Podcasts about infosec

Share on
Share on Facebook
Share on Twitter
Share on Reddit
Copy link to clipboard
  • 442PODCASTS
  • 6,772EPISODES
  • 30mAVG DURATION
  • 3DAILY NEW EPISODES
  • Nov 30, 2021LATEST
infosec

POPULARITY

20112012201320142015201620172018201920202021


Best podcasts about infosec

Show all podcasts related to infosec

Latest podcast episodes about infosec

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Wireshark 3.6.0 Released https://isc.sans.edu/forums/diary/Wireshark+360+Released/28076/ Google Cloud Security Report https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf Zoom Patch https://explore.zoom.us/en/trust/security/security-bulletin/ Slack DNSSEC Experience Reports https://slack.engineering/what-happened-during-slacks-dnssec-rollout/

Shared Secrets
Season 2 episode5: Burnout isn't about working too much, it's about doing the wrong work.

Shared Secrets

Play Episode Listen Later Nov 30, 2021 36:04


Den flips the table on Kev with a secret of his own on this special episode of Shared Secrets. We dive into cyber security industry burnout and quality vs. quantity.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Phishing Pages Hiding Itself Using Dynamically Adjusted IP Based Allow List https://isc.sans.edu/forums/diary/Phishing+page+hiding+itself+using+dynamically+adjusted+IPbased+allow+list/28070/ Trickbot Phishing Checks Screen Resolution to Evade Researchers https://www.bleepingcomputer.com/news/security/trickbot-phishing-checks-screen-resolution-to-evade-researchers/ QNAP QVR Patch https://www.qnap.com/de-de/security-advisory/qsa-21-51 CronRAT Malware Hiding in cron https://sansec.io/research/cronrat

The Hacker Factory
A Conversation With Pentesting And Bug Bounty Expert Jason Haddix | The Hacker Factory With Phillip Wylie

The Hacker Factory

Play Episode Listen Later Nov 26, 2021 36:56


Jason Haddix, world renowned bug bounty researcher, shares his story and valuable advice that has helped many aspiring pentesters and bug hunters.Jason shares his story of starting in IT, becoming a pentester, to helping a top bug bounty company in the beginning stages. Jason's advice includes learning resources, and career advice that he has shared with many aspiring cybersecurity professionals over the years. Jason being a top ranked bug hunter is well known for his bug bounty methodology which he has presented at numerous conferences and events to help others learning bug bounty._______________________GuestJason HaddixOn Linkedin | https://www.linkedin.com/in/jhaddix/On Twitter | https://twitter.com/Jhaddix______________________HostPhillip WylieOn ITSPmagazine  

Black Hills Information Security
Talkin' About Infosec News – 11/26/2021

Black Hills Information Security

Play Episode Listen Later Nov 26, 2021 53:24


ORIGINALLY AIRED ON NOVEMBER 22, 2021 Articles discussed in this episode: Story # 1: Chinese Team Up With Russia To Launch US Cybersecurity Assault – https://hothardware.com/news/chinese-hackers-team-up-with-russian-ransomware-gang Story # 2: The FBI Got Hacked Over a Beef With a Guy Named Vinny? – https://www.thedailybeast.com/was-fbi-email-hack-just-an-elaborate-troll-of-a-guy-named-vinny-troia Story # 3: Insurers run from ransomware cover as losses mount – https://www.reuters.com/markets/europe/insurers-run-ransomware-cover-losses-mount-2021-11-19/ Story # […] The post Talkin' About Infosec News – 11/26/2021 appeared first on Black Hills Information Security.

Security In Five Podcast
EPisode 1109 - Facebook Will Enable End to End Encryption Sometime Soon, Probably

Security In Five Podcast

Play Episode Listen Later Nov 24, 2021 6:51


In 2019 Facebook, now Meta, announced they are moving to enable end to end encryption on the messaging apps. It's 2021 and it's not completed and now they say it won't be until 2023 at the earlest. This episode talks about this. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

YARA Rule for OOXML Maldocs: Less False Positives https://isc.sans.edu/forums/diary/YARA+Rule+for+OOXML+Maldocs+Less+False+Positives/28066/ Zero-Day Windows Installer Exploit https://www.bleepingcomputer.com/news/security/malware-now-trying-to-exploit-new-windows-installer-zero-day/ VMWare VCenter Vulnerability and Patch https://www.vmware.com/security/advisories/VMSA-2021-0027.html

CISO Stories Podcast
Skills I Needed to be a First-Time CISO - Richard Kaufmann - CSP #45

CISO Stories Podcast

Play Episode Listen Later Nov 23, 2021 23:35


Infosec skills don't necessarily transfer to CISO skills, but CISO skills are 100% transferable to whatever your infosec career looks like. Growth begins outside of your comfort zones, so some of the CISO skills you can work on now include executive storytelling, internal coalition building, and how to be comfortable being uncomfortable…   Show Notes: https://securityweekly.com/csp45 This segment is sponsored by Cybereason. Visit https://www.cybereason.com/cisostories to learn more about them!   Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/

Security In Five Podcast
Episode 1108 - Less Than Half Change Passwords Post-Breach, What The Heck

Security In Five Podcast

Play Episode Listen Later Nov 23, 2021 7:24


The Identity Theft Resource Center released a report that shows a disturbing trend. The survey showed that more than half of users involved in a breach take no action to strengthen their accounts. This episode breaks it down. Source Report - https://www.idtheftcenter.org/data-breach-notice-research-by-the-identity-theft-resource-center-shows-consumers-dont-act-after-a-data-theft/ Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Simple YARA Rules for Office Maldocs https://isc.sans.edu/forums/diary/Simple+YARA+Rules+for+Office+Maldocs/28062/ Retailers Urged to Patch Magento https://www.theregister.com/2021/11/22/ncsc_magento_updates_black_friday_reminder/ PoC of CVE-2021-42321: pop mspaint.exe on the target https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398 BeC Via Exchange Flaws https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html Windows Priv. Escalation PoC https://github.com/klinix5/InstallerFileTakeOver PHP deserialize vulnerablity in CloudLinux Imunity360 https://blog.talosintelligence.com/2021/11/vulnerability-spotlight-php-deserialize.html

Security In Five Podcast
Episode 1107 - Millions Of Broadband Routers Left Exposed For Over A Year

Security In Five Podcast

Play Episode Listen Later Nov 22, 2021 6:45


Millions of routers from Sky, a UK based broadband provider, were found to have security vulnerabilities that were left open for 18 months. This episode talks about this and what the security flaw was. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Hikvision Security Cameras Potentially Exposed to Remote Code Execution https://isc.sans.edu/forums/diary/Hikvision+Security+Cameras+Potentially+Exposed+to+Remote+Code+Execution/28056/ Detecting PAM Backdoors https://isc.sans.edu/forums/diary/Backdooring+PAM/28058/ Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem https://dl.acm.org/doi/pdf/10.1145/3460120.3484768 CVE-2021-42306 CredManifest: App Registration Certificates Stored in Azure Active Directory https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/

The Hacker Factory
Overcoming Obstacles To Become A Pentester | A Conversation With Joe "The Blind Hacker" Brinkley | The Hacker Factory With Phillip Wylie

The Hacker Factory

Play Episode Listen Later Nov 19, 2021 42:24


Joe Brinkley—or The Blind Hacker as he is most commonly known in the InfoSec community—shares his story of overcoming a disability to achieve his dream job in cybersecurity.Joe is not only a very talented pentester, but a community contributor, speaker, mentor, and Innocent Lives Foundation Ambassador. Joe shares his story and advice on getting started in cybersecurity._______________________GuestJoe "The Blind Hacker" BrinkleyOn Linkedin | https://www.linkedin.com/in/brinkleyjoseph/On Twitter | https://twitter.com/TheBlindHackerOn YouTube | https://www.youtube.com/user/brinkleyjm______________________HostPhillip WylieOn ITSPmagazine  

Security In Five Podcast
Episode 1106 - Tools, Tips and Tricks - Winaero Tweaker

Security In Five Podcast

Play Episode Listen Later Nov 19, 2021 5:14


This week's tools, tips, and tricks talk about a Windows Customization Tool called Winaero Tweaker. Download Winaero Tweaker - https://winaero.com/ Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

JavaScript Downloader Delivers Agent Tesla Trojan https://isc.sans.edu/forums/diary/JavaScript+Downloader+Delivers+Agent+Tesla+Trojan/28050/ Exposed Firefox cookies.sqlite Databases https://www.theregister.com/2021/11/18/firefox_cookies_github/ FBI Warns of Fatpipe VPN Exploits https://www.ic3.gov/Media/News/2021/211117-2.pdf Abusing ClouDNS https://blog.netlab.360.com/the-pitfall-of-threat-intelligence-whitelisting-specter-botnet-is-taking-over-top-legit-dns-domains-by-using-cloudns-service/

Security In Five Podcast
Episode 1105 - Scammers Using Fake Deals To Get Your Info

Security In Five Podcast

Play Episode Listen Later Nov 18, 2021 5:59


Scammers go after users of services but they also go after new users. This episode talks about the tactic to trick people in signing up for services with great-sounding deals and how to look out for these types of attacks. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

DDS Protocol Implementation Vulnerabilities https://us-cert.cisa.gov/ics/advisories/icsa-21-315-02 Siemens TCP/IP Flaws https://www.forescout.com/blog/new-critical-vulnerabilities-found-on-nucleus-tcp-ip-stack/ Netgear UPNP Stack Based Buffer Overflow https://blog.grimm-co.com/2021/11/seamlessly-discovering-netgear.html

Black Hills Information Security
Talkin' About Infosec News – 11/17/2021

Black Hills Information Security

Play Episode Listen Later Nov 17, 2021 57:24


ORIGINALLY AIRED ON NOVEMBER 15, 2021 Articles discussed in this episode: 00:00 – BHIS – Talkin' Bout [infosec] News 2021-11-15 02:22 – Story # 1: Robinhood data breach – https://www.bleepingcomputer.com/news/security/robinhood-discloses-data-breach-impacting-7-million-customers/ 07:27 – Story # 2: Trojanized IDA Pro – https://thehackernews.com/2021/11/north-korean-hackers-target.html 09:48 – Story # 3: stealing data today, quantum computers tomorrow – https://www.technologyreview.com/2021/11/03/1039171/hackers-quantum-computers-us-homeland-security-cryptography/ 18:42 – Story # 4: DDR4 […] The post Talkin' About Infosec News – 11/17/2021 appeared first on Black Hills Information Security.

Security In Five Podcast
Episode 1104 - Tis The Season For Gift Card Scams

Security In Five Podcast

Play Episode Listen Later Nov 17, 2021 6:51


It's that time of year when scammers increase the gift card scams. This episode talks about how to avoid these scams and what you can do to help others avoid them as well. Source: https://www.consumer.ftc.gov/articles/gift-card-scams Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Emotet Returns https://isc.sans.edu/forums/diary/Emotet+Returns/28044/ GitHub Improves npm Security https://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/ Intel CPU Debug Vulnerability https://www.ptsecurity.com/ww-en/about/news/positive-technologies-discovers-vulnerability-in-intel-processors-used-in-laptops-cars-and-other-devices/ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html Home Router Vulnerability Listing https://modemly.com/m1/pulse

Threat Wire
Robinhood Hacked - 7 Million Users Affected - ThreatWire

Threat Wire

Play Episode Listen Later Nov 17, 2021


Click for links and more info ⬇️⬇️⬇️ BIOS Flaws Hit Intel Processors, Robinhood was Hacked and 7 Million are Affected , and the FBI's Email Server was used to Send Spoofed Emails ! All that coming up now on ThreatWire.  #threatwire #hak5 Links: Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers. Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/j3vQJNMiTMk Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/  Support ThreatWire!  https://www.patreon.com/threatwire  Follow Shannon on Social Media: https://snubsie.com/links  Links: https://www.bleepingcomputer.com/news/security/high-severity-bios-flaws-affect-numerous-intel-processors/ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00562.html https://www.bleepingcomputer.com/news/security/fbi-system-hacked-to-email-urgent-warning-about-fake-cyberattacks/ https://twitter.com/spamhaus/status/1459451401269043201 https://twitter.com/vinnytroia/status/1459515619838251010 https://thehackernews.com/2021/11/fbis-email-system-hacked-to-send-out.html https://krebsonsecurity.com/2021/11/hoax-email-blast-abused-poor-coding-in-fbi-website/ https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-incident-involving-fake-emails https://blog.robinhood.com/2021/11/8/data-security-incident https://www.vice.com/en/article/epxdmn/robinhood-hackers-internal-tool-security-features https://www.bleepingcomputer.com/news/security/7-million-robinhood-user-email-addresses-for-sale-on-hacker-forum/ https://www.cnet.com/tech/services-and-software/robinhood-data-breach-exposed-7-million-customers/ Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop →  http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

Security In Five Podcast
Episode 1103 - iOS Next Update Has Privacy Features You Should Know Of

Security In Five Podcast

Play Episode Listen Later Nov 16, 2021 7:18


Apple continues improving security and privacy for uses with the next iOS update, 15.2. This episode talks about the main privacy featured you should be aware of and enable when the update is released. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Microsoft Emergency Update fixes AD Authentication Problems https://support.microsoft.com/en-us/topic/november-14-2021-kb5008601-os-build-14393-4771-out-of-band-c8cd33ce-3d40-4853-bee4-a7cc943582b9 Using Copy Paste to Change Microsoft AD Password https://isc.sans.edu/forums/diary/Changing+your+AD+Password+Using+the+Clipboard+Not+as+Easy+as+Youd+Think/28036/ Parking Pages Used to Distrbute Malware https://blog.netlab.360.com/zhatuniubility-malware-uses-namesilo-parking-pages-and-googles-custom-pages-to-spread/ Blacksmith Revives Rowhamer https://comsec.ethz.ch/research/dram/blacksmith/

Security In Five Podcast
Episode 1102 - FBI Email System Hacked, Sends Out Real Scam Emails

Security In Five Podcast

Play Episode Listen Later Nov 15, 2021 5:59


We all know about phishing and looking out for fake emails. What happens when the emails are coming from legitimate sources? This is what happened to the FBI last week. This episode talks about the FBI email hack and what happened. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

Unsupervised Learning
Degrees and Credentials in InfoSec

Unsupervised Learning

Play Episode Listen Later Nov 15, 2021 4:22


How the needs-college and don't-need-college types are both right about the importance of education for getting into InfoSec. Support the show: https://danielmiessler.com/support/ See omnystudio.com/listener for privacy information.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Not So Fake FBI E-Mails https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-incident-involving-fake-emails https://isc.sans.edu/forums/diary/External+Email+System+FBI+Compromised+Sending+Out+Fake+Warnings/28034/ https://twitter.com/spamhaus/status/1459450061696417792 Reversing Obfuscated Maldoc with BASE64 https://isc.sans.edu/forums/diary/Obfuscated+Maldoc+Reversed+BASE64/28030/ Zoom Updates https://explore.zoom.us/en/trust/security/security-bulletin/ VMWare VCenter Update https://www.vmware.com/security/advisories/VMSA-2021-0025.html Windows User Profile 0-Day LPE https://halove23.blogspot.com/2021/10/windows-user-profile-service-0day.html

Paul's Security Weekly TV
MegatronAL on Kicking in the Door to Cybersecurity - Angela Marafino - ESW #250

Paul's Security Weekly TV

Play Episode Listen Later Nov 12, 2021 32:08


I once told my college advisor that I wanted to double major in computer science and jazz performance. She laughed at me. Instead, I jumped into a career in IT and played jazz - without a degree in either. Turns out, that was fine - the industry valued experience and results over academic achievement. Today's guest *has* two degrees, one in fine arts, one in pre-law, and that's also fine. If there's anything I've learned in InfoSec, it's the mind that matters most, less so the degrees or certs on your wall. Angela Marafino gets cybersecurity and understands what makes it tick. Using this knowledge, she has built a personal brand, network, and career in an impressively short time. She is simultaneously mentor and mentee. Today, we'll explore Angela's path into the industry as well as some of her views on challenges, like imposter syndrome. https://hbr.org/2021/02/stop-telling-women-they-have-imposter-syndrome https://www.itspmagazine.com/focal-point-podcast https://twitter.com/hackerbookclub1   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw250

The Tripwire Cybersecurity Podcast
What Makes Us Click? Cyberscams and The Brain with Martina Dove, PhD

The Tripwire Cybersecurity Podcast

Play Episode Listen Later Nov 12, 2021 28:22


In this episode, Tripwire's Senior UX Researcher, Martina Dove, uses her psychology research to explain to us how the brain operates when presented with a cyberscam. She also discusses her model for identifying fraud susceptibility and what we can do to prevent falling for these scams.   Check out Martina's book here: https://www.amazon.com/Psychology-Fraud-Persuasion-Scam-Techniques/dp/0367859564 Check out her blog articles on State of Security: https://www.tripwire.com/state-of-security/security-data-protection/sextortion-scams-how-they-persuade-and-what-to-watch-for/ https://www.tripwire.com/state-of-security/security-data-protection/top-scam-techniques-what-you-need-to-know/ https://www.tripwire.com/state-of-security/security-data-protection/phishing-attacks-often-target-small-businesses-heres-what-to-watch-for/ https://www.tripwire.com/state-of-security/security-data-protection/how-social-norms-can-be-exploited-by-scammers-on-social-media/

The Hacker Factory
Social Engineer Expert Unmasking Child Predators | A Conversation with Chris Hadnagy | The Hacker Factory With Phillip Wylie

The Hacker Factory

Play Episode Listen Later Nov 12, 2021 40:50


Social Engineering expert Chris Hadnagy entrepreneur, DEFCON Social Engineering Village, and Innocent Lives Foundation founder shares his story.Chris shares story of being recruited by Offensive Security, discovering his talent and interest for social engineering. Chris has authored multiple books on social engineer, founded the DEFCON Social Engineering Village, and the Innocent Lives Foundation. Chris runs his own business as well as hosts a social engineering conference. Listen as Chris shares his intriguing story._______________________GuestChris HadnagyOn Linkedin | https://www.linkedin.com/in/christopherhadnagy/On Twitter | https://twitter.com/humanhacker______________________HostPhillip WylieOn ITSPmagazine  

Security In Five Podcast
Episode 1101 - Tools, Tips and Tricks - Do You Ever Read Your Logs

Security In Five Podcast

Play Episode Listen Later Nov 12, 2021 5:29


This week's tools, tips and tricks episode talks about your logs. Do you read them? Do you know how? This episode talks about why you should. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

Black Hills Information Security
Talkin' About Infosec News – 11/12/2021

Black Hills Information Security

Play Episode Listen Later Nov 12, 2021 43:19


ORIGINALLY AIRED ON November 08, 2021 Articles discussed in this episode: 00:00 – PreShow Banter™ — God's Waiting Room 03:08 – BHIS – Talkin' Bout [infosec] News 2021-11-08 04:50 – Story # 1: JavaScript in Excel – https://techcrunch.com/2021/11/02/microsoft-brings-javascript-to-excel/ 09:12 – Story # 2: Bots That Steal 2FA Codes – https://www.vice.com/en/article/y3vz5k/booming-underground-market-bots-2fa-otp-paypal-amazon-bank-apple-venmo 13:00 – Story # 3: […] The post Talkin' About Infosec News – 11/12/2021 appeared first on Black Hills Information Security.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

In Memory of Alan Paller. Cyber Security Industry Titan and SANS Institute Founder https://www.sans.org/press/announcements/alan-paller-cyber-security-industry-titan-and-sans-institute-founder-passes-away/ https://isc.sans.edu/forums/diary/In+Memory+of+Alan+Paller/28026/

Security In Five Podcast
Episode 1100 - A Real World Example Of Why SMS Based Multi-Factor Is Risky

Security In Five Podcast

Play Episode Listen Later Nov 11, 2021 6:58


This episode talks about a real-world example of why security experts are discouraging using text messaging for security. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

Eye on Security
Leveraging Military Experience in an InfoSec Career

Eye on Security

Play Episode Listen Later Nov 11, 2021 33:26


Jake Knowlton, Andy Schmidt, and Paul Shaver join host Luke McNamara to discuss making the transition from the military to working in cyber security. Jake, Andy, and Paul share their perspectives and how they became involved in this field, some of the challenges veterans might face, and how veterans can position their prior experience for roles in infosec. For more on Mandiant's partnership with VetSec, please see this blog post: https://www.mandiant.com/resources/mandiant-collaborating-with-vetsec-to-train-us-service-members-veterans 

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Shadow IT Makes People More Vulnerable to Phishing https://isc.sans.edu/forums/diary/Shadow+IT+Makes+People+More+Vulnerable+to+Phishing/28022/ PaloAlto Networks GlobalProtect VPN CVE-2021-3064 https://www.randori.com/blog/cve-2021-3064/?i=2 Citrix ADC/Gateway/SD-WAN WANOP Patch https://support.citrix.com/article/CTX330728 HPE Aruba Breach https://www.arubanetworks.com/support-services/security-bulletins/central-incident-faq/

Security In Five Podcast
Episode 1099 - The Cost Of Child Identity Fraud Hits 1 BILLION A Year

Security In Five Podcast

Play Episode Listen Later Nov 10, 2021 8:01


Identity theft can happen to anyone, including our children. This episode talks about the 2021 Child Identity Fraud Report and some of the shocking findings from it. Source - https://www.javelinstrategy.com/coverage-area/child-identity-theft-fraud Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

Security Explained
Security Research v I - IPv666, Ubuntu Phones, and OpenBTS OH MY!

Security Explained

Play Episode Listen Later Nov 10, 2021 59:02


In this final episode of our third season we take the time to chat about a topic near and dear to our hearts - security research! We each picked one of our favorite projects to discuss, ranging from enumerating IPv6 addresses on the Internet to hacking the fledgling Ubuntu mobile phone to Drew's mischievous habits spinning up his own cellular base stations. We've mentioned security research time and again on the show, but this is the first time that we're diving into specific research that has played a significant role in our respective lives and careers.Thank you so much for joining us on our journey thus far and we can't wait to come back in season 4 with even better tips and tricks!

Shared Secrets
Season 2 episode4: Hacking friends, cars, and security programs with Jacob Wilson.

Shared Secrets

Play Episode Listen Later Nov 10, 2021 41:08


This week Kev does a throwback episode to the early 2000s with his friend and former collegue Jacob Wilson.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Microsoft November 2021 Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+November+2021+Patch+Tuesday/28018/ Adobe Patches https://helpx.adobe.com/security.html BusyBox Vulnerabilities https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

Threat Wire
Facebook to Delete Facial Recognition Records for 1 Billion Users - ThreatWire

Threat Wire

Play Episode Listen Later Nov 9, 2021 7:59


Click for links and more info ⬇️⬇️⬇️ Facebook is deleting over 1 billion users facial recognition records, an android bug is being actively exploited so update now, and the US is offering a huge reward to anyone who ousts Darkside ransomware leaders ! All that coming up now on ThreatWire.  #threatwire #hak5 Links: Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers. Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/fgqraGM-RnE Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/  Support ThreatWire!  https://www.patreon.com/threatwire  Follow Shannon on Social Media: https://snubsie.com/links  Links: https://about.fb.com/news/2021/11/update-on-use-of-face-recognition/ https://www.facebook.com/help/122175507864081 https://www.bleepingcomputer.com/news/technology/facebook-to-delete-1-billion-faceprints-in-face-recognition-shutdown/ https://thehackernews.com/2021/11/facebook-to-shut-down-facial.html https://source.android.com/security/bulletin/2021-11-01 https://www.bleepingcomputer.com/news/security/android-november-patch-fixes-actively-exploited-kernel-bug/ https://thehackernews.com/2021/11/google-warns-of-new-android-0-day.html https://threatpost.com/android-patches-exploited-kernel-bug/175931/ https://www.state.gov/reward-offers-for-information-to-bring-darkside-ransomware-variant-co-conspirators-to-justice/ https://www.bleepingcomputer.com/news/security/us-targets-darkside-ransomware-rebrands-with-10-million-reward/ https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-claims-to-be-shutting-down-due-to-police-pressure/ https://threatpost.com/feds-offer-10-million-bounty-on-darkside-info/176030/   Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop →  http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

Security In Five Podcast
Episode 1098 - Microsoft Insider Risk Features Allows For More Employee Spying

Security In Five Podcast

Play Episode Listen Later Nov 9, 2021 7:16


Microsoft's new Insider Risk Management features are a great addition to the security protections for businesses. However, this episode talks about the extent of monitoring you can do at the individual level and what this could do to the company/employee relationship. Source - https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-configure?view=o365-worldwide Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

(Ab)Using Security Tools & Controls for the Bad https://isc.sans.edu/forums/diary/AbUsing+Security+Tools+Controls+for+the+Bad/28014/ Targeted Attack Campaign Against ManageEngine ADSelfService Plus https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge/ Image-Scaling Attacks in Machine Learning https://www.usenix.org/system/files/sec20fall_quiring_prepub.pdf

Security In Five Podcast
Episode 1097 - Department Of Homeland Security Considering Hack Back Act

Security In Five Podcast

Play Episode Listen Later Nov 8, 2021 6:17


The Department of Homeland Security is working on a "Hack-Back" Act. This act would allow, with government oversight, private entities from conducting cyber attacks against groups that cyber attacks them. This episode talks about the act and thoughts on the dnagers of allowing this. Read the proposal - https://www.congress.gov/bill/117th-congress/senate-bill/2292/text Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Decyprting Cobalt Strike Traffic With Keys Extracted From Process Memory https://isc.sans.edu/forums/diary/Decrypting+Cobalt+Strike+Traffic+With+Keys+Extracted+From+Process+Memory/28006/ XMount for Disk Images https://isc.sans.edu/forums/diary/Xmount+for+Disk+Images/28002/ More Proactive SIMs https://medium.com/telecom-expert/more-proactive-sims-f8da2ef8b189 Thunderbird Update https://www.mozilla.org/en-US/security/advisories/mfsa2021-50/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

October 2021 Forensic Contest Answers and Analysis https://isc.sans.edu/forums/diary/October+2021+Forensic+Contest+Answers+and+Analysis/27998/ CVE-2021-43267: Remote Linux Kernel Heap Overflow in TIPC Module https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/ Cisco Patches https://tools.cisco.com/security/center/publicationListing.x The Security Risk of Lacking Compiler Protection in WebAssembly https://arxiv.org/abs/2111.01421

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Gitlab CVE-2021-22205 Exploited (and often not patched) https://www.rapid7.com/blog/post/2021/11/01/gitlab-unauthenticated-remote-code-execution-cve-2021-22205-exploited-in-the-wild/ New Proxy Shell Exploits Seen Against Exchange https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html Blackmatter Shutting Down Again https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-moves-victims-to-lockbit-after-shutdown/ Android 0-Day Patched https://source.android.com/security/bulletin/2021-11-01

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Revisiting BrakTooth: Two Months Later https://isc.sans.edu/forums/diary/Revisiting+BrakTooth+Two+Months+Later/27992/ Escalating XSS to Sainthood with Nagios https://blog.grimm-co.com/2021/11/escalating-xss-to-sainthood-with-nagios.html Pentaho Business Analytics Vulnerablity https://hawsec.com/publications/pentaho/HVPENT210401-Pentaho-BA-Security-Assessment-Report-v1_1.pdf

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Trojan Source: Invisible Vulnerabilities https://www.trojansource.codes/trojan-source.pdf Detecting HTTP Header Smuggling Vulnerabilities https://www.darkreading.com/application-security/free-tool-scans-web-servers-for-vulnerability-to-http-header-smuggling-attacks Kaspersky Lost Amazon Simple Email Service Token https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021_phishing

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Remote Desktop Protocol RDP Discovery https://isc.sans.edu/forums/diary/Remote+Desktop+Protocol+RDP+Discovery/27984/ Sysmon Update https://isc.sans.edu/forums/diary/Sysinternals+Autoruns+and+Sysmon+updates/27986/ Google Chrome Updates https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html AbstractEmu Malware Roots Android https://blog.lookout.com/lookout-discovers-global-rooting-malware-campaign Microsoft Defender For Endpoint Web Content Filtering https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/web-content-filtering-now-generally-available-on-windows/ba-p/2893357

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Critical Hikvision Patch https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification-command-injection-vulnerability-in-some-hikvision-products/ Shrootless Vulnerability in MacOS https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/ More Malicious NPM Libraries https://www.theregister.com/2021/10/27/npm_roblox_ransomware/