Wednesday, May 12, 2021
7 minute security

7MS #466: Attacking and Defending Azure AD Cloud (CARTP)

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Welp, I need another security certification...
7 minute security

7MS #465: Cyber News – The FBI Might Be Getting Into the IR Biz Edition

Hey friends!  Today Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I talk about some of our favorite news stories, including:FBI removes hacker back doorsNSA: 5 security bugs under active nation-state cyberattackUbiquiti is accused of covering up a ‘catastrophic’ data...
7 minute security

7MS #464: Interview with Christopher Fielder of Arctic Wolf

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today our friend Christopher Fielder...
7 minute security

7MS #463: DIY Pentest Dropbox Tips – Part 5

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! In the last two episodes of...
7 minute security

7MS #462: Pentesting with the Hak5 Key Croc

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Today we talk through our first...
7 minute security

7MS #461: Tales of Internal Network Pentest Pwnage – Part 26

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! OK I probably say this every...
7 minute security

7MS #460: Why I'm Throwing My UniFi Gear Into the Ocean

Hey friends! Warning: this is not a "typical" 7MS episode where we try hard to deliver some level of security value. Instead, today is a big, fat, crybaby, first-world problems whine-fest about how I used to love my UniFi...
7 minute security

7MS #459: Cyber News – Microsoft Exchange Makes the World Cry Edition

This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself...
7 minute security

7MS #458: Interview with Tanya Janca

Today we're super excited to share a featured interview with Tanya Janca of WeHackPurple!Tanya has been in software development from the moment she was of legal age to work in Canada - beginning by working with some huge companies...
7 minute security

7MS #457: Tales of Internal Network Pentest Pwnage – Part 25

This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself...
7 minute security

7MS #456: Certified Red Team Professional – Part 4

This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself...
7 minute security

7MS #455: Tales of Internal Network Pentest Pwnage – Part 24

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Hey everybody! Sorry that we're...
7 minute security

7MS #454: Cyber News – Lets Switch to Typewriters Edition

This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself...
7 minute security

7MS #453: Interview with Marcello Salvati

This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself...
7 minute security

7MS #452: Enterprise Attacker Emulation and C2 Implant Development

Hey everyone! Hope you're having a great week. Today Gh0sthax and I do a brain dump and recap of a cool (and mind-exploding) course we took last week called Enterprise Attacker Emulation and C2 Implant Development. ...

Half of Government Security Incidents Caused by Missing Patches

Half of Government Security Incidents Caused by Missing PatchesCybersecurity is both a driver and a major barrier to public sector IT modernization, according to new research from BAE Systems Applied Intelligence. The cyber consultancy polled 250 managers with IT responsibility...
SecurityWeek

Germany Halts Facebook Sharing WhatsApp Data

A German regulator on Tuesday slapped a three-month ban on Facebook collecting user data from WhatsApp accounts and referred the case to an EU watchdog, citing concerns about election integrity. read more
The Register

Blessed are the cryptographers, labelling them criminal enablers is just foolish

Preserving privacy is hard. I know because when I tried, I quickly learned not to play with weapons Column  Nearly a decade ago I decided to try my hand as a cryptographer. It went about as well as you...
The Hacker News

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations

The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department (MPD) after negotiations with the DC Police broke down, warning that they intend to publish all data ransom demands are not met. "The...
Security Affairs

NSA and ODNI analyze potential risks to 5G networks

U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence gathering. The U.S. National Security Agency (NSA), along with the DHS Cybersecurity and Infrastructure Security Agency (CISA), and the Office...