7MS #22: Phishing with Black Squirrel (audio)

WARNING: Today's episode is a bit of an experiment, and I hope you'll hang in there with me for it. I had the opportunity to do a week-long red team engagement, and so I recorded a little summary of the experience at the end of each day, and then pasted them all together to make today's episode. Listening back to the episode now, it sounds like I might belong on a funny farm. But I thought it would be fun to give you a first-hand account of the experience so you can share the stomach-twisting journey with me.

24 Tammi 201950min

Coming up on Tuesday, January 22 I'll be doing a Webinar with Netwrix called 4 Ways Your Organization Can Be Hacked. It features a Billy Madison theme and pits evil Eric Gordon against sysadmin Billy Madison. Hope you'll join us - it'll be fun! Today I'm pleased to welcome Amber Boone to the program! She is an awareness builder for a cybersecurity vendor (insert dramatic music!), and Amber was gracious enough to help me pilot a new style of interview called 7 Minute Interviews with 7MS. I basically asked Amber a "serious" question about security, then a goofy one, then another serious, then another goofy...and so on and so forth until the 7 minutes was up. Amber answered important questions such as: Would she rather fight 100 duck-sized horses, or 1 horse-sized ducks? What basic security effort could orgs address without investing a huge amount of dollars and effort? Would she rather be a giant hamster or a tiny rhinoceros? If you'd like to check out what Amber's doing online, check out her LinkedIn, her side project YourLegacies.com or follow Amber on Twitter. Interested in doing a 7 minute interview with 7MS? Head here.

16 Tammi 201922min

I'd like to coordially invite you to the first-ever 7MS User Group meeting, coming up Monday, January 14th at 6 p.m.! You can attend physically, virtually or both! All the info you need is in today's podcast, as well as here. See you there!

9 Tammi 201911min

Psssst! Wanna come to the first ever 7MS User Group meeting? It's coming up on January 14th. You can join in person or virtually! Head here for more information! Dan DeCloss (a.k.a. wh33lhouse on Slack and @PlexTracFTW aon Twitter) joined me virtually in the studio to talk about his passion project, PlexTrac. Dan also shared his insight on all sorts of great topics, including: How to bleed "purple" and get comfortable playing on both the attacking and defending side of the house What areas are we failing in defending our networks - and what kind of things can we do make our networks more resilient?! What's the biggest challenge you see on both the blue and red team side (spoiler alert: communication is super important!)? How do you break into a cyber security position that requires X years of experience when you have zero experience (Dan offers a great tip: don't be intimidated by requirements on job postings...they're often excessive/unreasonable) Ways to show security aptitude on your resume without necessarily having a bunch of experience: Build a home lab Create a blog Bug bounties Make a podcast Get certs (or at least get enrolled in them) Some history on PlexTrac and what inspired Dan to create it

2 Tammi 20191h

Matt McCullough (a.k.a. Matty McFly on Slack) joined me in the studio to talk about his wild and crazy path to security. He started literally with no technical experience, but through a lot of hard work, aggressive networking and taking advantage of educational and career opportunities, Matt now rocks a SOC job. Matt and I sat down to talk about a lot of good stuff: How to start an IT career as "the family IT guy" Leveraging a higher education (at places like Lake Superior College to meet people of influence and start networking like a beast Entry level sysadmin and helpdesk jobs are fun - great opportunities to make the most of the position, build your skills and stretch yourself outside your comfort zone MSPs (Managed Service Providers) are another great way to see different clients/verticals/systems and the various requirements that go into supporting them. From there, look for opportunities to start securing those organizations, as many MSPs don't dabble heavily into the security realm. If you're going to school for cybersecurity training, look for ways to leverage your status to get discounts on security training, such as with SANS Competitions like CCDC are awesome. You're given a handful of servers that are full of vulnerabilities, and you essentially are tasked with defending a network against a professional group of pentesters/redteamers. You even have to deal with real-life "injections" (other random emergencies and mock customers to deal with) while you're in the thick of the battle! Join local cyber clubs (or start your own)! Looking for a fun CTF to get started in a group setting? Try hacking the OWASP Juice Shop Attend security conferences(or start your own)! ...more notes at 7MS.us!

27 Joulu 20181h 45min

Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised password. It's in compliance with the latest NIST password guidelines, and is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount! In today's episode we talk about how to identify - and resolve - unquoted service paths. Maybe you've seen this pop up in your vulnerability scanner and aren't quite sure what the risk is or how to fix it - and maybe more importantly, how to fix it at scale if need be. That's the technical conundrum I faced this week, so I talk about some resources to help you identify this risk and get it out of your environment! And here's a gist I wrote that walks you through everything step by step:

19 Joulu 201816min

Last week I had the fun privilege of speaking twice at the Minnesota Goverment IT Symposium on the following topics: Forensics 101: This was a "reloaded" talk that I started earlier this year (and covered in episode 299 and 300). At a high level, the talk covered: Hunting malware with Sysinternals Creating system images with FTKImager Dumping memory with Volatility and ripping icky stuff out of memory images with their 1-2-3 punch article Seeking out DNS tunneling/exfil using Security Onion Pecha Kucha: this talk, which is in a 20x20 format is part PSA about how to not click bad links, part cautionary tale (and music video!) about how the promise of a free burrito can ruin your business! Check out the video here, and special thanks to Joe Klein for providing the awesome pics to go along with the storyboard - you're a champ. Also, check out the Digital Forensics Survival Podcast which is awesome for learning more about forensics and IR.

13 Joulu 201822min

On a recent security assessment I was thrown for a loop and given the opportunity to do a two-part physical pentest/SE exercise - with about 5 minutes notice(!). Yes, it had me pooping my pants, but in retrospect it was an amazing experience. This is the mission I was given: See if you can get the front desk staff to plug in a USB drive - I posed as John Strand and armed myself with a fake resume. And as I approached the front desk I suddenly panicked and thought, "What if the front desk person is a BHIS fan?!?!?" Break into a door with weak security and steal equipment - I was given a plastic shiv and asked to try and get into a secure area in the middle of a busy office morning. No pressure, right? Was I successful? Was I arrested? Find out in today's episode!

6 Joulu 201819min