Podcasts about sansfire

Exploit Attempts for Recent Langflow AI Vulnerability (CVE-2025-3248) After spotting individaul attempts to exploit the recent Langflow vulnerability late last weeks, we now see more systematic internet wide scans attempting to verify the vulnerability. https://isc.sans.edu/forums/diary/Exploit+Attempts+for+Recent+Langflow+AI+Vulnerability+CVE20253248/31850/ Fortinet Analysis of Threat Actor Activity Fortinet oberved recent vulnerablities in its devices being used to add a symlink to ease future compromise. The symlink is not removed by prior patches, and Fortinet released additional updates to detect and remove this attack artifact. https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity MSFT Inetpub Microsoft clarrified that its April patches created the inetpub directory on purpose. Users should not remove it. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204#exploitability SANSFIRE https://isc.sans.edu/j/sansfire

Host John Hubbard, Blueprint host and SANS Cyber Defense Curriculum Lead, moderated a panel of cyber security experts including Heather Mahalik, Katie Nickels and Jeff McJunkin for this powerful discussion.John and guests share their wisdom on trends they are seeing in the cyber industry and offer advice as to how we should be looking at cyber defense in 2022 and beyond.Guests: Heather MahalikKatie NickelsJeff McJunkinFilmed live at SANSFIRE 2022Sponsor's Note:Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450  Hope to see you in class!Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedIn

Critical Patch For WebLogic https://isc.sans.edu/forums/diary/Critical+Actively+Exploited+WebLogic+Flaw+Patched+CVE20192729/25050/ Exim Exploits Against Other Mail Servers https://isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/ SANS Fire Presentations (to be published soon) https://isc.sans.edu/presentations

Critical Patch For WebLogic https://isc.sans.edu/forums/diary/Critical+Actively+Exploited+WebLogic+Flaw+Patched+CVE20192729/25050/ Exim Exploits Against Other Mail Servers https://isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/ SANS Fire Presentations (to be published soon) https://isc.sans.edu/presentations

Neste episódio falamos sobre o evento de segurança SANSFIRE, Patch Tuesday da semana passada, sobre a utilização do "patchtuesdaydashboard.com" e sobre o Site Isolation implementado na versão v67 do Google Chrome.

Missing MRU Registry Keys For Files Opened With Winzip https://isc.sans.edu/forums/diary/The+strange+case+of+WinZip+MRU+Registry+key/21087/ OWASP Asking for Top 10 Overhaul Input https://twitter.com/wichers/status/733855223832272896 Google is Updating the Safe Browsing API https://security.googleblog.com/2016/05/evolving-safe-browsing-api.html Facebook Sued Over Scanning Of Private Messages https://cdn2.vox-cdn.com/uploads/chorus_asset/file/6509911/campbell-certification-order.0.pdf Malware Stores Code in Macro UI Buttons https://blogs.technet.microsoft.com/mmpc/2016/05/17/malicious-macro-using-a-sneaky-new-trick/ SANSFIRE 2016 https://www.sans.org/event/sansfire-2016

Missing MRU Registry Keys For Files Opened With Winzip https://isc.sans.edu/forums/diary/The+strange+case+of+WinZip+MRU+Registry+key/21087/ OWASP Asking for Top 10 Overhaul Input https://twitter.com/wichers/status/733855223832272896 Google is Updating the Safe Browsing API https://security.googleblog.com/2016/05/evolving-safe-browsing-api.html Facebook Sued Over Scanning Of Private Messages https://cdn2.vox-cdn.com/uploads/chorus_asset/file/6509911/campbell-certification-order.0.pdf Malware Stores Code in Macro UI Buttons https://blogs.technet.microsoft.com/mmpc/2016/05/17/malicious-macro-using-a-sneaky-new-trick/ SANSFIRE 2016 https://www.sans.org/event/sansfire-2016

May 21st, 2014 Hosts Chris Gerling –@secbitchris Christopher Mills –@TheChrisAM Guests Women's Society of Cyberjutsu - http://womenscyberjutsu.org/ Facebook: https://www.facebook.com/WomensCyberjutsu Twitter & Instagram: @womencyberjutsu Meetup: http://womenscyberjutsu.org/www.womenscyberjutsu.org/meetups Cyberjutsu Girls Academy http://www.cyberjutsugirls.org/ Facebook: https://www.facebook.com/cyberjutsugirls Twitter & Instagram: @cyberjutsugirls Topics Lack of women in Cyber/IT fields. 11% of the cyber workforce consists of women. Addressing the pipeline issues with getting more girls excited about STEM Impostor Syndrome Differences in perception between men and women from an interpersonal standpoint Use Our Discount Codes Use code SecuraBit5_SANS to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats. Register for any SANSFIRE 2014 course and receive 5% off using coupon code SecuraBit5_SANS. The training event takes place in Baltimore, MD – June 21 - 30, 2014. Upcoming events http://www.secore.info Links www.gh0st.net/wiki - 24/7 Penetration Testing learning environment, FREE. Chat with us on IRC at irc.freenode.net #securabit iTunes Podcast –http://itunes.apple.com/us/podcast/securabit/id280048405 iPhone App Now Available –http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Gerling –@secbitchris Christopher Mills –@TheChrisAM Guests Jeremy Lynch and Tyler Bennett of ArchAssault Linux! Topics Drones and ARM fun! ArchAssault Linux Kali-like environment with the ability for heavy niche customization and swapping of environments. Modular. Can overlay any part of the distro onto your own Arch Linux installation Bleeding edge packages Great for setting up remote dropboxes via ARM devices IE Exploit Heartbleed wrap-up RVAsec CTF prizes! (Thanks Hak5!) BsidesChicago Post-mortem Upcoming guests! Use Our Discount Codes Use code SecuraBit5_SANS to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats. Register for any SANSFIRE 2014 course and receive 5% off using coupon code SecuraBit5_SANS. The training event takes place in Baltimore, MD – June 21 - 30, 2014. Upcoming events http://www.secore.info Links www.gh0st.net/wiki - 24/7 Penetration Testing learning environment, FREE. Chat with us on IRC at irc.freenode.net #securabit iTunes Podcast –http://itunes.apple.com/us/podcast/securabit/id280048405 iPhone App Now Available –http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Gerling – @secbitchris Chris Mills - @thechrisam Mike Bailey –@mpbailey1911 Guests Oliver Day - @securingchange - https://securingchange.org Johnathan Cran -@jcran - https://bugcrowd.com/ Topics Securing Change Volunteer time and money to secure nonprofits Bugcrowd Get paid to find vulnerabilities Start a bounty for your own product News Items Adobe hacked Govt Shutdown Use Our Discount Codes Use code SecuraBit_5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats. Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_05 The training event takes place in Washington, DC – June 15-22, 2013. Upcoming events http://www.secore.info Links http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabit iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405

Hosts Chris Gerling – @secbitchris Andrew Borel – @andrew_secbit Mike Bailey –@mpbailey1911 Guests Banasidhe - @banasidhe Topics THOTCON http://www.thotcon.org/ BSides Las Vegas http://www.securitybsides.com/w/page/57632393/BSidesLV2013 Shout out to Tenable, Trustwave, and Risk I/O for sponsoring it! U.S. Army Corps of Engineers’ Dam database breached http://www.wired.com/threatlevel/2013/05/hacker-breached-dam-database/ U.S. Department of Labor hack http://labs.alienvault.com/labs/index.php/2013/u-s-department-of-labor-website-hacked-and-redirecting-to-malicious-code/ BitCoin RVASec http://rvasec.com/ CTF Hackers in Uganda: A Documentary http://www.kickstarter.com/projects/1456247168/hackers-in-uganda-a-documentary SECore.info https://secore.info/ Use Our Discount Codes Use code SecuraBit_05 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats. Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_05 The training event takes place in Washington, DC – June 15-22, 2013. Upcoming events http://www.secore.info Links http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabit iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405 iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit Episode 117: The Internet is on Fire! March 27th, 2013 Hosts Chris Gerling – @secbitchris Chris Mills - @thechrisam Andrew Borel – @andrew_secbit Mike Bailey –@mpbailey1911 Guests Jamie Duncan - @jamieeduncan  Hack.RVA (pre-recorded) Topics Hack.RVA events, news, and RVAsec badges! CTF is being put together for offline.  Register at http://securabit.com/ctf/ Security Awareness training Who should provide more than just basic training? Security Vendors Security focused organizations? News Items SPamhaus and Cloud flare’s stupid super DDoS - peaked at 300Gb/sec Missouri court rules against $440,000 cyberheist victim 2009 case.  Reason: Bank did not have 2 people sign off on transfer. Use Our Discount Codes Use code SecuraBit_5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats. Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_5 The training event takes place in Washington, DC – June 15-22, 2013. Upcoming events http://www.secore.info Links http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabit iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405 iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Gerling – @secbitchris Mike Bailey –@mpbailey1911 Guests Michael D. Angelo - @mfa0007 Brad Bowers - @warezjoe Topics NetIQ Internet History Privacy and Social Media Egypt’s revolution Data management and risk in the cloud Building Automation BacNET protocol dissection Shmoocon, RSA, and upcoming cons! The PenLab is back up! CTF Pre-registration for RVAsec 2013 will be coming soon! News Items Brian Krebs gets SWATed More 0-days CarolinaCon! Use Our Discount Codes Use code SecuraBit_5 to get 5 percent off of ANY training course. The discount code is good for all SANS courses in all formats. Register for any SANSFIRE 2013 course and receive 5% off using coupon code SecuraBit_5 The training event takes place in Washington, DC – June 15-22, 2013. Upcoming events http://www.secore.info Links http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Mills – @thechrisam Andrew Borel – @andrew_secbit Guests Jonathan Cran - @jcran http://www.pwnieexpress.com Nicholas B. - @nberthaume connection http://blog.hacktalk.net Topics DEF CON 20 and BSidesLV Calendar http://securabit.com/2012/07/15/defcon-20-and-bsideslv-google-calendar/ Chris Mills’s picks http://securabit.com/2012/07/18/chrisams-picks-for-bsideslv-and-defcon-talks-2012/ http://xkcd.com/1068/ Nicholas B’s Picks BSidesLV http://pastebin.com/Jfa0ih7T http://blog.hacktalk.net/ With Connection and Nicholas B. pwnieexpress interview with Jonathan Cran http://www.pwnieexpress.com Use Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info Links http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Gerling – @secbitchris Chris Mills - @thechrisam Andrew Borel – @andrew_secbit Guests Deviant Ollam - @deviantollam http://deviating.net/ Topics TOOOL - The Open Organisation Of Lockpickers http://toool.us/ Physical Security and the Three R's New edition of Practical Lockpicking coming soon! News ItemsCoders' Rights At Risk in the European Parliamenthttps://www.eff.org/deeplinks/2012/06/eff-european-parliament-directive-attack-information-systemsDepartment of Homeland Security and U.S Navy hackedhttp://thehackernews.com/2012/06/department-of-homeland-security-and-us.htmlUS-CERT discloses security flaw in Intel chipshttp://m.csoonline.com/article/708568/us-cert-discloses-security-flaw-in-intel-chips  FEMA pushes cyber attack game for businesseshttp://www.v3.co.uk/v3-uk/the-frontline-blog/2184608/fema-pushes-cyber-attack-game-businessesUnited States Department of Defense data leaked by Anonymous hackershttp://thehackernews.com/2012/06/united-states-department-of-defense.htmlKeepTheWebOpen.comhttp://keepthewebopen.com/digital-bill-of-rightsAttacks Targeting US Defense Contractors and Universities Tied to Chinahttp://threatpost.com/en_us/blogs/attacks-targeting-us-defense-contractors-and-universities-tied-china-06131210000 Twitter User oauth token hacked and Exposed by Anonymoushttp://thehackernews.com/2012/06/10000-twitter-user-oauth-token-hacked.htmlPassword flaw leaves MySQL, MariaDB open to brute force attackhttp://go.theregister.com/feed/www.theregister.co.uk/2012/06/11/mysql_mariadb_password_flaw/Use Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE exam attempt with corresponding qualifying course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC (Expires July 6th!) Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info Links http://www.richsec.com http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Gerling – @secbitchris Chris Mills - @chrisam Andrew Borel – @andrew_secbit Mike Bailey – @mpbailey1911 Guests Jason Andress - @jason_andress Ronin - @r0wnin Topics APT and Penetration Testing Bluetooth Hacking and Reconnaissance News ItemsGoogle Warning Users About State-Sponsored Attacks | threatposthttp://m.threatpost.com/en_us/blogs/google-warning-users-about-state-sponsored-attacks-060512Apple Releases Guide To iOS Security - TechCrunchhttp://m.techcrunch.com/2012/06/04/apple-releases-guide-to-ios-security/FlameA Massive Web of Fake Identities and Websites Controlled Flame Malwarehttp://www.wired.com/threatlevel/2012/06/flame-command-and-control/Spy malware infecting Iranian networks is engineering marvel to beholdhttp://arstechnica.com/security/2012/05/spy-malware-infecting-iranian-networks-is-engineering-marvel-to-behold/Meet ‘Flame,’ The Massive Spy Malware Infiltrating Iranian Computershttp://www.wired.com/threatlevel/2012/05/flame/StuxnetReport: Obama Ordered Stuxnet to Continue After Bug Caused It to Spread Wildlyhttp://www.wired.com/threatlevel/2012/06/obama-ordered-stuxnet-continued/Confirmed: US and Israel created Stuxnet, lost control of ithttp://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/Words to Avoid Online If You Don't Want to Join the Government's Watch List http://lifehacker.com/5913945/words-to-avoid-online-if-you-dont-want-to-join-the-governments-watch-listUse Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info Links http://www.rvasec.com http://www.richsec.com http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Gerling – @secbitchris Mike Bailey - @mpbailey1911 Andrew Borel – @andrew_secbit Guests Dr. Tran Emwave Professor Farnsworth News Items ANONYMOUS CLAIM: ‘WE HAVE ACCESS TO EVERY CLASSIFIED DATABASE IN THE U.S. GOVERNMENT’ http://www.theblaze.com/stories/anonymous-claim-we-have-access-to-every-classified-database-in-the-u-s-government/ Pentagon boosts contractor cybersecurity program http://thehackernews.com/2012/05/pentagon-boosts-contractor.html "The effort, known as the Defense Industrial Base ("DIB") program, is a voluntary information-sharing program in which the Department of Defense shares "unclassified indicators and related, classified contextual information" about cyber-attacks and threats with defense contractors.” “In exchange, defense contractors report known intrusions and can receive forensics analysis and damage assessments from the government after those attacks. In an optional part of the program, the DIB Enhanced Cybersecurity Services, the government shares additional classified threat and technical data with defense contractors and Internet service providers. " 17 year old Teenager arrested over TeamPoison hacking attacks http://thehackernews.com/2012/05/17-year-old-teenager-arrested-over.html "A teenage boy has been arrested on suspicion of being a member of "TeamPoison", a computer hacking group that has claimed responsibility for 1,400 offences including an attack on the phone system of Scotland Yard's counter-terrorism unit last month. These include attacks on the United Nations, the UK Anti-Terrorist Hotline, MI6 and RIM, as well as politicians including Nicolas Sarkozy and Tony Blair.” “The boy, who police suspect used the hacker nickname 'MLT' and was a spokesman for TeamPoison, was interviewed at a local police station on offences under the Computer Misuse Act on Wednesday. The arrest is part of an ongoing investigation by the Police Central e-Crime Unit (PCeU) division of the Metropolitan Police into various hacking gangs who have made headlines in the last year or so.” “TeamPoison’s highest-profile attack was mounted against Scotland Yard’s counter-terror hotline last month, has also claimed responsibility Distributed Denial of Service attacks against banks in collaboration with Anonymous, another “hacktivist” group with similar anti-corporate and anti-authority politics.” 55,000+ Twitter Accounts Hacked, How To Tell If Yours Was Among Them http://www.technobuffalo.com/internet/social-networking/55000-of-twitter-accounts-hacked-how-to-tell-if-yours-was-among-them/ How to Securely Share a Password with Someone Using LastPass http://lifehacker.com/5909321/how-to-securely-share-a-password-with-someone-using-lastpass Not a bad way to avoid "hey, what's the password to $server" and yelling the answer over the cubicle walls for all to hear. Other ways to securely share or transfer passwords/acess FBI Wants Backdoors in Facebook, Skype and Instant Messaging http://www.wired.com/threatlevel/2012/05/fbi-seeks-internet-backdoors/ Everyone Has Been Hacked. Now What? http://www.wired.com/threatlevel/2012/05/everyone-hacked/ ‘Unknowns’ Hacking Group Hits NASA, Air Force, Harvard and Others in ‘Hacking for Good’ Effort http://www.theblaze.com/stories/unknowns-hacking-group-hits-nasa-air-force-harvard-and-others-in-hacking-for-good-effort/ Use Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info Links http://www.carolinacon.org http://www.rvasec.com http://www.richsec.com http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Hosts Chris Gerling –@secbitchris Chris Mills - @chrisam Andrew Borel – @andrew_secbit Guests Tom Eston - @agent0x0 Mobile App/Device Security and Security Justice. Topics Lab Contests Banter News Items Skype User IP Address Disclosure http://pastebin.com/rBu4jDm8 Google knew street cars were slurping wifi (Marius Milner was the engineer, of NetStumbler fame) http://www.theregister.co.uk/2012/04/30/google_slurp_ok/ http://www.theregister.co.uk/2012/05/01/slurp_engineer_doe_named/ Mozilla is first major tech company to denounce CISPA http://news.cnet.com/8301-1009_3-57425719-83/mozilla-is-first-major-tech-company-to-denounce-cispa/?tag=txt;title Mac Flashback trojan still making $10,000 a day http://www.darkreading.com/insider-threat/167801100/security/attacks-breaches/232901268/apple-mac-flashback-trojan-gang-still-making-money.html Indictment Returned for Jeremy Hammond in Chicago Anonymous case http://abcnews.go.com/Technology/wireStory/indictment-returned-nyc-computer-hacking-case-16264667#.T6HRSqtSTlw Use Our Discount Codes Use code SecuraBit_Connect to get $150.00 off of ANY training course. The discount code is good for all SANS courses in all formats. FREE exam attempt with corresponding course purchase for SANSFIRE 2012 with code SecuraBit_SFGIAC Use code 36449 for 20% off your Syngress order! Upcoming events http://www.secore.info Links http://www.rvasec.com http://www.richsec.com http://www.gh0st.net Chat with us on IRC at irc.freenode.net #securabitiTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

Information security professionals increasingly need to be familiar with developments in cyberlaw to ensure they comport their actions with the contours of the law. Unfortunately, with technology changing far faster than the statutes, judges are increasingly being called upon to fill in the interstices. In this interactive session, facts from actual cases will be presented in a "You Be the Judge" format to highlight important developments in recent cases and identify key trends in the case law. What is the legal efficacy of a click-through consent banner and how does this impact information security professionals? What constitutes an "interception" and what types of interceptions are legal and illegal? What law dictates whether an employer can or cannot inspect its employee's personal e-mail messages? Do individuals have to divulge their encryption keys requested to do so by border guards or law enforcement agents? Are there jurisdictional borders in cyberspace? Who has jurisdiction and how does the law apply in virtual worlds? How do extradition laws apply to cybercrimes? These and many other questions will be answered in this interactive seminar. About the speaker: Rick Aldrich is the Senior Computer Network Operations Policy Analyst for the Information Assurance Technology Analysis Center and an Associate for Booz Allen Hamilton. He has been awarded several grants by the Institute for National Security Studies to study the legal and policy implications of cybercrime and information warfare. He has multiple publications in this field, including a chapter on information warfare in the widely used textbook, National Security Law. He has taught cyberlaw at the collegiate level and has been a faculty member of the Institute for Applied Network Security. He has presented at several national and international conferences including HTCIA, Infowarcon, SANSFIRE, FiestaCrow, IA Conference of the Pacific, Southeast Cybercrime Summit, a conference on Arms Control in Cyberspace in Berlin, Germany and a forum on cyberterrorism in Bogota, Colombia. He was a primary contributor to the Cyberlaw I and II courses distributed by the Defense Department. He has a Bachelor of Science degree in Computer Science from the US Air Force Academy, a Juris Doctor from UCLA, and a Masters of Law in Intellectual Property Law from the University of Houston. He is also a CISSP.

Special guest speaker Rob talking about MiTM and virtualization, live from SANSFIRE! Full Show Notes Direct Audio Download Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas Audio Feeds:

Recorded at SANSFIRE in the noisy vendor expo, where there was "Banging".... Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program. Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want some cool Security Weekly Gear? Do you hack naked? Check out our Cafepress Store! Full Show Notes Hosts: Larry "Uncle Larry" Pesce, Paul Asadoorian, Luiz Eduardo, "Anthony From Core"

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over our Icecast server. Details will be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net) and on the Security Weekly blog. Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Full Show Notes Hosts: Larry Pesce, Paul Asadoorian Email: psw@securityweekly.com

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Full Show Notes Hosts: Larry Pesce, Paul Asadoorian Email: psw@securityweekly.com

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Full Show Notes

Live via Skype from the Paul's Security Weekly Studio and Casa del Pesce.... This episode was unfortunatley not broadcast over SkypeCast. Craziness this week With Paul's wedding and all! However, do look for us in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Full Show Notes

Live via Skype from the Casa del Pesce.... This episode was unfortunatley not broadcast over SkypeCast. Paul is off on his honeymoon this week...so the audio is not the greatest, but not all that bad. Do look for us next week in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Full Show Notes

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please leave some comments for us in iTunes! This is the link to our iTunes entry. Full Show Notes

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please leave some comments for us in iTunes! This is the link to our iTunes entry. Full Show Notes

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Full Show Notes

Live from the Paul's Security Weekly Studio.... This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire Full Show Notes

Live from the Paul's Security Weekly Studio.... We had two special guests on the show, Kevin Amorin from Harvard and co-deveoper of Packet Fence, and Martin Mckeay of the Network Security Podcast. This episode was also broadcast over SkypeCast, so look for us each week when we record. It will also be announced in our IRC chatroom #Security Weekly on Freenode (irc.freenode.net). Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire Full Show Notes

Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire Full Show Notes

Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire Full Show Notes

Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Help us get a cool logo and slogan! Go to our contest page and read all about how you can win free Snort gear and a one-year subscription to VRT rules. Sponsored by Sourcefire Full Show Notes

Live from the Paul's Security Weekly Studio.... Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Please leave us feedback in the iTunes Store! Full Show Notes

Sponsored by Core Security, listen for the discount code at the end of the show Sponsored by Syngress, be the first to post the answer to the question at the end of the show and win a free book! Sponsored by The SANS Institute, listen to the discount code for SANSFIRE this summer for 5% off this conference Please go update our frapper map! Please leave us feedback in the iTunes Store! Full Show Notes

In this show we interview Harlan Carvey author of the Forensic Server Project. Also we talk about SansFire 2006, CyberSpeak is good for CISSP credits, piggybacking wireless, and cute overload.