Chris ( @rattis ) is our last guest before BSides Detroit 13. In this episode, Chris chats with Wolfgang Goerlich about last year’s podcast, Chris’s work as the EMU IA president, and what Chris has planned for this year’s lockpick village. For those participating in the CTF, stay tuned for hints on the physical challenges. For more information about BSides Detroit 13, please see: Rats and Rogues podcast Conference website Conference schedule...
David Schwartzberg ( @DSchwartzberg ) is this week’s podcast guest. David discusses GrrCON, ZeuS bot Exploit Kit Command & Control, and David’s book: Computers for Kids: Something In, Something Out . David will be giving his talk, Zeus C&C for Tech Support, on Saturday. We end the podcast with an announcement from BSides: BSides Detroit Kids . In conjunction with Brain Monkeys , BSides Detroit is hosting a full day of workshops for kids ages 8-12. The sessions include Scratch Arcade, Kid...
James Foster joins Wolfgang Goerlich on the podcast to discuss trust relationships. How does pass-the-hash actually work? James: “Before I did security assessments and pen testing, I knew about some of these problems. I think a lot of Windows admins and defenders do. But I did not fully understand their implications and I did not fully understand their impact. And that is the reason I want to do this talk.” Listen to learn more. Abstract: What’s a trust relationship? Explicit ones are easy — the...
Fresh from BSides Chicago’s New and Local track, Eve Adams joins us on the BSides Detroit podcast. Eve covers her Chicago experience, explains a bit about what she does (and why she is better than Willy Wonka), and gives a preview of her talk: Hack the Hustle . Abstract: While information security is widely considered a negative-unemployment industry (it’s actually closer to 3%), most of us will look for a job at some point. Seasoned technical recruiter Eve Adams (@ HackerHuntress ) provides inf...
On this episode, J Wolfgang Goerlich interviews the BSides Detroit 13 business keynote speaker. His talk is Creating a security culture – a holistic view on security. Kai Roer, the founder and Senior Partner of The Roer Group, is a European author and speaker. He has delivered speeches and trainings in more than 20 countries on four continents. Kai speaks about leadership, communication and security. He is a guest lecturer at two universities in Europe, and have consulted organizations of all si...
Jeff Multz, Director of North America Midmarket Sales for Dell SecureWorks, joins the podcast to discuss his talk: The Ever-evolving Threat Landscape . SecureWorks provides Jeff with a unique vantage point for watching the threats evolve, given they monitor literally billions of events daily. Combining real life examples with the things he learned from watching Terminator movies, Jeff explains how criminal hacking is changing and how businesses can respond. As Jeff says, “It is not about technol...
This week’s episode is a special cross-post with our friends at BSides Chicago. We discuss both events, the success of our collaborations, the CTF, and Hackers on a Train. Check it out here, and also be sure to visit SecureChicago .
Raphael Mudge ( @armitagehacker ) brings us up to speed on Metasploit, Armitage, and Cobalt Strike. He then introduces his new workshop: Armitage and Cobalt Strike . “My idea of hacking is taking the tactics, techniques, and procedures that different threats are using today and using them against our organizations to understand how our controls stand up when exercised in concert by a sophisticated adversary.” Listen in and find out how Cobalt Strike makes this possible. Abstract: The Metasploit ...
Mark Stanislav ( @markstanislav ) joins the podcast to discuss the evolution in his thinking about ethical hacking, responsible disclosure, and the value of combining both red team and blue team responsibilities. Mark then shares a few tips from his talk, So You Want to Hire a Penetration Tester: 10 Tips for Success . Abstract: Whether due to compliance needs, best practices, or customer demand, penetration testing is an increasing requirement for many organizations. The process of hiring and wo...
Kevin Poniatowski joins the podcast to talk about the value of good information security training and his talk, How I Learned to Stop Worrying and Love BYOD . Kevin is with Safelight and has a unique and well-informed view of training and BYOD. Abstract: “Tweeting from the pub using my work Twitter account seemed like a good idea at the time.” “How could our customer data be stolen? No one knows my iPhone pin except me.” “After I send off this email to sales, I’m going to download Angry Chinese ...
