Category Archives: Podcast

Smashing Security #116: Stalking debtors, Facebook farce, and a cyber insurance snag

Smashing Security #116: Stalking debtors, Facebook farce, and a cyber insurance snag

How would *you* track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.

Machine learning fundamentals: What cybersecurity professionals need to know

In this Help Net Security podcast, Chris Morales, Head of Security Analytics at Vectra, talks about machine learning fundamentals, and illustrates what cybersecurity professionals should know. Here’s a transcript of the podcast for your convenience. Hi, this is Chris Morales and I’m Head of Security Analytics at Vectra, and in this Help Net Security podcast I want to talk about machine learning fundamentals that I think we all need to know as cybersecurity professionals. AI … More

The post Machine learning fundamentals: What cybersecurity professionals need to know appeared first on Help Net Security.

Smashing Security #115: Love, Nests, and is 2FA destroying the world?

Smashing Security #115: Love, Nests, and is 2FA destroying the world?

Is two factor authentication such a pain in the rear end that it’s costing the economy millions? Do you feel safe having a Google Nest in your home? And don’t get caught by a catfisher this Valentine’s Day.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by B J Mendelson.

Ep. 114 – Finding Love with Whitney Merrill

What do you get when you mix a lawyer, crypto junkie and a romantic together? Well, none other than our guest for this month, Whitney Merrill. – Feb 11, 2019
Contents Download Get Involved

Download

Ep. 114 – Finding Love with Whitney Merrill
Miro Video Player

Get Involved

Got a great idea for an upcoming podcast? Send us a quick message on the contact form! Enjoy the Outtro Music? Thanks to Clutch for allowing us to use Son of Virginia as our new SEPodcast Theme Music And check out a schedule for all our training at Social-Engineer.Com Check out the Innocent Lives Foundation to help unmask online child predators.

The post Ep. 114 – Finding Love with Whitney Merrill appeared first on Security Through Education.

Smashing Security #114: Darknet Diaries, death, and beauty apps

Smashing Security #114: Darknet Diaries, death, and beauty apps

Jack Rhysider from the “Darknet Diaries” podcast joins us to chat about his interview with the elusive Hacker Giraffe, how a death is preventing cryptocurrency investors from reaching their money, and how ‘beauty camera’ apps are redirecting users to phishing websites and stealing their selfies.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by computer security veterans Graham Cluley and Carole Theriault.

Kaspersky Lab official blog: Transatlantic Cable podcast, episode 76

The 76th edition of the Kaspersky Lab Transatlantic Cable Podcast, David and I cover a number of stories pertaining to privacy and, surprisingly, browsers. To start things off, we look at the issue that Apple faced earlier in the week where a bug in FaceTime that was reported by a kid wound up in the public eye.

Following that tale, we jump into a stranger-than-fiction story about Facebook and their controversial tactic to have users install a VPN to share their data with Facebook. The kicker is that the target audience included kids.

Following Facebook, we stay on the privacy bandwagon and look at the work that Mozilla did to improve the latest version of Firefox. We close out the podcast bidding happy trails to Internet Explorer 10. If you like the podcast, please consider sharing with your friends or subscribing below; if you are interested in the full text of the articles, please click the links below.



Kaspersky Lab official blog

Smashing Security #113: FaceTime, Facebook, faceplant

Smashing Security #113: FaceTime, Facebook, faceplant

FaceTime bug allows callers to see and hear you *before* you answer the phone, Facebook’s Nick Clegg tries to convince us the social network is changing its ways, and IoT hacking is big in Japan.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by John Hawes from AMTSO.

Smashing Security #112: Payroll scams, gold coin heists, web giants spanked

Smashing Security #112: Payroll scams, gold coin heists, web giants spanked

Business email compromise evolves to target your company’s payroll, how the world’s largest gold coin was stolen from a Berlin museum, and are internet giants feeling the heat yet over data security?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by people hacker Jenny Radcliffe.

Beers with Talos Ep. #45: SoHo attacks, IoT devices, and the cesspool setting



Beers with Talos (BWT) Podcast Ep. #45 is now available. Download this episode and subscribe to Beers with Talos:

If iTunes and Google Play aren't your thing, click here.

Ep. #45 show notes: 

Recorded Jan. 18, 2019

We have an extended roundtable today (even more than usual) because we accidentally discussed some relevant security topics in the meantime. Eventually, we move on to talk about recent releases, primarily the PyLocky decryptor and more internet-of-things vulnerabilities. We move on to discuss what’s going on in the small and home office device space, with some specific advice and a lot of rage. This episode closes out discussing the release of a new plugin for IDA called "Dynamic Data Resolver" (download available) and reminding everyone of the TTRS CFP (closing soon!) here.

The timeline:

The topics

01:00 — Roundtable: The Reds, blockchain, Talos is hiring, the language of theater versus film. Yep. All that.
22:26 — Emotet, Pylocky, and what we’ve been writing about lately
28:15 — SoHo device attacks - the prevalence and problems presented
53:17 — The cesspool setting for IoT devices
54:45 — Dynamic Data Resolver (DDR) plugin for IDA Pro
59:30 — Parting shots, closing thoughts

The links

The healing powers of Anfield
Talos Careers page
Stage musicals as movies analysis
Pylocky Ransomware decryptor
R600 VPN vulnerability post
DDR plug-in for IDAPro
Paul’s IDA palette
Talos Threat Research Summit CFP

==========

Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC).
Hosted by Mitch Neff (@MitchNeff).
Find all episodes here.

Subscribe via iTunes (and leave a review!)

Check out the Talos Threat Research Blog

Subscribe to the Threat Source newsletter

Follow Talos on Twitter

Give us your feedback and suggestions for topics:
beerswithtalos@cisco.com

Beers with Talos EP44: Fun with 2018’s Worst and Talks We Want to Hear



Beers with Talos (BWT) Podcast Ep. #44 is now available. Download this episode and subscribe to Beers with Talos:

If iTunes and Google Play aren't your thing, click here.

Ep. #44 show notes: 

Recorded Jan. 7, 2018

Most of the episode (after an extended roundtable — we all had a lot to get out after time off), we look back at the 2018 Malware Year in Review, including Olympic Destroyer, VPNFilter, MDM and other unique, large-scale, or otherwise interesting bits of malware that Talos encountered. We also discuss the things we would love to see conference talks about in the new year. Of course, we use that to announce the CFP for Talos Threat Research Summit 2019. If you do defense and want to talk to other defenders, make sure to submit before Jan. 25 here.

The timeline:

The topics

01:00 — Roundtable: Show and tell from holiday vacations
16:10 — Top Threats of 2018: “Top” means we called them top, there is no objective measure here.
44:10 — What conference talks would be great to see in 2019
1:00:30 — TTRS 2019 CFP and conference announcement
1:10:24 — Parting shots, closing thoughts

The links

Talos Year in Malware rundown
Initial MDM post
==========

Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC).
Hosted by Mitch Neff (@MitchNeff).
Find all episodes here.

Subscribe via iTunes (and leave a review!)

Check out the Talos Threat Research Blog

Subscribe to the Threat Source newsletter

Follow Talos on Twitter

Give us your feedback and suggestions for topics:
beerswithtalos@cisco.com

Smashing Security #111: When rivals hack, and ‘extreme’ baby monitors

Smashing Security #111: When rivals hack, and 'extreme' baby monitors

Why a business spat resulted in Liberia falling off the internet, how the US Government shutdown is impacting website security, and the perplexing world of extreme IoT devices.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Zoë Rose.

Ep. 113 – Nutrition Facts for Online Information with Clint Watts

Misinformation is a powerful tool. As we enter 2019 we invite on a fascinating guest, Clint Watts, who has spend his career learning all about how to use it and how it is used. – Jan 14, 2019

Contents Download Get Involved

Download

Ep. 113 – Nutrition Facts for Online Information with Clint Watts

Miro Video Player

Get Involved

Got a great idea for an upcoming podcast? Send us a quick message on the contact form!

Enjoy the Outtro Music? Thanks to Clutch for allowing us to use Son of Virginia as our new SEPodcast Theme Music

And check out a schedule for all our training at Social-Engineer.Com

Check out the Innocent Lives Foundation to help unmask online child predators.

The post Ep. 113 – Nutrition Facts for Online Information with Clint Watts appeared first on Security Through Education.

Smashing Security #110: What? You can get paid to leave Facebook?

Smashing Security #110: What? You can get paid to leave Facebook?

Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Beers with Talos EP 43: Espionage, Encryption, and CISO Square One



Beers with Talos (BWT) Podcast Ep. #43 is now available. Download this episode and subscribe to Beers with Talos:

If iTunes and Google Play aren't your thing, click here.

Ep. #43 show notes: 

Recorded Dec. 7, 2018.

Several of us are under the weather, but the show must go on. We did our best, as always. After running through some recent research, we spend a good bit of this EP looking through the lens of a recent breach at the first things a new security leader should get a handle on - what questions need to be answered? What information and practices are day-1 vital? We wrap up taking a look at a slew of vulns Talos uncovered in secure messaging apps.

The timeline:

The topics

01:00 - Roundtable - we talk about the Reds, death by IoT lawnmowers, and the special Spam we get
12:40 - DNSpionage campaign and DNS redirection attacks
20:50 - Day One as CISO - Handling Inherited Risk as a Leader
50:45 - (in)Secure messenger apps - Ranging responses to vuln disclosures
1:02:36 - Closing thoughts and parting shots

The links

(in)Secure messaging blog post

==========

Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC).
Hosted by Mitch Neff (@MitchNeff).
Find all episodes here.

Subscribe via iTunes (and leave a review!)

Check out the Talos Threat Research Blog

Subscribe to the Threat Source newsletter

Follow Talos on Twitter

Give us your feedback and suggestions for topics:
beerswithtalos@cisco.com

Ep. 112 – Catching Spies and Paying Parking Tickets with Joe Navarro

Almost 100 episodes have passed and we finally get one of our all time favorite guests back on the show – Joe Navarro. His new book is literally THE encyclopedia of body language and we must discuss it. Join us – Dec 10, 2018

Contents

Download

Ep. 112 – Catching Spies and Paying Parking Tickets with Joe Navarro

Miro Video Player

Get Involved

Got a great idea for an upcoming podcast? Send us a quick message on the contact form!

Enjoy the Outtro Music? Thanks to Clutch for allowing us to use Son of Virginia as our new SEPodcast Theme Music

And check out a schedule for all our training at Social-Engineer.Com

Check out the Innocent Lives Foundation to help unmask online child predators.

The post Ep. 112 – Catching Spies and Paying Parking Tickets with Joe Navarro appeared first on Security Through Education.

Ep. 111 – Crypto AI Blockchain Smoothies at Walmart with Nick Furneaux

What does crypto currency, blockchain, artificial intelligence and Walmart smoothies have to do with social engineering?  Join us this month as Nick Furneaux lets us know. Nov 12, 2018

Contents

Download

Ep. 111 – Crypto AI Blockchain Smoothies at Walmart with Nick Furneaux

Miro Video Player

Get Involved

Got a great idea for an upcoming podcast? Send us a quick message on the contact form!

Enjoy the Outtro Music? Thanks to Clutch for allowing us to use Son of Virginia as our new SEPodcast Theme Music

And check out a schedule for all our training at Social-Engineer.Com

Check out the Innocent Lives Foundation to help unmask online child predators.

The post Ep. 111 – Crypto AI Blockchain Smoothies at Walmart with Nick Furneaux appeared first on Security Through Education.

Ep. 110 – From SECTF to Pro SE with Whitney and Rachel

So many times we get asked how can you become a professional social engineer.  This month we talk to two amazing women who were never in the industry, took a huge risk and it paid off.  Join us in this fascinating conversation with Whitney Maxwell and Rachel Tobac. Oct 8, 2018

Contents

Download

Ep. 110 – From SECTF to Pro SE with Whitney and Rachel

Miro Video Player

Get Involved

Got a great idea for an upcoming podcast? Send us a quick message on the contact form!

Enjoy the Outtro Music? Thanks to Clutch for allowing us to use Son of Virginia as our new SEPodcast Theme Music

And check out a schedule for all our training at Social-Engineer.Com

Check out the Innocent Lives Foundation to help unmask online child predators.

The post Ep. 110 – From SECTF to Pro SE with Whitney and Rachel appeared first on Security Through Education.

Podcast Notes – Six Point List for Dealing with Today’s Cyber Attacks

I was recently on a podcast (to be released in the next couple of weeks) discussing current events, especially recent reports related to Hackers Are Targeting Nuclear Facilities, Homeland Security Dept. and F.B.I. Say. Towards the end of the podcast, I was asked for some closing thoughts, which I organized into a six-point list:

  1. Attacks are happening. Accept this as fact!
  2. Look internally at your People, Processes, and Technology (PPT), and assess how resilient your PPTs are against the types of attacks that are happening.
  3. Start taking steps -- or more likely, improve your current steps -- to prevent, but also to detect and respond (as prevention will only get you so far).
  4. Patch, patch, patch.
  5. Test, test, test.
  6. Finally, because it's only a matter of time, the last item is: drill baby, drill.

Analyzing the Malware Analysts – Inside FireEye’s FLARE Team

At the Black Hat USA 2016 conference in Las Vegas last week, I was fortunate to sit down with Michael Sikorski, Director, FireEye Labs Advanced Reverse Engineering (FLARE) Team.

During our conversation we discussed the origin of the FLARE team, what it takes to analyze malware, Michael’s book “Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software,” and the latest open source freeware tools FLOSS and FakeNet-NG.

Listen to the full podcast here.