Category Archives: RSA Conference

PODCAST: RSAC 2018 – Joe Gray

Joe-Gray

Guest Joe Gray

My guest this episode is social engineering guru Joe Gray. Joe is a Senior Security Architect at IBM and has his own blog and podcast called Advanced Persistent Security. Joe presented a talk at RSA this year with friend of the show Rachel Tobac on social engineering and OSINT which I posted the full audio of here. Joe spoke with me about Social Engineering, OSINT, vishing, SECTFs, password inspections and more!

DbKQ-n_U8AA4xcm

DIRECT DOWNLOAD OF PODCAST MP3 FILE

Subscribe on iTunes, GooglePlay and Stitcher!!

 

Tagged , , , , , , , , , , , , , , , , , , ,

PODCAST: RSAC 2018 – Katie Moussouris

Katie-M-RSAC2018

Guest Katie Moussouris

Katie is the founder and CEO of Luta Security. She presented a talk on bug bounties, penetration testing and vulnerability disclosure entitled “Bug Bounty Buzzword Bingo—Deep Dive under a Jumped Shark” at the RSA Conference last week in San Francisco. Check out her slides here.

After her talk she spoke with me about the evolution of bug bounty programs, her work in developing ISO standards for vulnerability disclosure, her path to a career in information security and much more.

This episode is the 1st in a series dedicated to RSA Conference 2018. Stay tuned for more!

DIRECT DOWNLOAD OF PODCAST MP3 FILE

Subscribe on iTunes, GooglePlay and Stitcher!!

 

Tagged , , , , , , , , , , , , ,

RSAC 2018 – Rachel Tobac & Joe Gray

Compromising a Fortune 500 Business without Hacking a Thing!

Rachel Tobac and Joe Gray present at RSAC2018!!

A simulated compromise of a Fortune 500 company as part of a social engineering competition will lead to discussion about how data was collected using open source intelligence (OSINT) beyond that of social media and tools. It will identify places to find data, providing insight for more valuable data sources. This will include a demo of OSINT techniques, phishing and a pretexting discussion.

Learning Objectives:
1: Learn how to defend against social engineering.
2: Understand the relative ease in collecting open source intelligence (OSINT).
3: Learn more about the tools and techniques used in social engineering.

CLICK HERE FOR THE SLIDES FROM PRESENTATION

CLICK HERE TO DOWNLOAD MP3 FILE

Tagged , , , , , , , , , , ,

PODCAST: RSA Conference 2017

RSAC2017-Banner

LISTEN TO FULL PODCAST

Another year, another wave of security incidents and threat models to keep the cybersecurity industry busy. So there was plenty to discuss and share as the InfoSec community flocked to San Francisco for the annual RSA Conference last month.

RSAC2017-escalator1

A view from the escalator as I descend into the bowels of RSAC 2017.

As always, the latest trends in the industry were addressed. Large data breaches, quickly growing threat models, security education, political hacking, and the risks posed by the Internet of Things were common threads throughout many of the keynotes, sessions, workshops, expos, and general chatter among attendees.

RSAC has more of a trade show feel compared to other security conferences so I’ve learned over the years that it’s best to approach the conference as an opportunity to meet and network with industry experts. This year I spent less time attending the talks and more time meeting with the players in the industry who are there to make deals and form partnerships.

However, I did catch several enlightening talks and panel discussions featuring the likes of ex-CIA operative Valerie Plame, security guru Bruce Schneier, researcher Rob Graham, people-security expert Masha Sedova, and security consultant Jeff Carr. Also enjoyed the entertaining keynotes by Late Night host Seth Meyers and astrophysicist Neil deGrasse Tyson.

This slideshow requires JavaScript.

CHECK OUT ROB GRAHAM’S TALK ON MIRAI AND IoT BOTNETS HERE!

Throughout the week I was lucky to catch up with several industry professionals representing some of the top tier firms in the cybersecurity sector who shared their take on the challenges and trends facing cybersecurity firms, their clients, and end users.

This episode of the podcast features interviews collected at RSAC 2017.

BIG THANKS TO THE GUESTS ON THIS EPISODE!!

Dave-Lewis-Akamai

Dave Lewis

Dave Lewis – Akamai

rob-graham

Rob Graham – Errata Security

Donald-Meyer

Donald Meyer

Donald Meyer – Check Point Software

Dario

Dario Forte

Dario Forte – DFLabs

Sebastian, Alex and SelenaOnapsis

Scott-Bollinger

Scott Bollinger

Scott Bollinger – Security Researcher

Jeff-Carr

Jeffrey Carr

Jeffrey Carr – 20K League

DOWNLOAD FULL PODCAST MP3

SUBSCRIBE on iTunes, GooglePlay, Stitcher, and Soundcloud!!

1-logo-itunesgoogleplay-logostitcher-logo

Follow on Twitter!

RSAC 2017: Rob Graham on Mirai and IoT Botnets

UPDATED WITH SLIDES (03/15/17)

rob-graham

“Mirai and IoT Botnet Analysis” MP3 AUDIO FILE

RSAC2017-Mirai-OPENINGSLIDE

“Mirai and IoT Botnet Analysis” SLIDES – PDF FILE

At this year’s RSA security conference in San Francisco, researcher Rob Graham gave a presentation entitled “Mirai and IoT Botnet Analysis.” His talk examined the infamous “Mirai” Internet of Things botnet and shared details on how it operates. Graham also covered technical aspects of the cameras it infects and detailed his own experimentation with Mirai in the wild. He went on to discuss last year’s massive DDoS attacks on DNS provider Dyn, which involved variations of the Mirai IoT botnet.

No official AV video recording of this talk, but the audio and RSAC slides are all you need.

Enjoy!

Also, check out Rob’s blog!

-Vince

Follow me on Twitter!

Tagged , , , , , , , , , , ,
%d bloggers like this: