How to get a penetration test (pentest)

Summary:

In this episode, Dave Chronister, founder of Parameter Security and ShowMeCon, shares valuable insights into the world of penetration testing (pentesting). Listeners will learn about the differences between vulnerability assessments and penetration tests, what red teaming is, and why organizations should lean towards white-box pentests. Dave and Tim discuss how to avoid common pitfalls when engaging with pentest companies, the importance of rules of engagement, and how to ensure you're getting a high-quality test. Dave also shares stories from his 17+ years in the field, illustrating the critical lessons organizations need to understand.

Key Topics Covered:

  • Difference between vulnerability assessments and penetration tests.

  • Red teaming vs. penetration testing: When and why to use each.

  • How to choose the right pentest company.

  • The importance of setting clear rules of engagement.

  • Real-world examples of pentesting gone wrong.

Resources Mentioned:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to Avoid Election Scams

Summary:

In this timely episode of Exploring Information Security, host Timothy De Block is joined by Pieter Arntz from Malwarebytes to discuss the growing threat of election-related scams. With election season upon us, scammers are becoming more active, and this episode dives deep into how these scams work, what tactics scammers use, and how to protect yourself from falling victim.

You can check out Pieter’s article How To Avoid Election Related Scams at the Malwarebytes blog.

Key Topics:

  • Seasonal Scams: Scams are often timed with key events, including elections, holidays, and tax season. Pieter discusses how scammers shift focus from elections to events like Black Friday or Christmas.

  • Common Election Scams: Scammers often target voters through text messages, social media, and robocalls, attempting to steal personal information or solicit fake donations.

  • Mobile Devices as a Target: With more focus on mobile devices, Android and Apple users are increasingly targeted through phishing texts and malicious links.

  • Social Engineering: Scammers manipulate users by pretending to represent political parties, asking for donations, or engaging in online discussions to steal information.

  • Detecting Scams: Pieter and Timothy offer practical advice on identifying scam messages, such as unsolicited communications, urgency in messaging, and phishing links with suspicious domains (e.g., .xyz, .top).

  • Who’s Behind These Scams?: The episode touches on the actors behind the scams, ranging from cybercriminal gangs to state actors, and how they profit from fraudulent activities.

  • Scams Beyond Elections: While elections are a prime target, natural disasters and other events are also exploited by scammers to steal donations and personal information.

  • Privacy Concerns: A survey revealed that 3% of people are hesitant to vote due to privacy concerns, highlighting the critical need for secure election processes.

Key Takeaways:

  1. Be Wary of Unsolicited Messages: If you receive unsolicited texts or emails, always double-check the source before acting. Election scams often use urgency to push people into making hasty decisions.

  2. Verify Political Donations: Only donate through verified websites. Scammers frequently clone official websites to trick people into giving money to fraudulent causes.

  3. Protect Your Personal Information: Avoid sharing personal details through unofficial or unfamiliar channels. Scammers can use this information for identity theft or phishing attacks.

  4. Report Scams: If you suspect a scam, report it to organizations like the FTC or the FBI to help others stay safe.

Resources Mentioned:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is sober in cyber?

Summary:

In this episode, Jennifer VanAntwerp shares her journey of sobriety and how it inspired her to create the Sober in Cyber community. They discuss the challenges of navigating industry events saturated with alcohol, tips for staying sober, and how the younger generation's attitude towards alcohol is changing. Jennifer also emphasizes the importance of offering alternative options at events and how the sober community is growing in cybersecurity.

Key Topics Covered:

  • Jennifer's personal journey of 23 years of sobriety.

  • The impact of alcohol at cybersecurity conferences.

  • Tips for avoiding pressure to drink at social events.

  • The role of Sober in Cyber in creating inclusive, alcohol-free spaces.

  • How companies can support sober individuals.

Resources Mentioned:

Get Involved:

  • Join the Sober in Cyber Discord community to connect with others in the industry who are sober or looking to reduce alcohol consumption

  • Follow Sober in Cyber on social media for updates on events and community resources

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How Disinformation Will Impact The 2024 Election with Renee DiResta

Summary:

In this episode, Timothy De Block chats with Renee DiResta about the role of disinformation in elections, particularly as we approach the 2024 cycle. Renee discusses her work in tracking narratives across social media, how state actors like Russia and Iran manipulate public opinion, and the growing importance of platform integrity in identifying inauthentic behavior.

Check out her book Invisible Rules: The People Who Turn Lies into Reality.

Key Topics:

  • The Evolution of Propaganda: How modern disinformation connects to historical propaganda efforts.

  • State-Sponsored Disinformation: Tactics used by Russia, Iran, and China in shaping election narratives.

  • Platform Integrity Teams: How social media platforms now combat disinformation networks.

  • Disinformation Trends: Recurring themes in election-related rumors, such as false claims about voter fraud.

  • The Role of Social Media: How users, not just state actors, influence and spread misinformation.

Recommended Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to Hack an Enterprise

Summary:

In this episode, Timothy De Block and Jonathan Singer dive into the challenges of modern enterprise security. The conversation covers how organizations—using McDonald's as an example—face threats from both digital and physical vectors. They explore how hackers might exploit everything from public Wi-Fi to social engineering tactics and touch on the evolving role of security leaders in dealing with both controllable and uncontrollable risks.

Key Topics:

  • Digital & Physical Attack Vectors: Discussion on hacking tactics such as public Wi-Fi, kiosk vulnerabilities, API exploitation, and social engineering.

  • Security Beyond the Firewall: Why enterprise security involves more than just digital defense—physical security, insider threats, and brand manipulation also pose risks.

  • The Growing Complexity of Security: How new technologies, like IoT devices and AI, are adding layers of complexity to enterprise security.

  • Insider Threats & Social Engineering: The impact of internal threats, from disgruntled employees to social engineering attacks, on large organizations.

Rapid-Fire Hacking Vectors:

  1. Public Wi-Fi

  2. Self-service kiosks

  3. Badge cloning

  4. Typo-squatting for domains

  5. Supply chain dependencies

  6. Insider threats

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


Ben Burkert of Anchor.Dev on the challenges of Internal Certificate Management

Summary:

In this episode, Timothy De Block chats with Ben Burkert about the challenges of managing internal certificate authorities (CAs) and certificates. Ben shares his experiences working with internal CAs at major companies and how those challenges inspired the creation of Anchor.dev.

Key Topics:

  • The Importance of Certificates: Ben explains how certificate mismanagement can lead to outages and business interruptions, and why automation is crucial.

  • TLS and ACME: Understanding how TLS secures communications and how ACME clients automate certificate management.

  • Anchor.dev: A cloud service that simplifies internal CA management and helps companies secure their internal networks with automated renewals and distribution.

  • LCL Host: A tool from Anchor.dev that enables HTTPS in local development environments, improving deployment workflows.

Links:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


The Origins of Risky Business with Patrick Gray

Summary:

Patrick Gray, the host of the Risky Business podcast, shares how he transitioned from a tech journalist to a leading voice in cybersecurity podcasting. Patrick discusses the origins of his podcast, the evolution of his content, and how he maintains integrity with sponsors. He also offers advice for aspiring podcasters on focusing on the audience and using the right tools.

Key Topics:

  • The unexpected inspiration behind Risky Business.

  • Moving from general tech journalism to focused security content.

  • The importance of understanding technical details in reporting.

  • The growth of the Risky Business team and their venture into video content.

  • Navigating sponsorships while maintaining editorial independence.

  • Advice for new podcasters: prioritize your audience and use the right tools.

Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to Navigate a Career in Cybersecurity

Summary:

In this episode, Timothy De Block sits down with Ralph Collum, a cybersecurity educator with over a decade of experience in the field. They delve into Ralph's career journey, discussing his transition from a chemist to a cybersecurity professional and the various roles he's taken on, including server administration, auditing, and penetration testing. Ralph shares insights on the importance of soft skills, continuous learning, and the evolving landscape of cybersecurity.

Key Topics Discussed:

  • Ralph’s Career Journey

  • The Impact of the Pandemic on Cybersecurity Groups

  • Getting Into Cybersecurity

  • The Role of Soft Skills in Cybersecurity

  • The Impact of AI on Cybersecurity Careers

  • Resources and Recommendations

Resources Mentioned:

  • Books:

    • The Code to the Dead Cow Joseph Menn

    • Spam Nation by Brian Krebs

    • The Art of Invisibility by Kevin Mitnick

    • Social Engineering: The Science of Human Hacking by Christopher Hadnagy

  • Websites:

    • Help Net Security

    • Bleeping Computer

    • Hacker News

    • Dark Reading

  • Tools:

    • Feedly for organizing cybersecurity news

    • TryHackMe and Hack The Box for practical labs

Connect with Ralph Collum:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


SIM Swapping: How Worrying is it in 2024?

Summary:

Episode Summary: In this exchanged episode, Timothy De Block chats with Mubix about the intricacies of SIM swapping, an attack vector that has seen significant attention. They discuss the current state of SIM swapping, how attackers exploit this technique, and the measures carriers have implemented to mitigate these risks. Mubix highlights the importance of understanding your risk profile and the practical steps organizations and individuals can take to protect themselves.

Key Topics:

  • The evolution and difficulty of executing SIM swapping attacks.

  • Real-world examples and the misclassification of SIM swapping incidents.

  • The impact of enhanced carrier protections and the role of user awareness.

  • The distinction between SIM swapping and other forms of social engineering.

  • Practical advice for businesses and high-risk individuals to safeguard against SIM swapping.

Discussion Points:

  • SIM swapping detection and reporting procedures.

  • The role of eSIMs and potential security concerns.

  • The importance of proactive security measures and user empowerment.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How Artificial Intelligence is impacting Cybersecurity with Steve Orrin

Summary:

In this engaging episode, Timothy De Block speaks with Steve Orrin Federal CTO at Intel about the intersection of artificial intelligence and cybersecurity. The conversation delves into the challenges and opportunities that AI presents in the cybersecurity landscape, exploring topics such as deep fakes, disinformation, and the implementation of AI in security practices.

Key Discussion Points:

  1. AI in Cybersecurity:

    • The rise of AI in both defensive and offensive cybersecurity strategies.

    • How AI is being used to enhance security measures and identify threats.

  2. Deep Fakes and Disinformation:

    • The challenges posed by deep fakes in the current digital landscape.

    • Techniques to detect and counteract deep fakes.

    • The implications of deep fake technology on public opinion and security.

  3. Practical AI Applications:

    • Real-world examples of AI in action within cybersecurity frameworks.

    • The role of AI in threat detection and response.

    • Implementing AI to automate routine security tasks, freeing up human resources for more complex issues.

  4. Policy and Ethical Considerations:

    • The importance of developing policies for the responsible use of AI.

    • Ethical considerations in deploying AI for cybersecurity purposes.

    • Balancing innovation with security in AI development.

  5. Future of AI and Cybersecurity:

    • Upcoming trends in AI and their potential impact on cybersecurity.

    • The evolving nature of cyber threats and how AI can adapt to these changes.

    • The need for continuous learning and adaptation in the face of rapidly advancing technology.

Resources Mentioned:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to Automate Information Security with Python

Summary:

In this automatic episode of Exploring Information Security, Timothy De Block talks with Mark Baggett about automating information security tasks using Python. They delve into the SANS SEC573 and SEC673 courses, which cover Python basics, advanced automation techniques, and real-world applications. Mark shares insights on using AI for coding, highlights his YouTube series "Infosec Tool Shed," and discusses upcoming workshops and conferences. The conversation also touches on the importance of Python in information security and practical experiences in automating security tasks.

Key Discussion Points:

  • Mark's journey in automating security tasks with Python.

  • Overview of SANS SEC573 and SEC673 courses.

  • Practical applications of Python in information security.

  • Using AI for coding and debugging.

  • Mark’s YouTube series "Infosec Tool Shed."

  • Upcoming workshops and conferences.

Links and Resources:

  • SANS SEC573 Course: https://www.sans.org/cyber-security-courses/automating-information-security-with-python/

  • SANS SEC673 Course: https://www.sans.org/cyber-security-courses/advanced-information-security-automation-with-python/

  • Infosec Tool Shed YouTube Series: https://www.youtube.com/@markbaggett/videos

  • Upcoming Workshop Registration 31 July, 2024: https://www.sans.org/webcasts/advanced-python-automation-hands-on-workshop-2024/

  • B-Sides Augusta Conference: https://bsidesaugusta.org/

  • Cyber Security Training at SANS Network Security Las Vegas 2024: https://www.sans.org/cyber-security-training-events/network-security-2024/

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


HallwayCon from the floor of ShowMeCon 2024

Summary:

In this off-the-cuff episode, Timothy De Block brings a mic to the floor of ShowMeCon for the first-ever HallwayCon podcast episode. He walks around with a mic and recorder, engaging in spontaneous conversations with random attendees. Timothy highlights the immense value of attending security conferences, emphasizing that these real, impromptu conversations with professionals are crucial for expanding knowledge and building relationships within the industry. This unique approach captures some just some of the many conversations going on at security conferences.

Key Topics Discussed:

  1. Importance of Networking:

    • Knowing your target employers and daily tasks.

    • Overcoming the fear of talking to strangers.

  2. Effective Techniques:

    • Asking engaging questions.

    • Volunteering and getting involved.

  3. Conference Culture:

    • Evolution of conference attire.

    • Balancing business and casual environments.

  4. Career Challenges:

    • Job market difficulties for younger and older professionals.

    • Role of networking in career advancement.

  5. Humorous Stories:

    • Conference experiences and unique attire.

    • Creative uses of business cards.

  6. Management Insights:

    • Effective management and hiring practices.

    • Importance of structured onboarding.

  7. Impact of AI:

    • AI’s role in security and deepfake technology.

    • Future relevance in cybersecurity.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is Rapid Threat Model Prototyping?

Summary:

In this episode, we sit down with Geoff Hill from Tutamantic_Sec to explore the innovative approach of Rapid Threat Model Prototyping (RTMP). Geoff shares his journey from being a C++ developer to becoming a threat modeling expert, highlighting the challenges and successes he encountered along the way. This episode dives deep into how RTMP can help streamline threat modeling processes, making them more efficient and scalable.

Key Discussion Points:

  1. Introduction to RTMP:

    • Geoff explains the origins and the need for a new threat modeling approach.

    • Discussion on traditional threat modeling challenges and how RTMP addresses them.

  2. Implementation and Benefits:

    • Detailed walkthrough of RTMP’s implementation in various organizations.

    • How RTMP integrates with existing development workflows like Agile and DevOps.

    • Benefits of using RTMP, including reduced workload on security teams and improved security posture.

  3. RTMP Methodology:

    • Explanation of the stages and numerical ranking system in RTMP.

    • How RTMP utilizes open-source frameworks and tools.

    • The role of security champions within development teams.

  4. Practical Applications and Case Studies:

    • Real-world examples of RTMP in action.

    • Success stories and lessons learned from implementing RTMP in different industries.

  5. Future of Threat Modeling:

    • Geoff’s insights on the evolution of threat modeling.

    • Upcoming trends and the importance of being proactive in security.

Resources Mentioned:

Connect with Geoff Hill:

  • Twitter: @Tutamantic_Sec

  • LinkedIn: Geoff Hill

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is the Ransomware Defense Initiative (RDI)?

Summary:

In this episode, Timothy De Block sits down with Ed Rojas to discuss the origins and development of the Ransomware Defense Initiative (RDI). They explore Ed’s motivation behind creating RDI, its evolution, and how it aids organizations in proactively combating ransomware threats.

Key Topics Discussed:

  • Origins of RDI: Ed explains his drive to identify effective controls against ransomware, focusing on proactive measures rather than reactive strategies.

  • Research Findings: Insights from extensive research on ransomware techniques and the identification of key controls.

  • Implementation: How RDI assists organizations in assessing their maturity and readiness against ransomware attacks.

  • Use Cases: Examples of how companies and new CISOs can utilize RDI for rapid assessment and strategic planning.

  • Future Developments: Upcoming features and improvements in RDI to enhance its utility and accessibility.

Quotes:

  • “I wanted to identify a set of controls that everyone should have implemented to be okay against ransomware.”

  • “Most recommendations focus on recovery. I wanted to focus on how we detect and mitigate ransomware attacks as early as possible.”

Resources Mentioned:

Contact Information:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What's Happening at ShowMeCon 2024?

Summary:

In this dynamic episode, host Timothy De Block engages in a lively conversation with Joey Smith, Tim McLaren, and Ben Miller live from the floor of Show Me Con 2024. They discuss various topics including the importance of trust in vendor relationships, the evolution of security roles, and the innovative approaches being adopted in the food industry.

Episode Highlights:

Conversations with Industry Experts:

  • Spontaneous discussions about the importance of genuine interactions at conferences.

  • Joey's perspective on the value of treating vendors with respect and professionalism.

Insights from Tim McLaren:

  • Tim shares his experience transitioning from a vendor-specific role to a broader consultancy position.

  • Discussion on the importance of having diverse solutions and the role of trust in customer relationships.

Ben Miller's Take:

  • Ben emphasizes the need for critical thinking and continuous learning in security roles.

  • Reflections on how past experiences shape current practices in cybersecurity.

Vendor Relationships and Trust:

  • The group discusses the significance of building long-term, trust-based relationships with vendors.

  • Examples of how trust influences decision-making and security practices.

Innovations in Security:

  • Conversations on how emerging technologies and innovative solutions are reshaping the cybersecurity landscape.

  • Joey's insights on the latest advancements and their implications for the industry.

Key Quotes:

  • "Trust is between two people. I don't trust the business or a line of questioning; I trust the individuals behind it." - Joey Smith

  • "Critical thinking and adaptability are essential in the ever-evolving field of cybersecurity." - Ben Miller

Recommended Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is FAIR (Factor Analysis of Information Risk)?

Summary:

In this insightful episode, Timothy De Block sits down with Jack Jones, the creator of the Factor Analysis of Information Risk (FAIR) model. Jack shares his journey and the challenges he faced that led to the creation of FAIR, a groundbreaking framework for understanding and quantifying information risk.

Episode Highlights:

Introduction to FAIR:

  • FAIR stands for Factor Analysis of Information Risk.

  • It is a logical decomposition of the factors that drive how much loss exposure a scenario represents.

Jack's Catalyst for Creating FAIR:

  • The need for a quantifiable measurement of risk during his tenure as a CISO at Nationwide Insurance.

  • The pivotal moment when an executive asked him to quantify the organization's risk exposure.

Understanding Quantitative vs. Qualitative Risk:

  • Quantitative risk involves using units of measurement like percentages and dollar amounts.

  • Qualitative risk is ordinal and involves categories like high, medium, and low without precise measurement units.

Applying FAIR in Organizations:

  • The process of using FAIR starts with understanding the decision you need to support, scoping the scenario, identifying assets, threats, and controls, and using ranges to estimate frequency and impact.

  • FAIR helps in prioritizing risks and determining the ROI on security investments.

Challenges and Solutions in Using FAIR:

  • Common challenges include the perception that perfect data is needed, the skills gap, and the complexity of scaling quantitative analysis.

  • Leveraging community resources, training, and new automated solutions from vendors can help overcome these challenges.

Resources and Training:

  • The FAIR Institute offers free membership and extensive resources.

  • The Open Group provides professional certification and training materials.

  • The book "Measuring and Managing Information Risk: A FAIR Approach" is a recommended read.

Key Quotes:

  • "FAIR is about critically thinking about risk. The quantitative measurement is a bonus, but it's really a framework for thinking more clearly about the scenarios we need to manage against." - Jack Jones

  • "Protecting applications from session hijacking involves understanding the application's handling of temporary credentials and implementing robust security measures." - Jack Jones

Recommended Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is the Innocent Lives Foundation?

Summary:

In this episode of Exploring Information Security, Chris Hadnagy and Shane McCombs join the podcast to discuss the Innocent Lives Foundation (ILF). They delve into the challenges of running a nonprofit focused on identifying and reporting online predators, the importance of volunteer mental health, and their personal experiences and motivations behind ILF.

Episode Highlights:

  • Challenges of Running ILF: Chris and Shane discuss the operational complexities and the importance of back-end work, including finances and CPA dealings.

  • Volunteer Involvement and Mental Health: Emphasis on mandatory wellness sessions for volunteers to ensure their mental well-being while dealing with disturbing content.

  • Personal Journeys and ILF’s Growth: Chris shares his unexpected journey from founding ILF to growing it with 40 volunteers and collaborating with the FBI.

  • Board Member Contributions: Stories about diverse board members, including actors and professionals from various fields contributing to ILF’s mission.

  • Prevention and Education Efforts: Shane highlights ILF's focus on preventing exploitation through education and engaging with parents and schools.

Quotes:

  • "Your children need to see you as their advocate, not their adversary." - On the importance of parental support in preventing exploitation.

Resources:

Social Media:

Instagram

Facebook

LinkedIn

YouTube

Twitch

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is Session Hijacking?

Summary:

In this informative episode, Timothy De Block discusses session hijacking with Web Application Security Engineer and PractiSec Founder Tim Tomes. The discussion delves into the intricacies of session hijacking, exploring its mechanics, vulnerabilities, and prevention strategies.

Tim’s website: https://www.lanmaster53.com/

You can reach out to Tim for Training, Consulting, Coaching, Remediation Support, and DevSecOps.

Episode Highlights:

  • Understanding Session Hijacking:

    • Tim Tomes clarifies the common misconceptions about session hijacking, emphasizing its relation to temporary credentials rather than sessions alone.

    • The conversation covers the technical aspects, including how sessions and tokens are hijacked, and the role of cookies in managing temporary credentials.

  • Technical Mechanisms and Vulnerabilities:

    • Detailed explanation of how session hijacking occurs, focusing on temporary credential management and the vulnerabilities that allow hijackers to exploit these credentials.

  • Prevention and Security Best Practices:

    • Strategies to prevent session hijacking, such as secure management of tokens and sessions, are discussed.

    • Importance of using flags like HTTPOnly and Secure to protect data transmitted in cookies.

  • Common Tools and Exploitation Techniques:

    • Tim Tomes discusses common tools like Burp Suite and its Collaborator tool for detecting and exploiting session hijacking vulnerabilities.

  • Real-world Application and Examples:

    • Practical insights into how session hijacking is executed in the real world, including Tim’s personal experiences and how these vulnerabilities are identified during security assessments.

Key Quotes:

  • "Session hijacking is not just about stealing sessions; it's about exploiting the temporary credentials that represent a user." - Tim Tomes

  • "Protecting applications from session hijacking involves understanding the application's handling of temporary credentials and implementing robust security measures." - Tim Tomes

Recommended Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

How to Get Into Control Systems Security

Summary:

In this episode, Mike Holcomb discusses the intricacies of Industrial Control Systems (ICS) and Operational Technology (OT) security. Michael provides a comprehensive overview of the challenges and strategies associated with securing ICS and OT environments.

Episode Highlights:

  • Michael discusses the evolution of the Bsides Greenville event, emphasizing the incorporation of OT topics and the balance they aim to maintain between IT and OT content.

  • Michael shares insights into the unique cybersecurity challenges faced by different sectors, including manufacturing and power plants.

  • A deep dive into network architecture in ICS environments reveals the importance of segmentation and controlled access between IT and OT networks.

  • Michael emphasizes the critical nature of asset management and network monitoring in maintaining security in ICS environments.

  • The conversation also covers the increasing convergence of IT and OT systems and the implications for security.

  • Michael touches on the impact of ransomware on ICS environments and the need for robust incident response plans.

Guest Biography: Mike Holcomb is a seasoned expert in ICS and OT security, with extensive experience in developing and implementing security strategies in some of the world's largest industrial environments. He has contributed significantly to the field through education and practical solutions to enhance infrastructure resilience.

Resources Mentioned:

  • Mike Holcomb’s website

    • Free eBooks - Mike mentions that he has written free eBooks on getting started in ICS and OT cybersecurity, tailored for those coming from IT backgrounds and those from engineering or automation backgrounds.

  • YouTube Course - A free 25-hour course available on YouTube, designed to help beginners in ICS and OT cybersecurity.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


Catching up with Mental Health Hackers Founder Amanda Berlin at ShowMeCon

Summary:

In this relaxed and engaging episode recorded from air loungers at Show Me Con, Timothy De Block catches up with Amanda Berlin from Mental Health Hackers during Mental Health Awareness Month. They discuss the importance of mental health in the IT security industry, which is often fraught with stress and high demands.

Episode Highlights:

  1. Personal Stories of Mental Health: Timothy and Amanda share their personal experiences with mental health challenges, emphasizing the common struggles many face in the IT security field.

  2. Impact of Alcohol: The discussion explores the impact of alcohol on mental health, particularly how it affects sleep and stress levels. They touch upon efforts to create event spaces that offer alternatives to alcohol-centric activities.

  3. Mental Health Hackers: Amanda talks about the work of Mental Health Hackers, a group that attends various conferences to provide spaces for people to relax and decompress.

  4. Fundraising and Awareness: Mention of Mental Health Hackers' new t-shirt campaign designed to promote mental wellness, with proceeds supporting their activities at conferences. You can get T-Shirts here: https://www.customink.com/fundraising/mental-health-awareness-for-mhh

Key Quotes:

  • "It’s really about awareness... paying attention to how habits like drinking can impact our mental state and sleep." - Timothy De Block

  • "We need to create environments at events where drinking isn’t the main focus, allowing people to enjoy without the pressure of alcohol." - Amanda Berlin

Additional Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]