In this episode, Spencer and Darrius discuss unpopular Cybersecurity opinions, which are referred to as "hot takes." This discussion was inspired from a tweet by John Breth (@JBizzle703) which as of recording has close to 4 million views.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

In this episode, Darrius and Spencer discuss Offensive Security TTPs and tools that look promising, that we're excited for, or are trending.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

Dive into the world of securing Windows services, where the speakers reveal the hidden dangers often uncovered during internal penetration tests. Discover the crucial role of lesser-known services like the print spooler and the risks of running them with elevated privileges. Learn about the importance of secure installation practices and the common pitfalls stemming from misconfigured file permissions. Plus, explore essential tools and strategies for risk identification and mitigation, ensuring your systems stay safe from ever-present threats.

Jake Hildreth, the creator of the Locksmith tool, and Sam Erde, an IT veteran specializing in Microsoft technologies, discuss the critical role of Active Directory Certificate Services (AD CS) security. They delve into the inception of Locksmith, highlighting its unique features for identifying and fixing misconfigurations. The conversation is filled with personal anecdotes reflecting on their IT journeys and the importance of mentorship. They also share proactive strategies for enhancing organizational security, making this a treasure trove for cybersecurity enthusiasts.

Brad and Spencer dive into the world of cybersecurity vulnerabilities and their severity ratings. They break down why these ratings are essential, yet imperfect. The duo highlights the confusion in cybersecurity language and the need for clear communication. Real-world examples illustrate the limitations of the Common Vulnerability Scoring System. They advocate for a genuine vulnerability management strategy that focuses on identifying true threats rather than relying solely on automated patching. Context and human analysis are key to effective risk management.

The discussion highlights the dangers of over-relying on Endpoint Detection and Response (EDR) solutions in cybersecurity. Real-world examples reveal significant limitations and the need for proper configuration. Attackers are evolving, pushing the importance of comprehensive strategies beyond traditional EDR tools. Monitoring network traffic becomes crucial for enhanced visibility and protection. The conversation emphasizes a well-rounded defense, warning against misconceptions about advanced detection systems.

Misconfigured logon scripts pose significant security threats. The discussion highlights four real-world examples of how these scripts can be exploited. Risks include exposing sensitive credentials and creating malicious DNS entries. The conversation emphasizes the importance of managing logon scripts with appropriate tools like group policies. Best practices to secure these scripts and minimize vulnerabilities are shared, alongside insights on using 'Script Century' to identify issues. Access control for privileged accounts is also crucial for preventing exploitation.

In this discussion, Joey Vandegrift, who leads the blue team at SecurIT360, shares his expertise in defending against PowerShell attacks. He explores the dual role of PowerShell as a tool for both automation and criminal activities. Joey emphasizes the importance of access controls and logging in mitigating risks. He also introduces strategies for privilege management, highlighting tools like MakeMeAdmin. The conversation wraps up with essential defensive practices, including the need for execution policies and regular system updates.

Get ready for an eye-opening discussion on preparing for an external penetration test! Explore the essential steps, from understanding goals to performing asset inventories. Discover the importance of clear communication and proactive dark web monitoring to safeguard sensitive information. Learn how breach credentials and password reuse can threaten your organization. This podcast is packed with expert tips to make your penetration testing process not only effective but also secure!

Discover the power of PowerShell for automating and orchestrating security tasks. Learn how it compares to Python and why hands-on experience is essential. Delve into coding best practices for security automation and effective incident response. Explore the pros and cons of different coding environments, such as PowerShell ISE and Visual Studio Code. Plus, uncover strategies for streamlining IT processes and mastering essential techniques that boost productivity in cybersecurity.