The Casting Couch – PSW #629
This week, we welcome Eric Brown, Senior Security Analyst at LogRhythm, to talk about the Outlook on Phishing in 2020! In our second segment, we welcome back Micah Hoffman, Principal Investigator at Spotlight Infosec, to discuss OSINT in Cyber! In the Security News, HackerOne breach lets outside hacker read customers private bug reports, Two malicious Python libraries caught stealing SSH and GPG keys, Smash-and-grab car thieves use Bluetooth to target cars containing tech gadgets, and If You Bought a Smart TV on Black Friday, the FBI Has a Warning for You!
To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. Outlook on Phishing in 2020 – Eric Brown – PSW #629
Eric Brown is the Sr. Security Analyst at LogRhythm. Eric will cover topics including:
Phishing Trends, 2020 Outlook, Top 4 Types Eric is seeing: Exec Phish / Legit websites (Box/sites.google/OneDrive) / Fake O365 / HTML attachment, Use of/upload to VirusTotal, Value of Incident Response and Playbooks, Value of Training
baseStriker, Has it been patched? Or just now detectable?, and Hunting Phish Kits.
To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm
Guest
Eric Brown is a disciplined professional with 20 years of service in the Air Force; with a wide range of responsibilities and experience as a system administrator of computer systems, networking, and security. Following his service, he held a ten-year position as the Cybersecurity and Information Systems Security Officer (ISSO) for a business unit under General Dynamics. He is now a Senior Security Analyst and part of the Office of the Chief Information Security Officer team at LogRhythm. At LogRhythm, he maintains LogRhythm’s overall security posture by handling incident response, threat hunting and analysis, and response to phishing emails.
Hosts
2. Open Source Intelligence (OSINT) in Cyber – PSW #629
Micah Hoffman is the Principle Investigator at Spotlight Infosec. Looking to increase the publicity of using Open Source Intelligence (OSINT) in traditional cyber fields like pentest, DFIR, and cyber defense. Just created a new non-profit called The OSINT Curious Project (https://osintcurio.us) that is a clearinghouse for excellent OSINT information and resources.
Guest
Micah Hoffman has been active in the information technology field since 1998, working with federal government, commercial, and internal customers to discover and quantify cybersecurity weaknesses within their organizations. As a highly active member of the cybersecurity and OSINT communities, Micah uses his real-world Open-Source Intelligence (OSINT), penetration testing, and incident response experience to provide customized solutions to his customers and comprehensive instruction to his students.
Hosts
3. Defecting Chinese, IoT Smartwatch, and Malicious SDKs – PSW #629
Netflix: BPF is a new type of software we use to run Linux apps securely in the kernel, Automated security tests with OWASP ZAP, HackerOne Breach Leads to $20,000 Bounty Reward, US-CERT AA19-339A: Dridex Malware , and much more!
Hosts
