Podcasts about Wireshark

  • 133PODCASTS
  • 267EPISODES
  • 43mAVG DURATION
  • 1EPISODE EVERY OTHER WEEK
  • May 4, 2026LATEST

POPULARITY

20192020202120222023202420252026


Best podcasts about Wireshark

Latest podcast episodes about Wireshark

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Monday, May 4th, 2026: Malicious Homebrew Ads; Wireshark Update; Digicert False Positive; cPanel Exploited

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later May 4, 2026 7:46


Malicious Ad for Homebrew Leads to MacSync Stealer https://isc.sans.edu/diary/Malicious%20Ad%20for%20Homebrew%20Leads%20to%20MacSync%20Stealer/32942 Wireshark Update https://www.wireshark.org/docs/relnotes/wireshark-4.6.5.html Digicert Microsoft Defender False Positive https://www.reddit.com/r/cybersecurity/comments/1t2hfsh/mde_flagging_digi_cert_certificate_as_malicious/ https://bugzilla.mozilla.org/show_bug.cgi?id=2033170 cPanel Exploited https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026

Security Now (MP3)
SN 1075: Yes. Exactly. - The Zero-Day Ticking Clock

Security Now (MP3)

Play Episode Listen Later Apr 22, 2026 160:28


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

All TWiT.tv Shows (MP3)
Security Now 1075: Yes. Exactly.

All TWiT.tv Shows (MP3)

Play Episode Listen Later Apr 22, 2026 160:28 Transcription Available


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

Security Now (Video HD)
SN 1075: Yes. Exactly. - The Zero-Day Ticking Clock

Security Now (Video HD)

Play Episode Listen Later Apr 22, 2026 160:28 Transcription Available


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

Security Now (Video HI)
SN 1075: Yes. Exactly. - The Zero-Day Ticking Clock

Security Now (Video HI)

Play Episode Listen Later Apr 22, 2026 160:28 Transcription Available


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

Radio Leo (Audio)
Security Now 1075: Yes. Exactly.

Radio Leo (Audio)

Play Episode Listen Later Apr 22, 2026 160:28 Transcription Available


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

Security Now (Video LO)
SN 1075: Yes. Exactly. - The Zero-Day Ticking Clock

Security Now (Video LO)

Play Episode Listen Later Apr 22, 2026 160:28 Transcription Available


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

All TWiT.tv Shows (Video LO)
Security Now 1075: Yes. Exactly.

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Apr 22, 2026 160:28 Transcription Available


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

Radio Leo (Video HD)
Security Now 1075: Yes. Exactly.

Radio Leo (Video HD)

Play Episode Listen Later Apr 22, 2026 160:28 Transcription Available


Security leaders warn the era of AI-driven bug hunting has arrived, with Mythos uncovering hundreds of overlooked vulnerabilities in code bases as trusted as Firefox. Are defenders ready for the avalanche of exploits and the frantic race to patch? A disgruntled developer discloses multiple Windows 0-days. Microsoft purchases its own bugs in massive campaign. VeraCrypt & Wireshark suddenly lost their dev accounts. A serious problem with re-captured domain names. How might AI help to secure open source repositories. A listener wonders what we thought of Project Hail Mary. Cyber security professionals tell us What Mythos Means Show Notes - https://www.grc.com/sn/SN-1075-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT hoxhunt.com/securitynow meter.com/securitynow zscaler.com/security

Backup Central's Restore it All
Living Off the Land Attack: Hackers Using Your Own Tools Against You

Backup Central's Restore it All

Play Episode Listen Later Mar 16, 2026 46:39 Transcription Available


A living off the land attack is one of the sneakiest techniques in a ransomware operator's playbook — and in this episode, Dr. Mike Saylor breaks down exactly what it is, how it works, and what your organization can actually do about it.Instead of bringing their own tools into your environment (which might trip your alarms), attackers just use what's already there. PowerShell. WMI. RDP. The same tools your admins run every single day. To your monitoring systems, it looks completely normal. That's the whole point.Mike and Curtis cover why attackers prefer your tools over their own, how recon can quietly run for 30 to 90 days before the attack goes loud, and what defenders can actually do about it — removing admin privileges, system hardening, golden images, application whitelisting, and free tools like Nmap and Wireshark. There's also a match.com story involving organized crime and a wooden casket on someone's front porch that you really don't want to miss.0:00 - Intro1:21 - Welcome and Book Announcement3:28 - What Is a Living Off the Land Attack?5:38 - Real-World Example: Conti Ransomware and WMI8:12 - Why Attackers Use Your Tools Instead of Their Own13:05 - Admin Privileges: Best Practice vs. Reality17:31 - The Louvre Heist Analogy20:08 - Recon Phase: Low and Slow24:16 - What Defenders Can Do25:55 - RDP and Remote Access29:48 - The Recon Timeline: 30-90 Days30:48 - PowerShell and System Hardening34:10 - Network Discovery Tools (Nmap and Wireshark)37:37 - Application Whitelisting and Geo IP Blocking42:08 - Action Items and Wrap-Up

David Bombal
#551: DNS Command & Control: Detecting Malware Traffic

David Bombal

Play Episode Listen Later Feb 23, 2026 36:33


Big thank you to Infoblox for sponsoring this video. For more information on Infoblox have a look at their website: https://www.infoblox.com/ // Get Wireshark Certified // Check out the official training course

Talks with Tim on Industrial Automation
Stop Patching the Noise and Start Finding the Root Cause

Talks with Tim on Industrial Automation

Play Episode Listen Later Jan 4, 2026 19:34


Finding the root cause of an erratic signal can feel like chasing a ghost, especially when your trend lines show noise that shouldn't be there. In this session, we walk through a real-world troubleshooting scenario involving a Yamaha robot simulation where the A3 axis exhibited mysterious spikes. While it initially looked like signal noise or a math error in Studio 5000, the investigation led deep into the interaction between the PLC and the Ignition SCADA system. We explore why a standard cross-reference in the PLC didn't reveal the culprit and how switching to read-only communications finally exposed a hidden bidirectional tag write.We also discuss the common trap of "patching" problems with software filters instead of identifying the source. Whether it is a bad shield on an analog line or an accidental setting in your HMI, understanding the "why" behind the spike is what separates a technician from a parts changer. Additionally, we touch on the challenges of modern Ethernet troubleshooting, the limitations of Wireshark without port mirroring, and why the "View Diagnostics" tool in Ignition is a game-changer for identifying communication conflicts.Helping you become a better technician so you will always be in demandNot sure what video to watch next? Enhance your skills and track your progress at https://controls.tw/yt-courses!Items used in this video:PLC Trainer https://controls.tw/yt-plc-trainersThe above links make these videos possible. Please use them!

Technology Tap
Incident Response and Forensics Essentials | CompTIA Security Exam Prep

Technology Tap

Play Episode Listen Later Dec 18, 2025 23:58 Transcription Available


professorjrod@gmail.comIn this episode of Technology Tap: CompTIA Study Guide, we dive deep into incident response, forensics, and monitoring essentials crucial for your tech exam prep. Learn the full incident response lifecycle—preparation, detection, analysis, containment, eradication, recovery, and lessons learned—to develop your IT skills and master concepts important for the CompTIA exam. We discuss how having a solid plan, defined roles, and effective communication helps IT teams maintain clarity when systems fail. Tune in for real-world examples showing how SOC analysts escalate brute force attacks, how teams preserve evidence for forensics, and how incident debriefs lead to stronger security measures like multi-factor authentication. This episode is an essential part of your CompTIA study guide and technology education journey.We then turn to digital forensics and make it concrete. Legal hold, due process, and chain of custody aren't buzzwords—they're the difference between actionable findings and inadmissible claims. We break down the order of volatility, memory and disk acquisition, hashing, and write blockers, plus the reporting and e‑discovery steps that transform artifacts into a defensible narrative. If you've ever wondered when to pull the plug or why RAM matters, this segment gives you the why and the how.Finally, we zoom out to monitoring and the tools that power modern security operations. From Windows logs and Syslog to IDS, IPS, NetFlow, and packet capture with Wireshark, we show how each source fits the puzzle. We unpack SIEM fundamentals—log aggregation, normalization, correlation, alert tuning—and share strategies to beat alert fatigue without missing true positives. To round it out, we offer certification guidance across A+, Network+, Security+, and Tech+, helping you choose the right path whether you're SOC-bound or supporting compliance from another business unit.Subscribe for more practical cybersecurity breakdowns, share this with a teammate who needs a stronger IR playbook, and leave a review with your biggest monitoring or forensics question—we may feature it next time.Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Technology Tap
The One Hundred Episode

Technology Tap

Play Episode Listen Later Oct 28, 2025 24:28 Transcription Available


professorjrod@gmail.comThe mic feels heavier at 100—not from gear, but from history. We started with a doctoral dare, a $40 class, and a shaky first recording. We built a library that helped learners pass A+, Network+, and Security+ while connecting the dots between hardware, operating systems, storage, networking, and the human choices behind every device and policy. Along the way, our mission sharpened: pair skill with story, prioritize curiosity over checkboxes, and keep ethics at the center of cybersecurity and cloud.We revisit the moments that defined the journey: early fundamentals that formed a base, a pivot into security architecture and zero trust, and the realization that protocols carry purpose. DHCP becomes resource allocation. Firewalls express trust. Wireshark reveals perspective. The show grew with the audience—from notes to narratives to lived stories sent from classrooms, help desks, and late-night study sessions. A single email about subnets “finally clicking” mattered more than download spikes, shaping how we teach: simpler words, stronger analogies, and transparent context.Five pillars now anchor everything we make: accessibility for every learner and veteran, context that grounds acronyms in origin, curiosity that asks better questions, community that turns listeners into collaborators, and reflection that slows tech long enough for wisdom to land. We also share the personal side—health resets, renewed consistency, and the choice to keep going when the stats dip—because sustainable teaching requires a sustainable teacher.Looking ahead, we're doubling down on practical Q&A, live sessions, and clear paths through Network+, Security+, and cloud that never lose sight of ethics and inclusion. If you found value in the archive—from storage myths to authentication breakthroughs—help steer the next hundred. Subscribe, share with a friend who's studying, and send your biggest question for episode 101. Your curiosity sets the agenda.Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifySupport the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Ask Noah Show
Episode 463: Ask Noah Show 463

Ask Noah Show

Play Episode Listen Later Oct 15, 2025 53:55


This week we answer your questions, then dig into OpenShift vs. Kubernetes operators, give some updated options for email hosting, and talk about the dangers of Ai. -- During The Show -- 00:50 Intro AI war stories Content Warning Dangers of AI AIs are sycophants 10:00 News Wire ClamAV 1.5 - gbhackers.com (https://gbhackers.com/clamav-1-5-0-released) Wireshark 4.6 - wireshark.org (https://www.wireshark.org/docs/relnotes/wireshark-4.6.0) KDE Frameworks 6.19 - kde.org (https://kde.org/announcements/frameworks/6/6.19.0) Qt 6.10 - qt.io (https://www.qt.io/blog/qt-6.10-released) 6.16 - kernelnewbies.org (https://kernelnewbies.org/Linux_6.16) NordVPN - techradar.com (https://www.techradar.com/vpn/vpn-services/nordvpn-just-made-its-linux-gui-app-open-source-and-theres-more-on-the-way) T2 25.10 - level1techs.com (https://forum.level1techs.com/t/t2-linux-25-10-never-obsolete-keeps-32-bit-and-big-endian-risc-alive/238216) Ubuntu 25.10 - canonical.com (https://canonical.com/blog/canonical-releases-ubuntu-25-10-questing-quokka) Linux Mint LMDE 7 - phoronix.com (https://www.phoronix.com/news/Linux-Mint-LMDE-7) Winux W10EOL - betanews.com (https://betanews.com/2025/10/13/rip-windows-10-winux-w10eol-is-the-windows-11-clone-that-runs-on-linux-and-makes-your-old-pc-feel-new-again) Nezha Gh0st RAT - thehackernews.com (https://thehackernews.com/2025/10/chinese-hackers-weaponize-open-source.html) Secure Boot Bypass - bleepingcomputer.com (https://www.bleepingcomputer.com/news/security/secure-boot-bypass-risk-on-nearly-200-000-linux-framework-sytems) ksmbd File System Vulnerability - cyberpress.org (https://cyberpress.org/linux-kernel-ksmbd-filesystem-vulnerability) Kali Linux 2025.3 Gemini CLI - linkedin.com (https://www.linkedin.com/pulse/kali-linux-20253-introduces-gemini-cli-automate-qmd4e) React Foundation - techzine.eu (https://www.techzine.eu/news/devops/135353/meta-transfers-react-to-linux-foundation) 11:45 OpenShift vs. Kubernetes Operators - Tiny OpenShift Helm Chart Operators OKD 20:30 Email - JJ_4884 Proton Mail Email aliases Zero inbox Kanban swim lanes Why Steve manages things Fastmail Mail in a Box 46:20 Analog Audio Recordings Saving cassette audio Will you be able to open things in the future? Quality Dual head tape deck -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/463) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Security Unfiltered
Top SAP Security Threat Hunting Strategies Used by Elite Researchers

Security Unfiltered

Play Episode Listen Later Oct 14, 2025 52:15 Transcription Available


Send us a textA curiosity-fueled career moves from Atari and BBS days to leading research on a live SAP zero-day, with candid lessons on people skills, breaking into security, and holding the line when pressure spikes. We unpack how a benign SAP endpoint became an RCE chain and what it takes to defend complex systems at scale.• early path from Commodore 64 and BBS to IT and security• contrast between the Wild West era and today's tool-rich learning• help desk as a foundation for people skills and pressure• practical advice for students on coding, protocols, Wireshark• hiring by attitude, approach and aptitude over tool checklists• navigating WAF pushback and risk acceptance with dev teams• Onapsis research labs and SAP's threat landscape• deep-dive on the SAP 31324 Java gadget chain RCE• attacker interest, attribution signals, and factory impact• offensive research versus traditional pen testing• building culture that rewards questions and learningFind us: onapsis.com → Research Labs. Search “Onapsis 2025 31324” for our zero-day article. SAP thanked us in their patch notes. Connect with Paul on LinkedIn to talk SAP security, offensive work, or careers.Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

The Lockdown - Practical Privacy & Security
030 - Info Stealers, GrapheneOS Drama, and Why Video Games and Anti-Virus Are Spyware

The Lockdown - Practical Privacy & Security

Play Episode Listen Later Jul 18, 2025 52:42


In this episode, I address listener feedback and corrections regarding use of public Wi-Fi, MAC addresses, and aliases. I dive deep into the nuances of MAC address randomization on GrapheneOS versus Apple's private Wi-Fi addresses, explaining why GrapheneOS offers superior privacy protection. I discuss the real threats of public Wi-Fi in 2025 (hint: it's not hackers with Wireshark), and share my approach with aliases.I also cover the rising threat of infostealers like Atomic Info Stealer for macOS, the dangerous intersection of gaming cheats and malware, and why I avoid third-party antivirus software. Most importantly, I address the GrapheneOS controversy: the loss of a senior developer to military conscription, Google's strategic pivot that threatens custom ROMs, and why claims of GrapheneOS “dying” are misinformation spread by those with competing agendas.In this week's episode:Clarifications and Corrections: Public Wi-Fi, MAC addresses, and alias managementMAC address randomization: GrapheneOS vs Apple's implementationThe real threats of public Wi-Fi in 2025Info stealers and video games can be a privacy nightmareGrapheneOS controversy: Developer conscription, Google's lockdown, and the future of custom ROMsWhy antivirus software might be the malware you're trying to avoidMatrix Community RoomsMatrix Community Space - https://matrix.to/#/#psysecure:matrix.orgIndividual Room Links:https://matrix.to/#/#lockdown-general:matrix.orghttps://matrix.to/#/#lockdown-podcast:matrix.orghttps://matrix.to/#/#lockdown-intro:matrix.orgShow Links:MAC Address Lookup - https://maclookup.app/OUI Lookup - https://oui.is/33mail - https://www.33mail.com/OpenSnitch - https://github.com/evilsocket/opensnitchPrivacy.com - https://privacy.comLithic - https://lithic.comKaspersky and Russian Government - https://en.wikipedia.org/wiki/Kaspersky_and_the_Russian_governmentGoogle Not Killing AOSP - https://www.androidauthority.com/google-not-killing-aosp-3566882/GrapheneOS on Developer Conscription - https://grapheneos.social/@GrapheneOS/114359660453627718GrapheneOS on OEM Partnerships (June 19) - https://grapheneos.social/@GrapheneOS/114671100848024807GrapheneOS Response to Misinformation - https://grapheneos.social/@GrapheneOS/114825492698412916GrapheneOS on iPhone Security - https://grapheneos.social/@GrapheneOS/114824816120139544“Social engineering bypasses all technologies, including firewalls.”- Kevin Mitnick ★ Support this podcast on Patreon ★

David Bombal
#503: He CREATED Wireshark - And It Changed Cybersecurity FOREVER

David Bombal

Play Episode Listen Later Jul 16, 2025 44:58


David Bombal is joined by Gerald Combs, the creator of Wireshark, and Chris Greer, a well-known Wireshark trainer, for a comprehensive discussion about the past, present, and future of the world's most popular network protocol analyzer. They explore how Wireshark was originally created as an open-source alternative to expensive packet sniffers, the evolution from its first release in 1998 (as Ethereal), and the community-driven development that led to over 2,300 contributors worldwide. The video also dives into the transition to the Wireshark Foundation, a nonprofit organization dedicated to supporting the tool and educating users globally. Topics covered include: The early days of Wireshark and why it was built The story behind the name change from Ethereal to Wireshark How Windows compatibility helped Wireshark go mainstream The launch of SharkFest and what makes it unique as a community-driven conference What attendees can expect from SharkFest in the US and Europe, including beginner-friendly tracks, expert sessions, and interactive challenges like Packet Doctors How the Wireshark Foundation supports the community and ensures long-term sustainability The introduction of the Wireshark Certified Analyst (WCA) certification and what it means for networking and cybersecurity professionals Real-world use cases for Wireshark in ethical hacking, packet forensics, and cybersecurity training The announcement of StratoShark, a new open-source companion tool for analyzing system call data and cloud logs with a familiar Wireshark-like interface Whether you're a network engineer, a cybersecurity professional, a developer, or just curious about how network analysis tools are built and used, this video provides deep technical insights, inspiring backstory, and practical guidance on how to level up your skills. // Website links REFERENCE // https://wireshark.org/certifications https://packetschool.teachable.com/?a... http://packetpioneer.com/courses https://stratoshark.org/ https://sharkfest.wireshark.org/ // Chris' SOCIAL // X: https://x.com/packetpioneer YouTube: / @chrisgreer LinkedIn: / cgreer // Gerald Combs SOCIAL // LinkedIn: / geraldcombs // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.

Packet Pushers - Full Podcast Feed
NB530: Broadcom Hits 102.4 Tbps With Tomahawk 6; Wireshark Debuts Certificate Program

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jun 9, 2025 23:22


Take a Network Break! We start with two critical vulnerabilities: one affecting cloud versions of Cisco ISE, and the other for HPE StoreOnce. In the news, Broadcom announces the Tomahawk 6 ASIC with 102.4Tbits of bandwidth, SentinelOne suffers a self-imposed network outage, and the Wireshark Foundation announces its first-ever professional certification for Wireshark. Cisco rebrands... Read more »

Packet Pushers - Network Break
NB530: Broadcom Hits 102.4 Tbps With Tomahawk 6; Wireshark Debuts Certificate Program

Packet Pushers - Network Break

Play Episode Listen Later Jun 9, 2025 23:22


Take a Network Break! We start with two critical vulnerabilities: one affecting cloud versions of Cisco ISE, and the other for HPE StoreOnce. In the news, Broadcom announces the Tomahawk 6 ASIC with 102.4Tbits of bandwidth, SentinelOne suffers a self-imposed network outage, and the Wireshark Foundation announces its first-ever professional certification for Wireshark. Cisco rebrands... Read more »

Packet Pushers - Fat Pipe
NB530: Broadcom Hits 102.4 Tbps With Tomahawk 6; Wireshark Debuts Certificate Program

Packet Pushers - Fat Pipe

Play Episode Listen Later Jun 9, 2025 23:22


Take a Network Break! We start with two critical vulnerabilities: one affecting cloud versions of Cisco ISE, and the other for HPE StoreOnce. In the news, Broadcom announces the Tomahawk 6 ASIC with 102.4Tbits of bandwidth, SentinelOne suffers a self-imposed network outage, and the Wireshark Foundation announces its first-ever professional certification for Wireshark. Cisco rebrands... Read more »

Epik Mellon - the QA Cafe Podcast
“The Wireshark Story” with Gerald Combs of Sysdig, Creator and Lead Developer of Wireshark

Epik Mellon - the QA Cafe Podcast

Play Episode Listen Later Jun 3, 2025 46:01


In this episode, I get to sit down with one of my heroes, Gerald Combs, who created and has maintained Wireshark for decades - one of the most critical projects to everything we do today in a connected world. We talk about a passion for problem solving, the magic of open-source, the old days of pre-standardized networking, and how so much of what society relies on is held together by a few very dedicated people.Donate to the Wireshark Foundation here: https://wiresharkfoundation.org/donate/Find the Wireshark Foundation Podcast on YouTube: @SharkBytesWireshark

Control Intelligence
Patrick Bunn: laying the groundwork for future generations of automation

Control Intelligence

Play Episode Listen Later May 19, 2025 33:14


This week's guest on Control Intelligence is Patrick Bunn, owner of Bunn Automation Consulting in Birmingham, Alabama. Bunn's career has included valuable experience with CMC Steel Alabama, Revere Control Systems, EC&S, Hargrove Controls & Automation and Enercon, as well as his volunteer work with younger people in technology, engineering and automation. He will be one of the presenters at OT SCADA CON this July in Houston, where he'll be discussing industrial network protocols and how to use Wireshark software for troubleshooting, as well as the OSI model, which he wrote a very popular on for Control Design. He will speak at the event on July 24 at 3 p.m.

Packet Pushers - Full Podcast Feed
Tech Bytes: Sharpen Your Wireshark Skills at SharkFest'25 US (Sponsored)

Packet Pushers - Full Podcast Feed

Play Episode Listen Later May 12, 2025 12:53


SharkFest is the twice-yearly conference where Wireshark users and trainers gather to learn, share, and improve their packet and protocol analysis skills. The US version of SharkFest’25 is June 14 -19 in Richmond, VA. Gerald Combs of the Wireshark Foundation is here to tell us about why this live event needs to be on your... Read more »

Packet Pushers - Briefings In Brief
Tech Bytes: Sharpen Your Wireshark Skills at SharkFest'25 US (Sponsored)

Packet Pushers - Briefings In Brief

Play Episode Listen Later May 12, 2025 12:53


SharkFest is the twice-yearly conference where Wireshark users and trainers gather to learn, share, and improve their packet and protocol analysis skills. The US version of SharkFest’25 is June 14 -19 in Richmond, VA. Gerald Combs of the Wireshark Foundation is here to tell us about why this live event needs to be on your... Read more »

Cables2Clouds
How To Prepare for an Interview with a Tech Giant - Part 2

Cables2Clouds

Play Episode Listen Later Apr 16, 2025 38:06 Transcription Available


Send us a textPreparing for a cloud network engineering interview at a tech giant? This episode delivers essential insights from someone who conducts these interviews. Kam Agahian, Senior Director of Cloud Engineering at Oracle, returns to continue our deep dive into what really matters when interviewing for these coveted positions.We begin by addressing listener questions about TCP/IP preparation, with Kam suggesting Wireshark packet analysis as a practical approach to master these foundational concepts. While acknowledging these topics can be dry, he emphasizes their critical importance as differentiators in the interview process.The conversation then shifts to the heart of cloud networking: connectivity between environments. Kam breaks down the two primary approaches – IPsec tunnels versus dedicated connections (like FastConnect, DirectConnect, ExpressRoute) – explaining when each makes sense and what you need to understand about them beyond simple definitions. The discussion includes encryption options, real-world implementation challenges, and how cloud service providers differ in their connectivity models.For routing, Kam explains how priorities have shifted from traditional networking interviews. While IGP protocols matter less at cloud boundaries, BGP knowledge remains crucial – but focused on practical applications rather than obscure features. "90-95% of BGP is done around a few topics – inbound and outbound traffic influence, convergence, and troubleshooting," he notes, advising candidates to understand both the "how" and "why" behind concepts like communities, attributes, and ECMP.Throughout the episode, both hosts emphasize a critical insight: cloud networking interviews aren't configuration tests. The most successful candidates demonstrate deep understanding of why technologies are appropriate for specific scenarios, how they've evolved, and the nuances of their implementation in cloud environments versus traditional networks. This thoughtful approach reveals the problem-solving abilities that tech giants value most in their cloud networking teams.Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/ Check out the Fortnightly Cloud Networking Newshttps://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/Visit our website and subscribe: https://www.cables2clouds.com/Follow us on BlueSky: https://bsky.app/profile/cables2clouds.comFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatj

Camada 8
#62 - Troubleshooting de Redes com Gustavo Kalau

Camada 8

Play Episode Listen Later Apr 9, 2025 45:02


No novo episódio do Camada 8, recebemos novamente o Gustavo Kalau, especialista em redes de computadores e instrutor de treinamentos técnicos. Desta vez, ele está de volta para falar sobre um tema que todo profissional de redes precisa dominar: troubleshooting.Kalau explica o que é troubleshooting e porque essa habilidade é tão importante para ajudar a identificar e resolver problemas na rede. Ele também compartilha ferramentas úteis (como ping, traceroute, MTR e Wireshark), dicas de como diferenciar se os problemas estão na camada física, na camada de redes ou na camada de aplicação, e ainda traz casos que ele viveu na prática, e muito mais!Dê o play e confira agora mesmo o novo episódio do quadro Roteamento de Ideias do Camada 8!#Camada8 #Troubleshooting #Traceroute #Ping #MTR #Wireshark #Internet #Infraestrutura #RedesParticipantes:Eduardo Barasal Morales (Host) - Coordenador da área de formação de sistemas autônomos do Ceptro.br no NIC.br https://www.linkedin.com/in/eduardo-barasal-morales Lucas Jorge da Silva (Host) - Analista de Projetos do Ceptro.br no NIC.br https://www.linkedin.com/in/lucasjorgeGustavo Kalau (Convidado) - Especialista em Redes de Computadores e instrutor de treinamentos técnicos para certificações na Gustavo Kalau Treinamento https://www.linkedin.com/in/gustavokalau/Links citados:IX Fórum Fortaleza: https://fortaleza.forum.ix.br/ Live Intra Rede: https://intrarede.nic.br/Curso BCOP Presencial: https://cursoseventos.nic.br/curso/curso-bcop/IX Fórum Regional Edição Sul: https://regional.forum.ix.br/Curso BCOP EaD: https://cursoseventos.nic.br/curso/curso-bcop-ead/Programa Acelera NET: https://cursoseventos.nic.br/curso/programa-acelera-net/NTP: https://ntp.br/Gustavo Kalau Treinamentos: https://gustavokalau.com.br/Fórum BCOP 2024: https://forumbcop.nic.br/Palestra: Dicas óbvias (ou não) para quem trabalha com redes de computadores: https://www.youtube.com/live/EWS_OVg8TTs?si=KmDTYCEaeH8NNBTv Agenda de cursos do Ceptro|NIC.br: https://ceptro.br/cursos-eventosRedes Sociais:https://www.youtube.com/nicbrvideos/https://www.twitter.com/comunicbr/https://www.telegram.me/nicbr/https://www.linkedin.com/company/nic-br/https://www.instagram.com/nicbr/https://www.facebook.com/nic.br/https://www.flickr.com/NICbr/Contato:Equipe Ceptro.brcursosceptro@nic.brDireção e áudio:Equipe Ceptro.brEquipe de Comunicação do NIC.brEdição YouProjectSonorização Rádiofobia Podcast e Multimídia: https://radiofobia.com.br/Veja também:https://nic.br/https://ceptro.br/

Packet Pushers - Full Podcast Feed
Tech Bytes: An Inside Look at the Wireshark Foundation (Sponsored)

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Apr 7, 2025 16:56


Today on the Tech Bytes podcast we get a look at the inner workings of the Wireshark Foundation. Many already know what Wireshark is and can do for you. It's a free, open-source, and widely used tool for packet and protocol analysis. But what does it take to keep Wireshark running, to update software and... Read more »

Packet Pushers - Briefings In Brief
Tech Bytes: An Inside Look at the Wireshark Foundation (Sponsored)

Packet Pushers - Briefings In Brief

Play Episode Listen Later Apr 7, 2025 16:56


Today on the Tech Bytes podcast we get a look at the inner workings of the Wireshark Foundation. Many already know what Wireshark is and can do for you. It's a free, open-source, and widely used tool for packet and protocol analysis. But what does it take to keep Wireshark running, to update software and... Read more »

The Cloud Pod
290: Open AI to Operator: There is a DeepSeek Outside the Door

The Cloud Pod

Play Episode Listen Later Feb 6, 2025 70:12


Welcome to episode 290 of The Cloud Pod – where the forecast is always cloudy! It's a full house this week – and a good thing too, since there's a lot of news! Justin, Jonathan, Ryan, and Matthew are all in the house to bring you news on DeepSeek, OpenVox, CloudWatch, and more.  Titles we almost went with this week: The cloud pod wonders if azure is still hung over from new years Stratoshark sends the Cloud pod to the stratosphere Cutting-Edge Chinese “Reasoning” Model Rivals OpenAI… and it’s FREE?! Wireshark turns 27, Cloud Pod Hosts feel old Operator: DeepSeek is here to kill OpenAI Time for a deepthink on buying all that Nvidia stock AWS Token Service finally goes cloud native The CloudPod wonders if OpenAI’s Operator can order its own $200 subscription A big thanks to this week's sponsor: We're sponsorless! Want to get your brand, company, or service in front of a very enthusiastic group of cloud news seekers? You've come to the right place! Send us an email or hit us up on our slack channel for more info.  AI IS Going Great – Or How ML Makes All Its Money 01:29 Introducing the GenAI Platform: Simplifying AI Development for All  If you’re struggling to find that AI GPU capacity, Digital Ocean is pleased to announce their DigitalOcean GenAI Platform is now available to everyone. The platform aims to democratize AI development, empowering everyone – from solo developers to large teams – to leverage the transformative potential of generative AI.  On the Gen AI platform you can: Build Scalable AI Agents Seamlessly integrate with workflows Leverage guardrails Optimize Efficiency.  Some of the use cases they are highlighting are chatbots, e-commerce assistance, support automation, business insights, AI-Driven CRMs, Personalized Learning and interactive tools.  02:23 Jonathan – “Inference cost is really the big driver there. So once you once you build something that’s that’s done, but it’s nice to see somebody focusing on delivering it as a service rather than, you know, a $50 an hour compute for training models. This is right where they need to be.” 04:21 OpenAI: Introducing Operator We have thoughts about the name of this service… OpenAI is releasing the preview version of their agent that can use a web browser to perform tasks for you.  The new version is available to OpenAI pro users.  OpenAI says it’s currently a research preview, meaning it has limitations and will evolve based on your feedback.  Operator can handle various browser tasks such as filling out forms, ordering groceries, and even creating memes.  

Packet Pushers - Full Podcast Feed
PP047: Why Packet Analysis (and Wireshark) Should Be In Your Security Toolkit

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jan 28, 2025 43:23


Don't underestimate the value of packet analysis in your security strategy. And if you’re analyzing packets, the open-source Wireshark software is a go-to tool. On today's episode, we talk with Chris Greer, a Wireshark trainer and consultant specializing in packet analysis. Chris explains the critical role of packet analysis in cybersecurity, particularly in threat hunting... Read more »

Packet Pushers - Fat Pipe
PP047: Why Packet Analysis (and Wireshark) Should Be In Your Security Toolkit

Packet Pushers - Fat Pipe

Play Episode Listen Later Jan 28, 2025 43:23


Don't underestimate the value of packet analysis in your security strategy. And if you’re analyzing packets, the open-source Wireshark software is a go-to tool. On today's episode, we talk with Chris Greer, a Wireshark trainer and consultant specializing in packet analysis. Chris explains the critical role of packet analysis in cybersecurity, particularly in threat hunting... Read more »

Packet Pushers - Heavy Networking
HN763: You Too Can Say ‘Yes' to Packet Analysis

Packet Pushers - Heavy Networking

Play Episode Listen Later Jan 10, 2025 55:42


Packet capture and packet analysis is incredibly useful for problem-solving and troubleshooting. Analyzing packets is also a difficult skill to master. With the incredible array of network troubleshooting tools at our disposal, including emerging networking models for artificial intelligence, do we still need to fuss around with Wireshark in 2025? Our guest Chris Greer says... Read more »

Packet Pushers - Full Podcast Feed
HN763: You Too Can Say ‘Yes' to Packet Analysis

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jan 10, 2025 55:42


Packet capture and packet analysis is incredibly useful for problem-solving and troubleshooting. Analyzing packets is also a difficult skill to master. With the incredible array of network troubleshooting tools at our disposal, including emerging networking models for artificial intelligence, do we still need to fuss around with Wireshark in 2025? Our guest Chris Greer says... Read more »

Packet Pushers - Fat Pipe
HN763: You Too Can Say ‘Yes' to Packet Analysis

Packet Pushers - Fat Pipe

Play Episode Listen Later Jan 10, 2025 55:42


Packet capture and packet analysis is incredibly useful for problem-solving and troubleshooting. Analyzing packets is also a difficult skill to master. With the incredible array of network troubleshooting tools at our disposal, including emerging networking models for artificial intelligence, do we still need to fuss around with Wireshark in 2025? Our guest Chris Greer says... Read more »

The Tech Blog Writer Podcast
3134: Transforming Cloud Security: The Power of Agentic AI with Sysdig

The Tech Blog Writer Podcast

Play Episode Listen Later Dec 30, 2024 34:23


  How is agentic AI reshaping cloud security and what does the future hold for this transformative technology? In today's episode of Tech Talks Daily, I sit down with Loris Degioanni, the founder and CTO of Sysdig, to explore how agentic AI is driving innovation in cloud security. As the creator of Sysdig and the CNCF runtime security tool Falco, Loris brings a wealth of expertise to the conversation, having also been a key contributor to the widely-used open-source network analyzer, Wireshark. We discuss how Sysdig has pioneered the first AI-powered cloud security tool using agentic AI. This groundbreaking approach enables AI agents to function as domain-specific experts, working collaboratively to provide rapid threat detection—reducing response times to under 10 minutes in cloud environments where speed is critical. Loris shares insights into the cultural and technological factors fueling the rise of agentic AI and its potential to revolutionize cybersecurity. The conversation also delves into the promises and pitfalls of agentic AI, such as its ability to handle complex tasks in a way that mimics human teams, alongside challenges like latency and cost. Loris highlights how open-source tools like Falco and Sysdig play a crucial role in advancing AI by making domain-specific knowledge publicly accessible, empowering the broader developer community to optimize AI capabilities. Looking ahead, we explore the future of AI in enterprise and cloud security, including predictions about how conversational interfaces and agentic AI architectures will redefine how businesses interact with and manage security tools. Whether you're curious about the evolution of AI in cybersecurity or interested in learning how Sysdig is leveraging this innovation to address today's challenges, this episode offers a fascinating glimpse into the intersection of technology and security. What are your thoughts on the role of agentic AI in shaping the future of cybersecurity? Join the discussion and share your perspective!

Packet Pushers - Full Podcast Feed
N4N006: Packet Analysis Basics

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Dec 12, 2024 34:12


Packet analysis can be your friend for troubleshooting network problems. In this episode, hosts Ethan Banks and Holly Metlitzky explore packet analysis, They discuss tools such as Wireshark and Tcpdump, explain their functionalities, and talk about the importance of filtering data for effective analysis. Listeners are encouraged to engage with Wireshark and other tools  themselves.... Read more »

Packet Pushers - Fat Pipe
N4N006: Packet Analysis Basics

Packet Pushers - Fat Pipe

Play Episode Listen Later Dec 12, 2024 34:12


Packet analysis can be your friend for troubleshooting network problems. In this episode, hosts Ethan Banks and Holly Metlitzky explore packet analysis, They discuss tools such as Wireshark and Tcpdump, explain their functionalities, and talk about the importance of filtering data for effective analysis. Listeners are encouraged to engage with Wireshark and other tools  themselves.... Read more »

ITSPmagazine | Technology. Cybersecurity. Society
From Healthcare to Cybersecurity: Leveraging Past Professions to Enhance Cybersecurity Programs | A Conversation with Gina D'Addamio | Redefining CyberSecurity with Sean Martin

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Nov 26, 2024 44:49


Guest: Gina D'Addamio, Threat Analyst, Canadian Cyber Threat Exchange [@CCTXCanada]On LinkedIn | https://www.linkedin.com/in/gina-daddamioOn Twitter | https://www.linkedin.com/in/gina-daddamio____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn the latest episode of Redefining CyberSecurity on ITSPmagazine, host Sean Martin engages with Gina D'Addamio, a threat analyst at the Canadian Cyber Threat Exchange (CCTX), to discuss the pathways and challenges for transitioning into the field of cybersecurity from different professional backgrounds.Gina D'Addamio: From Nursing to Cybersecurity — Gina shares her compelling journey from the world of nursing to becoming a threat analyst at CCTX. Starting her career in nursing, Gina specialized in delivering babies and providing postpartum care. However, due to the increasing pressures and emotional toll of a deteriorating healthcare system, she decided to make a career change. She reflects on the emotional challenges and the impact on her family life that led her to step away from nursing.Transitioning through the Rogers Cybersecure Catalyst Program — Gina was introduced to cybersecurity through a fellow school mom and an opportunity with the Rogers Cybersecure Catalyst program. The program provided an accelerated learning path, offering her three SANS certifications within seven months. Gina emphasizes the importance of such programs in bridging the gap for those who have no prior experience in cybersecurity, showcasing her success as a significant transition case.Relatability between Nursing and Cybersecurity — Throughout the discussion, Gina and Sean draw parallels between nursing and cybersecurity. Gina points out how her experience in managing life-and-death situations in nursing is akin to dealing with critical incidents in cybersecurity. Her ability to remain composed under pressure and her proficiency in translating complex medical information into understandable terms has been vital in her role at CCTX.The Role at CCTX — At CCTX, Gina's work involves threat analysis and translating complex cybersecurity threats into actionable advice for a diverse range of members, from large corporations to small businesses. The nonprofit organization plays a crucial role in threat intelligence sharing across sectors in Canada, similar to ISACs and ISAOs in the U.S.Mentorship and Continuous Learning — Gina discusses the ongoing learning environment within CCTX, facilitated by member-led webinars and hands-on experiences such as Wireshark workshops. She highlights the constant need for education in cybersecurity due to the ever-changing threat landscape. She also mentors others transitioning into cybersecurity, stressing the value of soft skills and effective communication in securing roles within the industry.Advice to Employers in Cybersecurity — Gina urges employers to recognize the potential in candidates from diverse professional backgrounds, emphasizing that the ability to learn and adapt is often more important than years of industry-specific experience. She advocates for a hiring approach that looks beyond certifications to the person's overall ability to fit within the team and contribute to the organization's goals.This episode underscores the potential for successful career transitions into cybersecurity from seemingly unrelated fields. Gina D'Addamio's story is a testament to how diverse experiences can enrich the cybersecurity field, bringing fresh perspectives and skills that enhance threat analysis and response.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Syntax - Tasty Web Development Treats
826: You Need These 30 Apps - PART 2

Syntax - Tasty Web Development Treats

Play Episode Listen Later Sep 25, 2024 56:29


In part 2 of covering the best apps for web developers, Scott and Wes dive into must-have tools that will level up your workflow. From screenshot utilities to development tools and video production apps, this episode is packed with recommendations to boost your productivity and creativity. Show Notes 00:00 Welcome to Syntax! 01:44 Brought to you by Sentry.io. 02:30 Utilities. 02:48 BetterTouchTool. 09:31 Hyperkey. 11:46 Amethyst. 12:51 Klack. 13:47 Bottom (Btm). 14:54 Pearcleaner 16:40 App Cleaner. 17:35 Rocket Emoji. 20:27 Clippy. 23:37 Screenshots and Screen Recordings. 24:05 Dropshare. 25:29 OBS with Source Record. 29:20 Screen Studio. 30:58 Detail.co. 31:22 Cap. 32:08 Kap. 32:46 CleanShot X 34:15 Video and Production. 34:24 DaVinci Resolve. 37:46 Affinity Pro. 39:42 PrincipleForMac. 40:39 Inkscape. 41:34 Development tools. 41:38 DBngin. 43:12 TablePlus. 45:48 MongoDB Compass. 46:14 Proxyman. 47:00 Wireshark. 47:31 Polypane. 48:30 Setapp. 49:44 SVG Grabber. 51:42 Sick Picks & Shameless Plugs. Sick Picks Scott: Untold Sign Stealer. Wes: Magentiles Marble Run. Shameless Plugs Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Ask Noah Show
Ask Noah Show 406

Ask Noah Show

Play Episode Listen Later Sep 4, 2024 53:51


This week we dig back into home automation, we talk a bit about choosing cameras for a large camera system, and of course we answer your questions! -- During The Show -- 00:52 Intro Home automation Weekend of learning 03:48 Monitoring Remote Location (Cameras) - Rob Powerline adapters might work Ubiquiti Nano Beam Synology Surveillance Station (https://www.synology.com/en-global/surveillance) Frigate Do not put the NVR on the internet Privacy File server upload Home Assistant events 17:18 Camera Systems for Tribal Lands - William NDAA compliant cameras and NVRs ReoLink NVR banned ReoLink Cameras depends - bad idea NDAA compliant brands 360 Vision Technology (360 VTL) Avigilon Axis Communications BCD International Commend FLIR Geutebrück iryx JCI/Tyco Security Mobotix Pelco Rhombus Systems Seek Thermal Solink Vaion/Ava WatchGuard Main 3 NVR in use Exac Vision Avigilon Milestone NDAA conversation Noah's favorites Axis FLIR #### 25:09 Charlie Finds e-ink android - Charlie Boox Palma (https://shop.boox.com/products/palma) Why a camera? Nice for reading Lineage or Graphene will NOT work 27:57 ESPDevices for Light Switches - Avri Shelly's are ESP32 devices Devices can talk to each other 30:00 Beaming podcasts to Volumio and Roku - Tiny Pulse Audio Write in! 31:40 News Wire 4M Linux 46 - opensourcefeed.org (https://www.opensourcefeed.org/4mlinux-46-release/) Debain Bookwork 12.7 - debian.org (https://www.debian.org/News/2024/20240831) Porteus 1.6 - porteus.org (https://forum.porteus.org/viewtopic.php?t=11426) Rhino Linux 2nd Release - itsfoss.com (https://news.itsfoss.com/rhino-linux-2024-2-release/) GNU Screen 5 - theregister.com (https://www.theregister.com/2024/09/03/gnu_screen_5/) Wireshark 4.4 - wireshark.org (https://www.wireshark.org/docs/relnotes/wireshark-4.4.0) Bugzilla releases - bugzilla.org (https://www.bugzilla.org/blog/2024/09/03/release-of-bugzilla-5.2-5.0.4.1-and-4.4.14/) Armbian 24.8 - armbian.com (https://www.armbian.com/newsflash/armbian-24-8-yelt/) Elasticsearch and Kibana licensing - businesswire.com (https://www.businesswire.com/news/home/20240829537786/en/Elastic-Announces-Open-Source-License-for-Elasticsearch-and-Kibana-Source-Code) Xe2 Linux Support - wccftech.com (https://wccftech.com/intel-push-out-xe2-graphics-enablement-linux-6-12-kernel/) Cicada3301 - thehackernews.com (https://thehackernews.com/2024/09/new-rust-based-ransomware-cicada3301.html) New Phi-3.5 AI Models - infoq.com (https://www.infoq.com/news/2024/08/microsoft-phi-3-5/) Open-Source, EU AI Act Compliant LLMs - techzine.eu (https://www.techzine.eu/blogs/privacy-compliance/123863/aleph-alphas-open-source-llms-fully-comply-with-the-ai-act/) View on Why AI Models Should be Open and Free for All - businessinsider.com (https://www.businessinsider.com/anima-anandkumar-ai-climate-change-open-source-caltech-nvidia-2024-8) 33:53 Hoptodesk Comparison to Team Viewer Hoptodesk (https://www.hoptodesk.com/) Free & Open Source Cross platform E2E Encryption Can self host the server Wayland is not officially supported 38:05 EmuDeck ArsTechnica (https://arstechnica.com/gaming/2024/08/emudeck-machines-pack-popular-emulation-suite-in-linux-powered-plug-and-play-pc/) Seeking funding Already been doing this on the steamdeck For retro games Drawing unwanted attention Powered by Bazzite 41:05 Home Automation Zwave Great for nerds/tinkering Not for professional installs RadioRA 2 Licensed dedicated frequency Central planning Never had a failure Designed to be integrated Orbit Panels and Shelly Pro Line Game changer 100% reliable People don't want a wall of dimmers Seeed Studio mmWave Sensor (https://wiki.seeedstudio.com/mmwave_human_detection_kit/) I don't like WiFi for automation Steve's experience -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/406) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Wireshark 4.4: Converting Display Filters to BPF Capture Filters https://isc.sans.edu/diary/Wireshark+44+Converting+Display+Filters+to+BPF+Capture+Filters/31224 GitHub Comments Used to Spread Malware https://www.reddit.com/r/Malware/comments/1f2n1h4/comment/lkbi5gi/ Voldemort Malware Curses Orgs Using Global Tax Authorities https://www.darkreading.com/threat-intelligence/voldemort-malware-curses-orgs-global-tax-authorities Analysis of CVE-2024-43044 From file read to RCE in Jenkins through agents https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Wireshark 4.4: Converting Display Filters to BPF Capture Filters https://isc.sans.edu/diary/Wireshark+44+Converting+Display+Filters+to+BPF+Capture+Filters/31224 GitHub Comments Used to Spread Malware https://www.reddit.com/r/Malware/comments/1f2n1h4/comment/lkbi5gi/ Voldemort Malware Curses Orgs Using Global Tax Authorities https://www.darkreading.com/threat-intelligence/voldemort-malware-curses-orgs-global-tax-authorities Analysis of CVE-2024-43044 From file read to RCE in Jenkins through agents https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Wireshark 4.4.0 rc 1 Custom Columns https://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokens https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerability https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfix https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honor https://cybercodeofhonor.com/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Wireshark 4.4.0 rc 1 Custom Columns https://isc.sans.edu/diary/Wireshark%204.4.0rc1%27s%20Custom%20Columns/31174 Github Repo Artifact Leak Tokens https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/ BitLocker Security Feature Bypass Vulnerability https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38058 Solarwindws Hotfix https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 Ed Skoudis, Paul Maurer: The Code of Honor https://cybercodeofhonor.com/

LINUX Unplugged
559: Linux is Bigger in Texas

LINUX Unplugged

Play Episode Listen Later Apr 22, 2024 90:37


We're back from Austin, with interviews and stories to share. Plus, it's Gentoo week and we take our first look at Fedora 40.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Support LINUX UnpluggedLinks:

Phoenix Cast
Wireshark, Leaked Hacking Tools, Freaking out about Google

Phoenix Cast

Play Episode Listen Later Feb 29, 2024 48:00


In this episode of Phoenix Cast, hosts John and Kyle discuss some recents events in the news - banning Wireshark, the alleged leak of hacking tools, and Kyle finishes by providing some perspective on how Google sunsets projects.  Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts. Links: Wireshark website (donate here): https://www.wireshark.org/ SharkFest:  https://sharkfest.wireshark.org/ Hacking tool leak: https://cybernews.com/news/github-leak-exposes-chinese-cyber-ops/ Lockbit:  https://www.bbc.com/news/technology-68344987  https://www.bleepingcomputer.com/news/security/police-arrest-lockbit-ransomware-members-release-decryptor-in-global-crackdown/ https://www.reuters.com/technology/lockbit-hackers-swagger-display-after-police-leak-identities-online-2024-02-20/ Single, double, triple, quadruple extortion - https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-double-extortion-and-beyond-revil-clop-and-conti

The Smart Buildings Academy Podcast | Teaching You Building Automation, Systems Integration, and Information Technology

Dive into the complexities of BACnet IP with Phil Zito in Episode 453 of the Smart Buildings Academy Podcast. This episode provides a thorough examination of BACnet IP, including BBMDS (BACnet Broadcast Management Devices), Bdts (BACnet Distribution Tables), and the use of Wireshark for network analysis. Designed for those with a foundational understanding of IT concepts, this session covers the essentials of BACnet IP communications, the functionality of virtual links, and practical insights into network configurations for building automation systems. Episode Highlights: Introduction to BACnet IP: Phil sets the stage for an in-depth exploration of BACnet IP, emphasizing the episode's technical depth and encouraging live audience interaction for clarity. Understanding BACnet IP: Key concepts such as BACnet IP addressing, the role of UDP (User Datagram Protocol), and the importance of the OSI model in understanding BACnet communications are explained. BBMDS and Bdts Explained: The function of BBMDS and Bdts in extending BACnet communication across different subnets is discussed, alongside the mechanisms that enable these processes. Wireshark Analysis: Phil demonstrates how to use Wireshark for analyzing BACnet IP traffic, providing insights into reading and interpreting the data for troubleshooting and system optimization. Practical Network Configuration: The episode covers network configuration strategies, including the management of broadcast domains and the scalability of network segments, to facilitate efficient BACnet IP integration. Join Phil for this technical deep dive into BACnet IP, offering valuable knowledge for professionals seeking to enhance their understanding of network communications within building automation systems. This episode is an essential listen for anyone involved in the design, implementation, or management of BAS, looking to deepen their expertise in BACnet IP.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Wireshark Updates https://isc.sans.edu/diary/Wireshark%20updates/30528 Android Updates https://source.android.com/docs/security/bulletin/2024-01-01 Ivanti Critical Vulnerability https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US Malicious PyPi Packages https://www.fortinet.com/blog/threat-research/malicious-pypi-packages-deploy-coinminer-on-linux-devices Everything npm package https://www.bleepingcomputer.com/news/security/everything-blocks-devs-from-removing-their-own-npm-packages/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Wireshark Updates https://isc.sans.edu/diary/Wireshark%20updates/30528 Android Updates https://source.android.com/docs/security/bulletin/2024-01-01 Ivanti Critical Vulnerability https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US Malicious PyPi Packages https://www.fortinet.com/blog/threat-research/malicious-pypi-packages-deploy-coinminer-on-linux-devices Everything npm package https://www.bleepingcomputer.com/news/security/everything-blocks-devs-from-removing-their-own-npm-packages/