197-Big Sur Update & Amazon Sidewalk
Play • 25 min
This week I discuss Big Sur VPN updates, Amazon's new Sidewalk "feature", and a summary of the Black Friday deals for privacy enthusiasts.

Direct support for this podcast comes from sales of my books and the new online OSINT video training. More details can be found at IntelTechniques.com and IntelTechniques.net. Your support eliminates any ads, sponsors, endorsements, Patreon, donations, or commercial influence on this show.

Listen to ALL episodes at https://inteltechniques.com/podcast.html

SHOW NOTES:

INTRO:

None

BLACK FRIDAY:

Protonmail:
https://go.getproton.me/aff_c?offer_id=15&aff_id=1519&url_id=169

ProtonVPN:
https://go.getproton.me/aff_c?offer_id=6&aff_id=1519&url_id=167

PIA:
https://www.privateinternetaccess.com/pages/buy-vpn/crimeinfo

Silent Pocket 15%:
https://silent-pocket.com/discount/fridayintel?redirect=%2Fproducts%2Ffaraday-cage-sleeves-for-phones%3Fvariant%3D18335583010913

Simple Login:
https://simplelogin.io?slref=osint

Yubico:
https://www.yubico.com/store/black-friday/

14TB
https://www.bestbuy.com/site/wd-easystore-14tb-external-usb-3-0-hard-drive-black/6425303.p?skuId=6425303

UPDATES:

VPNS in Big Sur

PRIVACY NEWS:

Amazon Sidewalk
2nd Gen Echo Frames

OSINT:

https://grep.app

Data Removal Workbook: https://inteltechniques.com/data/workbook.pdf

Affiliate Links (products we use):
VPN Considerations: https://inteltechniques.com/vpn.html
ProtonMail: http://proton.go2cloud.org/aff_c?offer_id=15&aff_id=1519
ProtonVPN: https://proton.go2cloud.org/aff_c?offer_id=6&aff_id=1519
PIA VPN: https://www.privateinternetaccess.com/pages/buy-vpn/crimeinfo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Fastmail: https://ref.fm/u14547153
Amazon: https://amzn.to/2B5svbH
The Social-Engineer Podcast
The Social-Engineer Podcast
Social-Engineer, LLC
Ep. 138 – Security With Marcus Sailer of Capital Group
In this episode, Chris Hadnagy and Ryan MacDougall are joined by industry professional, Marcus Sailler to discuss his experience as the red team information security manager at Capital Group. Marcus shares some great tips on creating a successful security team and how you can prevent it from becoming the "No Police". They also go over the recent changes in the industry, including how big hacks have increased security awareness in the general public. 00:09 – Introduction to the new Security Awareness Series 01:28 – Introduction to Ryan MacDougall Phishing as a Service (PHaaS) Vishing as a Service (VaaS) Social-Engineer.com 02:32 – Introduction to Marcus Sailler 04:20 – How Marcus got into information security 06:08 – Recent changes in the infosec industry- How a big hack increases security awareness 12:09 – How a red team and security awareness team can collaborate to enhance security 14:25 – Introduction to Capital Group 16:17 – Coming up with relevant attacks for a global company 18:08 – How a security team can avoid becoming the “No Police” 21:39 – Why it’s better to build a blue team first 22:24 – The importance of attitude and ego for a red teamer 25:04 – How a red team benefits from partnership 26:53 – Emulate the bad guy, but remember to be good 29:18 – Steps corporations should implement now 30:58 – Some of Marcus’ most respected industry professionals Chris Hadnagy David McGuire Jason Frank Jeff Dimmock David Kennedy Amanda Berlin Ian Coldwater Rachel Tobac 34:47 – Marcus' book recommendations Sizing People Up: A Veteran FBI Agent's User Manual for Behavior Prediction The 5 Love Languages: The Secret to Love that Lasts 39:18 – Marcus' contact info LinkedIn Twitter 14:38 – Outro Social-Engineer.org Social-Engineer.com The Innocent Lives Foundation SEVillage: The Human Hacking Conference Human Hacking Book Website Human Hacking Book Amazon Clutch Chris on Twitter Social-Engineer on Twitter
44 min
Voices from DARPA
Voices from DARPA
DARPA
Episode 38: The Oceanic Defender
In this episode of the _Voices from DARPA_ podcast, John Waterston, a program manager since 2017 in the agency’s Strategic Technology Office, lets listeners in on his oceanic immersions both as a naval officer and a technology developer. Now a commander in the U.S. Naval Reserve, John offers snapshots of living, working, and serving on our nation’s nuclear submarines before describing his current work at DARPA to develop technologies to better understand, monitor, and navigate the planet’s most prevalent environment—the oceans. In one of his ambitious programs, John seeks to deliver what has been a coveted but elusive capability—the equivalent of GPS that operates even in the deep ocean. In a related program, John explains how very low-frequency (VLF) electromagnetic signals from lightning that occurs relentlessly around the world can become a key to a back-up positioning, navigation, and timing (PNT) system in case our must-have GPS goes down. And in perhaps his most audacious program, the Ocean of Things, he is assembling what amounts to an ocean-scale nervous systems comprising tens of thousands of floating sensors, opening pathways to an unprecedentedly fine-grained understanding of what is happening in vast ocean environments. Says John about the ocean, “it’s so immense, covering 70% of the Earth’s surface, yet even with all of the ships, all of the aircraft, all of the satellites, and all of the existing sensors, we are severely undersampling this environment.” He has made it his mission to fill in that data shortfall, which he says could significantly improve weather forecasting for the benefit of both military and civilian sectors.
40 min
Cyber Work
Cyber Work
Infosec
Kubernetes: Vulnerabilities, efficiency and cloud security
Learn all about Kubernetes, its possible misconfigurations and vulnerabilities, and how it applies to cloud security on today’s episode, featuring Michael Foster, a Cloud Native Advocate at StackRox. Michael discusses intrinsic Kubernetes security issues compared with those that come from improper use, the work of a Cloud Security Advocate, his time in the Chicago Cubs and more. 0:00 Intro  2:03 Getting started in tech 4:09 From Cubs to security 8:10 What is Kubernetes? 10:45 Kubernetes issues & CNCF roadmap 14:50 Types of vulnerabilities 19:10 Kubernetes checklist and wishlist 23:30 Role and duties at StackRox 25:30 Cloud security skills & careers 31:30 Future of Kubernetes 33:28 What is StackRox? 35:35 Outro We’re also excited to share the new hands-on Cyber Work training series, Cyber Work Applied. Each week on Cyber Work Applied, expert Infosec instructors teach a new cybersecurity skill and show you how that skill applies to real-world scenarios. Get demos of different cyberattacks, learn how to use common cybersecurity tools, explore how major breaches occurred and more. Check out the link below to start learning, for free! – Learn cybersecurity with our FREE Cyber Work Applied training series: https://www.infosecinstitute.com/learn/  – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast Michael Foster is a passionate tech enthusiast and open-source advocate with a multidisciplinary background. As a Cloud Native Advocate at StackRox, Michael understands the importance of building an inclusive community. Michael embraces all forms of automation, focusing on Kubernetes security, DevOps, and infrastructure as code. He is continually working to bridge the gap between tech and business and focus on sustainable solutions. *About Infosec* Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
36 min
Hacker Valley Studio
Hacker Valley Studio
Hacker Valley Media
Episode 114 - The Good, Bad, and Ugly of Threat Intelligence with Patrick Coughlin
In this episode of the Hacker Valley Studio podcast, hosts Ron and Chris interview Patrick Coughlin, Co-Founder and CEO of TruSTAR. Patrick began his career as a security analyst in Washington D.C. and the middle east. By working with government contractors, multinational corporations, and counter-terrorism units, Patrick learned that the biggest challenge that security analysts have is retrieving the needed information from disparate data sources. This discovery led Patrick to founding TruStar. Patrick’s focus is to help organizations automate the collection and curation of threat intelligence data. Patrick’s analytical prowess originated from working at Booz Allen Hamilton where he learned a fundamental skill that all cybersecurity analysts should have - how to put together a slide deck. This skill helped Patrick articulate the importance of threat intelligence to leaders in the government and private sector. As the episode progresses, Patrick details the differences between threat intelligence requirements for national security and enterprise. For enterprise threat intelligence programs, the goal is to accelerate automation of detection and rarely attribution. Patrick also mentions automation is only as effective as the data is cleaned, normalized, and prioritized. What about the good, bad, and ugly of threat intelligence? Patrick describes that an organization can thrive by leveraging internal intelligence. This can be overlooked when organizations are fixated on buying threat data feeds and subscribing to ISAC feeds. Most enterprise organizations have a detection and response stack that is constantly providing information about threats relevant to their organization - which serves as great threat intelligence data. Chris and Ron ask Patrick about the science vs art aspects of cybersecurity and threat intelligence. Patrick describes that there is room for both art and science in threat intelligence. While new concepts are being discovered, there is art in finding the needle in the haystack. However, at some point, intuition can be described into steps that a machine can repeat. For example, after years of analytical practice an analyst can describe how and why they are tagging threat intelligence related data in such a way that can be repeated by other analysts or automation. This episode covers an abundance of tactics and techniques for threat intelligence analysts. Patrick describes the best place to begin automating threat intelligence is detection. An analyst can ask the question, “How do I get sources of known bad indicators into my detection stack so that I could drive high fidelity detections?”. As false positives decrease, your mean time to detection (MTTD) and resolution (MTTR) decrease which makes your threat intelligence and security operation team members more effective. 0:00 - Intro 1:53 - This episode features Patrick Coughlin, Co-Founder and CEO of TruSTAR 2:30 - Patrick’s background and start as a security analyst 5:19 - How to automate threat intelligence while reducing analyst fatigue 7:05 - How Patrick cultivated his analyst prowess 8:43 - Articulating threat intelligence to government and enterprise organizations 11:09 - Can a threat intelligence program be automated? 17:21 - Patrick’s experience of “good” and “bad” threat intelligence programs 20:31 - Logic vs Intuition in threat intelligence 27:04 - Artificial Intelligence and Machine Learning to make threat intelligence decisions 28:42 - Where to start when automating threat intelligence 30:02 - How to stay in touch with Patrick Coughlin Links: Connect with Patrick Coughlin on LinkedIn Link to Patrick’s company TruSTAR Learn more about Hacker Valley Studio. Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter. Follow hosts Ron Eddings and Chris Cochran on Twitter. Learn more about our sponsor ByteChek. Take our FREE course for building threat intelligence programs by visiting www.hackervalley.com/easy
31 min
Main Engine Cut Off
Main Engine Cut Off
Anthony Colangelo
T+178: Andrew Jones, on China’s Chang’e-5, 2021 Plans, and More
Andrew Jones returns to the show for the third time to talk about China’s current missions and future plans, including Chang’e-5, Tianwen-1, the Chinese Space Station, and the international politics surrounding it. And then we dig into the Chinese commercial market a bit—launch companies and remote sensing companies are raising a ton of money, but it’s not yet clear what effect that will have on the global market. This episode of Main Engine Cut Off is brought to you by 36 executive producers—Brandon, Matthew, Simon, Lauren, Melissa, Kris, Pat, Matt, Jorge, Ryan, Donald, Lee, Chris, Warren, Bob, Russell, Moritz, Joel, Jan, Grant, David, Joonas, Robb, Tim Dodd (the Everyday Astronaut!), Frank, Julian and Lars from Agile Space, Tommy, Matt, and seven anonymous—and 460 other supporters. Topics * Andrew Jones (@AJ_FI) / Twitter * Andrew Jones, SpaceNews * Andrew Jones, Space.com * Andrew Jones, The Planetary Society * Chang’e-5 spacecraft prepare for historic lunar orbit rendezvous, sample relay - SpaceNews * China recovers Chang’e-5 moon samples after complex 23-day mission - SpaceNews * Chang’e-5 orbiter embarks on extended mission to Sun-Earth Lagrange point - SpaceNews * Tianwen-1 launches for Mars, marking dawn of Chinese interplanetary exploration - SpaceNews * China’s CASC targets more than 40 space launches in 2021 - SpaceNews * China gears up for space station, cargo and crewed mission launches - SpaceNews * Chinese reusable experimental spacecraft releases object before returning to Earth - SpaceNews * China pushes ahead with super-heavy-lift Long March 9 - SpaceNews * China’s Landspace raises $175 million for Zhuque-2 launch vehicles - SpaceNews * Remote sensing satellite firm completes huge funding round as Chinese space sector activity accelerates - SpaceNews * Spacety shares first images from small C-band SAR satellite - SpaceNews The Show * Like the show? Support the show! * Email your thoughts, comments, and questions to anthony@mainenginecutoff.com * Follow @WeHaveMECO * Listen to MECO Headlines * Join the Off-Nominal Discord * Subscribe on Apple Podcasts, Overcast, Pocket Casts, Spotify, Google Play, Stitcher, TuneIn or elsewhere * Subscribe to the Main Engine Cut Off Newsletter * Buy shirts and Rocket Socks from the Main Engine Cut Off Shop * Music by Max Justus
46 min
Our Ludicrous Future
Our Ludicrous Future
Joe Scott, Tim Dodd and Ben Sullins
Model Y 7-seaterish, Starship SN9 triple static fire, Bio Data storage using CRISPR - Ep 116
Joe, Tim, and Ben talk about the long awaited Model Y 7-seater, SpaceX Starship SN9 triple static fire, and scientists using CRISPR to store binary data in DNA Read more from the articles we referenced: Model Y 5 Star Saftey - https://www.tesla.com/blog/model-y-achieves-5-star-overall-safety-rating-nhtsa Model Y Crash Videos - https://twitter.com/Tesla/status/1349572805122113540 Model Y 7 Seater - https://insideevs.com/features/465979/video-tesla-model-y-seven-seat-buying-advice/ SN9 does a triple header static fire! - https://youtu.be/swL4xrmmLCk Earth's Future - https://phys.org/news/2021-01-earth-future-outlook-worse-scientists.amp New Shepard launches their 14th New Shepard - https://www.youtube.com/watch?v=g9oTZu2HP8U #whydonttheyjust by @Metaphoriumino1 - https://twitter.com/Metaphoriumino1/status/1349774839368790019 Lebron gets a Hummer EV, maybe - https://www.yahoo.com/amphtml/lifestyle/bad-girl-watch-lebron-james-230000984.html CRISPR DNA data storage - https://www.newscientist.com/article/2264383-crispr-gene-editing-used-to-store-data-in-dna-inside-living-cells/ Insight loses MOLE - https://twitter.com/NASAInSight/status/1349760462854909957?s=20 https://mars.nasa.gov/insight/spacecraft/about-the-lander/ --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/olfpod/message
1 hr 27 min
More episodes
Search
Clear search
Close search
Google apps
Main menu