Podcasts about bluehat

In this episode of The BlueHat Podcast, Nic and Wendy are joined by seasoned security researcher, and CTO of Morphisec, Michael Gorelik. Michael discusses his approach to security research, which often begins by exploring PoCs released by other researcher groups and continues through to the release and validation of – sometimes multiple rounds of – fixes. Michael also provides an overview of this BlueHat 2024 presentation from last October and discusses his upcoming participation in the Zero Day Quest Onsite Hacking Challenge.      In This Episode You Will Learn:     How Michael Gorelik transitioned from security researcher to company founder  Deeper motivations driving ethical hackers like Michael Gorelik beyond money  The importance of identifying incomplete security patches before attackers do    Some Questions We Ask:    What are you looking forward to with Zero Day Quest?  Did you have a moral dilemma about hacking when you were younger?  What was your experience like at Deutsche Telekom Laboratories?      Resources:       View Michael Gorelik on LinkedIn    View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn      Related Microsoft Podcasts:       Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts    The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network. 

In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Jason Geffner, Principal Security Architect at Microsoft, to discuss his groundbreaking work on scaling and automating Dynamic Application Security Testing (DAST). Following on from his BlueHat 2024 session, and outlined in this MSRC blog post, Jason explains the key differences between DAST, SAST, and IAST, and dives into the challenges of scaling DAST at Microsoft's enterprise level, detailing how automation eliminates manual configuration and improves efficiency for web service testing.     In This Episode You Will Learn:     Overcoming the challenges of authenticated requests for DAST tools  The importance of API specs for DAST and how automation streamlines the process  Insights into how Microsoft uses DAST to protect its vast array of web services    Some Questions We Ask:    What's a lesson from this work that you can share with those without Microsoft's resources?  Can you explain what the transparent auth protocol is that you mentioned in the blog post?  How is your work reducing the manual effort needed to configure DAST system services?     Resources:       View Jason Geffner on LinkedIn    View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn     Related Blog Post: Scaling Dynamic Application Security Testing (DAST) | MSRC Blog  Related BlueHat Session Recording: BlueHat 2024: S10: How Microsoft is Scaling DAST     Related Microsoft Podcasts:       Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek, a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky hacking tools, navigating the controversial beginnings of red teaming, and transitioning to the Windows Security Team to focus on low-level security and mitigations. Joe reflects on the challenges of internal hacking, the human reactions to being "hacked," and the value of strengthening defenses before external threats arise.    In This Episode You Will Learn:     How Microsoft is developing tooling to identify and address bad programming patterns  Why kernel-related discussions are primarily focused on Windows and driver developers  The challenges developers face when reading and writing through pointers in C or C++    Some Questions We Ask:    How does working with the Windows kernel impact system security and performance?  What sets Windows kernel and driver development apart from other types of development?  Why should internal teams test systems for vulnerabilities before external hackers?      Resources:       View Joe Bialek on LinkedIn   View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn     BlueHat 2024 Session: Pointer Problems – Why We're Refactoring the Windows Kernel    Related Microsoft Podcasts:     Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts    The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network. 

While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The BlueHat Podcast by Microsoft and MSRC. See you in 2025! Yonatan Zunger, CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He highlights how generative AI's ability to process natural language and role-play has vast potential, though its applications are still emerging. He contrasts this with predictive AI's strength in handling large datasets for specific tasks. Yonatan emphasizes the importance of ethical considerations in AI development, stressing the need for continuous safety engineering and diverse perspectives to anticipate and mitigate potential failures. He provides examples of AI's positive and negative uses, illustrating the importance of designing systems that account for various scenarios and potential misuses.      In This Episode You Will Learn:       How predictive AI anticipates outcomes based on historical data  The difficulties and strategies involved in making AI systems safe and secure from misuse  How role-playing exercises help developers understand the behavior of AI systems    Some Questions We Ask:        What distinguishes predictive AI from generative AI?  Can generative AI be used to improve decision-making processes?  What is the role of unit testing and test cases in policy and AI system development?    Resources:   View Yonatan Zunger on LinkedIn      View Wendy Zenone on LinkedIn   View Nic Fillingham on LinkedIn    Related Microsoft Podcasts:     Microsoft Threat Intelligence Podcast   Afternoon Cyber Tea with Ann Johnson   Uncovering Hidden Risks       Discover and follow other Microsoft podcasts at microsoft.com/podcasts   Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Johann Rehberger, security expert and Red Team director at Electronic Arts. Johann shares his career journey through roles at Microsoft, Uber, and EA, highlighting his expertise in red teaming and cybersecurity. Johann shares the inspiration behind his book on Red Team strategies and discusses his BlueHat 2024 talk on prompt injection vulnerabilities, a critical and evolving AI security challenge. Johann breaks down the distinction between prompt injection and jailbreaking, offering insights into the potential risks, including data exfiltration and system unavailability, and emphasizes the importance of securing Red Teams themselves.      In This Episode You Will Learn:     Why AI tools should have stricter default settings to control what kind of outputs they generate  The importance of reading technical documentation to understand how AI systems are built  Why developers should implement stronger filters for what tokens are allowed to be emitted by LLMs    Some Questions We Ask:    How are prompt injection and SQL injection similar, and how are they different?  What is AI spyware, and how does it exploit memory tools in ChatGPT?  Does AI jailbreaking access the LLM's core system like iPhone jailbreaking does the OS?         Resources:       View Johann Rehberger on LinkedIn   View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn      Related Microsoft Podcasts:       Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone present an insightful address by Corporate Vice President and Head of Product for Microsoft's Developer Division, Amanda Silver. Amanda discusses the importance of securing the software supply chain and Microsoft's efforts to protect the open-source ecosystem. She introduces the Secure Software Supply Chain Consumption Framework (S2C2F), a model for tracking and defending against vulnerabilities in open-source dependencies. Silver highlights tools like Dependabot and improvements in NuGet to help developers address security issues seamlessly. She also shares a case study on the "XZ" supply chain attack, underscoring the need for a security mindset in tech culture. Silver closes by urging listeners to adopt a proactive approach to cybersecurity, emphasizing that attacks are inevitable.       Resources:    View Amanda Silver on LinkedIn      View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn      Related Microsoft Podcasts:       Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts    The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.

In episode 41 of The BlueHat Podcast we bring you the BlueHat 2024 day 1 keynote address given by Chris Wysopal, also known as Weld Pond, founder and Chief Security Evangelist at VeraCode, and founding member of the L0pht.     Chris' talk - A Clash of Cultures Comes Together to Change Software Security - recounts the early days of “hacking” and how the industry evolved to embrace vulnerability discovery and coordinated, responsible disclosure.    Chris presentation provides a fascinating reflection on a tumultuous period for Microsoft around 2001, marked by significant vulnerability discoveries, which ultimately led to the establishment of the Organization for Internet Safety and the consultancy AtStake, transforming the security landscape and professionalizing the role of hackers. Watch Chris' BlueHat 2024 Day 1 Keynote here: https://youtu.be/w6SAqT4ZQik    Resources:    View Chris Wysopal on LinkedIn      View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn      Related Microsoft Podcasts:       Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts   

In this episode, Michael talks to Nic Fillingham about the recent Microsoft Bluehat Security conference held at the Microsoft HQ in Redmond, WA. We also discuss how to tell the NZ and Australian accents apart. This alone is worth listening too :)This is a follow-on from episode 103 when we talked about what was coming up for Bluehat.No news, as this is a special, smaller episode. It's also the least edited; other than some ums and ers getting removed and a small retake, the result is as was recorded. Let us know what you think, this feels a little more 'chatty' and personable.https://aka.ms/azsecpod

In this episode we speak to Nic Fillingham who is a Senior Program Manager at Microsoft about security conferences and mainly about the Microsoft Bluehat conference he runs. We also discuss security about PostgreSQL, Cosmos DB, IP address management, containers and AI Studio. https://aka.ms/azsecpod

In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is live from Blue Hat Israel in Tel Aviv. Igal Lytzki and Din Serussi discuss their presentation on advanced phishing and evasion techniques, highlighting the rise of QR phishing and custom-made captures, which involve interactive challenges to bypass security systems. Gal Niv and Jonathan Jacobi discuss their experience with the Web3 challenge they created, focusing on a smart contract vulnerability on the Ethereum blockchain. Ida Vass, the mastermind behind BlueHat IL, talks about the conference's impact and her motivation, driven by the community's spirit and the desire to continually innovate and Wolf Goerlich the keynote speaker, discusses his approach to the keynote, focusing on positive advancements in cybersecurity rather than dwelling on the negative.    In this episode you'll learn:          Practical advice for organizations to bolster their email security defenses  The critical need to apply historical attack models to new technologies  Progress in hardening OS and network security and the shift in threat actor tactics    Some questions we ask:         What emerging technologies or threats do you find most intriguing or concerning?  How does the production level of BlueHat compare to other conferences?  What do state-sponsored email threats look like right now?     Resources:   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Stargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last week's major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight companies to explain algorithmic pricing. Meta cracks down on the Nigerian Yahoo Boys. A fake IT worker gets caught in the act. My conversation with Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast.” Researchers wonder if proving you're human proves profitable for Google.  Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast," talking about what to expect on Bluehat on the N2K media network. You can catch the podcast every other Wednesday. Their latest episode launching today can be found here.  Selected Reading A Hacker ‘Ghost' Network Is Quietly Spreading Malware on GitHub (WIRED) CrowdStrike blames test software for taking down 8.5 million Windows machines (The Verge) BreachForums v1 database leak is an OPSEC test for hackers (Bleeping Computer) Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication (Dark Reading) Schneider Regional Medical Center hit by ransomware attack (Beyond Machines) New phishing report names and shames TLDs, registrars (The Verge) FTC Issues Orders to Eight Companies Seeking Information on Surveillance Pricing (FTC) Meta bans 63,000 accounts belonging to Nigeria's sextortionist Yahoo Boys (The Record) How a North Korean Fake IT Worker Tried to Infiltrate Us (KnowBe4) Forget security – Google's reCAPTCHA v2 is exploiting users for profit (The Register)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Dustin Heywood, Hacker, Researcher, and Senior Leader at IBM, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Dustin provided a live demonstration of cracking NTLM version 1 during his BlueHat presentation, showcasing the process of responding to challenges, using coercion techniques, and ultimately extracting and cracking the NTLM hash. Dustin, Nic, and Wendy discuss checking group policies, auditing every object, ensuring relevant systems, and managing IT assets effectively. They emphasize the importance of IT asset management and recommend quarantining legacy systems with restricted access. In This Episode You Will Learn: Why security professionals need business skills for effective communication Advice for auditing legacy systems with vulnerable protocols Extracting DPAPI keys and decrypting browser session history Some Questions We Ask: How do you manage risk for legacy systems deemed necessary for business? Can you discuss some of the outdated protocols in current IT environments? What guidance would you offer to IT professionals looking to audit their systems? Resources: View Dustin Heywood on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Leading Threat Intelligence at InQuest, Darren Spruell joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Darren explains InQuest's focus on Deep File Inspection® technology to identify malicious traits in files and talks about their role in serving public and private sector companies. Darren shares his cybersecurity journey, passion for combating malware and criminal activities, and his presentation at BlueHat. Wendy, Nic, and Darren highlight the evolution of threat information sharing over the years and the value of intelligence advantage over adversaries. The conversation delves into the significance of threat indicators such as IP addresses, file hashes, domain names, and much more! In This Episode You Will Learn: The challenges of exchanging threat intelligence and person-to-person sharing Balancing technical expertise and leadership responsibilities The importance of evolving manual threat intelligence sharing practices Some Questions We Ask: How can practitioners enhance the effectiveness of threat intelligence? What types of security roles are sharing IOCs back and forth? Why is community engagement in the cybersecurity industry so necessary? Resources: View Darren Spruell on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Senior Data Scientist Emily Yale and Senior Threat Hunt Analyst at Microsoft Chris Bukavich join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Chris focuses on incident response, investigation, and detection of major incidents, while Emily works on developing and improving detections for Microsoft's internal security. Emily and Chris were co-presenters at this year's BlueHat conference. They discussed unmasking Azure-based adversaries with an emphasis on monitoring service principles, how their respective expertise in data science and cybersecurity contributed to the session, and the challenges of monitoring service principles in Azure. This concept has evolved from traditional service accounts. In This Episode You Will Learn: The importance of monitoring spikes in activity Criteria for identifying malicious behavior targeting service principles Historical context of service principles and their increasing relevance Some Questions We Ask: How can you proactively monitor and detect anomalies related to service principles? What challenges arise when profiling service principles based on past behavior? When can service principles be tied to user authentication? Resources: View Emily Yale on LinkedIn View Chris Bukavich on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

In this week's special episode, we bring you the BlueHat Oct 23, day 1 keynote delivered by John Lambert, Microsoft Corporate Vice President and Security Fellow. In his BlueHat Oct day 1 keynote, John discusses the importance of incidents in the security field, strategies for finding security incidents, and the importance of looking beyond traditional defense measures to discover attackers and traces outside of one's network. John introduces the idea of "hunting until closure," which involves systematically investigating various attacker actions to learn more about their activities. He also mentions the concept of "time travel breach detection," which uses historical logs to trace and identify previous attacker actions. In This Episode You Will Learn: The importance of security incidents in shaping the cybersecurity field Why logs and telemetry data in cybersecurity are essential when tracking attacker actions How valuable mutual respect is in the security community Some Questions We Ask: How do escalating conflicts within teams affect productivity? What role did trust and collaboration play in responding to the SolarWinds incident? Why must the security community work together to protect customers? Resources: View John Lambert on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Security Unlocked Security Unlocked: CISO Series with Bret Arsenault Secure the Job: Breaking into Security Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Threat Intelligence Analyst Jessica Payne joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Nic, Wendy, and Jessica discuss Jessica's background in cybersecurity, her journey to Microsoft, her passion for making security more accessible, and the importance of diversity in the field. Jessica also emphasizes the need to focus on actionable threat intelligence and how ransomware has changed the security landscape while also providing insights into the process of submitting a presentation for The BlueHat Conference. In This Episode You Will Learn: Jessica's contributions to the Threat Intelligence Village Sessions and keynotes scheduled for the bluehat conference The importance of diversity and inclusion in the conference's selection process Some Questions We Ask: What makes BlueHat unique compared to other conferences? Why does BlueHat avoid marketing and encourage a research-focused atmosphere? What interactive activities does BlueHat have planned for the Threat Intelligence Village? Resources: View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Dan Tentler, Executive Founder and CTO of Phobos Group, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Dan has a wealth of defensive and adversarial knowledge and a strong background in systems, networking, architecture, and wireless networks. Dan discusses his time at BlueHat 2023, why you should put everything behind a VPN, and how a typo and Jeff Goldblum's movie Hideaway helped create his current online handle. In This Episode You Will Learn: Why it's important to hold onto old techniques and knowledge The premise and thoughts behind Dan's 2023 BlueHat presentation How people can still protect themselves with old security tools Some Questions We Ask: How did your security career start and grow into speaking at BlueHat 2023? What tools and techniques were available in the beginning of your career? What were some big takeaways from your presentation at BlueHat? Resources: View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.com Follow us on Twitter: @MSFTBlueHat Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Cameron Vincent, a security researcher at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Cameron has been one of the top researchers for both Microsoft and Google programs numerous times. He now works on the V&M team within the MSRC side, dealing with security issues internally. Cameron discusses with Nic and Wendy the importance of understanding your role and responsibilities in the workplace, the first bug he ever submitted, and his time presenting at BlueHat 2023. In This Episode You Will Learn: The benefits of face-to-face communication and how to balance it with technology. Why you should build a supportive culture of communication How to get involved in the world of bug bounty hunting Some Questions We Ask: How do you manage and deal with stress and burnout from your work? What are some practical ways to provide feedback to team members? How can we improve communication in a remote work environment? Resources: Follow Cameron Vincent on Twitter Watch Cameron speak at BlueHat 2023 View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.comFollow us on Twitter: @MSFTBlueHat Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

James Forshaw, a security researcher at Google's Project Zero, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. James has been involved with computer hardware and software security for over ten years and has been listed as the number one researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. James is also the author of the book "Attacking Network Protocols" which is available from NoStarch Press. James discusses going after logic-based bugs, his time at BlueHat 2023, and how creativity and intuition help him while hunting for new bugs. In This Episode You Will Learn: Values and benefits of writing your own tooling Why James decided on a high-level, call-to-action presentation for BlueHat 2023 The inspiration behind his new book “Attacking Network Protocols” Some Questions We Ask: Is there a sequence of events you follow when hunting for a logic vulnerability? When should someone consider writing their own tools? What advantages come to mind when writing your tooling for a new project? Resources: Watch James Forshaw at BlueHat 2023 View James Forshaw on LinkedIn View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.comFollow us on Twitter: @MSFTBlueHatDiscover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Get ready for The BlueHat Podcast - A new security research-focused podcast from Microsoft featuring conversations with security researchers and industry leaders, both inside and outside of Microsoft. Hosted on Acast. See acast.com/privacy for more information.

Alexis Dorais-Joncas started his career in cybersecurity in 2010, when he was hired by ESET as a malware researcher. In 2015, Alexis was appointed head of ESET's R&D branch office located in Montreal, where he and his team focus on cutting edge malware research, network security and targeted attack tracking. Their goal is to shed light on the latest trends and developments in the malware ecosystem and implement efficient and innovative countermeasures to allow ESET customers to be safe online. Alexis is an established speaker on current cyberthreats, having spoken in front of both very technically literate audiences at events such as Bluehat and M3AAWG, and in higher level settings such as RightsCon, SERENE-RISC workshops and GoSec. He has been quoted in several security and technical media such as Wired, ITWorldCanada, DarkReading and Ars Technica, with broadcast appearances on Radio-Canada and Sky News in the UK. In this podcast with Jane Lo, Singapore Correspondent, Alexis takes the audience behind the scenes of real cybercrime investigations ESET has been involved in. By going over success stories such as the Andromeda and Operation Windigo busts that brought down multi-million dollar criminal networks, Alexis helps shed some light on how private security companies partnerships with law enforcement agencies work. With an excess of 350,000 new malware files observed each day, Alexis explains that one of the first steps is turning these into unique and actionable insights, using a combination of automated unpacking and decryption tools and in-depth analysis. In sharing such threat information with law enforcement agencies, he highlights the integral role of trust, including the importance of following protocols where customers' data are involved, and exercising caution to avoid “tipping off”. While waiting for the “right moment to strike”, Alexis points to another important role that the private sector plays. To help the law enforcement arrest the cyber criminals and build the case for indictment and prosecution, Alexis shares how his team provides comprehensive training to the law enforcement agencies. Alexis also discusses how the work behind Andromeda and Operation Windigo busts took up to 4 years, and how identification of victims through “sinkholing” forms part of the take down efforts. As these two cases illustrate, with the right private-public partnerships and collaborations, Alexis stresses while cybercrime may be borderless, cyber criminals are not immune from prosecution. Recorded: 18th June 2021, 7am Singapore/  [-1 day] 7pm Montreal  

Twitter: mpgn: https://twitter.com/mpgn_x64 gentilkiwi: https://twitter.com/gentilkiwi Github project: Mimikatz: https://github.com/gentilkiwi/mimikatz Kekeo: https://github.com/gentilkiwi/kekeo

What you'll learn: Security professionals and mental health Accepting that there are inherent limitations in security If you burn yourself out you are doing more harm to the business than you think Simulate how you would handle a security breach Meet: Ian Amit is the CSO at Cimpress. Ian is an executive manager in the security and software industry with vast experience in multiple fields - from enterprise security, through retail, to end-user software and large back-end systems. Highly experienced in leading marketing opportunities, and translating technical innovation into marketable concepts that increase sales and exposure. He is an Information Security expert with vast experience ranging from low-level technical expertise and up to corporate security policy, regulatory compliance, and strategy. Ian keynote speaker, with vast experience in public speaking and private customer-focused seminars (Conferences featuring BlackHat, DEFCON, RSA, BSides, BlueHat, ZonCon, Source, and many more). He is also a founding member of the PTES (Penetration Testing Execution Standard), IL-CERT, and the Tel-Aviv DEFCON group (DC9723). If you have any questions for Ian, please feel free to reach out via: https://www.linkedin.com/in/iamit/ https://www.iamit.org/ I hope you enjoyed the episode, the best place to connect with me is on Linkedin - https://www.linkedin.com/in/amirbormand (Amir Bormand). Please send me a message if you would like me to cover certain topics with future guests.

What you'll learn: Setting up an internal MSSP (managed security service provider) Establishing a baseline of security (using the NIST Cybersecurity Framework) Using the M&A process to get a headstart on security Meet: Ian Amit is the CSO at Cimpress. Ian is an executive manager in the security and software industry with vast experience in multiple fields - from enterprise security, through retail, to end-user software and large back-end systems. Highly experienced in leading marketing opportunities, and translating technical innovation into marketable concepts that increase sales and exposure. He is an Information Security expert with vast experience ranging from low-level technical expertise and up to corporate security policy, regulatory compliance, and strategy. Ian keynote speaker, with vast experience in public speaking and private customer-focused seminars (Conferences featuring BlackHat, DEFCON, RSA, BSides, BlueHat, ZonCon, Source, and many more). He is also a founding member of the PTES (Penetration Testing Execution Standard), IL-CERT, and the Tel-Aviv DEFCON group (DC9723). If you have any questions for Ian, please feel free to reach out via: https://www.linkedin.com/in/iamit/ https://www.iamit.org/ I hope you enjoyed the episode, the best place to connect with me is on Linkedin - https://www.linkedin.com/in/amirbormand (Amir Bormand). Please send me a message if you would like me to cover certain topics with future guests.

Dirk-jan Mollema, hacker, teamer and researcher at Fox-IT, talks about red teaming, his ROADtools exploration framework for Azure AD, the privexchange bug he discovered last year, Microsoft BlueHat and his work with Microsoft's Security and Response Center, and his view on Microsoft Defender ATP.

Learn all about fuzzing and application security with repeat guest Dr. Jared DeMott, CEO and founder of VDA labs. The last time he appeared (October 2018), the focus was on Internet-of-Things (IoT) security, but Jared is also the author of Fuzzing for Software Security Testing and Quality Assurance. In this episode we go deeper into continuous integration and deployment (CI/CD), fuzzing, dynamic analysis security testing and other AppSec tools, as well as practical tips and suggestions for entering the field.– Enter code “cyberwork” to get 30 days of free training with Infosec Skills: https://www.infosecinstitute.com/skills/– View transcripts and additional episodes: https://www.infosecinstitute.com/podcastDr. Jared DeMott is the Founder & CEO of VDA Labs, a full-scope cybersecurity company. DeMott previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB and others. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the U.S. Military Academy. Jared is a Pluralsight author, and is often interviewed by media to weigh in on cyber matters.About InfosecAt Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certifications and skills development training. We also empower all employees with security awareness and training to stay cybersecure at work and home. Founded by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.

Olemme kutsuneet Ylämuistialan Kartanolle vieraaksi Arttu Lehmuskallion, jolla on lähes 20 vuoden kokemus työskentelystä operaattoriverkkojen tietoturvallisuuden parissa. Takkatulen ääressä keskustellaankin erityisesti verkkojen tietoturvallisuuden kehittymisestä Suomessa. Tällä hetkellä Arttu työskentelee Traficomin Kyberturvallisuuskeskuksen Tilannekeskuksen yksikön päällikkönä. Tämän lisäksi herrasmieshakkerit käyvät läpi viime viikkojen mielenkiintoisemmat kyberturvallisuuteen liittyvät ajankohtaiset asiat. Äänijulkaisun lähdeluettelo: t2 infosec 2019 https://t2.fi/schedule/2019/ Shadow Kill Hackers https://twitter.com/mikko/status/1188833963369852928 Lightcommands https://arstechnica.com/information-technology/2019/11/researchers-hack-siri-alexa-and-google-home-by-shining-lasers-at-them/ The Pentagon has a laser that can identify people from a distance—by their heartbeat https://www.technologyreview.com/s/613891/the-pentagon-has-a-laser-that-can-identify-people-from-a-distanceby-their-heartbeat/ Cloudflare - project JENGO https://blog.cloudflare.com/the-project-jengo-saga-how-cloudflare-stood-up-to-a-patent-troll-and-won/ Matt Miller - Trends, Challenges, and Strategic Shifts in the Software Vulnerability Mitigation Landscape, Bluehat 2019 IL https://www.youtube.com/watch?v=PjbGojjnBZQ Andrew "bunnie" Huang - Supply Chain Security: "If I were a Nation State...”, Bluehat 2019 IL https://www.youtube.com/watch?v=RqQhWitJ1As Darknet diaries (Jack Rhysider), XBox underground https://darknetdiaries.com/episode/45/ https://darknetdiaries.com/episode/46/ Aktivisti, Peter Sunde, YLE FEM https://areena.yle.fi/1-4590537    

In this podcast, Rahul Kashyap(@RCKashyap) talks about the state of security, technology, and business crossroad on Security and the mindset of a security led technologist. He sheds some light on past, present, and future security risks discussed some common leadership concerns, and how a technologist could circumvent that. This podcast is a must for all technologists and wannabe technologists to grow their organization. Timeline: 0:29 Rahul's journey. 4:40 Rahul's current role. 7:58 How the types of cyberattacks have changed. 12:53 How has IT interaction evolved? 16:50 Problems security industry. 20:12 Market mindset vs. security mindset. 23:10 Ownership of data. 27:02 Cloud, saas, and security. 31:40 Priorities for securing an enterprise. 34:50 How security is secure enough. 37:40 Providing a stable core to the business. 41:11 The state of data science vis a vis security. 44:05 Future of security, data science, and AI. 46:14 Distributed computing and security. 50:30 Tenets of Rahul's success. 53:15 Rahul's favorite read. 54:35 Closing remarks. Rahul's Recommended Read: Mindset: The New Psychology of Success – Carol S. Dweck http://amzn.to/2GvEX2F Podcast Link: https://futureofdata.org/rckashyap-cylance-on-state-of-security-technologist-mindset-futureofdata-podcast/ Rahul's BIO: Rahul Kashyap is the Global Chief Technology Officer at Cylance, where he is responsible for strategy, products, and architecture. Rahul has been instrumental in building several key security technologies viz: Network Intrusion Prevention Systems (NIPS), Host Intrusion Prevention Systems (HIPS), Web Application Firewalls (WAF), Whitelisting, Endpoint/Server Host Monitoring (EDR), and Micro-virtualization. He has been awarded several patents for his innovations. Rahul is an accomplished pen-tester and has in-depth knowledge of OS, networking, and security products. Rahul has written several security research papers, blogs, and articles that are widely quoted and referenced by media around the world. He has built, led, and scaled award-winning teams that innovate and solve complex security challenges in both large and start-up companies. He is frequently featured in several podcasts, webinars, and media briefings. Rahul has been a speaker at several top security conferences like BlackHat, BlueHat, Hack-In-The-Box, RSA, DerbyCon, BSides, ISSA International, OWASP, InfoSec UK, and others. He was named 'Silicon Valley's 40 under 40' by Silicon Valley Business Journal. Rahul mentors entrepreneurs who work with select VC firms and is on the advisory board of tech start-ups. About #Podcast: #FutureOfData podcast is a conversation starter to bring leaders, influencers, and lead practitioners to discuss their journey to create the data-driven future. Wanna Join? If you or any you know wants to join in, Register your interest @ http://play.analyticsweek.com/guest/ Want to sponsor? Email us @ info@analyticsweek.com Keywords: #FutureOfData #DataAnalytics #Leadership #Podcast #BigData #Strategy

There’s a creative process that involves different colored hats. I’ll explain that and how I’m using this to review my metapodcast as I approach episode 100. Mentioned in this episode: Six Thinking Hats from the de Bono Group

Event Industry News were on hand at Confex to help record the Podcast Challenge for the Eventice. The Eventice is an Apprentice style competition run in association with Mash Media and Bluehat, that allows final year event management students the chance to compete to win up to 2 jobs in the events industry. It can be tough for graduates in general to get their first step on the ladder, so this competition allows them the opportunity to win one of the most prestigious graduate jobs available. Former contestants have been lucky enough to have been offered jobs with ExcelLondon, DMG Events, George P Johnson, Blitz, Tarsus PLC, Blue Hat, Informa and Innovations Unlimited in Doha. During this challenge, each team was tasked with producing a podcast discussing: which is more valued by potential employers; an Event Management graduate, or someone with a year’s experience but no degree. Each episode features one contestant producing, another acting as host, and the final member as an interviewee alongside a guest from within the industry.

In this episode, I interview Rahul Kashyap, Chief Security Architect and Head of Security Research at Bromium, a company that focuses on stopping cyber-attacks where users are most vulnerable—the endpoint—through virtualization isolation. One of Silicon Valley’s 40 Under 40, Rahul has built a career around developing cyber defense technologies that focus on exploit prevention. At Bromium, Rahul manages R&D and product security, while simultaneously conducting robust industry outreach, speaking at leading security conferences including BlackHat, BlueHat, Hack-In-The-Box, RSA, DerbyCon, BSides, ISSA International, OWASP, InfoSec UK and others.  Sponsored By: CIO Security Scoreboard – Go to VisualCIO.com to learn more about how to communicate the status of your IT Security program visually and in minutes. Time Stamped Show Notes: 02:00 – Rahul joins to the show 02:41 – Talking about the 40 Under 40 03:30 – The importance of being “unstoppable”—no one believes in you at the front-end—you need to be relentless in your confidence and determination 04:47 – The genesis of being “unstoppable” 06:05 – The importance of taking on big challenges versus small challenges—Rahul’s Gandhi example 06:43 – We are a function of the problems we choose 07:25 – Even when you don’t hit the target when you take on a “big challenge” when you fall, you’ll fall somewhere along the path and that’s a great place to be 07:55 – The problems Bromium tackles 08:34 – Attackers have found a soft-spot—the end users—and all it takes is one bad click 09:12 – Attackers have nothing to lose, and end-users will continue to make mistakes 09:44 – No one can build the perfect security engine—it’s impossible 10:15 – The key is not worrying about users making mistakes, or attackers attacking—the key is isolating the attack at the end-point and confining it there 13:25 – Bromium focuses primarily on desktops, laptops, and tablets 14:00 – Micro-virtualization is at the executable side 14:46 – Rahul defines Bromium Labs 16:09 – Defensive security versus offensive security 16:52 – Every security company should invest in offensive security because it most accurately resembles how hackers think 18:23 – Offensive security gives you the Why 18:44 – Defensive security gives you the How 20:04 – Anti-Virus is approximately 5% effective 20:30 – It has lost its efficacy because the technology—in principle—hasn’t evolved 22:45 – Bromium Labs’ first focus is to keep your network from getting infected in the first place 25:35 – Does Bromium need to be run in isolation or can it bundled into the software stack at the end-point? 26:49 – The security architecture behind managing disparate end-points 28:02 – Bromium’s pre-deployment analysis tool is under development but will launch soon 28:28 – Bromium’s partnership with Microsoft for Windows 10 30:33 – The frequency of patching has become SUCH a burden for small business, which is why Bromium developed a unique position towards patching 32:15 – Patching is often human error related 33:48 – It’s a new way of doing security—isolation versus prevention 34:16 – Sandboxing, Hardware enforced isolation, micro virtualization 35:18 – Most of your browsers already have a sandbox 36:55 – Companies are tired of investing in so many security products…the industry is too fragmented—Bromium is looking to change that 38:08 – It’s vital to understand the architectural limitations of each technology 38:55 – Rahul’s favorite new technology?—Hive which is exploring the intersection between big data and security 40:48 – Rahul shares his thoughts on machine learning and A.I. 42:33 – Rahul has taken up kayaking to manage stress and stay focused…and Call of Duty on X-Box One 4 Key Points: We are a function of the problems we choose—an important concept to live by. The true soft-spot in today’s cyber-security market is the end-user—end-users always have, and always will make mistakes that result in compromised systems and networks. It is impossible to engineer a perfect security system—the threats change to rapidly—instead of trying to focus on prevention, let’s focus on technologies that accept attacks as the inevitability they are…technologies that let an attack happen, but isolate it immediately at the end-point. The cyber-security business (like most businesses) can be extremely taxing—find an outlet for healthy stress management. Key Resources: Rahul Kashyap – Today’s guest—Chief Security Architect and Head of Security Research at Bromium Sandboxing – Default security mechanism that operates through isolation of threats, now available on most browsers Bromium Labs – Dedicated to advancing the “state of the art” of information security by performing advanced research into current and future security threats. The Hive – An incubator that uses deep learning (a new discipline in AI) and neural network models to automate the learning of data representations and features. Micro Virtualization – A proprietary technology that abstracts applications and sub-processes from hardware and runs them in isolated environments. Credits: Show Notes provided by Mallard Creatives

In this episode... James and I host legitimate Polynesian royalty (a princess....) really! Katie gives us the skinny on Microsoft's 10 year progression to get to a bug bounty program We discuss the merits of bug bounties and execution in a very large enterprise Katie gives us as many details as she can about the recent $100,000 payout Much... much ... more! Guest Katie Moussouris ( @k8em0 ) - Katie runs the Security Community Outreach and Strategy team for Microsoft as part of the Microsoft Security Response Center (MSRC) team to help drive crucial elements of our security community strategy effort. She is a Senior Security Strategist Lead, and let's not sell her short - she is royalty!She created and drove the first ever Microsoft security bounty programs (www.microsoft.com/bountyprograms). Which received 18 vulnerabilities and a new attack technique that will help Microsoft build stronger defenses that will protect the entire platform from this new class of attack.She serves as lead subject matter expert in the US National Body for the ISO work item 29147 "Vulnerability Disclosure", scheduled for publication in 2013, and does countless other efforts associated with the ISO standards body and various other industry groups. 

Martin talks with FIRST Program Chair, Andrew Cushman, Director of Security Response and Outreach at Microsoft's Trustworthy Computing. Andrew is a driving force behind the company's security researcher outreach strategy and execution efforts, formulating the Responsible Disclosure Initiative and initiating the BlueHat security conference franchise. Andrew will be in Miami all week and moderating the panel, "Implications of the Cloud" on Thursday, June 17 @11:00.

1 hora e 25 minutos Eventos ClubHack2009 KIWICON European Conference on Computer Network Defense If you missed out on BlueHat v8 abstracts, bios and podcast videos, they can be found on the BlueHat TechNet site Defcon 17 Signed "I hack charities" T-Shirts Medium Noticias iPhone 3GS Hardware Encryption Easy to Circumvent Apple: Jailbreaking the iPhone Could Knock Out Transmission Towers BlackBerry update bursting with spyware Queensland Police plans wardriving mission Homem culpa gato de pornografia infantil Feds at DefCon Alarmed After RFIDs Scanned Comentários da Blackhat & Defcon

1 hora e 10 minutos Eventos HackIT 08 PAM 2009 CFP da h2hc T2´08 Challenge is on! http://www.t2.fi/ If you missed out on BlueHat v7 check out all abstracts, bio and podcast videos here BlueHat Blog is here http://blogs.technet.com/bluehat/ Notícias Tick Tack DVD multiIso security live CD Distack - A Framework for Distributed Anomaly-based Attack Detection Linha Defensiva lança BankerFix 3.0 New MySpace and Facebook Worm Target Social Networks Russian hackers hit Warwick Telephone http://blogs.zdnet.com/security/?p=1835 Letter lottery defines spam load Twitter Targeted by Malware Distributors Google finds no privacy on private roads Quadrilhas vendem acesso a dados sigilosos de brasileiros Boston Court's Meddling With 'Full Disclosure' Is Unwelcome Did corporate lawyers put kibosh on 'Mythbusters' RFID episode?

You’ve heard about Trustworthy Computing and you’ve seen some security improvements from Microsoft. You may have wondered-"is this change real or is it just lip service?" You may also have asked yourself "self, why did they do that?" This presentation will give you an historical and current view of the changes Microsoft has made and our policies and procedures that deliver more secure products and improved security response. This promises to be a lively and entertaining talk illustrated with actual examples of these policies and procedures from Windows Vista and recent security updates. Andrew Cushman, Director, Security Engineering, Response and Outreach - is responsible for Microsoft's outreach to the security community and has overall responsibility for the BlueHat conference. Andrew is a member of Microsoft's Security Engineering leadership team whose current top priority is the security of Windows Vista. Cushman was the Group Manager for the IIS team and was instrumental in shipping IIS versions 4, 5, and 6.0. Way back in the day he started his 16 year career at Microsoft testing international versions of Publisher, Money, Works and Flight Simulator."

This presentation shows the next (2.) generation of Oracle Rootkits. In the first generation, presented at the Blackhat 2005 in Amsterdam, Oracle Rootkits were implemented by modifying database views to hide users, jobs and sessions. The next generation presented at the BH USA is using more advanced techniques to hide users/implement backdoors. Modifications on the data dictionary objects are no longer necessary so it’s not possible to find the new generation of rootkits by checksumming the data dictionary objects. Alexander Kornbrust is the founder and CEO of Red-Database-Security GmbH, a company specialized in Oracle security. Red-Database-Security is one of the leading companies in Oracle security. He is responsible for Oracle security audits and Oracle anti-hacker trainings and gave various presentations on security conferences like Black Hat, Bluehat, IT Underground. Alexander Kornbrust has worked with Oracle products as an Oracle DBA and Oracle developer since 1992. During the last six years, Alexander has found over 220 security bugs in different Oracle products."

"You’ve heard about Trustworthy Computing and you’ve seen some security improvements from Microsoft. You may have wondered-"is this change real or is it just lip service?" You may also have asked yourself "self, why did they do that?" This presentation will give you an historical and current view of the changes Microsoft has made and our policies and procedures that deliver more secure products and improved security response. This promises to be a lively and entertaining talk illustrated with actual examples of these policies and procedures from Windows Vista and recent security updates. Andrew Cushman, Director, Security Engineering, Response and Outreach - is responsible for Microsoft's outreach to the security community and has overall responsibility for the BlueHat conference. Andrew is a member of Microsoft's Security Engineering leadership team whose current top priority is the security of Windows Vista. Cushman was the Group Manager for the IIS team and was instrumental in shipping IIS versions 4, 5, and 6.0. Way back in the day he started his 16 year career at Microsoft testing international versions of Publisher, Money, Works and Flight Simulator."

"This presentation shows the next (2.) generation of Oracle Rootkits. In the first generation, presented at the Blackhat 2005 in Amsterdam, Oracle Rootkits were implemented by modifying database views to hide users, jobs and sessions. The next generation presented at the BH USA is using more advanced techniques to hide users/implement backdoors. Modifications on the data dictionary objects are no longer necessary so it’s not possible to find the new generation of rootkits by checksumming the data dictionary objects. Alexander Kornbrust is the founder and CEO of Red-Database-Security GmbH, a company specialized in Oracle security. Red-Database-Security is one of the leading companies in Oracle security. He is responsible for Oracle security audits and Oracle anti-hacker trainings and gave various presentations on security conferences like Black Hat, Bluehat, IT Underground. Alexander Kornbrust has worked with Oracle products as an Oracle DBA and Oracle developer since 1992. During the last six years, Alexander has found over 220 security bugs in different Oracle products."