Podcasts about kiwicon

Leigh is the founder and CEO of Tall Poppy, where she helps companies protect their employees from online harassment. She was previously a Technology Fellow at the ACLU's Project on Speech, Privacy, and Technology, and also worked at Slack, Salesforce.com, Microsoft, and Symantec. She has co-founded two hackerspaces - HackLabTO in the Kensington Market area in Toronto, and a feminist space called the Seattle Attic Community Workshop in Pioneer Square, Seattle. She is now a member and Chief Security Officer of Double Union, a feminist hackerspace in San Francisco, and she advises several nonprofits and startups. Leigh has a degrees from the University of Toronto where she majored in Computer Science and Equity Studies. Leigh points out that the latter major is about equity as in equality, not as in finance.  To learn more about Tall Poppy, visit the Tall Poppy website and connect on Twitter and you can follow and learn more about Leigh on Twitter: @HYPATIADOTCA and LinkedIn.  “tall poppy syndrome is a cultural phenomenon in which people hold back, criticize, or sabotage those who have or are believed to have achieved notable success in one or more aspects of life, particularly intellectual or cultural wealth-‘cutting down the tall poppy.' It describes a draw towards mediocrity and conformity. Commonly in Australia and New Zealand, ‘cutting down the tall poppy' is used to describe those who deliberately put down another for their success and achievements.“-via Wikipedia  In the discussion we address:  Leigh's background and the personal and professional progression that led her to found Tall Poppy  What Tall Poppy is doing to help protect individuals through personal digital safety  Hackerspaces, equity, diversity and women in cybersecurity  Leadership  Emerging issues in information security  Leigh's ever-colorful hair, CanRock, KiwiCon, and much more!  A few references mentioned in or relevant to our discussion include:  Tall Poppy website - https://www.tallpoppy.com Leigh mentioned KYC for crypto. For more on that see What Is KYC and Why Does It Matter For Crypto? (25 Mar 22) - https://www.coindesk.com/learn/what-is-kyc-and-why-does-it-matter-for-crypto/ Leigh spoke about device security and the threat of SIM swapping. Read more from this FBI IC3 Public Service Announcement, Criminals Increasing SIM Swap Schemes to Steal Millions of Dollars from US Public (08 Feb 22) - https://www.ic3.gov/Media/Y2022/PSA220208 CISA: Walk This Way to Enable MFA (05 May 22) - https://www.cisa.gov/blog/2022/05/05/walk-way-enable-mfa CISA Director Jen Easterly tweeting about #MFAMay and #MoreThanAPassword (05 May 22)  The Kelihos botnet campaign aimed at Apple iCloud accounts was mentioned. Here's a 2014 blog post from Symantec and a summary from the BBC - https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7273883f-edd4-46c6-a723-ab83ea0b8264&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments Andy mentioned another advocate for people and communities he's a fan of. Learn more about Matt Mitchell in The Gate 15 Interview: Matt Mitchell, a Champion for Security and Privacy (26 Apr 21)  Andy took the opportunity to put in a plug for the upcoming InfraGardNCR Cyber Camp (scheduled for 18-22 July!)  And Leigh and Andy gave some unsolicited promotions for 1Password, and Leigh also offered BitWarden as great options for password managers. Leigh also suggested reviewing the Consumer Reports and New York Times' Wirecutter for reliable reviews

In this episode of AppSec Builders, Jb is joined by Security Architect, Sarah Young, to discuss Cloud Security, its evolution, and its increased presence within Cloud Vendor solutions and platforms. About Sarah: Linkedin:https://www.linkedin.com/in/m1splacedsoul/ ( )https://www.linkedin.com/in/sarahyo16/ (https://www.linkedin.com/in/sarahyo16/) Twitter: https://twitter.com/_sarahyo (https://twitter.com/_sarahyo) Sarah Young is a security architect based in Melbourne, Australia who has previously worked in New Zealand and Europe and has a wealth of experience in technology working across a range of industry sectors. With a background in network and infrastructure engineering, Sarah brings deep technical knowledge to her work. She also has a penchant for cloud native technologies. Sarah is an experienced public speaker and has presented on a range of IT security and technology topics at industry events both nationally and internationally (BSides Las Vegas, The Diana Initiative, Kiwicon, PyCon AU, Container Camp AU/London, BSides Ottawa, BSides Perth, DevSecCon Boston, CHCon, KubeCon, BSides San Francisco). She is an active supporter of both local and international security and cloud native communities.   Resources: https://www.cncf.io/ (Cloud Native Computing Foundation) Transcript [00:00:02] Welcome to AppSec Builders, the podcast for Practitioners Building Modern AppSec hosted by Jb Aviat. Jb Aviat: [00:00:14] Welcome to this episode of AppSec Builders, I'm Jb Aviat and today I'm thankful to welcome Sarah Young, who is a senior program manager in Azure security. Sarah, you're very prolific in this security space which conferences, the Azure security podcast your also CNCF - Cloud Native Computing Foundation Ambassador. Sarah, I'd love to hear more about this. Sarah Young: [00:00:38] Thanks! And thank you for having me. Yeah! So many things I could say. So, yeah, I worked for Microsoft. So of course, every day I work with Azure and do Azure security as one would expect. But I've been working in security for oh. Like specifically focusing on security for the last eight or nine years now. Before I joined Microsoft, I worked with other clouds and so I got a fair bit of experience there. But with regards to CNCF I am, as you said, an ambassador and although I'm certainly not a developer, I certainly find the security aspect of cloud native stuff really, really interesting. And that's what I enjoy talking to people about. Jb Aviat: [00:01:20] Alright. And so one thing you seem to be prolific about is Kubernetes and Kubernetes is definitely something that has gone through an amazing popularity over the past years and also got a lot of security exposure because it's notoriously a complex and difficult to use in the secure way. Do you have any specific thought about that? Sarah Young: [00:01:42] Yeah, the of specifics we could go into here and I guess watching Kubernetes over the past two or three years has been really interesting because obviously there are new releases and every time there's a new release, there are updates and improvements made to it. Obviously, I focused more on that for me. I'm more interested in the security side of it. But it's really interesting if you go from the early days of Kubernetes through to now, how much it's improved. I mean, what are we on now? I think we're on twenty, twenty one or something like that. I forget the exact version. We're up to for releases at the moment. But if you go back to the early days or two, three years ago, there was some major, major security holes and Kubernetes. So there were things I mean, it didn't support RBAC or role based access control. So if you don't have roads, access control, you literally can't give people permissions, like everyone just has everything, which is a security person's nightmare. So it's been really good to actually see how it's developed over the years and how the community have addressed those things. Sarah...

In this episode, I interview Laura Bell, the Founder, and CEO of SafeStack Academy, a boutique cybersecurity company with a team that now stretches across New Zealand and Australia. With over a decade of experience in software development and information security, Laura specializes in bringing security survival skills, practices, and culture into fast-paced businesses and organizations of every shape and size.  An experienced conference speaker, trainer, and regular panel member, Laura has spoken at a range of events such as BlackHat USA, Velocity, OSCON, Kiwicon, Linux Conf AU, and Microsoft TechEd on the subjects of privacy, covert communications, agile security, and security mindset. Laura started SafeStack from a shared workspace back in 2015, aged 30 and with just $300 in startup capital. The business is currently focused on its online educational platform, which they launched in July 2020. Five months in, they had about 4,000 learners and were generating $280,000 in annual revenue with expectations to reach $1 Million within a year.  She was the sole full-time employee when she started the business and now has 8 full-time employees after peaking to seventeen a while back. Laura says the hardest thing in growing a small business for her has been trusting their journey to be different from other companies without focusing on what the other companies were doing. The one thing she says she would tell herself on day one of starting out is, “Believe in yourself more, be confident, don’t sweat the small stuff, and don’t let your anxiety get the best of you” Prepare to be blown away by Laura’s small business growth wisdom. This Cast Covers: Cybersecurity consulting for growing businesses and those that may not have their own internal security team. Generating revenue from the consultancy services and online educational platform. Rate quitting her job to go out on her own and fix everything she couldn’t fix before. Focusing on the online educational platform that they launched in 2020. From 0 to 4,000 learners within 5 months of being in operation and currently generating $280,000 a year in revenue which is projected to reach $1 Million. Giving time to ideas and opportunities that may not seem worthy in the present. Bootstrapping the business from the beginning and their current funding round. The valuable hiring lessons that Laura has learned over time and how it has positively impacted her business. Discovering that sales in cybersecurity are based on emotion and shared values. The power of being authentic to herself and finding confidence in her style of management. Navigating the roller coaster that is fast growth in small business. Overcoming challenges, continuous learning, and enjoying the flexibility that comes with being a small business owner. Scheduling your fitness time and health activities as if they are your most important client. Having success with hiring people who are outside her bubble and hiring through a recruiter. How she struggled with work-life balance in the beginning. Reading a lot on management, communication, and habits for her professional development. Additional Resources:   SafeStack Academy Thinking, Fast and Slow By Daniel Kahneman Atomic Habits By James Clear The Gift of Imperfection By Brené Brown   Music from https://filmmusic.io "Cold Funk" by Kevin MacLeod (https://incompetech.com). License: CC BY (http://creativecommons.org/licenses/by/4.0/

At Kiwicon Lime Scooters hacking risks are highlighted, Ford demos driverless cars, Video search tip (JustWatch.com), Spark 5G Innovation Lab and trial 5G sites are active and Skype arrives on Amazon Echo / Alexa. Hands on Oppo R17 Pro and Jabra Engage 75.   www.nztechpodcast.com www.paulspain.com www.gorillatechnology.com   

This episode @bradbor, @urbankiwi & @bulldognz talk Video Game voice actors strike, Hawaiki Cable, Pi3 discounts, Lulzbots, Amazon Prime and Kiwicon

Microsoft CEO Satya Nadella visits, Amazon Prime and The Grand Tour (Jeremy Clarkson, Richard Hammond and James May), Tesla NZ, Google Earth VR, Instagram Live Video, Earthquake and Tsunami warning via Cell Broadcast, Kiwicon. Running time 00:58:37

The last Tech House for the year, we're talking to Dr Hitchcock who is buzzing after KiwiCon in Wellington. We talk about the internet of things, cybercrime, buzzwords and trends of 2015.

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-xntrik-Hooked-Browser-Meshed-Networks-with-webRTC-and-BeEF.pdf Hooked Browser Meshed-Networks with WebRTC and BeEF Christian (@xntrik) Frichot Principal Security Consultant at Asterisk Information Security One of the biggest issues with BeEF is that each hooked browser has to talk to your BeEF server. To try and avoid detection, you often want to try and obfuscate or hide your browsers, particularly if you're heavily targeting a single organization. Don’t worry Internet-friends, those crazy pioneers at Google, Mozilla and Opera have solved this problem for you with the introduction of Web Real-Time Communications (WebRTC). Initially designed to allow browsers to stream multimedia to each other, the spec has made its way into most Chrome and Firefox browsers, not to mention it’s enabled by default. Using this bleeding-edge web technology, we can now mesh all those hooked browsers, funnelling all your BeEF comms through a single sacrificial beach-head. Leveraging WebRTC technologies (such as STUN/TURN and even the fact the RTC-enabled browsers on local subnets can simply UDP each other), meshing browsers together can really throw a spanner into an incident-responders work. The possibilities for a browser-attacker are fairly endless, channeling comms through a single browser, or, making all the browsers communicate with each other in round-robin. This is just another tool tucked into your belt to try and initiate and maintain control over browsers. This presentation will present a background into WebRTC, and then demonstrate the WebRTC BeEF extension. (Bloody JavaScript...) Christian is an Australian security professional and founder of Asterisk Information Security based in Perth. He is one of the co-authors of the recently published Browser Hacker’s Handbook (by Wiley), and long-term code-funkerer of the BeEF project. When not performing application security or penetration testing gigs, Christian spends his time either ranting about appsec or pining to get behind his drumkit. He has a deep love/hate relationship with web browsers and JavaScript. Christian has presented at numerous Australian security conferences, including OWASP AppSec APAC, the Australian Information Security Association's Perth Con, ISACA's Perth Con, OWASP Melbourne, and Ruxmon. In addition, Christian was fortunate to present at Kiwicon 8 in New Zealand at the end of 2014. s that Christian has been involved with include BeEF, OWASP's SAMM Self Assessment Tool, Prenus (the pretty Nessus thing), Burpdot (graphing connectivity between URLs from Burp), and the Devise Google Authenticator extension. Christian has been blogging on un-excogitate.org and labs.asteriskinfosec.com.aufor ages now, and is often found on twitter (@xntrik) raging about various security topics. Twitter: @xntrik

Topics this week include Kiwicon’s tracking anklet hack, Skype Translator, Pirate Bay, Trans-Tasman undersea cable, Seagate’s 8TB drives, Linux.conf.au coming to Auckland and Linus Torvalds to keynote, UFB complete in Oamaru, Callaghan Innovation. Running time : 0:46:01

With guest Dr Matthew Dentith, scholar of conspiracy theories and host of The Podcaster’s Guide to the Conspiracy. And guest Adam Boileau, security consultant and organiser of KiwiCon hacker conference. Duncan Garner: Dirtiest election campaign ever – and mud sticks – RadioLIVE I’ve either been hacked or spied on | Kiwiblog No Right Turn: Politics … Continue reading "Episode 5.06: At the end of the day."

We start by talking further about the Nokia N9 (and offer listeners a chance to win one). Other topics include NZ hackers event Kiwicon, Apple’s iPhone security, iPhone 4S launch on both Telecom and Vodafone networks and upcoming IT conference ITEX. Running time : 0:36:03

Mathew Peterson explains why he has had to rename his popular iPodRip software to iRip, music sales in Sweden soar, collisions at CERN, pub offering free wireless is fined for copyright infringement, stories from the Kiwicon hacker conference.