BrakeSec Education Podcast

Secure Python course:  https://brakesec.com/brakesecpythonclass  PDF Slides: https://drive.google.com/file/d/1wmxrfgbaHu56kfccLoOd5M3Zz6bNP6Qi/view?usp=sharing    GraphQL High Level https://graphql.org/ Designed to replace REST Arch Allow you to make a large request, uses a query language Released by FB in 2012 JSON    Learn Enough to be dangerous https://blog.bitsrc.io/13-graphql-tools-and-libraries-you-should-know-in-2019-e4b9005f6fc2   WSDL: https://www.w3.org/TR/2001/NOTE-wsdl-20010315   Vulns in the Wild   Abusing GraphQL    OWASP Deserialization Cheat Sheet - https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html   Attack Techniques https://www.apollographql.com/docs/apollo-server/data/data/ https://github.com/graphql/graphiql   Protecting GraphQL   https://github.com/maticzav/graphql-shield   Magento 2 (runs GraphQL), hard to update…   https://github.com/szski/shapeshifter - Matt’s tool on Shapeshifter   GraphQL implementations inside (ecosystem packages?)   Infosec Campout 2020 occurring (28-29 Aug 2020, Carnation, WA) Patreon supporters  (Josh P and David G) Teepub: https://www.teepublic.com/user/bdspodcast   For Amanda next: https://www.cybercareersummit.com/ & keynote @grrcon oct 24/25   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

Derbycon Discussion (bring Matt in)   Python course:  https://brakesec.com/brakesecpythonclass  PDF Slides: https://drive.google.com/file/d/1wmxrfgbaHu56kfccLoOd5M3Zz6bNP6Qi/view?usp=sharing    GraphQL High Level https://graphql.org/ Designed to replace REST Arch Allow you to make a large request, uses a query language Released by FB in 2012 JSON    Learn Enough to be dangerous https://blog.bitsrc.io/13-graphql-tools-and-libraries-you-should-know-in-2019-e4b9005f6fc2   WSDL: https://www.w3.org/TR/2001/NOTE-wsdl-20010315   Vulns in the Wild   Abusing GraphQL    OWASP Deserialization Cheat Sheet - https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html Attack Techniques https://www.apollographql.com/docs/apollo-server/data/data/ https://github.com/graphql/graphiql Protecting GraphQL   https://github.com/maticzav/graphql-shield   Magento 2 (runs GraphQL), hard to update…   https://github.com/szski/shapeshifter - Matt’s tool on Shapeshifter   GraphQL implementations inside (ecosystem packages?)   Infosec Campout 2020 occurring (28-29 Aug 2020, Carnation, WA) Patreon supporters  (Josh P and David G) Teepub: https://www.teepublic.com/user/bdspodcast   For Amanda next: https://www.cybercareersummit.com/ & keynote @grrcon oct 24/25   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

Podcast Interview (Youtube): https://youtu.be/4tdJwBMh3ow Tracy Maleeff (pronounced like may-leaf) - https://twitter.com/InfoSecSherpa https://medium.com/@InfoSecSherpa https://nuzzel.com/InfoSecSherpa      Python secure coding class - November 2nd / 5 Saturdays @nxvl Teaching https://www.eventbrite.com/e/secure-python-coding-with-nicolas-valcarcel-registration-72804597511     Derbycon Talk: https://www.youtube.com/watch?v=KILlp4KMIPA    Plugs: Nuzzel newsletter: https://nuzzel.com/infosecsherpa OSINT-y Goodness blog: https://medium.com/@infosecsherpa    Tomato pie:  https://www.eater.com/2016/8/19/12525602/tomato-pie-philadelphia-new-jersey   Infosec is a service industry job (gasp!)   Customer service is an attitude, not department   Reference Interview:https://en.wikipedia.org/wiki/Reference_interview Approachability     Does your org make it easy to contact you?     What is your tone of writing?    What does your outgoing communication look like?     Reign in your attitude, language, etc…   “I am using an online translator” (great idea!) What is your department’s reputation?     Create an assessment of your department…   “I didn’t know there was humans in security?” --         Interest     Be interested in solving the problem.     Make interaction a ‘safe space’         No judging, mocking     LOL, “EE Cummings”         https://poets.org/poem/amores-i Listening     Pay attention to what the end user doesn’t say.     Don’t interrupt the end user         Interviewing     Repeat back what the user said or asked     Tone: Ask clarification questions, not accusatory questions     Searching     Did security fail the user? Answering     Teachable moments         Building trust/relationship equity         “While you’re on the phone…”     “Thank you for your time” Follow-Up     Think of ways to create a culture of security     Create canned emails     Random acts of kindness         cyberCupcakes!!!! Or potentially small value gift cards(?)     Kindness as currency         Christmas cookies              Spreading goodwill         building relationship equity             Reciprocity          Lunch and learns   People can’t be educated into vaccinations, but behaviorial nudges help     “Telling people facts won’t change behavior”         Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

  Topics:Infosec Campout report   Jay Beale (co-lead for audit) *Bust-a-Kube*   Aaron Small (product mgr at GKE/Google)   Atreides Partners Trail of Bits   What was the Audit?  How did it come about?    Who were the players?     Kubernetes Working Group         Aaron, Craig, Jay, Joel     Outside vendors:         Atredis: Josh, Nathan Keltner         Trail of Bits: Stefan Edwards, Bobby Tonic , Dominik     Kubernetes Project Leads/Devs         Interviewed devs -- this was much of the info that went into the threat model         Rapid Risk Assessments - let’s put the GitHub repository in the show notes     What did it produce?     Vuln Report     Threat Model - https://github.com/kubernetes/community/blob/master/wg-security-audit/findings/Kubernetes%20Threat%20Model.pdf     White Papers     https://github.com/kubernetes/community/tree/master/wg-security-audit/findings       Discuss the results:         Threat model findings             Controls silently fail, leading to a false sense of security                 Pod Security Policies, Egress Network Rules             Audit model isn’t strong enough for non-repudiation                 By default, API server doesn’t log user movements through system             TLS Encryption weaknesses                 Most components accept cleartext HTTP                 Boot strapping to add Kubelets is particularly weak                        Multiple components do not check certificates and/or use self-signed certs                 HTTPS isn’t enforced                 Certificates are long-lived, with no revocation capability                 Etcd doesn’t authenticate connections by default             Controllers all Bundled together                 Confused Deputy: b/c lower priv controllers bundled in same binary as higher             Secrets not encrypted at rest by default             Etcd doesn’t have signatures on its write-ahead log             DoS attack: you can set anti-affinity on your pods to get nothing else scheduled on their nodes               Port 10255 has an unauthenticated HTTP server for status and health checking           Vulns / Findings (not complete list, but interesting)             Hostpath pod security policy bypass via persistent volumes             TOCTOU when moving PID to manager’s group             Improperly patched directory traversal in kubectl cp             Bearer tokens revealed in logs             Lots of MitM risk:             SSH not checking fingerprints: InsecureIgnoreHostKey             gRPC transport seems all set to WithInsecure() HTTPS connections not checking certs              Some HTTPS connections are unauthenticated             Output encoding on JSON construction                 This might lead to further work, as JSON can get written to logs that may be consumed elsewhere.             Non-constant time check on passwords Lack of re-use / library-ification of code       Who will use these findings and how? Devs, google, bad guys?      Any new audit tools created from this?    Brad geesaman “Hacking and Hardening Kubernetes Clusters by Example [I] - Brad Geesaman, Symantec   https://www.youtube.com/watch?v=vTgQLzeBfRU   Aaron Small:  https://cloud.google.com/blog/products/gcp/precious-cargo-securing-containers-with-kubernetes-engine-18  https://cloud.google.com/blog/products/gcp/exploring-container-security-running-a-tight-ship-with-kubernetes-engine-1-10 https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster    CNCF:  https://www.youtube.com/watch?v=90kZRyPcRZw    Findings:       Scope for testing:         Source code review (what languages did they have to review?)             Golang, shell, ...   Networking (discuss the networking *internal* *external* Cryptography (TLS, data stores) AuthN/AuthZ  RBAC (which roles were tested? Just admin/non-admin *best practice is no admin/least priv*) Secrets Namespace traversals Namespace claims   Methodology:   Setup a bunch of environments?     Primarily set up a single environment IIRC     Combination of code audit and active ?fuzzing?         What does one fuzz on a K8s environment? Tested with latest alpha or production versions?     Version 1.13 or 1.14 - version locked at whatever was current - K8S releases a new version every 3 months, so this is a challenge and means we have to keep auditing. Tested mulitple different types of k8s implementations?     Tested primarily against kubespray (https://github.com/kubernetes-sigs/kubespray)   Bug Bounty program: https://github.com/kubernetes/community/blob/master/contributors/guide/bug-bounty.md   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec  

This evening, we all came together to spend a bit of time talking about the final Derbycon. We talk to Mic Douglas about his 9 Derbycon appearances, Gary Rimar (piano player Extraordinare) talks about @litmoose's talk on how to tell C-Levels that their applications aren't good.   We also got asked about how the show came about, and how we found each other.   **Apologies for the echo in some parts... I did what I could to clean it up, but we were too close and the mics got a bit overzealous...**

Topics:Infosec Campout report Derbycon Pizza Party (with podcast show!)  https://www.eventbrite.com/e/brakesec-pizza-party-at-the-derbycon-mental-health-village-tickets-69219271705 Mental health village at Derbycon   Jay Beale (co-lead for audit) *Bust-a-Kube*   Aaron Small (product mgr at GKE/Google) Atreides Partners Trail of Bits   What was the Audit?  How did it come about?    Who were the players?     Kubernetes Working Group         Aaron, Craig, Jay, Joel     Outside vendors:         Atredis: Josh, Nathan Keltner         Trail of Bits: Stefan Edwards, Bobby Tonic , Dominik     Kubernetes Project Leads/Devs         Interviewed devs -- this was much of the info that went into the threat model         Rapid Risk Assessments - let’s put the GitHub repository in the show notes     What did it produce?     Vuln Report     Threat Model - https://github.com/kubernetes/community/blob/master/wg-security-audit/findings/Kubernetes%20Threat%20Model.pdf     White Papers     https://github.com/kubernetes/community/tree/master/wg-security-audit/findings       Discuss the results:         Threat model findings             Controls silently fail, leading to a false sense of security                 Pod Security Policies, Egress Network Rules             Audit model isn’t strong enough for non-repudiation                 By default, API server doesn’t log user movements through system             TLS Encryption weaknesses                 Most components accept cleartext HTTP                 Boot strapping to add Kubelets is particularly weak                        Multiple components do not check certificates and/or use self-signed certs                 HTTPS isn’t enforced                 Certificates are long-lived, with no revocation capability                 Etcd doesn’t authenticate connections by default             Controllers all Bundled together                 Confused Deputy: b/c lower priv controllers bundled in same binary as higher             Secrets not encrypted at rest by default             Etcd doesn’t have signatures on its write-ahead log             DoS attack: you can set anti-affinity on your pods to get nothing else scheduled on their nodes               Port 10255 has an unauthenticated HTTP server for status and health checking         Vulns / Findings (not complete list, but interesting)             Hostpath pod security policy bypass via persistent volumes             TOCTOU when moving PID to manager’s group             Improperly patched directory traversal in kubectl cp             Bearer tokens revealed in logs             Lots of MitM risk:             SSH not checking fingerprints: InsecureIgnoreHostKey             gRPC transport seems all set to WithInsecure() HTTPS connections not checking certs              Some HTTPS connections are unauthenticated             Output encoding on JSON construction                 This might lead to further work, as JSON can get written to logs that may be consumed elsewhere.             Non-constant time check on passwords Lack of re-use / library-ification of code       Who will use these findings and how? Devs, google, bad guys?      Any new audit tools created from this?    Brad geesaman “Hacking and Hardening Kubernetes Clusters by Example [I] - Brad Geesaman, Symantec   https://www.youtube.com/watch?v=vTgQLzeBfRU   Aaron Small:  https://cloud.google.com/blog/products/gcp/precious-cargo-securing-containers-with-kubernetes-engine-18  https://cloud.google.com/blog/products/gcp/exploring-container-security-running-a-tight-ship-with-kubernetes-engine-1-10 https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster    CNCF:  https://www.youtube.com/watch?v=90kZRyPcRZw  Findings:       Scope for testing:         Source code review (what languages did they have to review?)             Golang, shell, ...   Networking (discuss the networking *internal* *external* Cryptography (TLS, data stores) AuthN/AuthZ  RBAC (which roles were tested? Just admin/non-admin *best practice is no admin/least priv*) Secrets Namespace traversals Namespace claims   Methodology: Setup a bunch of environments?     Primarily set up a single environment IIRC     Combination of code audit and active ?fuzzing?         What does one fuzz on a K8s environment? Tested with latest alpha or production versions?     Version 1.13 or 1.14 - version locked at whatever was current - K8S releases a new version every 3 months, so this is a challenge and means we have to keep auditing. Tested mulitple different types of k8s implementations?     Tested primarily against kubespray (https://github.com/kubernetes-sigs/kubespray) Bug Bounty program: https://github.com/kubernetes/community/blob/master/contributors/guide/bug-bounty.md   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

  Intro - Ms. DirInfosec “Anna” Call Centers suffer from wanting to give good customer service and need to move the call along.     Metrics are tailored to support an environment conducive to these kinds of attacks https://en.wikipedia.org/wiki/Social_engineering_(security) Social engineering will prey on people’s altruism      “Pregnant woman needing help through the security door”     “Person on crutches”    “Delivery person with arms full”     “Can’t remember information, others filling in missing bits”     Call Center Reps are _paid_ to be helpful. “Customer is never wrong”   Creating a sense of urgency to spur action   Real-life scenario: "bob calls asking about status of an order" Questions:  What were you doing for training prior to these calls? (it’s alright if you weren’t doing anything) :) Pre-training audio (#1 and #2)   What was their reaction about the calls received?   Did the training take the first time? What difficulties did you have after the first training? ‘Getting better Audio’ (#3) Fake calls? Show examples? Talk about the training, what kind of training: Post audio (#4 and #5) How did your call center reps handle the training? For a business standpoint, what had to be changed to accommodate the new processes   https://www.pindrop.com/blog/tackling-113-fraud-increase-call-centers-webinar-recap/ https://www.bai.org/banking-strategies/article-detail/beating-crooks-at-call-center-fraud   @consultingCSO on twitter   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec  

https://www.infosecurity-magazine.com/news/95-test-problems/   https://www.databreaches.net/a-misconfigured-aws-bucket-exposed-personal-and-counseling-logs-of-almost-300000-indian-employees/   https://www.scmagazine.com/home/security-news/data-breach/sephora-reports-data-breach-but-few-details/    https://www.infosecurity-magazine.com/news/93-of-organizations-cite-phishing/   https://tresorit.com/blog/the-top-6-takeaways-from-the-2019-cost-of-a-data-breach-report/ Good links: https://github.com/RedTeamOperations/PivotSuite  https://www.reddit.com/r/security/comments/cks2jd/12gb_of_powershell_malware/

Intro - Ms. DirInfosec “Anna” Call Centers suffer from wanting to give good customer service and need to move the call along.     Metrics are tailored to support an environment conducive to these kinds of attacks https://en.wikipedia.org/wiki/Social_engineering_(security) Social engineering will prey on people’s altruism      “Pregnant woman needing help through the security door”     “Person on crutches”    “Delivery person with arms full”     “Can’t remember information, others filling in missing bits”     Call Center Reps are _paid_ to be helpful. “Customer is never wrong”   Creating a sense of urgency to spur action Real-life scenario: "bob calls asking about status of an order" Questions:  What were you doing for training prior to these calls? (it’s alright if you weren’t doing anything) :) Pre-training audio (#1 and #2)   What was their reaction about the calls received?   Did the training take the first time? What difficulties did you have after the first training? ‘Getting better Audio’ (#3) Fake calls? Show examples? Talk about the training, what kind of training: Post audio (#4 and #5) How did your call center reps handle the training? For a business standpoint, what had to be changed to accommodate the new processes   https://www.pindrop.com/blog/tackling-113-fraud-increase-call-centers-webinar-recap/ https://www.bai.org/banking-strategies/article-detail/beating-crooks-at-call-center-fraud   @consultingCSO on twitter   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

FIleless malware campaign - https://www.microsoft.com/security/blog/2019/07/08/dismantling-a-fileless-campaign-microsoft-defender-atp-next-gen-protection-exposes-astaroth-attack/ https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/fileless-threats   https://www.andreafortuna.org/2017/12/08/what-is-reflective-dll-injection-and-how-can-be-detected/ https://www.extremetech.com/computing/294852-new-zip-bomb-stuffs-4-5pb-of-data-into-46mb-file    https://articles.forensicfocus.com/2019/07/15/finding-and-interpreting-windows-firewall-rules/ https://www.theregister.co.uk/2019/02/11/google_gmail_developer/      Privacy issues:     Companies integrating with email systems     Pulling all information from the inboxes     Collecting that information     Storing for long periods of time (‘training the AI’)     Check for SOC2 and press them on their data storage and privacy policies     Have language in your 3rd party agreements to understand sharing and collection   Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel:  http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site:  https://brakesec.com/bdswebsite #iHeartRadio App:  https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec     Cool Tools: https://github.com/AxtMueller/Windows-Kernel-Explorer https://github.com/TheSecondSun/Revssl