Talkin’ About Infosec News – 11/19/2020
Play • 18 min
7 Minute Security
7 Minute Security
Brian Johnson
7MS #450: DIY Pentest Dropbox Tips - part 4
Hey friends! We're continuing our series on pentest dropbox building - specifically playing off last week's episode where we started talking about automating the OS builds that go on our dropboxes. Today we'll zoom in a little closer and talk about some of the specific scripting we do to get a Windows 2019 Active Directory Domain Controller installed and updated so that it's ready to electronically punch in the face with some of your mad pentesting skills! Specifically, we talk about these awesome commands: tzutil /s "Central Standard Time" - this is handy to set the time zone of your server build powercfg.exe -change -standby-timeout-ac 0 will stop your VM from falling asleep Invoke-WebRequest "https://somesite/somefile.file" -OutFile "c:\some\path\somefile.file" is awesome for quickly downloading files you need. Couple it with Expand-Archive "C:\some\path\" "c:\path\to\where\you\want\to\extract\the\zip" to make auto-provisioning your toolkit even faster! Don't like it that Server Manager loves to rear its dumb head upon every login? Kill the task for it with Get-ScheduledTask -TaskName ServerManager | Disable-ScheduledTask -Verbose. Byeeeeee!!!! I love Chrome more than I love IE/Edge, so I auto install it with: $Path = $env:TEMP; $Installer = "chrome_installer.exe"; Invoke-WebRequest "" -OutFile $Path\$Installer; Start-Process -FilePath $Path\$Installer -Args "/silent /install" -Verb RunAs -Wait; Remove-Item $Path\$Installer Now get all the Windows updates! Install-PackageProvider -name nuget -force Install-Module PSWindowsUpdate -force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -IgnoreReboot Then rename your machine: Write-Host "Picking a new name for this'll need to provide your admin pw to do so" Rename-Computer -LocalCredential administrator -PassThru Write-Host "New name accepted!" When you're ready to install Active Directory, you can grab the RSAT tools: Write-Host "Lets install the RSAT tooleeeage!" add-windowsfeature -name rsat-adds And then the AD domain services themselves: Write-Host "Now lets install the AD domain services!" add-windowsfeature ad-domain-services Then install the new forest: install-addsforest -domainname your.domain -installdns -DomainNetbiosName yourdomain
56 min
Brakeing Down Security Podcast
Brakeing Down Security Podcast
Bryan Brake, Amanda Berlin, Brian Boettcher
2021-001-news, youtuber 'dream' doxxed, solarwind passwords bruteforced, malware attacks
Dream Doxxed: Minecraft YouTuber Dream Doxxed Following Speedrun Controversy ( Def Noodles on Twitter: "STANS TAKING IT TOO FAR: Dream doxed after posting a picture of his kitchen on his 2nd Twitter account. Dream has not published statement about situation yet in his public accounts." / Twitter Osint issues… found him by breadcrumbs and using zillow internal pics of his house. Craziness Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News - Latest Hacker News and IT Security News How to Use APIs (explained from scratch) ( Hackers target cryptocurrency users with new ElectroRAT malware | ZDNet Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020 | ZDNet Check out our Store on Teepub! Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email #AmazonMusic: #Brakesec Store!: #Spotify: #Pandora: #RSS: #Youtube Channel: #iTunes Store Link: #Google Play Store: Our main site: #iHeartRadio App: #SoundCloud: Comments, Questions, Feedback: Support Brakeing Down Security Podcast by using our #Paypal: OR our #Patreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : #Stitcher Network: #TuneIn Radio App:
47 min
CISO-Security Vendor Relationship Podcast
CISO-Security Vendor Relationship Podcast
Mike Johnson and David Spark
Our "Hope It Doesn't Happen to Me" Security Strategy
All links and images for this episode can be found on CISO Series We're thinking it just might be possible to wish our security problems away. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our sponsored guest this week is Steve Giguere, (@_SteveGiguere_) director of solution architecture and community, StackRox. Thanks to this week’s podcast sponsor, Stackrox StackRox is the industry’s first Kubernetes-native security platform that enables organizations to securely build, deploy, and run cloud-native applications anywhere. The StackRox Kubernetes Security Platform delivers lower operational cost, reduced operational risk, and greater developer productivity through a Kubernetes-native approach that supports built-in security across the entire software development lifecycle. On this week's episode That’s something I would like to avoid Security theater is a security placebo. We're being told that it's effective, and we may fool ourselves into believing it is, but the reality is there's no real security medicine there. Over on Infosecurity Magazine, Danny Bradbury has identified a few key ones I want to call out. In particular, technology buzzwords - like getting a solution with AI, data collection - more data, more insights, right?, and endless security alerts - for practitioners and end users. All of these seem to be in regular practice today. Does calling out security theater result in pushback? And if so, how do you handle calling it out and how would you shift each of these security placebos into a more medicated version? There’s got to be a better way to handle this On reddit, kautica0 asks, "If a company becomes aware of a 0-day vulnerability and it impacts their production web application serving customers, what actions should be taken? Should it even be considered an incident?" Just because it's a 0-day vulnerability does that make it more threatening than any of the known vulnerabilities? There was a lot of logical advice that was akin to how we would handle any vulnerability, but the 0-day nature had the looming feeling of this could be an incident very quickly and would require an incident response plan. "What's Worse?!" A "What's Worse?!" entry from our youngest listener. Please, enough. No, more. The topic is Kubernetes Security. We discuss what we have heard enough about when it comes to Kubernetes security and what we would like to hear more. Where does a CISO begin Is being cloud first a security strategy? Over on the UK's National Cyber Security Centre, an article argues that we should not ask if the cloud is secure, but whether it is being used securely. What does that mean? And is there an argument for and against cloud first being a valid security strategy?
30 min
Hacker Valley Studio
Hacker Valley Studio
Hacker Valley Media
Episode 114 - The Good, Bad, and Ugly of Threat Intelligence with Patrick Coughlin
In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Patrick Coughlin, Co-Founder and CEO of TruSTAR. Patrick began his career as a security analyst in Washington D.C. and the middle east. By working with government contractors, multinational corporations, and counter-terrorism units, Patrick learned that the biggest challenge that security analysts have is retrieving the needed information from disparate data sources. This discovery led Patrick to founding TruStar. Patrick’s focus is to help organizations automate the collection and curation of threat intelligence data. Patrick’s analytical prowess originated from working at Booz Allen Hamilton where he learned a fundamental skill that all cybersecurity analysts should have - how to put together a slide deck. This skill helped Patrick articulate the importance of threat intelligence to leaders in the government and private sector. As the episode progresses, Patrick details the differences between threat intelligence requirements for national security and enterprise. For enterprise threat intelligence programs, the goal is to accelerate automation of detection and rarely attribution. Patrick also mentions automation is only as effective as the data is cleaned, normalized, and prioritized. What about the good, bad, and ugly of threat intelligence? Patrick describes that an organization can thrive by leveraging internal intelligence. This can be overlooked when organizations are fixated on buying threat data feeds and subscribing to ISAC feeds. Most enterprise organizations have a detection and response stack that is constantly providing information about threats relevant to their organization - which serves as great threat intelligence data. Chris and Ron ask Patrick about the science vs art aspects of cybersecurity and threat intelligence. Patrick describes that there is room for both art and science in threat intelligence. While new concepts are being discovered, there is art in finding the needle in the haystack. However, at some point, intuition can be described into steps that a machine can repeat. For example, after years of analytical practice an analyst can describe how and why they are tagging threat intelligence related data in such a way that can be repeated by other analysts or automation. This episode covers an abundance of tactics and techniques for threat intelligence analysts. Patrick describes the best place to begin automating threat intelligence is detection. An analyst can ask the question, “How do I get sources of known bad indicators into my detection stack so that I could drive high fidelity detections?”. As false positives decrease, your mean time to detection (MTTD) and resolution (MTTR) decrease which makes your threat intelligence and security operation team members more effective. 0:00 - Intro 1:53 - This episode features Patrick Coughlin, Co-Founder and CEO of TruSTAR 2:30 - Patrick’s background and start as a security analyst 5:19 - How to automate threat intelligence while reducing analyst fatigue 7:05 - How Patrick cultivated his analyst prowess 8:43 - Articulating threat intelligence to government and enterprise organizations 11:09 - Can a threat intelligence program be automated? 17:21 - Patrick’s experience of “good” and “bad” threat intelligence programs 20:31 - Logic vs Intuition in threat intelligence 27:04 - Artificial Intelligence and Machine Learning to make threat intelligence decisions 28:42 - Where to start when automating threat intelligence 30:02 - How to stay in touch with Patrick Coughlin Links: Connect with Patrick Coughlin on LinkedIn Link to Patrick’s company TruSTAR Learn more about Hacker Valley Studio. Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter. Follow hosts Ron Eddings and Chris Cochran on Twitter. Learn more about our sponsor ByteChek. Take our FREE course for building threat intelligence programs by visiting
31 min
The Social-Engineer Podcast
The Social-Engineer Podcast
Social-Engineer, LLC
Ep. 137 – Human Hacking With Chris Hadnagy
In this special episode, Chris Hadnagy joins Maxie Reynolds to talk about the amazing stories and useful lessons contained in Chris’s new book: “Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You”. Listen as Chris delves into the process of making “Human Hacking” and shares the awesome story behind its inception. Maxie and Chris also discuss the importance of empathy especially when it comes to hacking humans. Chris a global security expert and master hacker. He is the founder and CEO of Social-Engineer, LLC, the creator of the popular Social Engineer Podcast, website, and newsletter, and designed “Advanced Practical Social Engineering,” the first hands-on social engineering training course and certification for law enforcement, military, and private sector professionals. 00:09 – Introduction to Maxie Reynolds 02:13 – Introduction to Christopher Hadnagy’s brand-new book: “Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You” 02:51 – Human-hacking is a skill that can be used in everyday life by everyday people 04:19 – What it means to “Leave Them Better Off for Having Met You” 05:50 – “The martial art of the mind” and how a malicious person could use it for harm 07:39 – Empathy and why it is so important when hacking humans 09:21 – Showing empathy while amygdala hijacked 11:40 – Empathy is more than just putting yourself in someone else’s shoes 14:15 – Empathy is often hierarchical 16:33 – The power of “I’m sorry” 18:02 – Why understanding the meaning behind someone’s actions is so important 21:48 – Accuracy of the stories told in the book 24:15 – The process of co-authoring the book with Seth Schulman 26:43 – The amazing story of how the book came to be 31:16 – How to fight the isolation and social awkwardness brought by technology and, more recently, COVID-19. 34:46 – Giving your feedback on the book 36:20 – A distillation of the “Advanced Practical Social Engineering” course, made applicable to everyone 40:50 – Socially engineering the world’s best rock band 43:51 - “Quick Fire Questions”: 44:04 – Chris's favorite story in the book 45:04 – Is there a stage in child development where less empathy is shown? 46:10 – Would the new book have helped teenage Chris? 48:01 – Is it as nicer to feel empathy yourself or receive it from someone else? 49:49 – Balance is required when teaching empathy. 51:19 – How we can all better our communities by learning to “Win Friends, Influence People, and Leave Them Better Off for Having Met You” 53:35 – Chris's book recommendations Without Conscience: The Disturbing World of the Psychopaths Among Us Antifragile: Things That Gain from Disorder The Dictionary of Body Language: A Field Guide to Human Behavior 54:56 – Outro Human Hacking Book Website Human Hacking Book Amazon Maxie on Twitter Chris on Twitter Social-Engineer on Twitter SEVillage: The Human Hacking Conference The Innocent Lives Foundation Clutch
58 min
More episodes
Clear search
Close search
Google apps
Main menu