Info

Brakeing Down Security podcast

A podcast all about the world of Security, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
RSS Feed Subscribe in iTunes
Brakeing Down Security podcast
2017
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


All Episodes
Archives
Now displaying: Page 1
Feb 14, 2017

Mick Douglas is always great to have on. A consummate professional, and blue team advocate for years now, he teaches SANS courses designed to help defenders against the forces of the red team, pentesters, and even bad actors.

But this week, we have a different Mr. Douglas.  This week, he's here to talk about sales tactics, #neuro #linguistic #programming, leading the question, and other social engineering techniques that salespeople will do to get you to buy maybe what your company doesn't need, but thinks it does. We have some good times discussing ways to ensure the buying of your new shiny box at work goes more smoothly, what you should look out for, and ways to tell if they are over-selling and under-delivering.

Also, Mick has been working on a project near and dear to his heart. After discussing with @carnal0wnage a year or so back, he's fleshed out a spreadsheet that tracks attack vectors, and depending on what controls are in your environment, can show you how well a particular attack is against your environment. This would be a great asset to blue teams who might want to shore up defenses, especially if they are vulnerable in a particular area. Mr. Douglas is looking for comments, suggestions, and additions to his spreadsheet, and you can even download a copy of the Google Doc to try in your own environment, free of charge.

Book mentioned in the show: (non-sponsored link) https://www.amazon.com/Influence-Psychology-Persuasion-Robert-Cialdini/dp/006124189X

Mick's document:

https://docs.google.com/spreadsheets/d/1pI-FI1QITaIjuBsN30au1ssbJAZawPA0BYy8lp6_jV8/edit#gid=0

Mick refers the the MITRE ATTACK matrix in the show, here's our show discussing it:

http://traffic.libsyn.com/brakeingsecurity/2015-051-ATTACK_Matrix.mp3

https://attack.mitre.org/wiki/ATT%26CK_Matrix

 

 

Mick's last appearances on BrakeSec:

http://traffic.libsyn.com/brakeingsecurity/2015-024-Mick_Douglas.mp3

http://traffic.libsyn.com/brakeingsecurity/2015-025-Mick_douglas_part2.mp3

http://traffic.libsyn.com/brakeingsecurity/2015-032-Jarrod_and_Mick_DFIR.mp3

http://traffic.libsyn.com/brakeingsecurity/2016-026-exfiltration_techniques-redteaming_vs_pentesting-and-gaining_persistence.mp3

 

Direct Link:   http://traffic.libsyn.com/brakeingsecurity/2017-005-mick_douglas-attack_defense_worksheet.mp3

iTunes: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2

YouTube: https://www.youtube.com/watch?v=A3K-2yneKU4

 

 

Bsides London is accepting Call for Papers starting 14 Febuary 2017, as well as a Call for Workshops. You can find out more information at https://www.securitybsides.org.uk/

----------

HITB announcement:

“Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/

---------

Join our #Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

 

SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/

 

Feb 6, 2017

This week, we discuss sandboxing technologies. Most of the time, infosec people are using sandboxes and similar technology for analyzing malware and malicious software.

Developers use it to create additional protections, or even to create defenses to ward off potential attack vectors.

We discuss sandboxes and sandboxing technology, jails, chrooting of applications, and even tools that keep applications honest, in particular, the pledge(2) function in OpenBSD

----------

HITB announcement:

“Tickets for attendance and training are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/

---------

 

 

 

 Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-004-Sandboxing_technology.mp3

iTunes: https://itunes.apple.com/us/podcast/2017-004-sandboxes-jails-chrooting/id799131292?i=1000380833781&mt=2

YouTube: https://www.youtube.com/watch?v=LqMZ9aGzYXA

 

Join our #Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

 

-----------

Show notes:

 

Sandboxing tech  -  https://hangouts.google.com/call/yrpzdahvjjdbfhesvjltk4ahgmf

 

A sandbox is implemented by executing the software in a restricted operating system environment, thus controlling the resources (for example, file descriptors, memory, file system space, etc.) that a process may use.

 

Various types of sandbox tech

 

Jails - freebsd

    Much like Solaris 10’s zones, restricted operating system, also able to install OSes inside, like Debian

        http://devil-detail.blogspot.com/2013/08/debian-linux-freebsd-jail-zfs.html

 

Pledge(8)  - new to OpenBSD

    Program says what it should use, if it steps outside those lines, it’s killed

    http://www.tedunangst.com/flak/post/going-full-pledge

    http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2?query=pledge

    http://www.openbsd.org/papers/hackfest2015-pledge/mgp00008.html

 

Chroot - openbsd, linux (chroot jails)

    “A chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children”

    Example: “www” runs in /var/www. A chrooted www website must contain all the necessary files and libraries inside of /var/www, because to the application /var/www is ‘/’

 

Rules based execution - AppArmor, PolicyKit, SeLinux

    Allows users to set what will be ran, and which apps can inject DLLs or objects.

    “It also can control file/registry security (what programs can read and write to the file system/registry). In such an environment, viruses and trojans have fewer opportunities of infecting a computer.”

https://en.wikipedia.org/wiki/Seccomp

https://en.wikipedia.org/wiki/Linux_Security_Modules

 

Android VMs

 

Virtual machines - sandboxes in their own right

    Snapshot capability

    Revert once changes have occurred

    CON: some malware will detect VM environments, change ways of working

 

Containers (docker, kubernetes, vagrant, etc)

    Quick standup of images

    Blow away without loss of host functionality

    Helpful to run containers as an un-privileged user.

https://blog.jessfraz.com/post/getting-towards-real-sandbox-containers/

 

Chrome sandbox: https://chromium.googlesource.com/chromium/src/+/master/docs/linux_sandboxing.md

 

Emulation Vs. Virtualization

 

http://labs.lastline.com/different-sandboxing-techniques-to-detect-advanced-malware  --seems like a good link

 

VMware Thinapp (emulator):

https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1030224

 

(continued next page)

Malware lab creation (Alienvault blog):

https://www.alienvault.com/blogs/security-essentials/building-a-home-lab-to-become-a-malware-hunter-a-beginners-guide

 

https://www.reverse.it/

 

News: (assuming it goes short)

SHA-1 generated certs will be deprecated soon - https://threatpost.com/sha-1-end-times-have-arrived/123061/

 

(whitelisting files in Apache)

https://isc.sans.edu/diary/Whitelisting+File+Extensions+in+Apache/21937

 

http://blog.erratasec.com/2017/01/the-command-line-for-cybersec.html

https://github.com/robertkuhar/java_coding_guidelines

https://www.us-cert.gov/sites/default/files/publications/South%20Korean%20Malware%20Attack_1.pdf#

 

https://www.concise-courses.com/security/conferences-of-2017/

Jan 29, 2017

Amanda Berlin attended Shmoocon this year, and sat down with a few people. She discussed a bit with John about what HackEd is about (http://hackeducate.com/)

Amands writes: "I had an amazing time at my 3rd #Shmoocon. I was able to interview a handful of really cool people working on several different types of infosec education. I was able to watch a few talks, spend some time in the lockpick village, as well as go to Shmoocon Epilogue. It’s always amazing to watch people talk about what they are passionate about, and Shmoocon is a great relaxed environment where that happens frequently."

James Green @greenjam94
Aaron Lint @lintile  
Jon? @hackeducate

Melanie Rich-Wittrig @securitycandy

Amanda Berlin attended ShmooCon this year, and sat down with a few people. She discussed a bit with John about what HackEd is about (http://hackeducate.com/)

Melanie Rich-Wittrig (@securitycandy) discusses how she's empowering kids to get into information security, even as early as age 10 or 11. She discusses how she motivates by teaching CTF and hacking concept, and gamifying by using point systems.

www.securitycandy.com

RSS: http://www.brakeingsecurity.com/rss

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-003-ShmooCon_Audio.mp3

YouTube:

 

 

----------

HITB announcement:

“Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/

---------

Join our #Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

----------

Jan 21, 2017

In your environment, you deal with threats from all over the world. Many groups out there pool resources to help everyone deal with those #threats. Some come in the form of threat #intelligence from various intelligence companies, like #Carbon #Black, #FireEye, and #Crowdstrike.

But what if your company cannot afford such products, or are not ready to engage those types of companies, and still need need protections? Never fear, there are open source options available (see show notes below). These products aren't perfect, but they will provide a modicum of protection from 'known' bad actors, SSH trolls, etc.

We discuss some of the issues using them, discuss how to use them in your #environment.

Lastly, we discuss #mentorship. Having a good mentor/mentee relationship can be mutally beneficial to both parties. We discuss what it takes to be a good mentee, as well as a good mentor...

RSS: www.brakeingsecurity.com/rss

Direct Download: http://traffic.libsyn.com/brakeingsecurity/2017-002-mentoring_threat_lists.mp3

iTunes:  https://itunes.apple.com/us/podcast/2017-002-threat-lists-ids/id799131292?i=1000380246554&mt=2

YouTube: https://www.youtube.com/watch?v=oHNrINl1oZE

 

----------

HITB announcement:

“Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/

---------

Join our #Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

----------

Show Notes:

HANGOUTS:  https://hangouts.google.com/call/w7rkkde5yrew5nm4n7bfw4wfjme

 

2017-002-Threat Lists, IDS/IPS rulesets, and infosec mentoring

 

  1. Threat Lists (didn’t have much time to research :/)
    1. THIS EXACTLY - http://blogs.gartner.com/anton-chuvakin/2014/01/28/threat-intelligence-is-not-signatures/   
      1. Don’t use threat list feeds (by IP/domain) as threat intelligence
      2. Can use them for aggressively blocking, don’t use for alerting
    2. https://isc.sans.edu/suspicious_domains.html
    3. https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
    4. http://iplists.firehol.org/
    5. https://zeltser.com/malicious-ip-blocklists/
    6. https://medium.com/@markarenaau/actionable-intelligence-is-it-a-capability-problem-or-does-your-intelligence-provider-suck-d8d38b1cbd25#.ncpmqp9cx
    7. Spamhaus: https://www.spamhaus.org/
    8. leachers
    1. Open rulesets - You can always depend on the kindness of strangers
      1. Advantage is that these are created by companies that have worldwide reach
      2. Updated daily
      3. Good accompanying documentation
    2. You can buy large rulesets to use in your own IDS implementation
      1. Depends on your situation if you want to go managed or do yourself
      2. Regardless you need to test them
    3. Managed security services will do this for you
      1. I don’t recommend unless you have a team of dedicated people or you don’t care about getting hacked- signatures are way too dynamic, like trying to do AV sigs all by yourself
      2. Only a good idea for one-off, targeted attacks
    4. DIY
  2. IDS/IPS rulesets
    1. https://securityintelligence.com/signature-based-detection-with-yara/
    2. http://yararules.com/
    3. http://resources.infosecinstitute.com/yara-simple-effective-way-dissecting-malware/
  3. Yara rules
    1. For Mentors
      1. Set expectations & boundaries
      2. Find a good fit
      3. Be an active listener
      4. Keep open communication
      5. Schedule time
      6. Create homework
      7. Don’t assume technical level
      1. Ask questions
      2. Do your own research
      3. Find a good fit
      4. Put forth effort
      5. It’s not the Mentor’s job to handhold, take responsibility for own learning
      6. Value their time
      7. Come to each meeting with an agenda
    2. For Mentees
    3. Mentoring frameworks?
  4. InfoSec Mentoring
    1. https://t.co/mLXjfF1HEr
    2. https://gist.github.com/AFineDayFor/5cdd0341a2b384c20e615dcedeef0741
  5. Podcasts (Courtesy of Ms. Hannelore)
    1. https://t.co/mLXjfF1HEr
    2. https://gist.github.com/AFineDayFor/5cdd0341a2b384c20e615dcedeef074
Jan 12, 2017

We start Brakeing Down Security with a huge surprise! A 3rd member of the podcast! Amanda #Berlin (@infosystir) joins us this year to help us educate people on #security topics. During the year, she'll be getting us some audio from various conventions and giving us her perspective working as an #MSSP, as well as a blue team (defender).

We start out talking about new #California #legislation about making #malware illegal. What are politicians in California thinking? We work through that and try to find some understanding.

With all the various secure messaging systems out there, we discuss how why secure messaging systems fail so poorly with regards to #interoperability and the difficulties in getting average non-infosec people to adopt one. We also discuss #Perfect #Foward #Security and how it prevents people from decrypting old messages, even if the key is compromised.

----------

HITB announcement:

“Tickets are on sale, And entering special code 'brakeingsecurity' at checkout gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity! You can follow them on Twitter @HITBSecConf. Hack In the Box will be held from 10-14 April 2017. Find out more information here: http://conference.hitb.org/hitbsecconf2017ams/

---------

Join our #Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

---Show Notes---

News story:

http://www.latimes.com/politics/la-pol-sac-crime-ransomware-bill-20160712-snap-story.html

 

“If this legislation gives prosecutors the tools that they didn’t have before, where are the cases that they have lost because they didn’t have these tools?” said Brandon Perry, a senior consultant for NTT Com Security. “Authorities are focused on prosecuting criminals that they can’t even find, as opposed to educating the victims to prevent this from happening again and again.”

 

Ransomware won’t infect you if you watch training videos:

http://thehackernews.com/2017/01/decrypt-ransomware-files.html

 

Secure messaging - stuck in an Apple ecosystem

    Too many, no interoperability

        Signal, Whisper, Wickr, Wire, WhatsApp, FB messenger

        I uninstalled Signal… can’t convince people to adopt something if everyone cannot message one another --BrBr

 

OpenPGP is ‘dangerous’

http://arstechnica.com/information-technology/2016/12/signal-does-not-replace-pgp/

    Forward Secrecy - https://en.wikipedia.org/wiki/Forward_secrecy

        “A public-key system has the property of forward secrecy if it generates one random secret key per session to complete a key agreement, without using a deterministic algorithm.” (input given gives the same output every time)

Perfect Forward Secrecy - “In cryptography, forward secrecy (FS; also known as perfect forward secrecy[1]) is a property of secure communication protocols in which compromise of long-term keys does not compromise past session keys.

   

Ms. Amanda’s pentest homework:

“https://docs.google.com/document/d/17NJPXpqB5Upma2-6Hu5svBxd8PH0Ex7VgCvRUhiUNk8/edit”

Dec 25, 2016

It's the final episode of the the year, and we didn't slouch on the #infosec. Mr. Boettcher discussed what should happen when we find risk and how we handle it in a responsible manner.

I also issue an 'open-letter' to C-Level. We need C-Levels to listen and accept the knowledge and experience of your people. Infosec people are often the only thing keeping a company from making the front page, and yet are still seen as speed bumps.

We also discuss some the previous episodes of the year, some recent developments to build our #community, like our book club and upcoming #CTF club.

Plus, there is one other surprise, but you'll have to wait until our next episode to find out!

 

Enjoy our final episode of 2016. Our regular show will return the week of 9 January 2017!

 

https://en.wikipedia.org/wiki/Yahoo!_data_breaches#Legal_and_commercial_responses

iTunes:

YouTube: https://www.youtube.com/watch?v=w56W5gMMg0E

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-051-State_of_the_podcast_Finding_and_managing_risk.mp3

Special deal for our #BrakeSec Listeners:

"If you have an interesting security talk and fancy visiting #Amsterdam in the spring, then submit your talk to the Hack In The Box (#HITB) Amsterdam conference, which will take place between 10 to 14 April 2017. The Call For Papers (#CFP) is open until the end of December, submission details can be found at https://cfp.hackinthebox.org/.
Tickets are already on sale, with early bird prices until 31 December 2016. And the 'brakeingsecurity' discount code gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity!


Join our #Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

 

Google Play Store  https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

Dec 21, 2016

Brakesec Podcast joined:

Edgar #Rojas (@silverFox) and Tracy #Maleef (@infosecSherpa) from the #PVC #Security #podcast (@pvcsec)

Joe Gray (@C_3PJoe) from the Advanced Persistent Security Podcast

Jerry #Bell (@maliciousLink) and Andrew #Kalat (@lerg) from the #Defensive Security podcast (@defensiveSec)

And Amanda #Berlin (@infosystir) for a light-hearted holiday party. We discuss things we learned this year, and most of us refrained from making the famous "#prediction" lists. You also get to hear my lovely wife come in and bring me #holiday #sweeties and even dinner, as she had no idea we were recording at the time (she later told me "You sounded like you were having too much fun, so I assumed you weren't recording")

**there might be some explicit language**

Join us won't you, and listen to 3 fantastic podcasts mix it up for the holidays.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-050-holiday_spectacular-defsec-advpersistsec-brakesec-infosystir.mp3

#YouTube: https://www.youtube.com/watch?v=sJaAG0KRpDY

#iTunes: https://itunes.apple.com/us/podcast/2016-050-holiday-spectacular/id799131292?i=1000379206297&mt=2

Special deal for our #BrakeSec Listeners:

"If you have an interesting security talk and fancy visiting #Amsterdam in the spring, then submit your talk to the Hack In The Box (#HITB) Amsterdam conference, which will take place between 10 to 14 April 2017. The Call For Papers (#CFP) is open until the end of December, submission details can be found at https://cfp.hackinthebox.org/.
Tickets are already on sale, with early bird prices until December 31st. And the 'brakeingsecurity' discount code gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity!


Join our #Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

Dec 15, 2016

 "Always Be Closing" is the mantra that Alec Baldwin's character "Blake" intones in the movie "#GlenGarry #Glen #Ross". Ironically, the film about 4 men selling was a failure in the theaters.

A lot of times as #blue #teamers, we find ourselves in the sights of a #sales person, or often enough, we are inviting them into our conference rooms to find out how their widget will help save the day. There's an art to the concept of selling, honed over the past 500,000 years, since Ugg tried to convince Oog that his wheel would revolutionize work...

We asked Ms. Amanda Berlin (@infosystir) to join us this week, for her expertise at working at an security company, as well as someone who sells products, to discuss how and why sales and sales engineers do what they do. I posit that there must be 'decision tree' or script that most follow in an effort to make a sale, and how to confront the pushy sales pitch head on, or in Amanda's way, to avoid it altogether.

We discuss Amanda's book she co-wrote with Lee Brotherston, whom we've had on our show before. Their #O'Reilly #book is on pre-sale right now, so you can order "The #Defensive #Security #Handbook" here: http://shop.oreilly.com/product/0636920051671.do

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-049-amanda_berlin_the_art_of_the_sale_decision_making_trees.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-049-amanda-berlin-art/id799131292?i=1000378988303&mt=2

Youtube: https://www.youtube.com/watch?v=v0llOSXfzBg

 

Special deal for our #BrakeSec Listeners:

"If you have an interesting security talk and fancy visiting Amsterdam in the spring, then submit your talk to the Hack In The Box (#HITB) Amsterdam conference, which will take place between 10 to 14 April 2017. The Call For Papers (#CFP) is open until the end of December, submission details can be found at https://cfp.hackinthebox.org/.
Tickets are already on sale, with early bird prices until December 31st. And the 'brakeingsecurity' discount code gets you a 10% discount". Brakeing Down Security thanks #Sebastian Paul #Avarvarei and all the organizers of #Hack In The Box (#HITB) for this opportunity!


Join our Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Dec 3, 2016

As part of our ongoing discussion about the #SDLC and getting security baked in as far left as possible, Joe Gray, host of the  Advanced Persistant Security #Podcast (find it at https://advancedpersistentsecurity.net/), Mr. Boettcher, and I sat down with Dr. Gary McGraw, author of "Software Security: Building Security In" to discuss his book. We are also doing this book as part of the Brakeing Security Book Club (check out our #Slack channel for more information).

Gary walks us through the 7 Kingdoms of getting more security in, including doing automated and manual code audits, proper penetration testing of the application at various stages (testing), documentation (if you don't know it works, how can you test it?), and your Security Operations people, monitoring for things once it goes into production.  Also, find out what Chapter he thinks you should skip altogether... the answer may surprise you... :)

Join Mr. Gray, Mr. Boettcher, and I for a discussion with a true leader in the software and application security industry.

Buy the book on Amazon: https://www.amazon.com/Software-Security-Building-Gary-McGraw/dp/0321356705

Check out Gary's Website at https://www.garymcgraw.com/, and check out Gary's own podcast the Silver Bullet Security Podcast at https://www.garymcgraw.com/technology/silver-bullet-podcast/

Gary's twitter is @cigitalgem

Joe Gray's twitter is @C_3PJoe

Special deal for our #BrakeSec Listeners:

"If you have an interesting security talk and fancy visiting Amsterdam in the spring, then submit your talk to the Hack In The Box Amsterdam conference, which will take place between 10 to 14 April 2017. The Call For Papers (#CFP) is open until the end of December, submission details can be found at https://cfp.hackinthebox.org/.
Tickets are already on sale, with early bird prices until December 31st. And the 'brakeingsecurity' discount code gets you a 10% discount". Brakeing Down Security thanks Sebastian Paul Avarvarei and all the organizers of Hack In The Box (#HITB) for this opportunity!

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-048-Gary_McGraw_Securing_Your_SDLC_and_guest_host_Joe_Gray.mp3

iTunes:  https://itunes.apple.com/us/podcast/2016-048-dr.-gary-mcgraw-building/id799131292?i=1000378548363&mt=2

YouTube: https://www.youtube.com/watch?v=x65yL5_Hpi4

Join our Slack Channel! Sign up at https://brakesec.signup.team

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback, or Suggestions?  Contact us via Email: bds.podcast@gmail.com

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Nov 28, 2016

Just a quick episode this week...

As part of the Brakesec Book Club (join us on our #Slack Channel for more information!) we are discussing Dr. Gary McGraw's book "Software Security: Building Security In" (Amazon Link: https://is.gd/QtHQcM)

We talk about the need to inserting security into your company's #SDLC... but what exactly can be done to enable that? I talk about abuse cases, #risk #analysis, creating test cases, pentesting, and #security #operations are all methods to do so.

Finally, I discovered a blog talking about ways to discover configuration errors on Linux systems that might allow #privilege #escalation to occur. Using these tools as part of your hardening processes could lower the risk of a bad actor gaining elevated privileges on your *unix hosts

http://rajhackingarticles.blogspot.com/2016/11/4-ways-to-get-linux-privilege-escalation.html

You can find the github of this script and the audit software that I mentioned below:

https://github.com/rebootuser/LinEnum.git
 
 
#Lynis (from CISOfy: https://cisofy.com/lynis/
 
Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-047-inserting_security_into_the_SDLC_finding_Linux_priv_esc.mp3
 
#iTunes: https://itunes.apple.com/us/podcast/2016-047-inserting-security/id799131292?i=1000378329598&mt=2
 
#YouTube:  https://www.youtube.com/watch?v=Kd_ZzvVNqoA
 

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

Nov 21, 2016

This week, Mr. Boettcher found himself with an interesting conundrum concerning what happened when he converted a Windows DOCX file to a PDF using a popular #PDF converter software. We discuss what happened, how Software Restriction Policy in Windows kept him safe from a potential malware infection, and about the logging that occurred.

After that, we discuss some recent vulnerabilities, like the BlackNurse Resource Exhaustion vulnerability and how you can protect your infrastructure from a DDoS that can occur from someone sending your firewall 300 packets a second... which anyone can do.

We discuss Robert Graham's recent run-in with a new surveillance camera and how it was pwned in less time than you think. And learn about the 'buenoware' that has been released that 'patches' IoT and embedded devices... But does it do more harm than good, and is it legal?

All that and more this week on Brakeing Down Security Podcast! 

Check out our official #Slack Channel! Sign up at https://brakesec.signup.team

Next Book Club session is 29 November 2016. Our current book for study is 'Software Security: Building Security In' by Dr. Gary McGraw  https://www.amazon.com/Software-Security-Building-Gary-McGraw/dp/0321356705  (ebook is available of Safari books online)

 

BlackNurse

https://nakedsecurity.sophos.com/2016/11/17/blacknurse-revisited-what-you-need-to-know/

http://researchcenter.paloaltonetworks.com/2016/11/note-customers-regarding-blacknurse-report/

http://www.netresec.com/?page=Blog&month=2016-11&post=BlackNurse-Denial-of-Service-Attack

 

Recent tweet from @boettcherpwned about infected docx with macros and we discuss why Foxit PDF runs the macros and open_document:

https://twitter.com/boettcherpwned/status/799726266693713920

Brakesec Podcast about Software Restriction Policy and Application Whitelisting on Windows: http://traffic.libsyn.com/brakeingsecurity/2016-018-software_restriction_policy-applocker.mp3

Rob Graham @errataBob: new camera pwned by #Mirai botnet and others within 5 minutes:

https://twitter.com/newsyc200/status/799761390915424261

 

#BlackNurse

https://nakedsecurity.sophos.com/2016/11/17/blacknurse-revisited-what-you-need-to-know/

http://researchcenter.paloaltonetworks.com/2016/11/note-customers-regarding-blacknurse-report/

http://www.netresec.com/?page=Blog&month=2016-11&post=BlackNurse-Denial-of-Service-Attack

ICMP

Type 3, Code 3 (Destination Port unreachable)  http://www.faqs.org/rfcs/rfc792.html

#SHA1 deprecated on website certs by Chrome on 1 January 2017

http://www.darkreading.com/operations/as-deadline-looms-35-percent-of-web-sites-still-rely-on-sha-1/d/d-id/1327522

#Benevolent #malware (buenoware)

https://isc.sans.edu/diary/Benevolent+malware%3F+reincarnaLinux.Wifatch/21703

#Atombombing

http://blog.ensilo.com/atombombing-a-code-injection-that-bypasses-current-security-solutions

https://breakingmalware.com/injection-techniques/atombombing-cfg-protected-processes/

http://www.pandasecurity.com/mediacenter/malware/atombombing-windows-cybersecurity/

 

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-046-Black_Nurse_buenoware_IoT_pwnage.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-046-blacknurse-buenoware/id799131292?i=1000378076060&mt=2

Youtube: https://www.youtube.com/watch?v=w-FEJuWGXaQ

 

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Nov 14, 2016

Mr. Boettcher and I met Mr. Aamir #Lakhani at DerbyCon this year, and immediately intrigued with his work on the Dark Web.

He has assisted with law enforcement investigations, a known member of the dark web, to the point where people with malware or bots will seek him out in an effort to 'legitimize' their work, similar to how being reported on by #blogger/#journalist Brian #Krebs establishes legitimacy for many #carders.

#Aamir sat down and discussed his work, the tools he uses, how he started being a known quantity on the #Dark #Web, the value of your #reputation there, and how quickly people who are there will assist to get rid of 'bad' people, when they themselves are committing crimes... an interesting study in the moral compass of people on the dark web.

We also discuss a recent study that the vast majority of content on the dark web is not illegal content... at least not in the U.S. and most Westernized countries. Finally, we discuss recent shutdown of illegal #Dark #Markets and what that means for the denizens of the #UnderWeb.

Check out our official #Slack Channel! Sign up at https://brakesec.signup.team

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-045-aamir_lakhani-the_dark_web-creating_reputation.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-045-aamir-lakhani-discusses/id799131292?i=1000377812439&mt=2

YouTube: https://www.youtube.com/watch?v=b7Gto0VAf5E

 

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Nov 7, 2016

During a Security Incident, or in the course of an investigation, it may become necessary to gather evidence for further use in a possible court case in the future. But if you don't have 4-10,000 dollars USD for fancy forensic software, you'll need to find methods to preserve data, create proper integrity, and have a proper custody list to show who handled the data, how it was collected, etc.

This podcast was not meant to turn you into an expert, but instead to go over the finer points of the process, and even where you should turn to if you need help.

Certified Ethical Hacker book I was referencing in the show: http://www.wiley.com/WileyCDA/WileyTitle/productCd-1119252245,miniSiteCd-SYBEX.html

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-044-Evidence_chain_of_custody_data_integrity.mp3

#YouTube: https://www.youtube.com/watch?v=aJA2ry6npKI

#iTunes: https://itunes.apple.com/us/podcast/2016-044-chain-custody-data/id799131292?i=1000377566298&mt=2

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Nov 1, 2016

 

**Brakeing Down Security has a Slack channel now... just go to https://brakesec.signup.team and follow the instructions to have the bot add you to our show's official channel.**

Every year, organizations come out with industry reports that show how well or, more often than not, how poorly we are doing.

We always even reviewing the BSIMM report, because it's an unvarnished, and a good measure of a good number of industry verticals, like finance, manufacturing, cloud, and even companies that make IoT devices.

Join Mr. Boettcher and I this week as we go over the findings of the report, discuss what got better, what still sucks, and what shouldn't we fault companies for not having.

We also have a teachable moment when I discuss a security paux fas that happened to me (Bryan) recently regarding an email account and my Skype. 2 factor authentication is your friend, and if it's available, use it.

Mr. Boettcher discusses some recent malware that has reared it's ugly head, and how to detect it.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-043-BSIMMv7.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-043-bsimmv7-teachable/id799131292?i=1000377394890&mt=2

YouTube: https://www.youtube.com/watch?v=I3FLSLSSb_Y

 

#RSS: http://www.brakeingsecurity.com/rss

#Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

Oct 24, 2016

Join us for a special episode this week! I (Bryan) was able to attend my first Source Seattle convention. Two days of talks, technical and non-technical, combining red/blue team concepts, as well as professional development, to help you navigate the corporate waters easier.

I was able to interview a number of people from the conference. You can see a partial list of them here:

http://www.sourceconference.com/single-post/2016/09/30/SOURCE-Seattle-Highlights


Interviewed

Chip McSweeney from OpenDNS (@chipmcmalware) and Rob Cheyne about the conference and got a bit of information about Chip's talk on "Domain Generating Algorithms" (DGA) that #malware use for domain C&C, and how to detect and reverse certain algos.

Rob Cheyne is the organizer of Source, so we talked a bit about the history and difficulties putting on 3 of these a year, and what makes the "Source" conference format so different.

Masha Sedova was one of the keynote speakersto discuss how she gamified her information security program and got everyone involved. Really excellent talk about changing organizational behavior.

Rob Fuller gave two days of Metasploit training, to show the versatility and to teach about the effectiveness of this tool. I also ask if Metasploit has reached it's end, since it's easily detected in many environments. Rob is a great interview and gives me his unvarnished opinion.

Mike Shema from https://cobalt.io/ discussed expanding and tailoring your bug bounty program to suit your organization and to ensure that your bug bounty program is mature. Using private bug bounties, and ensuring proper follow through in a timely manner can ensure maximum bang for the buck.

Last but not least, Deidre Diamond who did a keynote about 'Words to Stop Using now'. Deidre is the CEO of a national cyber security staffing company (Cyber Security Network) and Founder of a not-for-profit that empowers women in the infosec industry. Hear her thoughts on how leadership training is needed in the corporate environment, I ask her why we still need recruiters with hiring sites and why job descriptions are still a thorn in everyone's sides.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-042-Source_Seattle_2016_audio.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-042-audio-from-source/id799131292?i=1000377063127&mt=2

YouTube: https://www.youtube.com/watch?v=sj_SD2k7zXw

#RSS: http://www.brakeingsecurity.com/rss

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

 

Oct 17, 2016

Ben Johnson has been around the industry for a good while, and has seen a lot of ugly things in our industry.

Ben had written a recent blog post (https://www.carbonblack.com/2016/08/12/benvlog-3-negative-forces-driving-security/) detailing the issues that seem to plague many companies and many people in the infosec community.

We talked about these issues in depth, and how companies and even the employees in a company can ease some of their burdens, and how they can make some changes to make your company culture better.

 

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-041-Ben_johnson.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-041-ben-johnson-company/id799131292?i=1000376744922&mt=2

YouTube: https://www.youtube.com/watch?v=HrTPH97-YIY

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Oct 10, 2016

If you work in a #DevOps environment, you're on one side of the fence... you're either with the devs, you have freedom to make changes, and everything is great.

If you're on the Security and/or Compliance side, it's a desolate wasteland of watching people play fast and loose with policies, no one documenting anything, and you're seen as a 'barrier' to getting the new hotness out.

But does it have to be that way? This week, we sat down with DevOps veterans Gene Kim and Josh Corman to discuss how we can make security, compliance, and DevOps to play nice with one another.

Gene Kim's new book (excerpt): http://itrevolution.com/handbook-excerpt

 

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-040-Gene_Kim-Josh_Corman-Getting_Security-and_DevOps_playing_nice.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-040-gene-kim-josh-corman/id799131292?i=1000376417012&mt=2

YouTube:  https://www.youtube.com/watch?v=fOuSRYJtiKo

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Oct 4, 2016

Join us this week as Robert Hurlbut (@roberthurlbut on Twitter), is an independent consultant with over 25 years of application experience, helps us understand best methods to getting developers on the same level as security professionals with application security flaws.

We also discuss some of the soft skills involved in bringing new concepts to organizations, like teaching proper coding conventions, changing up the development lifecycle, and helping to improve the skills of developers and managers.

 

Robert's Website is chock full of good information about threat modeling and secure coding practices at http://www.roberthurlbut.com

 

 

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-039-Robert_Hurlbut-threat_modeling_and_analysis.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-039-robert-hurlbut-threat/id799131292?i=1000376171899&mt=2

YouTube: https://www.youtube.com/watch?v=P5jEVJTymOg

 

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Sep 28, 2016

Mr. Brian Boettcher and I had a great time at DerbyCon. We met so many people and it really was excellent meeting all the fans who came up and said "Hello" or that they really enjoyed the #podcast.  It is truly a labor of love and something that we hope everyone can learn something from.

We got some audio while at lunch at #Gordon #Biersch talking about log monitoring inspired by @dualcore's talk on #Anti-Forensics talk (http://www.irongeek.com/i.php?page=videos/derbycon6/310-anti-forensics-af-int0x80-of-dual-core) and how to evade log monitoring with Mr. Brian Boettcher and Michael Gough. (shout-out to @mattifestation, @dualcore, @baywolf88, @carlos_perez)

We sat down with Mr. Osman (@surkatty) from the Sound Security Podcast (@SoundSec), who was a first time attendee to #DerbyCon. We get his thoughts about DerbyCon and what talks he enjoyed.

Finally, our 2nd Annual podcast with our fellow podcasters was on. We had it in Bill Gardner's room (ReBoot-It podcast) (@oncee), Amanda Berlin (@infosystir) from #Hurricane #Labs Podcast, Jerry Bell (@MaliciousLink) from #Defensive #Security Podcast, Ben Heise (@benheise) from Rally #Security Podcast, Tim DeBlock (@TimothyDeBlock) from Exploring Information Security Podcast, and SciaticNerd (@sciaticnerd) from Security Endeavors podcast

IronGeek's website has all the videos available to listen to here: http://www.irongeek.com/i.php?page=videos/derbycon6/mainlist

 

Whiskey Bent Valley Boys:  http://whiskeybentvalley.tumblr.com/ or iTunes: https://itunes.apple.com/us/artist/whiskey-bent-valley-boys/id318874442

 

 

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-038-Derbycon_podcast.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-038-derbycon-audio-2nd/id799131292?i=1000375934157&mt=2

YouTube: https://www.youtube.com/watch?v=W7ylsfwGyhc

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

 

Sep 14, 2016

Have you ever found a #vulnerability and wondered if it was worth the time and effort to reach back to the company in question to get the fix in?

This week, we have a story with Mr. "B1ack0wl" who found a vulnerability with certain #Belkin #embedded network devices for end users...  We also find out how B1ack0wl learned his stock and trade.

https://www.exploit-db.com/exploits/40332/

Find out how he discovered it, and what steps he took to disclose the steps, and what ended up happening to the finding.

http://www.devttys0.com/  -- #embedded device hacking blog

http://io.netgarage.org/ -- #wargame site #B1ack0wl mentioned

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-037-b1ack0wl_responsible_disclosure-belkin_routers.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-037-b1ack0wl-responsible/id799131292?i=1000375462991&mt=2

YouTube: https://www.youtube.com/attribution_link?a=kChiecG0Sv4&u=/watch%3Fv%3D9_qS2s3GrT4%26feature%3Dem-upload_owner

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

 

Sep 11, 2016

Nick Selby (@nselby on Twitter) is an independent consultant who works a wide variety of jobs.  During a recent engagement, he ran into an interesting issue after a company called him in to handle an incident response. It's not the client, it was with the Managed Security Service Provider (#MSSP). His blog post about the incident made big news on Twitter and elsewhere.

Nick's Blog Post: https://nselby.github.io/When-Security-Monitoring-Provides-Neither-Security-Nor-Monitoring/

So, we wanted to have Nick on to discuss any updates that occurred, and also asked an MSSP owner, Kevin Johnson, from SecureIdeas (@secureideas on Twitter), as Kevin is well versed with both sides, being a customer, and running an MSSP with his product, Scout (https://secureideas.com/scout/index.php)

We go over what an MSSP is (or what each person believes an MSSP is), we discuss the facts from Nick and his client's side, we try and put ourselves in the shoes of the MSSP, and if they handled the issue properly.

We also find out how Nick managed to save the day, the tools they used to solve the problem.  We did a whole podcast on it, and maybe it's time to re-visit that...

Finally, we discuss the relationship between an MSSP and the customer, what expectations each party should see from each other, and what are the real questions each should ask one another when you're searching out an MSSP.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-036-mssp-nick_selby-kevin_johnson.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-036-mssp-pitfalls-nick/id799131292?i=1000375157370&mt=2

YouTube:  https://www.youtube.com/watch?v=b1rEpaBAKpQ

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

 

Sep 6, 2016

Paul Coggin is my SME when I need to know about anything network #security related. And this time, we wanted to have him on our show to discuss Software Defined Networking (#SDN)

Software defined networking allows for applications to make connections, manage devices and even control the network using #APIs. It in effect allows any developer become a network engineer.  Obviously this could be a recipe for disaster if the dev is not fully understanding of the rammifiications.

And there's more good news (if you're a black hat), there's no role based security, parts of the #specification isn't fully fleshed out yet, and there are vendor specific frameworks of their own, that may not be fully interoperable with each other...

Paul talks to us about some background of #SDN, some of the pitfalls and what you need to think about when implementing Software Defined Networking.

 

Links referred to in the Show:

https://www.rsaconference.com/writable/presentations/file_upload/tech-r03-sdn-security-v3.pdf

https://www.blackhat.com/docs/eu-14/materials/eu-14-Pickett-Abusing-Software-Defined-Networks-wp.pdf

http://onosproject.org/2015/04/03/sdn-and-security-david-jorm/

https://people.eecs.berkeley.edu/~rishabhp/publications/Sphinx.pdf

https://www.opendaylight.org/

https://www.opennetworking.org/certification

Ras Pi as an OpenFlow controller: https://faucet-sdn.blogspot.com/2016/06/raucet-raspberry-pi-faucet-controlling.html

Zodiac FX SDN boards (Excellent customer service!):  http://northboundnetworks.com/

Excellent site discussing SDN:  http://www.ipspace.net/Main_Page

Coursera SDN course:  https://www.coursera.org/learn/sdn

 

Brakeing Down Security RSS: http://www.brakeingsecurity.com/rss

Direct Link:  http://traffic.libsyn.com/brakeingsecurity/2016-035-Paul_Coggin_SDN.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-035-paul-coggin-discusses/id799131292?i=1000374972931&mt=2

YouTube: https://www.youtube.com/watch?v=YuuNzeiexUY

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Aug 28, 2016

Another great #rejectedTalk we found was from Sean Malone (@seantmalone on Twitter). The Cyber Kill Chain is a method by which we explain the methodolgy of hackers and the process of hacking.

In this discussion, we find Sean has expanded the #killchain, to be more selective, and to show the decision tree once you've gained access to hosts.

This expanded #killChain is also effective for understanding when #hackers are attacking specific systems, like #SCADA, or other specialized systems or networks, like the #SWIFT banking transfer. This discussion also is great for showing management the time and effort required to gain access to systems.

We also talk about the #OODA loop (https://en.wikipedia.org/wiki/OODA_loop) and how disrupting that will often cause attacks to go awry or to be stunted, reducing the effectiveness.

Sean T. Malone website: http://www.seantmalone.com/


Slides and presentation referred to in the podcast: http://www.seantmalone.com/docs/us-16-Malone-Using-an-Expanded-Cyber-Kill-Chain-Model-to-Increase-Attack-Resiliency.pdf

Direct Download: http://traffic.libsyn.com/brakeingsecurity/2016-034-CyberKillChain.mp3

iTunes:  https://itunes.apple.com/us/podcast/2016-034-sean-malone-from/id799131292?i=1000374642630&mt=2

YouTube:  https://www.youtube.com/watch?v=eBOCjaGmbMg

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Aug 22, 2016

Bill V. (@blueteamer on Twitter) and was the 1st of a series we like to call "2nd Chances: Rejected Talks". Bill had a talk that was rejected initially at DerbyCon (later accepted after someone else cancelled)  Here is the synopsis of his talk that you can now see at DerbyCon:

Privileged Access Workstations (PAWs) are hardened admin workstations implemented to protect privileged accounts. In this talk I will discuss my lessons learned while deploying PAWs in the real world as well as other techniques I've used to limit exposure to credential theft and lateral movement. I hope to show fellow blue teamers these types of controls are feasible to implement, even in small environments. 

TechNet article referenced on the show:

https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/privileged-access-workstations

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-033-PAWs-Bill_Voecks-Rejected_Talks.mp3

RSS: http://www.brakeingsecurity.com/rss

iTunes: https://itunes.apple.com/us/podcast/2016-033-privileged-access/id799131292?i=1000374432509&mt=2

YouTube: https://www.youtube.com/watch?v=0DwR9RcEBo0

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

Aug 15, 2016

Co-Host Brian Boettcher went to BlackHat and Defcon this year, as an attendee of the respective cons, but also as a presenter at "Arsenal", which is a venue designed to show up and coming software and hardware applications. We started off by asking him about his experiences at Arsenal, and how he felt about "Hacker Summer Camp"

Our second item was to discuss the recent Brakesec PodCast CTF we held to giveaway a free ticket to Derbycon. We discussed some pitfalls we had, how we'll prepare for the contest next year, and steps it took to solve the challenges.

The final item of the night was about travel security, since the Olympics are on, and there was a report about Olympic athletes who were robbed at gunpoint. We discuss safety while traveling, keeping a low profile, reducing risk, and reminding you to leave the overly Patriotic shirts and apparel at home.

 

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-032-Defcon-blackHat_debrief-travel-security_CTF-writeup-final.mp3

iTunes: https://itunes.apple.com/us/podcast/2016-032-blackhat-defcon-debrief/id799131292?i=1000374155086&mt=2

YouTube:  https://www.youtube.com/watch?v=Df-JL-PiGus

 

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake

#Facebook: https://www.facebook.com/BrakeingDownSec/

#Tumblr: http://brakeingdownsecurity.tumblr.com/

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582

1 2 3 4 5 6 7 Next » 7