Difference between revisions of "PSWEpisode623"
|Line 28:||Line 28:|
|Line 42:||Line 38:|
== Lee's Stories ==
== Lee's Stories ==
Revision as of 13:52, 16 October 2019
Recorded October 17, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
- We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
- Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
Interview: Daniel DeCloss, PlexTrac - 6:00-6:30PM
Dan is the Founder and CEO of PlexTrac and has over 14 years of experience in Cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies including serving as a Principal Consultant for Veracode on the penetration testing tesm. Dan's background and expertise is in application security and penetration testing, involving hacking networks, websites, and mobile applications for clients. He has also served as a Principal Security Engineer for the Mayo Clinic and a Sr. Security Advisor for Anthem – a Fortune 40 health insurance firm. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program.
Dan has a Master’s Degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally Dan holds the OSCP and CISSP certifications. Dan has a passion for helping everyone understand cybersecurity at a practical level, ensuring that there is a good understanding of how to reduce their overall risk.
What makes a good pentest report?
The segment will focus on the importance of a high-quality report and what red and blue teamers should recognize goes into a good report. Often times, there’s no feedback loop after report delivery and collaboration can be limited post-engagement. That will lead into a demo of PlexTrac to highlight the efficiencies we provide when creating and receiving a report.
Security News - 7:30PM-8:30PM
- American Express Insider Breaches Cardholder Information
- Turkey fines Facebook $282,000 over privacy breach
- FBI: Don't pay ransomware demands, stop encouraging cybercriminals
- WhatsApp Flaw Opens Android Devices to Remote Code Execution Attacks
- Measuring the Security of IoT Devices - Schneier on Security
- Good cybersecurity comes from focusing on the right things, but what are they? - Help Net Security
- Skylight Cyber | All Your Cloud Are Belong To Us (CVE-2019-12491)
- MITRE ATT&CK: Clipboard data
- 10 Cybersecurity Myths That Criminals Love
- Top 5 New Open Source Security Vulnerabilities in September 2019
- The Secret to CISO Success? Do This One Thing Extremely Well - Accellion
Tech Segment: Peter Kruse, CSIS Security Group - 6:30 - 7:30PM
Peter Kruse co-founded the Danish IT-security company CSIS in 2003 and is currently leading the eCrime department, which provides services mainly aimed at the financial sector. His ability to combine a keen appreciation of business needs and a profound technical understanding of malware has made CSIS a valued partner of clients not only in Scandinavia but also in the rest of Europe.
Today, Peter is by far the most quoted IT-security expert in Denmark and considered among the most recognized in Europe. He has a long history of active participation in several closed and vetted top IT-security communities and has numerous international connections in the antivirus- and banking industry, law enforcement and higher education institutions.
Cybercrime, threat hunting, APT, spear phishing and tactics etc
"Nothing specific but a Google search will provide numerous research I have been involved with and conferences I have spoken at including Kaspersky SAS, NCSC, Underground Economy, Virusbulletin, CARO, APWG, Hackdays, Confidence, Cyberhagen and many more."