Preview Mode Links will not work in preview mode

Mar 12, 2018

https://www.auditscripts.com/free-resources/critical-security-controls/

Thanks to Slacker Ben Chung, who heard about this from John Strand...

 

BsidesIndy report - Amanda

Bsides Austin - Brian

 

Log_MD 2.0 - www.log-md.com

 


Mar 5, 2018

Topics:

  • Secure Framework documents
  • Modifying chromebooks so you can use Debian/Ubuntu
  • Memcached is the new DDoS hotness
  • Announcement of the next BrakeSec Training Class (see Show Notes below for more info)

Link to secure framework document: https://drive.google.com/open?id=1xLfY4uI88K2AiA1mosWJ7jFyP100Jv5d

Tickets...


Feb 26, 2018

Topics on today's show:

NPM (Node Package Manager) - bug was introduced changing permissions on /etc, /boot, and /usr, breaking many systems, requiring full re-installs. Why was it allowed to be passed, and worse, why did so many run that version on production systems?

Code signing - a well known content management...


Feb 14, 2018

Direct Link:  http://traffic.libsyn.com/brakeingsecurity/2018-005-Securing_CMS_and_mobile_devices-phishing_story.mp3

Topics:

Discussion of Ms. Berlin's course

CAPEC discussion

RTF malware MS Office

A Phishing story...

Mobile Supply Chain Security

CMS Supply Chain Security

Ms. Berlin’s course - recap of 2nd session

 


Feb 5, 2018

Show Notes:

https://docs.google.com/document/d/1CSjskf-3vrguoyIyg8yOK2KLqg7srxYlee4RD6jzgNc/edit?usp=sharing

Topics Discussed:

New tool : AutoSploit - Does it lower the bar?

How should Blue teamers be using Shodan?

Discuss WPAD attacks, what WPAD is, and why it's a thing blue teams should worry...