UNSECURITY: Information Security Podcast

In this episode of the Unsecurity Podcast, Brad and Megan recap Blackhat. They also discuss a zero-click exploit involving a Windows TCP IP flaw and backdoor Bitsloth exploits.Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad and Oscar are joined by a new host, FRSecure's Megan Larkins!Together, they discuss the recent CrowdStrike outage and its illustration of the importance of understanding your application inventory and dependencies—and the need for proper application allow listing and conditional access policies to prevent attacks.00:00 Introduction and Weather Conversations03:02 Introducing Megan as the New Co-host04:00 Discussion on the CrowdStrike Outage17:33 The Need for Application Inventory and Allow Listing22:28 Starting with Critical Assets and Rolling Out Application Control28:16 The Importance of Proactive Measures31:22 Shoutouts to Spouses and the FRSecure SMT Team32:48 Conclusion and FarewellDon't forget: Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, the guys sit down with Michael Kennedy of Ostra to discuss burnout and share their personal experiences and strategies for preventing and managing work-related stress.Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad, and Oscar discuss the CISSP Mentorship Program with Brian Kelley now that this year's course has officially wrapped up, and touch on challenges and roadblocks for security professionals in the job market. 00:00 Intro01:56 Ransomware and Security Best Practices06:32 CISSP Mentorship Program and Learning Journey25:32 Challenges of Information Security Professionals27:31 The Journey to Becoming a Security Consultant35:04 The Complexity of Job Postings and Hiring ChallengesPlease send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad, Oscar, and Pinky discuss recent news stories about IP and central manager flaws, as well as a vulnerability enrichment project by CISA. They also share an interesting incident response story involving internal domains and proxy auto-configuration files. Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

In this episode of the Unsecurity Podcast, Brad interviews guest Ryan Cloutier as part of our Meet the Mentors series.They discuss the importance of the CISSP Mentor Program and the value of different perspectives in teaching. They also discuss the release of an exploit code for the Palo Alto Networks Zero Day vulnerability and the ethics of publicly sharing vulnerabilities.Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 218 of the Unsecurity Podcast is now live!This time, Brad is joined by Ron Woerner for another episode of our "Meet the Mentors" series introducing the 2024 CISSP Mentor Program instructors!Links & information:Find Ron on LinkedInhttps://www.linkedin.com/in/ronwoerner/Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 217 of the Unsecurity Podcast is now live!This time, Brad is joined by Chris Foulon for the first episode in our "Meet the Mentors" series, introducing our 2024 CISSP Mentor Program instructors!Links & information:Chris's Podcast (Breaking Into Cybersecurity)https://podcasts.apple.com/us/podcast/breaking-into-cybersecurity/id1463136698Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 216 of the Unsecurity Podcast is now live! This time, Oscar and Brad are joined by FRSecure's Matt Dowd to discuss the difference between vulnerability scanning and penetration testing. Links & informationCisco Critical Vulnerabilities https://www.securityweek.com/cisco-patches-critical-vulnerabilities-in-enterprise-communication-devices/Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 215 of the Unsecurity Podcast is now live! This time, Brad is joined by FRSecure's Dave Tuckman to discuss an upcoming webinar series about securing home networks with ISACA and select FRSecure staff leading the sessions.Links & informationISACA home network webinar series:Session 1: 2/12 - Household Computer Safety, Using The Internet Safely https://isaca-sd.org/events/2024-02-12Session 2: 3/11 - Choosing and Protecting Your Account Login, Securing Mobile Devices https://isaca-sd.org/events/2024-03-11Session 3: 4/8 - Securing Wi-Fi, Securing the Wi-Fi/Network Router https://isaca-sd.org/events/2024-04-08Session 4: 5/13 - Backing up Data, Smart Devices and the Internet-of-Things https://isaca-sd.org/events/2024-05-13Session 5: 6/10 - Physical Security, Breach and Incident Response https://isaca-sd.org/events/2024-06-10Avast spying on clickshttps://www.pcmag.com/news/the-cost-of-avasts-free-antivirus-companies-can-spy-on-your-clicksFacebook users monitored by thousands of companieshttps://www.consumerreports.org/electronics/privacy/each-facebook-user-is-monitored-by-thousands-of-companies-a5824207467/Time to patch and threat-hunthttps://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.htmlPlease send any questions, comments, or feedback to unsecurity@protonmail.comAbout FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.