What is the Ransomware Defense Initiative (RDI)?

Summary:

In this episode, Timothy De Block sits down with Ed Rojas to discuss the origins and development of the Ransomware Defense Initiative (RDI). They explore Ed’s motivation behind creating RDI, its evolution, and how it aids organizations in proactively combating ransomware threats.

Key Topics Discussed:

  • Origins of RDI: Ed explains his drive to identify effective controls against ransomware, focusing on proactive measures rather than reactive strategies.

  • Research Findings: Insights from extensive research on ransomware techniques and the identification of key controls.

  • Implementation: How RDI assists organizations in assessing their maturity and readiness against ransomware attacks.

  • Use Cases: Examples of how companies and new CISOs can utilize RDI for rapid assessment and strategic planning.

  • Future Developments: Upcoming features and improvements in RDI to enhance its utility and accessibility.

Quotes:

  • “I wanted to identify a set of controls that everyone should have implemented to be okay against ransomware.”

  • “Most recommendations focus on recovery. I wanted to focus on how we detect and mitigate ransomware attacks as early as possible.”

Resources Mentioned:

Contact Information:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What's Happening at ShowMeCon 2024?

Summary:

In this dynamic episode, host Timothy De Block engages in a lively conversation with Joey Smith, Tim McLaren, and Ben Miller live from the floor of Show Me Con 2024. They discuss various topics including the importance of trust in vendor relationships, the evolution of security roles, and the innovative approaches being adopted in the food industry.

Episode Highlights:

Conversations with Industry Experts:

  • Spontaneous discussions about the importance of genuine interactions at conferences.

  • Joey's perspective on the value of treating vendors with respect and professionalism.

Insights from Tim McLaren:

  • Tim shares his experience transitioning from a vendor-specific role to a broader consultancy position.

  • Discussion on the importance of having diverse solutions and the role of trust in customer relationships.

Ben Miller's Take:

  • Ben emphasizes the need for critical thinking and continuous learning in security roles.

  • Reflections on how past experiences shape current practices in cybersecurity.

Vendor Relationships and Trust:

  • The group discusses the significance of building long-term, trust-based relationships with vendors.

  • Examples of how trust influences decision-making and security practices.

Innovations in Security:

  • Conversations on how emerging technologies and innovative solutions are reshaping the cybersecurity landscape.

  • Joey's insights on the latest advancements and their implications for the industry.

Key Quotes:

  • "Trust is between two people. I don't trust the business or a line of questioning; I trust the individuals behind it." - Joey Smith

  • "Critical thinking and adaptability are essential in the ever-evolving field of cybersecurity." - Ben Miller

Recommended Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is FAIR (Factor Analysis of Information Risk)?

Summary:

In this insightful episode, Timothy De Block sits down with Jack Jones, the creator of the Factor Analysis of Information Risk (FAIR) model. Jack shares his journey and the challenges he faced that led to the creation of FAIR, a groundbreaking framework for understanding and quantifying information risk.

Episode Highlights:

Introduction to FAIR:

  • FAIR stands for Factor Analysis of Information Risk.

  • It is a logical decomposition of the factors that drive how much loss exposure a scenario represents.

Jack's Catalyst for Creating FAIR:

  • The need for a quantifiable measurement of risk during his tenure as a CISO at Nationwide Insurance.

  • The pivotal moment when an executive asked him to quantify the organization's risk exposure.

Understanding Quantitative vs. Qualitative Risk:

  • Quantitative risk involves using units of measurement like percentages and dollar amounts.

  • Qualitative risk is ordinal and involves categories like high, medium, and low without precise measurement units.

Applying FAIR in Organizations:

  • The process of using FAIR starts with understanding the decision you need to support, scoping the scenario, identifying assets, threats, and controls, and using ranges to estimate frequency and impact.

  • FAIR helps in prioritizing risks and determining the ROI on security investments.

Challenges and Solutions in Using FAIR:

  • Common challenges include the perception that perfect data is needed, the skills gap, and the complexity of scaling quantitative analysis.

  • Leveraging community resources, training, and new automated solutions from vendors can help overcome these challenges.

Resources and Training:

  • The FAIR Institute offers free membership and extensive resources.

  • The Open Group provides professional certification and training materials.

  • The book "Measuring and Managing Information Risk: A FAIR Approach" is a recommended read.

Key Quotes:

  • "FAIR is about critically thinking about risk. The quantitative measurement is a bonus, but it's really a framework for thinking more clearly about the scenarios we need to manage against." - Jack Jones

  • "Protecting applications from session hijacking involves understanding the application's handling of temporary credentials and implementing robust security measures." - Jack Jones

Recommended Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is the Innocent Lives Foundation?

Summary:

In this episode of Exploring Information Security, Chris Hadnagy and Shane McCombs join the podcast to discuss the Innocent Lives Foundation (ILF). They delve into the challenges of running a nonprofit focused on identifying and reporting online predators, the importance of volunteer mental health, and their personal experiences and motivations behind ILF.

Episode Highlights:

  • Challenges of Running ILF: Chris and Shane discuss the operational complexities and the importance of back-end work, including finances and CPA dealings.

  • Volunteer Involvement and Mental Health: Emphasis on mandatory wellness sessions for volunteers to ensure their mental well-being while dealing with disturbing content.

  • Personal Journeys and ILF’s Growth: Chris shares his unexpected journey from founding ILF to growing it with 40 volunteers and collaborating with the FBI.

  • Board Member Contributions: Stories about diverse board members, including actors and professionals from various fields contributing to ILF’s mission.

  • Prevention and Education Efforts: Shane highlights ILF's focus on preventing exploitation through education and engaging with parents and schools.

Quotes:

  • "Your children need to see you as their advocate, not their adversary." - On the importance of parental support in preventing exploitation.

Resources:

Social Media:

Instagram

Facebook

LinkedIn

YouTube

Twitch

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is Session Hijacking?

Summary:

In this informative episode, Timothy De Block discusses session hijacking with Web Application Security Engineer and PractiSec Founder Tim Tomes. The discussion delves into the intricacies of session hijacking, exploring its mechanics, vulnerabilities, and prevention strategies.

Tim’s website: https://www.lanmaster53.com/

You can reach out to Tim for Training, Consulting, Coaching, Remediation Support, and DevSecOps.

Episode Highlights:

  • Understanding Session Hijacking:

    • Tim Tomes clarifies the common misconceptions about session hijacking, emphasizing its relation to temporary credentials rather than sessions alone.

    • The conversation covers the technical aspects, including how sessions and tokens are hijacked, and the role of cookies in managing temporary credentials.

  • Technical Mechanisms and Vulnerabilities:

    • Detailed explanation of how session hijacking occurs, focusing on temporary credential management and the vulnerabilities that allow hijackers to exploit these credentials.

  • Prevention and Security Best Practices:

    • Strategies to prevent session hijacking, such as secure management of tokens and sessions, are discussed.

    • Importance of using flags like HTTPOnly and Secure to protect data transmitted in cookies.

  • Common Tools and Exploitation Techniques:

    • Tim Tomes discusses common tools like Burp Suite and its Collaborator tool for detecting and exploiting session hijacking vulnerabilities.

  • Real-world Application and Examples:

    • Practical insights into how session hijacking is executed in the real world, including Tim’s personal experiences and how these vulnerabilities are identified during security assessments.

Key Quotes:

  • "Session hijacking is not just about stealing sessions; it's about exploiting the temporary credentials that represent a user." - Tim Tomes

  • "Protecting applications from session hijacking involves understanding the application's handling of temporary credentials and implementing robust security measures." - Tim Tomes

Recommended Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]

How to Get Into Control Systems Security

Summary:

In this episode, Mike Holcomb discusses the intricacies of Industrial Control Systems (ICS) and Operational Technology (OT) security. Michael provides a comprehensive overview of the challenges and strategies associated with securing ICS and OT environments.

Episode Highlights:

  • Michael discusses the evolution of the Bsides Greenville event, emphasizing the incorporation of OT topics and the balance they aim to maintain between IT and OT content.

  • Michael shares insights into the unique cybersecurity challenges faced by different sectors, including manufacturing and power plants.

  • A deep dive into network architecture in ICS environments reveals the importance of segmentation and controlled access between IT and OT networks.

  • Michael emphasizes the critical nature of asset management and network monitoring in maintaining security in ICS environments.

  • The conversation also covers the increasing convergence of IT and OT systems and the implications for security.

  • Michael touches on the impact of ransomware on ICS environments and the need for robust incident response plans.

Guest Biography: Mike Holcomb is a seasoned expert in ICS and OT security, with extensive experience in developing and implementing security strategies in some of the world's largest industrial environments. He has contributed significantly to the field through education and practical solutions to enhance infrastructure resilience.

Resources Mentioned:

  • Mike Holcomb’s website

    • Free eBooks - Mike mentions that he has written free eBooks on getting started in ICS and OT cybersecurity, tailored for those coming from IT backgrounds and those from engineering or automation backgrounds.

  • YouTube Course - A free 25-hour course available on YouTube, designed to help beginners in ICS and OT cybersecurity.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


Catching up with Mental Health Hackers Founder Amanda Berlin at ShowMeCon

Summary:

In this relaxed and engaging episode recorded from air loungers at Show Me Con, Timothy De Block catches up with Amanda Berlin from Mental Health Hackers during Mental Health Awareness Month. They discuss the importance of mental health in the IT security industry, which is often fraught with stress and high demands.

Episode Highlights:

  1. Personal Stories of Mental Health: Timothy and Amanda share their personal experiences with mental health challenges, emphasizing the common struggles many face in the IT security field.

  2. Impact of Alcohol: The discussion explores the impact of alcohol on mental health, particularly how it affects sleep and stress levels. They touch upon efforts to create event spaces that offer alternatives to alcohol-centric activities.

  3. Mental Health Hackers: Amanda talks about the work of Mental Health Hackers, a group that attends various conferences to provide spaces for people to relax and decompress.

  4. Fundraising and Awareness: Mention of Mental Health Hackers' new t-shirt campaign designed to promote mental wellness, with proceeds supporting their activities at conferences. You can get T-Shirts here: https://www.customink.com/fundraising/mental-health-awareness-for-mhh

Key Quotes:

  • "It’s really about awareness... paying attention to how habits like drinking can impact our mental state and sleep." - Timothy De Block

  • "We need to create environments at events where drinking isn’t the main focus, allowing people to enjoy without the pressure of alcohol." - Amanda Berlin

Additional Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is Have I Been Pwned?

Summary:

In this insightful episode of Exploring Information Security, Troy Hunt, the creator of the widely recognized website, Have I Been Pwned (HIBP) talks about the origins and evolution of the service. Troy discusses his transition from writing about application security to developing HIBP and delves into the impacts of data breaches on both individuals and companies.

Episode Highlights:

  • Impact of HIBP: Troy shares insights on how HIBP has evolved into a crucial tool for internet users to check if their data has been compromised in various data breaches.

  • Community Interaction: Discussion on how the community aids in identifying new breaches and the collective effort to maintain data integrity and security awareness.

  • Legal and Ethical Considerations: Troy talks about navigating legal challenges and ethical dilemmas in disclosing breaches and interacting with affected companies.

  • Technical Insights: An exploration of the technical aspects of running HIBP, including dealing with massive datasets and implementing security measures to protect stored data.

Additional Resources:

  • Have I Been Pwned: Visit HIBP

  • Blog posts by Troy Hunt for further reading on cybersecurity and breach analysis.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to Harness the Power of pfSense for Network Security

Summary:

In this episode of Exploring Information Security, Security Engineer Kyle Goode takes a deep dive into the versatile world of pfSense, a robust open-source firewall and router that has been a mainstay in the network security arena for over two decades. Kyle shares insights from his own experiences with pfSense, exploring both the practical and technical aspects of setting up and managing a pfSense system.

Episode Highlights:

  • Setting Up pfSense: Practical tips on how to set up pfSense on different types of hardware, and troubleshooting common setup issues.

  • Security Customizations: Detailed discussion on customizing pfSense for enhanced security, including the use of threat feeds and SSL inspection.

  • Maintenance and Updates: Tips on maintaining a pfSense installation, including regular updates and leveraging community resources for troubleshooting.

  • Benefits of Using pfSense: A look at the benefits of using pfSense over commercial routers, especially for those interested in a deeper understanding of network security.

Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What are Deepfakes with Dr. Donnie Wendt

Summary:

In this enlightening episode of the Exploring Information Security podcast, we dive deep into the world of deepfakes with Dr. Donnie Wendt. With a background in cybersecurity at MasterCard, Dr. Wendt shares his journey into the exploration of deepfake technology, from setting up a home lab using open-source tools to presenting the potential business impacts of deepfakes to leadership teams.

Key Discussions:

  • What are Deepfakes? Dr. Wendt explains the basics of deepfakes, a technology that uses machine learning to superimpose someone's likeness onto another person, creating realistic fake videos or audio recordings. Initially used for nefarious purposes, the technology has found applications in politics, social engineering, and entertainment.

  • Creating Deepfakes: Discover how Dr. Wendt utilized open-source tools and a good Nvidia video card to experiment with deepfake creation, including making Nicholas Cage a regular "guest" in security briefings at MasterCard.

  • The Threat Landscape: Dr. Wendt discusses the use of deepfakes in political manipulation and fraud, highlighting recent instances where deepfakes have influenced elections and scammed individuals and businesses out of large sums of money.

  • Detection and Prevention: The conversation touches on the challenges of distinguishing deepfakes from real footage, emphasizing the importance of skepticism, critical thinking, and verification processes to combat misinformation.

  • Positive Applications: Despite their potential for misuse, deepfakes also have beneficial uses, such as giving voice back to ALS patients, recreating historical speeches, and aiding medical diagnosis. Dr. Wendt stresses the importance of recognizing the technology's positive impact alongside its threats.

Episode Highlights:

  • Dr. Wendt's firsthand experience with creating deepfakes and the technical requirements for doing so.

  • Insight into the evolving capabilities of deepfake technology and the cat-and-mouse game between creators and detectors.

  • The significance of robust verification processes within organizations to safeguard against deepfake-related fraud.

Resources Mentioned:

  • Faceswap.dev: An open-source tool for experimenting with different deepfake creation algorithms.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


The Crucial Gap in Control Systems Security: A Deep Dive with Joe Weiss

Summary:

In this compelling episode of the Exploring Information Security podcast, we sit down with Joe Weiss, a seasoned expert in control systems security, to unravel the complexities and challenges facing the security of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems today.

Key Topics Discussed:

  • Understanding SCADA/ICS: Joe Weiss provides an in-depth explanation of what SCADA and ICS are, emphasizing their critical role in monitoring and controlling physical processes across various industries, from utilities to manufacturing.

  • The Security Gap: Weiss outlines the fundamental security gap existing between traditional IT cybersecurity measures and the unique needs of control systems. He highlights the dire consequences of neglecting the security of these systems, including potential physical damage and disruptions to critical infrastructure.

  • Bridging the Divide: The conversation delves into the challenges of bridging the knowledge and communication gap between IT professionals and engineers. Weiss stresses the importance of integrating engineering insights with cybersecurity practices to protect control systems effectively.

  • Historical Oversights and Current Challenges: Reflecting on over two decades of experience, Weiss discusses how historical oversights and the prioritization of IT security have led to vulnerabilities in control systems. He calls for a paradigm shift in how organizations and governments approach the cybersecurity of physical infrastructure.

  • Future Outlook and Solutions: Looking ahead, Weiss offers insights into the future of control systems security, advocating for education, awareness among senior management, and the need for a holistic approach that encompasses both the digital and physical aspects of security.

Episode Highlights:

  • A Call to Action for Senior Management: Weiss underscores the critical need for senior management in both the private and public sectors to recognize the existential threat posed by inadequate control systems security.

  • The Importance of Engineering Knowledge: The discussion emphasizes the need for cybersecurity professionals to possess a foundational understanding of engineering principles to secure control systems effectively.

  • Practical Steps Forward: Weiss suggests practical steps for improving the security posture of control systems, including enhancing cross-disciplinary education, fostering collaboration between IT and engineering teams, and adopting security measures tailored to the unique characteristics of control systems.

Resources:
Blog: Control Global - Unfettered

Applied Control Systems

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Talking PCI 4.0 change with Jeff Man

Summary:

Hacker Jeff Man

Welcome to a special edition of the Exploring Information Security podcast, where we dive into the intricacies of cybersecurity with industry veteran Jeff Man! A distinguished figure in cybersecurity Jeff has a wealth of experience that spans over four decades, including his early years at the National Security Agency and extensive work in the private sector.

This podcast sponsored by ShowMeCon.

Key Discussions:

  • Jeff's Journey: From his initial steps in the cybersecurity realm at the NSA to becoming a pivotal player in the payment card industry, Jeff shares his rich journey and the lessons learned along the way.

  • The Essence of PCI DSS 4.0: With the imminent rollout of PCI DSS version 4.0, Jeff breaks down the major changes and what organizations need to focus on to remain compliant. He emphasizes the shift towards continuous security practices over checkbox compliance.

  • Tales from the Crypt(analyst): Jeff gives us a sneak peek into his upcoming keynote at ShowMeCon, titled "Tales from the Crypt(analyst)," where he'll explore his cybersecurity adventures and the evolution of cyber threats and defenses over the years.

  • The Cloud Misconception: A discussion on common misconceptions about cloud security and the continuous responsibility of organizations to secure their cloud environments.

  • PCI as a Framework for Critical Infrastructure: Jeff argues that the PCI DSS, often seen merely as a compliance standard, holds the potential to serve as a robust security framework for various industries, including critical infrastructure.

Episode Highlights:

  • Advice from a Veteran: Jeff shares invaluable insights on the importance of understanding cybersecurity history to better navigate current and future challenges.

  • The Reality of Compliance and Security: Through anecdotes and personal experiences, Jeff illustrates the often-overlooked aspects of implementing and maintaining security measures effectively.

  • A Look Ahead: With PCI DSS 4.0 set to redefine compliance standards, Jeff offers practical advice for organizations to adapt and evolve their security posture.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: How AI will impact Cybersecurity Enhancements and Threats with Jayson E. Street

Summary:

Jayson E. Street

In this engaging episode Jayson E. Street, a renowned cybersecurity expert, joins me to discuss the return of ShowMeCon, the impact of AI in cybersecurity, and innovative strategies for enhancing security and combating threats. Jayson shares his excitement for ShowMeCon, insights on utilizing AI for security enhancements rather than traditional attacks, and offers practical advice for users, executives, and information security professionals.

This podcast sponsored by ShowMeCon.

Episode Highlights:

  • ShowMeCons return

  • Utilizing AI in Cybersecurity

  • Creative Use of AI for Security

  • Practical Security Tips Across the Board

  • The Future of AI in Security

Guest Information:

Jayson E. Street referred to in the past as: A "notorious hacker" by FOX25 Boston, "World Class Hacker" by National Geographic Breakthrough Series and described as a "paunchy hacker" by Rolling Stone Magazine.

He however prefers if people refer to him simply as a Hacker, Helper & Human.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Azure Vulnerabilities with Scott Miller

Scott Miller

Summary:

Scott Miller, a fresh voice in the cybersecurity arena, joins me to discuss the intricacies of hacking Azure services. Scott shares his journey from a recent college graduate to becoming a speaker at cybersecurity conferences, along with valuable insights into Azure AD (Active Directory), vulnerabilities within cloud services, and the art of escalation.

This episode sponsored by ShowMeCon.

Episode Highlights:

  • Scott's Entry into Cybersecurity

  • Focus on Azure AD

  • Exploring Vulnerabilities

  • Methodology and Tools

  • Learning and Resources

  • The Importance of Entry-Level Accessibility

Scott Miller Penetration Tester at Accenture

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Unraveling the Cybersecurity Fabric of Space and SCADA Networks with Paul Coggin

Paul Coggin

Summary:

In this captivating episode of the "Exploring Information Security" podcast, cybersecurity expert Paul Coggin discusses the intricate world of threat hunting in SCADA networks and the emerging frontier of space cybersecurity. From the inspiration drawn from Transformers movies to the sophisticated attacks like Stuxnet, Coggin delves deep into how monitoring physical indicators could revolutionize our approach to cybersecurity in both terrestrial and extraterrestrial domains.

This podcast is sponsored by ShowMeCon.

Episode Highlights:

  • The significance of ShowMeCon in filling the void left by other conferences.

  • Paul's historical involvement and contribution to the naming of ShowMeCon and DerbyCon.

  • The Internet of Military Things

  • Initiating Threat Hunting in New Domains

  • Case Studies and Practical Applications

  • Looking Ahead: Cybersecurity in Space

Guest Information:

Paul Coggin is a Cyber SME at nou Systems, Inc.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Talking with the Iceland Viking Arnar

Summary:

Arnar is not a speaker this year at ShowMeCon but he will be in attendance. He doesn’t work in the security field but he’s doing some really advanced stuff with cooling in cloud environments. We get into a little bit of everything around what he’s doing as well as talk about AI. Surprise!

This podcast is sponsored by ShowMeCon.

Episode Highlights:

  • What Arnar is looking forward to at ShowMeCon

  • Some of the cool things he’s doing with his company

  • AI

Guest Information:

Arnar

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Talking Sysmon with Amanda Berlin

Amanda Berlin

Summary:

Amanda Berlin is Lead Incident Detection Engineer at Blumira, where she leads the development of new detections for the Blumira platform, based on threat intelligence and research. In this episode I catch up with her to talk about Sysmon and ShowMeCon. Sysmon is such a great tool for getting more information out of your systems. The best part is it’s free.

This podcast is sponsored by ShowMeCon.

Episode Highlights:

  • What is Sysmon

  • How to use Sysmon

  • ShowMeCon

Guest Information:

Amanda Berlin is Lead Incident Detection Engineer at Blumira

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Couch to Compromise with Johnny Xmas

Summary:

Veteran conference speaker Johnny Xmas joins me to discuss ShowMeCon and his talk Couch to Compromise the 2024 edition. His talk is an update from previous years which goes over the latest attacks impacting organizations.

Episode Highlights:

Johnny Xmas with a not a flamethrower

Guest Information:

Johnny Xmas: The Most Interesting Man in Information Security

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Bypassing MFA with Shameer Amir

Summary:

Shameer Amir AKA Titan joins me to discuss his upcoming talk on his research into bypassing multifactor authentication (MFA) at the upcoming ShowMeCon conference. In this episode we talk about a variety of different ways of bypassing MFA from human interaction to more technical interactions with the platforms. A lot of what it comes down to is making sure MFA is setup properly.

Episode Highlights:

  • Why this talk

  • Response manipulation

  • SIM jacking

  • Misconfigurations

Guest Information:

Shameer Amir AKA Titan is a globally recognized bug hunter

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


Navigating the Currents of Open Source Intelligence: Insights from the Field

Summary:

Micah Hoffman and Griffin Glynn from My OSINT Training join me to talk about the current state of OSINT. Both bring a wealth of knowledge and first meet while working together at the National Child Protection Task Force. They bring a wealth of knowledge and we get into a lot of the ins and outs of OSINT.

Episode Highlights:

  • What is OSINT?

  • What tools are used for OSINT

  • Social media changes?

  • How do APIs play into OSINT?

  • How is AI impacting OSINT?

Guest Information:

Micah Hoffman and Griffin Glynn co-owners of My OSINT Training environment and co-workers at National Child Protection Task Force (NCPTF)

https://twitter.com/myosinttrainer

https://www.linkedin.com/company/my-osint-training

https://www.myosint.training

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]