UNSECURITY: Information Security Podcast

Special guest & performance coach Dr. Cindra Kamphoff explores with Megan and Brad mental practices to thrive in demanding environments like IT and Cybersecurity fields.Through her work with companies like Verizon, the Minnesota Vikings, and Mayo Clinic, Cindra unpacks tools for resilience, confidence building, and facing setbacks. From the "Learn, Burn, Return" method to understanding Imposter Syndrome, this conversation prompts action and provides strategies for thriving under pressure that can apply to anyone. Enjoy this episode of Unsecurity! -- We want to hear from you! Send your suggestions, comments, and questions to unsecurity@frsecure.com. LinkedIn: https://www.linkedin.com/company/frsecure/ Instagram: https://www.instagram.com/frsecureofficial/ Facebook: https://www.facebook.com/frsecure/ BlueSky: https://bsky.app/profile/frsecure.bsky.social About FRSecure: https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

We're back! It's time for a "Meet The Mentor" session with our newest CISSP Program Instructor, John Kennedy. From joining the Air Force to being an ISSM and a cybersecurity mentor, John transports us from his challenges in tech to now leading live sessions, the pressure of building slide decks, and why giving back is essential to him and the security field. Listen to hear John's success story and get a glimpse into to this year's CISSP Cohort! For more information on FRSecure's CISSP Program, visit our webpage:https://frsecure.com/cissp-mentor-program/And register for this year's cohort through our event page! CISSP Program 2025 Registration--Continue to stay connected with our happenings through our social platforms! LinkedIn InstagramFacebookBlueSkyAbout FRSecure: https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

This week on Unsecurity, Senior Offensive Security Engineer Sean Behan sits with Brad and Megan to dissect Air Gapping. Starting with the development of the Air Gap method, they discuss its evolution and the pros and cons of each type. Tune in for an engaging discussion on understanding systems operations, strengths, and weaknesses of air gapped networks.About FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, hosts Brad Nigh and Megan Larkins are joined by Melissa Kjendle, Assessor Manager at FRSecure, to recap our recent HERoic Hacks event. Melissa spoke at the event, highlighting the significance of inclusive and diverse perspectives in cybersecurity—particularly focusing on the growing role of women in the field.Together, the three delve into the dynamics of security culture and education. The conversation covers the importance of fostering a security-conscious environment within organizations, the role of leadership in supporting this culture, and how storytelling can make security training more relatable and memorable.Tune in for an engaging discussion on building a resilient security culture and empowering individuals with the knowledge to protect themselves and their organizations.About FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this lighthearted episode, Mike Kongsjord walks us through his professional journey and time at FRSecure as he and the group celebrate his retirement. Having an introduction to Evan Francen at his last position, Mike joined the FRSecure as an Information Security Consultant and has completed five years on the team. He reflects with Megan and Brad and discusses fun retirement plans.About FRSecure:https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

With two guest features, Scott Singer from CyberNINES and FRSecure's own Security Information Consultant, Ryan Abraham, this week's episode focuses on CMMC's recent changes, enforcement, and compliance requirements.About FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

April Meyer, Information Security Consultant, shines light on the recent initiative of HHS Cybersecurity Performance Goals. *Note: This Unsecurity Episode was recorded in August 2024. CPGs are currently voluntary and it is expected that requirements be added through HIPAA in 2025. Read more about the HHS CPG's in our blog: HHS Cybersecurity Performance Goals: Context and 2 Comprehensive ChecklistsAbout FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we areready to serve.

In this special Edition of Unsecurity, Key Account Manager Tonya Barnes speaks on the creation of HERoic Hacks, the infosec conference that empowers women in the field. About HERoic Hacks: Envisioned by Tonya, and supported by FRSecure, HERoic Hacks addresses the gap in representation by providing networking opportunities, expert speakers, and award recognition with notable infosec organizations and leaders! This year's HERoic Hacks will feature keynote speaker Connie Hiber, Director of Technology Governance at GreatClips! Interested in Sponsoring or Attending? 20% of sponsorship fees will support women-led organizations WiCys and MN Women in Tech! Visit the event page to register now and sign up to sponsor. Spots are limited!https://www.eventbrite.com/e/heroic-hacks-tickets-1083192711559?aff=oddtdtcreatorAbout FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Join us in the new year as FRSecure's Incident Response Manager, Pinky Thompson, joins to recap Breachmas 2024. The group discusses LDAP, recent cyberattack trends, Evil Jinx, and more. Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com. About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Brad returns with Megan to talk 2025 predictions with former Unsecurity host Evan Francen and President of FRSecure, Oscar Minks. They discuss potential effects of new administration and AI.Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this special holiday-themed episode, Gary Berger, Director of Information Security for Ogletree Deakins Law Firm, joins Megan to go over what a CISO wants for Christmas. Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com. About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

This week, CEO, Nicole Salazar and Founder, Dr. Baljeet Malhotra of TeejLab join Megan and Brad to discuss all things Open Source and API Risk Management. Along with a brief review of Dr. Malhorta's background, the group discusses TeejLab's origins and discuss a new API workshop. About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

This week, Unsecurity hosts are joined by CTO of Recon InfoSec, Andrew Cook. They discuss Andrew's journey into the InfoSec field and Recon InfoSec's approach and value. Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com. About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, FRSecure's CFO, Vanae Pearson, and Illumifin's Chief Security Officer, Randy Kaedar are guests. The group discusses how to prompt key decision makers and executive teams to make the most effective security decisions.Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure: https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Associate Penetration Tester Victoria Fogarty joins Megan and Brad to walk through how to buy in for InfoSec programs with an executive team. Don't forget:The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com. About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Hosts of "Unsecurity" podcast, Megan Larkins and Brad Nigh, join Evan Francen and Michael Kennedy of "Sunsets and Snowdrifts" for a crossover panel.Find the event slides here: https://info.frsecure.com/hubfs/FRSecure_Hacks%20and%20Hops_Master%20Deck-1.pdfWe look forward to seeing you next year! To stay updated about Hacks & Hops 2025, check our site. hacksandhops.comPlease send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad and Megan recap Blackhat. They also discuss a zero-click exploit involving a Windows TCP IP flaw and backdoor Bitsloth exploits.Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad and Oscar are joined by a new host, FRSecure's Megan Larkins!Together, they discuss the recent CrowdStrike outage and its illustration of the importance of understanding your application inventory and dependencies—and the need for proper application allow listing and conditional access policies to prevent attacks.00:00 Introduction and Weather Conversations03:02 Introducing Megan as the New Co-host04:00 Discussion on the CrowdStrike Outage17:33 The Need for Application Inventory and Allow Listing22:28 Starting with Critical Assets and Rolling Out Application Control28:16 The Importance of Proactive Measures31:22 Shoutouts to Spouses and the FRSecure SMT Team32:48 Conclusion and FarewellDon't forget: Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, the guys sit down with Michael Kennedy of Ostra to discuss burnout and share their personal experiences and strategies for preventing and managing work-related stress.Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad, and Oscar discuss the CISSP Mentorship Program with Brian Kelley now that this year's course has officially wrapped up, and touch on challenges and roadblocks for security professionals in the job market. 00:00 Intro01:56 Ransomware and Security Best Practices06:32 CISSP Mentorship Program and Learning Journey25:32 Challenges of Information Security Professionals27:31 The Journey to Becoming a Security Consultant35:04 The Complexity of Job Postings and Hiring ChallengesPlease send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad, Oscar, and Pinky discuss recent news stories about IP and central manager flaws, as well as a vulnerability enrichment project by CISA. They also share an interesting incident response story involving internal domains and proxy auto-configuration files. Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad interviews guest Ryan Cloutier as part of our Meet the Mentors series.They discuss the importance of the CISSP Mentor Program and the value of different perspectives in teaching. They also discuss the release of an exploit code for the Palo Alto Networks Zero Day vulnerability and the ethics of publicly sharing vulnerabilities.Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 218 of the Unsecurity Podcast is now live!This time, Brad is joined by Ron Woerner for another episode of our "Meet the Mentors" series introducing the 2024 CISSP Mentor Program instructors!Links & information:Find Ron on LinkedInhttps://www.linkedin.com/in/ronwoerner/Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 217 of the Unsecurity Podcast is now live!This time, Brad is joined by Chris Foulon for the first episode in our "Meet the Mentors" series, introducing our 2024 CISSP Mentor Program instructors!Links & information:Chris's Podcast (Breaking Into Cybersecurity)https://podcasts.apple.com/us/podcast/breaking-into-cybersecurity/id1463136698Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 216 of the Unsecurity Podcast is now live! This time, Oscar and Brad are joined by FRSecure's Matt Dowd to discuss the difference between vulnerability scanning and penetration testing. Links & informationCisco Critical Vulnerabilities https://www.securityweek.com/cisco-patches-critical-vulnerabilities-in-enterprise-communication-devices/Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 215 of the Unsecurity Podcast is now live! This time, Brad is joined by FRSecure's Dave Tuckman to discuss an upcoming webinar series about securing home networks with ISACA and select FRSecure staff leading the sessions.Links & informationISACA home network webinar series:Session 1: 2/12 - Household Computer Safety, Using The Internet Safely https://isaca-sd.org/events/2024-02-12Session 2: 3/11 - Choosing and Protecting Your Account Login, Securing Mobile Devices https://isaca-sd.org/events/2024-03-11Session 3: 4/8 - Securing Wi-Fi, Securing the Wi-Fi/Network Router https://isaca-sd.org/events/2024-04-08Session 4: 5/13 - Backing up Data, Smart Devices and the Internet-of-Things https://isaca-sd.org/events/2024-05-13Session 5: 6/10 - Physical Security, Breach and Incident Response https://isaca-sd.org/events/2024-06-10Avast spying on clickshttps://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicksFacebook users monitored by thousands of companieshttps://www.consumerreports.org/electronics/privacy/each-facebook-user-is-monitored-by-thousands-of-companies-a5824207467/Time to patch and threat-hunthttps://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.htmlPlease send any questions, comments, or feedback to unsecurity@protonmail.comAbout FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 214 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Mike (Pinky) Thompson for a Breachmas report and some news from around the industry.News linksMandiant's X (Twitter) Account Hackedhttps://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.htmlCISCO Patchhttps://www.securityweek.com/cisco-patches-critical-vulnerability-in-unity-connection-product/Two Ivanti Zero-Days Actively Exploited in the Wildhttps://www.infosecurity-magazine.com/news/two-ivanti-zerodays-actively/Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 213 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Amy MacElroy to discuss company culture and how she helps maintain it in her role as head of HR.VulnerabilitiesApache Strutshttps://www.securityweek.com/recent-apache-struts-2-vulnerability-in-attacker-crosshairs/Microsoft Patch Tuesdayhttps://securityaffairs.com/155719/security/microsoft-patch-tuesday-december-2023.htmlAdobe Patches (207 Bugs)https://www.securityweek.com/adobe-patches-207-security-bugs-in-mega-patch-tuesday-bundle/Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure: https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 212 of the Unsecurity Podcast is now live!This time, Brad and Oscar sit down with FRSecure's Shawn Pollard to discuss our new free BIA starter kit, CMMC, and more.Water facilities report falling to hackers in separate breacheshttps://arstechnica.com/security/2023/11/2-municipal-water-facilities-report-falling-to-hackers-in-separate-breaches/Send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 211 of the Unsecurity Podcast is now live!This time, Brad and Oscar sit down with FRSecure's Eric Hanson and Seth Bowling to discuss R&D and defensive evasion.Blackcat report company they breached to SEC https://www.bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach/About FRSecure: https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 210 of the Unsecurity Podcast is now live!This time, Brad is joined by Megan Larkins to discuss her role as FRSecure's security consulting manager, as well as Proofpoint's 2023 Voice of the CISO report.Proofpoint's 2023 Voice of the CISOhttps://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-reportGive this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com

Episode 209 of the Unsecurity Podcast is now live! This time, Oscar and Brad welcome Evan back to the show to catch up on all his latest endeavors.Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com.

Episode 208 of the Unsecurity Podcast is now live!This time, Oscar returns to the show and the guys get a chance to catch up on all the latest.Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com

Episode 207 of the Unsecurity Podcast is now live! This week, Brad and Pinky discuss Defcon 2023, Huntin' Ground, and the recent CloudNordic ransom case.CloudNordic says it can't, and won't, pay the ransom demand (article): https://www.theregister.com/2023/08/23/ransomware_wipes_cloudnordic/Send any questions, comments, or feedback to unsecurity@protonmail.com.

This week, Oscar and Brad sit down to discuss Adobe ColdFusion & Citrix NetScaler Vulnerabilities.Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com

This month, we're doing a crossover episode with The Hackle Box!For those who are not yet aware, The Hacklebox is another FRSecure podcast focused on the technical end of current events and happenings within the security industry. It's hosted several times a month by FRSecure's Technical Services Team.Discussed this month: MOVEit AttacksMicrosoft Patch Tuesday: Six 0-DaysFortinet InfinityPlease like, subscribe, and follow us on social! Facebook: https://www.facebook.com/frsecure/Twitter: https://twitter.com/frsecure/Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/

Episode 205 of the Unsecurity Podcast is now live!This week, Oscar and Brad sit down to discuss ChatGPT, mobile malware, and the recent Super Mario malware. Don't forget: The show is available in audio or video form wherever you get your podcasts!Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

Episode 204 of the Unsecurity Podcast is now live!This week, Oscar and Brad sit down to discuss the recent MOVEit, Fortinet, and Barracuda Vulnerabilities.Links: Fortigate/Fortinet Vulnerability https://projecthyphae.com/threat/the-fortigate-to-mordor-has-been-left-open/ Critical MOVEit Transfer Vulnerability https://projecthyphae.com/threat/hackers-like-to-moveit-moveit-critical-moveit-transfer-vulnerability/ Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Applianceshttps://www.securityweek.com/zero-day-vulnerability-exploited-to-hack-barracuda-email-security-gateway-appliances/Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 203 of the Unsecurity Podcast is live!This week, Oscar and Brad sit down to discuss 'malvertising' and 'malverposting'.Links:“Malverposting” — With Over 500K Estimated Infections... https://labs.guard.io/malverposting-with-over-500k-estimated-infections-facebook-ads-fuel-this-evolving-stealer-54b03d24b349 Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

This week, Oscar and Brad sit down to discuss passwordless tech, and the FBI's recent move to take down The Hive, one of the world's most notorious ransomware gangs.FBI Takedown of The Hive https://therecord.media/hive-ransomware-decryptors-fbi-bryan-smith-interview-click-here Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com

This week, Oscar and Brad sit down to discuss used network equipment resale, the risks posed to organizations, and how you can protect yourself. Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com.

This week, Oscar and Brad sit down with the creators of Hack Space Con to discuss the mission behind the conference, the unique venue, how the event came to be, and more!Links:https://www.hackspacecon.com/ Send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 198 of the Unsecurity Podcast is now live!This week, Oscar and Brad discuss a new APT compromise strategy, a 3-year-old vulnerability exploited by multiple threat actors, and more.Links:3-Year-Old Vulnerability Exploited by Multiple Hacking Groups https://thehackernews.com/2023/03/multiple-hacker-groups-exploit-3-year.htmlAdobe ColdFusion Bughttps://gbhackers.com/adobe-coldfusion-bug/Don't forget: The show is now available in audio form wherever you get your podcasts!Send any questions, comments, or feedback to unsecurity@protonmail.com.

Episode 197 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss vendor risk management, incident response practices, and the recent Facebook vulnerability.Links:KillNet DDoS Blocklisthttps://github.com/securityscorecard/SSC-Threat-Intel-IoCs/blob/master/KillNet-DDoS-Blocklist/proxylist.txtGive this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 196 of the Unsecurity Podcast is now live! This week, Oscar is joined by FRSecure's Eric Hanson and Seth Bowling to discuss red teaming and R&D.Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

This week, Oscar and Brad discuss some ideas for new year's resolutions you can apply to your security program.Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 194 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss a CISA alert regarding Veeam backup and replication vulnerabilities being exploited, FBI seizing 48 domains linked to DDoS services, hackers using .svg files to install QBot malware on windows systems, and more.Links:CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks https://thehackernews.com/2022/12/cisa-alert-veeam-backup-and-replication.htmlFBI Seized 48 Domains Linked to World's Leading DDoS-for-Hire Services https://gbhackers.com/fbi-seized-48-domains/Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518Hackers Use SVG Images to Install QBot Malware on Windows Systems https://gbhackers.com/hackers-use-svg-images/Give episode 194 a listen and send any questions, comments, or feedback to unsecurity@protonmail.com Don't forget to like and subscribe!

Episode 193 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss the new CISA reporting rule and what it means for organizations in the critical infrastructure sector. Links:Critical Infrastructure Sectorshttps://www.cisa.gov/critical-infrastructure-sectorsCISA - Reporting Rulehttps://thehackernews.com/2022/12/what-cisa-reporting-rule-means-for-your.htmlhttps://www.congress.gov/bill/117th-congress/house-bill/5440/text?format=txthttps://www.federalregister.gov/documents/2022/09/12/2022-19551/request-for-information-on-the-cyber-incident-reporting-for-critical-infrastructure-act-of-2022https://www.cisa.gov/reporthttps://www.cisa.gov/sites/default/files/publications/Sharing_Cyber_Event_Information_Fact_Sheet_FINAL_v4.pdfGive episode 193 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

Episode 192 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss holiday precautions, vendor risk management, a few new vulnerabilities on the scene, and more.Give episode 192 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 191 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some recent vulnerabilities, cybersecurity awareness month, Hacks and Hops 2022, and more!Links:Fortinet Authentication Bypasshttps://projecthyphae.com/threat/fortinet-authentication-bypass-critical/ZeroDay: ProxyShell 2 (or 3?)https://projecthyphae.com/threat/zeroday-proxyshell-2-or-3-even-proxier/Cybersecurity Awareness Monthhttps://www.cisa.gov/cybersecurity-awareness-monthGive episode 191 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 190 of the Unsecurity Podcast is now live! This week, Oscar and Brad welcome Evan back to the show to discuss life in Mexico, next steps in the CvCISO program, and all the latest industry happenings.Links:Fancy Bearhttps://projecthyphae.com/threat/fancy-bear-sinks-its-graphite-claws-into-powerpoint/9/26/2022 Security News Rounduphttps://projecthyphae.com/threat/information-security-news-9-26-2022/Give episode 190 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!