What is Have I Been Pwned?

Summary:

In this insightful episode of Exploring Information Security, Troy Hunt, the creator of the widely recognized website, Have I Been Pwned (HIBP) talks about the origins and evolution of the service. Troy discusses his transition from writing about application security to developing HIBP and delves into the impacts of data breaches on both individuals and companies.

Episode Highlights:

  • Impact of HIBP: Troy shares insights on how HIBP has evolved into a crucial tool for internet users to check if their data has been compromised in various data breaches.

  • Community Interaction: Discussion on how the community aids in identifying new breaches and the collective effort to maintain data integrity and security awareness.

  • Legal and Ethical Considerations: Troy talks about navigating legal challenges and ethical dilemmas in disclosing breaches and interacting with affected companies.

  • Technical Insights: An exploration of the technical aspects of running HIBP, including dealing with massive datasets and implementing security measures to protect stored data.

Additional Resources:

  • Have I Been Pwned: Visit HIBP

  • Blog posts by Troy Hunt for further reading on cybersecurity and breach analysis.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to Harness the Power of pfSense for Network Security

Summary:

In this episode of Exploring Information Security, Security Engineer Kyle Goode takes a deep dive into the versatile world of pfSense, a robust open-source firewall and router that has been a mainstay in the network security arena for over two decades. Kyle shares insights from his own experiences with pfSense, exploring both the practical and technical aspects of setting up and managing a pfSense system.

Episode Highlights:

  • Setting Up pfSense: Practical tips on how to set up pfSense on different types of hardware, and troubleshooting common setup issues.

  • Security Customizations: Detailed discussion on customizing pfSense for enhanced security, including the use of threat feeds and SSL inspection.

  • Maintenance and Updates: Tips on maintaining a pfSense installation, including regular updates and leveraging community resources for troubleshooting.

  • Benefits of Using pfSense: A look at the benefits of using pfSense over commercial routers, especially for those interested in a deeper understanding of network security.

Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What are Deepfakes with Dr. Donnie Wendt

Summary:

In this enlightening episode of the Exploring Information Security podcast, we dive deep into the world of deepfakes with Dr. Donnie Wendt. With a background in cybersecurity at MasterCard, Dr. Wendt shares his journey into the exploration of deepfake technology, from setting up a home lab using open-source tools to presenting the potential business impacts of deepfakes to leadership teams.

Key Discussions:

  • What are Deepfakes? Dr. Wendt explains the basics of deepfakes, a technology that uses machine learning to superimpose someone's likeness onto another person, creating realistic fake videos or audio recordings. Initially used for nefarious purposes, the technology has found applications in politics, social engineering, and entertainment.

  • Creating Deepfakes: Discover how Dr. Wendt utilized open-source tools and a good Nvidia video card to experiment with deepfake creation, including making Nicholas Cage a regular "guest" in security briefings at MasterCard.

  • The Threat Landscape: Dr. Wendt discusses the use of deepfakes in political manipulation and fraud, highlighting recent instances where deepfakes have influenced elections and scammed individuals and businesses out of large sums of money.

  • Detection and Prevention: The conversation touches on the challenges of distinguishing deepfakes from real footage, emphasizing the importance of skepticism, critical thinking, and verification processes to combat misinformation.

  • Positive Applications: Despite their potential for misuse, deepfakes also have beneficial uses, such as giving voice back to ALS patients, recreating historical speeches, and aiding medical diagnosis. Dr. Wendt stresses the importance of recognizing the technology's positive impact alongside its threats.

Episode Highlights:

  • Dr. Wendt's firsthand experience with creating deepfakes and the technical requirements for doing so.

  • Insight into the evolving capabilities of deepfake technology and the cat-and-mouse game between creators and detectors.

  • The significance of robust verification processes within organizations to safeguard against deepfake-related fraud.

Resources Mentioned:

  • Faceswap.dev: An open-source tool for experimenting with different deepfake creation algorithms.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


The Crucial Gap in Control Systems Security: A Deep Dive with Joe Weiss

Summary:

In this compelling episode of the Exploring Information Security podcast, we sit down with Joe Weiss, a seasoned expert in control systems security, to unravel the complexities and challenges facing the security of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems today.

Key Topics Discussed:

  • Understanding SCADA/ICS: Joe Weiss provides an in-depth explanation of what SCADA and ICS are, emphasizing their critical role in monitoring and controlling physical processes across various industries, from utilities to manufacturing.

  • The Security Gap: Weiss outlines the fundamental security gap existing between traditional IT cybersecurity measures and the unique needs of control systems. He highlights the dire consequences of neglecting the security of these systems, including potential physical damage and disruptions to critical infrastructure.

  • Bridging the Divide: The conversation delves into the challenges of bridging the knowledge and communication gap between IT professionals and engineers. Weiss stresses the importance of integrating engineering insights with cybersecurity practices to protect control systems effectively.

  • Historical Oversights and Current Challenges: Reflecting on over two decades of experience, Weiss discusses how historical oversights and the prioritization of IT security have led to vulnerabilities in control systems. He calls for a paradigm shift in how organizations and governments approach the cybersecurity of physical infrastructure.

  • Future Outlook and Solutions: Looking ahead, Weiss offers insights into the future of control systems security, advocating for education, awareness among senior management, and the need for a holistic approach that encompasses both the digital and physical aspects of security.

Episode Highlights:

  • A Call to Action for Senior Management: Weiss underscores the critical need for senior management in both the private and public sectors to recognize the existential threat posed by inadequate control systems security.

  • The Importance of Engineering Knowledge: The discussion emphasizes the need for cybersecurity professionals to possess a foundational understanding of engineering principles to secure control systems effectively.

  • Practical Steps Forward: Weiss suggests practical steps for improving the security posture of control systems, including enhancing cross-disciplinary education, fostering collaboration between IT and engineering teams, and adopting security measures tailored to the unique characteristics of control systems.

Resources:
Blog: Control Global - Unfettered

Applied Control Systems

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Talking PCI 4.0 change with Jeff Man

Summary:

Hacker Jeff Man

Welcome to a special edition of the Exploring Information Security podcast, where we dive into the intricacies of cybersecurity with industry veteran Jeff Man! A distinguished figure in cybersecurity Jeff has a wealth of experience that spans over four decades, including his early years at the National Security Agency and extensive work in the private sector.

This podcast sponsored by ShowMeCon.

Key Discussions:

  • Jeff's Journey: From his initial steps in the cybersecurity realm at the NSA to becoming a pivotal player in the payment card industry, Jeff shares his rich journey and the lessons learned along the way.

  • The Essence of PCI DSS 4.0: With the imminent rollout of PCI DSS version 4.0, Jeff breaks down the major changes and what organizations need to focus on to remain compliant. He emphasizes the shift towards continuous security practices over checkbox compliance.

  • Tales from the Crypt(analyst): Jeff gives us a sneak peek into his upcoming keynote at ShowMeCon, titled "Tales from the Crypt(analyst)," where he'll explore his cybersecurity adventures and the evolution of cyber threats and defenses over the years.

  • The Cloud Misconception: A discussion on common misconceptions about cloud security and the continuous responsibility of organizations to secure their cloud environments.

  • PCI as a Framework for Critical Infrastructure: Jeff argues that the PCI DSS, often seen merely as a compliance standard, holds the potential to serve as a robust security framework for various industries, including critical infrastructure.

Episode Highlights:

  • Advice from a Veteran: Jeff shares invaluable insights on the importance of understanding cybersecurity history to better navigate current and future challenges.

  • The Reality of Compliance and Security: Through anecdotes and personal experiences, Jeff illustrates the often-overlooked aspects of implementing and maintaining security measures effectively.

  • A Look Ahead: With PCI DSS 4.0 set to redefine compliance standards, Jeff offers practical advice for organizations to adapt and evolve their security posture.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: How AI will impact Cybersecurity Enhancements and Threats with Jayson E. Street

Summary:

Jayson E. Street

In this engaging episode Jayson E. Street, a renowned cybersecurity expert, joins me to discuss the return of ShowMeCon, the impact of AI in cybersecurity, and innovative strategies for enhancing security and combating threats. Jayson shares his excitement for ShowMeCon, insights on utilizing AI for security enhancements rather than traditional attacks, and offers practical advice for users, executives, and information security professionals.

This podcast sponsored by ShowMeCon.

Episode Highlights:

  • ShowMeCons return

  • Utilizing AI in Cybersecurity

  • Creative Use of AI for Security

  • Practical Security Tips Across the Board

  • The Future of AI in Security

Guest Information:

Jayson E. Street referred to in the past as: A "notorious hacker" by FOX25 Boston, "World Class Hacker" by National Geographic Breakthrough Series and described as a "paunchy hacker" by Rolling Stone Magazine.

He however prefers if people refer to him simply as a Hacker, Helper & Human.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Azure Vulnerabilities with Scott Miller

Scott Miller

Summary:

Scott Miller, a fresh voice in the cybersecurity arena, joins me to discuss the intricacies of hacking Azure services. Scott shares his journey from a recent college graduate to becoming a speaker at cybersecurity conferences, along with valuable insights into Azure AD (Active Directory), vulnerabilities within cloud services, and the art of escalation.

This episode sponsored by ShowMeCon.

Episode Highlights:

  • Scott's Entry into Cybersecurity

  • Focus on Azure AD

  • Exploring Vulnerabilities

  • Methodology and Tools

  • Learning and Resources

  • The Importance of Entry-Level Accessibility

Scott Miller Penetration Tester at Accenture

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Unraveling the Cybersecurity Fabric of Space and SCADA Networks with Paul Coggin

Paul Coggin

Summary:

In this captivating episode of the "Exploring Information Security" podcast, cybersecurity expert Paul Coggin discusses the intricate world of threat hunting in SCADA networks and the emerging frontier of space cybersecurity. From the inspiration drawn from Transformers movies to the sophisticated attacks like Stuxnet, Coggin delves deep into how monitoring physical indicators could revolutionize our approach to cybersecurity in both terrestrial and extraterrestrial domains.

This podcast is sponsored by ShowMeCon.

Episode Highlights:

  • The significance of ShowMeCon in filling the void left by other conferences.

  • Paul's historical involvement and contribution to the naming of ShowMeCon and DerbyCon.

  • The Internet of Military Things

  • Initiating Threat Hunting in New Domains

  • Case Studies and Practical Applications

  • Looking Ahead: Cybersecurity in Space

Guest Information:

Paul Coggin is a Cyber SME at nou Systems, Inc.

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Talking with the Iceland Viking Arnar

Summary:

Arnar is not a speaker this year at ShowMeCon but he will be in attendance. He doesn’t work in the security field but he’s doing some really advanced stuff with cooling in cloud environments. We get into a little bit of everything around what he’s doing as well as talk about AI. Surprise!

This podcast is sponsored by ShowMeCon.

Episode Highlights:

  • What Arnar is looking forward to at ShowMeCon

  • Some of the cool things he’s doing with his company

  • AI

Guest Information:

Arnar

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Talking Sysmon with Amanda Berlin

Amanda Berlin

Summary:

Amanda Berlin is Lead Incident Detection Engineer at Blumira, where she leads the development of new detections for the Blumira platform, based on threat intelligence and research. In this episode I catch up with her to talk about Sysmon and ShowMeCon. Sysmon is such a great tool for getting more information out of your systems. The best part is it’s free.

This podcast is sponsored by ShowMeCon.

Episode Highlights:

  • What is Sysmon

  • How to use Sysmon

  • ShowMeCon

Guest Information:

Amanda Berlin is Lead Incident Detection Engineer at Blumira

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Couch to Compromise with Johnny Xmas

Summary:

Veteran conference speaker Johnny Xmas joins me to discuss ShowMeCon and his talk Couch to Compromise the 2024 edition. His talk is an update from previous years which goes over the latest attacks impacting organizations.

Episode Highlights:

Johnny Xmas with a not a flamethrower

Guest Information:

Johnny Xmas: The Most Interesting Man in Information Security

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Bypassing MFA with Shameer Amir

Summary:

Shameer Amir AKA Titan joins me to discuss his upcoming talk on his research into bypassing multifactor authentication (MFA) at the upcoming ShowMeCon conference. In this episode we talk about a variety of different ways of bypassing MFA from human interaction to more technical interactions with the platforms. A lot of what it comes down to is making sure MFA is setup properly.

Episode Highlights:

  • Why this talk

  • Response manipulation

  • SIM jacking

  • Misconfigurations

Guest Information:

Shameer Amir AKA Titan is a globally recognized bug hunter

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


Navigating the Currents of Open Source Intelligence: Insights from the Field

Summary:

Micah Hoffman and Griffin Glynn from My OSINT Training join me to talk about the current state of OSINT. Both bring a wealth of knowledge and first meet while working together at the National Child Protection Task Force. They bring a wealth of knowledge and we get into a lot of the ins and outs of OSINT.

Episode Highlights:

  • What is OSINT?

  • What tools are used for OSINT

  • Social media changes?

  • How do APIs play into OSINT?

  • How is AI impacting OSINT?

Guest Information:

Micah Hoffman and Griffin Glynn co-owners of My OSINT Training environment and co-workers at National Child Protection Task Force (NCPTF)

https://twitter.com/myosinttrainer

https://www.linkedin.com/company/my-osint-training

https://www.myosint.training

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What cybersecurity tools every organization should have

Summary:

Rob Fuller AKA Mubix joins me to talk about security tooling every organization should have. This was a result of a discussion Rob and I were having about Thinkst Canary and RunZero. Two fantastic tools that are low cost, easy implementation, and provide a ton of value to a security team.

Episode Highlights:

  • Lots of tooling to talk about

  • You might hear Rob mention that he’s used one of the tools I suggest in a pentest engagement

Guest Information:

Rob Fuller aka Mubix - Twitter

https://malicious.link/

Resources and Mentions:

RunZero

LinkedIn Suggestions

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Bypassing MFA with Brandon Potter

This is a sponsored podcast by ShowMeCon which is May 13th & 14th. Tickets are still available! They’re also still looking for sponsors. Don't miss out on this opportunity to be part of the cybersecurity event of the year! Whether you're looking to learn, network, or elevate your brand, ShowMeCon is the place to be.

Summary:

Brandon Potter Chief Technology Officer of ProCircular, Inc.

Brandon Potter joins me to discuss the different ways he’s seeing MFA bypassed as part of his companies work. Attackers are using old and new techniques to discover creative ways to bypass MFA. This is a result of more companies getting onboard with MFA. Unfortunately, that means attackers are going to start to find more ways to bypass MFA. A lot of what Brandon is seeing is coming down to misconfiguration with how MFA is implemented and attackers are starting to use browser in the middle to hijack sessions. Finally, we go over how AI is going to impact MFA.

Episode Highlights:

  • ShowMeCon one of the few conferences in the Midwest to attend

  • Bypassing MFA

  • Misconfigurations in MFA

  • Browser-in-the-middle

  • Where is MFA being bypassed?

  • How is AI going to impact bypassing MFA

Guest Information:

Brandon Potter (CISSP, GSEC, GCIH, CCFP, GWAPT) is the Chief Technology Officer of ProCircular, Inc.,

Brandon Potter LinkedIn

ProCircular Website

ProCircular LinkedIn

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is a Canary?

Summary:

Tyron Kemp Presales Engineer at Thinkst Canary joined me to discuss what is a canary. More specifically Thinkst Canaries which is one of the most useful and simple to use tools in the security space. I’m surprised I haven’t heard of more companies using the tool. You drop it in an environment and if you get people scanning or touching it alerts the people that can respond. It’s as simple as that.

Episode Highlights:

  • What is a canary?

  • How are canaries used?

  • How Thinkst contributed to the community through free tools like Log4j discovery

  • How do canaries get implemented?

  • What’s ahead for Thinkst?

  • How AI will impact canaries

Guest Information:

Tyron Kemp Presales Engineer at Thinkst Canary - LinkedIn

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Kevin Johnson and whatever he wants to talk about

This is a sponsored podcast by ShowMeCon which is May 13th & 14th. Tickets are still available! They’re also still looking for sponsors. Don't miss out on this opportunity to be part of the cybersecurity event of the year! Whether you're looking to learn, network, or elevate your brand, ShowMeCon is the place to be.

Summary:

Kevin Johnson CEO of Secure Ideas

Kevin Johnson the Chief Executive Officer of Secure Ideas joined me to discuss ShowMeCon and his keynote presentation on the infosec community rising from the ashes like a phoenix. It’s been a while since I’ve had the opportunity to catch up with Kevin but we got right into it and had a lot of great laughs. It’s a little all over the place with talk about ShowMeCon, reincarnation, and John Wick as a romantic comedy. Also, there is an EXPLICIT tag on this podcast.

Check the episode highlights below for a jingle on the topic.

Episode Highlights:

(Verse 1)
🎶 In the world of cyber, there's a place to be,
ShowMeCon's the event, in the tech sea.
Kevin Johnson's leading, with a tech-savvy crew,
Bringing folks together, showing what they can do. 🎶

(Chorus)
🎵 ShowMeCon, ShowMeCon, where the tech minds meet,
Diving deep in cyber streets, where challenges and passions greet.
From the ashes, we will rise, like a phoenix, bold and wise,
ShowMeCon, the stage is set, for a tech adventure you won't forget. 🎵

(Verse 2)
🎶 Imagine John Wick, with a softer side,
In a rom-com twist, where love and action collide.
He's hacking through the heart, with a smile so wide,
At ShowMeCon, where worlds of tech and romance abide. 🎶

(Bridge)
🎵 Rising from the ashes, with the phoenix's flight,
We'll conquer cyber battles, in the neon light.
Kevin Johnson guides us, through the digital night,
At ShowMeCon, we'll learn, we'll grow, and take our dreams to height. 🎵

(Chorus)
🎵 ShowMeCon, ShowMeCon, where the future's bright,
Join us in the journey, in the quest for cyber might.
From the ashes, we will rise, with our hearts and minds entwined,
ShowMeCon, where dreams take flight, and every moment's a delight. 🎵

Guest Information:

Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.

Resources and Mentions:

Secure Ideas

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to implement a DAST

Summary:

Frank Catucci CTO & Head of Security Research at Invicti is someone who I go back with many years. We both meet while working for the state of South Carolina. I was happy to see him end up at Invicti because I think they have a great podcast focused primarily on Dynamic Application Security Testing (DAST). We get into a variety of topics in this episode around MoveIT, implementing DAST, APIs, and AI.

Episode Highlights:

  • How DAST could have helped with MoveIT

  • How to implement DAST into the SDLC

  • Automation that can be setup with DAST

  • How tickets from DAST should be handled

  • How AI is going to change DAST

  • How DAST handles APIs

Guest Information:

Frank Catucci CTO & Head of Security Research at Invicti - LinkedIn

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


What is Mimikatz?

Summary:

Rob Fuller aka Mubix joins me to discuss what is Mimikatz? This came from some research I was doing online about hacker tools. I went to the Mimikatz GitHub repo and was immediately hit with a warning that it was a malicious site. Then I looked at the GitHub page and noticed it hadn’t been updated in years.

This lead me to reach out to Hacker Historian Mubix to get the skinny on Mimikatz. He provided some interesting not well known insights that you’ll have to listen to the episode to hear.

Episode Highlights:

  • Why Mimikatz is still around

  • What is Mimikatz?

  • How is it used?

  • How to detect Mimikatz

Guest Information:

Rob Fuller aka Mubix

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How responding to phishing has changed in the last five years

Summary:

Kyle Andrus is a seasoned incident responder for a top 500 company. He’s a regular on the podcast when I need to talk incident response and specifically phishing. I last had him on over five years ago to talk about building a malicious link clicker which I used quite a bit in my day-to-day job. Fast forward several years and things have changed significantly.

A lot of the things we used to do no longer make sense because tooling has become much better in the enterprise. A lot of security professionals operate there to respond to phishing emails. While our lives are a littler easier that has led to a new set of threats that the security community hasn’t quite gotten their hands wrapped around the newer problems. Finally, we go over how AI is going to impact phishing. I’m sure that will be a question for more many more podcasts.

Episode Highlights:

  • How has phishing response changed?

  • How we respond to phishing emails

  • The mobile device blind spot

  • What’s new in phishing techniques

  • How AI is going to impact phishing

Guest Information:

Kyle Andrus

#MISEC

Resources and Mentions:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]