast. See acast.com/privacy for more information.