POPULARITY
Andrew Stuck is with Mick Douglas, a self-confessed, long-distance solo hiker. He has worked as an artist researcher into creative practice at RMIT University in Melbourne, Australia, for three decades. Much of his work was around the interaction of people within modes of transport, comparing practices in cities in Australia to cities in India. We […]
Guests:Mick Douglas, Founder and Managing Partner at InfoSec Innovations [@ISInnovations]On LinkedIn | https://linkedin.com/in/mick-douglasOn Twitter | https://twitter.com/bettersafetynetDinis Cruz, Chief Scientist at Glasswall [@GlasswallCDR] and CISO at Holland & Barrett [@Holland_Barrett]On LinkedIn | https://www.linkedin.com/in/diniscruz/On Twitter | https://twitter.com/DinisCruz____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Devo | https://itspm.ag/itspdvweb___________________________Episode NotesIn this episode of the Redefining Cybersecurity podcast, Sean Martin is joined by Mick Douglas and Dinis Cruz to delve into a debatable topic: The role and effectiveness of Language Model (LLM) AI in Security Incident and Event Management (SIEM) systems.Mick, with a rich history in cybersecurity, contends that while AI has its place, he doesn't believe it belongs in the SIEM itself. In contrast, Dinis cites the potential of AI to make SIEMs more productive by cleaning up data, reducing noise, and improving signal value. They discuss the issues of handling vast data sets, the potential for AI to help identify and manage anomalies, and how to create learning environments within SIEM. However, concerns were also raised regarding false positives, trust issues with AI and the significant computational costs to implement and maintain these AI systems.Key Questions Explored:Does AI belong in SIEM systems?What potential does AI bring to SIEM?What are the potential issues with implementing and maintaining AI in SIEM?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
Guests:Mick Douglas, Founder and Managing Partner at InfoSec Innovations [@ISInnovations]On LinkedIn | https://linkedin.com/in/mick-douglasOn Twitter | https://twitter.com/bettersafetynetDinis Cruz, Chief Scientist at Glasswall [@GlasswallCDR] and CISO at Holland & Barrett [@Holland_Barrett]On LinkedIn | https://www.linkedin.com/in/diniscruz/On Twitter | https://twitter.com/DinisCruz____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Devo | https://itspm.ag/itspdvweb___________________________Episode NotesIn this episode of the Redefining Cybersecurity podcast, Sean Martin is joined by Mick Douglas and Dinis Cruz to delve into a debatable topic: The role and effectiveness of Language Model (LLM) AI in Security Incident and Event Management (SIEM) systems.Mick, with a rich history in cybersecurity, contends that while AI has its place, he doesn't believe it belongs in the SIEM itself. In contrast, Dinis cites the potential of AI to make SIEMs more productive by cleaning up data, reducing noise, and improving signal value. They discuss the issues of handling vast data sets, the potential for AI to help identify and manage anomalies, and how to create learning environments within SIEM. However, concerns were also raised regarding false positives, trust issues with AI and the significant computational costs to implement and maintain these AI systems.Key Questions Explored:Does AI belong in SIEM systems?What potential does AI bring to SIEM?What are the potential issues with implementing and maintaining AI in SIEM?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
Guests: Justin Elze, CTO at TrustedSec [@TrustedSec]On LinkedIn | https://www.linkedin.com/in/justinelze/On Twitter | https://twitter.com/HackingLZMick Douglas, Founder and Managing Partner at InfoSec Innovations [@ISInnovations]On LinkedIn | https://linkedin.com/in/mick-douglasOn Twitter | https://twitter.com/bettersafetynet____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Edgescan | https://itspm.ag/itspegweb___________________________Episode NotesIn this new Redefining Cybersecurity Podcast episode, Justin Elze, Mick Douglas, and Sean Martin delve into the importance of understanding networking concepts in the realm of cybersecurity. They discuss the misconceptions surrounding networking knowledge and how it often becomes cumbersome for people to learn. They highlight the underappreciated areas of networking that are frequently encountered in enterprise environments, such as DNS issues, virtual machines, VLANs, and more. The conversation also touches on the OSI model and the need for a structured approach to learning and adapting to various enterprise environments.The episode highlights how the shift to cloud-based solutions and remote work has made certain aspects of networking easier while also changing the landscape of network security. The discussion examines the importance of understanding and implementing effective security controls based on the organization's needs and threat surface rather than relying on outdated or ritualistic practices. The trio further explores the concept of abstraction versus understanding the intricate details of IT security policy and controls.Justin and Mick also talk about the need for a standard body of knowledge for cybersecurity professionals when it comes to networking concepts. They emphasize that while it's not necessary to be a networking expert, a deeper understanding of core concepts can significantly improve the effectiveness of network defense. By fostering a better understanding of networking within the information security community, professionals can better identify and address potential vulnerabilities and misconfigurations within their environments.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist
Guests: Justin Elze, CTO at TrustedSec [@TrustedSec]On LinkedIn | https://www.linkedin.com/in/justinelze/On Twitter | https://twitter.com/HackingLZMick Douglas, Founder and Managing Partner at InfoSec Innovations [@ISInnovations]On LinkedIn | https://linkedin.com/in/mick-douglasOn Twitter | https://twitter.com/bettersafetynet____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Edgescan | https://itspm.ag/itspegweb___________________________Episode NotesIn this new Redefining Cybersecurity Podcast episode, Justin Elze, Mick Douglas, and Sean Martin delve into the importance of understanding networking concepts in the realm of cybersecurity. They discuss the misconceptions surrounding networking knowledge and how it often becomes cumbersome for people to learn. They highlight the underappreciated areas of networking that are frequently encountered in enterprise environments, such as DNS issues, virtual machines, VLANs, and more. The conversation also touches on the OSI model and the need for a structured approach to learning and adapting to various enterprise environments.The episode highlights how the shift to cloud-based solutions and remote work has made certain aspects of networking easier while also changing the landscape of network security. The discussion examines the importance of understanding and implementing effective security controls based on the organization's needs and threat surface rather than relying on outdated or ritualistic practices. The trio further explores the concept of abstraction versus understanding the intricate details of IT security policy and controls.Justin and Mick also talk about the need for a standard body of knowledge for cybersecurity professionals when it comes to networking concepts. They emphasize that while it's not necessary to be a networking expert, a deeper understanding of core concepts can significantly improve the effectiveness of network defense. By fostering a better understanding of networking within the information security community, professionals can better identify and address potential vulnerabilities and misconfigurations within their environments.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist
In this episode of the We Hack Purple podcast host Tanya Janca met with her colleague from IANs Faculty: Mick Douglas, founder of InfoSec Innovations! We talked about EVERYTHING AppSec and definitely could haveeasily talked at least 2 more hours! He explained what honey pots/honey files/honey links are, and how to use them. Creating a "tamper evident" network and system, as well as how marketing people have really messed up the term "shift left" for the rest of us. Not only that, but the episode had TONS of laughs! Mick's Bio:Mick Douglas has over 10 years of experience in information security and is currently the Managing Partner for InfoSec Innovations. He specializes in PowerShell, Unix, Data Visualization, Hardware, and Radio Hacking and teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC555: SIEM with Tactical Very special thanks to our sponsor: Luta Security!Luta Security is the global leader in transforming how governments and organizations work with friendly hackers to bolster their security. LutaSecurity can manage end-to-end vulnerability disclosure and bug bounty programs or train your existing staff to maximize your security investment. Visit LutaSecurity.com/services to get started today!Join us in the We Hack Purple Community: A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find us, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!#appsec #wehackpurple #shehackspurple
IT security is broken. Vendors ship insecure products, customers have to bolt on and then operate more and more security products, compliance and regulatory requirements don't necessarily make things safer, and getting business done always takes priority over securing systems and data. On today's Day Two Cloud podcast, guest Mick Douglas shares ideas on how to make security less excruciating and more effective.
IT security is broken. Vendors ship insecure products, customers have to bolt on and then operate more and more security products, compliance and regulatory requirements don't necessarily make things safer, and getting business done always takes priority over securing systems and data. On today's Day Two Cloud podcast, guest Mick Douglas shares ideas on how to make security less excruciating and more effective. The post Day Two Cloud 177: IT Security Is Broken; Here’s Ideas On How To Fix It appeared first on Packet Pushers.
IT security is broken. Vendors ship insecure products, customers have to bolt on and then operate more and more security products, compliance and regulatory requirements don't necessarily make things safer, and getting business done always takes priority over securing systems and data. On today's Day Two Cloud podcast, guest Mick Douglas shares ideas on how to make security less excruciating and more effective.
IT security is broken. Vendors ship insecure products, customers have to bolt on and then operate more and more security products, compliance and regulatory requirements don't necessarily make things safer, and getting business done always takes priority over securing systems and data. On today's Day Two Cloud podcast, guest Mick Douglas shares ideas on how to make security less excruciating and more effective. The post Day Two Cloud 177: IT Security Is Broken; Here’s Ideas On How To Fix It appeared first on Packet Pushers.
IT security is broken. Vendors ship insecure products, customers have to bolt on and then operate more and more security products, compliance and regulatory requirements don't necessarily make things safer, and getting business done always takes priority over securing systems and data. On today's Day Two Cloud podcast, guest Mick Douglas shares ideas on how to make security less excruciating and more effective.
IT security is broken. Vendors ship insecure products, customers have to bolt on and then operate more and more security products, compliance and regulatory requirements don't necessarily make things safer, and getting business done always takes priority over securing systems and data. On today's Day Two Cloud podcast, guest Mick Douglas shares ideas on how to make security less excruciating and more effective. The post Day Two Cloud 177: IT Security Is Broken; Here’s Ideas On How To Fix It appeared first on Packet Pushers.
Join us as we welcome Mick Douglas, SANS instructor, and Managing Partner at Infosec Innovations, as we discuss MITRE ATT&CK and so much more. Mick is an awesome infosec community member, it's going to be a great experience.You won't want to miss it!Get daily cyber threat briefings with Simply Cyber every weekday. https://simplycyber.io/streams for all the details.Simply Cyber's mission is to help purpose driven professionals make and and take a cybersecurity career further, faster.
Good friend Mick and I sit down and chat about the week and events that unfolded along with our opinions. Look for a weekly spinoff of "Mike & Mick".
@bettersafetynet @infosystir @boettcherpwned @bryanbrake @brakeSec Discord Invite! "please click OK to accept the Code of Conduct in the 'Rules-and-info' channel" https://discord.gg/jhzm4bK9 #AmazonMusic: https://brakesec.com/amazonmusic #Spotify: https://brakesec.com/spotifyBDS #Pandora: https://brakesec.com/pandora #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast Apple Podcasts: https://podcasts.apple.com/us/podcast/brakeing-down-security-podcast/id799131292 #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec #Patreon: https://brakesec.com/BDSPatreon #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
https://what2log.com/ https://twitch.tv/brakesec https://www.brakeingsecurity.com @bettersafetynet @infosystir @boettcherpwned @bryanbrake @brakeSec
Mick is an old friend and one of the people I always look to for advice! It was nice to catch up with such a brilliant guy!
There's a cyber crisis brewing. Not the first. Definitely not the last. But current. Here's some advice as seen on social media (paraphrased)... "take your years of strategizing, planning, budgeting, staffing, and procuring … and do it all within a few days." How is that helpful?It isn't. It could actually be counter-productive.With the rising concerns over the growing threat of cyberattacks from well-funded, highly-skilled, and aggressively-motivated bad actors, there's been a mad rush for offerings of advice and products and services from all around the web. While the intentions may be good, the expected outcomes may not match reality in some cases.That's where the post I saw from Mick Douglas comes in ... a post of organized thoughts with actionable steps organizations can consider given their day-to-day playbook probably isn't going to hold to the intensity of a widespread cyber attack. There's a lot in the thread; we cover a good portion of it, but not all of it. There's also some discussion outside of the original post to help frame the conversation.____________________________GuestMick DouglasInfoSec Innovations | SANS Principal Instructor | IANS FacultyOn Twitter | https://twitter.com/bettersafetynetOn LinkedIn | https://www.linkedin.com/in/mick-douglas/____________________________This Episode's SponsorsImperva: https://itspm.ag/imperva277117988Archer: https://itspm.ag/rsaarchweb____________________________ResourcesInspiring Tweet: https://twitter.com/bettersafetynet/status/1496496087741480960National Council of ISACs: https://www.nationalisacs.org/Other social posts mentioned:https://www.linkedin.com/posts/rocklambros_mick-douglas-on-twitter-activity-6902610864369664000-KaBdhttps://twitter.com/hackinglz/status/1497035113170886656____________________________To see and hear more Redefining Security content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurityAre you interested in sponsoring an ITSPmagazine Channel?
There's a cyber crisis brewing. Not the first. Definitely not the last. But current. Here's some advice as seen on social media (paraphrased)... "take your years of strategizing, planning, budgeting, staffing, and procuring … and do it all within a few days." How is that helpful?It isn't. It could actually be counter-productive.With the rising concerns over the growing threat of cyberattacks from well-funded, highly-skilled, and aggressively-motivated bad actors, there's been a mad rush for offerings of advice and products and services from all around the web. While the intentions may be good, the expected outcomes may not match reality in some cases.That's where the post I saw from Mick Douglas comes in ... a post of organized thoughts with actionable steps organizations can consider given their day-to-day playbook probably isn't going to hold to the intensity of a widespread cyber attack. There's a lot in the thread; we cover a good portion of it, but not all of it. There's also some discussion outside of the original post to help frame the conversation.____________________________GuestMick DouglasInfoSec Innovations | SANS Principal Instructor | IANS FacultyOn Twitter | https://twitter.com/bettersafetynetOn LinkedIn | https://www.linkedin.com/in/mick-douglas/____________________________This Episode's SponsorsImperva: https://itspm.ag/rsaarchwebArcher: https://itspm.ag/itsphitweb____________________________ResourcesInspiring Tweet: https://twitter.com/bettersafetynet/status/1496496087741480960National Council of ISACs: https://www.nationalisacs.org/Other social posts mentioned:https://www.linkedin.com/posts/rocklambros_mick-douglas-on-twitter-activity-6902610864369664000-KaBdhttps://twitter.com/hackinglz/status/1497035113170886656____________________________To see and hear more Redefining Security content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurityAre you interested in sponsoring an ITSPmagazine Channel?
Introduction Overview of Log4j vuln (as of 16 December 2021) Why is it a big deal? (impact/criticality/risk) Talk about patching vs. mitigation why wasn't this given the same visibility in 2009? Because it's Oracle or Java? Good callout is building slides to brief org leadership, detections, and other educational tools. Vuln fatigue (Java vulns in 2009 and pretty much forever cause us fatigue) Are there other technologies like log4j that prop up the entire world, and we just don't know? Egress traffic (discussed at length on twitter, what problems it solve?) https://twitter.com/mubix/status/1470430085169745920 Latest: https://www.theregister.com/2021/12/14/apache_log4j_v2_16_jndi_disabled_default/ - apache removed JDNI functionality https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_0day_being_exploited/
Introduction Overview of Log4j vuln (as of 16 December 2021) Why is it a big deal? (impact/criticality/risk) Talk about patching vs. mitigation why wasn't this given the same visibility in 2009? Because it's Oracle or Java? Good callout is building slides to brief org leadership, detections, and other educational tools. Vuln fatigue (Java vulns in 2009 and pretty much forever cause us fatigue) Are there other technologies like log4j that prop up the entire world, and we just don't know? Egress traffic (discussed at length on twitter, what problems it solve?) https://twitter.com/mubix/status/1470430085169745920 Latest: https://www.theregister.com/2021/12/14/apache_log4j_v2_16_jndi_disabled_default/ - apache removed JDNI functionality https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_0day_being_exploited/
A common question from many defenders is "Which logs are the most important?” In this episode, Mick Douglas and Flynn Weeks join us to describe their What2Log project, which aims to simplify this problem for all of us!Our Guests: Mick Douglas & Flynn WeeksMick Douglas is the Managing Partner of InfoSec Innovations. He is a SANS certified instructor and is a member of the IANS faculty. In his spare time, he tries in vain to improve his photography skills and goes hiking looking for the perfect shot.Flynn is a senior Cybersecurity student and intern at InfoSec Innovations. Forensics, and in turn, logging, are passions of hers. In her spare time, she enjoys her time spent with pets and hiking. Follow Mick and FlynnTwitter: Mick @bettersafetynet and Flynn @soundsofthetime
WISP.org donation page: https://wisporg.z2systems.com/np/clients/wisporg/donation.jsp Mick Douglas (@bettersafetynet on Twitter) Powercat: https://github.com/besimorhino/powercat Netcat in a powershell environment https://blog.rapid7.com/2018/09/27/the-powershell-boogeyman-how-to-defend-against-malicious-powershell-attacks/ https://www.hackingarticles.in/powercat-a-powershell-netcat/ Defenses against powercat? LolBins: https://www.cynet.com/blog/what-are-lolbins-and-how-do-attackers-use-them-in-fileless-attacks/ Sigma ruleset: https://www.nextron-systems.com/2018/02/10/write-sigma-rules/#:~:text=Sigma%20is%20an%20open%20standard,grep%20on%20the%20command%20line. ElasticSearch bought Endgame; https://www.elastic.co/about/press/elastic-announces-intent-to-acquire-endgame https://krebsonsecurity.com/2020/07/thinking-of-a-cybersecurity-career-read-this/ Twitter DM to @bettersafetynet:Hey... I wanna talk about @hrbrmstr's tweet on the show tonight as well... https://twitter.com/hrbrmstr/status/1287442304593276929 My thinking is if Cisco and others didn't try to intentionally downplay vulnerabilities by announcing them on a Friday, would we be more likely to patch sooner? Also, greater need for testing of patches to ensure that 80% of your workforce rely on that technology now. What's worse? Patching on a Friday evening (after several hours explaining the vuln to a manager), and then having it fuck something up so you're up at crack of dawn Monday troubleshooting something missed Friday night because testing was rushed/not conducted because the CEO can't access email? I have thoughts, I've added this to the show note google doc. https://www.reddit.com/r/netsec/comments/hwaj6f/nmap_script_fot_cve20203452/ -- nmap PoC script? Embargoed vulns… Getting management buy-in to patch
This week, we welcome Chris Elgee, Major at the Massachusetts Army National Guard, and Jim McPherson, Cyber Security Analyst, to talk about Public utility security and the National Guards support! In our second segment, we welcome back Mick Douglas, Founder and Owner of InfoSec Innovations, to discuss Project Fantastic - Bringing The CLI to GUI Users! In the Security News, Naikon APT Hid Five-Year Espionage Attack Under Radar, PoC Exploit Released for DoS Vulnerability in OpenSSL, 900,000 WordPress sites attacked via XSS vulnerabilities, Kaiji, a New Linux Malware Targets IoT Devices in the Wild, Another Stuxnet-Style Vulnerability Found in Schneider Electric Software, and remembering the ILOVEYOU virus! Show Notes: https://wiki.securityweekly.com/PSWEpisode650 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Elgee, Major at the Massachusetts Army National Guard, and Jim McPherson, Cyber Security Analyst, to talk about Public utility security and the National Guards support! In our second segment, we welcome back Mick Douglas, Founder and Owner of InfoSec Innovations, to discuss Project Fantastic - Bringing The CLI to GUI Users! In the Security News, Naikon APT Hid Five-Year Espionage Attack Under Radar, PoC Exploit Released for DoS Vulnerability in OpenSSL, 900,000 WordPress sites attacked via XSS vulnerabilities, Kaiji, a New Linux Malware Targets IoT Devices in the Wild, Another Stuxnet-Style Vulnerability Found in Schneider Electric Software, and remembering the ILOVEYOU virus! Show Notes: https://wiki.securityweekly.com/PSWEpisode650 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Living off the land is pretty standard fare for pen testers. On Linux systems, the go-to is usually Python, but on Windows it's all about Powershell. This week I'm fortunate enough to sit down with Mick Douglas to talk all things Powershell! Some links of interest: Powercat - https://github.com/besimorhino/powercat Mick wants to give a special shout out to Luke Baggett for all the great work he's done on this project! Kansa - Dave Hall was the original author - https://github.com/davehull/Kansa Mick's Public Projects - https://github.com/besimorhino?tab=repositories Invoke-IR - https://github.com/Invoke-IR Bye-FePhishia - https://github.com/jcjohnson34/Bye-FePhishia OverworkedAdmin.com - https://overworkedadmin.com/category/scripting-languages/powershell/ Microsoft TechNet Blog - "Hey Scripting Guy!" - https://blogs.technet.microsoft.com/heyscriptingguy/ InfosecInovations.com - https://www.infosecinnovations.com/ Powershell Basics - https://www.darkoperator.com/powershellbasics/ Powershell Cheatsheet - https://github.com/PrateekKumarSingh/CheatSheets/tree/master/Powershell Want to reach out to the show? There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time.Find out more at http://purplesquadsec.com
Our good friend Mick Douglas takes an excerpt from SANS 555 and demonstrates using network telemetry to find unauthorized hosts with ELK stacks! Full Show Notes: https://wiki.securityweekly.com/Episode538 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Our good friend Mick Douglas takes an excerpt from SANS 555 and demonstrates using network telemetry to find unauthorized hosts with ELK stacks! Full Show Notes: https://wiki.securityweekly.com/Episode538 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Allison Miller joins us for an interview, Mick Douglas of the SANS Institute shows us how to feed common and default logs into ELK stacks, and we report on the latest security news on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode538 Visit https://www.securityweekly.com for all the latest episodes! →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Allison Miller joins us for an interview, Mick Douglas of the SANS Institute shows us how to feed common and default logs into ELK stacks, and we report on the latest security news on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode538 Visit https://www.securityweekly.com for all the latest episodes! →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Mick Douglas is a SANS instructor and the Managing Partner for InfoSec Innovations. He joins us to demonstrate pausing potentially malicious executables in PowerShell! Full Show Notes: https://wiki.securityweekly.com/Episode533 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Mick Douglas is a SANS instructor and the Managing Partner for InfoSec Innovations. He joins us to demonstrate pausing potentially malicious executables in PowerShell! Full Show Notes: https://wiki.securityweekly.com/Episode533 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Matthew Toussain of the SANS Institute and Spectrum Information Security joins us, Mick Douglas of SANS shows us how to use PowerShell to pause and resume processes, and we discuss the latest information security and hacking news on this episode of Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode533 Visit https://www.securityweekly.com for all the latest episodes!
Matthew Toussain of the SANS Institute and Spectrum Information Security joins us, Mick Douglas of SANS shows us how to use PowerShell to pause and resume processes, and we discuss the latest information security and hacking news on this episode of Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode533 Visit https://www.securityweekly.com for all the latest episodes!
Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-024-mental_health_podcast-with-Rand0h-and-tottenkoph.mp3 The infosec industry and the infosec culture is so diverse, with many different points of view, many different thoughts and opinions, and many of us deal with our own internal demons, like addictions, mental afflictions like depression or bipolar disorders. And 'imposter syndrome' is another thing that seems to add to the mix, making some believe they have to be constantly innovating or people think negatively of them. So this week, we invited Ms. Magen Wu (@tottenkoph), and Danny (@dakacki) and we discuss some coping mechanisms at things like conferences, and if you work at home, like a lot of consultants and researchers do... -------- Jay Beale’s Class “aikido on the command line: hardening and containment” JULY 22-23 & JULY 24-25 AT BlackHat and Defcon https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html ------- Brakesec also announces our "PowerShell for Blue Teamers and Incident Responders" with Mick Douglas (@bettersafetynet). A 6 week course starting with the basics of powershell, and goes into discussion of frameworks using Powershell too assist in assessing your network. It starts on 10 July and run each Monday evening until 14 August 2017. You'll receive a certificate suitable for CPE credit, as well as the videos of the class available to you on our YouTube channel. To sign up, go to our Patreon Page (http://www.patreon.com/bds_podcast) and sign up at the $20 USD level labeled "Blue Team Powershell - Attendee". If you are looking to just get the videos and follow along in class, pick the $10 USD "Blue Team Powershell - Attendee- Videos Only" Classes will be held on Monday Evenings only for 5 weeks, ending on 1 August. #RSS: www.brakeingsecurity.com/rss Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw #iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast Join our #Slack Channel! Sign up at https://brakesec.signup.team #iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/ #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/ --Show Notes-- Chris Sanders: Cult of Passion http://chrissanders.org/2017/06/the-cult-of-passion/ Exercise Start playing ingress or Pokemon Go, just to get out and gamify activity Reduce alcohol consumption Defcon : Friends of Bill W. Agent X : 3/5K events at Defcon Critics comments You won’t please everyone, so don’t try Spend time away from infosec Family, friends Hobbies If you are in a job with ‘secrets’, find someone to talk to Another person with the same ‘secrets’ or similar job https://www.scientificamerican.com/article/gut-second-brain/ @DAkacki (what is your podcast @rallysec) Da667’s book [I love murder]@tottenkoph @jimmyvo @andMYhacks (works with Jimmy) @infosecmentors
Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-023-Jay_Beale-selinux-apparmor-securing_lxc.mp3 Jay Beale works for a pentest firm called "Inguardians", and has always been a fierce friend of the show. He's running a class at both BlackHat and Defcon all about hardening various parts of the Linux OS. This week, we discuss some of the concepts he teaches in the class. Why do we disable Selinux? Is it as difficult to enable as everyone believes? What benefit do we get from using it? We also discuss other hardening applications, like ModSecurity for Apache, Suhosin for PHP, and Linux Containers (LXC). What is gained by using these, and how can we use these to our advantage? Really great discussion with Jay, and please sign up for his class for a two day in-depth discussion of all the technologies discussed on the show. -------- Jay Beale’s Class “aikido on the command line: hardening and containment” JULY 22-23 & JULY 24-25 AT BlackHat and Defcon https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html ------- Brakesec also announces our "PowerShell for Blue Teamers and Incident Responders" with Mick Douglas (@bettersafetynet). A 6 week course starting with the basics of powershell, and goes into discussion of frameworks using Powershell too assist in assessing your network. It starts on 10 July and run each Monday evening until 14 August 2017. You'll receive a certificate suitable for CPE credit, as well as the videos of the class available to you on our YouTube channel. To sign up, go to our Patreon Page (http://www.patreon.com/bds_podcast) and sign up at the $20 USD level labeled "Blue Team Powershell - Attendee". If you are looking to just get the videos and follow along in class, pick the $10 USD "Blue Team Powershell - Attendee- Videos Only" Classes will be held on Monday Evenings only for 5 weeks, ending on 1 August. #RSS: www.brakeingsecurity.com/rss Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast Join our #Slack Channel! Sign up at https://brakesec.signup.team #iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/ #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/ --- Show Notes: AppArmor SELinux Privilege Escalation - InGuardians Murderboard Port Knocking (Single Pack Authorization) OSSEC ModSecurity Linux Containers Jess frizelle -bane Dan walsh - selinux Selinux troubleshoot daemon https://en.wikipedia.org/wiki/System_call “In computing, a system call is the programmatic way in which a computer program requests a service from the kernel of the operating system it is executed on. This may include hardware-related services (for example, accessing a hard disk drive), creation and execution of new processes, and communication with integral kernel services such as process scheduling. System calls provide an essential interface between a process and the operating system.” OpenBSD pledge(2): https://man.openbsd.org/pledge.2 https://www.raspberrypi.org/products/raspberry-pi-2-model-b/ Suhosin https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html @inguardians @jaybeale www.inguardians.com ---- What are you doing at Black Hat and Def Con? Training class at Black Hat - 2 days Def Con Workshop - ModSecurity and AppArmor - 4 hours Packet Hacking Village Workshop - Container security Vapor Trail at Def Con Labs (Larry and Galen) Dancing my butt off?
Direct Link to Download: http://traffic.libsyn.com/brakeingsecurity/2017-022-windows_and_AD_Hardening.mp3 This week, we discuss hardening of windows hosts, utilizing CIS benchmarks. We talk about the 'auditpol' command. And we dredge up from the ancient times (2000) the Microsoft article from Scott Culp "The 10 Immutable Laws of Security Administration". Are they still applicable to today's environment, 17 years later? Brakesec also announces our "PowerShell for Blue Teamers and Incident Responders" with Mick Douglas (@bettersafetynet). A 6 week course starting with the basics of powershell, and goes into discussion of frameworks using Powershell too assist in assessing your network. It starts on 10 July and run each Monday evening until 14 August 2017. You'll receive a certificate suitable for CPE credit, as well as the videos of the class available to you on our YouTube channel. To sign up, go to our Patreon Page (http://www.patreon.com/bds_podcast) and sign up at the $20 USD level labeled "Blue Team Powershell - Attendee". If you are looking to just get the videos and follow along in class, pick the $10 USD "Blue Team Powershell - Attendee- Videos Only" Classes will be held on Monday Evenings only for 5 weeks, ending on 1 August. #RSS: www.brakeingsecurity.com/rss Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast Join our #Slack Channel! Sign up at https://brakesec.signup.team #iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/ #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/ --SHOW NOTES-- 10 immutable laws of Security administration: https://technet.microsoft.com/library/cc722488.aspx Really great stuff On This Page Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if the secure way also happens to be the easy way Law #3: If you don't keep up with security fixes, your network won't be yours for long Law #4: It doesn't do much good to install security fixes on a computer that was never secured to begin with Law #5: Eternal vigilance is the price of security Law #6: There really is someone out there trying to guess your passwords Law #7: The most secure network is a well-administered one Law #8: The difficulty of defending a network is directly proportional to its complexity Law #9: Security isn't about risk avoidance; it's about risk management Law #10: Technology is not a panacea https://www.linkedin.com/in/scott-culp-cissp-8b69572a/ http://thehackernews.com/2017/06/hacker-arrested-for-hacking-microsoft.html https://docs.microsoft.com/en-us/windows/threat-protection/use-windows-event-forwarding-to-assist-in-instrusion-detection https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory auditpol - https://technet.microsoft.com/en-us/library/cc731451(v=ws.11).aspx https://docs.microsoft.com/en-us/windows/device-security/auditing/advanced-security-audit-policy-settings https://technet.microsoft.com/en-us/library/cc677002.aspx - Microsoft Security compliance Manager https://www.databreaches.net/irony-when-blackhats-are-our-only-source-of-disclosure-for-some-healthcare-hacks/ https://www.databreaches.net/leak-of-windows-10-source-code-raises-security-concerns/ https://docs.microsoft.com/en-us/windows/threat-protection/use-windows-event-forwarding-to-assist-in-instrusion-detection
This week, we discussed Ms. Berlin's recent foray to CircleCityCon, 614con (@614con), and her recent webinars with O'Reilly. One topic we discussed this week was how to reach out to small businesses about information security. Mr. Boettcher (@boettcherpwned) had just came from a panel discussion about an initiative in Austin, Texas called "MANIFEST", which sought to engage small business owners with #information #security professionals to help them secure their environments. So we got to discussing how you might go about it in your local hometowns. Many of us live in smaller towns, with numerous small businesses that either don't know to secure their #POS #terminals (for example), or office information not in a file cabinet. They may also just assume their outsourced IT company is doing that job, which could open them up to liability if something occurred. So we discuss ways to reach out, or get involved with your local community. Secondly, we talk about software vulnerabilities found in the #CWE and the '7 Pernicious Kingdoms' which are the way some people have classified vulnerabilities. We one of the kingdoms, and how it is useful if you want to classify vulns to developers. Finally, after the show, Mr. Boettcher and Mr. Michael Gough, who has been on the show previously discusses some #ransomware and why it's such a popular topic of discussion. (stay after the end music) Brakesec also announces our "PowerShell for Blue Teamers and Incident Responders" with Mick Douglas (@bettersafetynet). A 5 week course starting with the basics of powershell, and goes into discussion of frameworks using Powershell too assist in assessing your network. It starts on 10 July and run each Monday evening until 1 August 2017. You'll receive a certificate suitable for CPE credit, as well as the videos of the class available to you on our YouTube channel. To sign up, go to our Patreon Page (http://www.patreon.com/bds_podcast) and sign up at the $20 USD level labeled "Blue Team Powershell - Attendee". If you are looking to just get the videos and follow along in class, pick the $10 USD "Blue Team Powershell - Attendee- Videos Only" Classes will be held on Monday Evenings only for 5 weeks, ending on 1 August. Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-021-small_biz_outreach-614con-prenicious_kingdoms-ransomware-bonus.mp3 #RSS: www.brakeingsecurity.com/rss Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast Join our #Slack Channel! Sign up at https://brakesec.signup.team #iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/ #SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
Mick Douglas is always great to have on. A consummate professional, and blue team advocate for years now, he teaches SANS courses designed to help defenders against the forces of the red team, pentesters, and even bad actors. But this week, we have a different Mr. Douglas. This week, he's here to talk about sales tactics, #neuro #linguistic #programming, leading the question, and other social engineering techniques that salespeople will do to get you to buy maybe what your company doesn't need, but thinks it does. We have some good times discussing ways to ensure the buying of your new shiny box at work goes more smoothly, what you should look out for, and ways to tell if they are over-selling and under-delivering. Also, Mick has been working on a project near and dear to his heart. After discussing with @carnal0wnage a year or so back, he's fleshed out a spreadsheet that tracks attack vectors, and depending on what controls are in your environment, can show you how well a particular attack is against your environment. This would be a great asset to blue teams who might want to shore up defenses, especially if they are vulnerable in a particular area. Mr. Douglas is looking for comments, suggestions, and additions to his spreadsheet, and you can even download a copy of the Google Doc to try in your own environment, free of charge. Book mentioned in the show: (non-sponsored link) https://www.amazon.com/Influence-Psychology-Persuasion-Robert-Cialdini/dp/006124189X Mick's document: https://docs.google.com/spreadsheets/d/1pI-FI1QITaIjuBsN30au1ssbJAZawPA0BYy8lp6_jV8/edit#gid=0 Mick refers the the MITRE ATTACK matrix in the show, here's our show discussing it: http://traffic.libsyn.com/brakeingsecurity/2015-051-ATTACK_Matrix.mp3 https://attack.mitre.org/wiki/ATT%26CK_Matrix Mick's last appearances on BrakeSec: http://traffic.libsyn.com/brakeingsecurity/2015-024-Mick_Douglas.mp3 http://traffic.libsyn.com/brakeingsecurity/2015-025-Mick_douglas_part2.mp3 http://traffic.libsyn.com/brakeingsecurity/2015-032-Jarrod_and_Mick_DFIR.mp3 http://traffic.libsyn.com/brakeingsecurity/2016-026-exfiltration_techniques-redteaming_vs_pentesting-and-gaining_persistence.mp3 Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-005-mick_douglas-attack_defense_worksheet.mp3 iTunes: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 YouTube: https://www.youtube.com/watch?v=A3K-2yneKU4 Bsides London is accepting Call for Papers starting 14 Febuary 2017, as well as a Call for Workshops. You can find out more information at https://www.securitybsides.org.uk/ ---------- HITB announcement: “Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/ --------- Join our #Slack Channel! Sign up at https://brakesec.signup.team #RSS: http://www.brakeingsecurity.com/rss #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
Adam Crompton (@3nc0d3r) and Tyler Robinson (@tyler_robinson) from Inguardians came by to fill in for my co-host this week. We talk about things a company should do to protect themselves against data exfil. Adam then shows us a tool he's created to help automate data exfil out of an environment. It's called 'Naisho', and if you're taking the 'Powershell for Pentesters' class at DerbyCon, you'll be seeing this again, as Adam will be co-teaching this class with Mick Douglas (@bettersafetynet). Tyler tells us about using Cobalt Strike for creating persistent connections that are more easily hidden when you are on an engagement. Adam's demo can be found on our YouTube channel: https://youtu.be/rj--BfCvacY Tyler's demo of Throwback and using Cobalt Strike can be found on our YouTube Channel: Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-026-exfiltration_techniques-redteaming_vs_pentesting-and-gaining_persistence.mp3 SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Facebook: https://www.facebook.com/BrakeingDownSec/ #Tumblr: http://brakeingdownsecurity.tumblr.com/ #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
Today, the choreographed and performed body is not confined to the studio or a black-box theatre; instead, it occurs in spaces initially dedicated to other art forms—or even in spaces that aren’t designed for art at all. Listen in to the first in our series of three Saturday afternoon salon conversations with acclaimed French choreographer Xavier Le Roy, co-presented by Dancehouse, that aim to link dance and choreography to current issues in arts and society, highlighting the connections between the thinking and moving body and contemporary aesthetic, cultural and political issues. Along with choreographer-turned-urban-planner Wendy Lasica, dancer and performer Becky Hilton, artist and curator Mick Douglas, and artist and professor Lyndal Jones (today’s conversation facilitator), Xavier will explore the ways dance, performance and choreography have started to inhabit and transform the public realm—and vice versa—before ruminating on the ways in which these spaces promote diverse temporal, social and spectator experiences. How is choreography and performance transforming the way we understand our contemporary body in both urban and ‘inner’ space?
The VCA’s Art, Social and Spatial Practice (ASSP) research cluster brings its salon-style Food for Thought series to MPavilion—and expands it. Hosted by Performing Mobilities’ James Oliver and Mick Douglas, this pop-up forum with Brooklyn-based artist Marshall Weber and Sydney-based “anarchitect” Keg de Souza will investigate the potential of both the material and social production of art as object, performance, spatial practice or relational experience. Where and how do public conversation, artistic practice and research intersect? Come along and help fill MPavilion to the petals with lively conversation—or healthy art debate.
In an incident response, the need for clear communication is key to effective management of an incident. This week, we had Mick Douglas, DFIR instructor at SANS, and Jarrod Frates, who is a pentester at InGuardians, and has great experience handling incidents. Find out some roles in an incident response (the Shadow, the event coordinator, the lead tech), and how companies should have an IR plan that handles various 'incident severities'. Jarrod updates us on "TheLab.ms" and how you might like to help them! Finally, We are holding a contest to win a ticket to DerbyCon, full instructions are below. We are giving away two tickets. DerbyCon 1st Ticket contest expires 31 July 2015. 1. To enter for a ticket to DerbyCon a. A donation must be made to Hackers for Charity (http://www.hackersforcharity.org/) b. Once the donation is made, email your receipt of your donation to bds.podcast@gmail.com c. If you win: We will contact you by the email you mailed the receipt from with our contact information. You will need to contact us when you get to DerbyCon, as we will not send you the ticket directly. You will also be responsible for airfare and accommodations at DerbyCon.
With last week's revelation from Microsoft that they will support SSH, understanding powershell has become more important than ever as a tool to be used by blue teamers, both for adminstration, and to understand how bad guys will use it for nefarious deeds on your network. Part 2 of our interview with Mick Douglas discusses a bit more about the DEV522 class that he teaches for SANS, and why it seems that blue team (defenders) are not getting the training they should. By being deficient in necessary skills, the knowledge between bad guys and the defenders widens.
We had the opportunity to discuss with Mick Douglas the fact that there is a stigma of blue team always being on the losing end of the security. Is it because there are more tools for the pentesters or bad guys, or that it takes a massive IT budget to be secure? We don't believe so... Great insights into how a blue team can protect their network.
Episode 202 Show Notes Part 2: Come get all warm and fuzzy with the PDC crew... don't worry its soft. I was talking about WFuzz... We also discuss a few stories from the week too. Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas, Carlos "Dark0perator" Perez Audio Feeds:
Episode 202 Show Notes Part 1: The folks from Command Line Kung Fu join us to celebrate episode 100, and talk a little kung fu. Who won? Who lost? Is Paul's healthy knee intact? Found out NOW!! Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas, Carlos "Dark0perator" Perez Audio Feeds:
Episode 201 Show Notes Last minute vulnerability disclosure debate, and a bunch of fun stories including 10 things that we'd like to hack (including your blender) Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas, Carlos "Dark0perator" Perez Audio Feeds:
Episode 200 Show Notes Episode 200 all day podcast in support of hackersforcharity.org. FINAL: In the last release from 200 Sonny Crocket joins us as we discuss ZigBee, Linux hardening and Stories from the week. Remember its never to little or to late to donate to Johnny Long's hackers for charity. Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas, Carlos "Dark0perator" Perez Audio Feeds: