Saturday, January 19, 2019
Purple Squad Security

Episode 47 – Happy New Year! Show Updates and Other News

Welcome to 2019!  John goes solo in this episode and talks about his personal goals for 2019, plus some updates for the show that should make things a bit more structured and hopefully more interesting for the listeners. Some links...
Purple Squad Security

Episode 46 – Holiday Special – Storytime with Jayson E. Street

Continuing our storytime theme for the holidays, on this week’s show we have a special guest, Jayson E. Street!  For those who follow Jayson online, his hacker adventures bring him to all sorts of interesting places.  Jayson shares a...
Purple Squad Security

Episode 45.1 – Holiday Special – Storytime with Tinker – NO MUSIC!!!

Hey everyone, this is a re-release of episode 45 with Tinker, but this one is WITHOUT the background music.  I hope this makes up for the snafu in an otherwise great interview! Happy December everyone!  Whatever holiday you may be...
Purple Squad Security

Episode 45 – Holiday Special – Storytime with Tinker

Happy December everyone!  Whatever holiday you may be celebrating this season, may it be enjoyable.  I’ve decided for the month of December to treat myself, by having a bunch of people I hold in high regard to join me...
Purple Squad Security

Episode 44 – SANS Holiday Hack Challenge with Ed Skoudis

So, a very popular season is coming up shortly.  I’m not talking about Thanksgiving (for my US listeners) and I’m not talking about Christmas for my Christian listeners.  No, I’m talking about the season that all good little hackers...
Purple Squad Security

Episode 43 – Not all vulnerabilities are created equal with Tanya Janca

Vulnerability disclosure is one of those things that either brings a smile or a scowl to your face, depending on what end of the disclosure you’re on.  For some, it’s a thing of pride, and hopefully a monetary reward! ...
Purple Squad Security

Episode 42 – CyberZoology with Patrick Kelley

Defending is hard.  The adage of “an attacker only has to be right once” is a bit played out, but it does have a hint of truth in that trying to defend everything is a monumental task.  Defenders are...
Purple Squad Security

Episode 41 – Cyber Security Awareness Month with Tracy Maleeff

October is Cyber Security Awareness Month, and with that who better to help share some ideas on how to give back to the community than our own InfoSecSherpa!  Tracy Maleeff joins me to talk about Cyber Security Awareness Month,...
Purple Squad Security

Episode 40 – Tabletop D&D With Rally Security

It’s that time again!  With milestone episode 40, we have another Tabletop D&D episode for you to enjoy!  This time around we are joined by a few members of the Rally Security podcast to face some scenarios and see...
Purple Squad Security

Episode 39 – John’s OSCP Journey

Over the past few months, John has been working on obtaining his OSCP certification.  Recently he attempted and successfully passed the exam!  In this episode he goes over his journey, what he learned as well as a...
Purple Squad Security

Episode 38 – Discussing the Cyber Kill Chain with Amanda Berlin

The cyber kill chain.  For some, it’s a nice framework to help build your defenses and help during an incident.  For others, it is an over hyped and rigid list that no real attacker follows anymore.  However you view the cyber...

Episode 37 – Bring Your Own Land with Nathan Kirk

“Living off the land” is a term well understood by both offensive and defensive teams.  For offensive teams, it’s meant by using the technologies already present on the system, such as Powershell, Python, and even Perl for those who like...

Episode 36 – The Joy of CTFs with Derek Rook

Capture The Flag games, or CTFs, are a popular way for infosec pros to brush up on the offensive skills.  From VulnHub to HackTheBox, there are a few different ways to quote “get your hack on”!  Derek Rook (@_r00k_) joins...

Episode 35 – Container Security with Jay Beale

From jails to virtual machines, process isolation is the “holy grail” of security.  Lately, containers have been the go-to for modern organizations in order to scale and implement things like microservices.  Jay Beale of InGuardians fame joins me to...
Purple Squad Security

Episode 34 – Exploring Powershell with Mick Douglas

Living off the land is pretty standard fare for pen testers.  On Linux systems, the go-to is usually Python, but on Windows it’s all about Powershell.  This week I’m fortunate enough to sit down with Mick Douglas to talk...
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
isBuzz

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more