7MS #334: IT Security Horrors That Keep You Up at Night
7 Minute Security1 Nov 2018

7MS #334: IT Security Horrors That Keep You Up at Night

This week I got to celebrate Halloween with my friends at Netwrix by co-hosting a Webinar called IT Security Horrors That Keep You Up at Night. The content was a modified version of the Blue Team on a Budget talk I've been doing the past year or so, and essentially focuses on things organizations can do to better defend their networks without draining their budgets.

The presentation had a Child's Play theme and showed Chucky trying to hack Andy's company via:

  • Phishing
  • Abusing bad domain passwords
  • Abusing bad local admin passwords
  • Responder attack
  • Lack of SMB signing

Each attack was also followed up my some advice for how to stop it (or at least slow down its effectiveness).

The presentation itself was a blast and I learned some good public speaking lessons as a result:

  • Get your slides done early! - when co-presenting, it makes sense that they want to see your slides sooner than the day of! :-)

  • Don't freak out about an audience of "none" - I always think Webinars are weird because you can't see people's faces or interpret their body language to get a feel for whether they appreciate your humor or understand the points you're trying to make. I learned you just gotta keep pushing forward "blind" whether you like it or not.

  • Setup a redundant presentation system - ok so file this one with the irrational fears dept, but I actually had a second laptop ready with my presentation loaded, and the laptop was connected to a cell hotspot I setup on a tablet. That way if my machine BSOD'd or Internet went out in my house, I could quickly rejoin the presentation and pick up where I left off. Safe or psycho? You decide!

Happy belated Halloween!

Avsnitt(720)

7MS #519: Tales of Pentest Pwnage - Part 35

7MS #519: Tales of Pentest Pwnage - Part 35

Hey friends, it's another fun tale of pentest pwnage today! This one talks about cool things you can do when you have full rights over an OU in Active Directory. Important links to review: BloodHoun...

7 Maj 202246min

7MS #518: Interview with Amanda Berlin of Blumira

7MS #518: Interview with Amanda Berlin of Blumira

Today we're pumped to share a featured interview with Amanda Berlin, Lead Incident Detection Engineer at Blumira. You might already be familiar with Amanda's awesome Defensive Security Handbook or fin...

27 Apr 202257min

7MS #517: DIY Pentest Dropbox Tips - Part 6

7MS #517: DIY Pentest Dropbox Tips - Part 6

Today we're continuing a series we haven't done in a while (click here to see the whole series) all about building and deploying pentest dropboxes for customers. Specifically, we cover: Auto installin...

22 Apr 202246min

7MS #516: Tips to Travel More Securely

7MS #516: Tips to Travel More Securely

In today's episode I talk about a cool self-defense class I took a while ago which was all about less lethal methods of protecting/defending yourself. I also talk about some safer ways to handle/hide ...

14 Apr 202245min

7MS #515: Securing Your Family During and After a Disaster - Part 5

7MS #515: Securing Your Family During and After a Disaster - Part 5

Today we continue the series we started a few years ago called Security Your Family During and After a Disaster (the last part in this series was from a few years ago. In today's episode we focus on s...

6 Apr 202235min

7MS #514: Tales of Pentest Pwnage - Part 34

7MS #514: Tales of Pentest Pwnage - Part 34

Welcome to another fun tale of pentest pwnage! This one isn't a telling of one single pentest, but a collection of helpful tips and tricks I've been using on a bunch of different tests lately. These t...

30 Mars 202250min

7MS #513: Interview with Christopher Fielder and Jon Crotty of Arctic Wolf

7MS #513: Interview with Christopher Fielder and Jon Crotty of Arctic Wolf

Today we're joined by our friends Christopher Fielder and Jon Crotty from Arctic Wolf to talk about their interesting report on The State of Cybersecurity: 2022 Trends (note: you can get some of the r...

23 Mars 202255min

7MS #512: First Impressions of InsightIDR

7MS #512: First Impressions of InsightIDR

Today I'm sharing some first impressions of the Rapid 7 InsightIDR as kind of a teaser for an eventual new chapter in our Desperately Seeking a Super SIEM for SMBs series. Disclaimer: remember these a...

17 Mars 202251min

Populärt inom Politik & nyheter

aftonbladet-krim
rss-krimstad
p3-krim
spar
svenska-fall
aftonbladet-daily
politiken
flashback-forever
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
kungligt
ett-rent-noje
rss-vad-fan-hande
motiv
blenda-2
grans
rss-frandfors-horna
rss-flodet
krimmagasinet