Originally aired on November 11, 2020 Articles discussed in this episode: https://www.darkreading.com/attacks-breaches/malware-hidden-in-encrypted-traffic-surges-amid-pandemic/d/d-id/1339420 https://threatpost.com/millions-hotel-guests-worldwide-data-leak/161044/
Podcast: Play in new window | Download
Subscribe: RSS
Originally aired on 11/09/2020 Articles discussed in this episode: https://www.darkreading.com/threat-intelligence/6-ways-passwords-fail-basic-security-tests/d/d-id/1339299 https://www.infosecurity-magazine.com/news/national-guard-uvm-health-network/ https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/
Podcast: Play in new window | Download
Subscribe: RSS
Ray Felch // Introduction Continuing with my ongoing Smart Lock attack research (see blog Reverse Engineering a Smart Lock), I decided to move my focus to a different type of attack technique, namely a relay attack. The relay attack is a form of MitM attack, not to be confused with the more well-known replay attack. […]
Many people get started in security as a Security Operations Center (SOC) analyst. In this Black Hills Information Security (BHIS) webcast we discuss the core skills that a SOC analyst needs in order to be successful. Trust us, these skills are more than just watching the SIEM and letting the SOAR platform handle everything through […]
Podcast: Play in new window | Download
Subscribe: RSS
Carrie & Darin Roberts // If you would like to install the Mitre CALDERA server on your own, the CALDERA GitHub page has installation instructions on their ReadMe here. Detailed steps are provided below for installing CALDERA on Ubuntu and configuring it to use your SSL certification. Clone the Repository git clone https://github.com/mitre/caldera.git –recursive –branch […]
They say it “takes a village” to help raise a child… well, it also takes a village to help raise an infosec professional. With so many technologies, techniques, and tools and the need for soft-skills and the ability to navigate different types of relationships, we all need help. That’s where a formal mentor can be […]
Podcast: Play in new window | Download
Subscribe: RSS
Beau Bullock // Overview On offensive engagements, such as penetration tests and red team assessments, I have been seeing inconsistencies in how MFA is applied to the various Microsoft services. Across Microsoft 365 and Azure, there are multiple endpoints. These endpoints can all be configured under different Conditional Access policy settings, which sometimes lead to […]
