Podcasts about tryhackme

In this conversation, FIlipi Pires shares his journey into cybersecurity, reflecting on his experiences at HackSpaceCon and discussing the importance of community and continuous learning. He emphasizes the critical issue of misconfigurations in identity management and the need for organizations to understand their vulnerabilities, particularly with legacy systems. Felipe also highlights the evolving nature of threats and the importance of being proactive in security measures. He provides insights into the future of red teaming and offers guidance for aspiring professionals in the field. In this conversation, Filipi Pires discusses the journey of growth in the cybersecurity field, emphasizing the importance of patience and continuous learning. He shares insights about his role at Segura, a company focused on identity solutions, and highlights the significance of community engagement. The discussion also touches on cultural aspects, including Brazilian cuisine and personal preferences, showcasing Filipi's vibrant personality and passion for his work.00:00 Introduction to Filipi Pires02:09 Reflections on HackSpaceCon05:03 Felipe's Journey into Cybersecurity11:01 Learning and Skill Development in Cybersecurity17:02 Current Trends and Misconfigurations in Cybersecurity19:38 Staying Current in Cybersecurity22:52 Understanding Threats and Attack Vectors28:46 The Future of Red Teaming32:46 Guidance for Aspiring Red Teamers36:44 The Journey in Cybersecurity43:59 Understanding Segura and Its Mission45:12 Connecting with the Community50:07 Cultural Insights and Personal PreferencesSYMLINKS[Filipi Pires - Official Website] - https://filipipires.comFilipi Pires' personal website, showcasing his professional background, speaking engagements, research, and cybersecurity insights. It serves as a central hub for his content, blog posts, and community contributions.[Filipi Pires on GitHub] - https://github.com/philip86Filipi Pires' GitHub profile where he shares open-source tools, projects, and potentially his upcoming event schedule. It's a place to follow his latest contributions to the cybersecurity community.[Filipi Pires on LinkedIn] - https://www.linkedin.com/in/filipipiresFilipi's professional profile for connecting with him and following his cybersecurity insights, talks, and global engagements.[Filipi Pires on YouTube] - https://www.youtube.com/@filipi-piresFilipi's YouTube channel featuring his recorded conference talks and cybersecurity presentations in Portuguese, Spanish, and English.[Burp Suite Academy] - https://portswigger.net/web-securityA free, hands-on learning platform created by PortSwigger that teaches web application security using the Burp Suite tool. Recommended by Filipi Pires as a foundational resource for aspiring red teamers and web security professionals.[TryHackMe] - https://tryhackme.com An interactive platform offering cybersecurity labs and learning paths focused on offensive and defensive security. Filipi recommends it for hands-on practice in red teaming and hacking fundamentals.[Hack The Box] - https://www.hackthebox.comA cybersecurity training platform that allows users to practice penetration testing skills in virtual environments. Mentioned as a useful resource for practical skill development in red teaming and ethical hacking.

In this brief episode between travels, I announce the “Ghost in the Source” capture the flag challenge, a cryptographic hunt on my website starting June 21st, 2025. At the end of June I will pick 3 lucky winners which will receive a 6-month TryHackMe subscription voucher. I also provide an update on our new Matrix community.In this week's episode:Announcing the “Ghost in the Source” CTF challengeChallenge details and rulesPrize information: 3 x 6-month TryHackMe vouchers!Matrix community update for listener interactionFuture plans for OSINT CTF challengesShow Links:CTF Challenge Page - https://psysecure.com/ctf/“When I float weightless back to the surface, I'm imagining I'm becoming someone else.”- Motoko KusanagiOfficial Website: https://psysecure.com Podcast music: The R3cluse

Want to land a cybersecurity job? Start with hands-on training from TryHackMe: https://tryhackme.com/why-subscribe?utm_source=youtube&utm_medium=social&utm_campaign=dakota_21aprilIn this episode, I sit down with Kenneth Ellington, cybersecurity instructor and founder of Ellington Cyber Academy, to break down how to build a high-paying career in cybersecurity—no matter your background.We talk about: ✅ How to break into cybersecurity without a degree✅ The fastest way to build real-world skills (SIEM, SOAR & more)✅ Why so many people get stuck in helpdesk and how to move forward✅ What hiring managers are really looking for✅ Strategies to land interviews and stand out from other applicantsWhether you're brand new to tech or ready to level up, this interview will give you the roadmap and mindset you need to succeed in today's cybersecurity job market.

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Dhiral Patel, Senior Security Engineer at ZoomInfo and one of MSRC's Most Valuable Researchers (MVR). Dhiral shares how a hacked Facebook account sparked his passion for ethical hacking. From web development to penetration testing, Dhiral has become a top bug hunter, landing multiple spots on the MSRC leaderboards. Dhiral reflects on his early MSRC submissions and lessons learned. He also discusses the importance of mastering web security basics, practicing on platforms like TryHackMe and Hack the Box, and staying connected with the bug bounty community.  In This Episode You Will Learn:  The importance of mastering web security basics before diving into bug bounty hunting Why hands-on platforms like TryHackMe and Hack the Box are perfect for beginners Dhiral's journey from blogging to freelancing and security research Some Questions We Ask: How do you balance competition and collaboration in the bug bounty community? Can you explain what clickjacking is and if it still works today? Why did you start with Power BI, and how did it lead to your journey in security?    Resources:      View Dhiral Patel on LinkedIn   View Wendy Zenone on LinkedIn   View Nic Fillingham on LinkedIn    Related Microsoft Podcasts:     Microsoft Threat Intelligence Podcast   Afternoon Cyber Tea with Ann Johnson   Uncovering Hidden Risks   Discover and follow other Microsoft podcasts at microsoft.com/podcasts   The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network. 

TryHackMe is Hands-On cyber security training through real-world scenarios. https://bit.ly/3wVE16PThinking of making the switch from your regular tech job to the exciting field of cybersecurity? We'll cover everything you need to know about refining your resume and acing your interview to land a cybersecurity position. Join us for expert tips and essential insights to help you navigate your career path in the exciting field of cybersecurity.✅ Subscribe to our weekly newsletter for insider tips and practical advice on launching your tech career, straight from industry experts! https://thebeardeditdad.ck.page/55f710292bSupport the Show.

Introduction (0:00)    - Joe and Larry discuss the episode's focus and introduce Dan Pestolesi.   Danny's Background and Interests (0:30)    - Danny talks about his casual streaming experience (0:52)    - Story about Danny's dad streaming volleyball matches (1:25)   Educational Journey (3:31)    - Danny's double major in Cinema and Computer Science (3:37)    - Transition from film to computer science and cybersecurity (6:39)   Sports and Team Dynamics (10:45)    - Importance of sports in Danny's development (12:05)    - Comparing sports and cybersecurity teamwork (13:30)   Danny's Career Transition (14:52)    - Initial struggles and career decisions post-graduation (16:10)    - Moving from corporate sales to school district IT (17:22)    - Starting a part-time IT business (18:28)   Interest in Cybersecurity (19:01)    - Developing interest through classes and projects (19:15)    - Fascination with the Stuxnet virus (21:21)   Key Projects and Skills (22:38)    - Explanation of MPI Angels and Devils project (24:21)    - Importance of multithreaded processing and game theory (25:02)   Certifications and Career Growth (26:40)    - Value of Network+ and Security+ certifications (27:16)    - Future plans for certifications (28:08)   Job Interviews and Company Fit (27:47)    - Experience with a 2.5-hour interview (28:25)    - Importance of cultural fit and team dynamics (30:05)   Networking Skills in Cybersecurity (36:01)     - Larry's educational background in networking (36:08)     - Real-world application of networking skills (37:00)   Teamwork and Communication (38:32)     - Story about identifying a malicious IP address (38:47)     - Importance of collaboration in cybersecurity (39:13)   Advice for Aspiring Cybersecurity Professionals (40:29)     - Skills that helped Larry transition into cybersecurity (42:08)     - Recommendations for learning and certifications (42:26)     - Using resources like TryHackMe and Udemy (42:48)   The Role of Documentation (48:30)     - Importance of taking notes and reading manuals (48:44)     - Using AI tools to assist with learning (46:19)   Conclusion (52:01)     - Final thoughts and encouragement for listeners     - Invitation to connect and learn more about the field   Call to Action: - Join the cybersecurity field! Get started for free at https://KC7cyber.com - Connect with the KC7 community on Discord! 

Sophie Powell joins Si and Desi on the Forensic Focus Podcast to discuss various topics including her recent participation in a TryHackMe webinar, the challenges of applying for graduate schemes, and the relevance of the Cyber 9/12 competition to her career in cybersecurity. They also touch on the psychology of conspiracy theories and the implications of deepfake technology. 00:00 – Welcome to the podcast 03:00 – Sweaty Cyber Advice 03:55 – Fitness and forensics 07:00 – Mental health and mindfulness 09:10 – Gamified assessments 17:00 – Video recorded self-assessments 20:10 – Filtering candidates to fill roles 24:25 – Graduate schemes versus graduate jobs 27:40 – Apprenticeships and student loans 33:40 – Starting out on a graduate scheme 37:35 – UK Cyber 9/12 Strategy Challenge 43:55 – Dangers of deepfakes 51:10 – Conspiracy theories and computer psychology 54:40 – Closing thoughts Show Notes Hardly Adequate - https://hardlyadequate.com Try Hack Me - https://tryhackme.com/ UK Cyber 9/12 Strategy Challenge - https://www.ukcyber912.co.uk/

Sponsor by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEC Playground⁠ --- Support this podcast: https://podcasters.spotify.com/pod/show/chillchillsecurity/support

Holiday Challenges Series - Ep 2 - TryHackMe Advent of Cyber Challenge Since some of the information you are about to hear is time specific, I want to let you know that I am recording this near the end of November in 2023. If you missed the first episode, which introduces this series, you can go back and listen to HPR3996 I have been using TryHackMe for several years, and I recommend it to all of my students. It is a great environment where people can get hands on experience with technology that relates to cyber security, all from the comfort of their browser and free year-round. The TryHackMe Advent of Cyber challenge is a free gamified environment which focuses on penetration testing, security operations/engineering, forensics/incident response, malware analysis, machine learning, and more! This year's challenge opens on December 1, 2023 (Which is the reason why I am posting twice this week). Typically, the Advent of Cyber challenge includes daily beginner-friendly exercises for people new to cybersecurity. These can consist of walkthroughs, video tutorials, and challenges. There are also prizes available based on random drawings and on participant success. Infosec personalities like John Hammond, Gerald Auger, InsiderPHD, and InfoSec Pat are featured in this year's challenge. You can play with last year's Advent of Cyber challenge by visiting https://tryhackme.com/room/adventofcyber4. It outlines the overall story and shows all of the tasks last year's participants experienced, including both offensive and defensive topics like: log analysis, OSINT, scanning, brute force attacks, email analysis, CyberChef, blockchain smart contracts, malware analysis, memory forensics, packet analysis, web application hacking, and more! Everything can be done with a free account from within a browser. If you want to learn more about cybersecurity, transition your career into infosec, or just have fun playing with cyber challenges, you can give it a try by visiting tryhackme.com or https://tryhackme.com/r/christmas Please note: I am not affiliated with TryHackMe in any way, other than having been a paying member for many years. Students and others who have participated in previous year's Advent of Cyber challenges have told me how much they enjoyed it and learned from it. Even though I have been an infosec practitioner for more years than I would like to admit, I also have enjoyed taking part in this challenge. If this is not for you, I will be sharing another option for a holiday challenge in my next episode.

Para a alegria de um total de 2 pessoas, trago a vocês mais um react de CTF, a exemplo do que fizemos com o Bruno Fraga do Técnicas de Invasão. A vítima da vez é o Rafael Sousa, do canal Hacking na Web, se você não segue acompanha lá que vale a pena. O Rafael resolveu um CTF do TryHackMe e mostrou para nós aqui como fazer e como sempre eu vou comentando aqui como proteger ou como você pode evitar que falhas e vulnerabilidades como estas do CTF estejam presentes na sua empresa. #FabioSobiecki #BlueTeamAcademy #SegurançadaInformação

In this captivating episode of the CS School podcast, we're joined by Danielle Martin, Senior Customer Success Manager at TryHackMe. Danielle believes that a genuine commitment to customer success requires a human-first approach. Join us as we delve into the essence of being human-first, and discover how you can incorporate this approach into your own customer success strategy. Don't miss out on this enlightening conversation!Key talking points➡️ What it means to be “human-first”➡️ How to advocate a human-first approach internally➡️ Resolving conflict by being human-first ➡️ The effect of human-first on customers➡️ Software solutions to aid a human-first approach➡️ Challenges to human-first➡️ The difference between sales and customer-led companiesResources➡️ Attend Customer Success Festival in London on November 29-30, 2023➡️ Connect with Danielle on LinkedIn to continue the conversation.➡️ Become leadership certified by taking the Customer Success Leadership Accelerator Program➡️ Chat with other CSMs in the CSC Slack channel for more tips and tricks.➡️ Schedule a demo with Vitally

Guest: Daniel Okoro, Co-Founder Cyril-Margaret FoundationOn LinkedIn | https://www.linkedin.com/in/daniel-okoro-17892228Host: Frankie ThomasOn ITSPmagazine  

Guest: Tyler Ramsbey, Associate Penetration Tester at Rhino Security Labs [@RhinoSecurity]On Twitter | https://twitter.com/Tyler_RamsbeyOn LinkedIn | https://www.linkedin.com/in/tyler-ramsbey-86221643/On YouTube | https://www.youtube.com/@TylerRamsbeyHost: Frankie ThomasOn ITSPmagazine  

Guest: Jason Watt, Director of BladeRunnersOn Twitter | https://twitter.com/J3rgsOn LinkedIn | https://www.linkedin.com/in/jcwatt0/Host: Frankie ThomasOn ITSPmagazine  

Imagine a world where the unexpected can lead you down a whole new career path, and you're more than ready to embrace it. That's exactly what our guest, Jason Rojas, experienced when he transitioned from a 20-year career as a massage therapist to the fascinating world of IT and cybersecurity. In this riveting episode, we not only hear about Jason's incredible journey but also explore the challenges of learning a new career path and the importance of having a strong support system.Did you know that hands-on learning can be crucial for those with OCD and ADHD? We dive deep into this topic, sharing personal experiences and discussing how hands-on learning has been a key factor in our success. Furthermore, we discuss the importance of soft skills in the IT and cybersecurity industries and how they can sometimes be more valuable than technical education.As we wrap up this episode, we take a moment to ponder the significance of finding your 'why.' Having a strong enough reason to pursue your goals can make or break your success, especially when faced with obstacles along the way. We also touch on the importance of giving back to the community and embracing our cyber warrior family. Don't miss out on this inspiring conversation with Jason Rojas and the chance to win some amazing TryHackMe vouchers for our live viewers!Support the showMerch: https://cyberwarriorstudios.com/storeYoutube: https://youtube.cyberwarriorstudios.comTwitch: https://twitch.tv/CyberWarriorStudiosTwitter: @CyberWarriorSt1Discord: https://discord.gg/eCSRzM6mJf

Učitel a odborník na kyberbezpečnost Valdemar Švábenský nám prozradí: - jak během pěti let publikovat přes osmnáct článků - co jsou kyberbezpečnostní CTF soutěže a kdo se jich může účastnit - jaké to je, rozjíždět vzdělávací video platformu - proč má smysl pracovat na svých učitelských dovednostech   Startovač: https://www.startovac.cz/patron/misto-problemu/ FB stránka: https://www.facebook.com/mistoproblemu Web: https://www.mistoproblemu.cz/   Časové značky: (00:00) úvod (00:54) cesta ke kyberbezpečnosti (06:06) bezpečnostní tipy a CTF soutěže (11:00) výzkum, produktivita a bloky (22:39) výuka, výzvy a interaktivita (29:19) rada mladšímu já a hodnocení školních systémů (33:08) Elea - výuková matematická videa (41:13) řešení osobních problémů skrz cestování (44:31) vzdávání se věcí, inspirace a motivace (47:35) osobní hodnoty a práce na sobě   Odkazy: - Osobní web: https://elea.sk/valdemar/ - Web s matematickými videi: https://elea.sk/ - Web zmíněného labu: https://cybersec.fi.muni.cz/ - Kurz Kyberkompas: https://security.muni.cz/cybercompass - Inspirace, jak si užít univerzitu: https://mitadmissions.org/blogs/entry/50_things/ - Cryptohack - interaktivní výuka kryptografie: https://cryptohack.org/ - TryHackMe: https://tryhackme.com/ - Hacker Test: https://www.hackertest.net/ - Hack The Box: https://www.hackthebox.com/

Here are my thoughts on how to start your journey into the world of web penetration testing. This journey isn't for the weak. If this is something you truly want, then be prepared to fully embrace a mindset of constant learning, curiosity, and tenacity.The focus of this episode is on getting into the right mindset, while choosing which technologies you should start to learn. I will have a follow-up episode on how to become a web penetration tester from a professional development perspective. Episode Flow0:00 - Intro1:16 – The Hacker's Mindset3:25 – Learn These Core Technologies 6:52 – Start Hacking Now These are the sites where you can start to practice website hacking:HackThisSite.org, TryHackMe.com,and HackTheBox.comFeedback, questions, or requests?  Want to join the Security+ Discord?You can reach out here: https://www.tekordie.com/contact/Don't forget, TEK or DIE is onApple Podcasts,Spotify,Google Podcasts, and most podcast directories. Subscribe so you can get the show sent to you automatically.  

O déficit de habilidades de hoje em dia, assim como a escassez de mão de obra em segurança cibernética, está causando uma pressão sobre a força de trabalho existente e sobre as empresas que procuram contratar profissionais que possam garantir seus ativos. ​ Novos graduados e profissionais devem procurar entrar na área de TI ou lançar uma carreira em segurança cibernética não apenas pelas muitas oportunidades que agora oferece, mas também pela promessa de uma carreira em evolução contínua. Há muitas credenciais que os profissionais de segurança podem buscar para mostrar aos possíveis empregadores que suas habilidades são novas. ​ As empresas frequentemente procuram novos membros da equipe com certificações que provem que possuem expertise em áreas como o “lado técnico” da segurança de TI. Aguardamos todos vocês em mais um webcast do SecurityCast.​ SaveTheDate - 25/07/2022 19:00 (UTC -3)​ Fonte das matérias e notícias: - Notícia do Santander - https://www.seudinheiro.com/2022/santander/apagao-no-santander-aplicativo-internet-banking-agencias-e-sac-estao-fora-do-ar-dizem-clientes-flal/ - TryHackMe - https://tryhackme.com/ - HackTheBox - https://www.hackthebox.com/ - Curso Gratuito do Metasploit: https://www.offensive-security.com/metasploit-unleashed/ - Site Metasploit - https://www.metasploit.com/ - Cursos para certificação - https://www.itcerts.ca/

Episode 183 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some training resources that you can use in your security program free of charge!News:Autopatch is now Availablehttps://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html'Callback' Phishing Campaign Impersonates Security Firmshttps://threatpost.com/callback-phishing-security-firms/180182/Resources Discussed:Portswigger Web Security Academy https://portswigger.net/trainingXSS, Cross Site Request Forgery, SQL Injection, HTTP Request SmugglingBurp Suite Training - All free & high qualityHacktheBox, TryHackMe, OverTheWireOffensive Security - Metasploit Unleashed. Also currently doing free OSCP classes via Twitch. Monday and Friday at 12:00 PM EThttps://www.offensive-security.com/metasploit-unleashed/FRSecure CISSP mentorshiphttps://frsecure.com/cissp-mentor-program/Federal Virtual training Environmenthttps://fedvte.usalearning.gov/Free training for all Federa, State, Local, Tribal and Territorial government employees.Using ATT&CK for CTI Traininghttps://attack.mitre.org/resources/training/cti/Understand what ATT&CK is and how to use it to make defensive decisions.SANS Cheat Sheets!https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/PicoCTFhttps://picoctf.org/resources.htmlLearning Guides for General Skills, Crypto, Web Exploitation, Forensics, Binary Exploitation, ReversingInfosecinstitutehttps://resources.infosecinstitute.com/topic/13-cyber-security-training-courses-you-can-take-now-for-free/$300 AnnualCybraryhttps://www.cybrary.it/Some free courses or $60 a monthGive episode 183 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

In this episode, host TJ Null sits down with DarkStar7471 aka Dark, our recent community moderator for the OffSec Community. Dark is currently a lead pentester at State Farm Insurance and has produced content for TryHackMe. He starts by sharing his journey before working for OffSec as well as what piqued his interest in the information security field. Then, Dark highlights why he decided to obtain his OSCP and how the knowledge he gained from the course benefits him in his career trajectory. He also shares some exciting projects he works on relevant to pentesting. Lastly, Dark shares advice he has for anyone working to become a pentester and hobbies he enjoys outside of infosec. Enjoy the episode!

We're joined by Karen Walsh, Founder and CEO of Allegro Solutions, on the podcast today to talk about the good, bad, and ugly of cybersecurity content marketing. As a compliance expert, former professor, lawyer, and kickass cybersecurity auditor, Karen shares her formula for content marketing success, educates us on educating our audience, and even gives us a quick peek at one of her many talents outside of the cybersecurity space.  Timecoded Summary: [01:17] Introducing Karen and the concept of GRC (governance, risk, compliance) [04:27] Educating your audience through correct usage of webpage real estate [13:02] Discovering the formula for solid content marketing copy [22:46] Throwing out a few vague and unhelpful content marketing “bad words”  [34:41] Kicking ass in cybersecurity as a woman, a marketer, and a freelancer Sponsor: Thank you to our sponsors and producers Hacker Valley Media! Chris Cochran and Ron Eddings run an amazing studio, which produces not only the Breaking Through in Cybersecurity Marketing podcast, but a bunch of other shows that you're going to want to listen to as well. You can check these all out at HackerValley.com.    Do we really need to explain this again?  When explaining the essentials of educating your audience, Karen encounters more than her fair share of clients who think they don't have to explain or educate as much as they do. Education cannot be made with assumptions or without proper research into your audience. Although many of your potential clients may understand the terms you're using, explaining and educating instead of assuming will avoid making an “*ss” out of anyone.  “Have high standards of educating those who are coming into your website. They need to know things and they're not going to take that next step to convert if they don't understand and if you haven't educated them.”   How do you mix in SEO in order to be telling a good story to your buying audience, but also try and rank for terms for when people are searching? Karen believes that SEO and content marketing is a formula, and bases a lot of her work around the essentials of that formula. These are three challenges that X industry has when trying to do Y security functions. Through explaining the challenges faced and the methods that could be used to solve them, you're training yourself to not only educate, but to take up essential website real estate with impactful on-page SEO. “I mean, it's formulaic. You set out a business problem that you're looking to solve, right? You define what that business problem is, and when you're defining what that business problem is, you focus on certain terms.”   What are your top marketing buzzwords to avoid on content? Karen loves many things about content marketing, but there are some words that she cannot stand, including frictionless and actionable. For Karen, these words are vague and unhelpful in your marketing, leaving more questions than answers for potential clients. Get specific and explain why or how what you can provide separates your company from the pack. Don't fall victim to meaningless marketing words when specificity can help so much more.  “And I think part of the problem with a lot of these terms is people haven't really thought about what they mean by the term and so, it makes them meaningless.”    How do you earn respect in cybersecurity as a woman and a marketer who knows her shit? There are already huge barriers for women in cybersecurity, especially when coupled with non-technical roles, such as marketing and writing—  both of which are Karen's specialties. Karen explains that, for her, there's also the third layer of being a freelancer. Oftentimes, cybersecurity companies are playing into their own internal biases without realizing it and hurting freelancers by assuming negative things about their skills and quality of work.  “I know I'm a good writer. It's what I like doing. I don't want to code, but I have to make sure people don't treat me like I'm stupid because I don't do the technical job, which goes along with the marketing because they think marketing is fluff.” ---------- Spend some time with our guest Karen Walsh on LinkedIn, Facebook, Twitter, and the Allegro Solutions website  Additional resources mentioned in this podcast: Karen Walsh on Rate My Professor, Dark  Reading, Security Mag, Feedly's cybersecurity feed, Help Net, Votiro, TryHackMe, Black Girls in Cyber, Tricia Kicks SaaS, Everest Shoulder Rest, Lindsey Stirling Follow Gianna on LinkedIn Catch up with Maria on LinkedIn Join the Cybersecurity Marketing Society on our website, and keep up with us on Twitter Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter  

Om Show notes ser konstiga ut (exempelvis om alla länkar saknas. Det ska finnas MASSOR med länkar) så finns de på webben här också: https://www.enlitenpoddomit.se    Avsnitt 350 spelades in den 11 januari och eftersom att "Kinaschack" uppfanns i Tyskland år 1892 ( https://en.wikipedia.org/wiki/Chinese_checkers )  så handlar dagens avsnitt om: INTRO: - Alla har haft en vecka... Björn har varit massor på TryHackMe. Johan har upptäckt att han kanske är en sucker för att känna sig behövd, och hållit på med "magicMirror2". Dessutom är han inte helt övertygad om progressiva glasögons förträfflighet FEEDBACK AND BACKLOG: - Johan har fått feedback om att Applemänniskor inte alls är dumma.  (Simple vs. Easy) ALLMÄNT NYTT - Moxie Marlonspike slutar som VD på Signal   https://signal.org/blog/new-year-new-ceo/    - BONUSLÄNK: https://en.wikipedia.org/wiki/Signal_(software)  - Och Signal inför Crypto betalning   https://www.wired.com/story/signal-mobilecoin-cryptocurrency-payments/  - Norton 360 håller också på med Crypto… eller nåt   https://krebsonsecurity.com/2022/01/norton-360-now-comes-with-a-cryptominer/  - Intel anställer… Hade varit kul att veta hans nya lön   https://appleinsider.com/articles/22/01/06/apple-loses-lead-apple-silicon-designer-jeff-wilcox-to-intel  - Wow… Supplychain attacker  (i "Colors" och "Faker")   https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/    - BONUSLÄNK: RunAs Radio avsnitt 808: https://runasradio.com/Shows/Show/808  MICROSOFT - Detta kan vara det största sedan Windows 10! Device Manager slutar leta på A: efter drivrutiner…   https://www.windowslatest.com/2022/01/10/windows-11s-device-manager-finally-uses-os-path-instead-of-a-floppy-disks/  - Gör din Marknadsavdelning glad - "Organization Fonts in Powerpoint    - For Windows: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=90893     - For Mac and mobile: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=90757     - For Web: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=88538  - Möjlighet att välja bort sin egna video i Teams   https://www.windowscentral.com/microsoft-teams-will-soon-help-you-not-get-distracted-your-own-face  - Teams blir bättre i VMs. (Citrix, Azure, VMware   https://www.techradar.com/news/microsoft-teams-update-will-level-the-playing-field-for-all-users    Länken till roadmapnyheten: ( https://www.microsoft.com/en-gb/microsoft-365/roadmap?filters=&searchterms=87559 )  APPLE - Microsoft berättar om bug i MacOS   https://appleinsider.com/articles/22/01/10/microsoft-details-macos-vulnerability-that-allowed-protected-data-access    - BONUSLÄNK från avsnitt 349: Bra podd om man är intresserad av Defender for endpoint på Mac eller säkerhet för Mac-ar generellt:     https://thecyberwire.com/podcasts/security-unlocked/54/notes  GOOGLE: - Google och Sonos är inte överens och som vanligt går det ut över konsumenterna (säger inte att det är Sonos fel)   https://swedroid.se/funktionaliteten-for-googles-smarthogtalare-begransas-efter-sonos-stamning/ - Google pratar bilar på CES   https://www.thurrott.com/google/260985/google-to-expand-its-in-car-capabilities-this-year    - BONUSLÄNK: https://eu.usatoday.com/story/tech/news/2022/01/08/ces-2022-attendance-covid/9146164002/  EXTRA NYHET:  - Kina reglerar Lagar som reglerar hur teknikföretag får använda rekommendationsalgoritmer   https://computersweden.idg.se/2.2683/1.761223/kinesiska-myndigheter-borjar-reglera-algoritmer  TIPS: - Scott Hanselman - Bad Date Coomparisaons i C#   https://twitter.com/shanselman/status/1478170344623992832?s=20  PRYLLISTA - Björn: David Hasselhoff - https://www.amazon.com/dp/B08YS686BZ/?tag=097-20&ascsubtag=v7_3_3_2q15_64zi_0_x01_-srt1 - - Johan: Skridskor EGNA LÄNKAR - En Liten Podd Om IT på webben,      http://enlitenpoddomit.se/  - En Liten Podd Om IT på Facebook,      https://www.facebook.com/EnLitenPoddOmIt/  - En Liten Podd Om IT på Youtube,      https://www.youtube.com/enlitenpoddomit  - Ge oss gärna en recension    - https://podcasts.apple.com/se/podcast/en-liten-podd-om-it/id946204577?mt=2#see-all/reviews      - https://www.podchaser.com/podcasts/en-liten-podd-om-it-158069  LÄNKAR TILL VART MAN HITTAR PODDEN FÖR ATT LYSSNA: - Apple Podcaster (iTunes), https://itunes.apple.com/se/podcast/en-liten-podd-om-it/id946204577  - Overcast, https://overcast.fm/itunes946204577/en-liten-podd-om-it - Acast, https://www.acast.com/enlitenpoddomit  - Spotify, https://open.spotify.com/show/2e8wX1O4FbD6M2ocJdXBW7? si=HFFErR8YRlKrELsUD--Ujg%20 - Stitcher, https://www.stitcher.com/podcast/the-nerd-herd/en-liten-podd-om-it  - YouTube, https://www.youtube.com/enlitenpoddomit  LÄNK TILL DISCORD DÄR MAN HITTAR LIVE STREAM + CHATT - http://discord.enlitenpoddomit.se  (Och glöm inte att maila bjorn@enlitenpoddomit.se  om du vill ha klistermärken, skicka med en postadress bara. :) 

Are you in need of some motivation in your cyber security career journey? This show's guest , Alexander Plog, is currently top 1% on TryHackMe whilst experiencing homelessness. This is a must listen episode on how determination and hard work can provide a light at the end of the tunnel no matter where you are in life. Alexander uses every avaliable resource to get closer to his goal of a cyber security role in the field. This episode is pure inspiration from start to finish on the mindset you need to have to win at all costs. Show Notes (01:00) Alexander talks about his background, experiencing homelessness and getting into cyber security. (28:00) Alexander talks about how he stays driven to succeed and obtain a cyber security role. (39:00) Alexander talks about battling imposter syndrome (46:00) Alexander gives advice on how to get into cyber security and staying driven through adversity. Alexander's Blog and LinkedIn Linkedin-https://www.linkedin.com/in/aplog/ Blog-https://medium.com/@thenorsetech Thanks for Listening! Be sure to subscribe on Apple, Google, Spotify, or wherever you get your podcasts. And feel free to drop me a DM via Linkedin. Follow me (Ayo Adeojo) on Linkedin to get regular advice on breaking into cyber security Linkedin: https://www.linkedin.com/in/ayo-adeojo/

In this episode of CHATTINN CYBER, Marc Schein interviews Thomas Brittain. He is the Associate Managing Director with the Cyber Risk practice of Kroll, a division of Duff & Phelps, based in St. Louis. He has over 14 years of information security experience advising organizations on secure configurations, risk reduction, incident response, and tackling tough security challenges. Thomas' expertise ranges from incident response and security assessments to building and leading security programs. He is a Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), and a GIAC Certified Incident Handler. Thomas shares his story of going from a military professional to chairing the Associate Managing Director role in one of the most prestigious IR firms in New York City. The foundation and training in the military certainly influenced Thomas' drive. In the military, you don't have an option to fail. You are to find a path forward, no matter what. Thomas shares carrying this perspective in his career and life. To those looking forward to joining cybersecurity, Thomas gives away a few tips - ●  Get a home lab setup - If you want to get into cybersecurity, you will have to experiment with different apps and software. ●  Learn - Several sites give free education about these topics. INE and TryHackMe are examples. It would be best if you learned the basics first. There are YouTube videos you can learn from, which include videos of Professor Messer. ●  Make sure you really want to work in this field. You'll need to challenge yourself, think outside the box sometimes, and be ready to adapt to changes.Thomas then shares his views on an executive order passed by President Joe Biden on implementing new policies to improve national cybersecurity. The biggest concern in the order remains to be funding. We also learn about ransomware gangs, where they're generally located, how they're funded, and what their ransom demands are most often. Most of these gangs are located in the eastern European region and are funded by the ransom payments they have received. In 2020, their ransom demands went up to 60 million dollars even. Ransomware gangs today have started becoming more strategic. Thomas also talks about the possible recruitment strategies for ransom gangs. He elaborates on the ransomware gang REvil, the one behind the Kaseya attack of 2021, and their attacking strategy. One of the most extensive techniques or tactics with this threat actor group is exploiting internet-connected vulnerable systems and managed security provider platforms like RMM tools (similar to Kaseya). Thomas further details the Kaseya attack, explaining why 1500 globally were put at risk - all simultaneously. Towards the close of the conversation, Thomas explains the process of procurement of cryptocurrency by organizations - you have first to establish an account and then transfer funds to the wallet. After that, you procure your cryptocurrency, like Bitcoin. Thomas has led an extensive discussion on ransomware gangs, cyber-attacks, and bitcoins today. There's a lot you would take away from this episode! Quotes: “I think in this career field of cyber security, everybody has to be the CEO of their own career. Nobody's going to give it to you on a silver platter.” “This is not just a career field in which you're going to come in, you're going to get a great salary, and you're going to do the job. If you don't thoroughly enjoy it, if you don't have the ability to think outside the box and really try to take on new challenges, this may not be the right career field for you.” “Learn the basics first; how does a computer work? How does networking work? There are a lot of sites like, INE or TryHackMe that provide some level of foundation. There are other avenues like Professor Messer on YouTube that offer free videos to get that background or education.”

Join myself (@shellsharks) and @cradersec as we discuss blogging, Western Governors University (WGU), home labs and more! Show Notes     Preshow Audio Hijack: https://rogueamoeba.com/audiohijack/ Rogue Amoeba: https://rogueamoeba.com OmniFocus: https://www.omnigroup.com/omnifocus/ Todoist: https://todoist.com/ Notion: https://www.notion.so Fantastical: https://flexibits.com/fantastical Getting Things GNOME!: https://wiki.gnome.org/Apps/GTG Main Show Crader Security: https://cradersecurity.com Why I Blog. You Should Too!: https://shellsharks.com/you-should-blog#title WGU: https://www.wgu.edu Shellsharks Captain's Log: https://shellsharks.com/captains-log MIT Open Courseware: https://ocw.mit.edu/index.htm Raspberry Pi: https://ocw.mit.edu/index.htm AWS Free Tier: https://aws.amazon.com/free/ Pluralsight: https://www.pluralsight.com GitHub Developer Pack: https://docs.github.com/en Google Cloud Free Tier: https://cloud.google.com/free Potent Wisdom: https://potentwisdom.com - Coming Soon! The Linux Smack: https://linuxsmack.com - Coming Soon! The Privacy Smack: https://privacysmack.com - Coming Soon! TryHackMe: https://tryhackme.com     Postshow Shellsharks Inbox Zero - https://shellsharks.com/inbox-zero#title Digital Minimalism - https://www.amazon.com/Digital-Minimalism-Choosing-Focused-Noisy/dp/0525536515

Larry and Joe speak with Duane Dunston, an Associate Professor of Cybersecurity at Champlain College https://www.champlain.edu/academics/our-faculty/dunston-duane Duane just celebrated 24 years in Cybersecurity. He is currently working towards his EdD in Education. Larry and I learned how incredible Duane is!  Among his many accomplishments, he volunteers as a security consultant with International Association of Human Traffickers and Investigators. He's working with Champlain students to develop technologies to facilitate the identification of trafficked victims.  Duane is currently  working on a cross-platform and mobile app to help identify victims of human trafficking. You can buy Duane a cup of coffee here: https://www.buymeacoffee.com/thedunston And  00:00 Larry and Joe listen to Duane's story of how he got into Cybersecurity, after growing up in a Group Home, he earned a college degree, and then got into tinkering with Log Analysis and worked his way through Graduate school as a janitor. He helped maintain the computers and shortly after became a Unix administrator. He didn't have an easy road, but he is perhaps the best example of what the Information Security community stands for. 4:50 Wireguard VPN and Duane's contribution with Nowire check out his NoWire Github repo here: https://github.com/thedunston/nowire 11:15 Is Internet Privacy Possible? 19:53 Duane's presentation at GrimmCon:  “Cognitive Science Aproach To Teaching Cybersecurity Education” https://t.co/Owr38hXBVk?amp=1 20:15 Should Veterans spend their GI Bill on College Degrees or Certs to get their first job in Cyber? Duane recommends Security+ Certs and to supplement it with the TryHackMe platform. https://tryhackme.com/ It requires no home lab equipment so it helps those that have financial constraints. 22:30 Can someone go right into Pentesting? Duane says you must have a base level of understanding of Networking, Windows and Linux administration. 23:00 eLearnSecurity Junior Penetration Tester (eJPT) https://elearnsecurity.com/product/ejpt-certification/ 23:50 Duane discusses how the OSCP Cert from Offensive Security is more difficult for people who struggle with self learning. https://www.offensive-security.com/pwk-oscp/ 26:00 Duane explains why he does not subscribe to the fatalistic “everyone will be hacked” mindset, and how SolarWinds is the worst case scenario of a Supply Chain compromise. 30:50 Why it is so difficult to detect cobalt strike beacons 32:45 Duane says the fundamentals are necessary: anti-malware, anti-phishing, and application control (allow-listing). 34:00 Web Browser sandboxing with Application Guard https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview 35:15 Weakness of application control is when exclusions are set, malware an remain undetected when hiding in those exclusions 36:50 Host level detection is important because network traffic is encrypted in SSL 37:40 Philosophical Discussion on why Ransomware attacks are on the rise 39:00 Duane discusses his volunteer work with 1) using Augmented Reality to help train people in construction and 2) helping with the problem of human trafficking 44:35 Larry asks Duane a tough question: What is your driving motivation? You keep learning even after being in 24 years in Cybersecurity (Duane just got his MITRE Attack certification). Duane's Ted Talk can be viewed here: https://www.ted.com/talks/duane_dunston_the_answer_to_cybersecurity_threats_middle_high_schoolers  Duane spoke at The Diana Initiative​ 2021; a two-day conference to elevate, inspire, and support women/non-binaries of all races, cultures, and backgrounds through every stage of their information security career with education, collaboration, and resources. https://hopin.com/explore/speakers/IEfWTII6uHHgNc1ctq047ro2S  51:00 Duane looks to the future - helping improve training providers. He would like to consult with a think tank on cybersecurity education or technology education or education policy. He can be reached on twitter at @GnuGro 52:37 Duane weighs in on the recent Infosec Bikini Controversy on twitter.  Read more about the controversy here: https://www.infosecurity-magazine.com/news/infosec-community-bikini-pics/   

Larry and Joe invite special guest Daniel Rose on the show to discuss his efforts to obtain a position in cybersecurity. Daniel grew up placing Ice Hockey and served his country in the US Navy, and served his community in law enforcement before transitioning to IT for the past six years. He has Linux and Security+ certifications and is open to full time employment offers now. Listen to the show to learn more about Daniel's background.  00:00-02:15 Special guest Daniel Rose shares his experience encountering crazy job descriptions like this entry level position: "Must have 5 years experience and former CISO preferred?!" Larry and Daniel discuss how these “unicorn employee” job postings can be frustrating for people looking to break into the cybersecurity field.  02:15-3:15 Larry recalls a conversation he had with an IT Architect who told him having passion for cybersecurity is the most important thing 03:15-05:00 Daniel shares about when he first transitioned from a career in law enforcement to IT. It all started when he took a digital forensics workshop. He then found a computer hardware position and then web/software development.  05:00-08:00 Daniel shares stories about how his passion and drive has helped him overcome challenges in life, including an inspiring story when he served in the US Navy. If you really want to do something - stick to it!  08:00-12:00 Daniel shares tips with Larry on studying for the Pentest+ and Security+ Exam. 12:00-13:30  Daniel explains what TryHackMe.com is all about.  13:30-14:45  Daniel explains what it takes to get a new account in https://HackTheBox.com  14:45-15:30 Daniel talks about https://CodeAcademy.com  15:30-16:05 Daniel recommends that Larry get into Python as his first cybersecurity programming language  16:05-18:43 Daniel recommends https://RangeForce.com  and talks about how it helped him gain hands-on experience with PowerShell, Intrusion Detection Systems,  18:43  Daniel talks about https://CyberDefenders.org  ; a blue team training course to learn Splunk and reverse engineering malware  20:45 Joe talks about how Marcus Hutchins used his malware analysis skills to find the kill switch that stopped WannaCry ransomware from spreading worldwide in 2017. Learn about Marcus's story here: https://en.wikipedia.org/wiki/Marcus_Hutchins 22:20 Larry talks about the Microsoft MSSA Academy https://military.microsoft.com/programs/microsoft-software-systems-academy/  26:10 Daniel talks about his experience using EDR to investigate ransomware and how he created a watchlist of task scheduler changes to hunt for Indicators of Compromise (IOC) 29:00 Larry ties together how incident response requires skills with forensics  30:00 Daniel talks about how he used the Jason Dion Udemy course to prepare for the LPI Linux course https://www.udemy.com/user/jason-dion/  31:50 Daniel shares his tips with Larry on studying for Security+ 35:00 Larry shares an update on his career search  Get in touch with Daniel Rose on LinkedIN at https://www.linkedin.com/in/dani3lr0se/ or Twitter https://twitter.com/dani3lr0se or his website www.CyberSecDan.com

Recycle B, com João Mota e a sua experiência em "pentesting" - TrayHackMe - Tools - Segurança - Futuro

Do you agree with John? Please comment below. Are CTFs worth it? Do they help you get a job? Which are the best? Menu: 0:00​ ⏩ Best option for a job interview 0:17​ ⏩ John Hammond intro 0:48​ ⏩ John's CTFs walkthroughs 1:35​ ⏩ What are CTFs? 3:00​ ⏩ Why are CTFs good? 4:00​ ⏩ Certifications or CTFs? 5:09​ ⏩ Recommended first cert? 6:49​ ⏩ How to prepare for an exam? Use CTFs. 7:21​ ⏩ John's 5 top CTFs 9:33​ ⏩ HackTheBox and TryHackMe are not CTFs 10:40​ ⏩ First CTF - one to start with? 12:34​ ⏩ Training wheels vs flying 13:40​ ⏩ Guided vs beat your head against the wall 14:41​ ⏩ Lots of free content 15:48​ ⏩ PicoCTF overview 17:26​ ⏩ CTFs vs real world experience? 19:21​ ⏩ Hiring someone: Certs vs CTFs? 21:47​ ⏩ Do CTFs help with Blue Team roles? 23:35​ ⏩ CTFs help John with his day to day work ================ Connect with me: ================ Discord: https://discord.com/invite/usKSyzb ​ Twitter: https://www.twitter.com/davidbombal ​ Instagram: https://www.instagram.com/davidbombal ​ LinkedIn: https://www.linkedin.com/in/davidbombal ​ Facebook: https://www.facebook.com/davidbombal.co ​ TikTok: http://tiktok.com/@davidbombal ​ YouTube: https://www.youtube.com/davidbombal​ ================ Connect with John: ================ YouTube: https://www.youtube.com/johnhammond010​ Twitter: https://twitter.com/_johnhammond ​ LinkedIn: https://www.linkedin.com/in/johnhammo... ​ ================ Links: ================ Hack the box: https://www.hackthebox.eu/ ​ Try Hack Me: https://tryhackme.com/ ​ PicoCTF: https://picoctf.org/ ​ All-Army CyberStakes: https://www.acictf.com/ ​ CTF Time: https://ctftime.org/ctf-wtf/ ​ eLearn Security: https://elearnsecurity.com ​ OSCP: https://www.offensive-security.com/co... ​ CEH: https://www.eccouncil.org/programs/ce... ​ ================ Support me: ================ DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna ​ Udemy CCNA Course: https://bit.ly/ccnafor10dollars ​ GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10 ​ ctf capture the flag tryhackme hackthebox john hammond cybersecurity hack the box try hack me htb thm incident response incident response cyber security cyber security career cybersecurity cybersecurity careers ceh oscp ine oscp certification ctf for beginners first job cybersecurity job Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Want to win courses, Capture the flags and merch? Now's your chance. ======== Giveaway: ======== ITPro.TV 12 months access (2 winners): https://davidbombal.wiki/itprotv144 ​ ITPro.TV T-shirts (10 winners): https://davidbombal.wiki/merch144 ​ Tryhackme (5 winners): Link in the video HackTheBox (5 winners): Link in the video Wireshark course: https://davidbombal.wiki/wireshark414 ​ CCNA course (limited to 1,000): https://davidbombal.wiki/ccna144 ​ ======= ITProTV: ======= ITProTV Free Training: http://davidbombal.wiki/freeitprotv ​ My ITProTV affiliate link: http://davidbombal.wiki/itprotv ​ ================ Connect with me: ================ Discord: https://discord.com/invite/usKSyzb ​ Twitter: https://www.twitter.com/davidbombal ​ Instagram: https://www.instagram.com/davidbombal ​ LinkedIn: https://www.linkedin.com/in/davidbombal ​ Facebook: https://www.facebook.com/davidbombal.co ​ TikTok: http://tiktok.com/@davidbombal ​ YouTube: https://www.youtube.com/davidbombal​ ================ Support me: ================ DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna ​ Udemy CCNA Course: https://bit.ly/ccnafor10dollars ​ GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10 ​ ====================== Special Offers: ====================== ITPro.TV: https://itpro.tv/davidbombal ​ 30% discount off all plans Code: DAVIDBOMBAL itpro.tv itprotv itprotv giveaway itprotv free hackthebox tryhackme ceh ccna cissp aws hack hacker hacking ethical hacking oscp ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Vetle (@bordplate), René (@ParticleVoid), Henrik (@xistens), Ruben (@Jernslett) og Melvin (@Flangvik) snakker om hvilke password-managere de bruker, Henrik som hacker routeren sin og har laget et Tryhackme-rom, PwC finner 0day i Java Spring, ny vuln i `sudo`, Facebook som har mistet en svær database med telefonnummer, Security researchers som ble angrepet med malware/0-days og Datatilsynet vil bøtelegge Grindr.