loader from loading.io

28 - STÖK and Hunting Bug Bounties

The InfoSec & OSINT Show

Release Date: 10/08/2020

41 - Chris Hadnagy & Human Hacking show art 41 - Chris Hadnagy & Human Hacking

The InfoSec & OSINT Show

This week Chris Hadnagy joins us to talk about the psychology behind social engineering, choosing effective pretexts, as well as the science behind how we make decisions. My 3 main takeaways were 1) how to identify personality types and communicate effectively using DISC 2) how Oxytocin and Amygdala hijacking influence our behavior and 3) How to get started in a career as a social engineer

info_outline
40 - Fabio Viggiani & Supply Chain Attacks show art 40 - Fabio Viggiani & Supply Chain Attacks

The InfoSec & OSINT Show

This week Fabio Viggiani hangs out to talk about supply chain attacks, ransomware, mapping your software dependencies and assuming breach. My 3 main takeaways were 1) his insights into reverse engineering the SolarWinds Orion malware 2) Up-in-coming trends he sees in ransomware and 3) how he runs incident response investigations

info_outline
39 - Josh Sokol & Managing Risk Simply show art 39 - Josh Sokol & Managing Risk Simply

The InfoSec & OSINT Show

This week Josh Sokol joins the show talk about managing risk with a focus on keeping it simple, turning a free open source project into a business and his suggestions on how to get started in InfoSec. My 3 main takeaways were 1) the three components of risk mitigation 2) the different level of maturity within risk management programs and 3) his process for ensuring his codebase is secure

info_outline
38 - Tyrone Wilson & Breaking Into the Security Industry show art 38 - Tyrone Wilson & Breaking Into the Security Industry

The InfoSec & OSINT Show

This week Tyrone Wilson hangs out to talk about breaking into the security industry, passive OSINT and starting a security business. My 3 main takeaways were 1) how to use free tools to gain experience before joining a SOC 2) how he used OSINT to find his biological father and 3) how to maintain your privacy when using exercise apps.

info_outline
37 - Jenny Radcliffe & People Hacking show art 37 - Jenny Radcliffe & People Hacking

The InfoSec & OSINT Show

This week Jenny Radcliffe joins to the show to talk about social engineering. My 3 main takeaways were 1) which influence factors are most useful in specific situations like in person social engineering vs phishing emails 2) reading micro-expressions in context and understanding their limitations and 3) how to protect yourself against social engineering attacks.

info_outline
36 - Tracy Maleeff & Empathy Based InfoSec show art 36 - Tracy Maleeff & Empathy Based InfoSec

The InfoSec & OSINT Show

This week Tracy Maleeff hangs out to talk about using empathy to improve your InfoSec investigations. My 3 main takeaways were 1) how to collaborate OSINT findings before drawing a conclusion 2) how to communicate technical issues to a non-technical audience and 3) some tactical tips on using empathy to discover new information.

info_outline
35 - Ed Bellis & Risk Based Vulnerability Management show art 35 - Ed Bellis & Risk Based Vulnerability Management

The InfoSec & OSINT Show

This week Ed Bellis joins the show to talk about risk based vulnerability management. My 3 main takeaways were 1) which factors you should take into consideration when prioritizing vulnerability remediation 2) the effects that public exploit code has on remediation efforts 3) how organizations can improve their threat prioritization by using their own threat intel in their risk assessments

info_outline
34 - John Strand & Moving Beyond 0-Days show art 34 - John Strand & Moving Beyond 0-Days

The InfoSec & OSINT Show

This week John Strand joins the show to talk about pen testing in the age of Corona, bypassing multi-factor authentication, dealing with ransomware and starting a security business. My 3 main takeaways were 1) why 0-days don't matter 2) how to bypass identity services like Okta and 3) the one guiding rule for creating a security business

info_outline
33 - Tanya Janca & Coding Securely show art 33 - Tanya Janca & Coding Securely

The InfoSec & OSINT Show

This week Tanya Janca hangs out to talk about secure coding, supply chain security and her new book 'Alice and Bob Learn Application Security'. My 3 main takeaways were 1) how to choose the right language to develop in when starting a project 2) why we should get rid of as many different JavaScript frameworks as possible within our code base and 3) what drives someone to write a computer security book

info_outline
32 - Or Katz & Phishing Evasion Techniques show art 32 - Or Katz & Phishing Evasion Techniques

The InfoSec & OSINT Show

This week Or Katz joins us to shares his research into novel phishing evasion techniques seen in the wild. My 3 main takeaways were 1) What the most popular methods to propagate phishing attacks are 2) what signals can help determine if complicated code is malicious or not and 3) How to handle potentially malicious users when we don’t have enough information to understand their true intentions

info_outline
 
More Episodes

This week STÖK joins us to talk about how he approaches bug bounties. My 3 main takeaways were why you should specialize in a couple of specific bug types. Why you should constantly scan a multitude of bounty programs and why you should hack with a team.

For more information, including the show notes check out https://breachsense.io/podcast