UNSECURITY: Information Security Podcast

Episode 214 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Mike (Pinky) Thompson for a Breachmas report and some news from around the industry.News linksMandiant's X (Twitter) Account Hackedhttps://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.htmlCISCO Patchhttps://www.securityweek.com/cisco-patches-critical-vulnerability-in-unity-connection-product/Two Ivanti Zero-Days Actively Exploited in the Wildhttps://www.infosecurity-magazine.com/news/two-ivanti-zerodays-actively/Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 213 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Amy MacElroy to discuss company culture and how she helps maintain it in her role as head of HR.VulnerabilitiesApache Strutshttps://www.securityweek.com/recent-apache-struts-2-vulnerability-in-attacker-crosshairs/Microsoft Patch Tuesdayhttps://securityaffairs.com/155719/security/microsoft-patch-tuesday-december-2023.htmlAdobe Patches (207 Bugs)https://www.securityweek.com/adobe-patches-207-security-bugs-in-mega-patch-tuesday-bundle/Don't forget: The show is available in audio-only form wherever you listen to podcasts! Please send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecure: https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 212 of the Unsecurity Podcast is now live!This time, Brad and Oscar sit down with FRSecure's Shawn Pollard to discuss our new free BIA starter kit, CMMC, and more.Water facilities report falling to hackers in separate breacheshttps://arstechnica.com/security/2023/11/2-municipal-water-facilities-report-falling-to-hackers-in-separate-breaches/Send any questions, comments, or feedback to unsecurity@protonmail.com.About FRSecurehttps://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 211 of the Unsecurity Podcast is now live!This time, Brad and Oscar sit down with FRSecure's Eric Hanson and Seth Bowling to discuss R&D and defensive evasion.Blackcat report company they breached to SEC https://www.bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach/About FRSecure: https://frsecure.com/FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs.These fundamentals are lacking in our industry, and while progress is being made, we can’t do it alone. Whether you’re wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.

Episode 210 of the Unsecurity Podcast is now live!This time, Brad is joined by Megan Larkins to discuss her role as FRSecure's security consulting manager, as well as Proofpoint's 2023 Voice of the CISO report.Proofpoint's 2023 Voice of the CISOhttps://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-reportGive this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com

Episode 209 of the Unsecurity Podcast is now live! This time, Oscar and Brad welcome Evan back to the show to catch up on all his latest endeavors.Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com.

Episode 208 of the Unsecurity Podcast is now live!This time, Oscar returns to the show and the guys get a chance to catch up on all the latest.Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com

The hosts discuss their experiences at Defcon 2023 and participating in a Capture The Flag event. They explore the limitations of traditional training methods in information security and the value of CTF-style exercises. They emphasize the importance of keeping team members sharp and simulating attacks using moderate Caldera. They also mention a cool initiative for red team scenarios and a news story about a company refusing to pay a ransomware demand. Additionally, they highlight the significance of data backups and express skepticism towards claims of no evidence of data exfiltration.

This week, Oscar and Brad sit down to discuss Adobe ColdFusion & Citrix NetScaler Vulnerabilities.Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com

This month, we're doing a crossover episode with The Hackle Box!For those who are not yet aware, The Hacklebox is another FRSecure podcast focused on the technical end of current events and happenings within the security industry. It's hosted several times a month by FRSecure's Technical Services Team.Discussed this month: MOVEit AttacksMicrosoft Patch Tuesday: Six 0-DaysFortinet InfinityPlease like, subscribe, and follow us on social! Facebook: https://www.facebook.com/frsecure/Twitter: https://twitter.com/frsecure/Instagram: https://www.instagram.com/frsecureofficial/ LinkedIn: https://www.linkedin.com/company/frsecure/