jon-dimaggio-part2-threat intel-hacking back-analyzing malware
Author of the #noStarch book "The Art of Cyberwarfare" (https://nostarch.com/art-cyberwarfare) Topics: discusses his book, threat intel as a service, why people enjoy malware analysis? Should people 'hack back' and what legal issues are around that? How do you soften...
Jon DiMaggio_Art-of-cyberwarfare_hacking_back-insider-threat-messaging_P1
Author of the #noStarch book "The Art of Cyberwarfare" (https://nostarch.com/art-cyberwarfare) Topics: discusses his book, threat intel as a service, why people enjoy malware analysis? Should people 'hack back' and what legal issues are around that? How do you soften...
news, infosystir's talk at RSA, conti has an 'image' problem
https://www.reuters.com/technology/tesla-cars-bluetooth-locks-vulnerable-hackers-researchers-2022-05-17/ https://portswigger.net/daily-swig/us-revises-policy-regarding-computer-fraud-and-abuse-act-will-not-prosecute-good-faith-research https://www.securityweek.com/conti-ransomware-operation-shut-down-after-brand-becomes-toxic https://portswigger.net/daily-swig/chicago-public-schools-data-breach-blamed-on-ransomware-attack-on-supplier https://www.helpnetsecurity.com/2022/05/23/protect-kubernetes-cluster/ https://www.darkreading.com/application-security/malicious-package-python-repository-cobalt-strike-windows-macos-linux https://www.bleepingcomputer.com/news/security/fake-windows-exploits-target-infosec-community-with-cobalt-strike/ https://www.darkreading.com/application-security/6-scary-tactics-used-in-mobile-app-attacks
Mieng Lim, Ransomware actions, using insurance to offset risk, good IR/PR comms
Full VOD here (must subscribe to Twitch): https://www.twitch.tv/videos/1478955254 Mieng Lim, VP of Product at Digital Defense by HelpSystems Topic she will discuss: Outsmarting RaaS: Strategies to Implement Before, During, and After a Ransomware Attack Webinar:...
Mieng-Lim-Ransomware-Best-Practices-p1
Mieng Lim, VP of Product at Digital Defense by HelpSystems Topic she will discuss: Outsmarting RaaS: Strategies to Implement Before, During, and After a Ransomware Attack Webinar: https://www.digitaldefense.com/resources/videos/webinar-outsmarting-raas-strategies-against-ransomware-attacks/ https://www.digitaldefense.com/blog/infographic-the-latest-ransomware-facts/ https://www.digitaldefense.com/wp-content/uploads/2020/07/Digital-Defense-Inc.-Ransomware-Infographic-070621.jpg https://www.digitaldefense.com/blog/the-terrifying-truth-about-ransomware/ Prepared questions...
Mick Douglas on threat intel, customer worries about being hacked, and more
@bettersafetynet @infosystir @boettcherpwned @bryanbrake @brakeSec Discord Invite! "please click OK to accept the Code of Conduct in the 'Rules-and-info' channel" https://discord.gg/jhzm4bK9 #AmazonMusic: https://brakesec.com/amazonmusic #Spotify: https://brakesec.com/spotifyBDS #Pandora: https://brakesec.com/pandora #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast Apple Podcasts: https://podcasts.apple.com/us/podcast/brakeing-down-security-podcast/id799131292 #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite...
news, famers affected by ransomware, protestware for the 3rd time, trusting opensource
https://www.cyberscoop.com/dhs-bug-bounty-122-vulnerabilities-27-critical-hackers/ https://securityaffairs.co/wordpress/130564/hacking/atlassian-jira-authentication-bypass-issue.html https://confluence.atlassian.com/jira/jira-security-advisory-2022-04-20-1115127899.html https://www.coalfire.com/the-coalfire-blog/research-reveals-cyber-risk-is-the-best-language https://www.securityweek.com/audio-codec-made-apple-introduced-serious-vulnerabilities-millions-android-phones https://www.cnet.com/tech/mobile/verizon-wireless-customers-report-outages-across-us/ https://www.infosecurity-magazine.com/news/fbi-warns-us-farmers-of-ransomware/ https://www.bleepingcomputer.com/news/security/3-reasons-connected-devices-are-more-vulnerable-than-ever/ https://www.bleepingcomputer.com/news/security/third-npm-protestware-event-source-polyfill-calls-russia-out/ https://securityaffairs.co/wordpress/130497/security/cyber-insurance-global-riskenvironment.html https://securityaffairs.co/wordpress/130443/hacking/cisco-umbrella-default-ssh-key.html https://www.helpnetsecurity.com/2022/04/19/open-source-usage-trends/ https://gizmodo.com/cia-nsa-spies-tracked-anomaly-6-product-demo-1848830150 https://www.infosecurity-magazine.com/news/hackers-gain-admin-rights-with/ https://scottbarrykaufman.com/podcast/ Discord invite (must read and heed the Code of Conduct...
Mick Douglas discusses What2Log, and guidance in light of Okta incident
https://what2log.com/ https://twitch.tv/brakesec https://www.brakeingsecurity.com @bettersafetynet @infosystir @boettcherpwned @bryanbrake @brakeSec
logging analysis, log correlation, and threat analysis dicussion continues – p2
https://twitch.tv/brakesec www.brakeingsecurity.com @infosystir on Twitter @bryanbrake @boettcherpwned
Amanda and Bryan discusses log analysis, finding, IOCs, and what to do about them.
https://twitch.tv/brakesec www.brakeingsecurity.com @infosystir on Twitter @bryanbrake @boettcherpwned
Shannon Noonan and Stacey Cameron – process automation -p2
Shannon Noonan and Stacey Cameron - QoS Consulting https://www.bizagi.com/en/blog/digital-process-automation/4-ways-to-deliver-change-management-for-process-automation https://www.forrester.com/blogs/the-new-change-management-automated-and-decentralized/ https://www.tibco.com/reference-center/what-is-process-automation https://kissflow.com/workflow/workflow-automation/an-8-step-checklist-to-get-your-workflow-ready-for-automation/ https://www.malwarearchaeology.com/cheat-sheets https://overapi.com/ https://www.darkreading.com/attacks-breaches/8-character-passwords-can-be-cracked-in-less-than-60-minutes
Shannon Noonan and Tracey Cameron – process automation
https://www.twitch.tv/brakesec Youtube video (full version): https://www.youtube.com/watch?v=eRwYB22XMNw Shannon Noonan and Stacey Cameron - QoS Consulting https://www.bizagi.com/en/blog/digital-process-automation/4-ways-to-deliver-change-management-for-process-automation https://www.forrester.com/blogs/the-new-change-management-automated-and-decentralized/ https://www.tibco.com/reference-center/what-is-process-automation https://kissflow.com/workflow/workflow-automation/an-8-step-checklist-to-get-your-workflow-ready-for-automation/ https://www.malwarearchaeology.com/cheat-sheets https://overapi.com/ https://www.darkreading.com/attacks-breaches/8-character-passwords-can-be-cracked-in-less-than-60-minutes
K12SIX-project-Doug_Levin-Eric_Lankford-threat_intel-edusec-p2
For context, we at the K12 Security Information Exchange (K12 SIX) are a relatively new K12-specific ISAC – launched to help protect the US K12 sector from emerging cybersecurity risk. One of our signature accomplishments in our first year...
K12SIX's Eric Lankford and Doug Levin on helping schools get added security -p1
The K12 Security Information Exchange (K12 SIX) are a relatively new K12-specific ISAC – launched to help protect the US K12 sector from emerging cybersecurity risk. One of our signature accomplishments in our first year was the development and...
April Wright and Alyssa Miller – IoT platforms, privacy and security, embracing standards
Alyssa Milller (@AlyssaM_InfoSec) April Wright (@Aprilwright) Open Source issues (quick discussion, because I value your opinions, and supply chain is important in the IoT world too.) Log4j and OSS software management and profitability Free as in...
2018-020: NIST’s new password reqs, Ms. Berlin talks about ShowMeCon, Pwned Passwords
https://nostarch.com/packetanalysis3 -- Excellent Book! You must buy it. DetSEC mention ShowMe Con panel and keynote SeaSec East standing room only. Crispin gave a great toalk about running as Standard user Bsides Cleveland - ...
2018-018-Jack Rhysider, Cryptowars of the 90s, OSINT techniques, and hacking MMOs
https://darknetdiaries.com/ Jack Rhysider Ok I think these topics should keep us busy for a while. Topics for discussion: Do hospitals have a free pass when being attacked? #OPJUSTINA https://nakedsecurity.sophos.com/2014/04/28/anonymous-takes-on-boston-childrens-hospital-in-opjustina/ https://www.youtube.com/watch?v=eFVBz_ATAlU - when...
BDIR-001: Credential stealing emails, How do you protect against it?
BDIR Episode - 001 Our guests will be: Martin Brough - Manager of the Security Solutions Engineering team in the #email #phishing industry Topic of the Day: CREDENTIAL STEALING EMAILS WHAT CAN YOU DO Join us for Episode-001,...