POPULARITY
Brought to you by Antisyphon Training — https://www.antisyphontraining.com00:00:00 - PreShow Banter™ — New Arms Again 00:03:24 - BHIS - Talkin' Bout [infosec] News 2024-03-18 00:04:54 - Story # 1: NIST Releases Version 2.0 of Landmark Cybersecurity Framework 00:10:50 - Story # 2: The FCC has finally decreed that 25Mbps and 3Mbps are not ‘broadband' speed 00:14:33 - Story # 3: Welcome to the 2024 Threat Detection Report 00:33:40 - Story # 4: NSA Releases Top Ten Cloud Security Mitigation Strategies 00:47:33 - Story # 5: US government agencies demand fixable ice cream machines 00:53:14 - Story # 6: Homeland Security is testing AI to help with immigration, trafficking investigations, and disaster relief 01:03:19 - Story # 7: Feds seize $1.4 million of tech support scam proceeds with the help of crypto firm
If we want lasting change, emotions may be our strongest opponent. When forced to change, people feel fear, rage, anxiety, and other emotions.Emotions are designed to satisfy basic needs: defend, fight, flight, reproduce. But when they overwhelm us, they shut down logic. They're great when we're suddenly confronted by a lion in the African savanna, we don't have to take time to think. We just feel fear and run. But when building a strong family, or tackling some other tough, long-term challenge, emotions can confuse and distract us. We often don't even notice that we're feeling fear, rage, lust, or love… we just feel and act, no thinking required.By training ourselves to notice and label emotions, we allow them to continue to exist. But can put them on the same playing field as other factors relevant to our goals.We have to start with ourselves. If we label the emotions of family members or teammates, we rob them of agency. But if we label our own emotions, we signal psychological safety, inviting others to do the same.GuestsEric Gibson, Principal Coach for Agile Valley. a business consulting firm in the San Francisco Bay Area. Jay Beale is CEO of InGuardians, Inc. a computer security services company in Seattle. Matt Zimmerman is Director of Online Products for Springer Publishing in New York. LinksMindful Agility Community (Facebook group)Mindful Agility web siteCreditsEpisode image by Nenad Stojkovic, licensed under Attribution 2.0 Generic (CC BY 2.0).Stinger sound Swing beat 120 xylophone side-chained by Casonika licensed under Attribution 4.0 International (CC BY 4.0.
This week, we start the show off with an interview Sean Metcalf, the Founder & CTO of Trimarc, where we talk “Active Directory, Azure AD, & Okta Oh My!” An interview featuring featuring Jay Beale, the CEO of InGuardians, about Kubernetes & Container security! Finally, in the Security News for this week: Ransomeware that was a breeze, getting an eyeful while charging your electric vehicle, scanning for secrets, find my iphone is useful, WTF Apple moments and why I run Linux, Wyze is not very wise, stopping teen hackers, and ranking endpoint detection! Show Notes: https://securityweekly.com/psw735 Segment Resources: -Peirates, a Kubernetes penetration testing tool: https://www.inguardians.com/peirates/ -Free Kubernetes workshops: https://inguardians.com/kubernetes/ -DEF CON Kubernetes CTF https://containersecurityctf.com/ -Jay's Black Hat Kubernetes Attack and Defense Training https://www.blackhat.com/us-22/training/schedule/index.html#abusing-and-protecting-kubernetes-linux-and-containers-26473 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we start the show off with an interview Sean Metcalf, the Founder & CTO of Trimarc, where we talk “Active Directory, Azure AD, & Okta Oh My!” An interview featuring featuring Jay Beale, the CEO of InGuardians, about Kubernetes & Container security! Finally, in the Security News for this week: Ransomeware that was a breeze, getting an eyeful while charging your electric vehicle, scanning for secrets, find my iphone is useful, WTF Apple moments and why I run Linux, Wyze is not very wise, stopping teen hackers, and ranking endpoint detection! All that and more, on this episode of Paul's Security Weekly! Show Notes: https://securityweekly.com/psw735 Segment Resources: -Peirates, a Kubernetes penetration testing tool: https://www.inguardians.com/peirates/ -Free Kubernetes workshops: https://inguardians.com/kubernetes/ -DEF CON Kubernetes CTF https://containersecurityctf.com/ -Jay's Black Hat Kubernetes Attack and Defense Training https://www.blackhat.com/us-22/training/schedule/index.html#abusing-and-protecting-kubernetes-linux-and-containers-26473 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Control System Cyber Security Association International: (CS)²AI
Derek Harp is excited to welcome Justin Searle as his guest for another episode in the series on security leaders! Justin is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing. He has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences. He is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, Nullcon, and AusCERT. Justin is well-balanced and versatile and a super fascinating person! He was born in Utah and has lived there for most of his life. He has a Bachelor's Degree in Technology Education with minors in computer science and electrical engineering, and a Master's Degree in International Business and Information Systems. He is an entrepreneur, researcher, security practitioner, open-source advocate, instructor, teacher, and author. He is an outdoor enthusiast and has some cool hobbies, like scuba diving and rock climbing. He is also a falconer, a helicopter pilot, and a globetrotter. In this episode of the (CS)²AI Podcast, he shares his modern-day superhero backstory, and he talks to Derek about how his career journey led to him becoming immersed neck-deep in cyber security for control systems. He also talks about the value of certifications and becoming an instructor. You will gain a lot from this show if you would like to make a career in cyber security or become an instructor in the field. Stay tuned for more! Show highlights: Justin started doing basic programming when he was in elementary school and almost earned an Associate's Degree in Electronics Engineering in high school. (4:58) Justin talks about the certifications he obtained to build credibility and advance his career. (9:40) Justin shares his thoughts about certifications. (11:50) Getting a certification will help students stand out trying to find an internship. (Justin recommends the CompTIA Security+ Certification because it is an inexpensive option.) (13:22) Graduates should consider getting a https://www.isc2.org/Certifications/CISSP (CISSP Certification). (13:48) Justin explains why he shifted to focus on networking technologies, IT technologies, and cyber security in 2000-2001. (18:10) Getting into his niche area- penetration testing in industrial control systems. (19:50) How can listeners break into becoming teachers or instructors? ( 22:38) The pros and cons of joining communities and collaborative groups. (27:08) Justin enjoys being an informal mentor to others and providing feedback when people ask questions. (31:04) Justin offers advice for maximizing your benefit when you change jobs or your positions within a company. (33:22) You will be valued in the field if you get into any area of cyber security. (40:10) Links: https://www.cs2ai.org/ ((CS)²AI) https://www.linkedin.com/in/meeas/ (Justin Searle on LinkedIn) https://www.inguardians.com/ (In Guardians) https://www.isc2.org/Certifications/CISSP (CISSP Certification) Mentioned in this episode: Our Sponsors: We'd like to thank our sponsors for their faithful support of this podcast. Without their support we would not be able to bring you this valuable content. We'd appreciate it if you would support these companies because they support us! Network Perception Waterfall Security Tripwire KPMG Cyber Join CS2AI Join the largest organization for cybersecurity professionals. Membership has its benefits! We keep you up to date on the latest cybersecurity news and education. https://cs2ai.captivate.fm/cs2ai (Preroll Membership)
Podcast: Control System Cyber Security Association International: (CS)²AIEpisode: 33: Certifications and Instructional Careers in Cybersecurity with Justin SearlePub date: 2022-04-05Derek Harp is excited to welcome Justin Searle as his guest for another episode in the series on security leaders! Justin is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing. He has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences. He is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, Nullcon, and AusCERT.Justin is well-balanced and versatile and a super fascinating person! He was born in Utah and has lived there for most of his life. He has a Bachelor's Degree in Technology Education with minors in computer science and electrical engineering, and a Master's Degree in International Business and Information Systems. He is an entrepreneur, researcher, security practitioner, open-source advocate, instructor, teacher, and author. He is an outdoor enthusiast and has some cool hobbies, like scuba diving and rock climbing. He is also a falconer, a helicopter pilot, and a globetrotter. In this episode of the (CS)²AI Podcast, he shares his modern-day superhero backstory, and he talks to Derek about how his career journey led to him becoming immersed neck-deep in cyber security for control systems. He also talks about the value of certifications and becoming an instructor. You will gain a lot from this show if you would like to make a career in cyber security or become an instructor in the field. Stay tuned for more!Show highlights:Justin started doing basic programming when he was in elementary school and almost earned an Associate's Degree in Electronics Engineering in high school. (4:58)Justin talks about the certifications he obtained to build credibility and advance his career. (9:40)Justin shares his thoughts about certifications. (11:50)Getting a certification will help students stand out trying to find an internship. (Justin recommends the CompTIA Security+ Certification because it is an inexpensive option.) (13:22)Graduates should consider getting a CISSP Certification. (13:48)Justin explains why he shifted to focus on networking technologies, IT technologies, and cyber security in 2000-2001. (18:10)Getting into his niche area- penetration testing in industrial control systems. (19:50)How can listeners break into becoming teachers or instructors? ( 22:38)The pros and cons of joining communities and collaborative groups. (27:08)Justin enjoys being an informal mentor to others and providing feedback when people ask questions. (31:04)Justin offers advice for maximizing your benefit when you change jobs or your positions within a company. (33:22)You will be valued in the field if you get into any area of cyber security. (40:10)Links:(CS)²AIJustin Searle on LinkedInIn GuardiansCISSP CertificationThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
This week, we kick off the show with an interview featuring Lodrina Cherne, and Martijn Grooten join to discuss the Realworld capabilities of Stalkerware! Then, Sachin Mahajan from Inguardians joins to delve MAVSH!! In the Security News: NPM hijacked again, hardcoding your keys, PAN-ODay, more Nmap in your python or python in your nmap, put your Docker API to rest, Busybox will own your box, Microsoft says its a feature not a vulnerability, SBDCs, TIPC Linux kernel vulnerability, patches that don't fix everything, truckloads of GPUs and “are you high”? Show Notes: https://securityweekly.com/psw718 Segment Resources: http://mav.sh/ https://github.com/0xkayn/Valkyrie https://www.youtube.com/watch?v=CJZ2gCLopyU Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with an interview featuring Lodrina Cherne, and Martijn Grooten join to discuss the Realworld capabilities of Stalkerware! Then, Sachin Mahajan from Inguardians joins to delve MAVSH!! In the Security News: NPM hijacked again, hardcoding your keys, PAN-ODay, more Nmap in your python or python in your nmap, put your Docker API to rest, Busybox will own your box, Microsoft says its a feature not a vulnerability, SBDCs, TIPC Linux kernel vulnerability, patches that don't fix everything, truckloads of GPUs and “are you high”? Show Notes: https://securityweekly.com/psw718 Segment Resources: http://mav.sh/ https://github.com/0xkayn/Valkyrie https://www.youtube.com/watch?v=CJZ2gCLopyU Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Podcast: Aperture: A Claroty PodcastEpisode: Justin Searle on Pen-Testing ICSPub date: 2021-01-21Justin Searle, director of ICS security at InGuardians and a SANS Institute ICS security senior instructor, joins the Aperture podcast to discuss penetration testing ICS environments. Justin is a leader in the ICS security community, a 21-year veteran immersed in conducting and teach security assessments worldwide. In this episode, Justin discusses the challenges in pen-testing production industrial environments, the state of pen-testing tooling for ICS, how digital transformation and IT/OT convergence are changing the way cybersecurity is managed inside enterprises, and also industrial cybersecurity threats facing companies. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Доверяй, но проверяй - Doveryai, No Proveryai (Trust, but verify) For this episode, we welcome Zlata Pavlova aka @3latka_ on Twitter. By day, Zlata works with InGuardians but she is also working with OSINT and social engineering. Zlata speaks multiple languages which is a big asset with the type of OSINT she does. Today, she walks us through the steps that a hacker took to take control of a celebrity's Instagram account.
Justin Searle, director of ICS security at InGuardians and a SANS Institute ICS security senior instructor, joins the Aperture podcast to discuss penetration testing ICS environments. Justin is a leader in the ICS security community, a 21-year veteran immersed in conducting and teach security assessments worldwide. In this episode, Justin discusses the challenges in pen-testing production industrial environments, the state of pen-testing tooling for ICS, how digital transformation and IT/OT convergence are changing the way cybersecurity is managed inside enterprises, and also industrial cybersecurity threats facing companies.
Container security has always been a concern — especially now in the wake of recent highly publicized vulnerabilities and breaches. But while containers benefit from running in isolated environments and have other advantages compared to traditional application structures, the peculiarities of Kubernetes as an orchestration platform represents additional security concerns. As Kubernetes continues on its rapid path of adoption, the need for a reliable framework for vulnerability detection and management becomes that much more important. The vacuum for a definitive audit of the state of Kubernetes security set the stage for publication of the Kubernetes Security Audit Working Group. On hand to discuss the audit during KubeCon + CloudNativeCon were Jay Beale, CTO of InGuardians, and Aaron Small, a product manager for Google, who are also both co-leads of the Kubernetes third-party assessment project. They discussed this and how Kubernetes, compared to Docker containers, represents a new, and ultimately, risky world of dependencies during a live recording in San Diego for this edition of The New Stack Makers podcast.
Would you be able to detect a sophisticated adversary targeting your Kubernetes clusters and workloads tonight? How do busy teams with stacked backlogs find time to learn how to attack Kubernetes clusters, detect those attacks, and build defenses to reduce the attack surface? We will demonstrate an effective purple team methodology that "uses every part of the buffalo" by 1) executing attacks on Kubernetes using the open source tool Peirates, 2) tracking the attack artifacts from the adversary simulation in Splunk, 3) teaching the defenders how the attack was performed and where to look for forensic artifacts, and 4) working together in the purple-est way possible to improve detection and response capabilities using Splunk Enterprise Security, Splunk Phantom, and Peirates. Speaker(s) Brian Genz, Senior Manager, Threat & Vulnerability Mgmt., Splunk Jay Beale, CTO, InGuardians Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2286.pdf?podcast=1577146237 Product: Splunk Enterprise Security, Phantom Track: Security, Compliance and Fraud Level: Advanced
Splunk [Security, Compliance and Fraud Track] 2019 .conf Videos w/ Slides
Would you be able to detect a sophisticated adversary targeting your Kubernetes clusters and workloads tonight? How do busy teams with stacked backlogs find time to learn how to attack Kubernetes clusters, detect those attacks, and build defenses to reduce the attack surface? We will demonstrate an effective purple team methodology that "uses every part of the buffalo" by 1) executing attacks on Kubernetes using the open source tool Peirates, 2) tracking the attack artifacts from the adversary simulation in Splunk, 3) teaching the defenders how the attack was performed and where to look for forensic artifacts, and 4) working together in the purple-est way possible to improve detection and response capabilities using Splunk Enterprise Security, Splunk Phantom, and Peirates. Speaker(s) Brian Genz, Senior Manager, Threat & Vulnerability Mgmt., Splunk Jay Beale, CTO, InGuardians Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2286.pdf?podcast=1577146214 Product: Splunk Enterprise Security, Phantom Track: Security, Compliance and Fraud Level: Advanced
Would you be able to detect a sophisticated adversary targeting your Kubernetes clusters and workloads tonight? How do busy teams with stacked backlogs find time to learn how to attack Kubernetes clusters, detect those attacks, and build defenses to reduce the attack surface? We will demonstrate an effective purple team methodology that "uses every part of the buffalo" by 1) executing attacks on Kubernetes using the open source tool Peirates, 2) tracking the attack artifacts from the adversary simulation in Splunk, 3) teaching the defenders how the attack was performed and where to look for forensic artifacts, and 4) working together in the purple-est way possible to improve detection and response capabilities using Splunk Enterprise Security, Splunk Phantom, and Peirates. Speaker(s) Brian Genz, Senior Manager, Threat & Vulnerability Mgmt., Splunk Jay Beale, CTO, InGuardians Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2286.pdf?podcast=1577146223 Product: Splunk Enterprise Security, Phantom Track: Security, Compliance and Fraud Level: Advanced
Would you be able to detect a sophisticated adversary targeting your Kubernetes clusters and workloads tonight? How do busy teams with stacked backlogs find time to learn how to attack Kubernetes clusters, detect those attacks, and build defenses to reduce the attack surface? We will demonstrate an effective purple team methodology that "uses every part of the buffalo" by 1) executing attacks on Kubernetes using the open source tool Peirates, 2) tracking the attack artifacts from the adversary simulation in Splunk, 3) teaching the defenders how the attack was performed and where to look for forensic artifacts, and 4) working together in the purple-est way possible to improve detection and response capabilities using Splunk Enterprise Security, Splunk Phantom, and Peirates. Speaker(s) Brian Genz, Senior Manager, Threat & Vulnerability Mgmt., Splunk Jay Beale, CTO, InGuardians Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2286.pdf?podcast=1577146233 Product: Splunk Enterprise Security, Phantom Track: Security, Compliance and Fraud Level: Advanced
From jails to virtual machines, process isolation is the "holy grail" of security. Lately, containers have been the go-to for modern organizations in order to scale and implement things like microservices. Jay Beale of InGuardians fame joins me to talk all about container security! Some links of interest: Securing Applications with Linux Containers (Webinar by Jay Beale) Docker security - Using containers safely in production (Article by Adrian Mouat) Clair (Container Scanner) - https://github.com/coreos/clair InGuardians Website - https://www.inguardians.com/ InGuardians Blog - https://www.inguardians.com/labs/ InGuardians Twitter - https://twitter.com/inguardians Jay's Twitter - https://twitter.com/jaybeale Jess Frazelle's Twitter - https://twitter.com/jessfraz Want to reach out to the show? There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time.Find out more at http://purplesquadsec.com
Direct Link: http://traffic.libsyn.com/brakeingsecurity/2018-009-internships-mentorships-retooling-finding-that-unicorn-pentester.mp3 Topics discussed: How Jay Beale (@jaybeale @inguardians) and Brad A. (@sno0ose) do mentorship and apprenticeship in their respective orgs. Best methods to retool yourself if you are trying to move to a new industry Why 'hitting the ground running' isn't the sign of an immature organization... Matt Miller’s #Assembly and #Reverse #Engineering class $150USD for each class, 250USD for both classes Syllabus : https://docs.google.com/document/d/1alsTUhGwAAnR6BA27gGo3OdjEHFnq2wtQsynPfeWzd0/edit?usp=sharing Please state which class you'd like to take when ordering in the "Notes" field in Paypal https://paypal.me/BDSPodcast/150usd To sign up for both classes: https://paypal.me/BDSPodcast/250usd Tickets are already on sale for "Hack in the Box" in Amsterdam from 9-13 April 2018, and using the checkout code 'brakeingsecurity' discount code gets you a 10% discount". Register at https://conference.hitb.org/hitbsecconf2018ams/register/ Sign up for Jay Beale's class at Black Hat 2018: https://www.blackhat.com/us-18/training/aikido-on-the-command-line-linux-lockdown-and-proactive-security.html #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite Join our #Slack Channel! Email us at bds.podcast@gmail.com or DM us on Twitter @brakesec #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec SHOW NOTES: Guests: Mr. Jay Beale Guest: Mr. Brad Ammerman @????????? Announcements: RE/ASM class (Matt Miller) SeaSec East Meetup at Black Lodge Jay’s class at Black Hat https://www.blackhat.com/us-18/training/aikido-on-the-command-line-linux-lockdown-and-proactive-security.html Slack channel “M3atshield” What jobs are good segues into either blue or red teams/pentesting? SOC Analyst (network security, pcap, IR) SysAdmin (obviously) Cod devs (audits, binary analysis, they know the code internals) System architects (they know the nuts and bolts) Security architects (segue to red team, they know how to defend, threat analysis) Project management /management (client/customer facing, can understand the business side) Journeyman pipelines vs. intern pipelines Different than interns = Already highly skilled in ‘something’ Code devs Physical security audit/compliance project/program management System admin Management “generalist” Retooling can be difficult May be a paycut Fear of failure How do we alleviate that? (mentorship model?) Companies looking for skilled people can’t look for what they want Think in the bigger picture Is not being able to see the value in a non-infosec person coming to the team a sign of immaturity in a company? The phrase “must be able to hit the ground running” Turn off for those wanting to make that change Feel they must already know the job People should be considered as like a block of clay, not an immutable stone. People can change if they want to… 2 party comfort zone. Both the person changing role/title, and the company understanding where the person sits in the position. mentorship/menteeship in an org
Bob Hillery, Co-Founder and Director of InGuardians joins us for an interview, and Kevin Finisterre, Principal of the Security Consultancy of Department 13 joins us to deliver the tech segment! In the news, Uber pays hacker to keep quiet, flaw in Intel processors allowing undetectable malware, Apple patches other High Sierra security holes, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode541 Visit https://www.securityweekly.com/psw for all the latest episodes!
Bob Hillery, Co-Founder and Director of InGuardians joins us for an interview, and Kevin Finisterre, Principal of the Security Consultancy of Department 13 joins us to deliver the tech segment! In the news, Uber pays hacker to keep quiet, flaw in Intel processors allowing undetectable malware, Apple patches other High Sierra security holes, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode541 Visit https://www.securityweekly.com/psw for all the latest episodes!
Bob Hillery join us on Security Weekly and is an experienced consultant in Information Systems Security Management. He is a founder and Chief Research Officer with InGuardians, Inc. and has an extensive background in computer networks gained through the Navy and R&D labs. Full Show Notes: https://wiki.securityweekly.com/Episode541 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Bob Hillery join us on Security Weekly and is an experienced consultant in Information Systems Security Management. He is a founder and Chief Research Officer with InGuardians, Inc. and has an extensive background in computer networks gained through the Navy and R&D labs. Full Show Notes: https://wiki.securityweekly.com/Episode541 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Ms. Berlin and Mr. Boettcher are on holiday this week, and I (Bryan) went to Hushcon (www.hushcon.com) last week (8-9 Dec 2017). Lots of excellent discussion and talks. While there, our friend Jay Beale (@jaybeale) came on to discuss Hushcon, as well as some recent news. Google released an 0day for Apple iOS, and we talk about how jailbreaking repos seem to be shuttering, because there have not been as many as vulns found to allow for jailbreaking iDevices. We also went back and discussed some highlights of the DFIR hierarchy show last week (https://brakesec.com/2017-041) and some of the real world examples of someone who has seen it on a regular basis. Jay's insights are something you shouldn't miss Finally, Ms. Berlin went to New Zealand and gave a couple of talks at Bsides Wellington (@bsideswlg). She interviewed Chris Blunt (https://twitter.com/chrisblunt) and "Olly the Ninja" (https://twitter.com/Ollytheninja) about what makes a good con. Direct Link: https://brakesec.com/2017-042 *NEW* we are now on Spotify!: https://brakesec.com/spotifyBDS RSS: https://brakesec.com/BrakesecRSS Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite Join our #Slack Channel! Sign up at https://brakesec.com/Dec2017BrakeSlack or DM us on Twitter, or email us. #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec From our friends at Hack In the Box Amsterdam: "We are gearing up for the Hack In The Box Amsterdam 2018, which is now on its 9th edition, and will take place between the 9th and 13th April at the same venue as last year, the Grand Krasnapolsky hotel in the center of Amsterdam: https://conference.hitb.org/hitbsecconf2018ams/ The list of trainings is already published and looking as awesome as ever: https://conference.hitb.org/hitbsecconf2018ams/training . The CFP is open and the review board is already hard at work with the first submissions." "If you have an interesting security talk and fancy visiting Amsterdam in the spring, then submit your talk to the Hack In The Box Amsterdam conference, which will take place between 9 and 13 April 2018. The Call For Papers is open until the end of December, submission details can be found at https://cfp.hackinthebox.org/. Tickets are already on sale, with early bird prices until December 31st. And the 'brakeingsecurity' discount code gets you a 10% discount". --Show Notes-- https://github.com/int0x80/githump http://ptrarchive.com/ https://hunter.io/ https://www.data.com/ https://techcrunch.com/2017/11/27/ios-jailbreak-repositories-close-as-user-interest-wanes/ https://securelist.com/unraveling-the-lamberts-toolkit/77990/
A listener asked for a recommendation for a PodCast or Blog post about Docker security. We looked, couldn’t find one, so we decided to create one. Robert interviews Jay Beale from Inguardians and asks what is docker, what threats does it introduce, and what are the specific tie-ins with AppSec. Enjoy! The post Docker Security and AppSec (S02E11) – Application Security PodCast appeared first on Security Journey Podcasts.
Larry and his intern, Galen Alderson, present a demo of their Vaportrail project! Galen shows us how to exfiltrate data from networks using broadcast FM radio and other inexpensive materials. Full Show Notes: https://wiki.securityweekly.com/Episode524 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Larry and his intern, Galen Alderson, present a demo of their Vaportrail project! Galen shows us how to exfiltrate data from networks using broadcast FM radio and other inexpensive materials. Full Show Notes: https://wiki.securityweekly.com/Episode524 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-023-Jay_Beale-selinux-apparmor-securing_lxc.mp3 Jay Beale works for a pentest firm called "Inguardians", and has always been a fierce friend of the show. He's running a class at both BlackHat and Defcon all about hardening various parts of the Linux OS. This week, we discuss some of the concepts he teaches in the class. Why do we disable Selinux? Is it as difficult to enable as everyone believes? What benefit do we get from using it? We also discuss other hardening applications, like ModSecurity for Apache, Suhosin for PHP, and Linux Containers (LXC). What is gained by using these, and how can we use these to our advantage? Really great discussion with Jay, and please sign up for his class for a two day in-depth discussion of all the technologies discussed on the show. -------- Jay Beale’s Class “aikido on the command line: hardening and containment” JULY 22-23 & JULY 24-25 AT BlackHat and Defcon https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html ------- Brakesec also announces our "PowerShell for Blue Teamers and Incident Responders" with Mick Douglas (@bettersafetynet). A 6 week course starting with the basics of powershell, and goes into discussion of frameworks using Powershell too assist in assessing your network. It starts on 10 July and run each Monday evening until 14 August 2017. You'll receive a certificate suitable for CPE credit, as well as the videos of the class available to you on our YouTube channel. To sign up, go to our Patreon Page (http://www.patreon.com/bds_podcast) and sign up at the $20 USD level labeled "Blue Team Powershell - Attendee". If you are looking to just get the videos and follow along in class, pick the $10 USD "Blue Team Powershell - Attendee- Videos Only" Classes will be held on Monday Evenings only for 5 weeks, ending on 1 August. #RSS: www.brakeingsecurity.com/rss Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast Join our #Slack Channel! Sign up at https://brakesec.signup.team #iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/ #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/ --- Show Notes: AppArmor SELinux Privilege Escalation - InGuardians Murderboard Port Knocking (Single Pack Authorization) OSSEC ModSecurity Linux Containers Jess frizelle -bane Dan walsh - selinux Selinux troubleshoot daemon https://en.wikipedia.org/wiki/System_call “In computing, a system call is the programmatic way in which a computer program requests a service from the kernel of the operating system it is executed on. This may include hardware-related services (for example, accessing a hard disk drive), creation and execution of new processes, and communication with integral kernel services such as process scheduling. System calls provide an essential interface between a process and the operating system.” OpenBSD pledge(2): https://man.openbsd.org/pledge.2 https://www.raspberrypi.org/products/raspberry-pi-2-model-b/ Suhosin https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html @inguardians @jaybeale www.inguardians.com ---- What are you doing at Black Hat and Def Con? Training class at Black Hat - 2 days Def Con Workshop - ModSecurity and AppArmor - 4 hours Packet Hacking Village Workshop - Container security Vapor Trail at Def Con Labs (Larry and Galen) Dancing my butt off?
This week, I'm joined by Mike Poor of InGuardians. We spoke about growing up in Brazil, how a few individuals in his early life led him towards an interest in computers, how he got involved teaching with SANS, the formation of InGuardians, fostering a family environment at work, and some stories from his long career teaching people about packets.
Jarrod Frates (@jarrodfrates on Twitter) has been doing pentests as a red-team member for a long time. His recent position at #InGuardians sees him engaging many companies who have realized that a typical 'pentest #puppymill' or pentest from certain companies just isn't good enough. Jarrod has also gone on more than a few engagements where he has found the client in question has no clue of what a 'real' pentest is, and worse, they often have the wrong idea of how it should go. This week, I sat down with Jarrod, and we talked about what needs to occur before the pentest, even before you contact the pentesting firm... even, in fact, before you should even consider a pentest. We discuss what a pentest is, and how it's different from a 'vulnerability assessment', or code audit. Jarrod and I discuss the overarching requirements of the pentest (are you doing it 'just because', or do you need to check a box for compliance). We ask questions like Who should be involved setting scope? Should #Social #Engineering always be a part of a pentest? Who should be notified if/when a #pentest is to occur? Should your SOC be told when one occurs? What happens if the pentest causes incident response to be called (like if someone finds a malware/botnet infection)? And how long do you want the engagement to be? And depending on the politics involved, these things can affect the quality of the pentest, and the cost as well... It was a great discussion with Jarrod, a seasoned professional, and veteran of many engagements. If your organization is about to engage a company for a pentest, you'd be wise to take a moment and listen to this. Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-029-Jarrod_Frates-What_to_do_before_a_pentest_starts.mp3 #iTunes: https://itunes.apple.com/us/podcast/2016-029-jarrod-frates-steps/id799131292?i=1000373091447&mt=2 #YouTube: http://www.youtube.com/attribution_link?a=p2oq6jT3Iy0&u=/watch%3Fv%3DsTc_seN-hbs%26feature%3Dem-upload_owner #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Facebook: https://www.facebook.com/BrakeingDownSec/ #Tumblr: http://brakeingdownsecurity.tumblr.com/ #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582
Adam Crompton (@3nc0d3r) and Tyler Robinson (@tyler_robinson) from Inguardians came by to fill in for my co-host this week. We talk about things a company should do to protect themselves against data exfil. Adam then shows us a tool he's created to help automate data exfil out of an environment. It's called 'Naisho', and if you're taking the 'Powershell for Pentesters' class at DerbyCon, you'll be seeing this again, as Adam will be co-teaching this class with Mick Douglas (@bettersafetynet). Tyler tells us about using Cobalt Strike for creating persistent connections that are more easily hidden when you are on an engagement. Adam's demo can be found on our YouTube channel: https://youtu.be/rj--BfCvacY Tyler's demo of Throwback and using Cobalt Strike can be found on our YouTube Channel: Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-026-exfiltration_techniques-redteaming_vs_pentesting-and-gaining_persistence.mp3 SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Facebook: https://www.facebook.com/BrakeingDownSec/ #Tumblr: http://brakeingdownsecurity.tumblr.com/ #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
This week Paul makes a big announcement! We are lucky to have several of the fine folks at Inguardians come on the show and share their wisdom and knowledge on the topic of perimeter protection.
This week Paul makes a big announcement! We are lucky to have several of the fine folks at Inguardians come on the show and share their wisdom and knowledge on the topic of perimeter protection.
This week Paul makes a big announcement! We are lucky to have several of the fine folks at Inguardians come on the show and share their wisdom and knowledge on the topic of perimeter protection.
This week, Paul makes a big announcement! We are lucky to have several of the fine folks at InGuardians come on the show and share their wisdom and knowledge on the topic of perimeter protection. Stories of the week include DROWN, cool tools for analyzing firmware and Z-Wave, and much more!
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Panel-Comedy-Inception-Amanda-Berlin-Blue-Team-Hell.pdf DEF CON Comedy Inception: How many levels deep can we go? Larry Pesce Senior Security Analyst, InGuardians Chris Sistrunk Mandiant/FireEye Will "illwill" Genovese Chris Blow Rook Security Dan Tentler Carbon Dynamics Amanda Berlin Hurricane Labs This year at DEF CON a former FAIL PANEL panelist attempts to keep the spirit alive by playing moderator. Less poetry, more roasting. A new cast of characters, more lulz, and no rules. Nothing is sacred, not the industry, not the audience, not even each other. Our cast of characters will bring you all sorts of technical fail, ROFLCOPTER to back it up. No waffles, but we have other tricks up our sleeve to punish, er, um, show love to our audience, all while raising money of the EFF and HFC. The FAIL PANEL may be dead, but the “giving” goes on. Larry Pesce is a Senior Security Analyst with InGuardians. His recent experience includes providing penetration assessment, architecture review, hardware security assessment, wireless/radio analysis, and policy and procedure development for a wide range of industries including those in the financial, retail, and healthcare verticals. Larry is an accomplished speaker, having presented numerous times at industry conferences as well as the co-host of the long running multi-award winning Security Podcast, Paul's Security Weekly. and is a certified instructor with the SANS Institute. Larry is a graduate of Roger Williams University. In his spare time he likes to tinker with all things electronic and wireless. Larry is an amateur radio operator holding his Extra class license and is regularly involved in emergency communications activities. In 1972 a crack commando unit was sent to prison by a military court for a crime they didn't commit. These men promptly escaped from a maximum security stockade.... making the decision to leave Amanda behind. Ms. Berlin is now rumored to have illegitimate children by Saudi Oil barons hidden all over the world in at least 27 countries but this can neither be confirmed nor denied. Amanda Berlin is a Network Security Engineer at Hurricane Labs. She is most well known for being a breaker of hearts, knees, and SJW's. Bringing "Jack of All Trades" back to being sexy, she has worked her fingers to the bone securing ISPs, Healthcare facilities, Artificial Insemination factories, and brothels. Amanda managed the internal phishing campaign at a medium size healthcare facility to promote user education about phishing and hacking through an awards based reporting program. She is a lead organizer for CircleCityCon, volunteers at many other conferences, and enjoys writing and teaching others. Twitter: @InfoSystir Chris Blow is a Senior Technical Advisor with Rook Security. His most recent experience includes: penetration testing, social engineering, red team exercises, policy and procedure guidance focused on HIPAA and PCI DSS, developing security awareness programs, performing HIPAA assessments and serving as a Qualified Security Assessor for the Payment Card Industry. @b10w In reality, his primary duties are to be told by various clients that “security is hard” and to just “accept the risk.” He’s also well-versed in being told to keep vulnerable assets and people “out of scope.” Chris is a graduate of Purdue University in West Lafayette, IN. Besides trying to keep up with all-things-InfoSec, Chris enjoys playing guitar, singing, and DJing. Twitter: @b10w illwill is a rogue blackhat as fuck subcontractor for top secret global governments. He spends his off time enjoying bubble baths, recovering from a debilitating injury as infosystir's former bean fluffer and hand carves realistic thrones made from discarded dildos found dumpster diving behind a porn store in Los Angeles. Dan Tentler likes to break things. He's also an expert on failure. Ask him about it. But ask with scotch. Twitter: @viss @chrissistrunk
In an incident response, the need for clear communication is key to effective management of an incident. This week, we had Mick Douglas, DFIR instructor at SANS, and Jarrod Frates, who is a pentester at InGuardians, and has great experience handling incidents. Find out some roles in an incident response (the Shadow, the event coordinator, the lead tech), and how companies should have an IR plan that handles various 'incident severities'. Jarrod updates us on "TheLab.ms" and how you might like to help them! Finally, We are holding a contest to win a ticket to DerbyCon, full instructions are below. We are giving away two tickets. DerbyCon 1st Ticket contest expires 31 July 2015. 1. To enter for a ticket to DerbyCon a. A donation must be made to Hackers for Charity (http://www.hackersforcharity.org/) b. Once the donation is made, email your receipt of your donation to bds.podcast@gmail.com c. If you win: We will contact you by the email you mailed the receipt from with our contact information. You will need to contact us when you get to DerbyCon, as we will not send you the ticket directly. You will also be responsible for airfare and accommodations at DerbyCon.
Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Mortman/DEFCON-22-Fail-Panel-Defcon-Comedy-Jam-VII.pdf DEF CON Comedy Jam Part VII, Is This The One With The Whales? David Mortman @MORTMAN Rich Mogull @RMOGULL Chris Hoff @BEAKER Dave Maynor @ERRATADAVE Larry Pesce @HAXORTHEMATRIX James Arlen @MYRCURIAL Rob Graham @ERRATAROB Alex Rothman Shostack @ARS_INFOSECTICA Weeeeeeeeee're baaaaaack. Bring out your FAIL. It's the most talked about panel at DEF CON! A standing room only event with a wait list at the door. Nothing is sacred, not the industry, not the audience, not even each other. Last year we raised over $2000 for the EFF and over $5000 over the last 5 years, let's see how much we can raise this year.... David Mortman is the Chief Security Architect and Distinguished Engineer at Dell Enstratius and is a Contributing Analyst at Securosis. Before enStratus, he ran operations and security for C3. Formerly the Chief Information Security Officer for Siebel Systems, Inc., Previously, Mr. Mortman was Manager of IT Security at Network Associates. Mr. Mortman has also been a regular panelist and speaker at RSA, Blackhat, DEF CON and BruCon as well. Mr.Mortman sits on a variety of advisoryboards including Qualys, Lookout and Virtuosi. He holds a BS in Chemistry from the University of Chicago. David writes for Securosis, Emergent Chaos and the New School blogs. James Arlen, CISA, is a senior consultant at Leviathan Security Group providing security consulting services to the utility, healthcare and financial verticals. He has been involved with implementing a practical level of information security in Fortune 500, TSE 100, and major public-sector corporations for over 20 years. James is also a contributing analyst with Securosis, faculty at IANS and a contributor to the Liquidmatrix Security Digest. Best described as: "Infosec geek, hacker, social activist, author, speaker, and parent." His areas of interest include organizational change, social engineering, blinky lights and shiny things. Larry is a Senior Security Analyst with InGuardians performing penetration testing, wireless assessments, and hardware hacking. He also diverts a significant portion of his attention co-hosting the Paul's Security Weekly podcast and likes to tinker with all things electronic and wireless, much to the disappointment of his family, friends, warranties, and his second Leatherman Multi-tool. Larry is an Extra Class Amateur Radio operator (KB1TNF) and enjoys developing hardware and real-world challenges for the Mid-Atlantic Collegiate Cyber Defense Challenge.
While I'm stuck at work, Mr. Boettcher went to the Austin Hackformers and snagged an interview with Mr. Ed Skoudis, of InGuardians and of the SANS Institute, a top flight training academy. He is to be one of the keynote speakers at DerbyCon this year. He gives us a peek about his keynote, and Mr. Boettcher asks his thoughts on the industry as a whole, SCADA security, Mr. Skoudis' opinion on Infosec as a whole. Hackformers Austin: http://www.hackformers.org/ Ed Skoudis bio: http://www.sans.org/instructors/ed-skoudis Bad Guys are Winning - Part 1: link Bad Guys are Winning - Part 2: link Bad Guys are Winning - Part 3: link Bad Guys are Winning - Part 4: link Bad Guys are Winning - Part 5: link Netwars: Cybercity - http://www.sans.org/netwars/cybercity Google Car: http://www.nbcbayarea.com/news/local/Google-to-Test-Self-Driving-Car-Without-Backup-Driver-275033691.html Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/
This segment was broken in two parts as the technical segment with Heather Mahalik happened in the middle of it. Heather is a senior digital forensics analyst at Basis Technology. As the on-site project manager, she uses her experience to manage the cell phone exploitation team and supports media and cell phone forensics efforts in the U.S. government. Heather is a certified SANS instructor and teaching the upcoming course Advanced Smartphone and Mobile Device Forensics. Ok, on to the stories of the week with Paul, Larry, Allison and Jack. What'd you do this summer? Disney? Six Flags? Big Data Land? After much chatter in the Twittersphere (logged here by Space Rogue) last week, Jack brings up the "Popping Penguins" article from Forbes. The article talks about this super vulnerable program that is going to be the downfall of Linux. It's called bash. Would you believe you can use bash to start a listener on your machine and then send some commands over telnet to have someone else's machine connect back to you? Uh oh. Also, beware of another application, one that runs from the desktop that lets you connect to other computers and pull down files from a machine you don't own. Yeah, that one's called a browser. Sounds equally dangerous, no? Should we uninstall bash as a security measure? Larry threw out there an article on 5 WiFi security myths to abandon. But Larry mentioned that some of these might not actually be very new. Things like don't hide SSID as some newer systems will see them anyway and digging deeper to find the SSID isn't that hard. Plus, if its owner took the steps to hide it, wouldn't that pique your interest that there may be something good running there? Sending out a weak signal may sound like a good idea as if someone can't reach it, they can't connect to it, right? But all that does is annoys its intended users and if someone really wants to get on the network, they'll simply use an antenna. The article ends with the non-myth that if you truly want WiFi security, make sure you use good encryption and a strong password. Simple, eh? Jack was looking forward to going on a good patch rant. He and Paul have done webinars about really stretching things and getting your patch cycle down to five days from the day of release. Jack said during the good old days, he'd challenge himself to getting his systems patched within 72 hours. Patch Tuesday was to be completed by Friday. In this article by Dr. Anton Chuvakin, he does indicate how it would be good for some big corporations to get their patch cycle down from 90 days to 30 days, but then argues if the bad guys only need 3, then what's the point of all that effort? Jack's feeling is that even the 30 days should be enough in many cases, but it's often politics and other "can't do" attitudes that prevent it from happening. Why is that? Get those patches in place people! One quick note on a tangent the team went off on. In their experience as pentesters, Larry and Paul mention that all to often the way they end up pwning a system is through some machine that no one knew was running, with services that no one knew were running, with an account that no one knows why it still exists. Do you have a good inventory of where your data is? What machines are in your data center? What services and accounts are on each? If those are gold to a pentester, who has to respect a customer's defined scope, guess what a malicious user is going to do to your network. Paul's looking for advice on what new phone he should get? Android? iPhone? What say you? Tweet him up with your suggestion at @securityweekly. Remember that Yahoo bug bounty program? $12.50 credit toward the Yahoo store? A little update from the rants and ridicule from last week, it was actually one guy , Ramses Martinez, Director, Yahoo Paranoids, who was very appreciative of people reporting bugs and was paying them out of pocket. He would send researchers a Yahoo tshirt but would then find out the recipient already had multiple Yahoo shirts. Martinez's idea then was to give the reporter a credit in the Yahoo store matching the value of the shirt, our of his own pocket. Since the uproar, Yahoo has installed its own bug bounty program and Martinez is no longer paying for the reports himself. Good on ya, Yahoo and even better, thank you Ramses Martinez for caring about security. Speaking of bug bounties, Google has started a bug bounty program for open source software. Repeat that, it's not just Google software that they're paying bounties for, it's software that there really is no organization behind and normally count on volunteers to fix things. Now Google is putting their money behind that effort. As Allison mentions, there hasn't ever been any motivation for anyone to report bugs and now there is. estrada-sm.jpgPaunch, the alleged author of the Blackhole exploit kit was arrested in Russia last week. Or at least we think so. Some unconfirmed reports have indicated this and Blackhole has not been updated since this time. Or maybe the guy just decided to take an extended vacation and threw the story out there himself. Either way, it might be time for Evil Bob to find a new exploit kit. (Note: Erik Estrada is not "Paunch", he's Ponch, as in Frank Poncharello) Microsoft has a new disk cleanup where it removes all the old and outdated updates. Jack gained more than 6 GB of space after running the cleanup but a word of caution, it take a concerning long time for the next reboot. You might think you killed your computer but no, it really does take that long. Check out "Tails" a security and privacy distribution and let us know what you think. Is it good? What makes it a better choice than some others? Though the number of security updates in recent versions is a little concerning. Yeah, I get it that it's good that security holes are fixed and that it's to software that the distro is including. But it's just a little concerning when you pitch it as being for security and privacy yet there are piles of security updates. It makes me wonder just how secure it is and whether it's any better than a secure version of your favorite distribution anyway. But you can certainly let me know and I'll post some comments from you in upcoming week. Tweet me at @plaverty9 There was also some discussion on iOS7 image identification, Larry has a colleague at Inguardians who wrote up an intro to using rfcat and Jack suggests taking a deeper look for yourself before jumping into the patch for MS13-81 and whether your system needs it. If it does, test thoroughly. It's got some deep stuff on it.