Sign up to save your podcasts
Or
Share 2021-036-Tony Robinson, twtich breach, @da_667 lab setup new book edition! -part1
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
2021-036-Tony Robinson, twtich breach, @da_667 lab setup new book edition! -part1
Tony Robinson (@da_667)
Thought we'd put in a little news to round out the show
https://www.bbc.com/news/world-us-canada-58863678 - nuclear secrets hidden in a peanut butter sandwich
https://www.theregister.com/2018/04/20/rsa_security_conference_insecure_mobile_app/
https://www.vice.com/en/article/jg8w9b/the-twitch-hack-is-worse-for-streamers-than-for-twitch
https://nakedsecurity.sophos.com/2021/10/08/apache-patch-proves-patchy-now-you-need-to-patch-the-patch/
https://www.securityweek.com/fontonlake-linux-malware-used-targeted-attacks
https://securityaffairs.co/wordpress/123182/breaking-news/medtronic-recalled-insulin-pumps-controllers.html
Similar device on ebay: https://www.ebay.com/itm/324762812721
https://www.zdnet.com/article/brewdog-exposed-data-of-200000-shareholders-for-over-a-year/
https://tpetersonkth.github.io/cve/2021/10/02/Analysis-of-CVE-2019-9053.html
https://0xdf.gitlab.io/
www.leanpub.com/avatar2 MSRP = $30 USD
Book changes
What is the end goal?
Upskill?
Independent consultant?
Promotion?
Bug bounties?
Lab setup -
Lab setup types
Cloud based -
Desktop/laptop/NUC -
Server -
Good VMs to
https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ - 90 day WIndows machines
What other home lab equipment have would be helpful?Testing IoT/embedded devices?
Car hacking?
Malware analysis? https://bazaar.abuse.ch/
Virus Total Intelligence
Honeypots
@malware_traffic - https://twitter.com/malware_traffic/status/1446627364147023877
Analyzing binaries?
Patch analysis (patch tuesday, print nightmare, etc)?
https://wumb0.in/extracting-and-diffing-ms-patches-in-2020.html
https://www.netresec.com/?page=networkminer
Soldering?
Oscillators for voltage checks?
Wireless?
Old cellphones (mobile apps, don't need cellular)
Personal assistant devices (used IoT devices?)
Accessing data stored on devices
Specific software licenses?
Burp?
If I'm trying to break into infosec, how do I use my lab to sell myself to an employer?
Does the employer care?
How can someone show what they've learned in a way that shows the value?
View all episodes
By Bryan Brake, Amanda Berlin, and Brian Boettcher
4.7
9898 ratings
Tony Robinson (@da_667)
Thought we'd put in a little news to round out the show
https://www.bbc.com/news/world-us-canada-58863678 - nuclear secrets hidden in a peanut butter sandwich
https://www.theregister.com/2018/04/20/rsa_security_conference_insecure_mobile_app/
https://www.vice.com/en/article/jg8w9b/the-twitch-hack-is-worse-for-streamers-than-for-twitch
https://nakedsecurity.sophos.com/2021/10/08/apache-patch-proves-patchy-now-you-need-to-patch-the-patch/
https://www.securityweek.com/fontonlake-linux-malware-used-targeted-attacks
https://securityaffairs.co/wordpress/123182/breaking-news/medtronic-recalled-insulin-pumps-controllers.html
Similar device on ebay: https://www.ebay.com/itm/324762812721
https://www.zdnet.com/article/brewdog-exposed-data-of-200000-shareholders-for-over-a-year/
https://tpetersonkth.github.io/cve/2021/10/02/Analysis-of-CVE-2019-9053.html
https://0xdf.gitlab.io/
www.leanpub.com/avatar2 MSRP = $30 USD
Book changes
What is the end goal?
Upskill?
Independent consultant?
Promotion?
Bug bounties?
Lab setup -
Lab setup types
Cloud based -
Desktop/laptop/NUC -
Server -
Good VMs to
https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ - 90 day WIndows machines
What other home lab equipment have would be helpful?Testing IoT/embedded devices?
Car hacking?
Malware analysis? https://bazaar.abuse.ch/
Virus Total Intelligence
Honeypots
@malware_traffic - https://twitter.com/malware_traffic/status/1446627364147023877
Analyzing binaries?
Patch analysis (patch tuesday, print nightmare, etc)?
https://wumb0.in/extracting-and-diffing-ms-patches-in-2020.html
https://www.netresec.com/?page=networkminer
Soldering?
Oscillators for voltage checks?
Wireless?
Old cellphones (mobile apps, don't need cellular)
Personal assistant devices (used IoT devices?)
Accessing data stored on devices
Specific software licenses?
Burp?
If I'm trying to break into infosec, how do I use my lab to sell myself to an employer?
Does the employer care?
How can someone show what they've learned in a way that shows the value?
More shows like BrakeSec Education Podcast
View all
Security Now (Audio)
2,000 Listeners
CyberWire Daily
1,020 Listeners
Smashing Security
319 Listeners
Strict Scrutiny
5,788 Listeners