POPULARITY
3 episodes with principal security consultant
2 episodes with principal security consultant
2 episodes with principal security consultant
2 episodes with principal security consultant
![DEF CON 22 [Materials] Speeches from the Hacker Convention.](https://ivyfm.s3.amazonaws.com/i320/597383.jpg)
2 episodes with principal security consultant
In this episode, Ashish sits down with Christian Philipov, Principal Security Consultant at WithSecure, to explore the stealth tactics threat actors are using in Azure and why many of these go undetected.Christian breaks down the lesser-known APIs like Ibiza and PIM, how Microsoft Graph differs from legacy APIs, and what this means for defenders.The 3 common ways attackers stay stealthy in AzureWhy read-only enumeration activity often isn't loggedWhat detection is possible and how to improve itHow conditional access and logging configuration can help defendersWhy understanding Microsoft Graph matters for security opsGuest Socials: Christian's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter - Cloud Security BootCampIf you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(02:09) A bit about Christian(02:39) What is considered stealthy in Azure?(04:39) Which services are stealthy in Azure?(06:25) PIM and Ibiza API(12:53) The role of Defender for Cloud(18:04) Does the Stealthy API approach scale?(19:26) Preventing Stealthy API attacks(21:49) Best Practices for Prevention in Azure(25:47) Behaviour Analysis in Azure(29:31) The Fun SectionResources spoken about during the interview:Christian's fwd:cloudsec talk - Staying Sneaky in Microsoft AzureChristian's Disobey Talk
Donato is a Software Engineer and Principal Security Consultant at WithSecure, with over 12 years of experience in offensive security, security assurance, and software engineering. His background spans a wide range of cybersecurity areas, which gives him a practical and well-rounded perspective when working on securing LLM applications. Donato has conducted extensive research on generative AI security, covering topics such as multi-chain prompt injection, securing ReAct agents, and testing LLM guardrails. He shares his work through a technical YouTube channel (https://www.youtube.com/@donatocapitella) and publishes research articles on the WithSecure Labs blog (https://consulting.withsecure.com/articles/generative-ai-security-findings-from-our-research/).For more SecTools podcast episodes, visit https://infoseccampus.com
Salt Typhoon is still at it. Russian cyber-actor Seashell Blizzard expands its reach. The EFF sues DOGE to protect federal workers' data. House Republicans pursue a comprehensive data privacy bill. Fortinet patches a critical vulnerability. Google views cybercrime as a national security threat. Palo Alto Networks issues 10 new security advisories. Symantec suspects a Chinese APT sidehustle. Guest Jason Baker, Principal Security Consultant at GuidePoint Security, joins us to share an update on the state of ransomware. A massive IoT data breach exposes 2.7 billion records. Here come the AI agents. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest, Jason Baker, Principal Security Consultant at GuidePoint Security, joins us to share an update on the state of ransomware. Selected Reading China's Salt Typhoon Spies Are Still Hacking Telecoms—Now by Exploiting Cisco Routers (WIRED) Russian Seashell Blizzard Enlists Specialist Initial Access Subgroup to Expand Ops (Infosecurity Magazine) EFF Leads Fight Against DOGE and Musk's Access to US Federal Workers' Data (Infosecurity Magazine) Elon Musk and the Right Are Recasting Reporting as ‘Doxxing' (New York Times) FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now! (Hackread) Cybercrime evolving into national security threat: Google (The Record) House Republicans launch group for comprehensive data privacy legislation (The Record) Palo Alto Networks Patches Potentially Serious Firewall Vulnerability (SecurityWeek) Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job (SecurityWeek) Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords (Cyber Security News) Are You Ready to Let an AI Agent Use Your Computer? (IEEE Spectrum) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Colin Bell, Rob Cuddy and Kris Duer from HCL Software bring you another insightful application paranoia session.In this episode our special guest is Mark Spears.Mark is currently a Principal Security Consultant at Solis Security. Having fulfilled significant time as a network defender and vCISO dealing with writing and testing InfoSec Programs and dealing with auditors and endless reporting, he has now re-focused his time on Penetration Testing to get his fill of offensive security operations. So Red Pill or Blue Pill?A lot of his most recent education and skill focus has been on helping companies with their Web Application security through Secure-SDLC practices including configuration of Web Application Firewalls and Zero Trust solutions. When not enjoying his work at Solis Security, he can be found practicing physical security, lock picking, social engineering, or hardware hacking. Or, out on a Harley Davidson!
International Law Enforcement Seizes Domains of Russian Crypto Laundering Networks. The real-world risk of a recently revealed Linux vulnerability appears low. Criminal Charges Loom in the Iranian Hack of the Trump Campaign. Meta is fined over a hundred million dollars for storing users' passwords in plaintext. Delaware's public libraries grapple with the aftermath of a ransomware attack. Tor merges with Tails. Progress Software urges customers to patch multiple vulnerabilities. A critical vulnerability in VLC media player has been discovered. Our guests are Mark Lance, Vice President of DFIR and Threat Intelligence at GuidePoint Security, and Andrew Nelson, Principal Security Consultant at GuidePoint Security discussing their work on "Hazard Ransomware – A Successful Broken Encryptor Story." Having the wisdom to admit you just don't know. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Mark Lance, Vice President DFIR and Threat Intelligence at GuidePoint Security, discussing their work on "Hazard Ransomware – A Successful Broken Encryptor Story." Selected Reading US-led operation disrupts crypto exchanges linked to Russian cybercrime (The Record) Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected (SecurityWeek) Criminal charges coming in alleged Iranian hack of Trump campaign emails: Sources (ABC News) Meta fined $101 million for storing hundreds of millions of passwords in plaintext (The Record) Hackers attack Delaware libraries, seek ransom. Here's what we know (Delaware Online) Tor Merges With Security-Focused OS Tails (SecurityWeek) Progress urges admins to patch critical WhatsUp Gold bugs ASAP (Bleeping Computer) VLC Player Vulnerability Let Attackers Execute Malicious Code, Update Now (Cyber Security News) Bigger AI chatbots more inclined to spew nonsense — and people don't always realize (Nature) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The “Sinkclose” bug is a critical vulnerability impacting AMD chips across hundreds of millions of PCs and servers, and – as a result – possibly gamers. In this episode, Krzysztof Okupski, Principal Security Consultant at IOActive, joins host Paul John Spaulding to discuss. • For more on cybersecurity, visit us at https://cybersecurityventures.com
The White House has given agencies until the end of the year to make sure their use of artificial intelligence is safe and fair. It tells practitioners to keep humans in the proverbial loop and to let people opt out of AI applications. And it also wants them to stop using AI if they cannot meet the safeguard rules. How feasible is all of this? For one view, Federal Drive Host Tom Temin spoke with the Principal Security Consultant for the cybersecurity company NCC group, David Brauchler. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
The White House has given agencies until the end of the year to make sure their use of artificial intelligence is safe and fair. It tells practitioners to keep humans in the proverbial loop and to let people opt out of AI applications. And it also wants them to stop using AI if they cannot meet the safeguard rules. How feasible is all of this? For one view, Federal Drive Host Tom Temin spoke with the Principal Security Consultant for the cybersecurity company NCC group, David Brauchler. Learn more about your ad choices. Visit megaphone.fm/adchoices
Summary Eric Escobar (Twitter; LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss compromising networks and information security. He has a coveted DEFCON Black Badge. What You'll Learn Intelligence -What keeps Eric up at night -Thinking like an ethical hacker (aka a “penetration tester) -Protecting your information (i.e., “Hardening the attack surface”) -Plain English explanations of key cyber concepts like “Kill Chains” and “Zero Days” Reflections -Having a cool job -The information revolution and life in the modern world And much, much more… Episode Notes Eric Escobar commits several thousand felonies on any given day, if he didn't have permission to do what he was doing. A Principal Security Consultant with SecureWorks, Eric has compromised pretty much everything out there: from healthcare and banking to technology and critical infrastructure, through to amusement parks and next generation military aircraft. “From my perspective, it's the coolest job in the entire world.” His team consecutively won first place in the Wireless CTF category at DEF CON 23, 24, and 25, snagging a Black Badge along the way. He has a BS and MS in Civil Engineering. And… The links between computing, hacking and the 60's counterculture are FASCINATING. Learn more by dipping your toes here and here, or dive deeper with What the Dormouse Said (2005) by John Markoff and From Counterculture to Cyberculture (2006) by Fred Turner. Quote of the Week "Watching any critical infrastructure get compromised is really the thing that keeps me up at night because lives are in the balance…and we do a lot of testing for critical infrastructure, and I've seen computers and machines that have been online and not been taken offline, longer than I've been alive…So really interesting to see those types of things because they interact with really big, expensive hardware…there's a catch 22 that happens where you can't really take the machine offline to do maintenance on it because it's critical infrastructure. So then how do you test it to make sure that a hacker can't take it offline, or maintenance can't be done on it? " – Eric Escobar. Resources *Andrew's Recommendation* -Word Notes From beginner thru advanced, you'll find some helpful definitions of things like “Web 3.0,” “NFT's” and “Digital Transformation” on this Cyberwire audio glossary. *SpyCasts* -Inside Microsoft's Threat Intelligence Center (MSTIC) – with John Lambert and Cristin Goodwin (2021) -The Cyber Zeitgeist – with Dave Bittner (2021) -Securing Cyberspace – with Charlie Mitchell (2016) *Beginner Resources* -What is Hacking? The Economic Times (n.d.) [web] -Ethical Hacking in 8 Minutes, Simplilearn (2020) [8 min video] -Cybersecurity in 7 minutes, Simplilearn (2020) [7 min video] Books -The Cyberweapons Arms Race, N. Perloth (Bloomsbury, 2021) -Cult of the Dead Cow, J. Menn (PublicAffairs, 2020) -Breaking & Entering, J. Smith (Mariner Books, 2019) -The Art of Invisibility, K. Mitnick (L, B & C, 2017) -Ghost in the Wires, K. Mitnick (Back Bay Books, 2012) -Kingpin, K. Poulson (Crown, 2012) -The Cuckoo's Egg, C. Stoll (Doubleday, 1989) -Neuromancer, W. Gibson (Ace, 1984) Articles -2022 State of the Threat: A Year in Review, Secureworks (2022) -The Anthropology of Hackers, The Atlantic (2010) -Timeline Since 2006: Significant Cyber Incidents, CSIS (n.d.) Documentary -DEFCON, The Documentary Network (2013) Resources -Government Hacking Bibliography, S. Quinlan, New America Foundation (2016) *Wildcard Resource* -“The Aurora Shard” Come to the International Spy Museum to see an ugly chunk of metal. Why? Well, it speaks to a revolution in the relationship between the material world and the non-material world. Broken down? 30 lines of code blew up a 27-ton generator. Zeros and ones can cause violent explosions!
Alton Johnson, Founder and Principal Security Consultant at Vonahi Security, automates his way out of his pen testing job in this week's episode. An AOl hacking gone wild got Alton into defensive cybersecurity years ago, and now, as the Founder of Vonahi, Alton advocates for automation and efficiency in the pen testing process. Alton talks about his connection to defensive over offensive, customizing a pen test report to your audience, and finding that sweet spot between practitioner and entrepreneur. Timecoded Guide: [00:00] Learning the importance of automation in defensive cyber [07:48] Connecting with automation & defensive cybersecurity over offensive [12:01] Showing the results that matter to the right people in a pen test report [15:27] Prioritizing exploitations in the world of vulnerability assessments [21:59] Maintaining the cyber practitioner & the entrepreneurial side of Vonahi Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more. How have you seen automation change yourself and your role? As a penetration tester, Alton explains that time is often not on his side. There's a limited amount of time to do an assessment, and the measure of a good pen tester is often determined by fast, high quality reporting. Automating the repetitive tasks of pen testing not only saves time, but Alton believes it genuinely changes the role into something much more efficient, high value, and successful. “Automation obviously plays a huge part in growing in the career too, because the more you can do, the more value you can provide, and the faster you can provide that value makes you a better pentester.” How do you convey the story of a red team engagement in different ways so that message is received by everyone in the company? At Vonahi Security, Alton's team separates pen testing reports into an executive summary and a technical report. The executive summary is high level, demonstrating the impact and severity of what was discovered from a business point of view. Many business executives don't need the technical play by play, which is why that is saved for the technical report. The technical report acts as a scene by scene story of what was done and how to technically fix it. “We separate the two conversations. Here's what we did at a high level to anyone that doesn't really care about the technical stuff, but only cares about how it impacts the business, and then, for the person that has to fix the issues, here's everything that they would need.” What would you tell the newer generation of cybersecurity practitioners about the offensive side? When Alton first started his cybersecurity journey, he was very into hacking and coding. That passion for code has served him well, allowing him to become successful enough to start his own business with Vonahi. For the younger generation of cyber practitioners, Alton recommends not skipping that coding education. As technically advanced and automated as cybersecurity tools are, practitioners should be prepared to code when something breaks or doesn't work as intended. “I think coding is extremely valuable, because there's going to be many times that tools that you use don't work and you have to have the experience and knowledge to basically fix those problems with coding.” What have you learned over the past few years that has helped you to maintain both the technical and business side of Vonahi? 21 Efficiency is the name of the game for Vonahi— and it's the one thing that has allowed Alton to remain in a hands-on pen testing role while still being a business owner. Keeping it efficient is more than just technology and automation. Alton believes his success is a direct result of the efficient technology around him and the hardworking, intelligent, efficient team members working with him at Vonahi. “It is really just about efficiency. We look to all these other leaders, but for me, I like to learn from other people's failures. I don't want to take the same growth processes as the person who failed and didn't do well.” --------------- Links: Keep up with our guest Alton Johnson on LinkedIn and his personal website Learn more about Vonahi Security on LinkedIn and the Vonahi Security website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio
Guests: Lauren Zabierek (@lzxdc), Acting Executive Director of the Belfer Center at the Harvard Kennedy School Christina Morillo (@divinetechygirl), Principal Security Consultant at Trimark Security Topics: We are so excited to have you on the show today talking about your awesome effort, Share The Mic in Cyber. I love that we are Sharing our Mic with you today. Could you please introduce yourself to our listeners? Let's talk about representation and what that means, and why it's especially relevant in cyber security? Psychological safety is super important for so many reasons, including in cyber. Could you share a definition of what it is, and why it is important? Can we talk about how psychological safety and representation intersect? Let's bring things back to talk about the #ShareTheMicInCyber / #STMIC project. Could you tell us about one of your favorite things that's come from the project? Any surprises? Lessons? Plans? Futures? How can our listeners help with #ShareTheMicInCyber? Where to learn more? Resources: #ShareTheMicInCyber site and @ShareInCyber on social Lauren Zabierek (@lzxdc), #ShareTheMic in Cyber co-founder Camille Stewart Gloster (@camilleesq), #ShareTheMic in Cyber co-founder “Missing Diversity Hurts Your Security” (ep42) NEXT Special - Cloud Security and DEI: Being an Ally! (ep36)
Episode 153 includes: 00:00 The 2% mindset for successful people 07:19 How to grab anyone's attention on LinkedIn 14:43 A potential new automated Pen Test revenue stream 26:37 A great book recommendation about realising any goal Featured guest: Thank you to Alton Johnson from Vonahi Security for joining Paul to discuss a potential new automated Pen Test revenue stream. Prior to Vonahi Security, Alton has worked at several large and small cybersecurity consulting firms as a Principal Security Consultant. Throughout his professional career, he has performed hundreds of security assessments for organisations ranging from small businesses to Fortune 10. He also regularly attends information security conferences and have spoken at DerbyCon as well as local communities. Connect with Alton on LinkedIn: https://www.linkedin.com/in/altonjx Extra show notes: Out every Tuesday on your favourite podcast platform Presented by Paul Green, an MSP marketing expert: https://www.linkedin.com/in/paul-green-msp-marketing/ https://www.paulgreensmspmarketing.com/about/ You can join Paul in the MSP Marketing group on Facebook: https://www.facebook.com/groups/mspmarketing/ Thank you to Blaine Oelkers, the only Chief Results Officer®, for recommending the book Think And Grow Rich (the Study Guide edition), by Napoleon Hill: https://www.amazon.co.uk/Think-Grow-Rich-Study-Guide-ebook/dp/B07J3PM32G https://www.linkedin.com/in/blaineoelkers Subscribe to Paul's YouTube channel: https://www.youtube.com/mspmarketing Subscribe to this podcast using your favourite podcast provider: https://www.audible.co.uk/pd/Paul-Greens-MSP-Marketing-Podcast-Podcast/B08JK38L4V https://podcasts.apple.com/gb/podcast/paul-greens-msp-marketing-podcast/id1485101351 https://www.stitcher.com/podcast/paul-greens-msp-marketing-podcast https://podcasts.google.com/feed/aHR0cHM6Ly93d3cucGF1bGdyZWVuc21zcG1hcmtldGluZy5jb20vZmVlZC9wb2RjYXN0?sa https://music.amazon.co.uk/podcasts/b03a9638-adf4-4491-93f1-569183e079d7/Paul-Greens-MSP-Marketing-Podcast https://open.spotify.com/show/1Hw52ScOg5WvGaBUkaOrI7
Summary Eric Escobar (Twitter; LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss compromising networks and information security. He has a coveted DEFCON Black Badge. What You'll Learn Intelligence What keeps Eric up at night Thinking like an ethical hacker (aka a “penetration tester) Protecting your information (i.e., “Hardening the attack surface”) Plain English explanations of key cyber concepts like “Kill Chains” and “Zero Days” Reflections Having a cool job The information revolution and life in the modern world And much, much more… Episode Notes Eric Escobar commits several thousand felonies on any given day, if he didn't have permission to do what he was doing. A Principal Security Consultant with SecureWorks, Eric has compromised pretty much everything out there: from healthcare and banking to technology and critical infrastructure, through to amusement parks and next generation military aircraft. “From my perspective, it's the coolest job in the entire world.” His team consecutively won first place in the Wireless CTF category at DEF CON 23, 24, and 25, snagging a Black Badge along the way. He has a BS and MS in Civil Engineering. And… The links between computing, hacking and the 60's counterculture are FASCINATING. Learn more by dipping your toes here and here, or dive deeper with What the Dormouse Said (2005) by John Markoff and From Counterculture to Cyberculture (2006) by Fred Turner. Quote of the Week "Watching any critical infrastructure get compromised is really the thing that keeps me up at night because lives are in the balance…and we do a lot of testing for critical infrastructure, and I've seen computers and machines that have been online and not been taken offline, longer than I've been alive…So really interesting to see those types of things because they interact with really big, expensive hardware…there's a catch 22 that happens where you can't really take the machine offline to do maintenance on it because it's critical infrastructure. So then how do you test it to make sure that a hacker can't take it offline, or maintenance can't be done on it? " – Eric Escobar. Resources *Andrew's Recommendation* Word Notes From beginner thru advanced, you'll find some helpful definitions of things like “Web 3.0,” “NFT's” and “Digital Transformation” on this Cyberwire audio glossary. *SpyCasts* Inside Microsoft's Threat Intelligence Center (MSTIC) – with John Lambert and Cristin Goodwin (2021) The Cyber Zeitgeist – with Dave Bittner (2021) Securing Cyberspace – with Charlie Mitchell (2016) *Beginner Resources* What is Hacking? The Economic Times (n.d.) [web] Ethical Hacking in 8 Minutes, Simplilearn (2020) [8 min video] Cybersecurity in 7 minutes, Simplilearn (2020) [7 min video] Books The Cyberweapons Arms Race, N. Perloth (Bloomsbury, 2021) Cult of the Dead Cow, J. Menn (PublicAffairs, 2020) Breaking & Entering, J. Smith (Mariner Books, 2019) The Art of Invisibility, K. Mitnick (L, B & C, 2017) Ghost in the Wires, K. Mitnick (Back Bay Books, 2012) Kingpin, K. Poulson (Crown, 2012) The Cuckoo's Egg, C. Stoll (Doubleday, 1989) Neuromancer, W. Gibson (Ace, 1984) Articles 2022 State of the Threat: A Year in Review, Secureworks (2022) The Anthropology of Hackers, The Atlantic (2010) Timeline Since 2006: Significant Cyber Incidents, CSIS (n.d.) Documentary DEFCON, The Documentary Network (2013) Resources Government Hacking Bibliography, S. Quinlan, New America Foundation (2016) *Wildcard Resource* “The Aurora Shard” Come to the International Spy Museum to see an ugly chunk of metal. Why? Well, it speaks to a revolution in the relationship between the material world and the non-material world. Broken down? 30 lines of code blew up a 27-ton generator. Zeros and ones can cause violent explosions!
Summary Eric Escobar (Twitter; LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss compromising networks and information security. He has a coveted DEFCON Black Badge. What You'll Learn Intelligence What keeps Eric up at night Thinking like an ethical hacker (aka a “penetration tester) Protecting your information (i.e., “Hardening the attack surface”) Plain English explanations of key cyber concepts like “Kill Chains” and “Zero Days” Reflections Having a cool job The information revolution and life in the modern world And much, much more… Episode Notes Eric Escobar commits several thousand felonies on any given day, if he didn't have permission to do what he was doing. A Principal Security Consultant with SecureWorks, Eric has compromised pretty much everything out there: from healthcare and banking to technology and critical infrastructure, through to amusement parks and next generation military aircraft. “From my perspective, it's the coolest job in the entire world.” His team consecutively won first place in the Wireless CTF category at DEF CON 23, 24, and 25, snagging a Black Badge along the way. He has a BS and MS in Civil Engineering. And… The links between computing, hacking and the 60's counterculture are FASCINATING. Learn more by dipping your toes here and here, or dive deeper with What the Dormouse Said (2005) by John Markoff and From Counterculture to Cyberculture (2006) by Fred Turner. Quote of the Week "Watching any critical infrastructure get compromised is really the thing that keeps me up at night because lives are in the balance…and we do a lot of testing for critical infrastructure, and I've seen computers and machines that have been online and not been taken offline, longer than I've been alive…So really interesting to see those types of things because they interact with really big, expensive hardware…there's a catch 22 that happens where you can't really take the machine offline to do maintenance on it because it's critical infrastructure. So then how do you test it to make sure that a hacker can't take it offline, or maintenance can't be done on it? " – Eric Escobar. Resources *Andrew's Recommendation* Word Notes From beginner thru advanced, you'll find some helpful definitions of things like “Web 3.0,” “NFT's” and “Digital Transformation” on this Cyberwire audio glossary. *SpyCasts* Inside Microsoft's Threat Intelligence Center (MSTIC) – with John Lambert and Cristin Goodwin (2021) The Cyber Zeitgeist – with Dave Bittner (2021) Securing Cyberspace – with Charlie Mitchell (2016) *Beginner Resources* What is Hacking? The Economic Times (n.d.) [web] Ethical Hacking in 8 Minutes, Simplilearn (2020) [8 min video] Cybersecurity in 7 minutes, Simplilearn (2020) [7 min video] Books The Cyberweapons Arms Race, N. Perloth (Bloomsbury, 2021) Cult of the Dead Cow, J. Menn (PublicAffairs, 2020) Breaking & Entering, J. Smith (Mariner Books, 2019) The Art of Invisibility, K. Mitnick (L, B & C, 2017) Ghost in the Wires, K. Mitnick (Back Bay Books, 2012) Kingpin, K. Poulson (Crown, 2012) The Cuckoo's Egg, C. Stoll (Doubleday, 1989) Neuromancer, W. Gibson (Ace, 1984) Articles 2022 State of the Threat: A Year in Review, Secureworks (2022) The Anthropology of Hackers, The Atlantic (2010) Timeline Since 2006: Significant Cyber Incidents, CSIS (n.d.) Documentary DEFCON, The Documentary Network (2013) Resources Government Hacking Bibliography, S. Quinlan, New America Foundation (2016) *Wildcard Resource* “The Aurora Shard” Come to the International Spy Museum to see an ugly chunk of metal. Why? Well, it speaks to a revolution in the relationship between the material world and the non-material world. Broken down? 30 lines of code blew up a 27-ton generator. Zeros and ones can cause violent explosions!
How has threat modeling evolved and how can security help make it easier for developers to implement that practically into their code? In this episode, Maran Gunasekaran, Principal Security Consultant at Practical DevSecOps gives us a rundown of what threat modeling used to mean and how developers can translate threat models into actual threat modeling as code. He also offers real-world examples of how security and developers align on threat modeling when shipping code.
Great conversations leave you wanting more and that is exactly what happened when LogicGate's own Megan Phee appeared with James (Jim) Rees on Razorthorn's podcast. So when they both felt like there was more to discuss, we invited Jim to join us on GRC & Me. Jim is Razorthorn's Managing Director and Principal Security Consultant with decades of experience in information security. He has worked with some of the largest and most influential organizations worldwide. In this episode of GRC & Me, Megan and Jim continue their chat on the ever-changing complexities of compliance, how regulatory models ask for consistency, and quick wins for those starting on their InfoSec and GRC journeys.
It's round 2 for Mark Ledlow and Peter Morton, Principal Security Consultant of Morton Executive Decisions, here in The Fearless Mindset Podcast. In this second part of Peter's conversation with Mark, he discusses some problems with people who are trying to get involved in the support effort in Ukraine such as romanticizing warfare, conflict of interest, and politics involved. HIGHLIGHTSThe problem with romanticized warfareWhere you should spend your money to supportResponding to the situation at hand, not with what you wantHow America's technology can come into playThe problem with conspiracy theoriesQUOTESPeter: “there's a lot of people go in with the, you know, the ideology of, you know, the romanticized vision of Call of Duty warfare. And then they find out what it's really like me personally, I've been through a couple and I'm good. If I never have to go back to another one.”Peter: “Yeah, so right now the most effective thing for us to do is give these guys equipment, find the people that can train them, and give them some training, some baseline training, not going into the war zones or anything like that, not going in saying, Hey, I'm a hero, and I can fix all this.”Peter: “Instead of spending on a plane ticket and sitting around at the bar waiting for somebody to do put that put that money toward a group that's actually being effective.”Peter: “there's a lot of smaller groups, I say the most effective ones are the ones you don't hear about. They also have the hardest time raising money, because everybody wants to see the stuff on the media.”Peter: “Everything that we do is so humanitarian-based, like even the guys on the ground, no weapons, no kit, you're just there to facilitate. You're there to meet with people to encourage them.”Peter: “I really am focused on trying to get these guys the equipment that they need, so that they can be effective for a long period of time and save as many lives as they possibly can.”Learn how to help Peter and his team in providing help for Ukraine with the links below:Linkedin: https://www.linkedin.com/in/peter-l-morton-cpp-08239614/Website: https://www.ironedgesharp.com/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.
Mark Ledlow deep dives further into the Ukraine situation as he welcomes Peter Morton, Principal Security Consultant of Morton Executive Decisions, here in The Fearless Mindset Podcast. Pete will be giving us another perspective on the situation in Ukraine based on the intel he has and how he and his team provides support by training and equipping the locals to be more effective in the long run.HIGHLIGHTSCurrent reports on UkraineAtrocities in the fieldSupport from Iron EdgeSupporting for the long run via training and equippingQUOTESPeter: “There's definitely an ongoing conflict that is definitely not going to slow down anytime soon. And there's definitely a need for support of all different kinds for the people of Ukraine.”Peter: “So when I did that assessment I was looking at, you have a ton of support for refugees, that's too much support, in my opinion, and then not a lot of support for the people who are really stuck.”Peter: “They're so receptive man, it's amazing what necessity does to people, you know, to get them to that point.”Peter: “Giving them that knowledge, and then the ability to pass it on to other people, I think is really what's gonna have a good effect in the long run.”Peter: “I really am focused on trying to get these guys the equipment that they need, so that they can be effective for a long period of time and save as many lives as they possibly can.”Learn how to help Peter and his team in providing help for Ukraine with the links below:Linkedin: https://www.linkedin.com/in/peter-l-morton-cpp-08239614/Website: https://www.ironedgesharp.com/To hear more episodes of The Fearless Mindset podcast, you can go to https://the-fearless-mindset.simplecast.com/ or listen to major podcasting platforms such as Apple, Google, Spotify, etc. You can also subscribe to the Fearless Mindset YouTube Channel to watch episodes on video.
This week, we start the show off with an interview with Brent White, Principal Security Consultant at Dark Wolf Solutions! Next up, we have a technical segment where I walk through Linux Post Exploitation! In the Final Segment, Temporary phones, webcam hacks that are so much more, bags of cash, patch Wordpress plugins and patch them some more, crowd-sourced-government-funded vulnerability scanning, hiding deep in UEFI and bouncing off the moon, even more UEFI vulnerabilities, if Samaba were a fruit it would be....well vulnerable for one thing, charming kittens, fingerprinting you right in the GPU, Let's not Encrypt, your S3 bucket is showing again, and can you hack the latest wearable sex toys intended to delay things?! Show Notes: https://securityweekly.com/psw726 Segment Resources: # Blog website : www.wehackpeople.com # Employer's website : www.darkwolfsolutions.com # Link for EDC - Covert Entry Wallet : https://wehackpeople.wordpress.com/2019/10/10/lock-pick-concealment-edc-wallet/ # Link for other EDC items I use : https://wehackpeople.wordpress.com/2020/09/14/covert-entry-specialist-edc/ Physical Pentest Tools: https://www.sparrowslockpicks.com/product_p/hp.htm https://www.redteamtools.com/espkey https://www.redteamtools.com/under-door-level-lock-tool Github: https://github.com/SecurityWeekly/vulhub-lab Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we start the show off with an interview with Brent White, Principal Security Consultant at Dark Wolf Solutions! Next up, we have a technical segment where I walk through Linux Post Exploitation! In the Final Segment, Temporary phones, webcam hacks that are so much more, bags of cash, patch Wordpress plugins and patch them some more, crowd-sourced-government-funded vulnerability scanning, hiding deep in UEFI and bouncing off the moon, even more UEFI vulnerabilities, if Samaba were a fruit it would be....well vulnerable for one thing, charming kittens, fingerprinting you right in the GPU, Let's not Encrypt, your S3 bucket is showing again, and can you hack the latest wearable sex toys intended to delay things?! Show Notes: https://securityweekly.com/psw726 Segment Resources: # Blog website : www.wehackpeople.com # Employer's website : www.darkwolfsolutions.com # Link for EDC - Covert Entry Wallet : https://wehackpeople.wordpress.com/2019/10/10/lock-pick-concealment-edc-wallet/ # Link for other EDC items I use : https://wehackpeople.wordpress.com/2020/09/14/covert-entry-specialist-edc/ Physical Pentest Tools: https://www.sparrowslockpicks.com/product_p/hp.htm https://www.redteamtools.com/espkey https://www.redteamtools.com/under-door-level-lock-tool Github: https://github.com/SecurityWeekly/vulhub-lab Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Gościem dziewięćdziesiątego drugiego odcinka podcastu Rozmowa Kontrolowana jest Mateusz Olejarka, Principal Security Consultant w firmie SecuRing.Odwiedź stronę podcastu pod adresem live.zaufanatrzeciastrona.pl, zapisz się do newslettera i otrzymuj powiadomienia o nowych odcinkach Rozmowy Kontrolowanej.Podcast jest dostępny:w serwisie Spotifyw serwisie Apple Podcastsw serwisie Google Podcastsw formie RSSjako playlista YoutubeOdcinek w wersji wideo można obejrzeć poniżej:Wersja audio do odsłuchania jeszcze niżej.… Czytaj dalej The post Odcinek 92 – Security Consultant, Mateusz Olejarka first appeared on Zaufana Trzecia Strona.
Los programas de bug bounties o caza de errores le permiten a las personas que trabajan en seguridad informática no solo denunciar vulnerabilidades sino también ganar dinero por hacerlo, de forma legal y ordenada. En este episodio Axel Marazzi y Valentín Muro conversaron al respecto con Denise Giusto Bilic, Security Researcher Senior en Dreamlab Technologies y con Alan Levy, conocido como El Mago en el mundo de la tecnología y quien es el Principal Security Consultant de Cinta Infinita, y también forma parte del equipo organizador del programa de Bug Bounty de la Ekoparty, la conferencia de seguridad informática más importante de América Latina.
Identity and access management (IAM) is a balancing act. On the one hand, organizations need to mature their capabilities as corporate assets increasingly live outside the traditional security perimeter. On the other hand, this can't come at the cost of complicating the end-user experience. By focusing on five pillars of IAM, organizations can strike a balance, and give the right users the right level of access to enterprise resources at the right time. On the latest episode of World Wide Technology's TEC37 series on Security, join host Robb Boyd as he speaks with WWT's Matt Wampler, Principal Security Consultant, and Maafu Shabaz, Principal Consultant. They'll discuss how organizations can adopt identity principles and practices to drive a cohesive, strategic approach to IAM. Presenters Mike Wampler, WWT Maafu Shabaz, WWT Robb Boyd, Host WWT Related Content Thales Cipher Trust Tokenization Lab CyberArk Privileged Account Management Lab RSA Identity Governance and Lifecycle (IGL) WWT Security Services Five Considerations for Successful Identity and Access Management Architecture Identity and Access Management Overview
This week we have Nathan Sweaney sharing some of his war stories as a pen tester! Nathan also talks about how pen testers work with auditors, what being a pen tester actually means, and what auditors who don't have security resources should do. Check out the Secure Ideas website for even more security info. Nathan also shares some of his favorite tools to stay secure including LastPass and Authy. For more from Nathan be sure to follow him on LinkedIn, Twitter, and Facebook. Be sure to also sign up for The Audit Podcast newsletter and to check out my favorite part of the interview on The Audit Podcast YouTube channel. If you enjoy the podcast, would you please consider leaving a rating on Apple Podcasts/iTunes? It really makes a difference in helping to convince hard-to-get guests. It only took 16 seconds to give myself a five-star rating (beat that!). * This episode is brought to you by Greenskies Analytics. Greenskies is a service provider of expert data analysis, continuous monitoring, and RPA for forward-thinking internal audit teams. Schedule time today to leapfrog up the analytics maturity model!
In our first full-length episode, we take a comprehensive look at secure boot, the process to ensure your ECU software isn't manipulated. In this discussion, ESCRYPT team members Carina Boettcher, Sr. Solution Sales Expert, and Rob Lambert, Principal Security Consultant discuss what secure boot is, the various terms used to describe it, how to implement it, who needs to be involved and when, and what it means in different situations. Join us for this informative discussion - and then let us know what you think!ESCRYPT ESCRYPT secures automotive embedded systems through design, integration and testing solutions.
Jeroen Willemsen and I worked together on a security related mobile networking SDK. Based on that working history and Jeroen's work on the OWASP MSTG I wanted to get Jeroen on my podcast to talk about how to get started with mobile security testing on iOS.Topics mentioned in the episode:OWASP MSTG on GithubOWASP MASVS on GithubMSTG & MASVS info on owasp.orgPlease rate me on Apple Podcasts.Send me feedback on SpeakPipeOr contact me through twitterMy website appforce1.netNewsletter, sign up!Podcast PartyMy book: Being a Lead Software DeveloperCore Data Workshop by Donny Wals Gain practical experience with Core Data from the author of Practical Core Data. Lead Software Developer Learn best practices for being a great lead software developer.Support the show (https://github.com/sponsors/AppForce1)
According to CODE42, employees are 85% more likely to leak corporate files now than they were prior to the COVID-19 pandemic. This is coming at a huge cost for organizations, with the Identity Theft Resource Center reporting a spike in ransomware and phishing attacks in 2020. So, when a cyber event that exposes data is due to employee negligence, who's ultimately responsible? We invited Ryan Cloutier, Principal Security Consultant at SecurityStudio, onto the show to discuss accountability in cybersecurity and remind us that -- in the end -- we all have our part to play to make the world cybersecure.
Identifying vulnerabilities and protecting yourself.Join us as we discuss how you can take small steps to prevent data leaks, understand cyber-crime tools and empower yourself protect your digital life. Poor cybersecurity is impacting businesses of all sizes, it is not only embarrassing, but can have financial consequences and permanently damage your brand. The more you know, the less likely you are to be a victim. Knowledge is power!Panellists include:John Powell, Principal Security Consultant, Telstra Purple LinkedIn | Twitter: @JohnPowell_JPMatt Butts, Information Security Professional, Baytech LinkedInJon Melloy, Head of Business Development, Practice Protect LinkedIn | Twitter @PracProtectPanel Facilitator: Elizabeth Gibbons, Director of Client Services, zeroseven LinkedIn | Twitter: @Gibbled @zeroseven Live recording by Select Audio Visual.Networx Brisbane events are organised by conference and events company, Iceberg Events. These events are proudly supported by Reload Media, Select Audio Visual, Vision6, and DPMA.Produced by Networx Brisbane, Australia. For upcoming events, visit https://brisbane.networxevents.com.au/eventsFollow Networx Brisbane on Facebook, Instagram, LinkedIn and Twitter.Never miss an episode.Subscribe on Apple Podcasts, Spotify, Stitcher, Castbox or TuneIn to get new episodes as they become available.
In this episode, we catch up with Jacqui Loustau, the Founder of the AWSN (Australian Women in Security Network) and Principal Security Consultant for Cynch Security. Jacqui gained excellent experience working overseas in security was planning to come back to Australia and had more difficulty than she expected in landing a job. We walk through Jacqui's story of getting into security, her challenges in landing a job, what got her to start what would become such an influential security community, the future for AWSN and how organisations can do more to attract a more diverse culture. Knowing Jacqui over the years has given me some insight into the incredible demand in starting a security community. Impressively, Jacqui decided "to take 6 months and get it (AWSN) up and running properly!" and is now getting paid for her AWSN work.
This week, we welcome Steve Schlarman, Integrated Risk Management Strategist at RSA Security, to discuss Integrated Risk Management & Operational Resiliency! In our second segment, we welcome David Mundhenk, Principal Security Consultant at Herjavec Group, and Ivan Tsarynny, Co-Founder and CEO at Feroot Security, to talk about How Backdoors Lead To Breaches & GRC Compliance Issues! Show Notes: https://wiki.securityweekly.com/scw48 Visit https://securityweekly.com/rsasecurity to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Steve Schlarman, Integrated Risk Management Strategist at RSA Security, to discuss Integrated Risk Management & Operational Resiliency! In our second segment, we welcome David Mundhenk, Principal Security Consultant at Herjavec Group, and Ivan Tsarynny, Co-Founder and CEO at Feroot Security, to talk about How Backdoors Lead To Breaches & GRC Compliance Issues! Show Notes: https://wiki.securityweekly.com/scw48 Visit https://securityweekly.com/rsasecurity to learn more about them! Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Aaron Cure, Principal Security Consultant at Cypress Data Defense is our feature guest this week. News from: The Brown Palace, Maxar, Strive Health, SendGrid, Conga, Guild Education, Slack, Webroot, Lares, LogRhythm, SecureSet, Optiv and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel The Brown Palace is closed for the first time in its 128-year history Major high-speed broadband network goes online across northwest Colorado Colorado sees “significant declines” in air pollution as coronavirus ramps down driving, industrial activity Maxar Technologies raises in $729M in sale of Canadian business The future of remote work is here. Here's how Denver tech companies are managing it 2020’s Most (and Least) Cyber-Secure States | Webroot Lares Releases Annual Penetration Test Findings Report LogRhythm Strengthens Executive Team with Appointment of Chief Revenue Officer How to Hack… Break Your Computer(s)! - Command Line Container Compromise to IaaS Recon | SecOps | Optiv Job Openings: Ping Identity - GRC Analyst, Business Continuity & Incident Response Ping Identity - SRE Manager Janus Henderson - IT Operations Risk & Business Continuity Manager Maxar - Cyber Security Architect Pulte Mortgage - Information Security Compliance Analyst AHEAD - Cloud Security Architect Department of the Interior - IT cybersecurity Specialist PwC - Cybersecurity & Privacy Associate Coalfire - Senior Paralegal and Contracts Manager LogRhythm - Professional Services Engineer Upcoming Events: This Week and Next: OWASP Denver - Virtual April Meeting - 4/15 ISACA Denver - April Meeting - 4/16 Software Freedom School - Security+ Peer Study Group, Exam Prep, and Nazgul Slaying - 4/20 Other Notable Upcoming Events DERPCON - Virtual Conference - 4/30-5/1 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0
Title: IoT – Benefits and Security Challenges Description: During this episode, Host Rob Nettgen (@Robert_Nettgen) speaks with Chris Bush, Principal Security Consultant at McAfee, who will be presenting at the 2019 Information Security Summit on “The Internet of Things (IoT) that Shouldn't Be on the Internet”. Chris is a veteran of the Information Security Summit and has attended every Summit since the event started and has presented 11 times. The presentation will be a thought-provoking discussion and informative discussion as many organizations are dealing with the benefits and security challenges of IoT. We will be shining a light on the big event coming up, the Information Security Summit in Cleveland, Ohio at the IX-Center, October 21st through the 25th. The Information Security Summit is a great place to meet your peers who are dealing with the same issues, meet experts who will share their knowledge and a one-stop shop for a whole host of top-notch information security vendors with helpful services and products. We look forward to seeing you there. Sponsored By: ASMGi (@ASMGi_CLE) and www.asmgi.com/ Briteskies at http://www.briteskies.com/ Produced By: Evergreen Podcasts (@streamevergreen) at www.evergreenpodcasts.com with production assistance provided by Frank Yako (@fyako). Additional Information: For additional information on the Information Security Summit, please visit us on the web at www.informationsecuritysummit.org/, on Twitter (@InfoSecurSummit) or on LinkedIn.
How can companies know if their security investments are actually working? Getting attacked is the ultimate test, but hiring a red team is a less disruptive way to find out. These guys rely on technical chops, acting skills and pure creativity to engage in an all-out attack on a company’s defenses. Joining us this episode is Tom Van de Wiele, Principal Security Consultant at F-Secure, to talk about how red teaming can help companies improve their security posture, his tricks for hustling his way into a company, and why the coffee machine is a red teamer's best friend while on a job (but not for the caffeine). Be warned: You’ll never look at strangers around your office the same way again. Links: Episode 12 transcript Video - The Value of Red Teaming, with Tom Van de Wiele
Data breaches. They're every organization's worst fear. Why are companies so ill-prepared, and what are companies missing in their approach to data breaches? Host Janne Kauhanen is joined by Marko Buuri, Principal Risk Management Consultant at F-Secure, and Tuomo Makkonen, Principal Security Consultant, to give you the lowdown on breaches and what you need to know. Links: Episode 3 blog post
Jason Wood is the Founder and and primary consultant of Paladin Security. Prior to starting Paladin Security, Jason was a Principal Security Consultant at Secure Ideas, and taught classes on vulnerability management, event monitoring, and configuration auditing for Tenable. Paul and Jason discuss the Attorney General's stance on encryption in this week’s episode of Hack Naked News! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Hack_Naked_News_108_January_24_2017 Visit http://hacknaked.tv to get all the latest episodes!
Jason Wood is the Founder and and primary consultant of Paladin Security. Prior to starting Paladin Security, Jason was a Principal Security Consultant at Secure Ideas, and taught classes on vulnerability management, event monitoring, and configuration auditing for Tenable. Paul and Jason discuss the Attorney General's stance on encryption in this week’s episode of Hack Naked News! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Hack_Naked_News_108_January_24_2017 Visit http://hacknaked.tv to get all the latest episodes!
![DEF CON 23 [Audio] Speeches from the Hacker Convention](https://ivyfm.s3.amazonaws.com/i320/160193.jpg)
Materials Available Here: https://media.defcon.org/DEF CON 23/DEF CON 23 presentations/DEFCON-23-Aaron-Grattafiori-Linux-Containers-Future-or-Fantasy-UPDATED.pdf Linux Containers: Future or Fantasy? Aaron Grattafiori Principal Security Consultant, iSEC Partners/NCC Group Containers, a pinnacle of fast and secure deployment or a panacea of false security? In recent years Linux containers have developed from an insecure and loose collection of Linux kernel namespaces to a production-ready OS virtualization stack. In this talk, the audience will first learn the basics of how containers function, understanding namespaces, capabilities and cgroups in order to see how Linux containers and the supporting kernel features can offer an effective application and system sandboxing solution yet to be widely deployed or adopted. Understanding LXC or Docker use, weaknesses and security for PaaS and application sandboxing is only the beginning. Leveraging container technologies is rapidly becoming popular within the modern PaaS and devops world but little has been publicly discussed in terms of actual security risks or guarantees. Understanding prior container vulnerabilities or escapes, and current risks or pitfalls in major public platforms will be explored in this talk. I'll cover methods to harden containers against future attacks and common mistakes to avoid when using systems such as LXC and Docker. This will also include an analysis and discussion of techniques such as Linux kernel hardening, reduced capabilities, Mandatory Access Controls (MAC), the User kernel namespace and seccomp-bpf (syscall filtering); all of which help actually contain containers. The talk will end on some methods for creating minimal, highly-secure containers and end on where containers are going and why they might show up where you least expect them. Aaron Grattafiori (@dyn___) is a Principal Security Consultant and Research Lead with iSEC Partners/NCC Group. A jack-of-all-security, Aaron leads projects dealing with complex system analysis, mobile and web application security to network, protocol, and design reviews to red teams and other hybrid testing. With over nine years of security experience, Aaron utilizes a wide array of technology skills, historical research and security knowledge to consistently discover critical vulnerabilities. Aaron has spoke on a wide range of topics at security conferences such as Blackhat, DEF CON Kids, Toorcon:Seattle+SanDiego, ToorCamp, Source Seattle, EELive! and SecureWorld in addition to being a guest speaker at Stanford University. Prior to working at iSEC Partners, Aaron worked as a Security Consultant for Security Innovation and is a retired long time member of the Neg9 CTF team. This will be Aaron's 12th DEF CON, w00t! Twitter: @dyn___
Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Smith-Perrymon/DEFCON-22-Smith-Perrymon-All-Your-Badges-Are-Belong-To-Us-UPDATED.pdf Advanced Red Teaming: All Your Badges Are Belong To Us Eric Smith SENIOR PARTNER, PRINCIPAL SECURITY CONSULTANT AT LARES Josh Perrymon SENIOR ADVERSARIAL ENGINEER AT LARES By definition ”Red Teaming” or Red Team testing originated from the military whereby describing a team whose primary objective is to penetrate the security controls of “friendly” institutions while evaluating their security measures. The term is widely used today to describe any form or blend of logical, physical and social based attacks on an organization. Since the early 2000’s, LARES’ core team members have been presenting on and performing advanced Red Team attacks against all verticals and have a 100% success rate for organizational compromise when performing full scope testing. Fresh out of the think tank of Layer 8 Labs (the R&D division of LARES) and tested in the streets on numerous engagements, this talk will focus specifically on badge access control systems, inherent flaws in their design and demonstrate direct and blended attacks against them. Live demonstrations will be given to show how these flaws lead to facility and system compromise, even against the most secure access control systems and card types being sold to the market today. Custom built tools by the LARES team members will be demonstrated throughout the talk and an interactive discussion will be held at the end of the presentation to discuss current mitigation strategies and industry needs to thwart these attacks going forward. Eric Smith (@InfoSecMafia) is a Senior Partner and Principal Security Consultant at LARES. Eric is a well-respected, qualified, trained, and certified Ethical Hacker with over 17 years of experience in the IT/IS industry. Eric is experienced in network and application penetration testing, social engineering, Red Team/physical security, wireless, architecture, system hardening, risk/compliance assessments, and policy/procedural development. Eric holds a BS in Information Security Systems along with active CISSP and CISA certifications. When Eric isn’t compromising large scale, heavily protected fortresses, he goes on retreats in search of unicorns, horseshoes and hidden treasures that many claim to be “suicide missions”. Eric was also born with invisible gills and is referred to by close friends and closer enemies as the “phish whisperer”. Joshua Perrymon (@packetfocus) is a Senior Adversarial Engineer at LARES. He is a well-rounded certified Ethical Hacker with over 17 years’ experience in the industry. With a focus with real-world exploitation, Josh likes the pressure of Social Engineering and Red Team testing. The type of testing that is always dynamic, and forces quick decisions and persistence. He developed the first OWASP LiveCD "LabRat", and led the Alabama OWASP Chapter. When living in Australia, Josh dove into RFID research, and over the years has worked to take these attacks from the lab to the streets, providing the most advanced and accurate real-world testing. Josh also has worked on a phishing framework over the past ten years, and is focused on bringing that technology to market. When not dressed as a janitor or electrician in attempt to breach a client facility, Josh can be found at his local drag strip playing with nitrous and turbos.
Slides here: https://defcon.org/images/defcon-22/dc-22-presentations/Bloxham/DEFCON-22-Brady-Bloxham-Windows-API-Abuse-UPDATED.pdf Getting Windows to Play with Itself: A Hacker's Guide to Windows API Abuse Brady Bloxham PRINCIPAL SECURITY CONSULTANT, SILENT BREAK SECURITY Windows APIs are often a blackbox with poor documentation, taking input and spewing output with little visibility on what actually happens in the background. By analyzing (and abusing) the underlying functionality of these seemingly benign APIs, we can effectively manipulate Windows into performing stealthy custom attacks bypassing the latest in protective defenses. In this talk, we’ll get Windows to play with itself nonstop while revealing 0day persistence, previously unknown DLL injection techniques, and Windows API tips and tricks that any good penetration tester and/or malware developer should know. :) To top it all off, a custom HTTP beaconing backdoor will be released leveraging the newly released persistence and injection techniques. So much Windows abuse, so little time. Brady Bloxham is founder and Principal Security Consultant at Silent Break Security, where he focuses on providing advanced, custom penetration testing services. Brady started his career working for the various three letter agencies, where he earned multiple awards for exceptional performance in conducting classified network operations. Brady stays current in the information security field by presenting at various hacker conferences, as well as providing training on building custom offensive security tools and advanced penetration testing techniques. Brady also maintains the PwnOS project and holds several highly respected industry certifications. :)
© 2020-2025 Ivy Podcast Discovery LLC
