POPULARITY
Crypto-related scams have been popping up more in Louisiana, costing people thousands of dollars. We go over what to watch for and how to avoid becoming a victim with Alex Hamerstone, Director of advisory solutions for TrustedSec
We take another look at the toll text scams that have been going around and how you can spot what's legit and what's fake Alex Hamerstone, Director of advisory solutions for TrustedSec, joins us.
00:00 - PreShow Banter™ — We're Not Ready For the Finger Thing01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin' Bout [infosec] News 2025-03-2403:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 2844:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen…
David Kennedy is the Founder and CEO of TrustedSec and Co-founder at Binary Defense. He is considered an industry leader in cybersecurity. As the former Chief Security Officer of Diebold, David has led global cybersecurity teams, testified before Congress, and continues to shape cybersecurity policy. He co-authored the Penetration Testing Execution Standard and is renowned in offensive security. A Marine with intelligence experience, he prioritizes family, fitness, and co-hosts the Hacking Your Health Podcast. He built a DeLorean time machine inspired by Back to the Future. David's life mission is to help others and to make the world a safer place in cybersecurity, which drives him every single day. In this episode… Cybersecurity threats are evolving at an alarming rate, and businesses face an uphill battle in protecting their data and systems. Ransomware attacks, supply chain vulnerabilities, and sophisticated social engineering tactics put organizations at constant risk. At the same time, companies face mounting pressure to protect customer data amid the growing influence of AI-driven misinformation, concerns surrounding platforms like TikTok, and other evolving cyber threats. How can businesses defend themselves proactively? Building a strong cybersecurity program requires leadership, governance, and proactive risk management, not just technology. Many organizations struggle with detecting breaches in real time, making rapid threat detection and response essential. TrustedSec and Binary Defense are helping companies address these challenges by providing expert-led security consulting, penetration testing, and real-time threat monitoring. As cyber threats become more advanced, collaboration between security and privacy teams is essential to building a comprehensive defense strategy. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with David Kennedy, Founder and CEO of TrustedSec and Co-founder at Binary Defense, about evolving cybersecurity threats and how businesses can improve their security posture. David talks about the intersection of cybersecurity and privacy, the role of governance in building cybersecurity resilience and protecting data, how AI is shaping cyber threats, and the implications of cyber warfare. He also shares his experience testifying before Congress, explaining why lawmakers struggle to grasp cybersecurity issues. David provides advice on how companies can improve their threat detection and response capabilities and why social media presents a growing risk.
In this episode of Security Noise, Geoff and Skyler are joined by two TrustedSec experts, Security Consultant Edwin David and Principal Security Consultant Justin Bollinger, to talk about the evolution of authentication and what it looks like in 2025. We discuss passwordless authentication, multi-factor authentication (MFA), and the implications of OAuth and identity providers. The crew also discusses the dangers of using antiquated methods like SMS for authentication. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Hack the planet!
In this episode, Geoff and Skyler are joined by TrustedSec's Force Cloud Security Practice Lead @nyxgeek to talk about his findings after 3 years of user enumeration in Azure! He also dives into techniques and the implications of "presence data" in Microsoft Teams. We get a preview of his conference talks at (the now past) Shmoocon and HackCon, which he will be delivering in Norway on February 2, 2025. What is in the future of authentication and identity management? Listen now to hear nyxgeek's predictions for 2025. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Learn more at https://trustedsec.com/ Hack the planet!
Today we're doing a milkshake of several topics: wireless pentest pwnage, automating the boring pentest stuff with cursor.ai, and some closing business thoughts at 7MinSec celebrates its 7th year as a security consultancy. Links discussed today: AWUS036ACH wifi card (not my favorite anymore) Panda PAU09 N600 (love this one!) The very important Github issue that helped me better understand BPFs and WPA3 attacks TrustedSec article on WPA3 downgrade attacks
Tommy talks to Alex Hamerstone, Director of advisory solutions for TrustedSec
Are all IT admins cave-dwelling gnomes? In this episode of Security Noise, Geoff and Skyler swap hard-to-believe, humorous, and sometimes scary InfoSec stories with members of the TrustedSec team: Senior Security Consultant Joe Sullivan and Principal Security Consultants Drew Kirkpatrick and Adam Compton. Listen as they share insights on network security, proactive measures, and a few mishaps along the way. Join us for some great discussion and stories from the battle field! About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Hack the planet!
Tommy gets some tips for staying safe online from Alex Hamerstone, Director of advisory solutions for TrustedSec
In this episode, Geoff and Skyler dive deep into hardware hacking with Rob Simon! Rob is the Mobile and Hardware Security Practice Lead at TrustedSec and shares the deets on hardware security assessments. The importance of hardware fundamentals in security, especially when it comes to IoT devices, is one of the key takeaways this week. Rob answers questions like: Who needs hardware assessments? What tools and techniques are used? And what potential vulnerabilities are associated with IoT devices? Join us for great discussion, stay for the lolz, and clutch your Flipper Zeros tight! About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Hack the planet!
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Silent Push's recent analysis reveals new tactics by the FIN7 cybercriminal group, which is leveraging AI-based “DeepNude Generators” as part of a phishing campaign to spread malware. Microsoft's Digital Crimes Unit (DCU), in partnership with the U.S. Department of Justice, has taken steps to dismantle cyber operations by Star Blizzard, a Russian state-affiliated actor also known as COLDRIVER.Aqua Security's detailed research on perfctl describes it as a highly stealthy malware that targets Linux servers using a range of sophisticated methods.Comcast recently disclosed that over 237,000 customers had their personal data compromised due to a ransomware attack targeting a former debt collection agency, Financial Business and Consumer Solutions (FBCS).TrustedSec's research on EKUwu sheds light on a significant Active Directory Certificate Services (AD CS) vulnerability that allows attackers to misuse version 1 certificate templates. Stats on business outcomes after breaches referenced by Matt.
Tommy talks cyber security 101 with Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks with Alex Hamerstone, director of advisory solutions for TrustedSec
Tommy talks to Alex Hamerstone, director of advisory solutions for TrustedSec
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks to Paul Sems, Managing Director of Remediation at TrustedSec
Tommy talks to Paul Sems, Managing Director of Remediation at TrustedSec
Tommy talks with Alex Hamerstone, director of advisory solutions for TrustedSec
Tommy talks to Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks to Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks to Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks to Alex Hamerstone, director of advisory solutions for TrustedSec, about common scams
Ever found yourself dressed to the nines for... a podcast recording? That's just a snippet of the quirky exchanges we share in our latest chat, where we also celebrate TrustedSec's rise to prominence as evidenced by the Forrester wave report. It's a tale of grit and growth, from humble basement beginnings to industry stardom. We peel back the layers on the inevitability of starting with less skill and the empowering climb to mastery, be it in business or life's myriad pursuits. Our discussion is a toast to the missteps and milestones on the path to personal bests, with a nod to the boundless tenacity of kids as a mirror for adult ambitions.Flexing both physical and mental muscles, we take you through our own fitness fumbles and triumphs, from the gym floors of Orange Theory to the podcasting airwaves of our 143rd episode. It's a journey marked by perseverance and practice, a philosophy that underpins both arm exercises and articulation on the mic. Listen in as we unpack the joy of progression, the transformative power of giving our team a voice, and the ripple effect of our endeavors touching lives far and wide. Each session, whether pumping iron or pressing record, is a step toward excellence.Wrapping up, we dive deep into the essence of a success mindset, dissecting the impact of lifestyle choices on long-term goals and cognitive performance. Here, we share personal stories, from significant career pivots to the drive that fuels us beyond the glimmer of wealth. It's about intentional living for peak performance, recognizing the need for supportive relationships, and the balance that defines a truly successful life. So if you're ready for a raw, honest reflection on pursuing greatness through the lens of humility and persistence, tune in to an episode that's as much about lifting weights as it is about uplifting spirits.Links and more:BC - All linksProductivity guideHack your health in 7 daysWhole human diagnosticsBook a strategy call Support the Show.Where to find usWe Hack Health: TwitterWe Hack Health: InstagramWe Hack Health: Discord
You should be worried about cyberattacks from China , if the US intellegence community is to be believed. Hackers linked to the Chinese government are in attack formation, ready to land body blows againast infrastructure and information system and induce panic. Alex Hamerstone, Director of Advisory Solutions for TrustedSec, joins guest host Ian Hoch to determine if we're taking the threat seriously.
This hour, guest host Ian Hoch speaks with Alex Hamerstone, Director of Advisory Solutions for TrustedSec, about the seriousness of the threat of Chinese cyberattacks. Then, Ian explain why he calls Governor Jeff Landry "Mr. 18%".
Ever wondered how a top-tier cybersecurity consulting firm celebrates a major industry accolade? Join Ben Canning and me, Dave Kennedy, as we unwrap the pride and principles behind TrustedSec's recognition in the Forrester Wave Report, sharing a toast to our team's relentless innovation and steadfast commitment to the cybersecurity community. This isn't just a victory lap; it's a deep dive into the core values and hard work that fueled our climb to the top.Navigating the labyrinth of achieving professional excellence, we peel back the curtain on what makes a consulting business flourish. From the alchemy of project management to the enchantment of automation tools, we lay bare the strategic decisions that drive quality service and community support. But it's not all shop talk; we get personal, revealing how tracking diet, embracing nutrition, and committing to fitness regimes can transform not only your body but also impact the energy you bring to your work and life.Finally, we tackle the mind game—overcoming imposter syndrome and boosting self-confidence. We share actionable advice steeped in personal experience, unearthing the ways in which expertise is forged through preparation and perseverance. The conversation rounds off with a nutritional debrief, spotlighting the unsung heroes of a healthy lifestyle: protein and vitamin D. Whether you're a cybersecurity aficionado or a personal development enthusiast, this episode is packed with stories, advice, and inspiration to fuel your quest for excellence.Links and more:BC - All linksProductivity guideHack your health in 7 daysWhole human diagnosticsBook a strategy call Support the Show.Where to find usWe Hack Health: TwitterWe Hack Health: InstagramWe Hack Health: Discord
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks to Alex Hamerstone, director of advisory solutions for TrustedSec
It's Leak Week for this episode of Security Noise! Geoff and Skyler chat with Security Consultant Whitney Phillips and Senior Security Consultant Kurt Muhl about a number of recent privacy pitfalls including destructive ransomware groups such as LockBit, leaked government emails, and other data and privacy mishaps. References: https://krebsonsecurity.com/2024/02/u-s-internet-leaked-years-of-internal-customer-emails/ https://krebsonsecurity.com/2024/02/feds-seize-lockbit-ransomware-websites-offer-decryption-tools-troll-affiliates/ Security Noise, a TrustedSec podcast, is hosted by Geoff Walton and Producer/Contributor Skyler Tuter in conversation with cybersecurity experts discussing the security topics that interest them the most.
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
In this very special year-end episode, we're cranking up the heat as we explore some of our favorite InfoSec tools of 2023. Guest Lineup: Drew Kirkpatrick - JS-Tap Unleashed Drew Kirkpatrick is the maestro behind "JS-Tap." He dropped this pentesting bombshell at Wild West Hackin' Fest this year with his talk, "JS-Tap: Weaponizing JavaScript for Red Teams." Skyler snagged an exclusive interview with Drew at the conference and we'll get to hear that discussion on this episode. Luke Bremer - Hackvertor Luke Bremer graces our podcast to dive into his blog, "What is Hackvertor (and why should I care?)." Get ready to dive into the use cases of this Burp Suite plugin and how you can utilize it on your next pentest! Ben Mauch (Ben Ten) - Unveiling Impede We end our discussion with Ben Mauch, aka @Ben0xA, as he unveils TrustedSec's latest software offering: Impede. Brace yourself for a deep dive into the features and innovations packed into this cybersecurity marvel. Gather 'round and settle in for our year-end episode of SECURITY NOISE!
Tommy talks to Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks to Alex Hamerstone, Director of advisory solutions for TrustedSec
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec
Geoff and Skyler discuss how the defense and vulnerability side of application development and deployment has evolved over the years. They are joined on the panel by two other members of the TrustedSec team, Paul Sems and Mitch Parish, who were there to help and lead organizations through those transitions in their current and prior roles. This episode is Part 2 of 4 in a short series called "The Road Ahead." Each episode will highlight an area of Information Security and feature guests who are experts in those areas. Come along as we explore the history and future of InfoSec! Security Noise is hosted by Geoff Walton and Producer/Contributor Skyler Tuter.
Tommy talks with Alex Hamerstone, Director of advisory solutions for TrustedSec.
This week on Security Noise, we discuss DOs and DON'Ts of Grey-hat work with the practice lead for research at TrustedSEc, Carlos Perez! Security Noise is hosted by Geoff Walton and Producer/Contributor Skyler Tuter.
Are you afraid of the dark web? In this week's episode, several folks from TrustedSec's consulting team tell infosec campfire stories. Scott White, Kurt Mhul, Philip Dubois, Skyler Tuter, and Geoff Walton share tales of disaster, near disaster, spooky or straight-up funny stories, and discuss how those experiences changed their perspectives on infosec.
In the latest episode the Risk Roundtable, Andy and Dave welcome in Angie Gad to run through the hits. The topics discussed include: Drones Russia's Drone Barrage Ineffective Due to 'Poor Targeting Processes'—U.K. Inside Ukraine's secretive drone program Russia says shoots down Ukraine-launched drones over Crimea, Kursk Gate 15 Resource Links: Drones AI Oh ****, maybe we did start building SkyNet… AI Threat Placed on Par With Pandemics, Nuclear War More than 350 people signed a statement released by the Center for AI Safety, an organization that said it works to reduce AI risks. AI-Controlled Drone Goes Rogue, 'Kills' Human Operator in USAF Simulated Test They Plugged GPT-4 Into Minecraft—and Unearthed New Potential for AI Cyber News Microsoft is attributing the these attacks to Cl0p ransomware. CISA Adds One Known Exploited Vulnerability to Catalog. CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34362 Progress MOVEit Transfer SQL Injection Vulnerability New York State Department of Financial Services MOVEit Transfer Vulnerability MOVEit: The Week in Ransomware - June 2nd 2023 - Whodunit? HuntressLabs, Mandiant, Rapid7, TrustedSec, and Trustwave have published more details on the attacks targeting MOVEit file-transfer appliances. Article: CISA orders govt agencies to patch MOVEit bug used for data theft Deployed publicly accessible MOVEit Transfer? Oh no. Mass exploitation underway New MOVEit Transfer zero-day mass-exploited in data theft attacks Joint Cybersecurity Advisory: U.S., ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence, PDF 'The Comm': The Group Linked to a Nationwide Swatting Rampage The 2024 race promises to be ‘very, very active' in terms of foreign and domestic meddling, says former CISA chief Blended Threats - Study: Severe Weather–Related Power Outages Pose Increasing Threat to Patients Who Rely on Electronic Medical Equipment What the debt ceiling deal means for U.S. cyber agency Hurricanes. CSU released its second forecast for the 2023 Atlantic hurricane season on Thursday, 1 June The 2023 Atlantic Hurricane Season Is Here – Here Are The Key Things You Should Know 2023 Atlantic Hurricane Season Has Officially Begun – Here's What Is Typical In June And July Here's How To Get Ready For Hurricane Season Pride Month Concerns. Tree of Life synagogue: Gunman driven by 'malice and hate'MSU reports gunman watched campus tours, searched school shootings prior to mass shooting Layton Target evacuated after bomb threats reported at multiple Utah stores. Spotlight: Culture War Rhetoric Escalate to Physical Threats. At Least 9 Target Stores Received Fake Bomb Threats Over Pride Merchandise FBI investigating threats of violence to Omaha religious centers. “According to authorities, the author of the note claims to represent Jane's Revenge — an abortion rights extremist group that Homeland Security has linked to arson attacks against buildings of ideological opponents.” Recent attacks put staffers on edge as authorities look for answers; Threats cut across party lines Experts warn against canceling Pride campaigns after extremists threaten Target Target Pride backlash exposes 'rainbow capitalism' problem, designer says Pride Month is a war. Brands are the battlefield. Motorists Face Hate Messages After White Supremacists Hack Interstate Road Sign FB-ISAO Threat Level Update, June 2023. Based on this review, we have determined to maintain all threat levels at GUARDED, meaning that FB-ISAO is aware that a general risk of incidents exists, but there are no target or time specific threats requiring an escalation in our overall preparedness at this time.
Artificial intelligence is progressing at a quick (and some say alarming) rate. Security Noise returns with a look at Large Language Models (LLMs) as well as AI audio and image generation, exploring emerging possibilities commercial, curious, and malicious. Listen in on the conversation with TrustedSec team members Carlos Perez and Rob Simon as they discuss current topics with host Geoff Walton and Producer/Contributor Skyler Tuter.
Paul Sems, Managing director o fRemediation Services at TrustedSec, joins Ian Hoch to explain the dangers of AI-generated voice clone scams, in which artificial intelligence can be used to replicate voices to fool loved ones.
David Kennedy, Founder of TrustedSec and Co-Founder and Chief Hacking Officer of Binary Defense Systems, weighs in on the cyber threat landscape, social engineering, SolarWinds, and much more. This microcast is a short version of our full interview with Kennedy, which you can listen to at https://soundcloud.com/cybercrimemagazine/hacking-isnt-magic-social-engineering-solarwinds-david-kennedy
Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Justin Elze, Justin Bollinger, and David Boyd. Get ahead of the new PCI requirements PCI 4.0 is coming! Find out how the new requirements will affect your organization's goals and prepare now, with a PCI DSS assessment from TrustedSec. Penetration testing the cloud isn't the same as your network Go to TrustedSec.com to get our guide on how to get the most out of your cloud penetration test. Join the TrustedSec Discord Community TrustedSec is on Discord! Join our server to interact with the security community and the TrustedSec team. Go to discord.gg/trustedsec to join. Stories Title: Two U.S. Men Charged in 2022 Hacking of DEA Portal URL: https://krebsonsecurity.com/2023/03/two-us-men-charged-in-2022-hacking-of-dea-portal/ Author: Brian Krebs Title: Cancer patient sues hospital after ransomware gang leaks her nude medical photos URL: https://www.theregister.com/2023/03/15/cancer_lvhn_sues_hospital/?td=rt-3a Author: Jessica Lyons Hardcastle The Interview: Link: https://www.trustedsec.com/blog/critical-outlook-vulnerability-in-depth-technical-analysis-and-recommendations-cve-2023-23397/ Justin Elze, CTO and Director of Research at TrustedSec, talks to us about CVE-2023-23397, covering how TrustedSec investigated and responded as well as where it will land in the penetration tester's toolbox.
On this episode, Kennedy sits down with Founder of TrustedSec and Co-Founder and Chief Hacking Officer of Binary Defense Systems, Dave Kennedy to discuss Peiter “Mudge” Zatko's public claim accusing Twitter of cybersecurity negligence. Dave explains how the whistleblower disclosure says that Twitter purposefully skews the number of bots and hackers to show investors in order to drive revenue and shares his take on whether listeners should believe Mudge throughout the rest of his claims. Follow Kennedy on Twitter: @KennedyNation Learn more about your ad choices. Visit megaphone.fm/adchoices