Talkin' Bout [Infosec] News

Originally aired on November 19, 2020 Articles discussed in this episode: * https://duo.com/blog/the-great-dns-vulnerability-of-2008-by-dan-kaminsky* https://blog.cloudflare.com/sad-dns-explained Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 2,880 other subscribers Email Address Subscribe

Originally aired on November 11, 2020 Articles discussed in this episode: * https://www.darkreading.com/attacks-breaches/malware-hidden-in-encrypted-traffic-surges-amid-pandemic/d/d-id/1339420* https://threatpost.com/millions-hotel-guests-worldwide-data-leak/161044/ Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 2,837 other subscribers Email Address Subscribe

Originally aired on 11/09/2020 Articles discussed in this episode: * https://www.darkreading.com/threat-intelligence/6-ways-passwords-fail-basic-security-tests/d/d-id/1339299* https://www.infosecurity-magazine.com/news/national-guard-uvm-health-network/* https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack/ Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 2,843 other subscribers Email Address Subscribe

Originally aired on October 26, 2020. Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 2,845 other subscribers Email Address Subscribe

Originally aired on October 21, 2020. Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment. https://www.blackhillsinfosec.com/services/cyber-range/ Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts. Join 2,828 other subscribers Email Address Subscribe

Many people get started in security as a Security Operations Center (SOC) analyst. In this Black Hills Information Security (BHIS) webcast we discuss the core skills that a SOC analyst needs in order to be successful. Trust us, these skills are more than just watching the SIEM and letting the SOAR platform handle everything through a AI powered single pane of glass. Security has been and will continue to be, hard. This webcast will help people who are getting started be more successful and hopefully happier in their jobs. I mean, we can’t make people happy. But, being good at one’s job is a good step in that direction. The rest is on you. We also cover some techniques that can be used to help stop SOC burnout. Because that is a real thing….. It is a real thing that many SOC analysts go through. When they do, they often entertain dreams of getting out of security and buying a food truck. Let’s help stop that. The world does not need another mediocre falafel truck powered by the crushed hopes and dreams of another infosec burnout. Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/10/SLIDES_TheSOCAge.pdf Join the BHIS Discord Community — https://discord.gg/aHHh3u5 “Pay What You Can” SOC Core Skills 16-Hour Training Course: https://wildwesthackinfest.com/online-training/soc-core-skills-john-strand/ 0:00:00 – PreShow Banter™ – A Weird Flex 0:12:24 – FEATURE PRESENTATION: SOC Analyst Key Skills 0:16:53 – Server Analysis 0:20:13 – There’s A Guide For That 0:26:54 – Memory Forensics 0:34:16 – Egress Traffic Analysis 0:43:39 – Logs Are Better Than Bad, They’re a Train Wreck 0:48:40 – “False Positives”

They say it “takes a village” to help raise a child… well, it also takes a village to help raise an infosec professional. With so many technologies, techniques, and tools and the need for soft-skills and the ability to navigate different types of relationships, we all need help. That’s where a formal mentor can be your guide into the unknown. We ALL can benefit from being mentored and being a mentor. In this live Black Hills Information Security (BHIS) webcast, we’ll discuss:– How to know if you need a mentor– How to find a mentor– How to be a mentor– How to be a mentee– How to ask someone to be a mentor– Multiple mentors– Difference between mentors, friends, tutors, career counselors, etc.– What to discuss during a mentoring session– How to make the best use of everyone’s time– When to end a mentoring relationship Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/10/SLIDES_InfoSecMentoring_HowtoFindandBe.pdf Join Our BHIS Discord Community – https://discord.gg/aHHh3u5 0:00:00 – PreShow Banter™ – We’re There, Trust Us 0:07:33 – PreShow Banter™ – Trace Labs CTF 0:24:47 – FEATURE PRESENTATION: InfoSec Mentoring 0:28:23 – Mentors, the Fresh Maker™ 0:30:27 – How To Find a Cult Leader, I Mean Mentor. 0:34:37 – B-Sides Orlando DEMO 0:42:17 – How To Be a Mentor 0:56:12 – How to Be A Mentee 1:03:42 – Your Moment of Self-Doubt 1:05:34 – Will You Be My Mentor? 1:11:56 – Reach Out 1:14:41 – Multiple Mentors 1:16:36 ... (00:00) - PreShow Banter™ – We're There, Trust Us (06:46) - PreShow Banter™ – Trace Labs CTF (23:21) - FEATURE PRESENTATION: Info Sec Mentoring (26:54) - Mentors, the Fresh Maker™ (28:55) - How To Find a Cult Leader, I Mean Mentor. (32:59) - B-Sides Orlando DEMO (40:29) - How To Be a Mentor (53:56) - How to Be A Mentee (01:01:17) - Your Moment of Self-Doubt (01:03:06) - Will You Be My Mentor? (01:09:22) - Reach Out (01:11:57) - Multiple Mentors (01:13:50) - Mentors, Friends, & Counselors (01:16:14) - You Discuss Me (01:17:28) - Time is Valuable (01:17:46) - This is the End (01:19:24) - End of Show Banter

Worlds collide as Black Hills Information Security (BHIS) brings together legendary developers in open source software (OSS) hunting and adversarial emulation projects for a discussion on the current state of the landscape and what’s coming next. As our panel hosts, Jordan and Kent (Atomic Purple Team, PlumHound), continue to focus on advocating and evangelizing for Purple Teaming in the information security community, they have invited Roberto Rodriguez & Nate Guagenti (HELK Project, Mordor) and Marcello Salvati (CrackMapExec, SILENTTRINITY) to discuss the collision of OSS Hunting and Adversarial Emulation platforms, with additional commentary from John Strand. The group will discuss Roberto Rodriguez (@Cyb3rWard0g) and Nate Guagenti’s (@neu5ron) development and maintenance of the HELK project while focusing on the ongoing development of Mordor, Datasets, and Azure Resource Manager templates. Joining the world-class hunters is Marcello Salvati (Byt3bl33d3r), developer of CrackMapExec and SILENTTRINITY to continue the discussion of OSS adversarial simulation. John Strand will add commentary on the history of adversarial simulation, hunting, and where the industry may be headed. Webcast Hosts: * Jordan Drysdale @rev10d * Kent Ickler @krelkci Special Guests: * Roberto Rodriguez @cyb3rward0g * Nate Guagenti @neu5ron * Marcello Salvatti @byt3bl33d3r * John Strand @strandjs Join the BHIS Community Discord https://discord.gg/aHHh3u5 Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_WhenWorldsCollide.pdf 00:00:00 – PreShow Banter™ — We’ve Lost Control 00:10:47 – FEATURE PRESENTATION: When Worlds Collide 00:14:26 – Threat Intelligence Sharing 00:25:57 – Won’t Stop Can’t Stop 00:32:06 – A Tired Community 00:38:54 – Re-Investing Open Source Projects (00:00) - PreShow Banter™ — We've Lost Control (09:40) - FEATURE PRESENTATION: When Worlds Collide (13:13) - Threat Intelligence Sharing (24:03) - Won't Stop Can't Stop (29:38) - A Tired Community (35:59) - Re-Investing Open Source Projects (42:08) - Open Threat Research (47:18) - Understand Adversary Tradecraft (49:04) - Mordor Labs (01:05:43) - Mordor Datasets (01:08:17) - HELK (01:14:14) - Threat Hunter Playbook (01:30:42) - PostShow Banter

John Strand // Ok, that was a bit of a dramatic title. But, it works. In this Black Hills Information Security (BHIS) webcast, John covers the tips and tricks on how to effectively present technical topics to large and small groups. This presentation includes, but is not limited to: crotch sniffing dogs, heart attacks, how to effectively deal with chafing, don’t drink the water, choosing the right shoes, presenting to management, seriously, chafing is a problem, chickens, getting over impostor syndrome, becoming a PowerPoint ninja, every piece of presenting advice you have ever heard is wrong, using your podium as a weapon, shutting down trolls and tips for presenting in the dark, with no heat/AC and very little water… to over 100 people, and keeping them all happy. BHIS Discord Community https://discord.gg/aHHh3u5 Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_HowToPresent.pdf 00:00:00 – PreShow Banter™ — War Stories 00:12:33 – PreShow Banter™ — WWHF 09-2020 Preview 00:15:52 – FEATURE PRESENTATION: How To Present 00:26:25 – Lessons! 00:43:42 – Don’t Drink the Water 00:46:34 – Imposter 00:59:02 – Keynote Presentations 01:07:30 – Projections 01:17:32 – The Boss Level 01:20:15 – Conversations That Matter 01:26:54 – End of Show Questions

Have you ever installed a Python tool / library only to then find out other Python based tools you’ve installed previously are now completely broken? Running Kali? Ever try installing a Python tool with apt-get and another with pip? (00:00) - PreShow Banter™ – Jokes Not Safe For Work (11:31) - PreShow Banter™ – SponsorWare for GitHub (20:13) - Feature Presentation: Pretty Little Python Secrets (25:19) - 1st Circle of Hell: Managing Python Versions (30:58) - 2nd Circle of Hell: Python Dependencies (33:25) - Installing Python Tools/Libraries (39:18) - Isolate, Isolate, Isolate (46:29) - Pipx – The Easy Button (51:15) - Making Python Apps Semi-Portable (53:09) - ZipApps! (01:03:32) - Shiv! (01:11:26) - If all else fails.. Docker ! (01:17:12) - Conclusion