Tuesday, December 11, 2018
7 minute security

7MS #339: A Pulse-Pounding Impromptu Physical Pentest

On a recent security assessment I was thrown for a loop and given the opportunity to do a two-part physical pentest/SE exercise - with about 5 minutes notice(!). Yes, it had me pooping my pants, but in retrospect...
7 minute security

7MS #338: SIEMple Tests for Your SIEM Solution

Today's episode talks about some SIEMple tests you can run on your SIEM (OMg see what I did there? I took the word simple and made it SIEMple. Genius stuff, right? And there's no extra charge...
7 minute security

7MS #337: Happy Secure Thanksgiving

Happy Thanksgiving! In this episode I: Share some things I'm thankful for - like you! Talk about a fun episode I'm working on that has some SIEMple tests you can use to test your SIEM (omg see what I did...
7 minute security

7MS #336: How to Succeed in Business Without Really Crying – Part 6

Welcome to part 6 of our miniseries all about the ups, downs, trials and tribulations of being a small, one-person security start up. In this episode I detail out all the software/services I use to run 7 Minute...
7 minute security

7MS #335: Cool Stuff I Just Learned From Red Teamers

Today I'm excited to brain-dump a bunch of cool stuff I learned at a red team conference called ArcticCon this week. Although this conference observes the Chatham house rule I'm just going to talk about a few things...
7 minute security

7MS #334: IT Security Horrors That Keep You Up at Night

This week I got to celebrate Halloween with my friends at Netwrix by co-hosting a Webinar called IT Security Horrors That Keep You Up at Night. The content was a modified version of the Blue Team on a...
7 minute security

7MS #333: Pentesting Potatoes

This week I was in lovely Boise, Idaho doing some security assessment work. While I was there I got to hang out with Paul Wilch and some of the Project7 crew and picked up a lot of cool...
7 minute security

7MS #332: Low Hanging Hacker Fruit

In this episode I'm releasing a new document aimed to help organizations eliminate low hanging hacker fruit from the environment. The document contains (relatively) cheap and (relatively) easy things to implement. And my hope is it can...
7 minute security

7MS #331: How to Become a Packtpub Author – Part 3

It's done! It's done!! It's DONE!!! That's right mom, my PacktPub course called Mastering Kali Linux Network Scanning is done! In today's episode I: Recap the course authoring experience Explain my super anal retentive editing process that takes 4 hours for...
7 minute security

7MS #330: Interview with Nathan Hunstad of Code42

In today's episode, I'm excited to be joined in the studio by Nathan Hunstad, Director of Security at Code42. Nathan and I had a great chat about Code42's new security offering called Code42 Forensic File Search, which helps...
7 minute security

7MS #329: Active Directory Security 101

Today's episode is brought to you by my friends at Netwrix. Their amazing Netwrix Auditor tool gives you visibility into what’s happening both on your local network and cloud-based IT systems and tells you about critical...
7 minute security

7MS #328: How to Succeed in Business Without Really Crying – Part 5

This episode is a cavalcade of fun! Why? First, I've got a big announcement: I've accepted a new position. "What?!" exclaimed my mom. "I thought you were president of 7MS, what the what?" No worries, it's...
7 minute security

Listener feedback – episode 326

People have been sending me some great feedback on episode #326, which featured Ryan Manship of RedTeam Security and Dave Dobrotka of United HealthGroup. Both these guys lead red teams for a living and had a lot of great...
7 minute security

7MS #327: Interview with John Strand

Today's episode is brought to you by my friends at Netwrix. Their amazing Netwrix Auditor tool gives you visibility into what’s happening both on your local network and cloud-based IT systems and tells you about critical...
7 minute security

7MS #326: Interview with Ryan Manship and Dave Dobrotka

Today's episode is brought to you by my friends at Dashlane, a fantastic password manager for you, your family and your business! Head to www.dashlane.com/7ms and use the code 7MS for 10% off a year of...
The Register

Lenovo tells Asia-Pacific staff: Work lappy with your unencrypted data on it has been nicked

That's thousands of employees' names, monthly salaries, bank details Exclusive  A corporate-issued laptop lifted from a Lenovo employee in Singapore contained a cornucopia of unencrypted payroll data on staff based in the Asia Pacific region, The Register can exclusively...
IBM Security

Why You Need a BGP Hijack Response Plan

The vast majority of computer security incidents involve some sort of phishing or malware. Typically, this is the type of incident that receives the most attention from organizations, and for which security controls are established. And rightfully so —...
Tripwire

Bug Affected 52.5 Million Users in Connection with a Google+ API

A bug connected to a Google+ API potentially exposed the profile information belonging to 52.5 million users of Google’s social network. According to David Thacker, VP of Product Management for G Suite, a software update in November introduced the...
isBuzz

Why Have We Become Desensitised To Cyber-Attacks?

1989 was of a year of positive milestones which would have a profound impact on the way we live and work today. The World Wide Web was invented, the Berlin Wall was torn down, and the first GPS satellite...

Quarter of NHS Trusts Have No Security Pros

Quarter of NHS Trusts Have No Security ProsNew research has revealed a dearth of qualified cybersecurity staff in the NHS and low levels of spending on in-house training for employees. RedScan received Freedom of Information (FOI) responses from 159 trusts...