Podcasts about papers cfp

AppSec specialist Megan Jacquot joins Chris and Robert for a compelling conversation about community, career paths, and productive red team exercises. Megan shares her unique cybersecurity origin story, tracing her interest in the field from childhood influences through her tenure as an educator and her formal return to academia to pivot into a tech-focused career. She delves into her roles in threat intelligence and application security, emphasizing her passion for technical work, penetration testing, and bug bounty programs. Additionally, Megan highlights the importance of mentorship, her involvement with the Women in Cybersecurity (WeCyS) community, and her dedication to fostering the next generation of cybersecurity professionals. The discussion covers assumed breach and red team engagements in cybersecurity, the significance of empathy in bug bounty interactions, tips for Call for Papers (CFP) submissions, and the value of community engagement within organizations like OWASP and DEF CON. Megan concludes with insights on the importance of difficult conversations and giving back to the cybersecurity community.LinksDifficult Conversations (How to Discuss What Matters Most) by Douglas Stone, Bruce Patton, Sheila Heen -- https://www.stoneandheen.com/difficult-conversationsBeing Henry: The Fonz...and Beyond by Henry Winkler -- https://celadonbooks.com/book/being-henry-fonz-and-beyond-henry-winkler/FOLLOW OUR SOCIAL MEDIA: ➜Twitter: @AppSecPodcast➜LinkedIn: The Application Security Podcast➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In this episode Michael and Sarah talk to Martin Abbott about the Global Azure event that starts soon, https://globalazure.net/. We talk about how to successfully fill out a Call for Papers (CFP) so YOU can present to a global audience about security topics that interest you. We also cover security news SQL Always Encrypted, SymCrypt and Rust, SQL Security Fundamentals, and free Security 101 material.

Roteiro: Luiz Eduardo, Nelson Murilo, Willian Caprino Produção: MJ Podcasts e Comunicações Patrocínio: Thycotic https://thycotic.com/ Eventos: DEF CON SECTOR CFP - Our first-round Call for Papers (CFP) ends Sunday, May 2, 2021. That's 12 days for you to get your proposals together and submitted at sector.ca/cfp. As you may have heard, SecTor 2021 will be a hybrid event taking place on November 3 and 4. This year will be our 15th annual conference. SocStock - 15 de Junho - On Line. Notícias: Querem que a internet pare em todo lugar https://www.nbcnews.com/politics/justice-department/texas-man-charged-planning-blow-amazon-data-center-virginia-n1263663 E, relacionado a notícia acima Video do Keynote da CanSecWest E falando de FBI… removendo webshells mas deixando a porta aberta E na mesma linha, who is watching the watchmen? Cellebrite hax. Provavelmente a melhor notícia dos últimos tempos. Musica: The Day the Router Died Mais Noticias Máquinas de sorvete hackeadas E máquinas de fritar batatinhas tb. BGP Leak Comunicação com os pesquisadores Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta

Jess (@drjessicabarker) runs the @cyberdotuk account on twitter and website. She's also the co-founder of Redacted Firm (@redactedfirm). She wrote an article last year that covered recommendations and tips for submitting to a conference Call for Papers (CFP). It all started with a tweet asking what's holding people back from submitting to a conference. Over 6,000 responses later there were a variety reasons, including "I don't know enough.' The article goes on to ask several organizers for their suggestions on submitting. In this podcast episode we dive into the article and much more.

Jess (@drjessicabarker) runs the @cyberdotuk account on twitter and website. She's also the co-founder of Redacted Firm (@redactedfirm). She wrote an article last year that covered recommendations and tips for submitting to a conference Call for Papers (CFP). It all started with a tweet asking what's holding people back from submitting to a conference. Over 6,000 responses later there were a variety reasons, including "I don't know enough.' The article goes on to ask several organizers for their suggestions on submitting. In this podcast episode we dive into the article and much more.

Upcoming Conferences ShmooCon 2018 - January 19-21, 2018 at the Washington Hilton in Washington, DC http://shmoocon.org/ BSidesNYC January 20, 2018 https://bsidesnyc.org http://www.securitybsides.com/ THOTCON 0x8 - May 4-5, 2018 https://thotcon.org/ SOLD OUT DerbyCon Sponsorships will open up the first week in March. Call for Trainers (CFT), Call for Papers (CFP), and Call for Workshops (CFW) opens on April 1st, 2018 Call for Trainers opens on March 1st and close on April 14th, 2018 Call for Papers (CFP) and Call for Workshops (CFW) opens April 1st, 2018 and end on July 1st, 2018 Ticket Sales: May 5th (Derby Day), 2018 at 1:00PM ET DerbyCon training dates: October 3rd and 4th, 2018 DerbyCon conference dates: October 5th – 7th, 2018 https://derbycon.com The podcast RSS and iTunes Feed RSS: https://audioboom.com/channels/4914568.rss iTunes: pcast://audioboom.com/channels/4914568.rss Patreon https://www.patreon.com/rebootitpodcast Stories Security bod uncovers 15-year-old macOS zero-day flaw https://www.theinquirer.net/inquirer/news/3023615/security-bod-uncovers-15-year-old-macos-zero-day-flaw North Korean Hackers Hijack Computers to Mine Cryptocurrencies https://www.bloomberg.com/news/articles/2018-01-02/north-korean-hackers-hijack-computers-to-mine-cryptocurrencies Mirai botnet co-authors plead guilty in US court https://www.theinquirer.net/inquirer/news/3023120/mirai-botnet-co-authors-plead-guilty-in-us-court Mirai: Student behind IoT malware used it in Minecraft server protection racket, claims Krebs https://www.theinquirer.net/inquirer/news/3002896/mirai-student-behind-iot-malware-used-in-minecraft-server-protection-racket-claims-krebs Former Rutgers student admits to creating code that crashed internet http://www.nj.com/education/2017/12/rutgers_student_charged_in_series_of_cyber_attacks.html Plea Agreement Full Text: https://www.documentcloud.org/documents/4327738-Paras-Jha-Plea.html We Need a New FUD http://daveshackleford.com/?p=1081 Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes https://krebsonsecurity.com/2018/01/serial-swatter-swautistic-bragged-he-hit-100-schools-10-homes/ Shame: Richard 'Rick' Fisher Hayes http://attrition.org/errata/shame/richard_hayes/ Massive child porn site is hiding in plain sight, and the owners behind it https://sijmen.ruwhof.net/weblog/1782-massive-child-porn-site-is-hiding-in-plain-sight-and-the-owners-behind-it ';--have i been pwned? - Check if you have an account that has been compromised in a data breach https://haveibeenpwned.com/

Our very own Ms. Berlin and Mr. Lee Brotherston (@synackpse), veteran of the show, co-authored an #O'Reilly book called the "Defensive Security Handbook" We talk with Amanda and Lee (or Lee and Amanda :D ) about why they wrote the book, how people should use the book, and how you can maximize your company's resources to protect you. The best thing is that you can pick up the ebook right now! It's available for pre-order on Safari books (Link), or pre-order on Amazon.com (Link) Hope you enjoy! Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-010-Defensive_Security_handbook.mp3 Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw Itunes: (look for '2017-010') https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2    Previous Lee Brotherston episodes: Threat Modeling w/ Lee Brotherston Is your ISP MiTM-ing you  Lee fills in for Mr. Boettcher, along with Jarrod Frates TLS fingerprinting application   #Bsides #London is accepting Call for Papers (#CFP) starting 14 Febuary 2017, as well as a Call for Workshops. Tickets are sold out currently, but will be other chances for tickets. Follow @bsidesLondon for more information. You can find out more information at https://www.securitybsides.org.uk/    CFP closes 27 march 2017 ------ HITB announcement: “Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/ --------- Join our #Slack Channel! Sign up at https://brakesec.signup.team #RSS: http://www.brakeingsecurity.com/rss #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast iHeartRadio App:  https://www.iheart.com/show/263-Brakeing-Down-Securi/ SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/  

Wikileaks published a cache of documents and information from what appears to be a wiki from the Central Intelligence Agency (CIA). This week, we discuss the details of the leak (as of 11Mar 2017), and how damaging it is to blue teamers. To help us, we asked Mr. Dave Kennedy  (@hackingDave) to sit down with us and discuss what he found, and his opinions of the data that was leaked. Mr. Kennedy is always a great interview, and his insights are now regularly seen on Fox Business News, CNN, and MSNBC. Dave isn't one to rest on his laurels. For many of you, you know him as the co-organizer of #derbycon, as well as a board member of #ISC2.  We ask him about initiatives going on with ISC2, and how you (whether or not you're a ISC2 cert holder). You can help with various committees and helping to improve the certification landscape. We talk about how to get involved. We finish up asking about the latest updates to DerbyCon, as well as the dates of tickets, and we talk about our CTF for a free ticket to DerbyCon.   Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-009-dave_kennedy_vault7_isc2_derbycon_update.mp3 Youtube:  https://www.youtube.com/watch?v=lqXGGg7-BlM iTunes: https://itunes.apple.com/us/podcast/2017-009-dave-kennedy-talks-abotu-cias-vault7-isc2/id799131292?i=1000382638971&mt=2   #Bsides #London is accepting Call for Papers (#CFP) starting 14 Febuary 2017, as well as a Call for Workshops. Tickets are sold out currently, but will be other chances for tickets. Follow @bsidesLondon for more information. You can find out more information at https://www.securitybsides.org.uk/    CFP closes 27 march 2017 ------ HITB announcement: “Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/ --------- Join our #Slack Channel! Sign up at https://brakesec.signup.team #RSS: http://www.brakeingsecurity.com/rss #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast iHeartRadio App:  https://www.iheart.com/show/263-Brakeing-Down-Securi/ SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/     --show notes-- http://www.bbc.com/news/world-us-canada-10758578   WL: “CIA ‘hoarded’ vulnerabilities or ‘cyber-weapons’     Should they not have tools that allow them to infiltrate systems of ‘bad’ people?     Promises to share information with manufacturers         BrBr- Manufacturers and devs are the reason the CIA has ‘cyber-weapons’             Shit code, poor software design/architecture             Security wonks aren’t without blame here either   http://www.bbc.com/news/technology-39218393  -RAND report         Report suggested stockpiling is ‘good’             “On the other hand, publicly disclosing a vulnerability that isn't known by one's adversaries gives them the upper hand, because the adversary could then protect against any attack using that vulnerability, while still keeping an inventory of vulnerabilities of which only it is aware of in reserve.”   Encryption does still work, in many cases… as it appears they are having to intercept the data before it makes it into secure messaging systems…   http://abcnews.go.com/Technology/wireStory/cia-wikileaks-dump-tells-us-encryption-works-46045668   (somewhat relevant? Not sure if you want to touch on https://twitter.com/bradheath/status/837846963471122432/photo/1)   Wikileaks - more harm than good?     Guess that depends on what side you’re on     What side is Assange on? (his own side?)     Media creates FUD because they don’t understand         Secure messaging apps busted (fud inferred by WL)             In fact, data is circumvented before encryption is applied. Some of the docs make you wonder about the need for ‘over-classification’ Vulnerabilities uncovered   Samsung Smart TVs “Fake-Off” Tools to exfil data off of iDevices     BrBr- Cellbrite has sold that for years to the FBI         CIA appears to only have up to iOS 9 (according to docs released) Car hacking tech Sandbox detection (notices mouse clicks or the lack of them)     Reported by eEye: https://wikileaks.org/ciav7p1/cms/page_2621847.html Technique: Process Hollowing: https://wikileaks.org/ciav7p1/cms/page_3375167.html     Not new: https://attack.mitre.org/wiki/Technique/T1093 **anything Mr. Kennedy feels is important to mention**   What can blue teamers do to protect themselves?     Take an accounting of ‘smart devices’ in your workplace         Educate users on not bringing smart devices to work             And at home (if they are remote)                 Alexa,         Restrict smart devices in sensitive areas             SCIFs, conference rooms, even in ‘open workplace’ areas                 Segment possibly affected systems from the internet     Keep proper inventories of software used in your environment     Modify IR exercises to allow for this type of scenario?     Reduce ‘smart’ devices         Grab that drill and modify the TV in the conference room         Cover the cameras on TV             Is that too paranoid?         Don’t setup networking on smart devices or use cloud services on ‘smart’ devices     Remind devs that unpatched or crap code can become the next ‘cyber-weapon’ ;)

If you were under a rock, you didn't hear about the outage that #Amazon #Web Services (#AWS) suffered at the hands of sophisticated, nation-state... wah?  "an authorized #S3 team #member using an established #playbook executed a command which was intended to remove a small number of servers for one of the S3 subsystems that is used by the S3 billing process. Unfortunately, one of the inputs to the command was entered incorrectly and a larger set of servers was removed than intended." Well... okay, so for companies that do regular IR response tests and have a good majority of their assets and production in cloud based services, is it time to discuss having the 'extreme' scenario of 'What do we do when [AWS|Azure|Google Compute] goes down?' We also discuss an article about #developers who want to get rid of the #whiteboard #interview... is it as #discriminatory as they suggest, or is it just devs who aren't confident or lacking #skills trying to get hired? (see show notes below for links) Finally, we talk about Ms. #Berlin's talk she will be giving at #AIDE on 6-7 April. It's gonna be a "hands-on" talk.  What do we mean? Listen to our show and find out. #AIDE - https://appyide.org/events/ $60 more info: https://appyide.org/1313-2/   Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-008-AWS_S3_outage-IR_scenarios_white-board-interviews.mp3   #Bsides #London is accepting Call for Papers (#CFP) starting 14 Febuary 2017, as well as a Call for Workshops. Tickets are sold out currently, but will be other chances for tickets. Follow @bsidesLondon for more information. You can find out more information at https://www.securitybsides.org.uk/    CFP closes 27 march 2017 ------ HITB announcement: “Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/ --------- Join our #Slack Channel! Sign up at https://brakesec.signup.team #RSS: http://www.brakeingsecurity.com/rss #Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast iHeartRadio App:  https://www.iheart.com/show/263-Brakeing-Down-Securi/ SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/   ---show notes---   AWS S3 outage (hopefully more information by the end of the week)     Massive outages - many sites down         IoT devices borked        https://techcrunch.com/2017/02/28/amazon-aws-s3-outage-is-breaking-things-for-a-lot-of-websites-and-apps/ https://www.wired.com/2017/02/happens-one-site-hosts-entire-internet/   TL;DR of the S3 outage - "an authorized S3 team member using an established playbook executed a command which was intended to remove a small number of servers for one of the S3 subsystems that is used by the S3 billing process. Unfortunately, one of the inputs to the command was entered incorrectly and a larger set of servers was removed than intended."   Brian: Water sprinkler story…   Do we put too much stock in Amazon?         Email Story time: Recent IR exercise             Mostly AWS shop             “If we suspend reality” drinking game             World War Z “the 10th man”   Not the 1st time AWS was involved in an outage:     http://www.datacenterdynamics.com/content-tracks/security-risk/major-ddos-attack-on-dyn-disrupts-aws-twitter-spotify-and-more/97176.fullarticle   Realistic IR exercises need to examine the ‘ultimate’ bad…     Even if you’re in ‘suspend reality’ mode   https://theoutline.com/post/1166/programmers-are-confessing-their-coding-sins-to-protest-a-broken-job-interview-process http://blog.interviewing.io/you-cant-fix-diversity-in-tech-without-fixing-the-technical-interview/   No problem with copy/paste, hunting up functions, etc     Problem comes when failure to understand the code you’re using, and the integration of that code therein   Programming Interviews Exposed   LOVED this idea…. https://letsjusthackshit.org/platypuscon2016.html “In the spirit of what brought this community together, we’re aiming to build a super hands-on event: that is, instead of a series of talks while you plan on missing to catch up with your friends at the cafe down the road, we’re putting together a full day of hands-on workshops where you can get your hands dirty and we can all help each other learn something new.”   Patreon - just pop a dollar CTF Club - Tuesdays 9am Pacific / 6pm Pacific Book club - Defensive Security Handbook - Starting 15 March

NYCBSDCon has published their Call for Papers (CFP). See their website for more details: http://www.nycbsdcon.org.Interview from BSDCan 2010 with Colin Percival. We talk about cryptography, Portsnap, FreeBSD Update, and Tarsnap.File Info: 20Min, 9MB.Ogg Link:https://archive.org/download/bsdtalk193/bsdtalk193.ogg