Exploring Information Security - Exploring Information Security
Timothy De Block
All episodes
Best episodes
Top 10 Exploring Information Security - Exploring Information Security Episodes
Goodpods has curated a list of the 10 best Exploring Information Security - Exploring Information Security episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to Exploring Information Security - Exploring Information Security for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite Exploring Information Security - Exploring Information Security episode by adding your comments to the episode page.
What is the Innocent Lives Foundation?
Exploring Information Security - Exploring Information Security
06/11/24 • 45 min
Summary:
In this episode of Exploring Information Security, Chris Hadnagy and Shane McCombs join the podcast to discuss the Innocent Lives Foundation (ILF). They delve into the challenges of running a nonprofit focused on identifying and reporting online predators, the importance of volunteer mental health, and their personal experiences and motivations behind ILF.
Episode Highlights:
- Challenges of Running ILF: Chris and Shane discuss the operational complexities and the importance of back-end work, including finances and CPA dealings.
- Volunteer Involvement and Mental Health: Emphasis on mandatory wellness sessions for volunteers to ensure their mental well-being while dealing with disturbing content.
- Personal Journeys and ILF’s Growth: Chris shares his unexpected journey from founding ILF to growing it with 40 volunteers and collaborating with the FBI.
- Board Member Contributions: Stories about diverse board members, including actors and professionals from various fields contributing to ILF’s mission.
- Prevention and Education Efforts: Shane highlights ILF's focus on preventing exploitation through education and engaging with parents and schools.
Quotes:
- "Your children need to see you as their advocate, not their adversary." - On the importance of parental support in preventing exploitation.
Resources:
- Visit Innocent Lives Foundation to get involved or donate.
- Sign up for the 2nd Annual Ending Child Exploitation Gala in Los Angeles, CA, September 21, 2024.
Social Media:
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!ShowMeCon: Kevin Johnson and whatever he wants to talk about
Exploring Information Security - Exploring Information Security
02/15/24 • 29 min
This is a sponsored podcast by ShowMeCon which is May 13th & 14th. Tickets are still available! They’re also still looking for sponsors. Don't miss out on this opportunity to be part of the cybersecurity event of the year! Whether you're looking to learn, network, or elevate your brand, ShowMeCon is the place to be.
Summary:
Kevin Johnson CEO of Secure Ideas
Kevin Johnson the Chief Executive Officer of Secure Ideas joined me to discuss ShowMeCon and his keynote presentation on the infosec community rising from the ashes like a phoenix. It’s been a while since I’ve had the opportunity to catch up with Kevin but we got right into it and had a lot of great laughs. It’s a little all over the place with talk about ShowMeCon, reincarnation, and John Wick as a romantic comedy. Also, there is an EXPLICIT tag on this podcast.
Check the episode highlights below for a jingle on the topic.
Episode Highlights:
(Verse 1)
🎶 In the world of cyber, there's a place to be,
ShowMeCon's the event, in the tech sea.
Kevin Johnson's leading, with a tech-savvy crew,
Bringing folks together, showing what they can do. 🎶
(Chorus)
🎵 ShowMeCon, ShowMeCon, where the tech minds meet,
Diving deep in cyber streets, where challenges and passions greet.
From the ashes, we will rise, like a phoenix, bold and wise,
ShowMeCon, the stage is set, for a tech adventure you won't forget. 🎵
(Verse 2)
🎶 Imagine John Wick, with a softer side,
In a rom-com twist, where love and action collide.
He's hacking through the heart, with a smile so wide,
At ShowMeCon, where worlds of tech and romance abide. 🎶
(Bridge)
🎵 Rising from the ashes, with the phoenix's flight,
We'll conquer cyber battles, in the neon light.
Kevin Johnson guides us, through the digital night,
At ShowMeCon, we'll learn, we'll grow, and take our dreams to height. 🎵
(Chorus)
🎵 ShowMeCon, ShowMeCon, where the future's bright,
Join us in the journey, in the quest for cyber might.
From the ashes, we will rise, with our hearts and minds entwined,
ShowMeCon, where dreams take flight, and every moment's a delight. 🎵
Guest Information:
Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.
Resources and Mentions:
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!ShowMeCon: Azure Vulnerabilities with Scott Miller
Exploring Information Security - Exploring Information Security
04/04/24 • 22 min
Scott Miller
Summary:
Scott Miller, a fresh voice in the cybersecurity arena, joins me to discuss the intricacies of hacking Azure services. Scott shares his journey from a recent college graduate to becoming a speaker at cybersecurity conferences, along with valuable insights into Azure AD (Active Directory), vulnerabilities within cloud services, and the art of escalation.
This episode sponsored by ShowMeCon.
Episode Highlights:
- Scott's Entry into Cybersecurity
- Focus on Azure AD
- Exploring Vulnerabilities
- Methodology and Tools
- Learning and Resources
- The Importance of Entry-Level Accessibility
Scott Miller Penetration Tester at Accenture
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!What is Have I Been Pwned?
Exploring Information Security - Exploring Information Security
05/14/24 • 41 min
Summary:
In this insightful episode of Exploring Information Security, Troy Hunt, the creator of the widely recognized website, Have I Been Pwned (HIBP) talks about the origins and evolution of the service. Troy discusses his transition from writing about application security to developing HIBP and delves into the impacts of data breaches on both individuals and companies.
Episode Highlights:
- Impact of HIBP: Troy shares insights on how HIBP has evolved into a crucial tool for internet users to check if their data has been compromised in various data breaches.
- Community Interaction: Discussion on how the community aids in identifying new breaches and the collective effort to maintain data integrity and security awareness.
- Legal and Ethical Considerations: Troy talks about navigating legal challenges and ethical dilemmas in disclosing breaches and interacting with affected companies.
- Technical Insights: An exploration of the technical aspects of running HIBP, including dealing with massive datasets and implementing security measures to protect stored data.
Additional Resources:
- Have I Been Pwned: Visit HIBP
- Blog posts by Troy Hunt for further reading on cybersecurity and breach analysis.
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!What is a Canary?
Exploring Information Security - Exploring Information Security
02/20/24 • 27 min
Summary:
Tyron Kemp Presales Engineer at Thinkst Canary joined me to discuss what is a canary. More specifically Thinkst Canaries which is one of the most useful and simple to use tools in the security space. I’m surprised I haven’t heard of more companies using the tool. You drop it in an environment and if you get people scanning or touching it alerts the people that can respond. It’s as simple as that.
Episode Highlights:
- What is a canary?
- How are canaries used?
- How Thinkst contributed to the community through free tools like Log4j discovery
- How do canaries get implemented?
- What’s ahead for Thinkst?
- How AI will impact canaries
Guest Information:
Tyron Kemp Presales Engineer at Thinkst Canary - LinkedIn
Resources and Mentions:
- Thinkst Canary - Tools site
- Thinkst Canary - Hardware site
- Canary Love - Customer feedback site
- ThinkstScapes - Quarterly report on the latest from security conferences
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!Who is looking for more in infosec - Feb 27, 2017
Exploring Information Security - Exploring Information Security
02/28/17 • -1 min
In this job posting edition of the Exploring Information Security podcast, who is looking for more in infosec?
This is a bonus episode of the podcast. This is a solo podcast where I discuss open positions and people looking for opportunities. I plan to do these based on demand. If you would like to submit a position you are looking to fill or looking for an opportunity send me an email timothy.deblock[at]gmail[dot]com or hit me up on Twitter @TimothyDeBlock.
Employers looking to fill a role
Sr. Splunk Admin - Premise Health
- Splunk experience a plus
- SIEM experience and management is required
- Must live in Nashville, TN, or be willing to relocate
Jr. Pen Tester - Premise Health
- Testing experience a plus
- Familiarity with testing tools
- Must live in Nashville, TN, or be willing to relocate
Sr. Endpoint Security Consultant - Optiv
- Focus on Carbon Black
- Optiv's Architecture & Implementation Services
- Location anywhere
- 50% travel time
- Fill out position or contact Brad Pace (brad.pace[at]gmail[dot]com)
Quicken Loans
Multiple positions open at Quicken Loans as we continue to mature our information security team. All positions would require relocation to the metro Detroit area, no remote opportunities unfortunately. Great team of people, great company culture and atmosphere. At the end of the day the positions are what you make them. - Robert Knapp @power_napz or robertknapp[at]quickenloans[dot]com
People looking for an opportunity
Joshua Ovalle - Resume
Type of work: Entry level
Interested Areas:
I have been interested in the idea of breaking down and building up security networks and things of that sort. I had always pictured hacking as something fun and challenging. Challenging things are what really get me involved more deeply in my work.
Experience:
Navy Aviation Electronics Technician. My experiences are with mostly physical maintenance (wire running, electronic testing, circuit card installation/testing and software instillation. I am also familiar with Microsoft computers and Apple products.
Community Contribution:
I have recently started dedicating time to a prison ministry at my church spending time with the children of men and women who are incarcerated by teaching and playing sports with them.
Education:
I graduated high school in 2009 and went to college for 2 semesters until I decided to join the military.
Willing to Relocate:
I am currently in San Diego, and with a new born i don't know if i could relocate any time soon.
Coding Experience:
I don't have any experience with coding, but I am willing to learn it.
How to contact:
email: jgovalle[at]gmail[dot]com
Again if you are looking to fill a role or looking for an opportunity email me timothy.deblock[at]gmail[dot]com
What is Session Hijacking?
Exploring Information Security - Exploring Information Security
06/04/24 • 43 min
Summary:
In this informative episode, Timothy De Block discusses session hijacking with Web Application Security Engineer and PractiSec Founder Tim Tomes. The discussion delves into the intricacies of session hijacking, exploring its mechanics, vulnerabilities, and prevention strategies.
Tim’s website: https://www.lanmaster53.com/
You can reach out to Tim for Training, Consulting, Coaching, Remediation Support, and DevSecOps.
Episode Highlights:
- Understanding Session Hijacking:
- Tim Tomes clarifies the common misconceptions about session hijacking, emphasizing its relation to temporary credentials rather than sessions alone.
- The conversation covers the technical aspects, including how sessions and tokens are hijacked, and the role of cookies in managing temporary credentials.
- Technical Mechanisms and Vulnerabilities:
- Detailed explanation of how session hijacking occurs, focusing on temporary credential management and the vulnerabilities that allow hijackers to exploit these credentials.
- Prevention and Security Best Practices:
- Strategies to prevent session hijacking, such as secure management of tokens and sessions, are discussed.
- Importance of using flags like HTTPOnly and Secure to protect data transmitted in cookies.
- Common Tools and Exploitation Techniques:
- Tim Tomes discusses common tools like Burp Suite and its Collaborator tool for detecting and exploiting session hijacking vulnerabilities.
- Real-world Application and Examples:
- Practical insights into how session hijacking is executed in the real world, including Tim’s personal experiences and how these vulnerabilities are identified during security assessments.
Key Quotes:
- "Session hijacking is not just about stealing sessions; it's about exploiting the temporary credentials that represent a user." - Tim Tomes
- "Protecting applications from session hijacking involves understanding the application's handling of temporary credentials and implementing robust security measures." - Tim Tomes
Recommended Resources:
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!ColaSec News November 2023
Exploring Information Security - Exploring Information Security
12/12/23 • 17 min
Reboot....initiated
This is an experiment and the first step to a potential return of the Exploring Information Security podcast. The past several months I’ve been working on adding content to the website. Now I’m looking to start podcasting again in 2023. As part of that I was looking at making the news section of the ColaSec user group apart of the podcasting rotation.
ColaSec is a local user meeting based out of Columbia, SC. When the pandemic hit the group moved to online which meant I got to be apart of the group again. Post pandemic we’re still meeting in person but we’ve now expanded to having an online presence along with the in-person meetup. One of the things we do as part of the intro to the meetup is talk about the news. If you’re a fan of Top Gear it’s a bit like that. We even do a Cool Wall sometimes.
In this segment we talk about the below security news topics:
- Okta hacked
- RagnarLocker Ransomware gang taken down
- Atlassian’s critical vulnerability
- CitrixBleed vulnerability
- Alphv/BlackCat files SEC complaint against a company after deploying ransomware
- Updated US export regulation impact chip design and production
Send feedback to timothy[.]deblock[@]gmail[.]com or fill out the contact form below. You can also connect with me on LinkedIn, just make sure to include that you’re a listener of the podcast.
Contact
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!What's happening at DerbyCon 2018 - Part 2
Exploring Information Security - Exploring Information Security
11/26/18 • 54 min
In this Hyatt recorded edition of the Exploring Information Security podcast, Micah Hoffman, Josh Huff, and Justin Nordine.
Micah (@WebBreacher), Josh (@baywolf88), and Justin (@jnordine) join me to go over a variety of topics at DerbyCon 2018. The Hyatt was kind enough to provide space near the bar (shout to the amazing Lauren).
In this episode we discuss:
- Why other industries don’t use OSINT
- Where to find your niche
- What are some frustrations of mentorship
- How apps are impacting our lives
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!ShowMeCon: Unraveling the Cybersecurity Fabric of Space and SCADA Networks with Paul Coggin
Exploring Information Security - Exploring Information Security
04/02/24 • 35 min
Paul Coggin
Summary:
In this captivating episode of the "Exploring Information Security" podcast, cybersecurity expert Paul Coggin discusses the intricate world of threat hunting in SCADA networks and the emerging frontier of space cybersecurity. From the inspiration drawn from Transformers movies to the sophisticated attacks like Stuxnet, Coggin delves deep into how monitoring physical indicators could revolutionize our approach to cybersecurity in both terrestrial and extraterrestrial domains.
This podcast is sponsored by ShowMeCon.
Episode Highlights:
- The significance of ShowMeCon in filling the void left by other conferences.
- Paul's historical involvement and contribution to the naming of ShowMeCon and DerbyCon.
- The Internet of Military Things
- Initiating Threat Hunting in New Domains
- Case Studies and Practical Applications
- Looking Ahead: Cybersecurity in Space
Guest Information:
Paul Coggin is a Cyber SME at nou Systems, Inc.
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
Subscribe
Sign up with your email address to receive news and updates.
Email Address Sign Up We respect your privacy. Thank you!Show more best episodes
Show more best episodes
FAQ
How many episodes does Exploring Information Security - Exploring Information Security have?
Exploring Information Security - Exploring Information Security currently has 148 episodes available.
What topics does Exploring Information Security - Exploring Information Security cover?
The podcast is about Podcasts and Technology.
What is the most popular episode on Exploring Information Security - Exploring Information Security?
The episode title 'What is Emotet?' is the most popular.
What is the average episode length on Exploring Information Security - Exploring Information Security?
The average episode length on Exploring Information Security - Exploring Information Security is 33 minutes.
How often are episodes of Exploring Information Security - Exploring Information Security released?
Episodes of Exploring Information Security - Exploring Information Security are typically released every 7 days.
When was the first episode of Exploring Information Security - Exploring Information Security?
The first episode of Exploring Information Security - Exploring Information Security was released on Jan 16, 2017.
Show more FAQ
Show more FAQ