ShowMeCon: Couch to Compromise with Johnny Xmas

Summary:

Veteran conference speaker Johnny Xmas joins me to discuss ShowMeCon and his talk Couch to Compromise the 2024 edition. His talk is an update from previous years which goes over the latest attacks impacting organizations.

Episode Highlights:

Johnny Xmas with a not a flamethrower

Guest Information:

Johnny Xmas: The Most Interesting Man in Information Security

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Bypassing MFA with Shameer Amir

Summary:

Shameer Amir AKA Titan joins me to discuss his upcoming talk on his research into bypassing multifactor authentication (MFA) at the upcoming ShowMeCon conference. In this episode we talk about a variety of different ways of bypassing MFA from human interaction to more technical interactions with the platforms. A lot of what it comes down to is making sure MFA is setup properly.

Episode Highlights:

  • Why this talk

  • Response manipulation

  • SIM jacking

  • Misconfigurations

Guest Information:

Shameer Amir AKA Titan is a globally recognized bug hunter

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


Navigating the Currents of Open Source Intelligence: Insights from the Field

Summary:

Micah Hoffman and Griffin Glynn from My OSINT Training join me to talk about the current state of OSINT. Both bring a wealth of knowledge and first meet while working together at the National Child Protection Task Force. They bring a wealth of knowledge and we get into a lot of the ins and outs of OSINT.

Episode Highlights:

  • What is OSINT?

  • What tools are used for OSINT

  • Social media changes?

  • How do APIs play into OSINT?

  • How is AI impacting OSINT?

Guest Information:

Micah Hoffman and Griffin Glynn co-owners of My OSINT Training environment and co-workers at National Child Protection Task Force (NCPTF)

https://twitter.com/myosinttrainer

https://www.linkedin.com/company/my-osint-training

https://www.myosint.training

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What cybersecurity tools every organization should have

Summary:

Rob Fuller AKA Mubix joins me to talk about security tooling every organization should have. This was a result of a discussion Rob and I were having about Thinkst Canary and RunZero. Two fantastic tools that are low cost, easy implementation, and provide a ton of value to a security team.

Episode Highlights:

  • Lots of tooling to talk about

  • You might hear Rob mention that he’s used one of the tools I suggest in a pentest engagement

Guest Information:

Rob Fuller aka Mubix - Twitter

https://malicious.link/

Resources and Mentions:

RunZero

LinkedIn Suggestions

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Bypassing MFA with Brandon Potter

This is a sponsored podcast by ShowMeCon which is May 13th & 14th. Tickets are still available! They’re also still looking for sponsors. Don't miss out on this opportunity to be part of the cybersecurity event of the year! Whether you're looking to learn, network, or elevate your brand, ShowMeCon is the place to be.

Summary:

Brandon Potter Chief Technology Officer of ProCircular, Inc.

Brandon Potter joins me to discuss the different ways he’s seeing MFA bypassed as part of his companies work. Attackers are using old and new techniques to discover creative ways to bypass MFA. This is a result of more companies getting onboard with MFA. Unfortunately, that means attackers are going to start to find more ways to bypass MFA. A lot of what Brandon is seeing is coming down to misconfiguration with how MFA is implemented and attackers are starting to use browser in the middle to hijack sessions. Finally, we go over how AI is going to impact MFA.

Episode Highlights:

  • ShowMeCon one of the few conferences in the Midwest to attend

  • Bypassing MFA

  • Misconfigurations in MFA

  • Browser-in-the-middle

  • Where is MFA being bypassed?

  • How is AI going to impact bypassing MFA

Guest Information:

Brandon Potter (CISSP, GSEC, GCIH, CCFP, GWAPT) is the Chief Technology Officer of ProCircular, Inc.,

Brandon Potter LinkedIn

ProCircular Website

ProCircular LinkedIn

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is a Canary?

Summary:

Tyron Kemp Presales Engineer at Thinkst Canary joined me to discuss what is a canary. More specifically Thinkst Canaries which is one of the most useful and simple to use tools in the security space. I’m surprised I haven’t heard of more companies using the tool. You drop it in an environment and if you get people scanning or touching it alerts the people that can respond. It’s as simple as that.

Episode Highlights:

  • What is a canary?

  • How are canaries used?

  • How Thinkst contributed to the community through free tools like Log4j discovery

  • How do canaries get implemented?

  • What’s ahead for Thinkst?

  • How AI will impact canaries

Guest Information:

Tyron Kemp Presales Engineer at Thinkst Canary - LinkedIn

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Kevin Johnson and whatever he wants to talk about

This is a sponsored podcast by ShowMeCon which is May 13th & 14th. Tickets are still available! They’re also still looking for sponsors. Don't miss out on this opportunity to be part of the cybersecurity event of the year! Whether you're looking to learn, network, or elevate your brand, ShowMeCon is the place to be.

Summary:

Kevin Johnson CEO of Secure Ideas

Kevin Johnson the Chief Executive Officer of Secure Ideas joined me to discuss ShowMeCon and his keynote presentation on the infosec community rising from the ashes like a phoenix. It’s been a while since I’ve had the opportunity to catch up with Kevin but we got right into it and had a lot of great laughs. It’s a little all over the place with talk about ShowMeCon, reincarnation, and John Wick as a romantic comedy. Also, there is an EXPLICIT tag on this podcast.

Check the episode highlights below for a jingle on the topic.

Episode Highlights:

(Verse 1)
🎶 In the world of cyber, there's a place to be,
ShowMeCon's the event, in the tech sea.
Kevin Johnson's leading, with a tech-savvy crew,
Bringing folks together, showing what they can do. 🎶

(Chorus)
🎵 ShowMeCon, ShowMeCon, where the tech minds meet,
Diving deep in cyber streets, where challenges and passions greet.
From the ashes, we will rise, like a phoenix, bold and wise,
ShowMeCon, the stage is set, for a tech adventure you won't forget. 🎵

(Verse 2)
🎶 Imagine John Wick, with a softer side,
In a rom-com twist, where love and action collide.
He's hacking through the heart, with a smile so wide,
At ShowMeCon, where worlds of tech and romance abide. 🎶

(Bridge)
🎵 Rising from the ashes, with the phoenix's flight,
We'll conquer cyber battles, in the neon light.
Kevin Johnson guides us, through the digital night,
At ShowMeCon, we'll learn, we'll grow, and take our dreams to height. 🎵

(Chorus)
🎵 ShowMeCon, ShowMeCon, where the future's bright,
Join us in the journey, in the quest for cyber might.
From the ashes, we will rise, with our hearts and minds entwined,
ShowMeCon, where dreams take flight, and every moment's a delight. 🎵

Guest Information:

Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.

Resources and Mentions:

Secure Ideas

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to implement a DAST

Summary:

Frank Catucci CTO & Head of Security Research at Invicti is someone who I go back with many years. We both meet while working for the state of South Carolina. I was happy to see him end up at Invicti because I think they have a great podcast focused primarily on Dynamic Application Security Testing (DAST). We get into a variety of topics in this episode around MoveIT, implementing DAST, APIs, and AI.

Episode Highlights:

  • How DAST could have helped with MoveIT

  • How to implement DAST into the SDLC

  • Automation that can be setup with DAST

  • How tickets from DAST should be handled

  • How AI is going to change DAST

  • How DAST handles APIs

Guest Information:

Frank Catucci CTO & Head of Security Research at Invicti - LinkedIn

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is Mimikatz?

Summary:

Rob Fuller aka Mubix joins me to discuss what is Mimikatz? This came from some research I was doing online about hacker tools. I went to the Mimikatz GitHub repo and was immediately hit with a warning that it was a malicious site. Then I looked at the GitHub page and noticed it hadn’t been updated in years.

This lead me to reach out to Hacker Historian Mubix to get the skinny on Mimikatz. He provided some interesting not well known insights that you’ll have to listen to the episode to hear.

Episode Highlights:

  • Why Mimikatz is still around

  • What is Mimikatz?

  • How is it used?

  • How to detect Mimikatz

Guest Information:

Rob Fuller aka Mubix

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How responding to phishing has changed in the last five years

Summary:

Kyle Andrus is a seasoned incident responder for a top 500 company. He’s a regular on the podcast when I need to talk incident response and specifically phishing. I last had him on over five years ago to talk about building a malicious link clicker which I used quite a bit in my day-to-day job. Fast forward several years and things have changed significantly.

A lot of the things we used to do no longer make sense because tooling has become much better in the enterprise. A lot of security professionals operate there to respond to phishing emails. While our lives are a littler easier that has led to a new set of threats that the security community hasn’t quite gotten their hands wrapped around the newer problems. Finally, we go over how AI is going to impact phishing. I’m sure that will be a question for more many more podcasts.

Episode Highlights:

  • How has phishing response changed?

  • How we respond to phishing emails

  • The mobile device blind spot

  • What’s new in phishing techniques

  • How AI is going to impact phishing

Guest Information:

Kyle Andrus

#MISEC

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to hack a satellite

Summary:

Tim Fowler is an offensive security person at Black Hills Information Security who also happens to be a space nerd thanks to Paul Coggin. I was sitting at the table with Tim at BSides Nashville when Paul planted the seed of satellite hack. Fast forward several hundred hours later and Tim has put together a lot of content on the topic including training for 2024.

He makes a compelling case for why we should care about security in space. Mainly, that it’s the next frontier. After spending over an hour talking to him I completely agree. It’s a path that we’re destined to head and a lot of the big companies are already moving that way. This is also a heavily unexplored space for people looking to get into an emerging field this is it.

Episode Highlights:

  • The history of space and the objects up there

  • Why we should care about security in space

  • The issues with satellite security

  • How to hack a satellite

  • How to secure objects in space

Guest Information:

Tim Fowler, Offensive Security Analyst and Space Nerd at Black Hills Information Security

Resources and Mentions:

Cybersecurity for Space by Jacob G. Oakley

Open Source global network of satellite ground-stations

https://satnogs.org/

Hack-a-sat CTF

https://hackasat.com/

https://github.com/cromulencellc/hackasat-finals-2023

https://github.com/cromulencellc/hackasat-qualifier-2023-techpapers

https://github.com/cromulencellc/hackasat-qualifier-2023

https://github.com/cromulencellc/hackasat-finals-2022

https://github.com/cromulencellc/hackasat-qualifier-2022

Aerospace Village

https://www.aerospacevillage.org/


Open Source Satellite Program

https://www.opensourcesatellite.org/


OpenSatKit

https://github.com/OpenSatKit/OpenSatKit

Nasa Operational Simulation for Small Satellites  - NOS3

https://www.nasa.gov/nasa-operational-simulation-for-small-satellites/

https://github.com/nasa/nos3

AMSAT CubeSatSim

https://github.com/alanbjohnston/CubeSatSim/tree/master

SPARTA - SPACE ATTACK RESEARCH AND TACTIC ANALYSIS (MITRE ATTACK for space)

https://aerospace.org/sparta

SpaceSHIELD - European Space Agency

https://spaceshield.esa.int/

Ethically Hacking Space (eHs) 

https://www.linkedin.com/company/h4ck32n4u75/about/

Black Hat DC 2009 - Adam Laurie - Satellite Hacking for Fun and Profit

https://www.youtube.com/watch?v=PyXZX63etog

Training Class

https://www.antisyphontraining.com/event/introduction-to-cybersecurity-in-space-systems/

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What are the hiring trends in cybersecurity for 2024?

Summary:

Erin Barry, Head of Permanent Talent at Code Red Partners, joined me to discuss the hiring trends she’s seeing as we start 2024. I watched Erin’s talk on Security Hiring Trends from BSides San Francisco last year and thought she provided some really great insights. The end of 2023 has been a weird one especially for hiring. Erin provides some insight into the trends she’s seeing as well as what goes on behind the scenes of a recruiter. There’s also lots of good tips for putting together a resume and then navigating the process.

Episode Highlights:

  • How to stand out as a candidate

  • Networking is still the most important things you can do

  • How has the job search changed?

  • What to put on a resume

Guest Information:

Erin Barry, Head of Permanent Talent at Code Red Partners

LinkedIn

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is ShowMeCon 2024?

Summary:

Dave Chronister the organizer of ShowMeCon joined me to discuss the revival of the conference. ShowMeCon is one of my favorite conferences. I had the pleasure of going to it from 2016-2018. I had plans to return in 2020 but the world event that we shall not speak of happened. I’m happy to see it return in 2024 and I will be there!

We get into a variety of topics around the conference including sponsorship, who attends, the venue, and the theme for 2024. The conference is still looking for sponsors and they’re about to do a second round of call for papers for speakers. If you’re looking to attendee the early bird price ends January 14th, 2024. Looking forward to seeing you there!

Episode Highlights:

  • ShowMeCon is still looking for sponsors

  • Who comes to the conference

  • The origins and venue of ShowMeCon

  • The theme for ShowMeCon 2024

Guest Information:

Dave Chronister organizer of ShowMeCon and CEO of Parameter Security

Resources and Mentions:

  • ShowMeCon

  • For questions reach out to info@showmecon.com

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


The Exploring Information Security Relaunch

Summary:

In this return episode of the Exploring Information Security podcast, I talk about the relaunch of the podcast. What I’m looking to accomplish and how people can help out. You check out the blog post I did on the relaunch.

Key Topics:

  • Happy to be back

  • Career transition

  • Service offerings

  • How people can help out.

Guest Information:

Timothy De Block, Founder of Exploring Information Security

Resources and Mentions:

Contact Information:

Reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]