UNSECURITY: Information Security Podcast

Episode 190 of the Unsecurity Podcast is now live! This week, Oscar and Brad welcome Evan back to the show to discuss life in Mexico, next steps in the CvCISO program, and all the latest industry happenings.

Links:

Fancy Bear
https://projecthyphae.com/threat/fancy-bear-sinks-its-graphite-claws-into-powerpoint/

9/26/2022 Security News Roundup
https://projecthyphae.com/threat/information-security-news-9-26-2022/

Give episode 190 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 189 of the Unsecurity Podcast is now live! This week, Oscar and Brad are joined by Chris Furner and Jeremy Young with Blumira to discuss their perspectives on information security.

New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security
https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html

TA505 Hackers Using TeslaGun Panel to Manage ServHelper Backdoor Attacks
https://thehackernews.com/2022/09/ta505-hackers-using-teslagun-panel-to.html

Give episode 189 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 188 of the Unsecurity Podcast is now live! This week, Oscar and Brad are joined by Michael Kennedy, Founder of Ostra Cybersecurity to discuss Ostra, working with FRSecure, industry news, and more.

LastPass Security Incident:
https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

Okta one-time MFA passcodes exposed in Twilio cyberattack
https://www.bleepingcomputer.com/news/security/okta-one-time-mfa-passcodes-exposed-in-twilio-cyberattack/

Ostra Cybersecurity
https://www.ostra.net/

Give episode 188 a listen or watch and send any questions, comments, or feedback to [email protected].

Episode 187 of the Unsecurity Podcast is now live! This week, Oscar and Brad are joined by Eric Hanson and Mike Thompson of FRSecure's technical services team to discuss this year's DEFCON conference.

DEFCON site:
https://defcon.org/

Give episode 187 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 186 of the Unsecurity Podcast is now live! This week, Oscar and Brad review the recent updates to the FTC's Safeguards Rule concerning financial institutions. Here's what you need to know...

Need more detail? Check out FRSecure's blog post covering all the details of the recent updates:
https://frsecure.com/blog/ftc-safeguards-rule-what-you-need-to-know/

More resources:
https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-know

https://arstechnica.com/information-technology/2022/08/sike-once-a-post-quantum-encryption-contender-is-koed-in-nist-smackdown/

https://www.infosecurity-magazine.com/blogs/compliance-security-passwords/

Give episode 186 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 185 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss securing a remote workforce in a post-COVID environment, industry news, and more!

Give episode 185 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 183 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some of the simpler things you can do to bolster your security program. While there is no such thing as 'easy button' security, there are still some quick wins to be had!

News:

https://thehackernews.com/2022/07/5-key-things-we-learned-from-cisos-of.html

- Remote work has accelerated the use of EDR Technology
- 90% of CISO's surveyed used an MDR solution
- Overlapping threat protection tools are the #1 pain point for small teams
- Small security teams are ignoring more alerts
- 96% of CISO's are planning to consolidate security platforms

https://www.helpnetsecurity.com/2022/07/14/conventional-cybersecurity-approaches/

Give episode 184 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 183 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some training resources that you can use in your security program free of charge!

News:

Autopatch is now Available
https://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html

'Callback' Phishing Campaign Impersonates Security Firms
https://threatpost.com/callback-phishing-security-firms/180182/

Resources Discussed:

Portswigger Web Security Academy
https://portswigger.net/training

XSS, Cross Site Request Forgery, SQL Injection, HTTP Request Smuggling
Burp Suite Training - All free & high quality

HacktheBox, TryHackMe, OverTheWire

Offensive Security - Metasploit Unleashed.
Also currently doing free OSCP classes via Twitch. Monday and Friday at 12:00 PM ET
https://www.offensive-security.com/metasploit-unleashed/

FRSecure CISSP mentorship
https://frsecure.com/cissp-mentor-program/

Federal Virtual training Environment
https://fedvte.usalearning.gov/
Free training for all Federa, State, Local, Tribal and Territorial government employees.

Using ATT&CK for CTI Training
https://attack.mitre.org/resources/training/cti/
Understand what ATT&CK is and how to use it to make defensive decisions.

SANS Cheat Sheets!
https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/

PicoCTF
https://picoctf.org/resources.html
Learning Guides for General Skills, Crypto, Web Exploitation, Forensics, Binary Exploitation, Reversing

Infosecinstitute
https://resources.infosecinstitute.com/topic/13-cyber-security-training-courses-you-can-take-now-for-free/
$300 Annual

Cybrary
https://www.cybrary.it/
Some free courses or $60 a month

Give episode 183 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 182 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some of the tools and strategies out there that you can implement in your security program free of charge!

Give episode 182 a listen or watch and send any questions, comments, or feedback to [email protected]. Don't forget to like and subscribe!

Episode 181 of the Unsecurity Podcast is now live! This week, Evan sits down to host the show one last time. Joined by Oscar Minks and Brad Nigh, who will be taking the reins, the trio looks back through almost 3 years of the podcast, security conferences, this year's DEFCON event, and more!

Give episode 181 a listen or watch and send any questions, comments, or feedback to [email protected].