Exploring Information Security - Exploring Information Security

Timothy De Block

4.7 (43)
科技
一周一更

The Exploring Information Security podcast interviews a different professional each week exploring topics, ideas, and disciplines within information security. Prepare to learn, explore, and grow your security mindset.

1天前

What are BEC attacks?

Steve (@SteveD3) has been covering BEC types of attacks for the past year at CSO. These types of attacks are increasing. It may get worse with GDPR requirements next month. This ended up being one of the more difficult podcasts to get scheduled. Steve and I had to cancel on each other a few times because of phishing related stuff.

28 分钟
7月8日

How to crack passwords

Sean (@SeanThePeterson), is one of the most passionate infosec people you don't know. He recently did a talk at ShowMeCon on how to crack passwords. It was his first ever talk and pretty damn good. Sean joined me to give me his insights into password cracking.

30 分钟
7月2日

[RERELEASE] How to find vulnerabilites

Samy (@samykamkar) shouldn't need too much of an introduction to most people. He's been in the news for hacking garage doors, credit cards, cars, and much much more. Samy likes to hack things and has a knack for finding vulnerabilities in everything from locked machines to wireless doorbells. His site has the full list of vulnerabilities as well as videos and press appearances. Which made him the perfect guess for talking about how to find vulnerabilities. In this episode we discuss: how Samy got started; what is a vulnerability; what skills are needed; how he decides his next project; steps to finding vulnerabilities; what he does when he discovers a vulnerability; how long the process takes.

27 分钟
6月24日

[RERELEASE] What is data driven security?

I recently read Data Driven Security: Analysis, Visualization and Dashboards by Jay Jacobs (@jayjacobs) and Bob Rudis (@hrbrmstr). The book is easy to read and a very good introduction into the world of data and security. Both Jay and Bob were kind with their time when I had questions about exercises in the books. After reading the book I decided to have Bob on to talk more about data driven security.

33 分钟
6月17日

[RERELEASE] What is a CISSP?

Javvad Malik (@J4vv4d) doesn't need much introduction. He's done a video on the benefits of being a CISSP. He's also done a music video with his Host Unknown crew on the CISSP. There's also The CISSP companion handbook he wrote. which has a collection of stories and experiences dealing with the 10 domains of the CISSP. Check out his website at j4vv4d.com and his YouTube channel.

25 分钟
6月10日

[RERELEASE] From ShowMeCon 2017: Dave Chronister, Johnny Xmas, April Wright, and Ben Brown talk about Security

ShowMeCon is one of my favorite security conferences. The organizers are awesome and take care of their speakers like no other conference. The venue is fantastic. The content is mind blowing. I can't say enough good things about the even that Dave and Renee Chronister put on every year in St. Louis, Missouri. They know how to put on a conference. Regular listeners of the podcast will note that I recorded an episode with Dave on ShowMeCon several weeks ago. After that recording he asked if I was interested in doing a recording at the conference. I said yes and thus the birth of this epic episode. This format is experimental. First, it is marked as explicit, because there is swearing. Second, It's over 90 minutes long. I didn't think breaking it up into four or five pieces would serve the recording well. Send me your feedback good or bad on this episode, because I'd like to do more of these. I would really like to hear it for this episode.

1 小时 33 分钟
6月4日

How to Perform Incident Response and Forensics on Drones

Summary: In this episode of Exploring Information Security, host Timothy De Block sits down with Wayne Burke to discuss the crucial and rapidly evolving field of drone tactical forensics and incident response. Wayne sheds light on the increasing proliferation of drones, from law enforcement applications to criminal misuse, and the unique challenges involved in collecting forensic evidence from them. He reveals the dangers of booby-trapped drones and malware on flight controllers, emphasizing the need for caution and specialized techniques. Wayne also shares a fascinating incident involving electronic warfare against a surveillance drone, underscoring the sophisticated threats emerging today. Tune in to learn about essential forensic methods, from accessing flight logs with open-source tools to advanced chip-off forensics, and why collaboration in the cybersecurity community is vital for addressing these new challenges. What You'll Learn: What drone tactical forensics entails and its growing importance in today's world of automated robotics. The diverse and increasing applications of drones, including surveillance and the potential for misuse like extortion. Significant risks and dangers in drone forensics, such as booby traps and flight controller malware. Initial steps and varied techniques for drone incident response and forensic evidence collection, depending on the drone type. How flight logs and telemetry data are analyzed using open-source tools, and methods for advanced forensics like chip-off analysis. The critical role of community and collaboration in addressing emerging drone security threats.

25 分钟
6月3日

That Shouldn't Have Worked: A Red Teamer's Confessions

Summary: In this episode of Exploring Information Security, host Timothy De Block speaks with Corey Overstreet, a seasoned pentester from Red Siege. Corey shares insights into the ongoing cat-and-mouse game between red teams and blue teams, revealing common vulnerabilities and unexpected successes in breaching defenses. He discusses his upcoming talk at Show Me Con, titled "That Shouldn't Have Worked," which aims to equip blue teams with practical knowledge on bolstering their defenses against persistent attackers. From the nuances of payload delivery to the surprising resilience of old tricks and the challenges of cloud security, Corey offers a candid look at the daily realities of offensive security and how defenders can truly make a red teamer's life difficult. What You'll Learn: The core focus of Corey Overstreet's "That Shouldn't Have Worked" talk at Show Me Con. Common mistakes red teamers make and how to avoid them. Effective defensive strategies for blue teams, including the power of application control and network segmentation. The evolving landscape of EDR and how AI is starting to make red team operations more challenging. Insights into the surprising ways macros and social engineering continue to be effective entry points, especially in cloud environments. Advice for aspiring pentesters on learning and problem-solving, emphasizing hands-on practice and diligent note-taking. Corey's favorite resources for staying up-to-date in cybersecurity, including various subreddits, Discord, and Slack communities.

46 分钟

查看全部 100 集

4.7

共 5 分

43 个评分

Excellent Cybersecurity Security Podcast

2024/02/19

Kgoode517

I’ve stumbled upon Tim’s podcast after listening to his presentation at my local Bsides. Just like I feel that his talk was the best of the presentations that day his podcast stands out as one of my favorite security podcasts for staying up to date in the industry.
Welcome back!!!!!!!

2023/12/13

Smiley_112

It was really great to hear you guys again. I am glad that you have decided to start producing content again. I am looking forward to the next release. The diverse inputs were really wonderful. Since you are meeting in person for December for the Christmas party maybe you could let everyone record their favorite IT security jokes and post them.
I just found this and it’s great!

2019/04/02

MsLaulei

I am saddened and yet thrilled to finish listening to the other podcasts. I just founds this and it’s great!!!! It says FIN but you never know I can always hope! Ms Laulei De La ROsa on FB
Great Info!

2018/05/24

Cyber_Mango

I love this podcast! I’m about to complete my masters in information systems and I am currently working a cyber security internship with the hopes of having a career in infosec. This podcast has provided me with useful info on how to build my infosec skills and obtain the career of my dreams! I highly recommend this podcast to anyone interested in information security. :)

The Exploring Information Security podcast interviews a different professional each week exploring topics, ideas, and disciplines within information security. Prepare to learn, explore, and grow your security mindset.

创作者

Timothy De Block
活跃年份

2015年 - 2025年
单集

100
分级

儿童不宜
节目网站

Exploring Information Security - Exploring Information Security

科技新闻

科技新闻

一日一更
科技

科技

两周一更
科技

科技

一周一更
科技

科技

一月一更
科技新闻

科技新闻

一日一更
科技

科技

一周一更
科技

科技

一周一更

Exploring Information Security - Exploring Information Security

What are BEC attacks?

How to crack passwords

[RERELEASE] How to find vulnerabilites

[RERELEASE] What is data driven security?

[RERELEASE] What is a CISSP?

[RERELEASE] From ShowMeCon 2017: Dave Chronister, Johnny Xmas, April Wright, and Ben Brown talk about Security

How to Perform Incident Response and Forensics on Drones

That Shouldn't Have Worked: A Red Teamer's Confessions

Excellent Cybersecurity Security Podcast

Welcome back!!!!!!!

I just found this and it’s great!

Great Info!

关于

信息

你可能还喜欢

Exploring Information Security - Exploring Information Security

单集

What are BEC attacks?

How to crack passwords

[RERELEASE] How to find vulnerabilites

[RERELEASE] What is data driven security?

[RERELEASE] What is a CISSP?

[RERELEASE] From ShowMeCon 2017: Dave Chronister, Johnny Xmas, April Wright, and Ben Brown talk about Security

How to Perform Incident Response and Forensics on Drones

That Shouldn't Have Worked: A Red Teamer's Confessions

评分及评论

关于

信息

你可能还喜欢