7MS #334: IT Security Horrors That Keep You Up at Night
7 Minute Security1 Nov 2018

7MS #334: IT Security Horrors That Keep You Up at Night

This week I got to celebrate Halloween with my friends at Netwrix by co-hosting a Webinar called IT Security Horrors That Keep You Up at Night. The content was a modified version of the Blue Team on a Budget talk I've been doing the past year or so, and essentially focuses on things organizations can do to better defend their networks without draining their budgets.

The presentation had a Child's Play theme and showed Chucky trying to hack Andy's company via:

  • Phishing
  • Abusing bad domain passwords
  • Abusing bad local admin passwords
  • Responder attack
  • Lack of SMB signing

Each attack was also followed up my some advice for how to stop it (or at least slow down its effectiveness).

The presentation itself was a blast and I learned some good public speaking lessons as a result:

  • Get your slides done early! - when co-presenting, it makes sense that they want to see your slides sooner than the day of! :-)

  • Don't freak out about an audience of "none" - I always think Webinars are weird because you can't see people's faces or interpret their body language to get a feel for whether they appreciate your humor or understand the points you're trying to make. I learned you just gotta keep pushing forward "blind" whether you like it or not.

  • Setup a redundant presentation system - ok so file this one with the irrational fears dept, but I actually had a second laptop ready with my presentation loaded, and the laptop was connected to a cell hotspot I setup on a tablet. That way if my machine BSOD'd or Internet went out in my house, I could quickly rejoin the presentation and pick up where I left off. Safe or psycho? You decide!

Happy belated Halloween!

Avsnitt(720)

7MS #456: Certified Red Team Professional - Part 4

7MS #456: Certified Red Team Professional - Part 4

Hello friends!  Today, Joe (Gh0sthax) and I complete our series on CRTP - Certified Red Team Professional - a really awesome pentesting training and exam based squarely on Microsoft tools and tradecra...

25 Feb 202156min

7MS #455: Tales of Internal Network Pentest Pwnage - Part 24

7MS #455: Tales of Internal Network Pentest Pwnage - Part 24

Hey everybody! Sorry that we're late again with today's episode, but I got COVID shot #2 and it kicked my behind BIG TIME today. But I'm vertical today and back amongst the living and thrilled to be s...

19 Feb 202152min

7MS #454: Cyber News - Lets Switch to Typewriters Edition

7MS #454: Cyber News - Lets Switch to Typewriters Edition

Happy almost-mid-February! Today Gh0sthax cooked up some great news stories for us to chew on, including: Sudo bug gives root access to mass numbers of Linux systems! What the heck is hammering w...

11 Feb 202150min

7MS #453: Interview with Marcello Salvati

7MS #453: Interview with Marcello Salvati

Today's featured interview is with Marcello Salvati of Black Hills Information Security. Marcello is a.k.a. byt3bl33d3r, and known for his many contributions to the security community. We here at 7MS ...

4 Feb 20211h 5min

7MS #452: Enterprise Attacker Emulation and C2 Implant Development

7MS #452: Enterprise Attacker Emulation and C2 Implant Development

Hey everyone! Hope you're having a great week. Today Gh0sthax and I do a brain dump and recap of a cool (and mind-exploding) course we took last week called Enterprise Attacker Emulation and C2 Implan...

28 Jan 202139min

7MS #451: Deep Freeze

7MS #451: Deep Freeze

Today we talk about a cool product called Deep Freeze, which, as its name implies, can "freeze" your computer in a known/good/frozen state. Then you can do whatever the flip you want to the machine (i...

22 Jan 202148min

7MS #450: DIY Pentest Dropbox Tips - part 4

7MS #450: DIY Pentest Dropbox Tips - part 4

Hey friends! We're continuing our series on pentest dropbox building - specifically playing off last week's episode where we started talking about automating the OS builds that go on our dropboxes. To...

15 Jan 202156min

7MS #449: DIY Pentest Dropbox Tips - Part 3

7MS #449: DIY Pentest Dropbox Tips - Part 3

Happy new year! This episode continues our series on DIY pentest dropboxes with a focus on automation - specifically as it relates to automating the build of Windows 10, Windows Server 2019, Kali and ...

7 Jan 20211h 6min

Populärt inom Politik & nyheter

aftonbladet-krim
p3-krim
rss-krimstad
spar
aftonbladet-daily
svenska-fall
politiken
flashback-forever
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
kungligt
ett-rent-noje
rss-vad-fan-hande
motiv
rss-frandfors-horna
blenda-2
rss-flodet
krimmagasinet
svd-ledarredaktionen