Social Engineering | Vince in the Bay

This episode’s guest is Jessy Irwin, Head of Security at Tendermint. We spoke at RSAC 2018 in San Francisco where she presented Cracking the Security Communications Code: Talk about Security without FUD. She also did a talk at OURSA entitled Defense in Depth: Building An Old Lady Gang. Check out Jessy’s website!

DIRECT DOWNLOAD OF PODCAST MP3 FILE

Subscribe on iTunes, GooglePlay and Stitcher!

Tagged Cyber Security, hacking, Information Security, Jessy Irwin, Old Lady Gangs, OURSA, podcast, RSA Conference 2018, RSAC18, security, Tendermint

May 10 2018

Leave a comment

Cyber Security, hacking, infosec, OSINT, pen-testing, RSA Conference, SECTF, Social Engineering, vishing

PODCAST: RSAC 2018 – Joe Gray

Guest Joe Gray

My guest this episode is social engineering guru Joe Gray. Joe is a Senior Security Architect at IBM and has his own blog and podcast called Advanced Persistent Security. Joe presented a talk at RSA this year with friend of the show Rachel Tobac on social engineering and OSINT which I posted the full audio of here. Joe spoke with me about Social Engineering, OSINT, vishing, SECTFs, password inspections and more!

DIRECT DOWNLOAD OF PODCAST MP3 FILE

Subscribe on iTunes, GooglePlay and Stitcher!!

Tagged ADVANCED PERSISTENT SECURITY, Cyber, Cyber Security, cybersecurity, hacking, Information Security, infosec, Internet, Joe Gray, OSINT, pen-testing, podcast, RSA Conference 2018, SECTF, security, Security Research, Social Engineering, tech, technology, vishing

Apr 29 2018

Leave a comment

Cyber Security, infosec, Internet Of Things, Privacy, RSA Conference, Social Engineering, technology

PODCAST: RSAC 2018 – Mark Nunnikhoven

Guest Mark Nunnikhoven

Mark is Vice President of Cloud Research at Trend Micro. He joined me at RSAC 2018 to discuss developing new email security gateway tools, operational technology in IoT, the new Cybersecurity Tech Accord, information security buzzwords and more!

DIRECT DOWNLOAD OF PODCAST MP3 FILE

Subscribe on iTunes, GooglePlay and Stitcher!!

Tagged computers, Cyber Security, Cybersecurity Tech Accord, hacking, Internet, Internet Of Things, IoT, Mark Nunnikoven, operational technology, Phishing, podcast, security, technology, The Cyber, Trend Micro, VITB, Writing Style DNA

Apr 20 2018

1 Comment

infosec, OSINT, pen-testing, RSA Conference, SECTF, Social Engineering, social media, vishing

RSAC 2018 – Rachel Tobac & Joe Gray

Compromising a Fortune 500 Business without Hacking a Thing!

Rachel Tobac and Joe Gray present at RSAC2018!!

A simulated compromise of a Fortune 500 company as part of a social engineering competition will lead to discussion about how data was collected using open source intelligence (OSINT) beyond that of social media and tools. It will identify places to find data, providing insight for more valuable data sources. This will include a demo of OSINT techniques, phishing and a pretexting discussion.

Learning Objectives:
1: Learn how to defend against social engineering.
2: Understand the relative ease in collecting open source intelligence (OSINT).
3: Learn more about the tools and techniques used in social engineering.

CLICK HERE FOR THE SLIDES FROM PRESENTATION

CLICK HERE TO DOWNLOAD MP3 FILE

Tagged hacking, Information Security, Internet, Joe Gray, OSINT, podcast, Rachel Tobac, RSA Conference 2018, security, Social Engineering, tech, technology

Mar 04 2018

Leave a comment

Cyber Security, DefCon, DEFCON 25, hacking, infosec, Instagram, OSINT, pen-testing, SECTF, Social Engineering, technology, vishing

PODCAST: Rachel Tobac

Guest – Rachel Tobac

Rachel is co-founder and CEO of Social Proof Security and Chair of the Board of Women In Security and Privacy.

Rachel discusses (and demonstrates) the art of “vishing” and social engineering. She placed 2^nd twice in the Social Engineering Capture the Flag competition at DEFCON 24 and DEFCON 25 and has become a popular speaker and advocate for personal and organizational safety through social engineering awareness.

Subscribe via iTunes, GooglePlay and/or Stitcher!

DIRECT DOWNLOAD MP3 OF PODCAST

Tagged business, computers, Cyber Security, DefCon, DEFCON 25, hacking, Information Security, infosec, Instagram, Internet, podcast, Privacy, Rachel Tobac, SECTF, security, SEVilliage, Social Engineering, tech, technology, vishing

Jul 20 2017

Leave a comment

crime, cyber crime, cyber espionage, Cyber Security, DefCon, DEFCON 25, Espionage, Hackers, hacking, infosec, pen-testing, Social Engineering, surveillance, technology, vishing

PODCAST: Physical Pen-testing with Jek Hyde

Guest Jek Hyde of Sincerely Security with prosthetic “baby bump.”

My guest this episode is “Jek” a social engineer/pen-tester who recently live tweeted a real world penetration test in which her team successfully breached a client’s corporate offices and networks. We talk about how she got into social engineering and information security. It was fun to learn about her experiences and pick up a few tips and tricks as I prepare for the Social Engineering Capture The Flag competition at DEFCON next week!

Tagged business, computers, corporate espionage, cybersecurity, DefCon, DEFCON 25, hacking, Information Security, infosec, Internet, pen-testing, Privacy, security, Security Research, Social Engineering, social media, tech, technology, Twitter, vishing

Dec 22 2016

Leave a comment

#JavaScript, cyber crime, cyber espionage, Cyber Security, Edward Snowden, infosec, News, NSA, Periscope, Politics, PSYOP, Social Engineering, social media, Talk Radio, technology, Twitter

PODCAST: Twitter, Snowden and Privacy

This episode breaks down last week’s online Q & A between Twitter CEO Jack Dorsey and infamous NSA whistle blower Edward Snowden on Periscope. The event, promoted by the organizers of the campaign Pardon Snowden, featured a lengthy discussion on privacy and the role of social media in sharing user data with law enforcement and intelligence agencies.

Jacob Young – who submitted a question to Snowden and had it answered, sorta.

The event also included questions from Twitter users. Jacob Young, a software engineer and privacy advocate, was one of the lucky users who submitted a question and had it answered by Snowden during the event. Jacob joins the podcast to give his reaction to Snowden’s answer to his question and also shares his thoughts on mass surveillance, privacy and more.

If you are curious about the Snowden Q&A in question and want to view the event in it’s entirety, here’s a link to the Periscope video: https://www.periscope.tv/w/1vOxwgnXeYLxB

subscribe to podcast on

PODCAST MP3 DIRECT DOWNLOAD

Tagged Edward Snowden, infosec, Jack Dorsey, Mass Surveillance, NSA, Periscope, Privacy, Russia, technology, Twitter

Sep 29 2016

Leave a comment

Attribution, Cyber Security, DefCon, DNC email leak, Hackers, infosec, MGT, Social Engineering, technology

PODCAST: DEFCON 24

This episode is dedicated to my experience attending the infamous hacker conference known as DEFCON in Las Vegas. DEFCON 24 flew by way too fast, but I managed to interview several attendees.

Jake Kouns CISO of Risk Based Security speaks about attribution.

Lorenzo Franceschi-Bicchierai of Motherboard talked about the DNC hack.

MGT CTO Eijah talks about Demon Saw and working with John McAfee.

John McAfee (recently named CEO of MGT) discusses his new cyber security firm.

Rachel Tobac takes 2nd place in Social Engineering Capture the Flag competition.

DEFCON luminary Ryan “1o57” Clarke (pronounced “Lost”) spoke with me about the badge challenge which he helms each year. In the video above 1o57 shows off one of the custom made “Uber Badges” awarded to winners of several contests at DEFCON 24.