2021-014-Slipstreaming blocked by Chrome, Slack being used for malware, plus dork and deskjockeys!
Chrome Blocks Port 10080 to Prevent Slipstreaming Hacks - E Hacking News - Latest Hacker News and IT Security News https://www.reddit.com/r/netsec/comments/jlu3cf/nat_slipstreaming/ Samy Kamkar - NAT Slipstreaming v2.0 Slack and Discord are Being Hijacked...
2021-013-Liana_McCrea-Garrison_Yap-cecil_hotel, Elisa_Lam-physical_security-part2
Reparations.tech *Public Safety Coordinators-Field Operations (Road Incidents)-Specialized Buildings (The Library, Medical Facilities, CCR)*Public Safety OfficersA. Discuss Training-SOP Creation *SOPs are very custom and dependent on the organization. There are no “NIST” standards. *Think on your feet, many...
2021-012-physical security discussion with @geecheethreat and @garrisony75 -pt1
Bios for guests Reparations.tech *Public Safety Coordinators -Field Operations (Road Incidents) -Specialized Buildings (The Library, Medical Facilities, CCR) *Public Safety Officers A. Discuss Training -SOP Creation *SOPs are very custom and dependent on the...
2021-010- Dr. Catherine J Ullman, the art of communication in an Incident – Part 2
In this episode: knowing your audience - discussing the IR impact how did this happen? how deep do you want to tailor your potential discussion? Every level must be asking "what, when, why, how?", not just those in the...
2021-010- Dr. Catherine J Ullman, the art of communication in an Incident – Part 1
Dr. Catherine J. Ullman (@investigatorchi) Incident Response communications Reminders: Patreon Jeff T. just became a $2 patron! Accepted to CircleCityCon on IR communications! Bsides Rochester Security B-Sides Rochester Spoke at SeaSec meetups: ...
2021-009-Jasmine_Jackson-TheFluffy007-analyzing_android_apps-FRida-Part2
@thefluffy007 A Bay Area Native (Berkeley) I always tell people my computer journey started at 14, but it really started at 5th grade (have a good story to tell about this) Was a bad student in my ninth grade...
2021-008-Jasmine jackson – TheFluffy007, Bio and background, Android App analysis – part 1
@thefluffy007 A Bay Area Native (Berkeley) I always tell people my computer journey started at 14, but it really started at 5th grade (have a good story to tell about this) Was a bad student in my ninth grade...
2021-007-News-Google asking for OSS to embrace standards, insider threat at Yandex, Vectr Discussion
Links to discussed items: Yandex Employee Caught Selling Access to Users' Email Inboxes (thehackernews.com) Supply-Chain Hack Breaches 35 Companies, Including PayPal, Microsoft, Apple | Threatpost Google pitches security standards for 'critical' open-source projects | SC...
2021-006-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh – part2
Ronnie Watson (@secopsgeek) Youtube: watson infosec - YouTube watsoninfosec (Watsoninfosec) · GitHub Feel free to add anything you like Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform) GitHub -...
2021-005-Ronnie Watson (@secopsgeek), building a security monitoring system with ELK, and Wazuh
Ronnie Watson (@secopsgeek) Youtube: watson infosec - YouTube watsoninfosec (Watsoninfosec) · GitHub Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform) GitHub - ossec/ossec-hids: OSSEC is an Open Source Host-based...
2021-004-Danny Akacki talks about Mergers and Acquisitions – Part 2
Discussion on Mergers and acquisitions processes On being acquired, but also if you’re acquiring a company Best Practices Best Practices of Mergers and Acquisitions (workforce.com) Best Practices In Merger Integration - Institute for Mergers, Acquisitions and Alliances...
2021-003- Danny Akacki, open communications, mergers&acquistions
Discussion on Mergers and acquisitions processes On being acquired, but also if you’re acquiring a company Best Practices Best Practices of Mergers and Acquisitions (workforce.com) Best Practices In Merger Integration - Institute for Mergers, Acquisitions and...
2020-002-Elastic Search license changes, Secure RPC patching for windows, ironkey traps man's $270 million in Bitcoin
Secure RPC issue - Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472 – Microsoft Security Response Center How to manage the changes in Netlogon...
2021-001-news, youtuber 'dream' doxxed, solarwind passwords bruteforced, malware attacks
Dream Doxxed: Minecraft YouTuber Dream Doxxed Following Speedrun Controversy (screenrant.com) Def Noodles on Twitter: "STANS TAKING IT TOO FAR: Dream doxed after posting a picture of his kitchen on his 2nd Twitter account. Dream has not published...
2020-046-solarwinds-fireeye-breaches-GE-medical-device-issues-and-2021_predictions
End of year podcast Blumeria sponsorship NEWS: IT company SolarWinds says it may have been hit in 'highly sophisticated' hack | Reuters FireEye hacked: US cybersecurity firm FireEye hit by 'state-sponsored' attack -...
2018-020: NIST’s new password reqs, Ms. Berlin talks about ShowMeCon, Pwned Passwords
https://nostarch.com/packetanalysis3 -- Excellent Book! You must buy it. DetSEC mention ShowMe Con panel and keynote SeaSec East standing room only. Crispin gave a great toalk about running as Standard user Bsides Cleveland - ...
2018-018-Jack Rhysider, Cryptowars of the 90s, OSINT techniques, and hacking MMOs
https://darknetdiaries.com/ Jack Rhysider Ok I think these topics should keep us busy for a while. Topics for discussion: Do hospitals have a free pass when being attacked? #OPJUSTINA https://nakedsecurity.sophos.com/2014/04/28/anonymous-takes-on-boston-childrens-hospital-in-opjustina/ https://www.youtube.com/watch?v=eFVBz_ATAlU - when...
BDIR-001: Credential stealing emails, How do you protect against it?
BDIR Episode - 001 Our guests will be: Martin Brough - Manager of the Security Solutions Engineering team in the #email #phishing industry Topic of the Day: CREDENTIAL STEALING EMAILS WHAT CAN YOU DO Join us for Episode-001,...
3 Zero-Day Exploits Hit SonicWall Enterprises Email Security Appliances
SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security (ES) product that are being actively exploited in the wild.
Tracked as CVE-2021-20021 and CVE-2021-20022, the flaws were discovered and reported to the company by FireEye's Mandiant subsidiary...
WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations
If the Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability (CVE-2021-22893) that is currently being exploited in the wild and for which there...
Japan accuses Chinese military of cyber-attacks on its space agency
200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
Japan accuses Chinese military of cyber-attacks on its space agency
200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
Tool links email addresses to Facebook accounts at scale
Enlarge (credit: Getty Images)
Still smarting from last month’s dump of phone numbers belonging to 500 million Facebook users, the social media giant has a new privacy crisis to contend with: a tool that, on a mass scale,...
