UNSECURITY Episode 138 Show Notes

Hope you had a wonderful Independence Day (July 4th)! We’ve gone through a lot together in this country, and I love this place we call home. Lots to do in making the USA better, but this will always be the case. This is the best country in the world, and I’m grateful!

In case you missed it, two big events last week; the Kaseya ransomware attack and Microsoft’s PrintNightmare.

Kaseya Ransomware

So, you might have heard. On Friday (going into July 4th weekend), computers around the world (not all of them, but maybe ~1,000,000 of them) started to lock up. The announcement came around midday that Kaseya’s VSA servers were being used to distribute ransomware, primarily to MSP customers. My first thought was “Oh shit! We might have another SolarWinds.” Thank God, this wasn’t the case.

Facts started to come in, and it became evident that this was an attack directed at VSA servers hosted by MSPs. Some MSPs (about 2,200 of them) installed their VSA servers so that they were accessible from the Internet. I’m not a VSA expert, but this high number implies this as standard practice. A zero day vulnerability (and exploit) was discovered by the REvil ransomware gang (or an affiliate) and was used to infect clients.

Kaseya already knew about the vulnerability thanks to the good work by Wietse Boonstra and his compatriots at NIVD. The vulnerability was reported to Kaseya and the two groups were working on a patch at the time of the ransomware attack. The end result was somewhere between 60-70 MSPs affected and somewhere between 1,200-1,500 companies infected. Kaseya did a good job responding, and so did many MSPs. Lessons learned are TBD after the dust settles.

Links referenced in today’s show are below.

Microsoft PrintNightmare

If it hadn’t been for Kaseya, this would have been top news. In terms of scope, this is much bigger, affecting many millions of servers (and companies). In terms of potential impact, this also exceeds the Kaseya attack. News broke on June 30th about an impressive and potentially very damaging vulnerability in the Microsoft Print Spooler service. On July 1st, Microsoft released additional information about the vulnerability and offered (un)helpful guidance.

There is an exploit in the wild for this vulnerability that allows complete control over a server (and Active Directory).

We’ll talk a little about this too. Links referenced in today’s show are also below.

 

OK. Show notes for episode 138…


SHOW NOTES – Episode 138 – Tuesday July 6th, 2021

Opening

[Evan] Welcome listeners! It’s good to have you join us. Thanks for tuning into this episode of the UNSECURITY Podcast. This is episode 138, and the date is July 6th, 2021. Joining me is my good friend, Mr. Brad Nigh. Good Morning Brad!

[Evan] Hope you had a wonderful 4th of July. Many people had the day off yesterday, but some people were fighting the fire caused by ransomware deployed through Kaseya’s VSA servers. This is where we’ll start.

Kaseya Ransomware Attack

Here’s a list of links/articles we’re explore in this episode:

All in all, this attack could have been MUCH worse than it was. Incident responders did a great job and communicated well. More to come in time…

Microsoft PrintNightmare

This one is a doozy. Here are the three links/articles we’ll reference in this episode:

Last week’s show was all about Microsoft security debacles, and now this. A patch is not available yet and many IT teams are scrambling right now. I’m become less and less of a Microsoft fan with each passing day.

That’s it for today’s show. Lots of work to do!

Wrapping Up – Shout Outs

Who’s getting shout outs this week?

Thank you to all our listeners! Thank you Brad for a great conversation! If you have something you’d like to tell us, feel free to email the show at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh.

Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure.

That’s it. Talk to you all again next week!

…and we’re done.

UNSECURITY Episode 137 Show Notes

It’s been a few weeks since I posted show notes, and even then, I’m late!

If you working in the information security industry, you’re probably extremely busy. My busyness is what’s kept me from updating show notes and things.

Episode 137 was a fun one. Brad was back and we talked about all Microsoft’s recent blunders/issues.

John McAfee

Before we get into it, I want to take a moment to remember John McAfee. On June 23, he was found unresponsive in his jail cell at the Brians 2 Penitentiary Center near Barcelona, Spain. Sadly, he passed away at the age of 75 after an apparent suicide by hanging. He had just lost his hearing for extradition to the United States.

John McAfee was a very interesting guy, and some might say he was nuts and a crook. While that might be true (I don’t have evidence to say either way), I remember him before the mid-2000s, when he was an icon in our industry. The guy was smart as hell!

  • 1968 – 1970, programmer for NASA working on the Apollo Program
  • Software designed for Univac
  • Operating system architect for Xerox
  • Software consultant for Computer Sciences Corporation
  • Consultant for Booz Allen Hamilton
  • Software engineer for Lockheed (where he first learned about computer viruses and came up with the idea to remove them programmatically)
  • 1987, founded McAfee Associates Inc which sold the world’s first anti-virus software
  • 1990, sold millions of copies of McAfee anti-virus software leading to John’s $5M/year salary
  • 1992, McAfee’s initial public offering (IPO)
  • August 1993, steps down as CEO.
  • 1994, sold all his remaining stake in McAfee Associates Inc.

In January 2014, after Intel (who’d acquired McAfee in August 2010) announced that McAfee products would be marketed as “Intel Security”:

I am now everlastingly grateful to Intel for freeing me from this terrible association with the worst software on the planet.” – John McAfee

Soon afterwards, the business was de-merged from Intel and re-acquired the McAfee name.

John McAfee was all over the place after divesting from the company with his name. He invested in many ventures, travelled, dabbled in politics (two U.S. presidential candidacies), was a person of interest in a Belize homicide investigation, charged with tax evasion, posted hundreds of public remarks and videos on social media, before it all eventually ended on June 23rd. He was a very interesting person who was influential in our industry.

I will miss him.

OK, now the show notes. Here’s the notes (with relevant links). Episode 137…


SHOW NOTES – Episode 137 – Tuesday June 29th, 2021

Opening

[Evan] Welcome listeners! It’s good to have you join us. Thanks for tuning into this episode of the UNSECURITY Podcast. This is episode 137, and the date is June 29th, 2021. Joining me is my good friend, Mr. Brad Nigh. Good Morning Brad!

[Evan] Welcome back sir. Happy that you’re back in the saddle again. Microsoft was front and center in the information security news this week. Let’s dissect some of this.

Microsoft in the (Information Security) News

Here’s a list of articles that we talk about in this episode:

Obviously, Microsoft has its hands full. Don’t we all? One issue with Microsoft is how much control they have over our industry and how much data they hold. Significant information security events at Microsoft have a significant impact for millions of organizations.

Just one other news article of interest this week: One billion dollars lost by over-60s through online fraud in 2020, says FBI – https://hotforsecurity.bitdefender.com/blog/one-billion-dollars-lost-by-over-60s-through-online-fraud-in-2020-says-fbi-26049.html

That’s a lot to unpack! Hopefully you caught all that.

Wrapping Up – Shout Outs

Who’s getting shout outs this week?

Thank you to all our listeners! Thank you Brad for a great conversation! If you have something you’d like to tell us, feel free to email the show at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh.

Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure.

That’s it. Talk to you all again next week!

…and we’re done.

UNSECURITY Episode 134 Show Notes

Alright, welcome back! We had a great run of guests over the past 7 or 8 weeks, and now it’s back to Brad and I for a bit.

If you missed any of the guest episode, here’s a recap:

Memorial Day

Monday, May 31st was Memorial Day. It’s a day of remembrance and gratitude. Here’s the text from one of my Twitter posts:

  • A small table set for one, symbolizing the isolation of our absent service member.
  • The table is round to represent the everlasting concern the survivors have for the missing.
  • The white tablecloth symbolizes the pure motives of our lost service members who responded to our country’s call to arms.
  • A single rose in the vase represents the blood our service members have shed in sacrifice to ensure the freedom of the United States of America.
  • The rose also represents family and friends who keep the faith while awaiting the return of the missing service members.
  • The red ribbon represents our service members’ love of country that inspired them to serve our country.
  • A slice of lemon on the bread plate represents the bitter fate of the missing.
  • Salt sprinkled on the bread plate represents the tears shed by waiting families.
  • The inverted glass represents the fact that the missing and fallen cannot partake.
  • A Bible represents the spiritual strength and faith to sustain the lost.
  • A lit candle symbolizes a light of hope that lives in hearts to illuminate the missing’s way home.
  • An empty chair represents the absence of our beloved missing and fallen. service members.

We are grateful for all our men and women who serve in uniform and we hold those who sacrificed all in the highest esteem.

The Show Must Go On

Visiting with our guests the past couple months has been a lot of fun and we hope it’s been educational and entertaining for our listeners. We hope listeners enjoyed listening as much as we enjoyed hosting!

This week (episode 134), Brad and I are going to take a look at some of the recent news. Lord knows, there’s plenty to cover!

Let’s get to the episode 134 show notes, shall we?


SHOW NOTES – Episode 134 – Wednesday June 2nd, 2021

Opening

[Evan] Welcome listeners! Thanks for tuning into this episode of the UNSECURITY Podcast. This is episode 134, and the date is June 2nd, 2021. Joining me is my good friend, Mr. Brad Nigh. Good Morning Brad!

[Evan] Welcome back from Memorial Day weekend. It was a beautiful weekend to pay our respects.

What’s going on in the world of “cybersecurity”?

Today, we’re going to change things up a little. There’s so much going on in the world around us, I thought it would be good for us to focus on six news articles and discuss them. Here they are:

That’s a lot to unpack! Hopefully you caught all that.

Wrapping Up – Shout Outs

Who’s getting shout outs this week?

Thank you to all our listeners! Thank you Brad for a great conversation! If you have something you’d like to tell us, feel free to email the show at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh.

Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure.

That’s it. Talk to you all again next week!

…and we’re done.

UNSECURITY Episode 131 Show Notes

Apologies for not posting something about last week’s show, episode 130. We were honored and pleased to welcome John Strand from Black Hills Information Security as our guest. John, Brad and talked openly about John’s path through information security, what Black Hills is working on, the different pockets of security people, why it’s important to work together as information security vendors to improve the community, and John’s latest Pay What You Can (PWYC) Series.

It was a GREAT talk and we’re VERY grateful that John stopped by. Check out episode 130 here; https://podcasts.apple.com/us/podcast/unsecurity-episode-130-john-strand-black-hills-information/id1442520920?i=1000520139261

Episode 131

Pumped about this week’s show!

My good friend, Security Shit Show co-host, hacker extraordinaire, and all around great guy Chris Roberts is stopping in for a chat.

Special Guest – Chris Roberts

Chris and I (Evan) were introduced to each other by our mutual friend Tony Cole maybe three years ago, but we didn’t get to know each other well until the last 13, 14 months. We’re both REALLY busy guys, so our circles just didn’t cross much. In the past year, we’ve gotten to know each other quite well which is no surprise seeing that we spend more than two hours together each week on the Security Shit Show with Ryan Cloutier (another great guy).

Things about Chris:

From his LinkedIn Profile:

  • Currently the Chief Security Strategist for Cynet Security (among many other things)
  • Currently an Executive Committee Member at the CyberEdBoard Community
  • Currently an Advisor, Researcher, Hacker, Etc. at HillBilly Hit Squad
  • Currently co-host of The Security Shit Show
  • Former Chief Security Strategist at Attivo Networks, Inc.
  • Former Chief of Adversarial Research and Engineering at LARES Consulting
  • Former Chief Security Architect at Acalvio Technologies
  • Former Senior Consultant at Sentinel Global LLC
  • Founder of One World Labs
  • Former Managing Director Electronic Intelligence/Principal Investigator at Cyopsis, LLC
  • Former President/CEO at CCi5, Inc.
  • Former Director of Coalfire Labs at Coalfire Systems, Inc.
  • and on and on…

Chris has been all over the world and all over the United States doing crazy cool hacker stuff at every stop.

He is truly on of my favorite people on the planet to talk to! Always a good time.

Other Guests – Past, Present, and Future

Lots of GREAT conversations with lots of GREAT information security folks!


SHOW NOTES – Episode 131 – Tuesday May 11th, 2021

Opening

[Evan] Welcome listeners! Thanks for tuning into this episode of the UNSECURITY Podcast. This is episode 131, and the date is May 11th, 2021. Joining me is my good friend, infosec buddy and partner in crime.

Also joining the UNSECURITY Podcast is our special guest, Mr. Chris Roberts! Welcome my friend. It’s an honor to have you on our show!

Introducing Chris Roberts

  • Let’s start with trying to figure out how Chris first got into the information security industry.
  • Next, we’ll see how far we can get down his career path before 1) we start chasing squirrels (we’re both ADD) or 2) we run out of time (because there’s A LOT there).
  • The Colonial Pipeline Attack and global security tensions/consequences.
  • Current projects.
  • Current events.

We’ll see if we get to his plane hacking antics too, but I’m not sure we’ll have the time.

News

We’ll probably skip news in this show. Guessing that Brad, Ron, and myself will have no problem filling the entire show with good discussion.

Wrapping Up – Shout Outs

Who’s getting shout outs this week?

Thank you to all our listeners! HUGE thank you to Chris for joining us. If you have something you’d like to tell us, feel free to email the show at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh.

Chris is easy to find, but can be reached on LinkedIn and Twitter (@Sidragon1).

Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure.

That’s it. Talk to you all again next week!

…and we’re done.

UNSECURITY Episode 128 Show Notes

Oh boy. Chalk last week up as “the lost week”.

I live in a suburb of Minneapolis, Minnesota (MN). The same Minneapolis, MN where George Floyd died last May, sparking civil unrest around the world. The same Minneapolis, MN where the eyes of the world are anxiously awaiting the verdict in the trial of former police officer Derek Chauvin, charged with second-degree murder in George Floyd’s death. The same Minneapolis, MN where Daunte Wright lost his life on April 11th, at the hands of 26-year veteran police officer Kimberly Ann Potter.

Minneapolis seems like ground zero for crazy.

Me being me, I don’t like when things don’t make sense. Despite knowing it’s best to let some things go, I decided to embark on a journey of self reflection and sense-making.

The result?

I learned how I process things. I learned I love people. I learned I’m not crazy. I learned we have significant problems facing our society, and not enough people willing to solve them. Even worse, the leaders we elect to solve problems, selfishly use problems to score popularity points and ignorant votes. If our leaders wanted to solve problems, they would. Simple as that.

More to come, but we have a podcast to do!

Special Guest – Roger Grimes

In this episode of the UNSECURITY Podcast, we’re joined by a good friend, a bona fide information security authority, renowned author (of 12 books), and all around awesome human being, Roger Grimes. This is a man I respect deeply and hold in very high esteem. We are information security kindred spirits in a way, and we’re honored to welcome him on our show!

Things about Roger:

  • LinkedIn Profile – https://www.linkedin.com/in/rogeragrimes/
  • Information technology and/or information security expert since the mid-late 1980s
  • Written more than 1,200 national magazine articles on information security and was the weekly computer security columnist for InfoWorld/CSO magazines from 2005 to 2019
  • His “goal in life is to get more people and companies to use data and the scientific method to improve their computer security.” He goes on to state, “If I leave this world without having made the Internet a safer place for all people to compute, I have failed.See, my kind of guy!
  • Spent more than 11 years as Microsoft’s Principal Security Architect.
  • Written 12 books (and working on two now), including:
    • Hacking Multifactor Authentication
    • Cryptography Apocalypse
    • A Data-Driven Computer Defense
    • Hacking the Hacker
    • Malicious Mobile Code
    • And more…

Seriously dig this guy, and pumped that he’s joining us this week!

Other Guests Coming

Roger is our first special guest in a series of special guests. We might keep hosting special guests indefinitely. Here’s what’s coming soon:

  • Episode 129 Special Guest – Ron Woerner
    • I met Ron through my good friend Ryan Cloutier, and I’m very grateful for it.
    • Ron has a laundry list of accolades. He’s the CEO and President of Cyber-AAA, Professor of CyberSecurity Studies at Bellevue University, featured speaker at the RSA conference for more than 12 years, and much more.
  • Episode 130 Special Guest – John Strand
    • Believe it or not, I have never met John in person. Despite running in some of the same circles for many years, this will be the first time I meet him.
    • John also has a laundry list of accomplishments. He’s the Founder and Owner of Black Hills Information Security, Senior Instructor with the SANS Institute, teaches SEC504: Hacker Techniques, Exploits, and Incident Handling; SEC560: Network Penetration Testing and Ethical Hacking; SEC580: Metasploit Kung Fu for Enterprise Pen Testing; and SEC464: Hacker Detection for System Administrators. John is the course author for SEC464: Hacker Detection for System Administrators and the co-author for SEC580: Metasploit Kung Fu for Enterprise Pen Testing. He’s also presented at the FBI, NASA, NSA, DefCon, and lots of other places.

We’re finalizing details with guests for episode 131 and 132 too. Lots of GREAT conversations to come!

Let’s get right to it, show notes for episode 128 of the UNSECURITY Podcast…


SHOW NOTES – Episode 128 – Tuesday April 20th, 2021

Recorded Friday April 16th, 2021

Opening

[Evan] Welcome listeners! Thanks for tuning into this episode of the UNSECURITY Podcast. This is episode 128, and the date is April 20th, 2021. Joining me is my good friend, great guy, and infosec expert Brad Nigh. Welcome Brad!

Also joining the UNSECURITY Podcast is our special guest, Mr. Roger Grimes! Welcome Roger. It’s an honor to have you on our show!

Introducing Roger Grimes

Some of our listeners may not know Roger. That’s about to change! He has a fascinating information security mind, and we’re all sure to learn some things.

  • Open Discussion.
  • Top of mind things.
  • Current projects.
  • Current events.

Roger and I first met through a friend, Steve Marsden, a few years ago. Almost immediately it became clear that we see information security the same way. Soon after our first conversation, I flew out to see Roger give his talk at the RSA conference and have lunch with him and his wife. It confirmed that he is the “real deal” and I flew on to my next destination immediately after lunch. Since then, we’ve kept in touch, and he even served on SecurityStudio’s board of directors for a time.

This will be a fun conversation, guaranteed!

News

We’ll probably skip news in this show. Guessing that Brad, Roger, and myself will have no problem filling the entire show with good discussion.

Wrapping Up – Shout Outs

Who’s getting shout outs this week?

Closing – Thank you to all our listeners! HUGE thank you to Roger for joining us. If you have something you’d like to tell us, feel free to email the show at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen, and Brad’s @BradNigh. Roger, where would you like people to connect with you? (his Twitter handle is @rogeragrimes). Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure. That’s it. Talk to you all again next week!

…and we’re done.

UNSECURITY Episode 120 Show Notes

Hey there. It’s time for another episode of the UNSECURITY Podcast, and we’ve got a special guest joining us this week!

Too many things going on to mention right now. Cool things going on at FRSecure and SecurityStudio, but I haven’t really had the time to process it all yet. In my last meeting of the day (2/22), a friend asked me how my day went. I couldn’t answer. Things went from this to that so fast, I never took a second to think about how my day was. Weird. Have you ever had this happen to you?

Well, let’s get to what we came here for…

The notes for episode 120 of the UNSECURITY Podcast.


SHOW NOTES – Episode 120 – Tuesday February 23rd, 2021

Opening

[Brad] Good morning and welcome to another episode of the UNSECURITY Podcast! This is episode 120, and the date is February 23rd, 2021. I’m your host Brad Nigh. Joining me is the my good friend and co-host Evan Francen. Hey Evan. How you doing?

Quick Catching Up

  • Welcome our special guest, Tony Alsleben.
    • Tony is the CISO for CentraCare.
    • CentraCare is a large integrated health system here in Minnesota.
    • Six hospitals, seven senior care facilities, 18 clinics, four pharmacies, and lots of specialty care services.
  • Cold snap has broken here in MN. Yay!
  • What’s new at FRSecure and SecurityStudio?

The Meat

News

Wrapping Up – Shout Outs

  • Thanks again for joining us Tony!
  • Who’s getting shout outs this week?
  • Closing – Thank you to all our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @BradNigh and Evan’s @evanfrancen. Other Twitter handles where you can find some of the stuff we do, UNSECURITY is @unsecurityP, SecurityStudio is @studiosecurity, and FRSecure is @FRSecure. That’s it. Talk to you all again next week!

…and we’re done.

UNSECURITY Episode 119 Show Notes

OK, we’re back to writing UNSECURITY Podcast show notes. We took eight weeks off from writing show notes because it was a little tedious and we weren’t sure if anyone cared that much anyway. Turns out people care about the show notes, read them, and they want them back!

To make things less tedious and more valuable, we’ll only tell you the topics we plan to talk about. We won’t do the verbatim stuff anymore. If you like the new show notes, let us know (unsecurity@protonmail.com). If you’d like something different, let us know that too!

On to the notes for episode 119 of the UNSECURITY Podcast…


SHOW NOTES – Episode 119 – Wednesday February 17th, 2021

Opening

[Evan] Good morning and welcome to another episode of the UNSECURITY Podcast! This is episode 119, and the date is February 17th, 2021. I’m your host Evan Francen, and joining me is the right side of my brain, Brad Nigh. Good morning Brad.

Quick Catching Up

  • It’s flippin’ cold in MN (and other parts of the country)
  • We need another vacation.

The Meat

News

Wrapping Up – Shout Outs

  • Who’s getting shout outs this week?
  • Closing – Thank you to all our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh. Be sure to follow the places we work and do cool things, SecurityStudio (@studiosecurity) and FRSecure (@FRSecure). That’s it. Talk to you all again next week!

…and we’re done.

Episode 106 Show Notes – Infosec @ Home

Hey there, it’s time for episode 106 of the UNSECURITY Podcast!

Short introduction today. Too much going on to get too wordy for now.

We’ll just jump right in to the show notes, if you don’t mind. This is Evan, I’m leading the discussion today, and these are my notes…


SHOW NOTES – Episode 106

Date: Tuesday November 17th, 2020

Episode 106 Topics

  • Opening
  • Catching Up
  •  Information Security @ Home
    • So, what’s the big deal?
    • Taking inventory (what do you got?)
    • What do we (Brad and I) do?
    • S2Me – Today and a sneak peek in v3
  • News
  • Wrapping Up – Shout outs
Opening

[Evan] Hey there! Thank you for tuning in to this episode the UNSECURITY Podcast. This is episode 106, the date is November 17th 2020, and I’m your host, Evan Francen. Joining me as usual is my good friend and co-worker, Brad Nigh. Good morning Mr. Nigh.

[Brad] Cue Brad.

[Evan] Man, I haven’t talked to you since last week on the podcast. What’s up, what’s new?

[Brad] Cue Brad.

Quick Catchup

It’s 4th quarter, so I’m guessing we’re both running pretty low on fuel. Personally, I have a cruddy attitude this morning, so this’ll be fun.

Topics:

  • Brad’s stuff. What’s he been up to, what’s he working on, and what’s a day in the life of Brad look like?
  • Great talk with Oscar Minks (last week’s guest) yesterday morning; U.S. incident response capabilities, cyberinsurance brokenness, etc.
  • Security Sh*t Show – what’s new here.
  • The book (UNSECURITY) is now in the Cybersecurity Cannon!
  • Maybe another thing or two.

Transition

Information Security @ Home

[Evan] So, this weekend, I figured I go grab another Raspberry Pi to play with. I want to build a plug and play home information security device. First thing, figure out how to compile a good inventory of everything on my home network.

This is where the story begins…

Topics:

  • So, what’s the big deal?
  • Taking inventory (what do you got?)
  • What do we (Brad and I) do?
  • Tools, devices, etc. that could help
  • S2Me – Today and a sneak peek in v3

Begin Discussion

[Evan] Great discussion. Here are some news stories.

News

[Evan] Always plenty of interesting things going on in our industry. Here’s a few stories that caught my attention recently:

Wrapping Up – Shout outs

[Evan] That’s it for episode 106. Thank you Brad! Who you got a shoutout for today?

[Brad] We’ll see…

[Evan] Thank you to all our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!

UNSECURITY Podcast – Ep 105 Show Notes – Honest IR

Alright, the U.S. election season is over. Now we can all focus again, right?

Maybe, maybe not.

Before we get too far, I want to call your attention to an article I wrote last week titled “Good People Didn’t Vote For Your Guy“. Healing and unity are long overdue in our country. I’m hoping we will find our way back to being countrymen/women working together for our common good. I’m also hoping that our elected officials don’t steal this opportunity for thier own selfish gain.

OK, now back to work…

Last week on the UNSECURITY Podcast, episode 104, we talked with a good friend Richie Breathe about the security industry’s perceived stigma against healthy stuff. It was a great episode and a real pleasure spending time with such a cool guy. If you missed the episode, go give it a listen.

Also last week, Ryan Cloutier, Chris Roberts, and myself had a GREAT time chatting on the Security Shit Show. Our topic was “Seven Ways Security Can Improve Your Sex Life“. Chris found a “Fitbit for your man bits” online, and the conversation went on from there. Lots of fun!

Plenty of businessy stuff went on last week as well, including a half dozen (or so) partnership discussions with some great organizations. Things continue to hum along, so watch for announcements from FRSecure and SecurityStudio in the coming weeks.

On to the show!

Episode 105 Topic and Special Guest

FRSecure’s Director of Technical Solutions and Services, Oscar Minks is joining us on the show again this week. For those who don’t know Oscar, he’s the awesome leader of FRSecure’s Team Ambush and an all around incredible guy. We’ll ask him to tell us who Team Ambush is on the show, but these are essentially the people who do all (or at least most) things technical at FRSecure, including penetration testing, red/blue/purple teaming, incident response, CTF competitions, exploit development and training, etc. Seriously an INCREDIBLE team!

We’ve got Oscar on this week to talk primarily about what TO DO, and what NOT TO DO during an incident response. In the last few months, we’ve seen a significant increase in the number of reported incidents, and we’ve seen too many people make mistakes. Don’t get us wrong, there are people who do things right, but sadly this is too rare.

Should a great talk!

Let’s get on to the notes…

Brad’s leading the discussion today, and these are his notes.


SHOW NOTES – Episode 105

Date: Tuesday November 10th, 2020

Episode 105 Topics

  • Opening
  • Catching Up
    • What’s new?
    • How 4th quarter got you going? 😉
  •  Special Guest Oscar Minks – What TO DO, and what NOT TO DO during an incident response
    • First, tell us about “Team Ambush”
    • Recent Incidents/Stories
    • Top things to do
    • Top things NOT to do (examples)
    • What’s next for Team Ambush?
  • News
  • Wrapping Up – Shout outs
Opening

[Brad] Welcome back! This is episode 105 of the UNSECURITY Podcast, and I’m your host this week, Brad Nigh. Today is November 10th, and joining me this morning as usual is Evan Francen.

[Evan] Talks about mindfulness after the last three shows…

[Brad] We have Oscar Minks with us today. Good morning Oscar.

[Oscar] Says a few things in his sweet southern drawl…

[Brad] As is tradition, let’s catch up with what happened over the last week.

[Evan] The weather was really nice this weekend, so I think Evan got in a good ride (or two).

Quick Catchup

Brad, Evan, and Oscar do a little friendly catching up…

NOTE: We know this isn’t specifically security-related, but security folks gotta have a life too, right?

Transition

Special Guest Oscar Minks – What TO DO, and what NOT TO DO during an incident response

[Brad] Okay so it’s no surprise that IR work is keeping us busy, the report from DHS and Secret Service around healthcare is proof of that. I thought it would be a good discussion today to talk about what are some do’s and don’ts when working with an IR firm, which is why Oscar is joining us this morning.

Open discussion points:

  • Tell us about “Team Ambush”
  • Recent Incidents/Stories
  • Top things to do
  • Top things NOT to do (examples)
  • What’s next for Team Ambush?

Begin Discussion

[Brad] Great discussion. Here are some news stories.

News

[Brad] Always plenty of interesting things going on in our industry. Here’s a few stories that caught my attention recently:

Wrapping Up – Shout outs

[Brad] That’s it for episode 105. Thank you Evan and Oscar, do you have any shout outs this week?

[Evan] We’ll see…

[Oscar] We’ll see…

[Brad] Thank you to all our listeners! Send things to us by email at unsecurity@protonmail.com. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh.

Lastly, be sure to follow SecurityStudio (@studiosecurity) and FRSecure (@FRSecure) for more things we do when we do what we do.

That’s it! Talk to you all again next week!