Brakeing Down Security

Announcements: InfoSec Campout Conference (Eventbrite, social contract, etc): https://www.infoseccampout.com All Day Devops (https://www.alldaydevops.com) free talks online... Next conference starts 06 November 2019 ------ Tanya Janca (@shehackspurple) @wosectweets - Women of Security DevOps Tools for free/cheap.     They are...

ANNOUNCEMENTS: INFOSEC CAMPOUT TICKETS ARE STILL ON SALE. Go to https://www.infoseccampout.com for Eventbrite link and more information.     Part 2 of our Discussion with Chris Sanders (@chrissanders88) Topics discussed: Companies dropping existing frameworks for ATT&CK Matrix, why? Rural...

https://chrissanders.org/2019/05/infosec-mental-models/   I’ve argued for some time that information security is in a growing state of cognitive crisis…   Demand outweighs supply Because so many organizations need experience, they are unable to appropriately invest in entry-level jobs and...

Bryan got phished (almost) - story time!   https://isc.sans.edu/forums/diary/Do+you+block+new+domain+names/17564/   Through OpenDNS https://learn-umbrella.cisco.com/product-videos/newly-seen-domains-in-cisco-umbrella Available January 2017, Umbrella filters newly seen or created domains. By using new domains to host malware and other threats, attackers can outsmart security...

https://static1.squarespace.com/static/556340ece4b0869396f21099/t/5cc9ff79c830253749527277/1556742010186/Red+Team+Practice+Lead.pdf https://www.reddit.com/r/netsec/comments/bonwil/prevent_a_worm_by_updating_remote_desktop/   https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/ https://security.berkeley.edu/resources/best-practices-how-articles/system-application-security/securing-remote-desktop-rdp-system https://www.bleepingcomputer.com/news/security/unsecured-survey-database-exposes-info-of-8-million-people/ https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-security.html https://www.elastic.co/blog/found-elasticsearch-security https://dzone.com/articles/securing-your-elasticsearch-cluster-properly Auth is possible, using reverse proxy… this is basic auth :( https://github.com/Asquera/elasticsearch-http-basic   Here’s one that uses basic auth and...

Things I learned this week:   https://www.securusglobal.com/community/2013/12/20/dumping-windows-credentials/ https://www.helpnetsecurity.com/2019/04/29/docker-hub-breach/   https://www.zdnet.com/article/a-hacker-is-wiping-git-repositories-and-asking-for-a-ransom/ https://attack.mitre.org/techniques/T1003/ https://github.com/giMini/PowerMemory   https://en.wikipedia.org/wiki/Local_Security_Authority_Subsystem_Service   https://attack.mitre.org/techniques/T1208/

K8s security with Omer Levi Hevroni (@omerlh)   service tickets - Super-Dev   Omer’s requirements for storing secrets:   Gitops enabled Kubernetes Native Secure     “One-way encryption”   Omer’s slides and youtube video: https://www.slideshare.net/SolutoTLV/can-kubernetes-keep-a-secret https://www.youtube.com/watch?v=FoM3u8G99pc&&index=14&t=0s   We’ve...

Agenda:   Announce the conference CFP: up soon CFW: up soon Campers: Friday night/Saturday night     Like “toorcamp”, but if it sucks, you can drive home… :D   Limiting tickets, looking for sponsors To support the conference and future...

Announcements: https://www.workshopcon.com/     SpecterOps (red Team operations) and Tim Tomes (PWAPT)   Bsides Nashville   https://blog.secureideas.com/2019/04/we-take-security-seriously-and-other-trite-statements.html   “We take security seriously and other trite statements“   Wordpress infrastructure (supply chain failure)     WordPress plugin called Woocommerce was at...

Announcements: WorkshopCon Training with SpecterOps and Tim Tomes www.workshopcon.com redteam operations with SpecterOps PWAPT with Tim Tomes   Source Boston: [Boston, MA 2019 (April 29 – May 3, 2019) (https://sourceconference.com/events/boston19/)Trainings: April 29 - April 30, 2019 | Conference:...

Announcements: SpecterOps and Tim Tomes are giving training at WorkshopCon https://www.workshopcon.com Rob Cheyne Source Boston - https://sourceconference.com/events/boston19/ Austin Cybernauts meetup - https://www.eventbrite.com/e/cybernauts-ctf-meetup-indeed-tickets-58816141663 SHOW NOTES: Architecture is not an implementation, but a way of thinking about a problem that...

Show Notes SpecterOps and Tim Tomes are giving training at WorkshopCon https://www.workshopcon.com Rob Cheyne Source Boston - https://sourceconference.com/events/boston19/   Architecture is not an implementation, but a way of thinking about a problem that has potentially many different answers, and...

  Log-MD story     SeaSec East meetup     Gabe (county Infosec guy) https://www.sammamish.us/government/departments/information-technology/ransomware-attack-information-hub/ New Slack Moderator (@cherokeeJB) Shoutout to “Jerry G”   Mike P on Slack: https://www.eventbrite.com/e/adversary-tactics-red-team-operations-training-course-dc-april-2019-tickets-54735183407 www.Workshopcon.com/events and that we're looking for BlueTeam trainers please  ...

Shout-out to Thomas…     Tried to meetup while at SEA comic-con Patreon Log-MD Hacker’s Health - Ms. Roddie is at TROOPERS (Ms. Berlin?) 4 podcasts? SpecterOps Training / workshopCon  - https://www.workshopcon.com/events Zach Ruble- @sendrublez C2 infra using Public WebApps...

Log-MD story (quick one) (you’ll like this one, Mr. Boettcher)     SeaSec East meetup     "Gabe"   https://www.sammamish.us/government/departments/information-technology/ransomware-attack-information-hub/   New Slack Moderator (@cherokeeJB) Shoutout to “Jerry G”   Mike P on Slack: https://www.eventbrite.com/e/adversary-tactics-red-team-operations-training-course-dc-april-2019-tickets-54735183407 www.Workshopcon.com/events and that we're...

https://nostarch.com/packetanalysis3  -- Excellent Book! You must buy it.   DetSEC mention   ShowMe Con panel and keynote   SeaSec East standing room only. Crispin gave a great toalk about running as Standard user   Bsides Cleveland -   ...

https://darknetdiaries.com/   Jack Rhysider Ok I think these topics should keep us busy for a while. Topics for discussion: Do hospitals have a free pass when being attacked? #OPJUSTINA https://nakedsecurity.sophos.com/2014/04/28/anonymous-takes-on-boston-childrens-hospital-in-opjustina/ https://www.youtube.com/watch?v=eFVBz_ATAlU - when...

BDIR Episode - 001 Our guests will be: Martin Brough - Manager of the Security Solutions Engineering team in the #email #phishing industry Topic of the Day: CREDENTIAL STEALING EMAILS WHAT CAN YOU DO   Join us for Episode-001,...