Blog
Search all our posts or browse some of our most recent entries below:
Pecha Kucha and The CryptoLocker Music Video
In 7MS #340 I talked about how much fun I had creating a Pecha Kucha session that was part PSA (about how to not click bad links) and part music video. Check it out:
7MS #340: Forensics 101 Reloaded and The CryptoLocker Music Video
Last week I had the fun privilege of speaking twice at the Minnesota Goverment IT Symposium on the following topics:Forensics 101: This was a "reloaded" talk that I started earlier this year (and covered in episode 299 and 300). At a high level, the talk covered:Hunting malware with SysinternalsCreating system images with FTKImagerDumping memory with Volatility and ripping icky stuff out of memory images with [...]
7MS #339: A Pulse-Pounding Impromptu Physical Pentest
On a recent security assessment I was thrown for a loop and given the opportunity to do a two-part physical pentest/SE exercise - with about 5 minutes notice(!). Yes, it had me pooping my pants, but in retrospect it was an amazing experience. This is the mission I was given:See if you can get the front desk staff to plug in a USB drive - [...]
7MS #338: SIEMple Tests for Your SIEM Solution
Today's episode talks about some SIEMple tests you can run on your SIEM (OMg see what I did there? I took the word simple and made it SIEMple. Genius stuff, right? And there's no extra charge for it!). And if you're just now starting to shop around for a SIEM, this episode also has an extensive questionnaire you can use to put your vendors' feet [...]
7MS #337: Happy Secure Thanksgiving
Happy Thanksgiving! In this episode I:Share some things I'm thankful for - like you!Talk about a fun episode I'm working on that has some SIEMple tests you can use to test your SIEM (omg see what I did there? So clever)Announce the 7MS user's group that will start meeting in the south metro area of Minnesota in January of 2019!Tell you a story about a [...]
7MS #336: How to Succeed in Business Without Really Crying – Part 6
Welcome to part 6 of our miniseries all about the ups, downs, trials and tribulations of being a small, one-person security start up. In this episode I detail out all the software/services I use to run 7 Minute Security, LLC in hopes it might help you run your company as well! I started a new gist to complement this episode, which you can get by [...]
7MS #335: Cool Stuff I Just Learned From Red Teamers
Today I'm excited to brain-dump a bunch of cool stuff I learned at a red team conference called ArcticCon this week. Although this conference observes the Chatham house rule I'm just going to talk about a few things from a general, high level. Specifically, I asked several heavy-hitting red teams these burning questions:When you red team an org, do you usually assume compromise (i.e. plug [...]
7MS #334: IT Security Horrors That Keep You Up at Night
This week I got to celebrate Halloween with my friends at Netwrix by co-hosting a Webinar called IT Security Horrors That Keep You Up at Night. The content was a modified version of the Blue Team on a Budget talk I've been doing the past year or so, and essentially focuses on things organizations can do to better defend their networks without draining their budgets.The [...]
7MS #333: Pentesting Potatoes
This week I was in lovely Boise, Idaho doing some security assessment work. While I was there I got to hang out with Paul Wilch and some of the Project7 crew and picked up a lot of cool tools and tips I share in today's episode:The Badger Infosec group did a cool Rubber Ducky demo.Dan from DDSec did a demo of PlexTrac which is "the [...]
7MS #332: Low Hanging Hacker Fruit
In this episode I'm releasing a new document aimed to help organizations eliminate low hanging hacker fruit from the environment. The document contains (relatively) cheap and (relatively) easy things to implement. And my hope is it can be a living/breathing document that will bulk up over time. Got things to add to this list? Then please comment on the gist below!
7MS #331: How to Become a Packtpub Author – Part 3
It's done! It's done!! It's DONE!!!That's right mom, my PacktPub course called Mastering Kali Linux Network Scanning is done!In today's episode I:Recap the course authoring experienceExplain my super anal retentive editing process that takes 4 hours for every 10 minutes of produced videoAdmit some last minute mistakes that about made me quit the whole projectWith the holidays coming up, this course is a perfect gift [...]