DiscoverHurricane Labs InfoSec Podcast
Claim Ownership
Hurricane Labs InfoSec Podcast
Author: Hurricane Labs
Subscribed: 50Played: 196Subscribe
Share
© Copyright 2015 . All rights reserved.
Description
The Hurricane Labs InfoSec Podcast features the clashing of swords and witty banter about the latest security topics. Listen in as we discuss headlines, hacks, tech tips, Splunk stuff, and more!
55 Episodes
Reverse
In today's podcast, we talk about the Cyber Safety Review Board and their report on Log4j.
Also, make sure to check out some of the articles and resources mentioned during this episode:
DHS Launches First-Ever Cyber Safety Review Board via Homeland Security
Pentest Stories: Responsible vulnerability disclosure via Heather Terry & Dennis Goodlett
How to Write a Vulnerability Management Policy by Roxy, Hurricane Labs Director of Compliance
Keep an eye out for our upcoming blog posts about vulnerability management too!
Click here for our podcast episode transcript.
Heather meets with Tom Kopchak to discuss strategies for organizations should utilize when creating cybersecurity training programs.
In case you missed it, check out the first part of our Teaching and Learning Cybersecurity podcast series. Also, tune in to our related podcast: Addressing the Cybersecurity Skills Gap featuring Heather Terry, Tom Kopchak, Roxy, and Dusty Miller!
Click here for our podcast episode transcript.
Heather meets with Tom Kopchak to reflect on his recent experiences teaching cybersecurity and on what skills are needed to help bridge the cybersecurity skills gap.
Also, make sure to check out some of our related posts and podcasts:
Addressing the Cybersecurity Skills Gap podcast featuring Heather Terry, Tom Kopchak, Roxy, and Dusty Miller
Tom's Tips for Infosec Professionals blog post via Tom Kopchak
A Guide to Success: 9 Career Tips for Infosec Newbies blog post via Kelsey Clark
5 Student Networking Strategies for Security Conferences blog post via Kelsey Clark
Click here for our podcast episode transcript.
The Hurricane Labs team shares a few stories about their experiences with social engineering–and ways we can become more resilient to this type of attack.
Also, make sure to check out some of the articles and resources mentioned during this episode:
Verizon 2021 Data Breach Investigations Report
Influence: The Psychology of Persuasion
RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis
(Coming May 2!) Blog: How to reduce your organization’s vulnerability to social engineering
Click here for our podcast episode transcript.
Two of Hurricane Labs' team members red teamed for the NECCDC in March. They share insight to some of the strategies they used in their role as attackers.
Also, make sure to check out some of the articles and resources mentioned during this episode:
Northeast Regional of the Collegiate Cyber Defense Competition (NECCDC)
NECCDC Red Team Review
NECCDL / NECCDC Twitter
Click here for our podcast episode transcript.
In this follow-up podcast, Heather chats with Hurricane Labs’ Director of Security Operations about further security implications of the Russia-Ukraine conflict.
Also, make sure to check out some of the articles and resources mentioned during this episode:
SOC Talk: The Russia-Ukraine Crisis, Part 1
Statement by President Biden on our Nation's Cybersecurity (Full)
Act Now to Protect Against Potential Cyberattacks – Security hardening recommendations via the Biden-Harris Administration
President Signs New Executive Order Chartering Course New Course to Improve the Nation's Cybersecurity and Protect Federal Government Networks
Backdoors & Breaches via Black Hills Information Security
Russia Cyber Threat Overview and Advisories via CISA
How to Run a Security Tabletop Scenario via Hurricane Labs
Need help with your security? Contact us!
Click here for our podcast episode transcript.
In today's podcast, our team discusses the value of VPNs–and a home firewall VPN project one of our analysts has set up.
Click here for our podcast episode transcript.
In this podcast, Heather chats with two members of the Hurricane Labs SOC team about distributed denial of service (DDoS) attacks as well as how to identify, prevent, and mitigate these attacks.
Also, make sure to check out some of the articles and resources mentioned during this episode:
IT-ISAC
GreyNoise
Hurricane Labs Security Services
Have questions for us? Get in touch with our team here!
Click here for our podcast episode transcript.
In this special release podcast, Hurricane Labs' Director of Security Operations and our Director of Splunk Operations discuss the security implications of the Russia-Ukraine conflict.
Also, make sure to check out some of the articles and resources mentioned during this episode:
CISA Alert (AA22-047A)
Second Wiper Attack Strikes Systems in Ukraine and Two Neighboring Countries via Kim Zetter, Substack
Ukraine: Disk-wiping Attacks Precede Russian Invasion via Symantec Enterprise Blogs
Click here for our podcast episode transcript.
In this podcast, Heather chats with the Hurricane Labs' SOC team about their favorite OSINT tools.
Also, make sure to check out some of the articles and resources mentioned during this episode:
Atomic Red Team
Bitwarden
CyberChef
CyberChef for Splunk
DNSdumpster
Emailrep.io
Machinae
Ninoseki
Privacy Tools
Spiderfoot
Splunk Attack Range
Click here for our podcast episode transcript.
In this podcast, Heather and Roxy talk about the malware-laced USB devices being mailed to companies recently–and how you can stay safe.
Also, make sure to check out some of the articles and resources mentioned during this episode:
CISA: Using Caution with USB Drives
FBI warns cybercriminals have tried to hack US firms by mailing malicious USB drives
Ransomware warning: Cyber criminals are mailing out USB drives that install malware
Click here for our podcast episode transcript.
In part two of this series, Heather chats with some of Hurricane Labs' security analysts about the Log4Shell vulnerability.
Also, make sure to check out some of the articles and resources mentioned during this episode:
Log4j: Letting the JNDI out of the bottle blog post by Tony Robinson
6 Practical Fraud Prevention Tips blog post by Roxy
FTC warns companies to remediate Log4j security vulnerability blog post via the FTC
FTC Warns Companies: Patch Log4j ASAP or Suffer Our Wrath blog post via Gizmodo
Click here for our podcast episode transcript.
In part one of this two-part series, Heather chats with two of Hurricane Labs' pentesters about the Log4Shell vulnerability.
Also, make sure to check out some of the articles and resources mentioned during this episode:
Log4Shell Everywhere
Log4Shell Detection with ZAP
Two Nmap NSE scripts:
NSE Log4Shell
Other NSE
Hurricane Labs' SOC Talk: IoT and Security Podcast
OWASP ZAP – The Eval Villain Add-on Blog Post
Making Easy DOM XSS Actually Easy with Eval Villain
Hurricane Labs Penetration Testing Services
Click here for our podcast episode transcript.
In this podcast, Heather chats with Tom, Meredith, and Roxy about ways to harden your wireless security.
Also, make sure to check out our related blog post: 6 Tips for Wireless Security.
Click here for our podcast episode transcript!
In this podcast, Heather chats with Tony, Kurt, and Josh about the Log4Shell vulnerability.
Also, make sure to check out some of the articles and resources mentioned during this episode:
Actual CVE-2021-44228 payloads captured in the wild
Log4j – Apache Log4j Security Vulnerabilities
Log4Shell Hell: anatomy of an exploit outbreak
Splunk Security Advisory for Apache Log4j (CVE-2021-44228)
Trending Internet Scanning on Apache Log4j Vulnerability
Click here for our podcast episode transcript.
In today's podcast, Heather chats with Tom and Meredith about CISA's bad practices list and single-factor authentication.
Click here for our podcast episode transcript.
In this podcast, Heather chats with Dennis, one of Hurricane Labs' pentesters, about how to avoid vulnerabilities ads inject into websites.
Click here for our podcast episode transcript.
In today's podcast, Heather chats with Tom and Meredith about mitigating risks to your physical security.
Click here for our podcast episode transcript.
In today's podcast, Heather chats with Hurricane Labs pentester Meredith about what the infosec community thinks of Apple's recent 0day disclosure troubles.
Also, make sure to check out some of the articles mentioned during this episode:
About the security content of iOS 12.5.5
Apple Releases Security Updates
Pentest Stories: Responsible vulnerability disclosure
Click here for our podcast episode transcript.
In the third and final part this series, the Hurricane Labs team talks about diversity in infosec–and how companies can support inclusivity within their organization.
Click here for our podcast episode transcript.