7 Minute Security16 Kesä 2021

7MS #472: Interview with Christopher Fielder

Today our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including:

How the Colonial Pipeline incident may have started from a weak VPN cred with no MFA. Silver lining (?) - they got some of the $ back.
Was the federal government's response good enough? What should the government be doing to better handle and manage ransomware?
- Common ways ransomware gets in our environments, and some ways to NOT get ransomware'd:
  - Use 2FA (make sure that all accounts are using it!)
  - Consider having (if possible) your AD user scheme be something like chi-user4920394 instead of Joe.President
  - Have users that haven't logged in for X days get automatically locked out
  - Train your users - consider Arctic Wolf's managed security awareness offering
  - Detect early signs of compromise like Kerberoasting
  - Lock down your DNS egress to only specific servers so that it doesn't run "wide open"
  - Leverage good threat intel

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(691)

7MS #242: Bye Bye Dream Job - Part 4

We've reached the end of this series, and I come into this final chapter bearing good news: I have a job! So in today's episode, I just wanted to kick back and share some cool things I'm working on as I ramp up in this new adventure (and that will also provide good topics for future episodes): Webapp pentest tool bake-off In the next week I'll be evaluating the following for a more general/automatic Webapp scans: Netsparker HP WebInspect Qualys AppSpider SIEM comparison We're looking at several tools to do both on-prem and managed SIEM solutions. If you've got recommendations or experiences to share I would love to hear them - please contact me. Thanks in advance!

26 Tammi 201710min

7MS #241: Bye Bye Dream Job - Part 3

Show notes are here

19 Tammi 201713min

7MS #240: Bye Bye Dream Job - Part 2

Show notes are here.

12 Tammi 201712min

7MS #239: Bye Bye Dream Job - Part 1

Show notes: https://7ms.us/7ms-239-bye-bye-dream-job-part-1

5 Tammi 20179min

7MS #238: Network Monitoring 101 - Part 2: NMAP, Papertrailapp and OpenCanary

Show notes: https://7ms.us/7ms-238-network-monitoring-101-part-2-nmap-papertrailapp-and-opencanary

30 Marras 20168min

7MS #237: Network Monitoring 101 - Part 1: Nessus

Show notes: https://7ms.us/7ms-237-network-monitoring-101-part-1-nessus

23 Marras 20168min

7MS #236: From "Derp!" to Domain Admin with MOVEit Central

Show notes: https://7ms.us/7ms-236-from-derp-to-domain-admin-with-moveit-central

17 Marras 201611min

7MS #235: Pwning Billy Madison

Show notes: https://7ms.us/7ms-235-pwning-billy-madison

10 Marras 201610min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

rss-tasta-on-kyse-ivan-puopolo-verkkouutiset

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää