Sign up to save your podcasts
Or
Share Episode 24 - Think Like an Attacker and Other Bad Ideas
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 24 - Think Like an Attacker and Other Bad Ideas
Discussed Articles
1) Ransomware: Past, Present, And Future
A thoroughly researched history of ransomware by the Cisco Talos group that provides great insights into where ransomware has come and where it might go.
* http://blog.talosintel.com/2016/04/ransomware.html
2) Early Impacts of Certificate Transparency
Facebook's security team posts a great article about their attempts to use Certificate Transparency logs to detect nefarious SSL certificates issued for domains they control from unexpected CAs.
* https://www.facebook.com/notes/protect-the-graph/early-impacts-of-certificate-transparency/1709731569266987
* https://security.googleblog.com/2016/04/improvements-to-safe-browsing-alerts.html
3) 'Think Like an Attacker' is an opt-in mistake / HackingTeam Breach Walkthrough
In which we give you insight into how an attacker moves through a network, and admonish you not to waste your time building defenses by thinking like an attacker.
* http://emergentchaos.com/archives/2016/04/think-like-an-attacker-is-an-opt-in-mistake.html
* http://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998/ref=sr_1_1?ie=UTF8tag=braxtoncom0f-20qid=1461647269sr=8-1keywords=threat+modeling
* https://www.youtube.com/watch?v=WKgD305OFAQ
* http://www.ranum.com/security/computer_security/editorials/dumb/
* https://ghostbin.com/paste/6kho7
* http://www.csoonline.com/article/3058764/security/hacking-team-postmortem-is-something-all-security-leaders-should-read.html
Breach of the Week
MongoDB Configuration Error Exposed 93 Million Mexican Voter Records
Pretty much what it says on the box, yet another huge PII database set out on the interwebs for everyone to query.
* http://www.csoonline.com/article/3060204/security/mongodb-configuration-error-exposed-93-million-mexican-voter-records.html
View all episodes
Discussed Articles
1) Ransomware: Past, Present, And Future
A thoroughly researched history of ransomware by the Cisco Talos group that provides great insights into where ransomware has come and where it might go.
* http://blog.talosintel.com/2016/04/ransomware.html
2) Early Impacts of Certificate Transparency
Facebook's security team posts a great article about their attempts to use Certificate Transparency logs to detect nefarious SSL certificates issued for domains they control from unexpected CAs.
* https://www.facebook.com/notes/protect-the-graph/early-impacts-of-certificate-transparency/1709731569266987
* https://security.googleblog.com/2016/04/improvements-to-safe-browsing-alerts.html
3) 'Think Like an Attacker' is an opt-in mistake / HackingTeam Breach Walkthrough
In which we give you insight into how an attacker moves through a network, and admonish you not to waste your time building defenses by thinking like an attacker.
* http://emergentchaos.com/archives/2016/04/think-like-an-attacker-is-an-opt-in-mistake.html
* http://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998/ref=sr_1_1?ie=UTF8tag=braxtoncom0f-20qid=1461647269sr=8-1keywords=threat+modeling
* https://www.youtube.com/watch?v=WKgD305OFAQ
* http://www.ranum.com/security/computer_security/editorials/dumb/
* https://ghostbin.com/paste/6kho7
* http://www.csoonline.com/article/3058764/security/hacking-team-postmortem-is-something-all-security-leaders-should-read.html
Breach of the Week
MongoDB Configuration Error Exposed 93 Million Mexican Voter Records
Pretty much what it says on the box, yet another huge PII database set out on the interwebs for everyone to query.
* http://www.csoonline.com/article/3060204/security/mongodb-configuration-error-exposed-93-million-mexican-voter-records.html