UNSECURITY: Information Security Podcast

Episode 192 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss holiday precautions, vendor risk management, a few new vulnerabilities on the scene, and more.Give episode 192 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 191 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some recent vulnerabilities, cybersecurity awareness month, Hacks and Hops 2022, and more!Links:Fortinet Authentication Bypasshttps://projecthyphae.com/threat/fortinet-authentication-bypass-critical/ZeroDay: ProxyShell 2 (or 3?)https://projecthyphae.com/threat/zeroday-proxyshell-2-or-3-even-proxier/Cybersecurity Awareness Monthhttps://www.cisa.gov/cybersecurity-awareness-monthGive episode 191 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 190 of the Unsecurity Podcast is now live! This week, Oscar and Brad welcome Evan back to the show to discuss life in Mexico, next steps in the CvCISO program, and all the latest industry happenings.Links:Fancy Bearhttps://projecthyphae.com/threat/fancy-bear-sinks-its-graphite-claws-into-powerpoint/9/26/2022 Security News Rounduphttps://projecthyphae.com/threat/information-security-news-9-26-2022/Give episode 190 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 189 of the Unsecurity Podcast is now live! This week, Oscar and Brad are joined by Chris Furner and Jeremy Young with Blumira to discuss their perspectives on information security.New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Securityhttps://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.htmlTA505 Hackers Using TeslaGun Panel to Manage ServHelper Backdoor Attackshttps://thehackernews.com/2022/09/ta505-hackers-using-teslagun-panel-to.htmlGive episode 189 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 188 of the Unsecurity Podcast is now live! This week, Oscar and Brad are joined by Michael Kennedy, Founder of Ostra Cybersecurity to discuss Ostra, working with FRSecure, industry news, and more.LastPass Security Incident:https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/Okta one-time MFA passcodes exposed in Twilio cyberattackhttps://www.bleepingcomputer.com/news/security/okta-one-time-mfa-passcodes-exposed-in-twilio-cyberattack/Ostra Cybersecurityhttps://www.ostra.net/Give episode 188 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

Episode 187 of the Unsecurity Podcast is now live! This week, Oscar and Brad are joined by Eric Hanson and Mike Thompson of FRSecure's technical services team to discuss this year's DEFCON conference. DEFCON site:https://defcon.org/ Give episode 187 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 186 of the Unsecurity Podcast is now live! This week, Oscar and Brad review the recent updates to the FTC's Safeguards Rule concerning financial institutions. Here's what you need to know...Need more detail? Check out FRSecure's blog post covering all the details of the recent updates:https://frsecure.com/blog/ftc-safeguards-rule-what-you-need-to-know/More resources:https://www.ftc.gov/business-guidance/resources/ftc-safeguards-rule-what-your-business-needs-knowhttps://arstechnica.com/information-technology/2022/08/sike-once-a-post-quantum-encryption-contender-is-koed-in-nist-smackdown/https://www.infosecurity-magazine.com/blogs/compliance-security-passwords/Give episode 186 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 185 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss securing a remote workforce in a post-COVID environment, industry news, and more!Give episode 185 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 183 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some of the simpler things you can do to bolster your security program. While there is no such thing as 'easy button' security, there are still some quick wins to be had!News:https://thehackernews.com/2022/07/5-key-things-we-learned-from-cisos-of.html- Remote work has accelerated the use of EDR Technology- 90% of CISO's surveyed used an MDR solution- Overlapping threat protection tools are the #1 pain point for small teams- Small security teams are ignoring more alerts- 96% of CISO's are planning to consolidate security platforms https://www.helpnetsecurity.com/2022/07/14/conventional-cybersecurity-approaches/Give episode 184 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!

Episode 183 of the Unsecurity Podcast is now live! This week, Oscar and Brad discuss some training resources that you can use in your security program free of charge!News:Autopatch is now Availablehttps://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html'Callback' Phishing Campaign Impersonates Security Firmshttps://threatpost.com/callback-phishing-security-firms/180182/Resources Discussed:Portswigger Web Security Academy https://portswigger.net/trainingXSS, Cross Site Request Forgery, SQL Injection, HTTP Request SmugglingBurp Suite Training - All free & high qualityHacktheBox, TryHackMe, OverTheWireOffensive Security - Metasploit Unleashed. Also currently doing free OSCP classes via Twitch. Monday and Friday at 12:00 PM EThttps://www.offensive-security.com/metasploit-unleashed/FRSecure CISSP mentorshiphttps://frsecure.com/cissp-mentor-program/Federal Virtual training Environmenthttps://fedvte.usalearning.gov/Free training for all Federa, State, Local, Tribal and Territorial government employees.Using ATT&CK for CTI Traininghttps://attack.mitre.org/resources/training/cti/Understand what ATT&CK is and how to use it to make defensive decisions.SANS Cheat Sheets!https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/PicoCTFhttps://picoctf.org/resources.htmlLearning Guides for General Skills, Crypto, Web Exploitation, Forensics, Binary Exploitation, ReversingInfosecinstitutehttps://resources.infosecinstitute.com/topic/13-cyber-security-training-courses-you-can-take-now-for-free/$300 AnnualCybraryhttps://www.cybrary.it/Some free courses or $60 a monthGive episode 183 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com. Don't forget to like and subscribe!