7MS #359: Windows 10 Security Baselining
This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free!
In this episode I explore some ways you can turn up the security heat on your Windows workstations by mapping...
7MS #358: 4 Ways to Write a Better Pentest Report
This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free!
This week we're talking about everybody's favorite topic: REPORT WRITING! Yay! The peasants rejoice! In the last...
7MS #357: 7 Minutes of IT and Security Tips
Today I'm launching an ongoing series called 7MOIST. It stands for:
7
Minutes
of
IT
and
Security
Tips
The wildest, craziest, nuttiest part of this series is that each episode will be 7 minutes long!
I know, I know! You're saying, "Wait a sec, bub, isn't...
7MS #356: Faster Hard Drive Forensics with CyLR and CDQR
This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free!
In today's episode I talk about some cool tools you can use to start a hard drive forensics investigation more...
7MS #355: Mousejacking!
This episode is brought to you by Netwrix Auditor, which empowers IT pros to detect, investigate and resolve critical issues before they stifle business activity, and proactively identify and mitigate misconfigurations in critical IT systems that could lead to...
7MS #354: Tales of Internal Pentest Pwnage – Part 2
Today's episode is the thrilling, exciting, heart-pounding conclusion of Tales of Internal Pentest Pwnage - Part 1. In this episode, we cover the final "wins" that got me to Domain Admin status (and beyond!):
Got DA but can't get...
7MS #353: Tales of Internal Pentest Pwnage – Part 1
Buckle up! This is one of my favorite episodes.
Today I'm kicking off a two-part series that walks you through a narrative of a recent internal pentest I worked on. I was able to get to Domain Admin...
7MS #352: Recap of Rad Red Team Training
I recently had the awesome opportunity to take the awesome Real World Red Team course put on by Peter Kim, author of The Hacker Playbook series.
TLDR and TLDL (too long don't listen): go take this training. Please. ...
7MS #351: Turn Windows Logging up to 11
Today's episode is brought to you by NoteCast. Try it free for 60 days (no credit card required) and enter code 7MS when completing your signup.
In today's episode, I talk about how the level of Windows server/client logging...
7MS #350: Interview with Lewie Wilkinson of Pondurance
Today's featured interview is with Lewie Wilkinson, senior integration engineer at Pondurance. Pondurance helps customers improve their security posture by providing a managed threat hunting and response solution, including a 24/7 SOC. Lewie joined me via Skype...
7MS #349: Interview with Ameesh Divatia of Baffle
Today's featured interview is with Ameesh Divatia, cofounder and CEO at Baffle. Baffle offers an interesting approach to data protection that they call data-centric protection, and the idea is you need to protect information at the record level,...
7MS #348: Cell Phone Security for Tweenagers
Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised password. It's in compliance with the latest NIST password...
7MS #347: Happy 5th Birthday to 7MS
Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised password. It's in compliance with the latest NIST password...
7MS #346: Baby’s First Red Team Engagement
WARNING: Today's episode is a bit of an experiment, and I hope you'll hang in there with me for it.
I had the opportunity to do a week-long red team engagement, and so I recorded a little summary of the...
7MS #345: Interview with Amber Boone
Coming up on Tuesday, January 22 I'll be doing a Webinar with Netwrix called 4 Ways Your Organization Can Be Hacked. It features a Billy Madison theme and pits evil Eric Gordon against sysadmin Billy Madison. Hope...
Stuxnet Family Tree Grows
What a newly discovered missing link to Stuxnet and the now-revived Flame cyber espionage malware add to the narrative of the epic cyber-physical attack.
Another dark web marketplace bites the dust –Wall Street Market
Two major dark web marketplaces for buying illegal products shut down in the span of a month.
Google File Cabinet Plays Host to Malware Payloads
Researchers detect a new drive-by download attack in which Google Sites' file cabinet template is a delivery vehicle for malware.
Demonstration Showcase Brings DevOps to Interop19
Attendees will learn how orchestration and automation can be a part of network operations and security, even at smaller companies.
What Home Buying Can Teach Us About Continuous Monitoring
Companies have been brainwashed to solely rely on hiring major auditing companies to help monitor and audit their vendors’ security. Assessments from these traditional auditors are typically an annual point-in-time affair. With technology advancing much more frequently, this outdated...
