Preview Mode Links will not work in preview mode

Jul 19, 2018

Sorry, this week's show took an odd turn, and we don't have much in the way of show notes... Ms. Berlin is recovering from knee surgery, and we wish her a speedy recovery.

Bryan B. got back from BsidesSPFD, MO this week, after what was a well-received talk on building community. Lots of other excellent talks from...


Jul 11, 2018

Ben Caudill @rhinosecurity

Spencer Gietzen @spengietz

 

Rhino Security - https://rhinosecuritylabs.com/blog/

 

AWS escalation and mitigation blog - https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/

 

What is the difference between this and something like Scout or Lynis?

 

Is it a forensic...


Jul 2, 2018

Raymond Evans - CTF organizer for nolacon and Founder of CyDefe Labs

    @cydefe

  • CTF setup / challenges of setting up a CTF.
  • Beginners & CTFs
  • Types
  • tips/tricks
  • Biggest downfalls of CTF development

 

https://www.heroku.com/

www.exploit-db.com

 

BrakeSec DerbyCon

   

@dragosinc dragos.com

 

DNS Enumeration:


Jun 26, 2018

After the recent Tesla insider threat event, BrakeSec decided to discuss some of the indicators of insider threat, what can be done to mitigate it, and why it happens.

 

news stories referenced:

https://www.infosecurity-magazine.com/news/teslas-tough-lesson-on-malicious/

 


Jun 20, 2018

Area41 Zurich report

Book Club - 4th Tuesday of the month

https://www.owasp.org/images/d/d3/TLS_v1.3_Overview_OWASP_Final.pdf

 

https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet

TLS_DHE_RSA_AES_256_GCM_SHA256

 

TLS = Protocol

DHE = Diffie-Hellman ephemeral (provides Perfect Forward Secrecy)

    Perfect...