7MS #334: IT Security Horrors That Keep You Up at Night
7 Minute Security1 Nov 2018

7MS #334: IT Security Horrors That Keep You Up at Night

This week I got to celebrate Halloween with my friends at Netwrix by co-hosting a Webinar called IT Security Horrors That Keep You Up at Night. The content was a modified version of the Blue Team on a Budget talk I've been doing the past year or so, and essentially focuses on things organizations can do to better defend their networks without draining their budgets.

The presentation had a Child's Play theme and showed Chucky trying to hack Andy's company via:

  • Phishing
  • Abusing bad domain passwords
  • Abusing bad local admin passwords
  • Responder attack
  • Lack of SMB signing

Each attack was also followed up my some advice for how to stop it (or at least slow down its effectiveness).

The presentation itself was a blast and I learned some good public speaking lessons as a result:

  • Get your slides done early! - when co-presenting, it makes sense that they want to see your slides sooner than the day of! :-)

  • Don't freak out about an audience of "none" - I always think Webinars are weird because you can't see people's faces or interpret their body language to get a feel for whether they appreciate your humor or understand the points you're trying to make. I learned you just gotta keep pushing forward "blind" whether you like it or not.

  • Setup a redundant presentation system - ok so file this one with the irrational fears dept, but I actually had a second laptop ready with my presentation loaded, and the laptop was connected to a cell hotspot I setup on a tablet. That way if my machine BSOD'd or Internet went out in my house, I could quickly rejoin the presentation and pick up where I left off. Safe or psycho? You decide!

Happy belated Halloween!

Avsnitt(720)

7MS #472: Interview with Christopher Fielder

7MS #472: Interview with Christopher Fielder

Today our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including: ...

16 Juni 202152min

7MS #471: Cyber News - Ransomware Should Run Somewhere Edition

7MS #471: Cyber News - Ransomware Should Run Somewhere Edition

Hey everybody, happy June! Our pal Joe is back to cover some great security stories with us, including: Peloton's leaky API Some Colonial Pipeline discussion (story 1, story 2) Amazon Sidewalk ...

9 Juni 20211h 2min

7MS #470: First Impressions of Meraki Networking Gear

7MS #470: First Impressions of Meraki Networking Gear

Today we're doing something new - a first impressions episode of Meraki networking gear. Note: this is not a sponsored episode, but rather a follow up to episode #460 where I talked about throwing all...

2 Juni 202136min

7MS #469: Interview with Philippe Humeau of CrowdSec

7MS #469: Interview with Philippe Humeau of CrowdSec

Hey friends! Today we're talking with Philippe Humeau, CEO of CrowdSec, which is "an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all ki...

26 Maj 202148min

7MS #468: Eating the Security Dog Food - Part 3

7MS #468: Eating the Security Dog Food - Part 3

Today we continue the series on eating your own security dog food! Specifically, we talk about: Keeping a log and procedure for sanitizing systems Keeping a log and procedure for provisioning syst...

20 Maj 202124min

7MS #467: How to Succeed in Business Without Really Crying - Part 9

7MS #467: How to Succeed in Business Without Really Crying - Part 9

Hey everybody! I stayed in a hotel for the first time in over a year and boy oh boy...I hope I didn't get COVID from the bedsheets! Anyhow, on that journey I thought of some things that I think will h...

12 Maj 202155min

7MS #466: Attacking and Defending Azure AD Cloud (CARTP)

7MS #466: Attacking and Defending Azure AD Cloud (CARTP)

Welp, I need another security certification like I needed a bunch to the retinas, but even after all the fun (and pain) of CRTP I couldn't help but sign up for the maiden voyage of Attacking and Defen...

5 Maj 20211h

7MS #465: Cyber News - The FBI Might Be Getting Into the IR Biz Edition

7MS #465: Cyber News - The FBI Might Be Getting Into the IR Biz Edition

Hey friends! Today Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I talk about some of our favorite news stories, including: FBI removes hacker back doors NSA: 5 security bugs under active nation-s...

28 Apr 202153min

Populärt inom Politik & nyheter

aftonbladet-krim
p3-krim
rss-krimstad
spar
aftonbladet-daily
svenska-fall
politiken
flashback-forever
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
kungligt
ett-rent-noje
rss-vad-fan-hande
motiv
rss-frandfors-horna
blenda-2
rss-flodet
krimmagasinet
svd-ledarredaktionen