The Signal Incident

This week's episode, Adam and Andy talk about the basics of password cracking. Understanding how passwords are cracked by offensive security and cybercriminals can help defenders scope and make better password policies. ------------------------------------------- Youtube Video Link: https://youtu.be/f2IniyS8Le4 ------------------------------------------- Documentation: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/your-pa-word-doesn-t-matter/ba-p/731984 ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

28 Feb 202220min

This week's episode, Adam and Andy talk about some of the geopolitical crises happening around the world with Russia and China and how that affects cybersecurity defenders. ------------------------------------------- Youtube Video Link: https://youtu.be/LATDlvH6h90 ------------------------------------------- Documentation: https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/ ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

21 Feb 202223min

This week's episode, Adam and Andy continue their Windows Security series and talk about Defender Application Control. This is a great feature built into Windows Enterprise that can help reduce the attack surface in many use cases. Listen in on how it works and how to test and implement it. ------------------------------------------- Youtube Video Link: https://youtu.be/A0LXCsIIFBM ------------------------------------------- Documentation: https://call4cloud.nl/2021/06/wdac-or-the-unexpected-virtue-of-ignorance/ https://webapp-wdac-wizard.azurewebsites.net/ ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

14 Feb 202222min

This week's episode, Adam and Andy have a great time chatting with fellow cybersecurity professionals Nate Gardner and Gavin Ashton walking through tabletop scenarios. This is something security defenders should do to test their incident response plan. ------------------------------------------- Youtube Video Link: https://youtu.be/kwxSCd40gWQ ------------------------------------------- Documentation: Nate Gardner: https://www.linkedin.com/in/nate-gardner-infosec/ Gavin Ashton: https://twitter.com/gvnshtn https://www.linkedin.com/in/gvnshtn/ ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

7 Feb 202247min

This week's episode, Adam and Andy talk catch up on some infosec news including BadUSB, President Biden's memorandum for National Security Systems, iOS/MacOS vulnerablities, and new hardware with Microsoft's Pluton Security Processor. ------------------------------------------- Youtube Video Link: https://youtu.be/yQebJcb2j3E ------------------------------------------- Documentation: https://www.darkreading.com/vulnerabilities-threats/more-security-flaws-found-in-apple-s-OS-technologies https://www.whitehouse.gov/briefing-room/presidential-actions/2022/01/19/memorandum-on-improving-the-cybersecurity-of-national-security-department-of-defense-and-intelligence-community-systems/ https://www.csoonline.com/article/3647173/badusb-explained-how-rogue-usbs-threaten-your-organization.html#tk.rss_all https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-excel-40-macros-by-default-to-block-malware/ https://www.csoonline.com/article/3647170/microsofts-pluton-security-processor-tackles-hardware-firmware-vulnerabilities.html#tk.rss_all ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

31 Jan 202233min

This week's episode, Adam and Andy talk with special guest Shannon Fritz on Windows Device Management. If you haven't listened to Shannon's episode on Device Identity, we encourage you to listen to it! Following up the conversation on device identity, Shannon talks all about managing devices using co-management and how device identity is related to management but mainly where the device lives does not affect how it is managed. Listen in on what it means to co-manage your Windows devices! ------------------------------------------- Youtube Video Link: https://youtu.be/LtkPvqLvG9Y ------------------------------------------- Documentation: Windows 10 Device Management vs Device Identity https://mrshannon.wordpress.com/2020/06/24/windows-10-device-management-vs-device-identity/ https://anchor.fm/blue-security-podcast/episodes/Say-Goodbye-to-Domain-Join-with-Special-Guest-Shannon-Fritz-erudur Shannon Fritz: https://twitter.com/mrshannonfritz ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

24 Jan 202259min

This week's episode, Adam and Andy talk about the importance of the nomenclature we use in information security. They also talk about the perception of information security to those who are not in the field and how that can affect safety when it comes to red teaming. ------------------------------------------- Youtube Video Link: https://youtu.be/nMQC5D_P4qY ------------------------------------------- Documentation: https://techcrunch.com/2021/10/15/f12-isnt-hacking-missouri-governor-threatens-to-prosecute-local-journalist-for-finding-exposed-state-data/ https://boingboing.net/2021/12/30/reporter-likely-to-be-charged-for-using-view-source-feature-on-web-browser.html https://arstechnica.com/information-technology/2019/09/iowa-officials-claim-confusion-over-scope-led-to-arrest-of-pen-testers/ https://abcnews.go.com/US/wireStory/charges-dropped-men-broke-iowa-courthouses-68651855 https://www.darkreading.com/edge-articles/why-red-teaming-while-black-can-be-risky ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

17 Jan 202223min

This week's episode, Adam and Andy talk about a fundamental important program for security defenders: asset management. It may not be the most exciting aspect of security but knowing what you have makes it a lot easier to protect and response to attacks. ------------------------------------------- Youtube Video Link: https://youtu.be/Kui8x_lCYOk ------------------------------------------- Documentation: https://danielmiessler.com/blog/continuous-asset-management-security/ https://www.darkreading.com/vulnerabilities-threats/log4j-reveals-cybersecurity-s-dirty-little-secret ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

10 Jan 202224min