POPULARITY
In this Risky Business Talks interview we invited Will Thomas to talk about the recent leak of internal chats from the Black Basta ransomware group. Will is a SANS Instructor, co-author of the SANS FOR589 course, and the co-founder of a community research project for CTI analysts called Curated Intelligence. Will walks us through the Black Basta leak and uses the group's attack on US healthcare provider Ascension to break down how the gang operated. Show notes Risky Bulletin: BlackBasta implodes, internal chats leak online BlackBasta's internal chats just got exposed BlackBasta Chat Logs BlackBastaGPT BlackBasta Leaks: Lessons from the Ascension Health attack Inside the Black Basta Leak: How Ransomware Operators Gain Access
Ransomware has shifted from simple, isolated attacks to coordinated, human-operated campaigns that target entire organizations. In this episode of the Endace Packet Forensics Files, Michael Morris talks with Ryan Chapman, SANS Instructor and expert in Digital Forensic and Incident Response (DFIR) about these evolving threats. Ryan explains how attackers are becoming more methodical and sophisticated, focusing on disabling EDR/XDR solutions to evade detection and leaving organizations vulnerable to advanced attacks. One of the key challenges Ryan highlights is visibility. Without robust logging, packet capture, and monitoring tools, it's nearly impossible to understand how an attack happened fully. Even encrypted traffic can reveal critical patterns if analyzed properly. Ryan shares examples of organizations that suffered reinfections because they rushed to restore systems without identifying the original entry point. Packet capture data plays a vital role in pinpointing when and how attackers infiltrated, ensuring a safe recovery and minimizing disruption. As ransomware tactics evolve, adopting a Zero-Trust approach is essential. Ryan discusses how limiting permissions and avoiding overly trusting software configurations can help prevent breaches. He cites the Kaseya attack, where some organizations avoided compromise by not blindly whitelisting trusted directories. As attackers increasingly use legitimate tools, verifying all network activity and following least privilege principles are critical defenses. Don't miss this insightful episode, where Ryan provides actionable advice for preparing your organization against today's ransomware threats.
Just as a river takes unexpected turns, so too does a career journey. Our special guest, Jason Ostrom, began with an eye towards federal law enforcement but found himself swept away into the world of Linux and security engineering for startups. A chance encounter with a mentor opened the door towards a career in cybersecurity, and the creation of a game changing pen test tool. Discover the story behind his first presentation at a hacker conference and how the early days of parenthood influenced his journey.Ever wonder why a broad skill-set trumps specialization in cybersecurity? Jason breaks it down, emphasizing why IT experience, soft skills, and understanding the business context for executing vulnerabilities can make or break your success in this industry. Whether you're on cloud nine or keeping it grounded with on-prem projects, Jason explains why adaptability is crucial and how to keep your skills sharp and marketable.Lastly, Jason demystifies the process of presenting at cybersecurity conferences and how to become a SANS instructor. The desire to teach or earn a SANS certification burns in many, but the path can seem obscured by smoke. Jason clears the air, providing a transparent look into the pros and cons of this career move. If you're fascinated by the world of pen testing, this episode will shed light on the various types and the importance of gaining broad experience before selecting a specialty. Buckle up, this ride with Jason is not one to be missed.Support the showAffiliate Links:NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902 Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastYouTube: https://www.youtube.com/@securityunfilteredpodcastTikTok: Not today China! Not today
How do you use threat intelligence to inform your decision making? In this episode, Davin and guest Katie Nickles take a deep dive into cyber threat intelligence. Katie explores the role threat intelligence plays in determining an organization's security posture, how threat intel helps blue teams stay ahead of and anticipate emerging threats, and what the day-to-day of a Director of Intelligence looks like. Katie shares her passion for teaching and nurturing the next generation of cybersecurity professionals and getting more girls/women interested in tech. Lastly, Kaite shares why she feels asset inventory is an inexpensive solution and great starting point for companies looking to kick off a security program. Guest Bio: Katie Nickels is the Director of Intelligence for Red Canary as well as a SANS Instructor for FOR578: Cyber Threat Intelligence and a non-resident Senior Fellow for the Atlantic Council's Cyber Statecraft Initiative. She has worked in cyber threat intelligence and network defense for over a decade for the U.S. DoD, MITRE, Raytheon, and ManTech. Links: Thank you to our friends at Axonius and Uptycs for sponsoring this episode! Stay in touch with Katie on Twitter and LinkedIn Connect with Davin on LinkedIn and Twitter Watch the live recording of this show on YouTube Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Blue
Nick interviews Mr. Brandon McCrillis, CEO & Principal Consultant, Rendition Infosec. They discuss Brandon's path to Cybersecurity, his former career(s) as a chef and CTN in the U.S. Navy. Conversation also leads to Rendition's services as well as Brandon's experience as a SANS Instructor. Rendition is a leading information security firm that specializes in Red Team, Incident Response, Digital Forensics, and other preventative Network Security services. Rendition's engagement team is composed of highly technical resources that possess experiences and credentials from the Department of Defense, National Security Agency, private industry, and U.S. Cyber Command. Visit them at https://www.renditioninfosec.com/ https://youtu.be/nDdqx25_qco
Keaton and Robb talk to Chris Christianson, Information Security Consultant and SANS Instructor, about the best tools being used in the industry. The guys talk proof-of-concept, the importance of buy-in, how to work within a crunched budget, testing frequency, and how to get vendors to buy your dog treats!Get in Touch:info@rivialsecurity.comRivialsecurity.comWatch the Matching Webinar:The Best Low-Cost Security Tools
“How do you speak to executives about cybersecurity in a way that matters to them? It comes down to the company’s mission.”Ross Young, CISO of Caterpillar Financial Services Corporation, stops by SecurityMetrics Podcast to talk with Host and Principal Security Analyst, Jen Stone (MCIS, CISSP, CISA, QSA) about his mission to mentor the next generation of CISOs and create more understanding and harmony within the corporate security community.Listen to learn:How a company’s mission and values affect its approach to cybersecurityThe three things that executives care about when making decisionsTips on how people can understand others in different roles in the security worldRoss Young is CISO of Caterpillar Financial Services Corporation, a SANS Instructor, Johns Hopkins University Instructor, CISO Tradecraft Podcast Co-Host, and Creator of the OWASP Threat and Safeguard Matrix (TaSM).Connect with Ross on LinkedIn.Additional Resources:Download our Guide to PCI Compliance!Download our Guide to HIPAA Compliance![Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.
John Strand // Ok, that was a bit of a dramatic title. But, it works. In this Black Hills Information Security (BHIS) webcast, John covers the tips and tricks on how to effectively present technical topics to large and small groups. This presentation includes, but is not limited to: crotch sniffing dogs, heart attacks, how […] The post Webcast: How to Present: Secrets of a Retired SANS Instructor appeared first on Black Hills Information Security.
How to best avoid being stuck in Groundhog Day?In the second part of our mini series about SOAR, Robby chats with a gentleman that was referred to as The Godfather of SOAR in the first episode of the series.Rob Gresham, SANS Instructor specialising in automation for Security Operation Centers and a Security Solutions Architect at Splunk, takes us through how to be successful with automation, the evolution of Phantom and what he thinks he will be spending his time on going forward.Technical level: 2/5Host: Robby PeraltaProducer: Paul JægerShow notes:"Hacking your SOEL. SOC Automation and Orchestration – SANS Security Operations Summit": https://www.youtube.com/watch?v=_mnxZ1iSUGghttps://mnemonic.no/podcast
Meet your host, Jason Nickola, a leading cyber security practitioner who also happens to be GSE certified and a SANS SEC560 instructor. We’ll also discuss the focus of our podcast – overcoming impostor syndrome – and the format of each episode, featuring distinguished guests, along with practical tips for combating feelings of not belonging in the workplace.
Podcast: Digital BondEpisode: Unsolicited Response Podcast: SANS ICS 410 Course & GICSPPub date: 2015-03-18Episode 2015:2 SANS ICS Security Training and Certification SANS provided four individuals for our Unsolicited Response podcast on the 5-day ICS 410: ICS/SCADA Security Essentials training course and the related Global Industrial Cyber Security Professional (GICSP) certification. Scott Cassity, Managing Director of GIAC Mike Assante, SANS Lead for ICS/SCADA security training Justin Searle, SANS Instructor and […]The podcast and artwork embedded on this page are from Dale Peterson, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Micah (@WebBreacher), is a SANS Instructor and author of the SEC487 OSINT course. He recently had his second class in Denver, Colorado (more dates here). During that class he found people asking about how to navigate the waters of OSINT resources. His solution was to start the OSINT Resource Classification System (ORCS). It's a call for the OSINT community to standardize on how resources are categorized. YOGA or Your OSINT Graphical Analyzer is meant to be a visual aid for people looking to navigate the streets of OSINT resources.
Brian Ventura is a SANS Instructor and infosec architect, while Ted Gary serves as the Product Marketing Manager at Tenable. Full Show Notes: https://wiki.securityweekly.com/ES_Episode50 Visit http://securityweekly.com/esw for all the latest episodes!
Brian Ventura is a SANS Instructor and infosec architect, while Ted Gary serves as the Product Marketing Manager at Tenable. Full Show Notes: https://wiki.securityweekly.com/ES_Episode50 Visit http://securityweekly.com/esw for all the latest episodes!
Listen to Global Head of Security Research, Sophos & Certified SANS Instructor, James Lyne's keynote on Securing the Internet of Things: What is the Real Risk for Enterprise Cyber Security? from #infosec16
Alissa Torres is a certified SANS Instructor and Incident Handler at Mandiant, finding evil on a daily basis. Alissa began her career in information security as a Communications Officer in the United States Marine Corps and is a graduate of University of Virginia and University of Maryland. She's on tonight to talk to us about Bulk Extractor. Cisco responds to the WRT54GL Linksys router hack. They're working on a fix for people being able to remotely get a root shell, but their recommendation in the meantime? Only let friends use your router. Oh yeah, with friends like these... Have you signed up for the SANS webinar titled "Uninstall Java? Realistic Recommendation? No. Insanity? Yes!" with John Strand, Paul Asadoorian and Eric Conrad? It's coming up, this Tuesday at 2 pm EST. Do you have all the HTTP response codes memorized? Someone is proposing a new range of 700-level codes Some that might be helpful: HTTP 725: It Works On My Machine. And I fear how often the Security Weekly web server will return an HTTP 767. It simply reads "Drunk". Former Dawson College graduate student, Ahmed Al-Khabaz, who was expelled for allegedly hacking the university's infrastructure, has received multiple job offers. The guys talks about the situation with a little more detail than is often reported. He found a vulnerability and reported it. So far, so good. But then a little while later, he pointed a scanner at the vulnerability that he found, presumably setting off alarms. Even worse, the noise from the scanner pointed back to him. Once he reported the vulnerability, what's he doing going back to it, and as "evil" Jack mentions, why didn't Al-Khabaz cover his tracks better when he switched his hat color? Nonetheless, lots of weirdness abounds in this story. The university overreacted (what?!? a university overreacted? never!) instead of using this as a learning opportunity. Plus, the student may have made some mistakes along the way, yet he comes out better for it. So is the lesson here to hack your way to a job? Is that what the universities are for? Umm, no. Never go after something that you don't have explicit, written permission to hack. Plus there's Paul's suggestion of punishment here, the student should have been required to work the help desk for three months. That's enough to teach anyone a good lesson.
© 2020-2025 Ivy Podcast Discovery LLC
