Podcasts about netwars

Today on The Prather Point:Racine Sheriff 4G Justice!DC Judges lawfare!mRNA spiking DNA!Pimps, punishers & parents!De-rigging Deep State!Never get stuck in an emergency situation visit our sponsors:------------------------Satellite Phone Special Offer Visit http://PratherDeal.comSave 25% on 4-Week of Emergency Food Visit http://PratherPrepSupply.com

Chris Elgee is a senior security analyst and Core NetWars Tournament design lead for Counter Hack, and commander of the Army National Guard's 126th Cyber Protection Battalion. At Counter Hack, Chris is responsible for the design and implementation of NetWars challenges and has created some of the player-favorite challenges throughout NetWars and the Holiday Hack Challenge. Chris also teaches SEC560 for the SANS Institute. Read more about Chris Elgee at: https://www.sans.org/profiles/christopher-elgee/ Follow Chris on Twitter: @chriselgee  

Is there such a thing as an ethical hacker? Do all hackers use their skills to attack infrastructures? If you’re interested in ethical hacking and penetration testing, this is the episode for you.  Today’s guest is Ed Skoudis. Ed has taught upwards of 20,000 security professionals globally and his contributions to information security have had an immense impact on the community. His courses distill the essence of real world frontline case studies he accumulates, because he is consistently one of the first authorities brought in to provide post-attack analysis on major breeches. He’s not just an expert in the field, he’s created many of the founding methodologies empowered by governments and organizations around the world to test and secure their infrastructures. Ed is the founder of the SANS Penetration Testing Curriculum and Counter Hack; leads the team that builds NetWars, Holiday Hack, and CyberCity; and serves on the Board of Directors for the SANS Technology Institute. A consummate presenter, Ed is a keynote speaker appearing internationally at conferences, and is an Advisory Board member for RSA. Show Notes: [1:14] - Ed introduces himself as a penetration tester and hacker. He does expert witness work on large scale breeches and incident response. [1:37] - He started this path as hacking for phone companies. He explains how he started and why he was hired. [3:55] - Ed describes what penetration testing (or pen testing) is. It is when he models the techniques used by real world attackers and then apply them in structured fashion to help protect companies from future attacks. [4:53] - Pen tests can be used by an organization for a specific reason or can be done as a “check-up” to make sure everything is okay. [5:40] - Zero Day is researching vulnerabilities that aren’t known yet. It is called Zero Day because it has been known for zero days. [6:18] - Ed never believed the cybersecurity industry would be as huge as it is today and explains some of the more recent issues we’ve been seeing through Covid. [7:52] - Security is now a part of the process and is becoming less of an afterthought. Ed shares this idea long-term, but sees the same vulnerabilities repeatedly. [8:49] - There is no such thing as 100% safe and secure. The goal is to raise the bar to make things more difficult for an attacker. [9:31] - With ransomware, attackers have figured out a really reliable way to get paid for their malware. [10:08] - Ransomware is a real problem and have even attacked hospitals and local governments. [12:37] - There is so much that we do that leaves us vulnerable. [13:29] - One major piece of advice that Ed gives in regards to general consumer security is to keep all of your devices patched and updated. [14:18] - Another area to be aware of is always spear phishing. Don’t click unless you are confident in the link. [15:19] - Ed has a separate computer that is separate and independent that he only uses for financial transactions.  [17:17] - Chris and Ed discuss routers that consumers buy from their ISP. [19:01] - Ed shares how “Live Off the Land” attacks work by using what is already installed on a computer. These are harder to detect. [20:18] - With ransomware, organizations have to think about what is best for the business. Is it better to give the attacker the money or spend the time and money to fix the problem? [22:27] - The dominant trend in technology today is cloud storage. [24:18] - Ed describes how this works and some of the various problems associated with it. [25:39] - The US Army, Tesla, and Uber are a few organizations that have lost data to this common vulnerability. [26:10] - Ed describes the Holiday Hack Challenge and the fun way he has modeled this problem to educate users. [28:03] - Although there are some security risks if not managed properly, Ed shares that cloud data storage is a very cost effective option for small to medium sized businesses. [29:24] - Most organizations use multiple cloud services. Cloud migration is good if a different service is necessary, but the previous cloud service is left alone and vulnerable. [31:01] - The Holiday Hack Challenge is a free educational event that Ed and his team have created to solve cybersecurity challenges. This is a worldwide event. [34:02] - The Holiday Hack Challenge is something that some people participate in with their kids due to the video game aspect. There is also a social aspect to it with the chat feature. [35:29] - Not only is the Holiday Hack Challenge free, but all of the past challenges are free and accessible to play. This can build your skills. [36:30] - Chris asks if Holiday Hack Challenge has ever been compromised. Ed admits that there are three people who have hacked their way in as players, but there were no purposeful attacks. [39:43] - Ed admits that he sees the world through the eyes of an ethical hacker because he likes to explore and see what’s beyond the edges.  [40:48] - Chris and Ed discuss Bug Bounty Programs and can be useful. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest SANS Web Page Counter Hack Web Page Ed Skoudis on Twitter 2020 Holiday Hack Challenge

In this episode, we have a Boundaryless Conversation with John Robb, the owner and principal analyst for the monthly Global Guerrillas Report, that covers the intersection of War, Politics, and Technology.  Its goal is to provide people with the frameworks needed to make sense of our relentlessly chaotic world. In other words, John helps people think clearly at a time when that kind of help is in short supply.   In our conversation with John, we explore how the rapid power shifts we're witnessing towards open source, and self-organizing networks are going to change the way we organize society and the economy. We touched upon the fact that the emergent future of organizing may not disrupt or obsolete the existing markets, but rather coexist, and that there's no way we can get away with ignoring the question concerning technology as society literally "becomes a technological artefact" as John said. Read more on our Medium story here Here are some important links from the conversation:  > John's patreon page https://www.patreon.com/johnrobb > David Ronfeld, Tribes, Institutions, Markets and Networks, https://www.rand.org/content/dam/rand/pubs/papers/2005/P7967.pdf > John Arquilla, David Ronfeldt (eds): Networks and Netwars, The Future of Terror, Crime, and Militancy, https://www.rand.org/pubs/monograph_reports/MR1382.html > Marshall McLuhan, whose ideas were frequently mentioned in the conversation: https://en.wikipedia.org/wiki/Marshall_McLuhan > The Cynefin Framework for Simple, Complicated, Complex and Chaotic domains, https://www.youtube.com/watch?v=N7oz366X0-8 > Examples of games mentioned that allow modifications to be developed in the kind of open-source community: Fallout and Skyrim: https://fallout.bethesda.net/en/; https://elderscrolls.bethesda.net/en/skyrim > Code Academy, https://www.codecademy.com/ > Cameo, a new platform for getting personalised messages from celebrities, https://www.cameo.com/ > The company where John in 1996 wrote the report “personal broadcast networks” https://go.forrester.com/ > How to Run a City Like Amazon and Other Fables, a multi-author future fiction imagining cities being run by different companies https://shop.meatspacepress.com/product/how-to-run-a-city-like-amazon-and-other-fables   Music by liosound.Recorded on March 26th 2020

In this episode, we have a Boundaryless Conversation with John Robb, the owner and principal analyst for the monthly Global Guerrillas Report, that covers the intersection of War, Politics, and Technology.  Its goal is to provide people with the frameworks needed to make sense of our relentlessly chaotic world. In other words, John helps people think clearly at a time when that kind of help is in short supply.  In our conversation with John, we explore how the rapid power shifts we're witnessing towards open source, and self-organizing networks are going to change the way we organize society and the economy.We touched upon the fact that the emergent future of organizing may not disrupt or obsolete the existing markets, but rather coexist, and that there's no way we can get away with ignoring the question concerning technology as society literally "becomes a technological artefact" as John said.Read more on our Medium story hereHere are some important links from the conversation: > John’s patreon page https://www.patreon.com/johnrobb> David Ronfeld, Tribes, Institutions, Markets and Networks, https://www.rand.org/content/dam/rand/pubs/papers/2005/P7967.pdf> John Arquilla, David Ronfeldt (eds): Networks and Netwars, The Future of Terror, Crime, and Militancy, https://www.rand.org/pubs/monograph_reports/MR1382.html> Marshall McLuhan, whose ideas were frequently mentioned in the conversation: https://en.wikipedia.org/wiki/Marshall_McLuhan> The Cynefin Framework for Simple, Complicated, Complex and Chaotic domains, https://www.youtube.com/watch?v=N7oz366X0-8> Examples of games mentioned that allow modifications to be developed in the kind of open-source community: Fallout and Skyrim: https://fallout.bethesda.net/en/; https://elderscrolls.bethesda.net/en/skyrim> Code Academy, https://www.codecademy.com/> Cameo, a new platform for getting personalised messages from celebrities, https://www.cameo.com/> The company where John in 1996 wrote the report “personal broadcast networks” https://go.forrester.com/> How to Run a City Like Amazon and Other Fables, a multi-author future fiction imagining cities being run by different companies https://shop.meatspacepress.com/product/how-to-run-a-city-like-amazon-and-other-fables Music by liosound.Recorded on March 26th 2020

So as I was at RSAC, I was trying to keep an eye out for those looking to get into the field. RSA is not usually the place for that, but I saw the NetWars tournament and figured that might be a good place to start. On my way there, I met David Zeichick who had "College Day" on his badge. Intrigued, I asked about "College Day" and he told me all about it.I sat down with him for an impromptu interview on the topic.David on Twitter: https://twitter.com/dzeichickGetting Into Infosec:Breaking IN: A Practical Guide to Starting a Career in Information Security: https://www.amazon.com/dp/B07N15GTPC/T-Shirts, Mugs, and more: https://gettingintoinfosec.com/shop/Sign up for sneak peaks, updates, and commentary: https://pages.gettingintoinfosec.com/subscribe

Show notes: https://seangoodwin.blog/007

Ed Skoudis, Founder of the Counter Hack Challenge and Kringle Con 2018, joins us on the show to talk about this years challenge and what's in store! "Welcome to Counter Hack Challenges, an organization devoted to creating educational, interactive challenges and competitions to help identify people with information security interest, potential, skills, and experience. We design and operate a variety of capture-the-flag and quiz-oriented challenges for the SANS Institute, Cyber Aces, US Cyber Challenge, and other organizations. Our featured products include NetWars, CyberCity, Holiday Hack Challenge, Cyber Aces Online, and several Cyber Quests." Join KringleCon: www.kringlecon.com Full Show Notes: https://wiki.securityweekly.com/Episode586 Follow us on Twitter: https://www.twitter.com/securityweekly

Ed Skoudis, Founder of the Counter Hack Challenge and Kringle Con 2018, joins us on the show to talk about this years challenge and what's in store! "Welcome to Counter Hack Challenges, an organization devoted to creating educational, interactive challenges and competitions to help identify people with information security interest, potential, skills, and experience. We design and operate a variety of capture-the-flag and quiz-oriented challenges for the SANS Institute, Cyber Aces, US Cyber Challenge, and other organizations. Our featured products include NetWars, CyberCity, Holiday Hack Challenge, Cyber Aces Online, and several Cyber Quests." Join KringleCon: www.kringlecon.com Full Show Notes: https://wiki.securityweekly.com/Episode586 Follow us on Twitter: https://www.twitter.com/securityweekly

This week is a bit of a short show, as Ms. Berlin and Mr. Boettcher are out this week for the holiday.   I wanted to talk about something that I've started doing at work... Creating training... custom training that can help your org get around the old style training.   Also, we got some community audio from one of our listeners! "JB" went to a SANS event in Berlin, Germany a few weeks ago, and talked to some attendees, as well as Heather Mahalick (@HeatherMahalik), instructor of the FOR585 FOR585: Advanced Smartphone Forensics" Take a listen and we hope you enjoy it!   Direct Link: https://brakesec.com/2017-039   RSS: https://brakesec.com/BrakesecRSS Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite   Join our #Slack Channel! Sign up at  http://brakesec.com/brakesec or DM us on Twitter, or email us. #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec   ---Show notes (from Bryan and JB)---   Ms. Berlin in New Zealand   Mr. Boettcher with the family   Training   What makes us despise training so much? Cookie cutter Scenarios do not match environments Speaking is a little too perfect Flash based UI is horrible Outdated Easy questions   Infosec training is worse 2 hours of training each year Not effective   Why not make your own? Been doing it at work No more than 7 minutes Custom made Tailored for your own company   Do you training like a talk at a con Time limit: 7 (no more than 10 minutes) Create some slides (5-7 slides) Do it on a timely topic Recent tabletop exercise results Recent incident response Phishing campaign Script or no-script required Sometimes talking plainly can be enough   https://screencast-o-matic.com/ - Windows (free version is 7 minutes long) Quicktime - OSX (free) (Screenflow) Handbrake (convert to MKV or MP4) Microphone (can use internal microphones if you have a quiet place) [begin notes: SANS Berlin REMOTE segment]corresp. JB reach jb at(@cherokeejb_) on brakesec slack, twitter, & infosec.exchange--link to all trainers and info from archive SANS Berlin 2017 https://www.sans.org/event/berlin-2017/--pre-NetWars chat with the SEC 503 class:-what do you like about SANS conference-european privacy laws, even country to country!-biggest priority for next year:  building a SOC, working together with sales, asset management, constant improvement, password reuse--special BrakeSec members only cameo--“bring your own device” interview with an Information Security/forensics professionalpassword elimination or no reuse--interview with Heather Mahalik (@HeatherMahalik)Bio https://www.sans.org/instructors/heather-mahalik-“game over” whatsapp, unpatched android, other known-historically weak tools as “assume breach of mobile”-interesection of network forensics and mobile-open source tools and the lack of, how to judge your tools-Heather’s recent blog-getting into mobile, decompiling, etc.-number one topic for next year:  encryption for Andriod 8 Oreo, iOS 12-“most popular android is still v4.4”Heather’s blog we mentionedhttp://smarterforensics.comlink to the book Heather mentioned:https://www.amazon.com/Practical-Mobile-Forensics-Heather-Mahalik/dp/1786464209/ --link to blog mentioned, jb’s initial reflections on SEC 503https://www.linkedin.com/pulse/whaaaa0101-0000-0011t-aka-extracting-files-out-pcaps-foremost JBs blog main link, or if you’re not a fan of linkedinhttps://cherokeejb.blogspot.de/ small featured music clips used with permission from YGAM Records, Berlin“Ж” by the artist Ōtone (Pablo Discerens), (c)(p)2016 Get it for free or donate at http://ygam.bandcamp.com !book club EMEA!:message JB or David (@dpcybuck) or any of us on brakesec slack if you want to take part in the book club conversations live, but can’t make the main call ! ---[end segment]  

This week Beau reviews SANS Netwars. He also talks about CTFs.

This week Beau reviews SANS Netwars. He also talks about CTFs.

This week Beau reviews SANS Netwars. He also talks about CTFs.

This week Beau reviews SANS Netwars. He also talks about CTFs.

While I'm stuck at work, Mr. Boettcher went to the Austin Hackformers and snagged an interview with Mr. Ed Skoudis, of InGuardians and of the SANS Institute, a top flight training academy.  He is to be one of the keynote speakers at DerbyCon this year. He gives us a peek about his keynote, and Mr. Boettcher asks his thoughts on the industry as a whole, SCADA security, Mr. Skoudis' opinion on Infosec as a whole.   Hackformers Austin: http://www.hackformers.org/ Ed Skoudis bio: http://www.sans.org/instructors/ed-skoudis   Bad Guys are Winning - Part 1: link Bad Guys are Winning - Part 2: link Bad Guys are Winning - Part 3: link Bad Guys are Winning - Part 4: link Bad Guys are Winning - Part 5: link Netwars: Cybercity - http://www.sans.org/netwars/cybercity Google Car: http://www.nbcbayarea.com/news/local/Google-to-Test-Self-Driving-Car-Without-Backup-Driver-275033691.html   Intro "Private Eye", transition "Mining by Moonlight", and Outro "Honeybee" created by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0http://creativecommons.org/licenses/by/3.0/