Wednesday, October 27, 2021
7 minute security

7MS #491: Interview with Louis Evans of Arctic Wolf

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today we're joined by Louis...
7 minute security

7MS #490: Desperately Seeking a Super SIEM for SMBs – Part 4

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Hey friends! Today we're going...
7 minute security

7MS #489: Ping Castle

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today we're talking about Ping...
7 minute security

7MS #488: How to Succeed in Business Without Really Crying – Part 10

Today we continue our series focused on building a security consultancy and talk about: A phishing campaign that went off the rails, and lessons learned from it First impressions of an awesome tool to help add MFA to your Active Directory...
7 minute security

7MS #487: Light Pentest eBook Announcement!

Hey friends! Today I've got some exciting personal/professional news to share: our Light Pentest eBook - which is a practical, step-by-step playbook for internal network penetration testing - is now available for purchase! Note: this eBook and the...
7 minute security

7MS #486: Interview with Matt Quammen of Blue Team Alpha

Today our good buddy Joe Skeen and I virtually sit down with Matt Quammen of Blue Team Alpha to talk about all things incident response! Topics covered include: Top 5 things to do and not do during ransomware event Challenges...
7 minute security

7MS #485: Interview with Christopher Fielder

Today our friend Christopher Fielder from Arctic Wolf is back for an interview four-peat! We had a great chat about making sense of vendor alphabet soup terms (like SIEM, SOC, EDR/MDR/XDR, ML, AI and more!), optimizing your SOC...
7 minute security

7MS #484: Desperately Seeking a Super SIEM for SMBs – Part 3

This episode of 7 Minute Security is sponsored by Datadog. Now offering Cloud Security Posture Management (CPSM), Datadog provides one-click compliance posture. Built on the unified Datadog Agent and platform-wide cloud integrations, you can easily get set up minutes....
7 minute security

7MS #483: Desperately Seeking a Super SIEM for SMBs – Part 2

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! Today we continue our series we...
7 minute security

7MS #482: Creating Kick-Butt Credential-Capturing Phishing Campaigns – Part 3

Today we're continuing our discussion on phishing campaigns - including a technical "gotcha" that might redirect your phishing emails into a digital black hole if you're not careful! As I mentioned last week, I've been heavy into spinning up and...
7 minute security

7MS #481: Creating Kick-Butt Credential-Capturing Phishing Campaigns – Part 2

Today we're revisiting how to make a kick-butt cred-capturing phishing campaign with Gophish, Amazon Lightsail, LetsEncrypt, ExpiredDomains.net and a special little extra something that makes creating phishing landing pages waaaaaaayyyyyyyyyy easier! For some quicker review, you can check out part...
7 minute security

7MS #480: Desperately Seeking a Super SIEM for SMBs

This episode of 7 Minute Security is sponsored by Datadog. Now offering Cloud Security Posture Management (CPSM), Datadog provides one-click compliance posture. Built on the unified Datadog Agent and platform-wide cloud integrations, you can easily get set up minutes....
7 minute security

7MS #479: A Prelude to PwnTown

Hey friends, today we're talking about a new security training offering 7MinSec has created called Light Pentest LITE - Live Interactive Training Experience. It's a 3-day course (with each class session being 3 hours long) consisting of live...
7 minute security

7MS #478: Password Cracking in the Cloud – Part 4

This episode of 7 Minute Security is sponsored by Datadog. Now offering Cloud Security Posture Management (CPSM), Datadog provides one-click compliance posture. Built on the unified Datadog Agent and platform-wide cloud integrations, you can easily get set up minutes....
7 minute security

7MS #477: Cobalt Strike for Newbs

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. Today we're talking about Cobalt...
The Register

China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks

FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…
SecurityWeek

150 People Arrested in US-Europe Darknet Drug Probe

Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday. read more

Free Tool Helps Security Teams Measure Their API Attack Surface

Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.

North Korea's Lazarus Group Turns to Supply Chain Attacks

State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.