Podcasts about senior penetration tester

Learn what ethical hackers can teach us about the next era of artificial intelligence.We speak with Michael Skelton, VP of Operations and Sajeeb Lohani, Global TISO for Bugcrowd on the latest edition of 'Inside The Mind Of A Hacker'.We're also joined by CJ Fairhead who is a Senior Penetration Tester, OSCP Certified, Security obsessed and tinkerer of things. Passionate about combining years of Internal IT experience with his security knowledge for Red Team engagements, CJ is involved in the Bug Bounty scene and works on giving back to the community through tool development, blog posts or just general advice. In the latest edition of ITMOAH, dive inside the minds of 1000 hackers and see your organization from a new perspective, with the latest analysis on security researchers and their transformative use of generative AI.For more information and to access more, including the Bugcrowd Report series - visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #cisoseries #mysecuritytv #cybersecurity #ITMOAH #ethicalhackers

Another interview! Yup! Today I am interviewing Tech Penguin who is a Senior Penetration Tester in the Netherlands. We recorded the interview in an open discord voice channel with video while monitoring chat with Text-to-speech developed by Security_Live. The Tech Penguin has 5 years experience as a penetration tester and a different entry to the Cyber Security industry. We are very excited to talk to him! As usual I send people I interview a list of questions to answer, and the Tech Penguin did that, offering well-thought and honest answers. Find the document linked on the episode page, on my Github. This is a little longer than my normal format so feel free to speed it up. Thank you for listening and enjoy. --- Send in a voice message: https://podcasters.spotify.com/pod/show/usbog/message

Joe Helle shares his background of being a military vet, going into politics and being a mayor. He decided to leave politics and become a pentester.Former veteran and mayor Joe Helle or The Mayor as he is referred to in the infosec community shares his unique story as well as his path to becoming a pentester, along with how he leveraged streaming and online communities to get a job as a pentester.GuestJoe Helle, Senior Penetration Tester at TCM Security (@joehelle on Twitter and @cybersecpadawan on Medium)HostPhillip WylieThis Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from The Hacker Factory with Phillip Wylie, visit: https://www.itspmagazine.com/the-hacker-factory-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

Anastasios Stasinopoulos is a Senior Penetration Tester at Obrela Labs - Obrela Security Industries and has a professional experience over 6 years in the field of Information Security working exclusively as a Penetration Tester. Anastasios earned the Bachelor of Science (B.Sc.) degree in "Surveying & Geoinformatics Engineering" from Technological Institution of Athens, the Master of Science (M.Sc.) degree in "Security of Digital Systems" from the Department of Digital Systems of University of Piraeus and also served as Ph.D. candidate at the same department.Anastasios is the author of Commix Project, an automated tool that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks.

It’s not Paranoia ifThey’re Really After You       Brill: We never dealt with domestic. With us, it was always war.   Thomas Reynolds: We won the war. Now we're fighting the peace. It's a lot more volatile. Now we've got ten million crackpots out there with sniper scopes, sarin gas and C-4. Ten-year-olds go on the Net, downloading encryption we can barely break, not to mention instructions on how to make a low-yield nuclear device. Privacy's been dead for years because we can't risk it. The only privacy that's left is the inside of your head. Maybe that's enough. You think we're the enemy of democracy, you and I? I think we're democracy's last hope.    -- Enemy of the State; Tony Scott, 1998     It’s not paranoia if they’re really after you… On this week’s InSecurity, Matt Stephenson welcomes back Dr Jessica Barker, Freaky Clown and Dave to take a look at the techno-paranoia classic Enemy of the State. We’re looking at surveillance cameras, Faraday Cages, PX-73 Burst Transmitters and UTZ potato chip bags. Why the bag and not the chip? Tune in and find out.     About Dr Jessica Barker       Dr Jessica Barker (@drjessicabarker) is a leader in the human nature of cybersecurity. She has been named one of the top 20 most influential women in cybersecurity in the UK and awarded as one of the UK’s Tech Women 50. She is Co-Founder and Co-Chief Executive Officer of Cygenta, where she positively influences cybersecurity awareness, behaviors and culture in organizations around the world.   Dr Barker is a popular keynote speaker and shares her expertise in the media, for example on BBC News, Sky News, Channel 4 News and in Grazia magazine and the Sunday Times. She is Chair of ClubCISO, a peer-based members forum of over 300 information security leaders. In the last year, Dr Barker has given cybersecurity outreach sessions to over 5,000 school students.   Jessica’s new book Confident Cyber Security is coming in 2020, published by Kogan Page.     About Freaky Clown     Freaky Clown (@_Freakyclown_) is a well-known ethical hacker and social engineer. He has been working in the infosec field for over 20 years and excels at circumventing access controls. He has held positions in his career such as Senior Penetration Tester as well as Head of Social Engineering and Physical Assessments for renowned penetration companies. As Head of Cyber Research for Raytheon Missile Systems, and having worked closely alongside intelligence agencies, he has cemented both his skillset and knowledge as well as helped steer governments take correct courses of action against national threats. As an ethical hacker and social engineer, FC ‘breaks into’ hundreds of banks, offices and government facilities in the UK and Europe. His work demonstrating weaknesses in physical, personnel and digital controls assists organisations to improve their security. He is motivated by a drive to make individuals, organisations and countries more secure and better- able to defend themselves from malicious attack. Now Co-Founder and Head of Ethical Hacking at Cygenta Ltd, he continues to perform valuable research into vulnerabilities. His client list involves major high-street banks in the UK and Europe, FTSE100 companies and multiple government agencies and security forces.     About Dave     Dave Mound (@DeathsPirate) is an Experienced Cyber Security Researcher with a demonstrated history of working in the Computer &Network Security industry along with threat intelligence. He’s done a lot of work in Penetration Testing, Reverse Engineering, Agile Methodologies, Computer Forensics, Red Teaming and Threat Intelligence… and… he looks good in a white suit and turtleneck   About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before.   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.    Can’t get enough of Insecurity? You can find us at ThreatVector, Blackberry, Apple Podcasts and Spotify as well as GooglePlay, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Cybersecurity At the Movies: Sneakers     The world isn't run by weapons anymore, or energy or money.   It's run by ones and zeroes, little bits of data. It's all just electrons…   There's a war out there, old friend, a world war… and it's not about who's got the most bullets… It's about who controls the information ...what we see and hear, how we work, what we think.   It's all about the information.    -- Cosmo; Sneakers, 1992   We are stepping WAY out of the box for a technical deep dive examination of one of the great Hacker movies of all time… Sneakers. Maybe the last great techno-thriller before the emergence of the commercial internet… Sneakers features everything you want from a hacker movie… wire tapping, social engineering, a little black book and tech that looks/feels familiar enough that you recognize it, but aren’t quite sure what it actually does.   On this week’s episode, Matt Stephenson takes a technical look at the 1992 classic hacker film Sneakers with people who, in real life, do what the heroes of Sneakers do onscreen. Dr Jessica Barker, Freaky Clown and Death’s Pirate (or… just Dave) have broken into banks, kidnapped executives and, some times, just straight up hacked networks (while wearing White Hats of course)… Let’s sit down with real life experts to see if Hackers got it right!     About Dr Jessica Barker     Dr Jessica Barker (@drjessicabarker) is a leader in the human nature of cybersecurity. She has been named one of the top 20 most influential women in cybersecurity in the UK and awarded as one of the UK’s Tech Women 50. She is Co-Founder and Co-Chief Executive Officer of Cygenta, where she positively influences cybersecurity awareness, behaviors and culture in organizations around the world.   Dr Barker is a popular keynote speaker and shares her expertise in the media, for example on BBC News, Sky News, Channel 4 News and in Grazia magazine and the Sunday Times. She is Chair of ClubCISO, a peer-based members forum of over 300 information security leaders. In the last year, Dr Barker has given cybersecurity outreach sessions to over 5,000 school students.   Jessica’s new book Confident Cyber Security is coming in 2020, published by Kogan Page.     About Freaky Clown     Freaky Clown (@_Freakyclown_) is a well-known ethical hacker and social engineer. He has been working in the infosec field for over 20 years and excels at circumventing access controls. He has held positions in his career such as Senior Penetration Tester as well as Head of Social Engineering and Physical Assessments for renowned penetration companies. As Head of Cyber Research for Raytheon Missile Systems, and having worked closely alongside intelligence agencies, he has cemented both his skillset and knowledge as well as helped steer governments take correct courses of action against national threats. As an ethical hacker and social engineer, FC ‘breaks into’ hundreds of banks, offices and government facilities in the UK and Europe. His work demonstrating weaknesses in physical, personnel and digital controls assists organisations to improve their security. He is motivated by a drive to make individuals, organisations and countries more secure and better- able to defend themselves from malicious attack. Now Co-Founder and Head of Ethical Hacking at Cygenta Ltd, he continues to perform valuable research into vulnerabilities. His client list involves major high-street banks in the UK and Europe, FTSE100 companies and multiple government agencies and security forces.   About Death’s Pirate… okay… it’s Dave Mound   Dave Mound (@DeathsPirate) is an Experienced Cyber Security Researcher with a demonstrated history of working in the Computer &Network Security industry along with threat intelligence. He’s done a lot of work in Penetration Testing, Reverse Engineering, Agile Methodologies, Computer Forensics, Red Teaming and Threat Intelligence… and… he looks good in a white suit and turtleneck     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Materials Available here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Jose-Selvi-Breaking-SSL-Using-Time-Synchronisation-Attacks.pdf Breaking SSL Using Time Synchronisation Attacks Jose Selvi Senior Security Consultant, NCC Group What time? When? Who is first? Obviously, Time is strongly present in our daily life. We use time in almost everything we do, and computers are not an exception to this rule. Our computers and devices use time in a wide variety of ways such as cache expiration, scheduling tasks or even security technologies. Some of those technologies completely relies on the local clock, and they can be affected by a clock misconfiguration. However, since most operating system providers do not offer secure time synchronisation protocols by default, an attacker could manipulate those protocols and control the local clock. In this presentation, we review how different operating systems synchronise their local clocks and how an attacker could exploit some of them in order to bypass different well-known security protections. Jose Selvi is a Senior Penetration Tester at NCC Group. His 11 years of expertise performing advanced security services and solutions in various industries (government, telecom, retail, manufacturing, healthcare, financial, technology...) include mainly penetration tests and information security research in new technologies. He is also a SANS Institute community instructor for penetration testing courses and a regular speaker at security conferences (mostly in Spain)

Slides here: https://www.defcon.org/images/defcon-22/dc-22-presentations/Littlebury/DEFCON-22-Chris-Littlebury-Home-Alone-with-localhost.pdf Home Alone with localhost: Automating Home Defense Chris Littlebury SENIOR PENETRATION TESTER, KNOWLEDGE CONSULTING GROUP, INC. Home automation is everywhere, and so are their exploits. This presentation will go over a brief history of home automation techniques, cover modern technologies used today, detail some of the current exploits used against modern automation and security systems, and give examples on how to defend against them. You’ll be provided with the knowledge necessary to build your own home-Skynet system- complete with passive and active defenses against physical and wireless attacks. If you like Raspberry Pis, RF hacks, dirty soldering jobs, and even dirtier code, then this is your talk. Chris Littlebury is a Senior Penetration Tester with Knowledge Consulting Group (KCG). He enjoys hardware hacking, turning wrenches, and opportunities to combine the two. He also claims to have created the first Raspberry Pi-powered, wireless BBQ smoker.

"This presentation details the methods attackers utilize to gain access to wireless networks and their attached resources. Examples of the traffic that typifies each attack are shown and discussed, providing attendees with the knowledge too identify each attack. Defensive measures that can be taken in real time to counter the attack are then presented. Chris Hurley (Roamer) is a Senior Penetration Tester working in the Washington, DC area. He is the founder of the WorldWide WarDrive, a four-year effort by INFOSEC professionals and hobbyists to generate awareness of the insecurities associated with wireless networks and is the lead organizer of the DEF CON WarDriving Contest. Chris has spoken at several security conferences and published numerous whitepapers on a wide range of INFOSEC topics. Chris is the lead author of "WarDriving: Drive, Detect, Defend ", and a contributor to "Stealing the Network: How to Own an Identity", "Aggressive Network Self-Defense", "InfoSec Career Hacking", and "OS X for Hackers at Heart"."