BrakeSec Education Podcast
Bryan Brake, Amanda Berlin, and Brian Boettcher
Podcast
Episodes
Listen, download, subscribe
Tony Robinson, news of the week, @da_667 new book! -part1
• 53 minTony Robinson (@da_667) Thought we’d put in a little news to round out the show https://www.bbc.com/news/world-us-canada-58863678 - nuclear secrets hidden in a peanut butter sandwich https://www.theregister.com/2018/04/20/rsa_security_conference_insecure_mobile_app/ https://www.vice.com/en/article/jg8w9b/the-twitch-hack-is-worse-for-streamers-than-for-twitch https://nakedsecurity.sophos.com/2021/10/08/apache-patch-proves-patchy-now-you-need-to-patch-the-patch/ https://www.securityweek.com/fontonlake-linux-malware-used-targeted-attacks https://securityaffairs.co/wordpress/123182/breaking-news/medtronic-recalled-insulin-pumps-controllers.html Similar device on ebay: https://www.ebay.com/itm/324762812721 https://www.zdnet.com/article/brewdog-exposed-data-of-200000-shareholders-for-over-a-year/ https://tpetersonkth.github.io/cve/2021/10/02/Analysis-of-CVE-2019-9053.html https://0xdf.gitlab.io/ www.leanpub.com/avatar2 MSRP = $30 USD Book changes What is the end goal? Upskill? Independent consultant? Promotion? Bug bounties? Lab setup - Lab setup types Cloud based - Desktop/laptop/NUC - Server - Good VMs to https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ - 90 day WIndows machines What other home lab equipment have would be helpful? Testing IoT/embedded devices? Car hacking? Malware analysis? https://bazaar.abuse.ch/ Virus Total Intelligence Honeypots @malware_traffic - https://twitter.com/malware_traffic/status/1446627364147023877 Analyzing binaries? Patch analysis (patch tuesday, print nightmare, etc)? https://wumb0.in/extracting-and-diffing-ms-patches-in-2020.html https://www.netresec.com/?page=networkminer Soldering? Oscillators for voltage checks? Wireless? Old cellphones (mobile apps, don’t need cellular) Personal assistant devices (used IoT devices?) Accessing data stored on devices Specific software licenses? Burp? If I’m trying to break into infosec, how do I use my lab to sell myself to an employer? Does the employer care? How can someone show what they’ve learned in a way that shows the value?
BrakeSec Education Podcast RSS Feed