Things have gotten wild at work lately. The #S2Roadshow is in full swing, Brad’s been VERY busy, and business is good. John Harmon and I are four weeks into the SecurityStudio Roadshow (#S2Roadshow). Last week he was at BSides in Virginia and I was at the San Diego ISSA chapter. I’ll write the week four recap on my blog (here) soon.
Brad’s on the East coast this weekend and won’t make it back until Tuesday morning.
All of this means that we’re going to be a day late recording this episode of the UNSECURITY Podcast. We’ve got a great show planned though! Special guest, Eric Hanson (FRSecure’s Penetration Testing Lead) will join us from Reno, NV.
Brad’s show this week, and these are his notes.
SHOW NOTES – Episode 51
Date: Tuesday, October 29th, 2019
Show Topics:
Our topics this week:
- Quick Catch-up/Roadshow Week #4
- Penetration Testing Discussion
- Introduction to Pentesting
- Common Questions
- FRSecure’s Penetration Testing Team
- Other Stuff
- Industry News
Opening
[Brad] – Hi everybody, and welcome to another episode of the UNSECURITY Podcast! This is episode 51, and I’m Brad Nigh, your host. Joining me today is my good friend, Evan Francen. Good Morning Evan.
[Evan] Evan has been traveling a lot, I’m hoping he’s functional.
[Brad] Joining us as a special guest this week is FRSecure’s Lead Pentester, Eric Hanson. Welcome Eric!
[Eric] Says “hi”. Eric is one of the nicest guys you’ll meet.
[Brad] We’re very excited to talk to Eric, but before we dive head first into pentesting stuff, let’s catch up real quick. We’ve all been very busy. Evan, you just wrapped up week four of the SecurityStudio Roadshow, how’d it go?
[Evan] Some things. Evan’s been meeting some awesome people all over the country. Let’s get some #truth.
[Brad] Good stuff. We’ve been doing a lot of preaching lately! I just got back from speaking myself… (tell about it). OK, back to Eric now. Eric, do you do any speaking?
[Eric] Tells it like it is.
[Brad] One member of your team, “Ben” has been doing some awesome research and will be speaking again soon. I think he’s speaking at a big ISACA conference in Chicago. Let’s talk about that and let’s talk about this whole pentesting “thing”.
I’d like to spend most of the show talking about this.
Penetration Testing Discussion
- Introduction to Pentesting
- Common Questions
- FRSecure’s Penetration Testing Team
- Other Stuff
[Brad] Great discussion. Hopefully we covered some of the common questions and misconceptions people have about penetration testing. Penetration testing is serious business, and we’re VERY grateful to have such a highly-skilled team like we do here at FRSecure.
Let’s dig into some news stories before we close this episode out.
News
[Brad] We’ve got four news stories to discuss this week:
- Avast, NordVPN Breaches Tied to Phantom User Accounts – https://krebsonsecurity.com/2019/10/avast-nordvpn-breaches-tied-to-phantom-user-accounts/
- Senators Urge AWS Investigation After Capital One Breach – https://www.infosecurity-magazine.com/news/senators-urge-aws-investigation/
- New MedusaLocker ransomware looks to make a monster profit – https://www.scmagazine.com/home/security-news/ransomware/new-medusalocker-ransomware-looks-to-make-a-monster-profit/
- Raccoon Malware Scavenges 100,000+ Devices to Steal Data – https://threatpost.com/raccoon-malware-steal-data/149525/
Closing
[Brad] There you go, episode 51 is a wrap! Like many of you listening, we’ve got another busy week ahead.
Special thanks to Eric for joining us this week.
Thank you to our loyal listeners! Thank you for your tips and feedback. Send us your wisdom, questions, advice, whatever, by email to unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. Also, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more goodies!
That’s it! Talk to you all again next week!