Podcasts about senior security consultant

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   William Sako is a security and risk expert. Justin and William address issues such as how security tech makes buildings smarter and safer, examples of the risk tech used in these buildings, and mistakes that risk leaders might make today. They discuss how COVID-19 has facilitated change in enhancing security measures that will be with us forever. They talk about the important role of the risk manager when designing a security plan for a building. They dig into how risk managers can lead the charge, going above and beyond check-the-box compliance. Listen to William's perspectives on risk technology, communication within an organization, and the future of building security. Key Takeaways: [:01] About RIMS and RIMScast. [:15] Public registration is open for RISKWORLD 2025! Engage Today and Embrace Tomorrow with RIMS at RISKWORLD from May 4th through May 7th in Chicago, Illinois. Register at RIMS.org/RISKWORLD. [:31] About this episode of RIMScast. We will be joined by Bill Sako of Telgian Engineering to discuss security risk management in 2025. [:58] RIMS-CRMP Workshops! As part of RIMS's continuing strategic partnership with Purima, we have a two-day course coming up on April 22nd and 23rd. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:15] Virtual Workshops! On March 26th, Pat Saporito will host “Generative AI for Risk Management”. The next course will be on June 26th. [1:29] On April 16th and 17th, Chris Hansen will lead “Managing Worker Compensation, Employer's Liability, and Employment Practices in the U.S.” [1:42] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [1:53] RISKWORLD registration is open. Engage Today and Embrace Tomorrow, May 4th through 7th in Chicago. Register at RIMS.org/RISKWORLD. Also, remember that there will be lots of pre-conference workshops being held in Chicago just ahead of RISKWORLD. [2:12] These courses include “Applying and Integrating ERM,” “Captives as an Alternate Risk Financing Technique,” “Contractual Risk Transfer,” “Fundamentals of Insurance,” “Fundamentals of Risk Management,” RIMS-CRMP Exam Prep, and more! The links are in the show notes. [2:35] Our guest today, Bill Sako, is the Vice President and Senior Security Consultant at Telgian Engineering and Consulting. He has 50 years of experience in security risk management. [2:49] Bill will tell us what's keeping him up at night in security, risk management, visitor management, and workplace safety in 2025. We'll also provide tips for risk managers on how to be more of a leading voice in finding a new location, renovating it, and installing security tech. [3:15] Interview! Bill Sako, welcome back to RIMScast! [3:33] Bill got into the business of security in 1974 by starting Sako & Associates, a security consulting firm. It became the second largest in the U.S. with 28 engineers and support staff, doing every kind of security project in buildings and venues. [3:54] Sako & Associates did security projects at U.S. Embassies, F.B.I. Headquarters, super highrise buildings all over the world, large mixed-use projects, and developing multiple security programs that have to meld together in a large, complicated building. [4:20] These projects include large medical centers and college campuses around the world. A lot of its work was done with architects in corporate America when they were developing office buildings. [4:39] Sako & Associates developed over $2.2 billion in security plans over many projects. [5:33] Today's security tech is transforming buildings into smarter and safer environments through advanced sensors, AI, and connectivity. AI-powered surveillance cameras detect unusual behavior, recognize faces, and track movement in real-time. [5:58] That technology was in its infancy 10 years ago. It's come a long way and the technology is becoming rock-solid. The systems can differentiate between threats and harmless activities to reduce false alarms and help the person monitoring the system understand them. [6:18] Access control to the building and tenant spaces within the building is provided through biometric scanners, mobile-based apps, and smart card readers, with logs for digital security auditing.  [6:37] Smart IoT sensors monitor temperature and air quality. They trigger alarms very quickly in case of fire, gas leak, or unauthorized entry, to keep the building occupants safe. [6:54] Automated threat response is provided through automatically locking doors, alerting authorities, and activating emergency lighting, in response to hazards and breaches. We've had this capability for 20 years, but it is being used more now. [7:27] Cloud-based surveillance allows remote monitoring by management and first responders through web access and smartphones to see the cameras in the building in real time. It's becoming a trend. [7:59] Cyber security measures, with increased connectivity, can provide solutions to protect networks from threats like hacking and data breaches to ensure physical security systems are uncompromised. [8:12] Fire response systems have been hardwired for years. Engineers are starting to implement connected capabilities for them. [8:39] Bill talks about companies paying to install cameras, but when a camera fails, not paying to replace them, leaving black monitor screens. That gave birth to predictive maintenance plans with established lifelines for any piece of equipment and budgets for replacement as needed. [9:49] All the functions of emergency management are being automated. These innovations collectively create smarter buildings that are more secure, efficient, and responsive to any potential threat. [10:40] Many times, the technology that's put into a building is assumed to be static. That's true until you make changes to the building. Then you have to update the system. [11:02] Security is a different ball game. Security is based on behaviors. The threat environment can change from hour to hour or day to day, depending on who's visiting the building and what's going on down the street. You have to have flexibility and people to operate the equipment. [11:28] The technology needs a human operator to interpret the signals and determine the right response in real time. AI and machine learning are great technologies and we're using them virtually in every piece of equipment going in. [12:09] You still need a human to be able to assess what's happening and how they're supposed to respond when multiple sensors are going off. Bill tells of a break-in when the right response was to send three armed security officers to the asset vault. The suspects were apprehended. [13:46] Bill explains some of the changes in security technology that have been incorporated as a result of COVID-19. Increased reliance on technology led to changes in security practices.  Touchless access control came about as a result of COVID-19. [14:28] Occupancy management lets building owners know who is in the building and allows for the building to be evacuated safely. [14:48] With people working from home, COVID-19 led to an expansion in remote monitoring. [15:02] Visitor management is important. Healthcare facilities realize today that they have to protect their staff and patients in the building. They need screening in the lobby and must use visitor management. Automated systems make it easy. [16:28] Touchless and mobile access control will be with us forever. Bill also includes hybrid security management, AI-powered surveillance and analytics, and moving security and surveillance to the cloud provides greater capability. Your command center can be your laptop. [17:35] As security moved more into the digital domain, we figured out how to operate across networks and maintain security for all the data we have. Bill says it's rock-solid today. [17:55] Bill believes cloud-based services are the way to go for most buildings today. It gives you the capability to do everything remotely. [18:04] Data-driven decision-making will stay with us for a long time. It allows you to predict and mitigate risk on the fly. You have to train people well to know how to respond to the data. [18:26] Zero trust is a practice where no one coming into the network is trusted without proof through multi-factor identification. Even the Chairman of the Board must be verified. [19:01] Bill continues with crisis management and business continuity planning. A bullet list is not a business continuity plan. With crisis management and business continuity, you have to train people so they understand the plans. [19:24] The pandemic introduced new security practices and accelerated the modernization of legacy systems. Security includes integrating legacy systems with new systems. Command centers may have multiple disparate systems in one security management enterprise system. [20:14] Plug Time! RIMS Webinars! On Wednesday, March 26th at 2:00 p.m. Eastern Time, members of the RIMS Strategic and Enterprise Risk Management Council will extend the dialog that began in the recent RIMS Executive Report “Understanding Interconnected Risks”. [20:33] On Thursday, March 27th, Descartes Underwriting will make its RIMS Webinar debut with a session about parametric insurance. On April 3rd, join Zurich for “Understanding Third-Party Litigation Funding”. [20:47] On April 10th, Audit Board will present “What CISOs Want Risk Executives to Know About Cyber Risk in 2025”. [20:54] Following the success of their recent webinar, HUB International returns for the next installment of their Ready for Tomorrow Series, “From Defense to Prevention: Strengthening Your Liability Risk Management Approach”. That session will be on April 17th. [21:10] On April 24th, RiskConnect returns to deliver “Better Together: The Marriage of Insurable Risk and Business Continuity”. [21:18 More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [21:30] Let's Resume Our Dialogue about Security Risks with Bill Sako! [22:10] In 50 years of security work, Bill did not encounter many leaders with Risk in their titles. While all insurance is about risk, in the corporate world, only very large companies have risk officers. Everything is in its silo. Getting the silos to talk together can be a nightmare. [22:48] Typical buildings don't have risk managers. Corporate campuses may have a risk manager to manage 50 or 60 buildings. That person is strained. [23:02] When Telgian Engineering & Consulting is brought in for an audit or to develop a new system design for a client, they identify who the risk leader is, whatever title they may have. They team with the people who know the vulnerabilities and the threats of the organization. [23:47] Telgian has recommended to several clients that they should hire a risk management person on staff. In a lot of cases, they say they don't have the budget but they'll think about it for the future. At that organization, who is evaluating risk for them? [24:07] Telgian, as a consultant, takes that role for the organization while they're doing the assessment, creating detailed risk models. Then they educate the client to the extent that the client understands what the risks are and the risk mitigation techniques they could use. [24:47] Bill says the hard thing is to dig into organizations internally to find who that risk leader might be. Someone is doing it, even without the title. It might be the CEO. [25:36] In organizations with a titled risk officer, they may be siloed, in a lot of cases. That risk manager needs to understand whom to work with within the organization to address all the organization's security concerns. The siloes need to be taken down. [26:17] Telgian Engineering & Consulting has always had the responsibility to educate its clients. The clients may think they understand what security is and what the risks are, but they often have a very narrow view without seeing the big picture. [27:06] The person at the lobby reception desk of an office building is often the first line of defense. There may be security officers there. What happens when the visitor goes up the elevator? [27:38] The organization should provide security training for the lobby receptionist. They can see if a visitor is acting agitated. They can attempt to de-escalate an angry visitor. They need to be briefed on the organization's security practices, especially when they identify a threat. [29:23] When Telgian does an assessment, they don't want one point person to show them around. They want to talk to everybody who is in touch with what's going on in the organization. Receptionists are one of the primary sources of information for Telgian. [30:13] Bill says that risk leaders and officers need to find a way to become embedded in the organization and the things that are going on. The risk manager needs to be part of the security team, the facilities team, the legal team, and the IT team. [30:32] Bill has recommended to risk managers that they should set up monthly or bi-monthly meetings with the leaders of the siloes to discuss concerns and risks and how to solve those problems together. The risk manager is usually the right person to pull that team together. [31:42] Bill says identifying risks through AI on video cameras and following a visitor through the building is happening in many organizations now. This is critical for post-incident analysis. [33:07] One thing the government is great at is doing a full-blown report after an incident. That incident report winds up informing security of the risks to watch for. [33:19] On every consultation project, Bill got past reports upfront from the organization to see what the issues have been with the organization. They design security systems to meet those threats. Organizations have to do that to manage their risks properly. [33:42] Special thanks again to William Saco for joining us here on RIMScast. In this episode's show notes, I have links to more RIMS Risk Management magazine and RIMScast coverage on security risks and workplace violence preparedness and prevention.  [33:59] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [34:27] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [34:46] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [35:03] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [35:20] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [35:34] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [35:41] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Links: RISKWORLD 2025 — May 4‒7. | Register today! Nominations for the Donald M. Stuart Award [Canada] Spencer Educational Foundation — General Grants 2026 — Application Dates Spencer's RISKWORLD Events — Register or Sponsor! RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Risk Management magazine RIMS Now RIMS Webinars: RIMS.org/Webinars “Understanding Interconnected Risks” | Presented by RIMS and the Strategic and Enterprise Risk Management Council | March 26, 2025 “Parametric Insurance and Climate Risk: An Innovative Tool for CAT Risk Management” | Sponsored by Descartes Underwriting | March 27, 2025 “Understanding Third-Party Litigation Funding” | Sponsored by Zurich | April 3, 2025 “What CISOs Want Risk Executives to Know About Cyber Risk in 2025” | Sponsored by Auditboard | April 10, 2025 “Ready for Tomorrow? From Defense to Prevention: Strengthening Your Liability Risk Management Approach” | Sponsored by Hub International | April 17, 2025 “Better Together: The Marriage of Insurable Risk and Business Continuity” | Sponsored by Riskonnect | April 24, 2025   Upcoming RIMS-CRMP Prep Virtual Workshops: RIMS-CRMP Exam Prep with PARIMA | April 22‒23 Full RIMS-CRMP Prep Course Schedule   Upcoming Virtual Workshops: “Generative AI for Risk Management” | March 26 and June 26 | Instructor: Pat Saporito “Managing Worker Compensation, Employer's Liability and Employment Practices in the U.S.” | April 16‒17 | Instructor: Chris Hansen See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Evolving Fire Risks with Ralph Bless” “Public Violence and Workplace Safety with Lauris Freidenfelds” “E-Commerce's Impact on Fire Safety in Supply Chains with Leonard Ramo” “Data Privacy and Protection with CISA Chief Privacy Officer James Burd” “Solving Wicked Problems with Dr. Gav Schneider”   Sponsored RIMScast Episodes: “What Risk Managers Can Learn From School Shootings” | Sponsored by Merrill Herzog (New!) “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring Walmart ERM Director Michelle Black!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: William Sako, Vice President, Senior Security Consultant at Telgian Engineering & Consulting, LLC   Production and engineering provided by Podfly.  

Alethe Denis, Senior Security Consultant at Bishop Fox, is a red team hacker, physical pen tester, and social engineer. In this episode, she joins host Heather Engel to discuss her work, including how she prepares for social engineering engagements, common vulnerabilities encountered, and how the cybersecurity threat landscape continues to evolve. For more information about Alethe, visit https://linktr.ee/alethedenis. • For more on cybersecurity, visit https://cybersecurityventures.com/

Drones are becoming more common in skies around the world. While the initial reaction seems to be focused on privacy concerns, which are very valid, there should also be a higher focus on what someone can do with a relatively lightweight drone. Having it carry a hacking device or it being a hacking device itself is something that has not been talked about enough. Speakers: Brad Ammerman, Senior Director of Security, Prescient Security Alex Thines, Senior Security Consultant, Prescient Security Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Christophe Mottier, Team Leader Modern Workplace et Sécurité , collabore avec Mathieu LEPETIT, notre Senior Security Consultant de chez Devoteam M Cloud.Ensemble, ils se penchent sur la manière de débuter avec Sentinel et ses fonctionnalités.Azure Sentinel est une solution de gestion des informations et des événements de sécurité (SIEM) basée sur le cloud proposée par Microsoft. Elle permet aux organisations de collecter, analyser et répondre aux menaces potentielles à l'aide d'une infrastructure cloud. Azure Sentinel utilise l'intelligence artificielle pour détecter les menaces et offre des fonctionnalités avancées de sécurité pour aider à protéger les systèmes et les données.

Mein Gast heute: Dr. Laurin Weissinger er ist Senior Security Consultant bei Fresenius Digital Technology. Zu seinen Themenbereichen zählen insbesondere Cloud Security, Security Risk Management, Third Party Security und Business Continuity. Darüber hinaus ist er in der Arbeitsgruppe Digital Trust bei ISACA Germany engagiert, ist Expert Advisor bei der Messaging Malware and Mobile Anti-Abuse Working Group und Research Fellow der Anti-Phishing Working Group. Vor seiner Tätigkeit bei Fresenius lehrte er an der Tufts University und der Yale Law School. Wir reden gemeinsam über die KI die Herausforderungen bei der Akzeptanz und Sicherheit, Nebenwirkungen und Zero Trust.

Mein Gast heute: Dr. Laurin Weissinger er ist Senior Security Consultant bei Fresenius Digital Technology. Zu seinen Themenbereichen zählen insbesondere Cloud Security, Security Risk Management, Third Party Security und Business Continuity. Darüber hinaus ist er in der Arbeitsgruppe Digital Trust bei ISACA Germany engagiert, ist Expert Advisor bei der Messaging Malware and Mobile Anti-Abuse Working Group und Research Fellow der Anti-Phishing Working Group. Vor seiner Tätigkeit bei Fresenius lehrte er an der Tufts University und der Yale Law School. Wir reden gemeinsam über die KI die Herausforderungen bei der Akzeptanz und Sicherheit, Nebenwirkungen und Zero Trust.

Mein Gast heute: Dr. Laurin Weissinger er ist Senior Security Consultant bei Fresenius Digital Technology. Zu seinen Themenbereichen zählen insbesondere Cloud Security, Security Risk Management, Third Party Security und Business Continuity. Darüber hinaus ist er in der Arbeitsgruppe Digital Trust bei ISACA Germany engagiert, ist Expert Advisor bei der Messaging Malware and Mobile Anti-Abuse Working Group und Research Fellow der Anti-Phishing Working Group. Vor seiner Tätigkeit bei Fresenius lehrte er an der Tufts University und der Yale Law School. Wir reden gemeinsam über die KI die Herausforderungen bei der Akzeptanz und Sicherheit, Nebenwirkungen und Zero Trust.

Gisela Hinojosa is a Senior Security Consultant at Cobalt, executing IoT penetration tests and red teaming exercises with a wide variety of security teams. With over 13 years of experience in the tech world, Gisela has held roles in admin, software engineering, QA, consulting, and penetration testing. In this episode, she shares what vulnerabilities she discovers and how security teams can extract as much value as possible from each pentest engagement. For more on this topic, make sure to check out the industry report "The State of Pentesting 2023": https://resource.cobalt.io/state-of-pentesting-2023

Guest: Greg Porterfield, Senior Security Consultant at SET Solutions [@setsolutionsinc]On LinkedIn | https://www.linkedin.com/in/gporterfield/On Twitter | https://twitter.com/GregPorterfieldHost: Phillip WylieOn ITSPmagazine  

Guest: Greg Porterfield, Senior Security Consultant at SET Solutions [@setsolutionsinc]On LinkedIn | https://www.linkedin.com/in/gporterfield/On Twitter | https://twitter.com/GregPorterfieldHost: Phillip WylieOn ITSPmagazine  

In this episode of the We Hack Purple podcast host Tanya Janca met with Frank from Phoenix Security in the UK! We talked about this latest white paper ‘SLAs are Dead, Long Live SLAs!', how AppSec folks aren't necessarily ‘great' at maintaining their own SLAs, and how to empower a team to do their own governance and be responsible for their own risk. We talked about how to figure out the security maturity model you are looking for, and what kind of language we can use to help a client decide it for themselves. We also talked about how to get several industry experts to work on the same document together: spoiler alert, it's hard! Listen to hear more!The White Paper: SLAs are Dead, Long Live SLAs! Data Driven Vulnerability ManagementFrank's Podcast: Cyber Security and Cloud PodcastSeveral MORE White Papers from Phoenix Security:Priority: https://phoenix.security/whitepapers-resources/vulnerability-management-in-application-cloud-security/ Vulnerability management and regulation: https://phoenix.security/whitepapers-resources/whitepaper-vulnerability-management-in-application-cloud-security/ Upcoming Webinars with Frank!16/02 - 4m GMT - Brooks Shoenfield - SLA, application security and data driven programs : https://youtube.com/live/dfANH8WKavY?feature=share22/2 - 5 PM GMT - Chris Romeo - Data Driven Application security programs, how to measure maturity and scale : https://youtube.com/live/wqlC-cClqYE?feature=shareFrank's Bio:Francesco is a seasoned entrepreneur, CEO of the Application Security Risk based posture management Appsec Phoenix, author of several books, host of multi award Cyber Security & Cloud Podcast, speaker and known in the in the cybersecurity industry and recognized for his visionary views. He currently serves as Chapter Chair UK&I of the Cloud Security Alliance. Previously, Francesco headed the application and cloud security at HSBC and was Senior Security Consultant at AWS. Francesco has been keynoting at global conferences, have authored and co-authored of a number of books. Outside of work, you can find me running marathons, snowboarding on the Italian slopes, and enjoying single malt whiskeys in one of my favourite London clubs. Very special thanks to our sponsor: Phoenix Security!Phoenix Security ingests data from any security tool, cloud, or code, correlates vulnerabilities, contextualizes, prioritizes and translates into risk. Phoenix Algorithm selects the subset of vulnerabilities more likely to get exploited in the next 30 days, delivering them to the engineers' backlog. From Code to cloud contextualize, Prioritize enables security engineers to act on the risk that matters most without burning out. Join We Hack Purple!Join us in the We Hack Purple Community:  A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to our newsletter for even more free knowledge! You can find We Hack Purple Podcast, in audio format, on Podcast Addict, Apple Podcast, Overcast, Pod, Amazon Music, Spotify, and more!

Today's episode is hosted by Karl and James. They talk to Alethe Denis, Senior Security Consultant at Bishop Fox, about how children learn how to utilize social engineering at a young age, some common misconceptions about making a career out of social engineering, and why HR departments are a force to be reckoned with.

Derek is a military veteran. He has over 10 years of experience in infosec and IT. Derek is the Founder, Content Creator, and Podcast Host of Cyber Warrior Studios LLC, and a Senior Security Consultant at Seiso. 00:00 Introduction 01:25 Dereks Origin Story 04:20 Dereks Military Cyber background 09:13 Dereks Origin Story (cont.) 12:15 Why “Cyber Warrior” 14:50 Strategy 18:50 Defense in Depth 21:50 Prevention Paradox 22:49 100% Secure 26:30 What makes a good target? 30:34 How many companies are compromised and don't know it? 33:05 What can we do? 35:07 Sony attack 38:46 Hackers & Malware 43:30 More About Derek To learn more about Derek visit https://www.linkedin.com/in/dschellerjr/ Visit Cyberwarriorstudios.com Follow Derek on his Social Media Channels: https://www.instagram.com/cyberwarriorstudios/ https://www.youtube.com/cyberwarriorstudios https://www.facebook.com/CyberWarriorStudios/ https://twitter.com/cyberwarriorst1 To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: https://www.instagram.com/securityconfidential/ Facebook: https://m.facebook.com/Dark-Rhino-Security-Inc-105978998396396/ Twitter: https://twitter.com/darkrhinosec LinkedIn: https://www.linkedin.com/company/dark-rhino-security Youtube: https://www.youtube.com/channel/UCs6R-jX06_TDlFrnv-uyy0w/videos

ShadowTalk host and Digital Shadows CISO Rick Holland alongside Michael Farnum Chief Technology Officer at Set Solutions and Greg Porterfield, Senior Security Consultant at Set Solutions give you the latest in threat intelligence. This episode they cover: -How Defenders Should Respond to The Uber Breach -2023 planning For more information about Set Solutions, check out their podcast: https://www.setsolutions.com/category/podcast/ Also, make sure you've looked at the details and have registered for Hou.Sec.Con 2022: https://web.cvent.com/event/0ac8a54d-fbe9-4a16-8510-49dcf538389f/summary

Let's talk about digital identity with Roberth Lundin, Senior Security Consultant at Knowit. In episode 76, Senior Security Consultant at Knowit, Roberth Lundin, discusses identification services in Sweden alongside Smart Cards – what identification services are available in Sweden and why should someone have a BankID or Freja e-ID as well as what smart cards are and what is interesting about these. [Transcript below] "But if you take a smart card, for example, well, you can't copy a smart card. That's very important." Roberth Lundin is Senior Security Consultant at Knowit. For the last years he has been working with Bankgirot as an IT-security specialist, in which one of his most important duties is to coordinate all security audits using risk-based approach, also worked with SOC/SIEM system, identity governance and administration (IGA). In his vast experience he has seen and contributed to the evolution of eIDs in Sweden including smart cards. Connect with Roberth on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Come to meet us in person. Ubisecure are attending Security Leadership Belgium on October the 5th and 6th in Brussels. Come and meet us to find out how Ubisecure can help with your business challenges in cyber security and CIAM. To find out more, take a look at the Ubisecure events page, www.ubisecure.com/events. See you in Brussels. Oscar Santolalla: Thank you for joining a new episode of Let's Talk About Digital Identity. I was thinking, personally, I have been using for accessing many online services, I use many authentication methods, identification services that we have been discussing in this podcast, three years. But one that I have not used is a smart cards. For instance, even though hereby being a citizen of Finland, I have one, but I have not used it before. So that's one of the things we're going to discuss today, how to use a smart card for identification. And also, what are the other identification services in Europe and especially from Sweden that is from where our guest today is coming. Our guest today is Roberth Lundin. He is a Senior Security Consultant at Knowit. For the last years, he has been working with Bankgirot as an IT Security Specialist in which one of his most important duties is to coordinate all security audits using risk-based approach. He also works with SOC SCM systems, Identity Governance and Administration, IGA among all the roles in his vast experience he has seen and contributed to the evolution of eIDs in Sweden, including smart cards. Hello, Roberth. Roberth Lundin: Hello. Oscar: OK, Roberth. So, let's talk about data identity. But first of course, we want to hear a bit more about yourself. So please, you can tell us, yeah, your journey to this world of the that identity. Roberth: I started in 1989 at a company named Bull. The first project I got was to finish a secure login and file transfer tool for UNIX, which use smart cards, high security smart cards, actually. Then I have been working for the next 20 years at Bull, Integris, Steria with personalisation systems for smart cards, issue system for electronic IDs and so on. 2009, I started work at Cybercom, which is now named Knowit. 2014, I started the first signing service using DIGGs framework, which I still work with part-time and been working for since 2015 to 2018 with electronic medical certificate and signing of them as a security specialist. And then for 2019, I worked at Bankgirot to secure their operations. That's my background basically, very shortly. Oscar: Fantastic. We're going to talk about smart cards and also the eIDs in Sweden and Europe. But first, I know something interesting is to think of in a broader aspect all the authentication methods and ways of verifying identi...

Haley Glover is the Senior Security Consultant at Sapphire Risk Advisory Group and has over a decade of experience in the security industry. Haley shares her insights into everything SECURITY and CANNABIS. From setting up security when you first apply for your application to ongoing security training with your employees and really working as a team to make sure that your cannabis retail location is secure. Cannabis security risks also include cybersecurity and internal theft protection cameras. She goes through all of it today on the show, and we're so excited to talk to Haley and really just learn from their expertise in this field. If you wanna find out more about Sapphire and the work they're doing, or maybe you want Sapphire to come and help you as you either launch or grow your dispensary visit: Website Facebook Instagram Linkedin YouTube Twitter Haley Glover

Making an impact in the cybersecurity community as a content creator is no easy task! Just ask Derek Scheller, aka The Cyber Warrior. Derek joins hosts Ron and Chris to talk about how he brings his unique personality and positive messages to inspire folks within, and breaking into, cyber. In this this episode, Derek shares: His passion to inspire and motivate others How to make your content stand out How the WWE has inspired his unique persona His thoughts on vulnerability and being authentically yourself Tips for making impactful and sticky content Check out Ron and Chris' interview with The Cyber Warrior on Security Happy Hour, here!  Sponsor Links:  Thank you to our sponsors Axonius and Uptycs for bringing this episode to life! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone With Uptycs, modern defenders can prioritize, investigate and respond to threats across the entire attack surface—all from a common solution Uptycs.com Be sure to stop by their booth #435 at RSA 2022 Guest Bio: Derek Scheller is a Senior Security Consultant for Seiso, LLC. In 2017, he retired from the US Army as a Cyber Network Defender and worked in both defensive and offensive operations. When he is not helping clients with their security needs, he is a content creator that aims to help as many people as possible enter the cyber security space. You can find him on YouTube Twitch, LinkedIn, and Facebook under Cyber Warrior Studios, where he posts weekly. Links: Stay in touch with Derek Scheller with Cyber Warrior Studios on LinkedIn and Twitter Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out more from Hacker Valley Media and Hacker Valley Studio  

Matt shares not only his story and advice, he gives valuable advice based on his personal interviewing and job hunting experience, as well as the experience he has gained interviewing others for roles in his consulting team. Matt also shares information about the community that he started to help people trying to get into the cybersecurity field._______________________GuestMatt KeeleySenior Security Consultant at Bishop FoxOn LinkedIn | https://www.linkedin.com/in/mattrkeeley/______________________HostPhillip WylieOn ITSPmagazine  

Matt shares not only his story and advice, he gives valuable advice based on his personal interviewing and job hunting experience, as well as the experience he has gained interviewing others for roles in his consulting team. Matt also shares information about the community that he started to help people trying to get into the cybersecurity field._______________________GuestMatt KeeleySenior Security Consultant at Bishop FoxOn LinkedIn | https://www.linkedin.com/in/mattrkeeley/______________________HostPhillip WylieOn ITSPmagazine  

This week Michael and our new cohost Greg are joined by Senior Security Consultant, Leo Magallon, to discuss the ever-expanding Identity in the Cloud. Listen in as Leo shares the origin of identity, how organizations currently defend their users, and where the technology is heading. Things Mentioned:https://www.mandiant.com/resources/unc3524-eye-spy-emailhttps://www.darkreading.com/operations/identity-and-access-management-looking-ahead-to-2021https://www.darkreading.com/edge-articles/why-we-need-to-consolidate-digital-identity-management-before-zero-trustDo you have questions for the hosts? Reach out to us on our website at https://www.setsolutions.com/contact/Hosts: Michael Farnum and Greg PorterfieldProduced by: Set SolutionsEdited by: Lauren Lynch

In all likelihood you'll come across a sexist boss in your career. Maybe you're dealing with one right now, or can remember a time you've witnessed your coworkers put up with prejudice. So how should you handle sexism, and how do we craft diverse environments that cull sexist cultures altogether? Speaking at the 2022 Future Women Leadership Summit, Mary Wooldridge, Director of the Workplace Gender Equality Agency, Dr Victor Sojo, Senior Lecturer in Leadership at the University of Melbourne and Jessica Smith, Senior Security Consultant at CyberCX discuss their experiences and research surrounding gender inequality at work and give their advice on how you can deal with, and prevent future displays of discrimination. The Future Women Leadership Series is hosted by Helen McCabe. See omnystudio.com/listener for privacy information.

This week, in our first segment, we welcome Prashasth Baliga, Senior Security Consultant at Palo Alto Networks to talk about Security Orchestration and Automation Simplified! Then, Ryan Fried, Senior Security Engineer at Brooks Running, joins for an interview about Getting Value from SOAR beyond Phishing Workflows! Finally, in the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw272

This week, in our first segment, we welcome Prashasth Baliga, Senior Security Consultant at Palo Alto Networks to talk about Security Orchestration and Automation Simplified! Then, Ryan Fried, Senior Security Engineer at Brooks Running, joins for an interview about Getting Value from SOAR beyond Phishing Workflows! Finally, in the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw272

It's a tale as old as time – developers and security teams have historically butted heads over how security impacts application development and vice versa. But it doesn't have to be this way! This week host Michal Farnum is joined by Senior Security Consultant, Greg Porterfield, and Imperva's Director of Technology, Peter Klimek, to discuss how RASP (Runtime Application Self-Protection) can easily run inside your code and maybe even save your weekends. Things Mentioned:https://www.setsolutions.com/its-a-feature-gap/https://www.infosecurity-magazine.com/news/cadbury-warns-of-easter-egg-scam/https://jfrog.com/blog/large-scale-npm-attack-targets-azure-developers-with-malicious-packages/https://www.imperva.com/blog/imperva-protects-from-new-spring-framework-zero-day-vulnerabilities/Do you have questions for the hosts? Reach out to us on our website at https://www.setsolutions.com/contact/Host: Michael Farnum Produced by: Set SolutionsEdited by: Lauren Lynch

On this week's show Senior Security Consultant, Greg Porterfield, and Senior Director of Applicant Security Products at Rapid7, Dan Kuykendall, join host Michael Farnum to discuss the “Categorical Blindspot” that is API's. Hacking them, securing them, and everything in between!   Things Mentioned:·      https://healthitsecurity.com/news/logan-health-faces-lawsuit-in-wake-of-hacking-incident·      https://www.bleepingcomputer.com/news/security/revil-ransomware-member-extradited-to-us-to-stand-trial-for-kaseya-attack/·      https://thehackernews.com/2022/03/russian-pushing-its-new-state-run-tls.html ·      https://apis.guru/graphql-voyager/ Do you have questions for the hosts? Reach out to us on our website at https://www.setsolutions.com/contact/Host: Michael Farnum Produced by: Set SolutionsEdited by: Lauren Lynch

Join our host TJNull as he stills down with Drew Kirkpatrick (@hoodoer), Senior Security Consultant at TrustedSec and former Senior Computer Scientist for the U.S. Navy. They discuss his second-career pentesting pursuits and how he made the transition to infosec from a different career. Find out which three skills are the most important to have in pentesting—and how they differ for internal pentesters vs. consultants. They also discuss hoodoer's favorite tools for web app pentesting as well as some interesting stories from recent engagements he's been on. Finally, hear some helpful advice for those who are working to become a pentester or enter the infosec field. Enjoy this week's episode!

Alejandro es Senior Security Consultant en IOActive, ha sido ponente en eventos internacionales de ciberseguridad como defcon y blackhat, también es un investigador apasionado por el trading entre muchas otras cosas más que platicaremos el día de hoy.

Charles is a Senior Security Consultant for Red Siege. He has over 18 years of experience in IT. In his spare time, Charles does retro gaming and works on the SECBSD open source project, a penetration testing distro. He currently works as Staff at several Security Conferences, podcasts (GrumpyHackers) (Positively Blue Team Cast), and is a part of the MentalHealthHackers DeadPixelSec NovaHackers and  HackingisNotaCrime Family. Charles joins us to talk about positivity in InfoSec. If you've never seen Charle's videos, you're missing out. We'll unpack what drives his positivity and how we as infosec / appsec people can embrace a more positive approach to our world. We hope you enjoy this conversation with...Charles Shirer.

In this episode of the Virtual Coffee with Ashish edition, we spoke with Toni de la Fuente (@toniblyx) is the Senior Security Consultant at AWS (@AWSCloud) and author of Prowler - AWS Security Tool. Host: Ashish Rajan - Twitter @hashishrajan Guest: Toni de la Fuente @toniblyx In this episode, Toni & Ashish spoke about What is Cloud Security Assessment? The story behind the creation of Prowler and what Prowler does? How is Prowler different to CIS benchmark? How to set up an effective incident response plan? How to respond to forensic collection evidence? And much more… ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

Dr. Marie Moe is a research scientist, engineer, and a Senior Security Consultant at mnemonic. In this episode, she discusses how she became interested in cyber, how she hacked into her pacemaker to learn about vulnerabilities, what it was like founding the Pacemaker Hacking Project, and what the future of medical IoT looks like. To learn more about The Pacemaker Hacking Project team and their results, visit https://www.mnemonic.no/blog/uncovering-vulnerabilities-in-pacemakers/

Jim Nelson, Senior Security Consultant for Innovative Solutions, has been working with organizations to help raise their security posture based on their risk for the last 17 years.In this episode, we talk about: How to reframe the security conversation so business owners understand that an investment in security is taking a proactive stance. Ultimately, you have to empathize with business owners. Why fear-based tactics may not be the best solution in getting people to care about security. Why it's so important to understand the business and its employees before establishing security controls. Expectations around security--customers just assume that their data is safe.

Today we're talking cloud security and work-from-home. If you've ever checked your work email on your personal phone – I know you have, because we've all done it! – or touched up some time-sensitive spreadsheets on the same ipad your kids use to play Animal Crossing, Terence Jackson, Chief Information Security & Privacy Officer of Thycotic, is going to tell you how to tighten up your security protocols to ensure that work-from-home doesn't become breach-from-home!– Enter code “cyberwork” to get 30 days of free training with Infosec Skills: https://www.infosecinstitute.com/skills/– View transcripts and additional episodes: https://www.infosecinstitute.com/podcastWith more than 17 years of public and private sector IT and security experience, Terence Jackson is responsible for protecting the company's information assets. In his role, he currently leads a corporate-wide information risk management program. He identifies, evaluates and reports on information security practices, controls and risks in order to comply with regulatory requirements and to align with the risk posture of the enterprise. Prior to joining Thycotic, Terence was the Director of Cybersecurity and Professional Services for TSI, a Virginia based Inc. 5000 company. He has also worked as a Senior Security Consultant for Clango, Inc., a top Identity and Access Management (IAM) consultancy. He was featured in and also was a contributor to the book “Tribe of Hackers.”About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

We speak to fellow co-worker and Senior Security Consultant at Secarma, Joe Thorpe, who specialises in app testing. He gives us the low down on hacking mobile apps, how they're similar to web apps, which vulnerabilities are most common and how to choose the right testing for your mobile app. Key points: 0'43 What is mobile application testing? 3'43 Similarities to web application testing 4'49 Finding vulnerabilities in mobile apps 7'21 Hacking mobile apps with Frida and bypassing root detection 9'33 Choosing the right kind of testing for you mobile app 13'09 The Tinder app vulnerability 14'48 The most common vulnerabilities Useful links: Mobile App OWASP Top 10 - https://owasp.org/www-project-mobile-top-10/ Mobile Application Testing - https://www.secarma.com/services/penetration-testing/mobile-application-penetration-testing.html Listening Time: 17 minutes Hosted by: Holly Grace Williams, Managing Director at Secarma Guest: Joe Thorpe, Senior Security Consultant at Secarma

The story of today's guests is ripped straight from the headlines. Gary DeMercurio and Justin Wynn, both of the company Coalfire, were arrested at the Dallas County Courthouse while doing red team pentesting for the State of Iowa’s judicial branch. Their story is fascinating, and they discuss that fateful night as well as ways in which similar incidents could be avoided in the future. You can’t be too timid as a red teamer, they say. "If you're bragging as a red teamer about how you've never been caught, you're not pushing the operation as far as you should. You SHOULD be caught sometimes." – Get your free security awareness toolkit: https://infosecinstitute.com/ncsam2020 – Enter code “cyberwork” to get 30 days of free training with Infosec Skills: https://www.infosecinstitute.com/skills/– View transcripts and additional episodes: https://www.infosecinstitute.com/podcastGary DeMercurio runs one of the largest groups in Coalfire Labs as a Senior Manager working with technologies every day. His expertise focuses on social engineering, physical testing and network devices. At Coalfire, Gary manages day-to-day business involved with FedRAMP, PCI, HIPPA and penetration testing, while helping to spearhead the physical and social engineering portion of testing.As a Senior Security Consultant, Justin Wynn is responsible for actively compromising and reporting on virtual environments typically encountered at Fortune 500 companies. Justin performs wireless, physical, red team and social engineering engagements. Justin also conducts research to include the production of open-source models for printing/milling to aid in red team engagements, with specific regard to tool gaps in the locksport industry as well as master keys for access control/elevator overrides. Currently, Justin is researching security vulnerabilities in various RFID devices.About InfosecAt Infosec, we believe knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with certifications and skills training. We also empower all employees with security awareness training to stay cybersafe at work and home. Driven by smart people wanting to do good, Infosec educates entire organizations to defend themselves from cybercrime. It’s what we do every day — equipping everyone with the latest security skills and confidence to be safe online. Learn more at infosecinstitute.com.

In our September monthly episode we continue our three part series on targeted attacks. In this episode we discuss the pretext and how attackers develop and launch their attacks with special guests Nathan Sweaney, Senior Security Consultant at Secure Ideas and Kevin Johnson, CEO of Secure Ideas. ** Links mentioned on the show ** GoPhish […] The post Targeted Attacks Part 2 – Pretexting and Attack Development appeared first on The Shared Security Show.

This week, we welcome Jason Nickola, COO and Senior Security Consultant at Pulsar Security, to talk about Building An InfoSec Career! In our second segment, we welcome back Sven Morgenroth, Security Researcher at Nesparker, to talk about HTTP Security Headers In Action! In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know!   Show Notes: https://wiki.securityweekly.com/PSWEpisode652 To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Jason Nickola, COO and Senior Security Consultant at Pulsar Security, to talk about Building An InfoSec Career! In our second segment, we welcome back Sven Morgenroth, Security Researcher at Nesparker, to talk about HTTP Security Headers In Action! In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know!   Show Notes: https://wiki.securityweekly.com/PSWEpisode652 To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Max Deighton, the North America Lead for Context and Henry Prince, Senior Security Consultant for Context both join Episode #119 of Task Force 7 Radio to talk about the importance and value of conducting Red Team exercises. The duo unpacks what red teaming really means, what are the rules of engagement when bringing an adversarial mindset to a problem, and how open source intelligence can be used to conduct successful exercises. Deighton and Prince also explain what sophisticated criminals do with all the data that they steal, the role of password managers are in preventing wider exposure to your internet presence, and how the use of multi-factor authentication is still a valid defense protocol to decrease your chances of being victimized by cyber organized crime groups.

As a high-profile public-sector organization, the Dutch Tax and Customs Administration deals with criminals claiming to be representatives of the organization and contacting the public with phishing e-mails every day. By using Splunk and RFC’s like, RFC7208 – Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, we have developed a technique to identify phishing attacks that are carried out under the disguise of the Dutch Tax and Customs Administration. This technique is universally applicable. A precondition is access to the DNS logging. By means of this technique, insight can be obtained where the phishing e-mails are sent from and to whom the phishing e-mails are sent. In this talk we will start by explaining which standards are available to increase e-mail security and how we have build an app in Splunk, including dashboard and a wizard to create the necessary DNS records to gain insight information about the abuse of our domains. Speaker(s) Karl Lovink, Lead Security Operations Center, Dutch Tax and Customs Administration Arnold Holzel, Senior Security Consultant, SMT Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1106.pdf?podcast=1577146230 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Advanced

As a high-profile public-sector organization, the Dutch Tax and Customs Administration deals with criminals claiming to be representatives of the organization and contacting the public with phishing e-mails every day. By using Splunk and RFC’s like, RFC7208 – Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, we have developed a technique to identify phishing attacks that are carried out under the disguise of the Dutch Tax and Customs Administration. This technique is universally applicable. A precondition is access to the DNS logging. By means of this technique, insight can be obtained where the phishing e-mails are sent from and to whom the phishing e-mails are sent. In this talk we will start by explaining which standards are available to increase e-mail security and how we have build an app in Splunk, including dashboard and a wizard to create the necessary DNS records to gain insight information about the abuse of our domains. Speaker(s) Karl Lovink, Lead Security Operations Center, Dutch Tax and Customs Administration Arnold Holzel, Senior Security Consultant, SMT Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1106.pdf?podcast=1577146216 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Advanced

As a high-profile public-sector organization, the Dutch Tax and Customs Administration deals with criminals claiming to be representatives of the organization and contacting the public with phishing e-mails every day. By using Splunk and RFC’s like, RFC7208 – Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, we have developed a technique to identify phishing attacks that are carried out under the disguise of the Dutch Tax and Customs Administration. This technique is universally applicable. A precondition is access to the DNS logging. By means of this technique, insight can be obtained where the phishing e-mails are sent from and to whom the phishing e-mails are sent. In this talk we will start by explaining which standards are available to increase e-mail security and how we have build an app in Splunk, including dashboard and a wizard to create the necessary DNS records to gain insight information about the abuse of our domains. Speaker(s) Karl Lovink, Lead Security Operations Center, Dutch Tax and Customs Administration Arnold Holzel, Senior Security Consultant, SMT Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1106.pdf?podcast=1577146226 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Advanced

As a high-profile public-sector organization, the Dutch Tax and Customs Administration deals with criminals claiming to be representatives of the organization and contacting the public with phishing e-mails every day. By using Splunk and RFC’s like, RFC7208 – Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, we have developed a technique to identify phishing attacks that are carried out under the disguise of the Dutch Tax and Customs Administration. This technique is universally applicable. A precondition is access to the DNS logging. By means of this technique, insight can be obtained where the phishing e-mails are sent from and to whom the phishing e-mails are sent. In this talk we will start by explaining which standards are available to increase e-mail security and how we have build an app in Splunk, including dashboard and a wizard to create the necessary DNS records to gain insight information about the abuse of our domains. Speaker(s) Karl Lovink, Lead Security Operations Center, Dutch Tax and Customs Administration Arnold Holzel, Senior Security Consultant, SMT Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1106.pdf?podcast=1577146235 Product: Splunk Enterprise, Splunk Enterprise Security Track: Security, Compliance and Fraud Level: Advanced

On today’s episode, host Abe Thompson sits down with Art Cooper, the Senior Security Consultant at New Archs (a QSA company solidly focused on performing PCI assessments as well as doing security management for its customers). Art tells us a little bit of his background in cyber security and his career, starting in the military as a combat controller and then into a tech controller. He opens about some personal experiences and how his love for the industry began to grow. He shares with the audience what his new company New Arch’s is doing in the PCI (Payment Card Industry) and dealing with data security standards. He offers listeners a unique perspective as he was involved in PCI and training QSAs long before they became a bigger deal.  Visit our sponsors: Jacobs Engineering Group Cyber Resilience InstituteInternet Broadcasting NetworkBlockFrame Inc.SecureSet AcademyMurray Security Services

We talk to Senior Security Consultant Thomas Ballin, on what he thinks are the major facets of red team engagements, how they can differ by provider or scenario, and how he thinks they might evolve over time. 0’32 Thomas’ unconventional route into the cybersecurity industry and his role at Secarma 4’31 The many ‘definitions’ of penetration testing 7’30 The benefits of red teaming and where to start 15’02 The race between attack and defence 20’15 Debriefing after a red team 26’00 The future of red teaming 31’31 What you should do after a red team 37’47 The infrastructure that’s used for red team engagement 41’00 How to become a red teamer! Download on iTunes: apple.co/2Ji61Ek Listening time: 47 minutes For more information, follow us on Twitter @secarma or @secarmalabs or email us at podcast@secarma.com Hosted by: Holly Grace Williams, Technical Director at Secarma Guest: Thomas Ballin, Senior Security Consultant at Secarma

Interesse in Cyber Security? Kom werken bij TNO! Kijk voor al onze vacatures op tno.nl/nl/career/data-science-cyber-security/ Steeds meer Cyber Security werk wordt geautomatiseerd. Zowel aan de aanvallende als de verdedigende kant. Veelal gebeurd dat automatiseren voor bekende aanvallen en dreigingen. Hoe ga je Cyber verdediging automatiseren voor onbekende dreigingen? En welke rol kan data vanuit bijvoorbeeld de intelligence community spelen bij het voorspellen van Cyber Threats. In deze aflevering van TNO Insights gaan we in gesprek met 2 Cyber Security Experts. Richard Kerkdijk is Senior Security Consultant en met Hidde-Jan Jongsma is Junior Scientist. Heeft de podcast je interesse gewekt ? Ga dan naar tno.nl/nl/career/data-science-cyber-security/ of neem contact op met yvonne.pribnow@tno.nl

Interesse in Cyber Security? Kom werken bij TNO! Kijk voor al onze vacatures op tno.nl/nl/career/data-science-cyber-security/ Steeds meer Cyber Security werk wordt geautomatiseerd. Zowel aan de aanvallende als de verdedigende kant. Veelal gebeurd dat automatiseren voor bekende aanvallen en dreigingen. Hoe ga je Cyber verdediging automatiseren voor onbekende dreigingen? En welke rol kan data vanuit bijvoorbeeld de intelligence community spelen bij het voorspellen van Cyber Threats. In deze aflevering van TNO Insights gaan we in gesprek met 2 Cyber Security Experts. Richard Kerkdijk is Senior Security Consultant en met Hidde-Jan Jongsma is Junior Scientist. Heeft de podcast je interesse gewekt ? Ga dan naar tno.nl/nl/career/data-science-cyber-security/ of neem contact op met yvonne.pribnow@tno.nl

In this episode we dig into supply chain attacks – we look at their history, their potential impact on organisations and the steps we can take to protect against attacks. Softcat’s Chief Technologist for Security, Adam Louca, and Senior Security Consultant at XQ Cyber, Rob Hillier join host Michael Bird to offer their expert advice and guidance as well as looking at what we might expect from the future of supply chain attacks.Further LinksTrending Asus supply chain attackCitrix breech articleSoftcat's IT PrioritiesCyber SecurityHybrid InfrastructureIT IntelligenceDigital WorkspaceGet in Touchhttps://www.softcat.com/podcasts/explain-it/s02e06/https://twitter.com/softcathttps://www.linkedin.com/company/softcat/ See acast.com/privacy for privacy and opt-out information.

Brian Carey is a Senior Security Consultant at Rapid7, specializing in: Security Program Assessments, Security Program Development, Vulnerability Management Program Development, Security Awareness and Policy Development. In this interview, we discuss emerging trends that he is seeing with his clients, and how they impact their clients' security programs, including maturity, roadmap, and recommendations! To learn more about Rapid7, go to: www.rapid7.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/BSWEpisode110

This week, Matt and Paul interview Brian Carey, Senior Security Consultant at Rapid7! Brian talks about emerging trends that he is seeing with his clients, and how they impact their clients’ security programs, including maturity, roadmap, and recommendations! In the Leadership Articles, Matt and Paul discuss how to collaborate with people you don’t like, the right way to solve complex business problems, what the habits are of successful people, three things to know before you land a tech job, and more!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode110 To learn more about Rapid7, go to: www.rapid7.com/securityweekly   Visit https://www.securityweekly.com/bsw for all the latest episodes! Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Matt and Paul interview Brian Carey, Senior Security Consultant at Rapid7! Brian talks about emerging trends that he is seeing with his clients, and how they impact their clients’ security programs, including maturity, roadmap, and recommendations! In the Leadership Articles, Matt and Paul discuss how to collaborate with people you don’t like, the right way to solve complex business problems, what the habits are of successful people, three things to know before you land a tech job, and more!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode110 To learn more about Rapid7, go to: www.rapid7.com/securityweekly   Visit https://www.securityweekly.com/bsw for all the latest episodes! Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Brian Carey is a Senior Security Consultant at Rapid7, specializing in: Security Program Assessments, Security Program Development, Vulnerability Management Program Development, Security Awareness and Policy Development. In this interview, we discuss emerging trends that he is seeing with his clients, and how they impact their clients' security programs, including maturity, roadmap, and recommendations! To learn more about Rapid7, go to: www.rapid7.com/securityweekly Full Show Notes: https://wiki.securityweekly.com/BSWEpisode110

Ben Rothke joins Ron Woerner on this episode to discuss Ben's experience that lead to his book titled Computer Security: 20 Things Every Employee Should Know (McGraw-Hill). Ben addresses the question "what has changed in 20 years" and also reviews some best practices that are very relevant today. Focusing security on the data is where the conversation should start and build out cybersecurity capabilities from there. As cybersecurity is no longer an option, it is a cost of doing business, this episode speaks to the necessity and potential trade off of investing in cyber security. Ben follows up with the top skills a person should have to be a great cyber security practitioner.Ben Rothke's website: http://www.rothke.comAuthor of: Computer Security: 20 Things Every Employee Should KnowTwitter: @benrothke

It wasn’t too long ago when creating a password felt like it would be our best and most secure lock against digital burglary. Now it’s our greatest threat. Steve and Femi talk with security GRC consultant and evangelist Thomas Allen about the how we use two factor authentication in our everyday activities but don’t recognize the equal importance with our most confidential information. After this episode, you’ll be turning on two factor authentication on every app and device that supports it.   Additional Resources: Thomas Allen, Principal Consultant, Information Security Officer,  Senior Security Consultant, Foresite Thomas Allen LinkedIn Foresite, Managed Security and Cyber-Consulting Services

Zane Lackey is the Founder/Chief Security Officer at Signal Sciences and serves on the Advisory Boards of the Internet Bug Bounty Program and the US State Department-backed Open Technology Fund. Prior to Signal Sciences, Zane was the Director of Security Engineering at Etsy and a Senior Security Consultant at iSEC Partners. Full Show Notes: https://wiki.securityweekly.com/Episode567 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Zane Lackey is the Founder/Chief Security Officer at Signal Sciences and serves on the Advisory Boards of the Internet Bug Bounty Program and the US State Department-backed Open Technology Fund. Prior to Signal Sciences, Zane was the Director of Security Engineering at Etsy and a Senior Security Consultant at iSEC Partners. Full Show Notes: https://wiki.securityweekly.com/Episode567 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Zane Lackey is the co-founder and Chief Security Officer at Signal Sciences and serves on the advisory boards of the Internet Bug Bounty Program and the US State Department backed Open Technology Fund. Prior to Signal Sciences, Zane was the Director of Security Engineering at Etsy and a Senior Security Consultant at ISec Partners. He has been featured by BBC, Forbes and Wired. As well as a frequent speaker at BlackHat, RSA and Microsoft BlueHat. Three takeways: - Cyber Security is a business risk - Security isn't the winner, the business is - Implement security at the heart of every transformation Follow Zane on Twitter: @zanelackey Read Zane's thoughts: https://medium.com/@zanelackey Follow us: Twitter: @zerohour Instagram: @zerohourexperience Website: www.karlsharman.com This podcast is sponsored by: BeecherMadden - www.beechermadden.com Cyber Security Professionals - www.cybersecurity-professionals.com

Peter Hansen, Senior Security Consultant and Richard Starnes (@rrstarnes), Chief Security Strategist at Capgemini explain the challenges around GDPR and what organizations need to take into account when preparing for GDPR. Music credit: www.bensound.com

Zane Lackey is the Founder and Chief Security Officer of Signal Sciences. Prior to becoming a vendor, Zane was the Director of Security Engineering at Etsy and a Senior Security Consultant at iSEC Partners. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/ES_Episode29#Interview:_Zane_Lackey.2C_Signal_Sciences Visit http://securityweekly.com/esw for all the latest episodes!

Zane Lackey is the Founder and Chief Security Officer of Signal Sciences. Prior to becoming a vendor, Zane was the Director of Security Engineering at Etsy and a Senior Security Consultant at iSEC Partners. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/ES_Episode29#Interview:_Zane_Lackey.2C_Signal_Sciences Visit http://securityweekly.com/esw for all the latest episodes!

Cyber security experts Sherri Davidoff and Sharon Nelson spoke in a presentation titled “Passing Your IT Security Audit” at ABA TECHSHOW 2016. Before their presentation, they stop by to discuss the topic with Legal Talk Network producer Laurence Colletti. Tune in to learn why more and more clients are demanding IT security audits from their legal service providers and how you can prepare your law firm. Sharon opens the conversation by explaining how the internet has changed the way companies perceive data security. The discussion then shifts to tips and best practices that you can implement within your firm to build an effective security program. The conversation ends with a focus on cyber insurance and the nine building blocks of an effective security program. Sharon D. Nelson is president of the digital forensics, information technology, and information security firm Sensei Enterprises. In addition to serving on numerous noted legal organizations including the ABA’s Cybersecurity Legal Task Force and the ABA’s Standing Committee on Technology and Information Systems, she was president of the Virginia State Bar. Sherri Davidoff is a nationally-recognized cyber security expert who is a founder and Senior Security Consultant at LMG Security. She has over a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing, and web application assessments. Davidoff is an instructor at Black Hat and co-author of “Network Forensics: Tracking Hackers Through Cyberspace”. She is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in computer science and electrical engineering from MIT.

Law firms are considered by many hackers to be soft targets with a wealth of valuable information. Data from social security numbers, credit cards, and client confidences is enough to make the criminal mind salivate with malicious intent. Between 31-45% and 10-20% of firms have been infected by spyware or experienced security breaches respectively. But what can a private practitioner or law firm do to prevent these trespasses on their networks?In this episode of The Florida Bar Podcast, host Adriana Linares welcomes cyber security expert Sherri Davidoff to discuss the dangers to data that exist for law firms today. To begin their dialog, they define what ransomware is and tell us why so many firms give in to its extortion.Tune in to learn what practitioners can do to counteract or mitigate some of the risks. Spam filters, employee training, role-based access controls, and anti-virus software are among many countermeasures available for even small firms. In addition, lawyers may want to consider network monitoring, cloud-based software platforms, and comprehensive backup and retrieval systems. The key to successfully implementing the latter is to test your IT firm's ability to restore lost files.Sherri Davidoff is a nationally-recognized cyber security expert who is a founder and Senior Security Consultant at LMG Security. She has over a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing, and web application assessments. Davidoff is an instructor at Black Hat and co-author of "Network Forensics: Tracking Hackers Through Cyberspace". She is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in computer science and electrical engineering from MIT.Discussed on This Episode:RansomwareCryptowallRole based access controlsEmail trapsAnti-virus software

Pivoting Without Rights – Introducing Pivoter Geoff Walton Senior Security Consultant for Cleveland-based TrustedSec Dave Kennedy (ReL1K/HackingDave), founder of TrustedSec and Binary Defense Systems One of the most challenging steps of a penetration test is popping something and not having full administrative level rights over the system. Companies are cutting back on administrative level rights for endpoints or how about those times where you popped an external web application and were running as Apache or Network Service? Privilege escalation or pillaging systems can be difficult and require extensive time if successful at all. One of the most challenging aspects around pentesting was the need to have administrative level rights, install your tools, and from there leverage the compromised machine as a pivot point for lateral movement in the network. Well, the time has changed. Introducing Pivoter – a reverse connection transparent proxy that supports the ability to pivot with ease. Pivoter is a full transparent proxy that supports the ability to use limited rights on a system to pivot to other systems and attack transparently from your system at home. Port scans, exploits, brute forcing, anything you could do like you were on that network is now available through Pivoter. As part of this talk, we’ll be releasing a new Metasploit module for shell DLL injection for AV evasion, a Linux version of Pivoter, a Windows version of Pivoter, and a PowerShell version of Pivoter. msf> run pivoter -> pentest as if you are on the internal network even if you don’t have admin rights. Also during this talk, we’ll be releasing a new major release of the Social-Engineer Toolkit (SET) which incorporates Pivoter into the payload delivery system. Geoff Walton is a Senior Security Consultant for Cleveland-based TrustedSec. He joined after years of working in information security. Geoff’s expertise in pen testing, network security, and software analysis comes form over ten years experience in a variety of information technology roles including software development, network operations and information security specific functions; Geoff brings broad vision to assessments and penetration test engagements. Geoff has been part of diverse IT teams at organizations both large and small. He has experience across several industries including retail, professional services, and manufacturing. Dave Kennedy is founder of TrustedSec and Binary Defense Systems. Both organizations focus on the betterment of the security industry from an offense and a defense perspective. David was the former Chief Security Officer (CSO) for a Fortune 1000 company where he ran the entire information security program. Kennedy is a co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery. Kennedy has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. Kennedy is the co-host of the social-engineer podcast and on a number of additional podcasts. Kennedy has testified in front of Congress on two occasions on the security around government websites. Kennedy is one of the co-authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Kennedy is the co-founder of DerbyCon, a large-scale conference in Louisville Kentucky. Prior to Diebold, Kennedy was a VP of Consulting and Partner of a mid-size information security consulting company running the security consulting practice. Prior to the private sector, Kennedy worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions. Twitter: @HackingDave

Materials Available here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Marina-Krotofil-Jason-Larsen-Rocking-the-Pocketbook-Hacking-Chemical-Plants-UPDATED.pdf Whitepaper here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Marina-Krotofil-Jason-Larsen-Rocking-the-Pocketbook-Hacking-Chemical-Plants-WP-UPDATED.pdf Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion Marina Krotofil Senior Security Consultant. European Network for Cyber Security Jason Larsen Principal Security Consultant, IOActive The appeal of hacking a physical process is dreaming about physical damage attacks lighting up the sky in a shower of goodness. Let’s face it, after such elite hacking action nobody is going to let one present it even at a conference like DEF CON. As a poor substitute, this presentation will get as close as using a simulated plant for Vinyl Acetate production for demonstrating a complete attack, from start to end, directed at persistent economic damage to a production site while avoiding attribution of production loss to a cyber-event. Such an attack scenario could be useful to a manufacturer aiming at putting competitors out of business or as a strong argument in an extortion attack. Picking up a paper these days it’s easy to find an article on all the “SCADA insecurity” out there associated with an unstoppable attacker with unsophisticated goal of kicking up another apocalypse. Sorry to disappoint excited crowd but formula “Your wish is my command” does not work for control systems. The target plant is not designed in a hacker friendly way. Hopefully by the end of the presentation, the audience will understand the difference between breaking into the system and breaking the system, obtaining control and being in control. An attacker targeting a remote process is not immediately gifted with complete knowledge of the process and the means to manipulate it. In general, an attacker follows a series of stages before getting to the final attack. Designing an attack scenario is a matter of art as much as economic consideration. The cost of attack can quickly exceed damage worth. Also, the attacker has to find the way to compare between competing attack scenarios. In traditional IT hacking, a goal is to go undetected. In OT (operational technologies) hacking this is not an option. An attack will change things in the real world that cannot be removed by simply erasing the log files. If a piece of equipment is damaged or if a plant suddenly becomes less profitable, it will be investigated. The attacker has to create forensic footprint for investigators by manipulating the process and the logs in such a way that the analysts draw the wrong conclusions. Exploiting physical process is an exotic and hard to develop skill which have so far kept a high barrier to entry. Therefore real-world control system exploitation has remained in the hands of a few. To help the community mastering new skills we have developed „Damn Vulnerable Chemical Process“ – first open source framework for cyber-physical experimentation based on two realistic models of chemical plants. Come to the session and take your first master class on complex physical hacking. Marina is Senior Security Consultant at European Network for Cyber Security. Through her life she has accumulated vast hands-on experience in several engineering fields. Most recently she completed her doctoral degree in ICS security at Hamburg University of Technology, Germany. Her research over the last few years has been focused on the bits and peac.hes of the design and implementation of cyber-physical attacks aiming at both physical and economic damage. Marina used her pioneering destructive knowledge for designing process-aware defensive solutions and risk assessment approaches. During her PhD she collaborated with several industrial partners, participated in EU projects and collaborated with cool dudes from the hacking community. She has written more than a dozen papers on the subject of cyber-physical exploitation. Marina gives workshops on cyber-physical exploitation and is a frequent speaker at the leading ICS security and hacking venues around the world. She holds MBA in Technology Management, MSc in Telecommunications and MSc in Information and Communication Systems. Jason Larsen is a professional hacker that specializes in critical infrastructure and process control systems. Over the last several years he has been doing focused research into remote physical damage. Jason graduated from Idaho State University where he worked doing Monte Carlo and pharmacokinetic modeling for Boron-Neutron Capture Therapy. He was one of the founding members of the Cyber-Security department at the Idaho National Labs, which hosts the ICS -CERT and the National SCADA Tested .Jason has audited most of the major process control and SCADA systems as well as having extensive experience doing penetration tests against live systems. His other activities include two years on the Window 7 penetration testing team, designing the anti-malware system for a very large auction site, and building anonymous relay networks. He is currently a Principle Security Consultant for IOActive in Seattle.

Materials Available here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Ionut-Popescu-NetRipper.pdf Whitepaper Here: DEFCON-23-Ionut-Popescu-NetRipper-WP.pdf NetRipper - Smart traffic sniffing for penetration testers Ionut Popescu Senior Security Consultant at KPMG Romania The post-exploitation activities in a penetration test can be challenging if the tester has low-privileges on a fully patched, well configured Windows machine. This work presents a technique for helping the tester to find useful information by sniffing network traffic of the applications on the compromised machine, despite his low-privileged rights. Furthermore, the encrypted traffic is also captured before being sent to the encryption layer, thus all traffic (clear-text and encrypted) can be sniffed. The implementation of this technique is a tool called NetRipper which uses API hooking to do the actions mentioned above and which has been especially designed to be used in penetration tests, but the concept can also be used to monitor network traffic of employees or to analyze a malicious application. Ionut works as a Senior Security Consultant at KPMG in Romania. He is passionate about ASM, reverse engineering, shellcode and exploit development and he has a MCTS Windows Internals certification. He spoke at various security conferences in Romania like: Defcamp, OWASP local meetings and others and also at the yearly Hacknet KPMG international conference in Helsinki and Berlin. Ionut is also the main administrator of the biggest Romanian IT security community: rstforums.com and he writes technical articles on a blog initiated by a passionate team: securitycafe.ro. Twitter: @NytroRST

Presentation available here: https://www.defcon.org/images/defcon-22/dc-22-presentations/Crenshaw/DEFCON-22-Adrian-Crenshaw-Dropping-Docs-on-Darknets-How-People-Got-Caught-UPDATED.pdf Dropping Docs on Darknets: How People Got Caught Adrian Crenshaw TRUSTEDSEC & IRONGEEK.COM Most of you have probably used Tor before, but I2P may be unfamiliar. Both are anonymization networks that allow people to obfuscate where their traffic is coming from, and also host services (web sites for example) without it being tied back to them. This talk will give an overview of both, but will focus on real world stories of how people were deanonymized. Example cases like Eldo Kim & the Harvard Bomb Threat, Hector Xavier Monsegur (Sabu)/Jeremy Hammond (sup_g) & LulzSec, Freedom Hosting & Eric Eoin Marques and finally Ross William Ulbricht/“Dread Pirate Roberts” of the SilkRoad, will be used to explain how people have been caught and how it could have been avoided. Adrian Crenshaw has worked in the IT industry for the last seventeen years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools. He did the cert chase for awhile (MCSE NT 4, CNE, A+, Network+. i-Net+) but stopped once he had to start paying for the tests himself. He holds a Master of Science in Security Informatics, works for TrustedSec as a Senior Security Consultant and is one of the co-founders of Derbycon. Twitter: @irongeek_adc

Matt "Level" Bergin, age twenty four, works for CORE Security as a Senior Security Consultant where his day job consists of discovering, exploiting, and mitigating vulnerabilities in their client's network environments. Before joining CORE, Matt became well recognized in the industry through his activities in the US Cyber Challenge and publications of vulnerability research such as his discovery of the Microsoft IIS 7.5 FTP Heap Overflow. Kati Rodzon is the manager of Security Behavior Deisgn for MAD Security. Her last nine years have been spent studying psychology and ways to modify human behavior. From learning about the power of social pressure on groups, to how subtle changes in reinforcement can drastically change individual behavior, Kati has spent the better part of a decade learning how humans work and now applies that to security awareness. Mike Murray has spent more than a decade helping companies to protect their information by understanding their vulnerability posture from the perspective of an attacker. Mike co-founded MAD Security, where he leads engagements to help corporate and government customers understand and protect their security organization.

Matt "Level" Bergin, age twenty four, works for CORE Security as a Senior Security Consultant where his day job consists of discovering, exploiting, and mitigating vulnerabilities in their client’s network environments. Before joining CORE, Matt became well recognized in the industry through his activities in the US Cyber Challenge and publications of vulnerability research such as his discovery of the Microsoft IIS 7.5 FTP Heap Overflow.

"Security professionals see the compromise of networked systems on a day to day basis. It's something they've come to expect. The blatant exploitation of operating systems, applications, and configurations is a common event and is taken into account by most security engineers. But a different type of security compromise threatens to crumble the underlying security of the modern organization. There are forms of communication that transfer sensitive data outside of organizations every day. Covert channels are used to move proprietary information in and out of commercial, private, and government entities on a daily basis. These covert channels include things such as Steganography, Covert network channels, Data File Header and Footer Appending, and Alternate Data Streams. Media to be covered include images, audio files, TCP covert channels, Word substitution mechanisms, the Windows file system and others. This presentation will show the attendees common means of covert communication by hiding information through multiple means. We'll also discuss the future of Covert Channels and how hidden information is becoming more and more difficult to detect. Detection of these forms of communication is trailing well behind the technology creating them, this presentation will discuss some of the newest concepts in utilizing Covert Channels and Steganography. Russ Rogers is the CEO of Security Horizon, a Colorado Springs based information security professional services firm and is a technology veteran with over 13 years of technology and information security experience. He has served in multiple technical and management information security positions that include Manager of Professional Services, Manager Security Support, Senior Security Consultant and Unix Systems Administrator. Mr. Rogers is a United States Air Force Veteran and has supported the National Security Agency and the Defense Information Systems Agency in both a military and contractor role. Russ is also an Arabic Linguist. He is a certified instructor for the National Security Agency's INFOSEC Assessment Methodology (IAM) and INFOSEC Evaluation Methodology (IEM) courses. He holds his M.S. degree from the University of Maryland is also a Co-Founder of the Security Tribe (securitytribe.com), a security think tank and research organization."

"Our networks are growing. Is our understanding of them? This talk will focus on the monitoring and defense of very large scale networks, describing mechanisms for actively probing them and systems that may evade our most detailed probes. We will analyze these techniques in the context of how IPv6 affects, or fails to affect them. A number of technologies will be discussed, including: * A temporal attack against IP fragmentation, using variance in fragment reassembly timers to evade Network Intrustion Detection Systems * A high speed DNS tunneling mechanism, capable of streaming video over a firewall-penetrating set of DNS queries * DNS poisoning attacks against networks that implement automated defensive network shunning, and other unexpected design constraints developers and deployers of security equipment should be aware of * Mechanisms for very high speed reconstruction of IPv4 and IPv6 network topologies, complete with visual representation of those topologies implemented in OpenGL. * Analysis of the potential for using name servers as IPv4->IPv6 gateways. * In addition, we'll briefly discuss the results of research against MD5, which allows two very different web pages to emit the same MD5 hash. Dan Kaminsky, also known as Effugas, is a Senior Security Consultant for Avaya's Enterprise Security Practice, where he works on large-scale security infrastructure. Dan's experience includes two years at Cisco Systems designing security infrastructure for large-scale network monitoring systems. He is best known for his work on the ultra-fast port scanner scanrand, part of the "Paketto Keiretsu", a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. He authored the Spoofing and Tunneling chapters for "Hack Proofing Your Network: Second Edition", was a co-author of "Stealing The Network: How To Own The Box", and has delivered presentations at several major industry conferences, including Linuxworld, DefCon, and past Black Hat Briefings. Dan was responsible for the Dynamic Forwarding patch to OpenSSH, integrating the majority of VPN-style functionality into the widely deployed cryptographic toolkit. Finally, he founded the cross-disciplinary DoxPara Research in 1997, seeking to integrate psychological and technological theory to create more effective systems for non-ideal but very real environments in the field. Dan is based in Silicon Valley."

The security of an organization is composed of technology, people and processes. In the last few years, many organizations have done a good job addressing technology but have focused very little on the people and processes. This presentation reviews the formal methodology for performing Social Engineering Engagements. The method is divided into four sections including the Pre-Engagement, Pre-Assessment, Assessment and Post-Assessment. The Pre-Engagement, is the sales process for performing the assessment. In this section, we will review the business justification and headlines of current attacks. Pre-Assessment if focused on identifying the scope of the project, limitation, targets and attack vectors. Also included are examples of what information must be gathers for use in the assessment and post assessment phase. The most interesting and tedious part is the actual assessment. In this section, we will discuss how to engage the target, utilize company information, how to achieve the goal and what to do when you are caught. Included in this section is also how and what to document about every contact. Post assessment is the analysis and reporting phase. In it, we will review documenting findings, and mapping them to recommendations. Joe Klein, CISSP is Senior Security Consultant at Honeywell and a member of the IPv6 Business Council. He performs network, application, web-application, wireless, source-code, host security reviews and security architecture design services for clients in the commercial and government space Prior to joining Honeywell, Joe worked as a consultant performing attack and penetration assessments for many significant companies in the IT arena. While consulting, Joe also taught "Hacking and Incident Handling", "IDS/IPS management" and "Managing Network Security" at a local college in Jacksonville Florida. He regularly speaking at conferences including Defcon, InfoSecWorld, PhreakNic and regional meetings including Infragard, ASIS and ISSA.>

The security of an organization is composed of technology, people and processes. In the last few years, many organizations have done a good job addressing technology but have focused very little on the people and processes. This presentation reviews the formal methodology for performing Social Engineering Engagements. The method is divided into four sections including the Pre-Engagement, Pre-Assessment, Assessment and Post-Assessment. The Pre-Engagement, is the sales process for performing the assessment. In this section, we will review the business justification and headlines of current attacks. Pre-Assessment if focused on identifying the scope of the project, limitation, targets and attack vectors. Also included are examples of what information must be gathers for use in the assessment and post assessment phase. The most interesting and tedious part is the actual assessment. In this section, we will discuss how to engage the target, utilize company information, how to achieve the goal and what to do when you are caught. Included in this section is also how and what to document about every contact. Post assessment is the analysis and reporting phase. In it, we will review documenting findings, and mapping them to recommendations. Joe Klein, CISSP is Senior Security Consultant at Honeywell and a member of the IPv6 Business Council. He performs network, application, web-application, wireless, source-code, host security reviews and security architecture design services for clients in the commercial and government space Prior to joining Honeywell, Joe worked as a consultant performing attack and penetration assessments for many significant companies in the IT arena. While consulting, Joe also taught "Hacking and Incident Handling", "IDS/IPS management" and "Managing Network Security" at a local college in Jacksonville Florida. He regularly speaking at conferences including Defcon, InfoSecWorld, PhreakNic and regional meetings including Infragard, ASIS and ISSA.>

"SS7 has been a walled garden for a long time: only big telcwould be interconnected tthe network. Due tderegulation and a push toward all-IP architecture, SS7 is opening up, notably with SIGTRAN (SS7 over IP) and NGN (Next Gen Networks) initiatives. SCTP is the protocol used tcarry all telecom signalling information on IP according tthe SIGTRAN protocol suite. It's the foundation, as TCP is the foundation for the web and email. SCTP is alsused for high-performance clusters, resources pooling and very high-speed file transfer. When you discover open SCTP ports, you discover a secret door tthis walled garden. As a walled garden, the internal security of the SS7 network is not as good as one might expect. SCTPscan is a tool tdexactly just that, and is released as open source. This presentation will explain how SCTPscan manages tscan without being detected by remote application, how discrepancies between RFC and implementation enable us tscan more efficiently and how we manage tscan without even being detect by systems like SANS - Dshield.org. Here we will have a look at INIT packet construction, stealth scanning and a beginning of SCTP fingerprinting. Then, we gon tdetail upper layer protocols that use SCTP and the potentials of the SIGTRAN protcol suite in term of security. We'll see the M2UA, M3UA, M2PA, IUA which are SIGTRAN-specific protocols, and alsthe more generic SS7 protocols such as ISUP, BICC, BSSAP, TCAP, SCCP and MTP. " "Philippe Langlois is a founder and Senior Security Consultant for Telecom Security Task Force, a research and consultancy outfit. He founded and led technical teams in several security companies (Qualys, WaveSecurity, INTRINsec) as well as security research teams (Solsoft, TSTF). He founded Qualys in 1999 and led the R&D for this world-leading vulnerability assessment service. He founded Intrinsec, a pioneering network security company in 1995, as well as Worldnet, France's first public Internet service provider, in 1993. He has proven expertise in network security, from Internet tless well known networks - X25 and other legacy systems mostly used in banking, travel and finance. Philippe was alslead designer for Payline, one of the first e-commerce payment gateways on Internet. He has written and translated security books, including some of the earliest references in the field of computer security, and has been giving speeches on network security since 1995 (RSA, COMDEX, Interop). Philippe Langlois is a regular contributor of french-speaking security portal vulnerabilite.com. and a writer for ITaudit, the magazine of the International Association of Internal Auditors. Samples of the missions he has been involved with are Penetration Testing contract on multi-million live users infrastructures such as Telecom operators GSM backbone, due diligence for M&A, security architecture audits, product security analysis and advisory."

Join me in this episode as I speak with penetration testing expert and COO, Jason Nickola, of Pulsar Security.Connect with Jason here:Twitter - chm0dxLinkedIn - jasonnickolahttps://www.linkedin.com/in/jasonnickola/Jason is a Senior Security Consultant and COO at Pulsar Security, specializing in pentesting and red teaming. Equally passionate about enabling others in their journeys as he is about security and technology, Jason is an organizer of the BSides NH conference, A SANS instructor for SEC560: Network Pentesting and Ethical Hacking, a frequent speaker and trainer at both local and national events, and a founder of TechRamp, a nonprofit which aids in the transition to technical careers. He is a three-time Core Netwars Tournament champion and one of just 23 people in the world named by the SANS Institute as both a Red Team and Blue Team Cyber Guardian. Jason has earned a long list of technical certifications including GIAC Security Expert (GSE), Offensive Security Certified Expert (OSCE), GXPN, GWAPT, GPEN, GREM, GCIA, GMON, GMOB, GNFA, GCUX, GCIH, GCWN, GCCC, GAWN, GSEC, GPYC, GSNA, GDAT, GCFA, GCDA, GCFE, GLEG, Certified Ethical Hacker, Security+, Network+, and OSCP.Support this podcast at — https://redcircle.com/cyber-life/donations