Blog
Search all our posts or browse some of our most recent entries below:
7MS #464: Interview with Christopher Fielder of Arctic Wolf
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.Today our friend Christopher Fielder of Arctic Wolf joins us on the show again (check out his first appearance in episode #444 - this time to talk about the security journey, [...]
7MS #463: DIY Pentest Dropbox Tips – Part 5
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!In the last two episodes of this series (#449 and #450) we've been diving into how to not only speed up the process of spinning up a DIY pentest dropbox, but how [...]
7MS #462: Pentesting with the Hak5 Key Croc
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!Today we talk through our first engagement using Hak5 Key Croc to steal and exfil data. In the past, my internal monologue when a new Hak5 toy is released sounds like this:"I [...]
7MS #461: Tales of Internal Network Pentest Pwnage – Part 26
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!OK I probably say this every time, but I'm gonna say it again: this tale of pwnage is my one of my favs - and not because of the tools/tradecraft, but because [...]
7MS #460: Why I’m Throwing My UniFi Gear Into the Ocean
Hey friends! Warning: this is not a "typical" 7MS episode where we try hard to deliver some level of security value.Instead, today is a big, fat, crybaby, first-world problems whine-fest about how I used to love my UniFi gear for many years, but then a few weeks ago I hit unhealthy levels of rage while working with it...and subsequently completely ripped it all out of [...]
7MS #459: Cyber News – Microsoft Exchange Makes the World Cry Edition
This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself and get a free t-shirt at http://datadog.com/7ms.Happy mid-March! Our good pal Gh0sthax joins us today for another hot dish of cyber news! Stories include:Microsoft Exchange cyber [...]
7MS #458: Interview with Tanya Janca
Today we're super excited to share a featured interview with Tanya Janca of WeHackPurple!Tanya has been in software development from the moment she was of legal age to work in Canada - beginning by working with some huge companies (Nokia/Adobe) before falling in love with application security and eventually starting a company of her own. Gh0sthax and I sat down with Tanya over Zoom to [...]
7MS #457: Tales of Internal Network Pentest Pwnage – Part 25
This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself and get a free t-shirt at http://datadog.com/7msHi! This episode of pentest pwnage is a fun one because it was built for speeeeeeeeeeeeeeeed. Here's some of the [...]
7MS #456: Certified Red Team Professional – Part 4
This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself and get a free t-shirt at http://datadog.com/7msHello friends! Today, Joe (Gh0sthax) and I complete our series on CRTP - Certified Red Team Professional - a really [...]
7MS #455: Tales of Internal Network Pentest Pwnage – Part 24
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!Hey everybody! Sorry that we're late again with today's episode, but I got COVID shot #2 and it kicked my behind BIG TIME today. But I'm vertical today and back amongst the [...]
7MS #454: Cyber News – Lets Switch to Typewriters Edition
This episode of 7 Minute Security is sponsored by Datadog. Accelerate security investigations and break down silos between developers, security, and operations teams by correlating your threats, metrics, traces, and logs all in one place. Try it for yourself and get a free t-shirt at http://datadog.com/7msHappy almost-mid-February! Today Gh0sthax cooked up some great news stories for us to chew on, including:Sudo bug gives root access [...]