Each Friday, I’m going to do my best to post the notes for the UNSECURITY Podcast episode that Brad Nigh and Evan Francen (me) will record on the following Monday morning. Each week, Brad and I alternate leading episodes, so I lead the odd episodes and Brad leads the even ones.
These are the notes we use to guide our discussion for episode 14.
OK, here we go. Today is Monday, February 11th, 2019, and this is episode 14 of the UNSECURITY Podcast. My name is Brad Nigh and joining me as always is Evan Francen. Good morning Evan, how are you today?
Also joining the show today is a special guest, he goes by the name M1ndFl4y or “Ben”, depending upon how well you know him. For the sake of today’s show, we’ll call him Ben. Good morning Ben and welcome.
Everyone knows me and Evan, but Ben, people may or may not know who you are. what would you say you do here? Ben discusses what he does. (NOTE: Don’t let him off easy. He’s a social engineer, pen tester, researcher, mentor and creator of cool things.)
My day today. Evan’s got next week.
Let’s replay some of the things we did this week. Although we all work together at the same place, we don’t often get a chance to hear what each other is doing. Ben, start us off.
(NOTE: Don’t let him off easy again. Make sure he mentions his https://haveibeenpwned.com/ bash script, and the fact that it’s posted on Troy Hunt’s site and he should also share some goodies from his most recent pen test).
Well, this is what I did this week. Brad’s leading the show and has the liberty to take this wherever he wants.
Excellent meetings and collaboration this week. Met with a CISO from a large company this week (We’ll leave out the name because nothing’s been cleared with him). The company is a top 50 company in terms of size. Great meeting (Discuss). Maybe give some other highlights, if there’s time.
Awesome. We have a lot to cover in this week’s episode, so let’s get going. But, before we get started, we want to make sure everyone knows how to get in touch with us. Send us your suggestions, questions, or cool things you might want us to know. Use firstname.lastname@example.org.
The main theme for today’s episode is social engineering. You know anything about social engineering Ben?
Ben, Evan, and I will share between 3 – 5 real stories from our own personal experiences. The exact number will depend on time.
- How does someone go about becoming a social engineer?
- Can you suggest any good educational resources (classes, books, podcasts, etc.)
- If you could give one piece of advice to our listeners on how to protect themselves, what would it be? (We’re not really gonna hold you to one!)
Alright, good stuff. You can follow M1ndFl4y on Twitter, although he doesn’t post much, at @M1ndFl4y. Be careful though! He probably only uses Twitter as some sort of OSINT source for his next project.
OK, let’s get to some news…
Topics for Discussion
Any other topic before we get into some of the news?
- Over 59,000 Breaches Reported to GDPR Regulators
- MacOS Zero-Day Exposes Apple Keychain Passwords
- Digital signs left wide open with default password
- Kids’ GPS watches are still a security ‘train wreck’
Oh yeah, Apple released a security update on Thursday. The biggest fix was for the FaceTime bug that blew things up last week. The update is iOS version 12.1.4, go apply it!
Well, that just about wraps it up for this week’s show, episode 14. Thank you, Ben, for coming on. Always fun catching up with you.
Next week, I think we might be starting a series about incident response. We’ll see what Evan decides to do. As always, be sure to send your questions and suggestions to us at email@example.com.
See you next week!