Brakeing Down Security Podcast Bryan Brake, Amanda Berlin, Brian Boettcher

Dream Doxxed:

Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets - E Hacking News - Latest Hacker News and IT Security News

Hackers target cryptocurrency users with new ElectroRAT malware | ZDNet

End of year podcast
 
Blumeria sponsorship



NEWS:
 
IT company SolarWinds says it may have been hit in 'highly sophisticated' hack | Reuters
 
FireEye hacked: US cybersecurity firm FireEye hit by 'state-sponsored' attack - BBC News
 
 
https://krypt3ia.wordpress.com/ - 16 december 2020
 
Microsoft flexing muscle to shutdown c2: Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach - GeekWire
 
Little-known SolarWinds gets scrutiny over hack, stock sales (apnews.com)
 
FireEye, GoDaddy,and Microsoft create kill switch for SolarWinds backdoorSecurity Affairs
 
US Gov has hacked: US government agencies hacked; Russia a possible culprit (apnews.com)
 
Not mentioned during the podcast: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor | FireEye Inc
 
Not trying to spread FUD, but would infiltration by using FOSS tools be easier than Solarwinds?
 
Time to remove Nano Adblocker and Defender from your browsers (except Firefox) - gHacks Tech News
 
System oriented programming - Cloud-Sliver (cloud-sliver.com)



 Google Cloud (over)Run: How a free trial experiment ended with a $72,000 bill overnight • The Register
 
G’bye Flash… Adobe releases final Flash Player update, warns of 2021 kill switch (bleepingcomputer.com)
IT workers worried about AI making them obsolete…  IT Workers Fear Becoming Obsolete in Cyber Roles - Infosecurity Magazine (infosecurity-magazine.com)
 
Vulnerabilities Found in Multiple GE Imaging Systems - Infosecurity Magazine (infosecurity-magazine.com)
 
Qbot malware switched to stealthy new Windows autostart method (bleepingcomputer.com)



https://www.atlasobscura.com/places/encryption-lava-lamps - “The randomness of this wall of lava lamps helps encrypt up to 10 percent of the internet. “
 
It’s been the year of the business continuity program this year… and how agile yours is.
--thoughts?
 
Future?
Bryan: Companies that are ‘all in’ on remote work will back track.
Amanda: I think we’ll see way more keep the wfh now that they realize it saves $$
 
heck out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#AmazonMusic: https://brakesec.com/amazonmusic 
#Brakesec Store!: https://brakesec.com/teepub 
#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora 
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel:  http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site:  https://brakesec.com/bdswebsite
#iHeartRadio App:  https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

What is the difference between having a proactive vs. reactive security strategy?
What does micro-segmentation adoption look like as we head into the new year?
What is the future of micro-segmentation?  Segmentation of database areas? Logs?

What is Porchetta Industries? What is the current problem with supporting opensource projects? How are you working to solve the problem

What is Porchetta Industries?
What is the current problem with supporting opensource projects?
How are you working to solve the problem

Why we are here today?

What kind of hardware or software do you need?

Why would a security professional want to know how to use SDR tools and attacks?

What other kinds of attacks can be launched?

What are the current limitations to testing wireless and RF related systems? What about custom wireless implementations?

I’m a wireless manufacturer of some kind of device. What are some things I could do to ensure that the types of attacks we discussed here cannot affect me?