Podcasts about information systems technology

Computer-based technology

  • 26PODCASTS
  • 27EPISODES
  • 37mAVG DURATION
  • ?INFREQUENT EPISODES
  • Mar 12, 2025LATEST
information systems technology

POPULARITY

20172018201920202021202220232024


Best podcasts about information systems technology

Latest podcast episodes about information systems technology

The Future Assistant
AI won't take your job, people using AI will - IT Professor Hoisington

The Future Assistant

Play Episode Listen Later Mar 12, 2025 38:11


165: Travel. AI. Career Growth. This video is packed with insights on how global experiences shape perspectives, how AI is revolutionizing work, and how personal growth can change your life. 100+ Countries & Lessons Learned: Discover why exposing children and professionals to different cultures fosters creativity and adaptability. AI in the Workplace: Learn about AI tools like ChatGPT, Claude, Perplexity, and Microsoft Copilot. Find out how to use AI safely in business and why 90% of employers now look for AI skills. From Assistant to AI Trainer: A true success story—how one career pivot led to global opportunities and writing 45+ textbooks. --- Corinne promises to make you love Microsoft a little more again. You will discover how to produce amazing professional documents, spreadsheets and presentations, and with the use of breath-taking shortcuts, it needn't take you hours! Corinne Hoisington is a full-time Professor of Information Systems Technology at Central Virginia Community College in Lynchburg, VA training our future Executive Assistants, Personal Assistants, and Admins. Corinne also travels over 200,000 miles a year providing keynote motivational topics and training to corporations, small businesses, admin conferences in over 70 worldwide cities this year for such customers as the Microsoft Corporation, Executive Assistant Live London/Johannesburg/Sydney/Wellington, Prague World Economic Forum, Cengage Learning, the international South by Southwest event, APC Conference, Capital One World Admins day, and many others. Professor Hoisington is the recipient of the Microsoft Most Valuable Professional in Business and Computing. Corinne presently has authored over thirty textbooks with Cengage Learning/National Geographic such as the Microsoft Outlook 365, Office 365, Windows 10, Technology Now, and Visual Basic with App Development. Website: https://professorcorinne.com/ App recommendation by Corinne: https://mindtrip.ai/ AI course: https://executivesupportmedia.com/product/unlocking-the-ai-revolution-earn-your-microsoft-ai-certification-badge/ ---

Skills 4 Life
Charla Griffy-Brown, PhD – Senior Associate Dean Executive and Part-Time Programs and Professor of Information Systems Technology Management, Pepperdine University

Skills 4 Life

Play Episode Listen Later Dec 12, 2022 16:17


Dr. Griffy-Brown is the Senior Associate Dean Executive and Part-Time Programs and Professor of Information Systems Technology Management at Pepperdine University. She works in the area of digital innovation helping organizations leverage new opportunities through analytics, risk evaluation, and emerging technology deployment to achieve their strategic objectives.  Dr. Griffy-Brown is also the parent of a NSD student and a board member of the Northshore Schools Foundation.  Dr. Griffy- Brown Pepperdine Business School  Dr. Griffy-Brown LinkedIn Google Certifications  CISSP Certification Host: Kira Dorrian Produced by the Northshore Schools Foundation, a Top-Rated “Great Nonprofits” award-recipient, “Guidestar” Gold Participant, and Best of a “Best of Northshore” nonprofit. Keep this program going. Donate to the Northshore Schools Foundation today! Interested in sponsoring the Skills 4 Life Podcast? Contact us: podcast@nsdfoundation.org Follow us on: Instagram Facebook Skills 4 Life Facebook Twitter Linked In 

Hey Fintech Friends, by This Week in Fintech
Hey Fintech Friends #3 ft Wiza Jalakasi

Hey Fintech Friends, by This Week in Fintech

Play Episode Listen Later Jul 19, 2022 37:03


Available on Spotify, Apple, and anywhere else you listen to podcasts!Timestamps:Intro‘Fin-techionary' of the Week: Cross Border Payments (1:36)News (2:31)Interview with Wiza about his experience and current work at Chipper Cash(4:54)Quick Fire Questions with Wiza and friendly questions (27:46)Signals: ‘Decimal's Matt Tait on Fundraising During a Downturn'(35:51)Transcript:IntroHey FinTech friends. Hey FinTech friends. My name is Helen Femi Williams, and I'm your host of this new podcast. Hey FinTech friends!This podcast is brought to you by This Week in FinTech, which is on the front page of global FinTech news, fostering the largest FinTech community through newsletters, thought leadership, and events. Oh, and now podcasting. And what's quite cool about this community is the creativity, the intelligence, and also understanding that those who work in the field are just regular people who've decided to devote themselves to solving a particular problem. And with that comes a unique mix of finance, technology, and fun, which is exactly what this podcast wants to explore. So expect this content to be informative? Yes. But we're also keen to get to know our founders and ask them questions you didn't know you needed answering. So let's talk about the structure of this podcast. First, we're gonna go through the news. And if you're a subscriber to this week in FinTech newsletter, you're in luck because this is the audio version. Then we're going to chat with this week's friend, which is Wiza Jalakasi, VP of Global Developer Relations at Chipper Cash. And lastly, I'll tell you a bit about the latest signal article. ‘Fintech Founders: Decimal's Matt Tait on Fundraising During a Downturn' written by Dez Flemming.Oh, and one last thing before we start this interview, I should tell you that every episode, we're going to be dropping a ‘fin-techionary. The dictionary definition of a FinTech keyword, which we talked about on the podcast with our guest, and this week, it's:cross-border paymentsAccording to the Bank of England, Cross-border payments are financial transactions where the payer and the recipient are based in separate countries. They cover both wholesale and retail payments, including remittances.Cross-border payments can be made in several different ways. Bank transfers, credit card payments, and alternative payment methods such as e-money wallets and mobile payments are currently the most prevalent ways of transferring funds across borders.So hope you enjoy our friendly chat with this week's friend. But first this week in FinTech….

How'd You Get That Job?
S02E11 Women in STEM Featuring Juanita Dawson

How'd You Get That Job?

Play Episode Listen Later Oct 25, 2021 19:29


What is it like being a woman in STEM? Listen in as Juanita Dawson (MS, Information Systems & Technology, '05) shares her journey of going from the only woman in her math and sciences classes to becoming the director of cybersecurity and compliance at Raytheon Technologies.   In this special episode of Poets at Work, as a supplement to Foothill Poetry Journal's 2021 release, we talk to Diana Khoi Nguyen about ghosts, poetic form, prepositions, and writing through loss. The interview is in print in the 2021 issue of Foothill Poetry Journal, which you can read online at cgu.edu/foothill.   For a transcript of this episode, email cgupodcasts at gmail.com and include the episode title.

work stem poets women in stem information systems technology diana khoi nguyen
Money Loves Women
Removing Your Blind Spots, with Grace Kamau

Money Loves Women

Play Episode Listen Later Oct 6, 2021 45:28


Born in Kenya. Immigrated to the USA. Grace walked into a cyber cafe in Kenya and was checking her email. She saw an ad to apply for a green card in 2003, and went to the studio next door, took a picture then came back to the cyber cafe to apply for a green card and forgot all about it. One year later she received a letter from the Kentucky Consular Center that she had won a green card. She has a degree in Information Systems Technology from United States International University. At 23, she came to the USA and started her life's journey What You Will Learn: How growing up in Kenya is similar to growing up in Britain How the way women think is valuable in cybersecurity engineering How Grace removed her blind spots by fixing herself energetically Why Grace didn't recognize racial discrimination when moving to the US What a Certified Ethical Hacker does Why do hackers target objects other than computers How to secure your home from cyber attacks How to raise children with a broader world view without imposing your own biases How to contact Grace Kamau: LinkedIn: https://www.linkedin.com/in/gkamwati/

The Campfire
ESRI and Data Analytics With Sasa Arsic

The Campfire

Play Episode Listen Later Jun 30, 2021 35:25


From Fulbright Scholar to software engineer, CGU alum Sasa Arsic sits down with Jeremy to talk about his pathway through an MS in Information Systems & Technology to working at one of the world's leading companies in the Geographic Information Systems technology space.  For a transcript of this episode, email cgupodcasts at gmail.com and include the episode title.

Association Chat Podcast
Association Tech Acquisitions: Fonteva and the Future for the Association AMS

Association Chat Podcast

Play Episode Listen Later Feb 23, 2021 29:04


Find out what the acquisition of Fonteva means for the association industry! For this interview, I talk with three guests playing a big role in the recent acquisition of Fonteva, an enterprise AMS focused on the association industry. Neal Platt --- Neil has served as CEO of Togetherwork since its founding in 2016. He has more than 20 years’ experience as a software and payments entrepreneur and executive, nurturing and growing successful fintech companies. He spent 11 years building CashEdge from start-up through its sale to Fiserv for $465 million, where he subsequently served as SVP, Payments. He later served as Chief Revenue Officer of Payoneer, a leading global payments company, where he oversaw all sales and marketing activity, and has been an advisor and board member of several payments start-ups. Earlier in his career, Neil earned his AB from Princeton University, his MBA from Columbia University and worked as a management consultant at McKinsey & Company. ---- Jake Fabbri With over two decades of experience in association technology management, Jake has designed and expertly executed dozens of strategies that have consistently resulted in solid revenue growth for his teams and earned high satisfaction ratings among his customers. His expertise in marketing to a wide range of business clients, his deep understanding of the technology behind SaaS Software Solutions, and his quick grasp of Fonteva’s unique position in the market helped him make a seamless transition into his role as CMO. Prior positions include Senior Marketing Manager at ASI and Director of Marketing at BroadPoint Technologies. Jake received a BA in Business and Marketing at The Catholic University of America and an MS in Information Systems Technology from The George Washington University. ---- Pat McGlynn As Fonteva’s President, Pat McGlynn is responsible for the overall strategy and business operations in the U.S. and Europe. Previously, as Fonteva's Chief Revenue Officer, he successfully expanded Fonteva’s presence in the association and events markets on both continents. Pat has spent the past 12 years in the technology sector, helping mission-driven organizations in healthcare, higher education and non-profit industries with various aspects of digital transformation. Working with customers and partners, Pat acts as a consultant, collaborating with them to overcome challenges and achieve their business objectives. Earlier in his career, he worked in various leadership roles for the Corporate Executive Board, the world's largest membership-based organization for research and advisory services to corporations. Pat enjoys working with students as an Adjunct Professor at The Catholic University of America and spending time with his wife, Elizabeth, and four sons. He received his B.S. in Marketing from Clemson University and is an avid Clemson Tigers football fan. "Association Tech Acquisitions: Fonteva and the Future for the Association AMS"

RadicalxChange Replayed
Democracy in the Age of Cryptography | Santiago Siri Interviewed by Steven McKie

RadicalxChange Replayed

Play Episode Listen Later Feb 2, 2021 47:33


Look at any review of the past decade, and you will find Bitcoin standing strong as the one experiment that defined information technology for the past ten years. Such is its global relevance that 2019 marked the first time both the President of the United States of America and the President of the People's Republic of China referred to blockchains directly in their words. While Mr. Trump praised the US Dollar might serve as the leading global reserve currency, President Xi arguably contributed to hit the market hard when one of his speeches about blockchain technology inadvertently prompted BTC to go from a monthly low to a monthly high in less than one hour. Searches for the word "blockchain" on WeChat went from a 750,000 daily average up to 9 million, impacting bitcoin's price on a 42% upward rally. The day Xi spoke was precisely 24 hours after Mark Zuckerberg testified to the US Congress on his corporate cryptocurrency's merits, Libra. The growing geopolitical relevance of these networks is hard to deny. This talk will cover how cryptographic protocols will impact democracy in the coming decade. SPEAKERSSantiago Siri is the founder of Democracy Earth Foundation, a non-profit organization backed by Y Combinator and Templeton Foundation, building open source censorship-resistant digital democracies. Also, co-founder of Partido de la Red, a political party that ran for elections with candidates committed to people's wants in 2013. Partner of Bitex.la, leading bitcoin exchange in South America operating from Buenos Aires since 2014. Author of "Hacktivismo," published in 2015 by Random House. Argentine. Steven McKie is a crypto veteran of 8 years, now Managing Partner of Amentum Capital. Previously Head of Growth and Product Content at Purse, he expanded Purse's operations with value-added partnerships in multiple regions globally and assisted in building out the bcoin developer team and support team. McKie also hosts and edits BlockChannel, a podcast and educational publication focused on Bitcoin and Ethereum and recently assisted with launching the Handshake public blockchain. He received his BSBA in Information Systems & Technology at Old Dominion University in '14.

Checkbox Outreach
Episode 22: A conversation about black women in business

Checkbox Outreach

Play Episode Listen Later Sep 2, 2020 46:31


Kristina Francis has nearly 20 years of experience driving strategic direction for a variety of clients with a concentration on implementing transformational business and information solutions. She is known for her ability to quickly dissect problems, assemble strong teams, effectively communicate progress, and deliver quality solutions. As President/CEO of EsteemLogic, Kristina partners with clients to address and solve their most complex challenges.As a former Director for Systems Development and Cyber Solutions for a management consulting firm, Kristina managed a $40M+ portfolio and was responsible for capturing, staffing and executing business opportunities. Kristina is a Certified Knowledge Manager, AIIM Enterprise Content Management Specialist, and a 2007 recipient of the Black Engineer of the Year/Modern Day Technology Leader award.She obtained a BA in Psychology from Georgetown University and a MS in Information Systems Technology from George Washington University.Kristina, Alyia and Katie discuss being a black woman in business, access to capital and funding, and wealth as it relates to finances, health, and overall well-being.For more Checkbox Outreach, follow us on Twitter @disruptoutreach and subscribe to our newsletter on our website, www.checkboxoutreach.com.Guest: Kristina FrancisHosted By: Alyia Gaskins and Katie Leonard

The DNP Project Podcast
What are DNP “Clinical” Hours?

The DNP Project Podcast

Play Episode Listen Later Jun 16, 2020 28:10


Today we are talking all about the DNP “Clinical” Hours.Welcome to the DNP Project Podcast where we share tips, inspiration, and more! Exactly what are the DNP “Clinical” Hours? Are they like regular see patients kind of hours? Are they spent shadowing? Is it the time you spend doing your DNP Project? -- We need some clarity!In previous episodes we have talked about the fact that the DNP is a degree, it is not a role. However, this degree is based on the American Association of Colleges of Nursing (AACN) DNP Essentials. At the time of this writing, the DNP Essentials are being revised. We anticipated release in early 2020, but also as of this writing we predict the COVID-19 Pandemic will impact or at best delay their publication (just my speculation). But these essential skills are the things we think that all practice-focused, doctorally prepared nurses should be able to do, regardless of their role. So that idea requires at least 1,000 hours to ensure competency. Work hours do not count. The hours have to be part of a supervised academic program, otherwise we can't be sure that what you are doing relates to the larger goal.The three main, larger goals:Hours spent to teaching you a new, “advanced-practice” nursing roleLACE ModelLots of confusion on the term “advanced-practice”Most traditional idea, time spent learning patient-care / leadership rolesHours spent ensuring that you achieve competency of the DNP EssentialsI. Scientific Underpinnings for Practice II. Organizational and Systems Leadership for Quality Improvement and Systems Thinking III.  Clinical Scholarship and Analytical Methods for Evidence-Based Practice IV.  Information Systems/Technology and Patient Care Technology for the Improvement and Transformation of Health Care V. Health Care Policy for Advocacy in Health Care VI.  Interprofessional Collaboration for Improving Patient and Population Health OutcomesVII.  Clinical Prevention and Population Health for Improving the Nation's HealthVIII. Advanced Nursing PracticeHours spent completing the work of the DNP ProjectMUST go with the recommendations of your DNP ProgramDepending on the structure of your program depends on what countsDo I get time for my “looking stuff up and writing” ?Implementation activitiesDissemination activitiesOther discussion questions:What does the preceptor look like?What kind of setting does the DNP “Clinical” or DNP “Experience” occur in?What does documentation look like? Mapping?To read more, look at the content of the AACN White Paper, the DNP Essentials, and our workbook, the DNP Project Workbook: A Step by Step Process for Success from Springer Publishing https://www.springerpub.com/the-dnp-project-workbook-9780826174321.html*** Always follow the guidelines from YOUR DNP Program

DAM Good Vegan Podcast
005: Andy Nevers, Plantarion Founder with Danni and Thomas + Entrepreneur Chat #SeasonFinale

DAM Good Vegan Podcast

Play Episode Listen Later Mar 9, 2020 54:31


This week on Plantarion Podcast, Danni McGhee & Thomas Goodman sit down with Andy Nevers, CEO & Founder of Plantarion for our Season 1 finale!SUBSCRIBE TO PLANTARION PODCAST ON YOUR FAVORITE PODCAST PLAYER!Interview with Andy NeversThis week on the Plantarion Podcast, Danni & Thomas sits down with Andy Nevers! Andy Nevers is the Founder and CEO of Plantarion – a DC-based technology startup designed to connect plant-based consumers (vegan, vegetarian and other veggie curious individuals) with plant-based service providers (chefs, lifestyle coaches, nutritionists and more).Andy holds a bachelor's degree in Finance from George Mason University, and is currently pursuing an MBA/Master of Science in Information Systems Technology at George Washington University.  Andy has over 15 years of leadership experience obtained from his time serving as an active duty Marine, as well as a civil servant leader.  He is a proud father to a thirteen-year-old daughter.  He is a vegan and someone who cares deeply about animal welfare and the environment.  He enjoys spending time with family and friends, attending local events, traveling, watching movies, and listening to music of all genre.  Andy is a technology entrepreneur, and he is also extremely passionate about people, science, startups, and financial literacy.(0:08) Welcome(0:27) Andy's Introduction(0:42) Andy, what is Plantarion?(4:06) What is DAM Good Vegan?(5:36) Danni, what inspired you to start DAM Good Vegan?(9:24) Danni, don't you have a book?(12:22) What inspires Andy to stay vegan(17:25) Game Changers & Andy's experience while being an active duty marine(19:20) Thomas, what's Plant Dining Partnership?(21:50) Animal rights & legislation(23:40) Plant-Based options at popular corporate restaurants(26:03) Thomas' background with animal rights(28:22) How Plantarion helps those transitioning(31:33) Slaughterhouse worker conditions(33:06) Andy, why do you work so hard to build Plantarion?(36:22) Why would you work with a coach or need support?(37:42) What's next for Plantarion?(40:13) What's next for DAM Good Vegan?(42:36) Food access & nutrition education in low income communities(43:52) Fighting preventable diseases with plant-based diets(45:30) Plant-based education and awareness(46:22) What's coming up for Plant Dining Partnerships?(47:33) Season Two!(48:03) Follow us on social media(48:55) Join the Plantarion community(51:50) Season One recapMentions:Plantarion AppDAM Good VeganPlant Dining PartnershipsGame Changers Follow Plantarion on Instagram, Facebook, Twitter, & Youtube!SHARE YOUR THOUGHTS ABOUT THIS EPISODE ON OUR LATEST INSTAGRAM POST!CLICK HERE TO SUBSCRIBE TO PLANTARION ON YOUTUBE

The Top Entrepreneurs in Money, Marketing, Business and Life
1568 Why This Medical Tech CEO Is Considering 50% Sale of His Company for $3m

The Top Entrepreneurs in Money, Marketing, Business and Life

Play Episode Listen Later Nov 9, 2019 13:09


Andre D. Etherly is the Founder of eMedicalFusion, LLC. He holds a Masters of Science, Information Systems Technology, from George Washington University. Seeing the unmet needs of Direct-pay medical practices, he founded eMedicalFusion to design and build solutions that enable Direct-pay practices to succeed and excel both clinically and financially.

Dan Martineau Reading List

"I Know, Right?!" by AccordingToDanny

Play Episode Listen Later Sep 18, 2018


President of Martineau Recruiting Technology since it’s inception in 2000, Dan Martineau brings an extensive IT and Executive Recruiting background to his client companies and client candidates. Joining Dunhill Professional Search of Winston Salem in 1983 after attending the University of North Carolina at Greensboro, Dan began his recruiting career in IT. During his 17 years with Dunhill, Dan distinguished himself as one of Dunhill’s best. He was recognized as the #1 Recruiter in the nation for Dunhill, and the winner of the “Millie Michaels Award” from 1995 through 1999, while also being inducted in the Million-Dollar Club. In May of 2000 Dan and his brother and business partner, Bill Martineau, leveraged their 40+ combined years of recruiting and placement experience by starting their own firm, Martineau Recruiting Technology, Inc. where they specialize solely in the Information Technology industry. Since that time Dan has been a member of The Pinnacle Society, the premier consortium of the country’s top producing recruiters, even serving on its Board of Directors. Conducting numerous training seminars for Dunhill Professional Search, NC Association of Personnel Consultants, American Staffing Association (ASA), National Association of Personnel Services (NAPS) among others in the fields of Information Systems/Technology, Recruiting and Marketing Methodologies, Dan continues to make his mark on throughout the Placement Industry. Click Below for Dan’s bio.   Dan’s Book List Road to Character – David Brooks The Soul of America: The Battle for our Better Angels – Jon Meacham Pope Francis – A Man of His Word (can’t wait to see)

Venturi's Voice: Technology | Leadership | Staffing | Career | Innovation
Node University: Taking the non-academic route when learning to code - Azat Mardan

Venturi's Voice: Technology | Leadership | Staffing | Career | Innovation

Play Episode Listen Later Jul 2, 2018 39:59


Azat Mardan is Head of front-end development at Indeed.com and Co-Founder at Node University. Azat knows coding has the power to change lives. That’s why he founded Node University. As an advocate of teaching coding skills, Azat is an expert in instructing through a variety of mediums. Teaching people online, in person, and via books has made him a skilled communicator. He infuses his infectious enthusiasm for programming into everything he teaches. Azat Mardan has taught over 1,000 software engineers in-person and even more online through ebooks and video. He has published 14 books and dozens of online courses and has more than 15 years of experience in web, mobile and software development. Azat has a Bachelor’s Degree in Informatics and a Master of Science in Information Systems Technology degree. Show Notes: 0.59 Azat’s work at Node university. 6.05 The diminishing return of education. 8.20 Corporations, education and hack reactor. 13.56 The institutionalised dream of a one company man. 14.33 creating transparency in business. 15.29 Using software to oust bureaucracy. 18.14 Educating people using video, text and in person. 22.12 Adapting attitudes and behaviors to learning. 25.05 The rise of remote working and its effect on legacy companies. 26.14 Growth hacking? 29.57 Writing and creating content. 32.44 Creating content as a way to keep on learning. 35.17 Staying ahead of your peers. 37.54 Seeking feedback for your work.

All JavaScript Podcasts by Devchat.tv
MJS 050: Azat Mardan

All JavaScript Podcasts by Devchat.tv

Play Episode Listen Later Feb 28, 2018 35:01


Panel: Charles Max Wood Guest: Azat Mardan This week on My JavaScript Story, Charles speaks with Azat Mardan. Azat is the author of 14 books on Node JS, JavaScript, and React JS. He also founded Node University, speaks at conferences, and works at Capitol One. Azat first got into programming when he was in college and his major was Informatics in eastern Europe and then when he graduated, he taught himself JavaScript and PHP and did some freelance work. Once he came to the United States, he got his master’s degree in Information Systems Technology and was building websites for country embassies. His main advice to people new to programming and IT is to just focus on one thing and give yourself enough time to get comfortable with that technology, and then move on to a new technology to conquer. In particular, we dive pretty deep on: How did you get into programming? Major in informatics PHP, JavaScript, CSS, and HTML Freelancing Masters in Information Systems Technology C++ class FDIC Advice to new programmers The importance of focus His startup experience Ruby on Rails Mac vs Windows Taught himself different frameworks and languages Location matters MongoDB The best way to learn is to teach others What was it about JavaScript that really clicked for you? JavaScript has expressiveness The Talent Code What led you to React? Which contributions are you most proud of? And much, much more! Links:  Node University The Talent Code Azat’s Blog: WebAppLog.com Picks Charles Gardenscapes Starcraft II The Osiris Method Azat Echo JS

Devchat.tv Master Feed
MJS 050: Azat Mardan

Devchat.tv Master Feed

Play Episode Listen Later Feb 28, 2018 35:01


Panel: Charles Max Wood Guest: Azat Mardan This week on My JavaScript Story, Charles speaks with Azat Mardan. Azat is the author of 14 books on Node JS, JavaScript, and React JS. He also founded Node University, speaks at conferences, and works at Capitol One. Azat first got into programming when he was in college and his major was Informatics in eastern Europe and then when he graduated, he taught himself JavaScript and PHP and did some freelance work. Once he came to the United States, he got his master’s degree in Information Systems Technology and was building websites for country embassies. His main advice to people new to programming and IT is to just focus on one thing and give yourself enough time to get comfortable with that technology, and then move on to a new technology to conquer. In particular, we dive pretty deep on: How did you get into programming? Major in informatics PHP, JavaScript, CSS, and HTML Freelancing Masters in Information Systems Technology C++ class FDIC Advice to new programmers The importance of focus His startup experience Ruby on Rails Mac vs Windows Taught himself different frameworks and languages Location matters MongoDB The best way to learn is to teach others What was it about JavaScript that really clicked for you? JavaScript has expressiveness The Talent Code What led you to React? Which contributions are you most proud of? And much, much more! Links:  Node University The Talent Code Azat’s Blog: WebAppLog.com Picks Charles Gardenscapes Starcraft II The Osiris Method Azat Echo JS

My JavaScript Story
MJS 050: Azat Mardan

My JavaScript Story

Play Episode Listen Later Feb 28, 2018 35:01


Panel: Charles Max Wood Guest: Azat Mardan This week on My JavaScript Story, Charles speaks with Azat Mardan. Azat is the author of 14 books on Node JS, JavaScript, and React JS. He also founded Node University, speaks at conferences, and works at Capitol One. Azat first got into programming when he was in college and his major was Informatics in eastern Europe and then when he graduated, he taught himself JavaScript and PHP and did some freelance work. Once he came to the United States, he got his master’s degree in Information Systems Technology and was building websites for country embassies. His main advice to people new to programming and IT is to just focus on one thing and give yourself enough time to get comfortable with that technology, and then move on to a new technology to conquer. In particular, we dive pretty deep on: How did you get into programming? Major in informatics PHP, JavaScript, CSS, and HTML Freelancing Masters in Information Systems Technology C++ class FDIC Advice to new programmers The importance of focus His startup experience Ruby on Rails Mac vs Windows Taught himself different frameworks and languages Location matters MongoDB The best way to learn is to teach others What was it about JavaScript that really clicked for you? JavaScript has expressiveness The Talent Code What led you to React? Which contributions are you most proud of? And much, much more! Links:  Node University The Talent Code Azat’s Blog: WebAppLog.com Picks Charles Gardenscapes Starcraft II The Osiris Method Azat Echo JS

The Valley Today
LFCC: Knowledge to Work (K2W)

The Valley Today

Play Episode Listen Later Jul 14, 2016 26:45


We had a full house in the studio today with representatives & graduates from Lord Fairfax Community College. Liv Heggoy, Director of Development for LFCC Educational Foundation, Dr. John Milan, Executive Director for the Knowledge to Work program along with two of his recent graduates, Bettina (Tina) Fritz of Bealeton, VA an employee of LFCC; and Tina Presley of Front Royal, VA, an employee of the Town of Front Royal. We talked about the benefits and ease of completing the program as well as their experiences while participating. We also discussed their newest web portal Higher Ed that allows you to take courses and competencies at your own pace, many of which are of no cost. In a nutshell, the new program is ideal for: someone who has a knack for computer networks or IT skills (maybe self-taught or with skills learned from military service; someone who has decades of valuable experience as an office manager, maybe in a doctor's office; people with a lot of work experience but no college credential. With Knowledge to Work, LFCC can help evaluate their work experience as well as previous courses they have taken, assess their competencies (in other words, verify what they know). Then, help them customize a learning plan to fill the gaps in their knowledge. Their official press release regarding the new program is below. LFCC Announces First Graduates in Competency-Based Education Programs Lord Fairfax Community College (LFCC) is pleased to announce that four students completed their certificates attained through the new competency-based education (CBE) program at the college, Knowledge to Work (K2W).  The four graduates received certificates in Office Systems Assistant and Information Processing Technician.  These student were able to leverage knowledge from employment and prior coursework to attain these credentials in less time than a traditional program. Graduates include: Bettina Fritz of Bealeton, VA (employee of LFCC); Tina Presley of Front Royal, VA (employee of the Town of Front Royal); Heather Ramseur of Warrenton, VA (employee of Fauquier Health Human Resources); and Nisreen Russell of Warrenton, VA (employee of Fauquier Health). “The achievements of these students is an important milestone for LFCC,” said LFCC President, Dr. Cheryl Thompson-Stacy. “It is exciting to have competency-based education programs in place and to see individuals achieve their goals through the K2W option.” One of the graduates, Bettina “Tina” Fritz, is an LFCC employee in the Office of Academic and Student Affairs at the Fauquier Campus.  “Enrolling in the K2W program was a great choice for someone like me with a job, a life, and a lot of work experience,” said Fritz, a resident of Bealeton, VA.  “Through this program, I was able to develop a personalized learning plan that focused on new learning.  The fact that I only used free and low-cost online resource saved me money on textbooks, too. According to LFCC Professor Virginia Hartman, CBE is an excellent way to help those with work experience in an office environment complete a credential.  “We are fortunate to have K2W in place at LFCC,” said Hartman. “There are so many people who could benefit from this program and use their credentials for pay raises and promotions.” Seven programs are offered this fall, including Associate of Applied Science degrees in Health Information Management and in Information Systems Technology; the Certificate in Office Systems Assistant; and Career Studies Certificates in Hospital Facility Coding, Information Processing Technician, Cyber Security, and Networking Specialist. Key features of the Knowledge to Work program include the use of personalized learning plans tied to competencies using free and low-cost online resources. Special veterans' services are in place to translate military job experience into competencies.  Wrap-around student support services are provided by Career Coaches and an Adult Education Instructor. Knowledge to Work is funded in part by a TAACCCT grant from the U.S. Department of Labor's Employment and Training Administration. For more information, visit the program website at: http://knowledgetowork.com.

SOAR (SCN) Podcast
EP13 - Toby Daniel, Author of P.R.I.C.E.

SOAR (SCN) Podcast

Play Episode Listen Later Jun 21, 2016 48:39


Mali Phonpadith interviews Toby J. Daniel, Technology Expert and Author of P.R.I.C.E. Toby is a U.S Veteran and a Graduate of Coleman University with B.S. in Information Systems Technology. He has over 15 years of experience in the Telecommunications industry, being employed with Cox Communications, Time Warner Cable, ARRIS, Larsen & Toubro and Concurren. He has held positions from Operations, to Architecture, to Sales Management. Some of his business accomplishments are, ClickOne Technology (Professional Services), The Fish Spot and now as a published author. His book, price, P.R.I.C.E is a systematic mindset that will assist you in attaining your goals. http://soarcommunitynetwork.com Subscribe to our podcast on iTunes at: https://itunes.apple.com/us/podcast/soar-podcast/id884527835?mt=2

Day Spa & Med Spa Success
Halle Friedman - Robert Andrews Laser and Medical Aesthetics

Day Spa & Med Spa Success

Play Episode Listen Later Nov 18, 2015 16:15


Halle Friedman, Founder & President At the age of 18, Halle Friedman, Founder and President of Robert Andrews Laser & Aesthetics, entered the United States Air Force, where she proudly served her country for over 20 years in both Active Duty and as a Reservist.   While in the Air Force, Halle became a Computer Operations Instructor, attended college and received her Bachelors of Science in Nursing from University of Southern Mississippi (1995) and became a commissioned officer - thus beginning an exciting and challenging career as an emergency/battlefield nurse.   Halle has worked in a number of impressive leadership positions to include, working directly with the Air Force Surgeon General Staff in Washington D.C., and as a Hospital Nursing Supervisor and RN Manager for the Emergency Department. In Colorado Springs she was Operations Manager and Manager of Patient Scheduling for Memorial Hospital’s Emergency Department.   Halle’s in-depth medical career also includes certification in Medical Aesthetics from the National Laser Institute in Scottsdale, Arizona.  She is proficient in Bio-Identical Hormone Replacement Therapy, Ablative and Non-Ablative Laser Skin Resurfacing; Sclerotherapy; Advanced Botox (Neurotoxins), Dermal fillers and more.   In addition to her medical background, Halle holds a degree in Information Systems Technology, and an MBA from Colorado Technical University.   Halle’s background and life experience is very broad, extensive, and accomplished - and she prides herself in seeing the big picture in life. She remains deeply involved in her profession and has served as the Treasurer, Secretary and Media Chair for the Colorado Emergency Nurses Association.   In October 2013, Halle realized her dream and established the Robert Andrews Laser & Medical Aesthetics clinic in Colorado Springs, where she is proudly bringing the highest level of science, technology, skill - and genuine care - to her clients.    

Software Process and Measurement Cast
SPaMCAST 292 – Ginger Levin, Implementing Program Management

Software Process and Measurement Cast

Play Episode Listen Later Jun 1, 2014 39:30


Listen to the Software Process and Measurement Cast 292. SPaMCAST 292 features our interview with Dr. Ginger Levin. Dr. Levin and I discussed her book, Implementing Program Management: Templates and Forms. Dr Levin and her co-author Allen Green wrote their go-to reference for program practitioners, colleges, universities, and those sitting for the PgMP. Ginger provides great advice for program managers who are interested in consistently delivering value to their clients. Note the audio is not perfect this week however the content is great. I hope you can stay with the interview! Dr. Ginger Levin is a Senior Consultant and Educator in project management with over 45 years of experience. Her specialty areas are portfolio management, program management, the PMO, metrics, and maturity assessments. She is a PMP, PgMP (second in the world), and an OPM3 Certified Professional. She presents regularly at PMI Conferences and conducts numerous seminars on various topics. She is the editor, author or co-author of 20 books focusing on program management, portfolio management, the PMO, virtual teams, and interpersonal skills and is a book series editor for CRC Press. She has managed programs and projects of various sizes and complexity for public and private sector organizations. She is an Adjunct Professor at SKEMA University in Lille, France, in its doctoral program in project management and also for the University of Wisconsin-Platteville in its masters program in project management. Dr. Levin received her doctorate in Information Systems Technology and Public Administration from The George Washington University and the Outstanding Dissertation Award for her research on large organizations. Please see: linkedin.com/in/gingerlevin Buy your copy of Implementing Program Management: Templates and Forms NOW! Thanks for the feedback on shortening the introduction of the cast this week. Please keep your feedback coming.  Get in touch with us anytime or leave a comment here on the blog. Help support the SPaMCAST by reviewing and rating it on iTunes. It helps people find the cast. Like us onFacebook while you’re at it. Upcoming Events ITMPI Webinar!On June 3 I will be presenting the webinar titled “Rescuing a Troubled Project With Agile.” The webinar will demonstrate how Agile can be used to rescue troubled projects. Your will learn how to recognize that a project is in trouble and how the discipline, focus, and transparency of Agile can promote recovery. Register now! Upcoming DCG Webinars:June 19 11:30 EDT – How To Split User StoriesJuly 24 11:30 EDT – The Impact of Cognitive Bias On TeamsCheck these out at www.davidconsultinggroup.com I look forward to seeing or hearing all SPaMCAST readers and listeners at all of these great events! The Software Process and Measurement Cast has a sponsor.As many you know I do at least one webinar for the IT Metrics and Productivity Institute (ITMPI) every year. The ITMPI provides a great service to the IT profession. ITMPI’s mission is to pull together the expertise and educational efforts of the world’s leading IT thought leaders and to create a single online destination where IT practitioners and executives can meet all of their educational and professional development needs. The ITMPI offers a premium membership that gives members unlimited free access to 400 PDU accredited webinar recordings, and waives the PDU processing fees on all live and recorded webinars. The Software Process and Measurement Cast some support if you sign up here. All the revenue our sponsorship generates goes for bandwidth, hosting and new cool equipment to create more and better content for you. Support the SPaMCAST and learn from the ITMPI. Shameless Ad for my book! Mastering Software Project Management: Best Practices, Tools and Techniques co-authored by Murali Chematuri and myself and published by J. Ross Publishing. We have received unsolicited reviews like the following: “This book will prove that software projects should not be a tedious process, neither for you or your team.” Support SPaMCAST by buying the book here.Available in English and Chinese.

Software Process and Measurement Cast
SPaMCAST 136 - Ginger Levin and LeRoy Ward, Program Management Complexity

Software Process and Measurement Cast

Play Episode Listen Later May 29, 2011 47:16


Welcome to the Software Process and Measurement Cast 136! SPaMCAST 136 features my interview with Dr Ginger Levin and J. LeRoy Ward discussing their new book, Program Management Complexity: A Competency Model (ESI International Project Management Series).  We discussed program management, the impact of agile techniques and why competency is critical.  A wonderful information packed interview! Dr. Ginger Levin is a senior consultant and educator in project management. Her specialty areas are portfolio management, program management, the Project Management Office, knowledge management, metrics, and maturity assessments. She is certified as a PMP®, PgMP®, and as an OPM3 Assessor and Consultant. She was the second person in the world to receive the PgMP. In addition, Dr. Levin is an Adjunct Professor for the University of Wisconsin-Platteville, where she teaches in its M.S. in Project Management Program and for SKEMA (Esc Lille) University, France, in its project management program at the master’s and doctoral level. Also, she is a Visiting Professor for RMIT in Melbourne, Australia. In consulting, she has served as Project Manager in numerous efforts for Fortune 500 and public-sector clients, including UPS, Citibank, the U.S. Food and Drug Administration, General Electric, SAP, EADS, John Deere, Schreiber Foods, TRW, the New York City Transit Authority, the U.S. Joint Forces Command, and the U.S. Department of Agriculture. Prior to her work in consulting, she held positions of increasing responsibility with the U.S. Government, including the Federal Aviation Administration, Office of Personnel Management, and the General Accounting Office. She is the co-author of Implementing Program Management: Forms and Templates Aligned with the Standard for Program Management, Second Edition (2008); Project Portfolio Management: Tools & Techniques; Metrics for Project Management; Achieving Project Management Success Using Virtual Teams; The Advanced Project Management Office: A Comprehensive Look at Function and Implementation; People Skills for Project Managers; Essential People Skills for Project Managers; The Business Development Capability Maturity Model; and ESI’s PMP Challenge! PMP Study Guide and the PgMP Study Guide (along with J. LeRoy Ward). Her book entitled Interpersonal Skills for Portfolio, Program, and Project Managers also was published in 2010.  Dr. Levin received her doctorate in Information Systems Technology and Public Administration from The George Washington University, and received the Outstanding Dissertation Award for her research on large organizations. She also was inducted into Phi Alpha Alpha, the National Honorary Society for Public Affairs and Administration. J. LeRoy Ward, Executive Vice President, is responsible for ESI’s worldwide product offerings and international partnerships. Complementing a 17-year career with four U.S. federal agencies, Ward has delivered project management programs to clients around the world.A noted author and speaker, Ward has served on the adjunct faculties of The George Washington University and The American University, presenting courses in remote sensing, cartography, computer systems management, and information systems. He has authored numerous articles and publications, including the Dictionary of Project Management Terms (3rd ed.); the PMP® Exam Practice Test and Study Guide, PMP® Challenge!, and the PgMP® Exam Practice Test and Study Guide (with Ginger Levin); a set of audio CDs entitled Conversations on Passing the PMP® Exam (with Carl Pritchard); and, ProjectFRAMEWORK, a Project Management Maturity Model (with multiple authors).  His articles have appeared in PMNetwork, Chief Learning Officer, and Project Manager Today (U.K.). A popular and dynamic presenter, he speaks frequently on project management and related topics at professional association meetings and conferences around the world. Ward holds B.S. and M.S. degrees from Southern Connecticut State University in geography and an MSTM degree, with distinction, in Computer Systems Management from The American University, where he was inducted into Phi Alpha Alpha, the National Honorary Society for Public Affairs and Administration. He is an alumnus of the General Services Administration’s Trail Boss Program (for major systems acquisitions) and the Federal Executive Institute. Ward is a member of several technical societies, including the American Society of Training and Development, the International Project Management Association, and the Project Management Institute where he is certified as a Project Management Professional (PMP - Number 431) and a Program Management Professional (PgMP), one of the first to earn the credential. Contact Information:Leroy's email:  LWard@esi-intl.comGinger's emai:  GINLEVIN@AOL.COM  (Listen to Ginger's comments on the topic on the podcast!) Both Ginger and Leroy can found on LinkedIn also! Shameless Ad for my book!  Mastering Software Project Management: Best Practices, Tools and Techniques co-authored by Murali Chematuri and myself and published by J. Ross Publishing. We have received great unsolicited reviews and the book has been picked up as a text book for university level work.  Have you bought your copy? Contact information for the Software Process and Measurement CastEmail:  spamcastinfo@gmail.comVoicemail:  +1-206-888-6111Website: www.spamcast.netTwitter: www.twitter.com/tcagleyFacebook:  http://bit.ly/16fBWV Next! In the SPaMCAST 137 I will tackle the topic of the "One" Number or as I call it fear of uncertainty.

Black Hat Briefings, Japan 2005 [Audio] Presentations from the security conference
Michael Sutton and Adam Greene: The Art of File Format Fuzzing (English)

Black Hat Briefings, Japan 2005 [Audio] Presentations from the security conference

Play Episode Listen Later Oct 31, 2006 49:04


"In September 2004, much hype was made of a buffer overflow vulnerability that existed in the Microsoft engine responsible for processing JPEG files. While the resulting vulnerability itself was nothing new, the fact that a vulnerability could be caused by a non-executable file commonly traversing public and private networks was reason for concern. File format vulnerabilities are emerging as more and more frequent attack vector. These attacks take advantage of the fact that an exploit can be carried within non-executable files that were previously considered to be innocuous. As a result, firewalls and border routers rarely prevent the files from entering a network when included as email attachments or downloaded from the Internet. As with most vulnerabilities, discovering file format attacks tends to be more art than science. We will present various techniques that utilize file format fuzzing that range from pure brute force fuzzing to intelligent fuzzing that requires an understanding of the targeted file formats. We will present a methodology for approaching this type of research and address issues such as automating the process. Techniques will be discussed to address challenges such as attacking proprietary file formats, overcoming exception handling and reducing false positives. The presentation will include demonstrations of fuzzing tools designed for both the *nix and Windows platforms that will be released at the conference and the disclosure of vulnerabilities discovered during the course of our research. Michael Sutton is a Director for iDEFENSE/VeriSign, a security intelligence company located in Reston, VA. He heads iDEFENSE/VeriSign and the Vulnerability Aggregation Team (VAT). iDEFENSE Labs is the research and development arm of the company, which is responsible for discovering original security vulnerabilities in hardware and software implementations, while VAT focuses on researching publicly known vulnerabilities. His other responsibilities include developing tools and methodologies to further vulnerability research, and managing the iDEFENSE Vulnerability Contributor Program (VCP). Prior to joining iDEFENSE/VeriSign, Michael established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst & Young in Bermuda. He is a frequent presenter at information security conferences. Michael obtained his Certified Information Systems Auditor (CISA) designation in 1998 and is a member of Information Systems Audit and Control Association (ISACA). He has completed a Master of Science in Information Systems Technology degree at George Washington University, has a Bachelor of Commerce degree from the University of Alberta and is a Chartered Accountant. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department. Adam Greene is a Security Engineer for iDEFENSE/VeriSign, a security intelligence company located in Reston, VA. His responsibilities at iDEFENSE/VeriSign include researching original vulnerabilities and developing exploit code as well as verifying and analyzing submissions to the iDEFENSE Vulnerability Contributor Program. His interests in computer security lie mainly in reliable exploitation methods, fuzzing, and UNIX based system auditing and exploit development. In his time away from computers he has been known to enjoy tea and foosball with strange old women."

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference
Michael Sutton and Adam Greene: The Art of File Format Fuzzing

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Play Episode Listen Later Jun 4, 2006 43:18


In September 2004, much hype was made of a buffer overflow vulnerability that existed in the Microsoft engine responsible for processing JPEG files. While the resulting vulnerability itself was nothing new, the fact that a vulnerability could be caused by a non-executable file commonly traversing public and private networks was reason for concern. File format vulnerabilities are emerging as more and more frequent attack vector. These attacks take advantage of the fact that an exploit can be carried within non-executable files that were previously considered to be innocuous. As a result, firewalls and border routers rarely prevent the files from entering a network when included as email attachments or downloaded from the Internet. As with most vulnerabilities, discovering file format attacks tends to be more art than science. We will present various techniques that utilize file format fuzzing that range from pure brute force fuzzing to intelligent fuzzing that requires an understanding of the targeted file formats. We will present a methodology for approaching this type of research and address issues such as automating the process. Techniques will be discussed to address challenges such as attacking proprietary file formats, overcoming exception handling and reducing false positives. The presentation will include demonstrations of fuzzing tools designed for both the *nix and Windows platforms that will be released at the conference and the disclosure of vulnerabilities discovered during the course of our research. Michael Sutton is a Director for iDEFENSE, a security intelligence company located in Reston, VA. He heads iDEFENSE Labs and the Vulnerability Aggregation Team (VAT). iDEFENSE Labs is the research and development arm of the company, which is responsible for discovering original security vulnerabilities in hardware and software implementations, while VAT focuses on researching publicly known vulnerabilities. His other responsibilities include developing tools and methodologies to further vulnerability research, and managing the iDEFENSE Vulnerability Contributor Program (VCP). Prior to joining iDEFENSE, Michael established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst and Young in Bermuda. He is a frequent presenter at information security conferences. Michael obtained his Certified Information Systems Auditor (CISA) designation in 1998 and is a member of Information Systems Audit and Control Association (ISACA). He has completed a Master of Science in Information Systems Technology degree at George Washington University, has a Bachelor of Commerce degree from the University of Alberta and is a Chartered Accountant. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department. Adam Greene is a Security Engineer for iDEFENSE, a security intelligence company located in Reston, VA. His responsibilities at iDEFENSE include researching original vulnerabilities and developing exploit code as well as verifying and analyzing submissions to the iDEFENSE Vulnerability Contributor Program. His interests in computer security lie mainly in reliable exploitation methods, fuzzing, and UNIX based system auditing and exploit development. In his time away from computers he has been known to enjoy tea and foosball with strange old women.

Black Hat Briefings, Las Vegas 2006 [Audio] Presentations from the security conference
Michael Sutton & Greg MacManus: Punk Ode - Hiding shellcode in plain sight

Black Hat Briefings, Las Vegas 2006 [Audio] Presentations from the security conference

Play Episode Listen Later Jun 4, 2006 58:50


"Injecting shellcode into a vulnerable program so you can find it reliably can be tricky. With image format vulnerabilities, sometimes the only place you can put your code is in the image itself. If a file attempting to exploit one of these vulnerabilities was rendered using a non-vulnerable application, the ‘strange’ files might raise some suspicion; a file containing a NOP-sled and shellcode does not tend to look like any normal photo. What if shellcode could be injected in this way without significantly altering the appearance of the file? What if the entire file could be transformed into executable code but the original image or sound could still be rendered? In this presentation we will present Punk Ode, which combines concepts from steganography, psychophysics and restricted character-set shellcode encoding to hide shellcode in plain sight. We will discuss how to convert a media file into a stream of valid instructions while leaving the initial images/sounds intact so as not to raise suspicion. We will also release a series of tools designed to automate the generation of such files. Michael Sutton is a Director for iDefense/VeriSign where he heads iDefense Labs and the Vulnerability Aggregation Team (VAT). iDefense Labs is the research and development arm of the company, which is responsible for discovering original security vulnerabilities in hardware and software implementations, while VAT focuses on researching publicly known vulnerabilities. His other responsibilities include developing tools and methodologies to further vulnerability research, and managing the iDefense Vulnerability Contributor Program (VCP). Prior to joining iDefense, Michael established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst & Young in Bermuda. He is a frequent presenter at information security conferences. He obtained his Master of Science in Information Systems Technology degree at George Washington University and has a Bachelor of Commerce degree from the University of Alberta. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department. Greg MacManus is a security engineer for iDefense/VeriSign working in the iDefense Labs where he does a bunch of computer security research and vulnerability analysis. He obtained his Bachelor of Science in Computer Science at Otago University in Dunedin, New Zealand and during this time got quite good at doing the computer stuff and going off on random tangents. Aside from finding and exploiting security vulnerabilities and related computer security topics, he is also interested in image processing, data visualization, artificial intelligence, wordplay and music."

Black Hat Briefings, Las Vegas 2006 [Video] Presentations from the security conference
Michael Sutton & Greg MacManus: Punk Ode - Hiding shellcode in plain sight

Black Hat Briefings, Las Vegas 2006 [Video] Presentations from the security conference

Play Episode Listen Later Jun 4, 2006 58:50


Injecting shellcode into a vulnerable program so you can find it reliably can be tricky. With image format vulnerabilities, sometimes the only place you can put your code is in the image itself. If a file attempting to exploit one of these vulnerabilities was rendered using a non-vulnerable application, the ‘strange’ files might raise some suspicion; a file containing a NOP-sled and shellcode does not tend to look like any normal photo. What if shellcode could be injected in this way without significantly altering the appearance of the file? What if the entire file could be transformed into executable code but the original image or sound could still be rendered? In this presentation we will present Punk Ode, which combines concepts from steganography, psychophysics and restricted character-set shellcode encoding to hide shellcode in plain sight. We will discuss how to convert a media file into a stream of valid instructions while leaving the initial images/sounds intact so as not to raise suspicion. We will also release a series of tools designed to automate the generation of such files. Michael Sutton is a Director for iDefense/VeriSign where he heads iDefense Labs and the Vulnerability Aggregation Team (VAT). iDefense Labs is the research and development arm of the company, which is responsible for discovering original security vulnerabilities in hardware and software implementations, while VAT focuses on researching publicly known vulnerabilities. His other responsibilities include developing tools and methodologies to further vulnerability research, and managing the iDefense Vulnerability Contributor Program (VCP). Prior to joining iDefense, Michael established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst & Young in Bermuda. He is a frequent presenter at information security conferences. He obtained his Master of Science in Information Systems Technology degree at George Washington University and has a Bachelor of Commerce degree from the University of Alberta. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department. Greg MacManus is a security engineer for iDefense/VeriSign working in the iDefense Labs where he does a bunch of computer security research and vulnerability analysis. He obtained his Bachelor of Science in Computer Science at Otago University in Dunedin, New Zealand and during this time got quite good at doing the computer stuff and going off on random tangents. Aside from finding and exploiting security vulnerabilities and related computer security topics, he is also interested in image processing, data visualization, artificial intelligence, wordplay and music."

Black Hat Briefings, Las Vegas 2005 [Video] Presentations from the security conference
Michael Sutton and Adam Greene: The Art of File Format Fuzzing

Black Hat Briefings, Las Vegas 2005 [Video] Presentations from the security conference

Play Episode Listen Later Jun 4, 2006 43:18


In September 2004, much hype was made of a buffer overflow vulnerability that existed in the Microsoft engine responsible for processing JPEG files. While the resulting vulnerability itself was nothing new, the fact that a vulnerability could be caused by a non-executable file commonly traversing public and private networks was reason for concern. File format vulnerabilities are emerging as more and more frequent attack vector. These attacks take advantage of the fact that an exploit can be carried within non-executable files that were previously considered to be innocuous. As a result, firewalls and border routers rarely prevent the files from entering a network when included as email attachments or downloaded from the Internet. As with most vulnerabilities, discovering file format attacks tends to be more art than science. We will present various techniques that utilize file format fuzzing that range from pure brute force fuzzing to intelligent fuzzing that requires an understanding of the targeted file formats. We will present a methodology for approaching this type of research and address issues such as automating the process. Techniques will be discussed to address challenges such as attacking proprietary file formats, overcoming exception handling and reducing false positives. The presentation will include demonstrations of fuzzing tools designed for both the *nix and Windows platforms that will be released at the conference and the disclosure of vulnerabilities discovered during the course of our research. Michael Sutton is a Director for iDEFENSE, a security intelligence company located in Reston, VA. He heads iDEFENSE Labs and the Vulnerability Aggregation Team (VAT). iDEFENSE Labs is the research and development arm of the company, which is responsible for discovering original security vulnerabilities in hardware and software implementations, while VAT focuses on researching publicly known vulnerabilities. His other responsibilities include developing tools and methodologies to further vulnerability research, and managing the iDEFENSE Vulnerability Contributor Program (VCP). Prior to joining iDEFENSE, Michael established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst and Young in Bermuda. He is a frequent presenter at information security conferences. Michael obtained his Certified Information Systems Auditor (CISA) designation in 1998 and is a member of Information Systems Audit and Control Association (ISACA). He has completed a Master of Science in Information Systems Technology degree at George Washington University, has a Bachelor of Commerce degree from the University of Alberta and is a Chartered Accountant. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department. Adam Greene is a Security Engineer for iDEFENSE, a security intelligence company located in Reston, VA. His responsibilities at iDEFENSE include researching original vulnerabilities and developing exploit code as well as verifying and analyzing submissions to the iDEFENSE Vulnerability Contributor Program. His interests in computer security lie mainly in reliable exploitation methods, fuzzing, and UNIX based system auditing and exploit development. In his time away from computers he has been known to enjoy tea and foosball with strange old women.