Check out this interview I did with @tjlaher for Cloudera on #cybercrime #hackers #Anonymous #CFAA #ITbootcamps #pizzabombing & more!
Vince in the Bay
VITB 4 LYFE
Category Archives: Cyber Security
PODCAST: Physical Pen-testing with Jek Hyde
Guest Jek Hyde of Sincerely Security with prosthetic “baby bump.”
My guest this episode is “Jek” a social engineer/pen-tester who recently live tweeted a real world penetration test in which her team successfully breached a client’s corporate offices and networks. We talk about how she got into social engineering and information security. It was fun to learn about her experiences and pick up a few tips and tricks as I prepare for the Social Engineering Capture The Flag competition at DEFCON next week!
BrightTALK webinar: Google Docs Phishing Scam
ICYMI: I moderated a BrightTALK webinar on the recent Google Docs phishing attack.
Join BrightTALK and check out this informative panel discussion featuring myself along with panelists Nathan Wenzler and Kowsik Guruswamy.
A massive phishing campaign targeting Google accounts ripped through the internet on a Wednesday afternoon in early May. Phishing scams are pretty common. What sets this scam apart is that it is more convincing than most. The email takes users who click on the file to a legitimate Google sign-in screen to grant permissions. If you received the email or are concerned you might be targeted next, join this interactive Q&A panel to get the facts and protect your account and your organization.
We discuss:
– What is the Google Docs email scam?
– How is this scam different from other phishing scams?
– What’s the deal with Eugene Pupov?
– Who’s at risk and how can you avoid being a victim?
– What can we expect in the future?
Moderator:
– Vince Tocce, Vince in the Bay Podcast
Speakers:
– Nathan Wenzler, Chief Security Strategist at AsTech Consulting
– Kowsik Guruswamy, CTO for Menlo Security
PODCAST: RSA Conference 2017
Another year, another wave of security incidents and threat models to keep the cybersecurity industry busy. So there was plenty to discuss and share as the InfoSec community flocked to San Francisco for the annual RSA Conference last month.
A view from the escalator as I descend into the bowels of RSAC 2017.
As always, the latest trends in the industry were addressed. Large data breaches, quickly growing threat models, security education, political hacking, and the risks posed by the Internet of Things were common threads throughout many of the keynotes, sessions, workshops, expos, and general chatter among attendees.
RSAC has more of a trade show feel compared to other security conferences so I’ve learned over the years that it’s best to approach the conference as an opportunity to meet and network with industry experts. This year I spent less time attending the talks and more time meeting with the players in the industry who are there to make deals and form partnerships.
However, I did catch several enlightening talks and panel discussions featuring the likes of ex-CIA operative Valerie Plame, security guru Bruce Schneier, researcher Rob Graham, people-security expert Masha Sedova, and security consultant Jeff Carr. Also enjoyed the entertaining keynotes by Late Night host Seth Meyers and astrophysicist Neil deGrasse Tyson.
CHECK OUT ROB GRAHAM’S TALK ON MIRAI AND IoT BOTNETS HERE!
Throughout the week I was lucky to catch up with several industry professionals representing some of the top tier firms in the cybersecurity sector who shared their take on the challenges and trends facing cybersecurity firms, their clients, and end users.
This episode of the podcast features interviews collected at RSAC 2017.
BIG THANKS TO THE GUESTS ON THIS EPISODE!!
Dave Lewis
Donald Meyer
Donald Meyer – Check Point Software
Dario Forte
-
- Sebastian Bortnik
-
- Alex Horan
-
- Selena Proctor
Sebastian, Alex and Selena – Onapsis
Scott Bollinger
Scott Bollinger – Security Researcher
Jeffrey Carr
DOWNLOAD FULL PODCAST MP3
SUBSCRIBE on iTunes, GooglePlay, Stitcher, and Soundcloud!!
CNN’s “Mostly Human” Series Premier with VITB!
Look who’s in an episode of the new CNNgo series Mostly Human with Laurie Segall!
Here’s a link to the video:
http://www.cnn.com/videos/cnnmoney/2017/03/08/mostly-human-hacker-down.cnnmoney/video/playlists/atv-mostly-human/
BrightTALK webinar on Cloudbleed
Last week I moderated a BrightTALK webinar on the infamous “Cloudbleed” bug.
Join BrightTALK and check out this informative panel discussion I moderated titled “CloudBleed: The Good, The Bad, and The Ugly for Users, Companies and Society.” Featuring myself along with panelists Kaushik Narayan (Skyhigh Networks), Lori MacVittie (F5 Networks), Bojan Simic (HYPR Corp), and Tom Gorup (Rook Security).
Next Wed at 10 am PDT/ 1pm EDT (March 22, 2017) I will be moderating a BrightTALK webinar on the recent “Vault 7” CIA document leaks titled WikiLeaks Vault 7: Facts, Fiction & Implications with distinguished panelists Jake Kouns, (Risk Based Security), Kenesa Ahmad (WISP) and more to be announced.
PODCAST: Twitter, Snowden and Privacy
This episode breaks down last week’s online Q & A between Twitter CEO Jack Dorsey and infamous NSA whistle blower Edward Snowden on Periscope. The event, promoted by the organizers of the campaign Pardon Snowden, featured a lengthy discussion on privacy and the role of social media in sharing user data with law enforcement and intelligence agencies.
Jacob Young – who submitted a question to Snowden and had it answered, sorta.
The event also included questions from Twitter users. Jacob Young, a software engineer and privacy advocate, was one of the lucky users who submitted a question and had it answered by Snowden during the event. Jacob joins the podcast to give his reaction to Snowden’s answer to his question and also shares his thoughts on mass surveillance, privacy and more.
If you are curious about the Snowden Q&A in question and want to view the event in it’s entirety, here’s a link to the Periscope video: https://www.periscope.tv/w/1vOxwgnXeYLxB
subscribe to podcast on
PODCAST MP3 DIRECT DOWNLOAD
PODCAST: DEFCON 24
This episode is dedicated to my experience attending the infamous hacker conference known as DEFCON in Las Vegas. DEFCON 24 flew by way too fast, but I managed to interview several attendees.
Jake Kouns CISO of Risk Based Security speaks about attribution.
Lorenzo Franceschi-Bicchierai of Motherboard talked about the DNC hack.
MGT CTO Eijah talks about Demon Saw and working with John McAfee.
John McAfee (recently named CEO of MGT) discusses his new cyber security firm.
Rachel Tobac takes 2nd place in Social Engineering Capture the Flag competition.
DEFCON luminary Ryan “1o57” Clarke (pronounced “Lost”) spoke with me about the badge challenge which he helms each year. In the video above 1o57 shows off one of the custom made “Uber Badges” awarded to winners of several contests at DEFCON 24.
My DEFCON 24 badge, which I was convinced was emitting a RF signal. Possibly communicating with our benevolent robot overlords? Alas, no RF detected.
SUBSCRIBE TO VITB PODCAST
iTunes, Google Play, Stitcher, Soundcloud.
DIRECT DOWNLOADS
DEFCON 24: Jake Kouns
“Cyber. Who Done It? Attribution Analysis Through Arrest History.”
Jake Kouns CISO of Risk Based Security speaks with Vince at DEFCON 24 in Las Vegas prior to his talk “Cyber. Who Done It?! Attribution Analysis Through Arrest History.” He uses research and analysis of arrest data to profile cyber criminals. Jake discusses attribution in cyber crimes and cyber espionage, the Sony Pictures hack, North Korea, DNC leaks, Crowdstrike, his Attribution Bingo Card and more.
Jake’s DEFCON talk was fun and rapid fire. He delved into his project with partner Lee Johnstone called Arrest Tracker which is a database used to profile cyber crime. Jake had 140 slides and he kept the pace quick. He did give ample props to Threat Butt and other online critics/satirists who represent the disenfranchised and attribution skeptics within the online security industry.
SLIDES FROM JAKE’S PRESENTATION (ALL 140 OF THEM)
<LISTEN AND SUBSCRIBE ON SOUNDCLOUD>
DIRECT MP3 DOWNLOAD
DEFCON 24: John McAfee
John McAfee speaks with Vince in Las Vegas at DEFCON before McAfee and his CTO Eijah were set to host a YUGE party thrown by new security firm MGT and demonsaw.
John discusses his new role as CEO and Chairman at $MGT, new technology “Sentinel” acquired by MGT, establishing new paradigm in security industry, attribution in wake of DNC leaks, OPM breech, hacking in age of IoT, coordinated cyber attacks, and more!
ON SOUNDCLOUD:
DIRECT DOWNLOAD OF MP3
Special thanks to Tiffany and Janice! 🙂
Vince in the Bay 