BrakeSec Education Podcast

 From Nato’s email:Hi Bryan,   Discussing the challenges that come with not having good logging in place could be a great topic!  We could make it partly about how security maturity works, in the idea that security generally starts with awareness and visibility.   The topic sort of gets into the idea that knowing is half the battle, so logging can be transformative for helping a company properly secure themselves from online risks!   What do you think of this topic idea?   https://www.blumira.com/careers/ https://thenewstack.io/logging-and-monitoring-why-you-need-both/   https://prometheus.io/ https://www.sentinelone.com/blog/the-10-commandments-of-logging/   https://towardsdatascience.com/why-should-you-care-about-logging-442a195b80a1   https://www.g2.com/products/blumira-automated-detection-response/reviews#survey-response-4908309   (wouldn’t you know it… a couple additional google searches, and I find this -brbr)https://www.executivegov.com/2021/08/omb-creates-maturity-framework-for-event-log-management/) https://insidecybersecurity.com/sites/insidecybersecurity.com/files/documents/2021/may/cs2021_0089c.pdf   Logging maturity in the US gov (OMB policy doc): https://www.whitehouse.gov/wp-content/uploads/2021/08/M-21-31-Improving-the-Federal-Governments-Investigative-and-Remediation-Capabilities-Related-to-Cybersecurity-Incidents.pdf   Are there examples of devices that don’t give out logs? What if your vendor does not allow you to have logs? Can you create logs based on the activity of the device? What would that look like? Types of logs: Application logs Network logs Endpoint security logs OS logs IDS/IPS logs Vuln scanner logs  

Blog post that inspired this episode: https://lizsaling.com/SWE-team-five-pillars/   Liz Saling  (@lizsaling) https://www.mindtools.com/pages/article/newLDR_86.htm http://www.mspguide.org/tool/tuckman-forming-norming-storming-performing https://michaelhyatt.com/3-roadblocks-to-avoid-for-optimal-team-performance Erin meyer is the one who did the netflix study! https://bigthink.com/the-present/high-performing-teams/ https://alicedartnell.com/blog/why-smart-goals-are-stupid/   NEWS: Unlocking ‘god’ mode on windows 11: https://www.bleepingcomputer.com/news/microsoft/how-to-unlock-windows-11s-god-mode-to-access-advanced-settings/ https://www.reddit.com/r/netsec/comments/q9f63y/creating_a_basic_python_reverse_shell_listener/ NFT malware (NFTs that empty wallets): https://www.theregister.com/2021/10/17/in_brief_security/

Tony Robinson (@da_667) Thought we’d put in a little news to round out the show https://www.bbc.com/news/world-us-canada-58863678 - nuclear secrets hidden in a peanut butter sandwich https://www.theregister.com/2018/04/20/rsa_security_conference_insecure_mobile_app/ https://www.vice.com/en/article/jg8w9b/the-twitch-hack-is-worse-for-streamers-than-for-twitch https://nakedsecurity.sophos.com/2021/10/08/apache-patch-proves-patchy-now-you-need-to-patch-the-patch/ https://www.securityweek.com/fontonlake-linux-malware-used-targeted-attacks https://securityaffairs.co/wordpress/123182/breaking-news/medtronic-recalled-insulin-pumps-controllers.html Similar device on ebay: https://www.ebay.com/itm/324762812721   https://www.zdnet.com/article/brewdog-exposed-data-of-200000-shareholders-for-over-a-year/   https://tpetersonkth.github.io/cve/2021/10/02/Analysis-of-CVE-2019-9053.html   https://0xdf.gitlab.io/ www.leanpub.com/avatar2  MSRP = $30 USD Book changes   What is the end goal?  Upskill? Independent consultant? Promotion? Bug bounties? Lab setup -    Lab setup types   Cloud based -  Desktop/laptop/NUC -  Server -    Good VMs to   https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ - 90 day WIndows machines   What other home lab equipment have would be helpful?Testing IoT/embedded devices? Car hacking? Malware analysis? https://bazaar.abuse.ch/ Virus Total Intelligence Honeypots @malware_traffic - https://twitter.com/malware_traffic/status/1446627364147023877 Analyzing binaries? Patch analysis (patch tuesday, print nightmare, etc)? https://wumb0.in/extracting-and-diffing-ms-patches-in-2020.html https://www.netresec.com/?page=networkminer   Soldering? Oscillators for voltage checks? Wireless? Old cellphones (mobile apps, don’t need cellular) Personal assistant devices (used IoT devices?) Accessing data stored on devices   Specific software licenses?  Burp? If I’m trying to break into infosec, how do I use my lab to sell myself to an employer? Does the employer care?  How can someone show what they’ve learned in a way that shows the value?

Tony Robinson (@da_667) Thought we’d put in a little news to round out the show https://www.bbc.com/news/world-us-canada-58863678 - nuclear secrets hidden in a peanut butter sandwich https://www.theregister.com/2018/04/20/rsa_security_conference_insecure_mobile_app/ https://www.vice.com/en/article/jg8w9b/the-twitch-hack-is-worse-for-streamers-than-for-twitch https://nakedsecurity.sophos.com/2021/10/08/apache-patch-proves-patchy-now-you-need-to-patch-the-patch/ https://www.securityweek.com/fontonlake-linux-malware-used-targeted-attacks https://securityaffairs.co/wordpress/123182/breaking-news/medtronic-recalled-insulin-pumps-controllers.html Similar device on ebay: https://www.ebay.com/itm/324762812721 https://www.zdnet.com/article/brewdog-exposed-data-of-200000-shareholders-for-over-a-year/ https://tpetersonkth.github.io/cve/2021/10/02/Analysis-of-CVE-2019-9053.html https://0xdf.gitlab.io/   www.leanpub.com/avatar2  MSRP = $30 USD Book changes   What is the end goal?  Upskill? Independent consultant? Promotion? Bug bounties? Lab setup -  Lab setup types Cloud based -  Desktop/laptop/NUC -  Server -    Good VMs to   https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ - 90 day WIndows machines   What other home lab equipment have would be helpful?Testing IoT/embedded devices? Car hacking? Malware analysis? https://bazaar.abuse.ch/ Virus Total Intelligence Honeypots @malware_traffic - https://twitter.com/malware_traffic/status/1446627364147023877 Analyzing binaries? Patch analysis (patch tuesday, print nightmare, etc)? https://wumb0.in/extracting-and-diffing-ms-patches-in-2020.html https://www.netresec.com/?page=networkminer   Soldering? Oscillators for voltage checks? Wireless? Old cellphones (mobile apps, don’t need cellular) Personal assistant devices (used IoT devices?) Accessing data stored on devices   Specific software licenses?  Burp? If I’m trying to break into infosec, how do I use my lab to sell myself to an employer? Does the employer care?  How can someone show what they’ve learned in a way that shows the value?

GRC tools  (Governance Risk and Compliance)   @ki_twyce_   @TechSecChix   INfosec unplugged   Security Happy Hour   Eric’s cyberpoppa show   Cyber Insight show - cohost   Blumira is hiring https://www.blumira.com/careers/  https://www.cio.com/article/3206607/what-is-grc-and-why-do-you-need-it.html   https://www.pwc.ch/en/insights/fs/10-pitfalls-when-implementing-grc-technology-and-how-to-avoid-them.html   https://www.oxial.com/all/how-to-go-about-choosing-your-grc-solution/   Why do we need a GRC tool? https://resilience.acoss.org.au/the-six-steps/managing-your-risks/risk-register   What are our business goals? (to make money... :D ) Are we mature enough to be measuring ourselves? How can we use this to be more efficient?   https://www.standardfusion.com/blog/the-future-of-grc-7-things-to-look-out-for/   Centralized Controls. ... Support for Future Standards. ... Automation Integrations (my add… helpdesk integrations,  3rd party) Scalability. ... Customizable Reporting. ... Flexibility. ... Task Delegation   GRC tool use in other areas   IT - makes more informed budget decisions, determines directions in business goals, asset mgmt Finance - Make better financial decisions, profitability Infosec-  vuln mgmt,  Compliance HR - determine hiring requirements Legal - ensures ethical management of the organization, reduces breach,    How do you implement GRC? https://www.crowe.com/insights/6-steps-for-a-successful-grc-implementation Step 0: everyone’s input and use cases  Determine the total value gained by using a centralized GRC platform Missing data  Duplicate processes Duplicate data Manual steps that can be removed or automated Workflows to assist heavily manual areas such as communications, emails, approvals, and reporting Identify operational gaps to prioritize the areas you need to improve. Get your team on board with an effectively communicated plan. Build a strong foundation to support your GRC program Deploy a standardized GRC implementation across the board. Let the GRC framework evolve and grow after it's implemented.  

GRC tools  (Governance Risk and Compliance)   @ki_twyce_   @TechSecChix   INfosec unplugged   Security Happy Hour   Eric’s cyberpoppa show   Cyber Insight show - cohost   Blumira is hiring https://www.blumira.com/careers/  https://www.cio.com/article/3206607/what-is-grc-and-why-do-you-need-it.html   https://www.pwc.ch/en/insights/fs/10-pitfalls-when-implementing-grc-technology-and-how-to-avoid-them.html   https://www.oxial.com/all/how-to-go-about-choosing-your-grc-solution/   Why do we need a GRC tool? https://resilience.acoss.org.au/the-six-steps/managing-your-risks/risk-register   What are our business goals? (to make money... :D ) Are we mature enough to be measuring ourselves? How can we use this to be more efficient?   https://www.standardfusion.com/blog/the-future-of-grc-7-things-to-look-out-for/   Centralized Controls. ... Support for Future Standards. ... Automation Integrations (my add… helpdesk integrations,  3rd party) Scalability. ... Customizable Reporting. ... Flexibility. ... Task Delegation   GRC tool use in other areas   IT - makes more informed budget decisions, determines directions in business goals, asset mgmt Finance - Make better financial decisions, profitability Infosec-  vuln mgmt,  Compliance HR - determine hiring requirements Legal - ensures ethical management of the organization, reduces breach,    How do you implement GRC? https://www.crowe.com/insights/6-steps-for-a-successful-grc-implementation Step 0: everyone’s input and use cases  Determine the total value gained by using a centralized GRC platform Missing data  Duplicate processes Duplicate data Manual steps that can be removed or automated Workflows to assist heavily manual areas such as communications, emails, approvals, and reporting Identify operational gaps to prioritize the areas you need to improve. Get your team on board with an effectively communicated plan. Build a strong foundation to support your GRC program Deploy a standardized GRC implementation across the board. Let the GRC framework evolve and grow after it's implemented.      

  8 Steps to Better Security: A Simple Cyber Resilience Guide to Business is done all final editing and will be published by @WileyTech on October 5th.    Pre-orders are available now via Amazon, Barnes & Noble, and other retailers.   Sponsored Link: https://amzn.to/3k3pDAN   Amazon teaser: “Harden your business against internal and external cybersecurity threats with a single accessible resource.  In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps.   Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to:  Foster a strong security culture that extends from the custodial team to the C-suite  Build an effective security team, regardless of the size or nature of your business  Comply with regulatory requirements, including general data privacy rules and industry-specific legislation  Test your cybersecurity, including third-party penetration testing and internal red team specialists  Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries.  “

Blumira-  Per crunchbase:“Blumira's end-to-end platform offers both automated threat detection and response, enabling organizations of any size to more efficiently defend against cybersecurity threats in near real-time. It eases the burden of alert fatigue, complexity of log management and lack of IT visibility. Blumira's cloud SIEM can be deployed in hours with broad integration coverage across cloud, endpoint protection, firewall and identity providers including Office 365, G Suite, Crowdstrike, Okta, Palo Alto, Cisco FTD and many others.” Contact sales@blumira.com   Patrick Garrity, VP of Operations. Patrick has years of experience in the security industry building and scaling usable security products. He currently leads Blumira’s product, sales and marketing teams. Prior to joining Blumira, he led sales engineering, product marketing and international expansion for Duo Security. Twitter = @Thisisnottap   https://www.ibm.com/cloud/blog/top-5-advantages-of-software-as-a-service https://www.outsource2india.com/software/articles/software-as-a-service.asp   5 Advantages of SaaS Reduced time to benefit. Software as a service (SaaS) differs from the traditional model because the software (application) is already installed and configured. ... Lower costs. ... Scalability and integration. ... New releases (upgrades) ... Easy to use and perform proof-of-concepts. 5 Disadvantages of SaaS Insufficient Data Security. SaaS-based application model. Difficulty with Regulations Compliance.  Cumbersome Data Mobility.  Low Performance.  Troublesome Software Integration.   Limit Attack Surface https://www.wallix.com/blog/top-10-ways-to-limit-attack-surface https://www.okta.com/identity-101/what-is-an-attack-surface/ https://securityscorecard.com/blog/what-is-cyber-attack-surface-management

  8 Steps to Better Security: A Simple Cyber Resilience Guide to Business is done all final editing and will be published by @WileyTech on October 5th.  It is available now via Kindle.  Pre-orders are available now via Amazon, Barnes & Noble, and other retailers.   Sponsored Link: https://amzn.to/3k3pDAN   Amazon teaser: “Harden your business against internal and external cybersecurity threats with a single accessible resource.  In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps.   Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to:  Foster a strong security culture that extends from the custodial team to the C-suite  Build an effective security team, regardless of the size or nature of your business  Comply with regulatory requirements, including general data privacy rules and industry-specific legislation  Test your cybersecurity, including third-party penetration testing and internal red team specialists  Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries. 

"bel paese, ma più caldo del buco del culo di Satana" https://www.theverge.com/22648265/apple-employee-privacy-icloud-id https://mysudo.com/ https://arstechnica.com/information-technology/2021/09/npm-package-with-3-million-weekly-downloads-had-a-severe-vulnerability/ https://www.bleepingcomputer.com/news/security/bluetooth-braktooth-bugs-could-affect-billions-of-devices/ www.infoseccampout.com www.log-md.com @infosystir @bryanbrake @brakesec @hackershealth @boettcherpwned