Blog
Search all our posts or browse some of our most recent entries below:
7MS #320: Interview with Lane Roush of Arctic Wolf
Today's episode is brought to you by ITProTV. Visit itpro.tv/7ms and use code 7MS to get a FREE 7-day trial and 30% off a monthly membership for the lifetime of your active subscription.This week I sat down with Lane Roush of Arctic Wolf to discuss the big hairy beast that is...(insert dramatic music here) logging and alerting! I work with a lot of clients (and [...]
7MS #319: Sniper and Firewalls Full of FUD
Today's episode is brought to you by ITProTV. Visit itpro.tv/7ms and use code 7MS to get a FREE 7-day trial and 30% off a monthly membership for the lifetime of your active subscription.In today's episode, I talk about my fun experience using the Sn1per automated pentesting tool. It's really cool! It can scan your network, find vulnerabilities and exploit them - all in one swoop! [...]
7MS #318: Interview with Bjorn Kimminich of OWASP Juice Shop
Today's episode is brought to you by ITProTV. Visit itpro.tv/7ms and use code 7MS to get a FREE 7-day trial and 30% off a monthly membership for the lifetime of your active subscription.This week's show is another interview episode - this time with my pal Bjorn Kimminich of the OWASP Juice Shop.If you've never heard of the Juice Shop before, it's the world's most secure [...]
7MS #317: Interview with Justin McCarthy of StrongDM
Today's interview features Justin McCarthy, CTO and cofounder of StrongDM, which offers both commercial and open source tools (like Comply) to help customers with SOC compliance.Justin schooled me (in a nice way) about a lot of things, including:What SOC and the various SOC types are all aboutWhat SOC compliance costsWhat to look for in selecting a good auditorTools that can help companies make SOC compliance [...]
7MS #316: How to Succeed in Business Without Really Crying – Part 3
In this episode I wanted to give you some cool/fun updates as it relates to 7MS the business! Specifically:A new member of the 7MS team (kinda!)The weird and varied projects I'm working onUpcoming podcast sponsors (probably in July)7MS has a "real" office coming soon to the southern metro of MN (hopefully!)
7MS #315: Creating a Personal DR Plan – Part 2
As a continuation of last week's episode I'm now making a bit of progress in finding a good backup solution that protects USB backups both at rest and when pumped up to the cloud.I mentioned I've been using BackBlaze for backups (not a sponsor), and they allow you to backup USB drives as long as they're connected at least once every 30 days. That's cool. [...]
7MS #314: Creating a Personal DR Plan
You probably create DR plans for your business (or help other companies build them), but have you thought about creating one for yourself? Yeah, I know it's grim to think about "What will my loved ones do to get into my accounts, backups, photos, social media accounts..." but it's probably not a bad idea to prepare for that (spoiler alert: we all die at some [...]
7MS #313: Push-Button Domain Admin Access
IntroAs I was preparing for my Secure 360 talk a month or so ago, I stumbled upon this awesome article which details a method for getting Domain Admin access in just a few minutes - without cracking passwords or doing anything else "loud." The tools you'll need are:PowerShell EmpireDeathStarResponderNtlmrelayxI've written up all the steps in the gist at the end of this post. Enjoy!Pwn-o-magic gist
7MS #312: OFF-TOPIC – Boxing a Cat
IntroIt has been a heck of a week (in a good way), and I'm taking a break from security so you can help me untangle a mystery that's been wrapped around my brain for years. I need you to help me figure out what this dude meant when he said that something was as frustrating "as boxing a cat."P.S. if you hate off-topic episodes no [...]
7MS #311: How to Build a Cuckoo Sandbox
IntroThis week I dove into building a Cuckoo Sandbox for malware analysis. There are certainly a ton of posts and videos out there about it, but this entry called Painless Cuckoo Sandbox Installation caught my eye as a good starting point.This article got me about 80% of the way there, and the last 20% proved to be problematic. I got some additional answers from the [...]
7MS #310: Secure the Radio Commercials
IntroAh, best laid plans rock. I had pre-recorded this episode on Monday (May 14th) so I could have it automatically released on Wednesday (May 16) but uh...I screwed it up. Siiiighhhh... anyway here's this week's episode:Last week I was in the recording studio to record three 7MS commercials aimed at churches. The goal was to educate them on some security topics and close with a [...]