Brakeing Down Incident Response

JOIN US FOR EPISODE-010 Newsworthy Items: • INSURANCE COMPANY REFUSES TO PAY NOTPETRYA BILL, SAYS IT WAS AN ACT OF WAR, COMPANY SUES FOR $100M • 2-FACTOR AUTH BYPASSED ??? • 773 MILLLLLION PASSWORDS CIRCULATING THE INTERNET FROM PAST BREACHES • BYPASS BLACKLISTED WORDS FILTER (OR FIREWALLS) VIA WILDCARDS Malware of the month - First Sednit UEFI Rootkit Unveiled Site-worthy - websites of the trade to share Tool-worthy - some tools of the trade to share *Topic of the day - To Agent, or not to Agent, that is the question* Show Notes may be found at: https://www.imfsecurity.com/podcast/

JOIN US FOR EPISODE-009: We will discuss MITRE ATT&CK - Part 2 Newsworthy Items: Over 1 BILLION Pwned Dell Breach Marriott/Starwood Breach Malware of the month - LOKIBot Site-worthy - websites of the trade to share Tool-worthy - some tools of the trade to share Topic of the day - TORA TORA TORA - MITRE ATT&CK Part 2 Show Notes may be found at: https://www.BDIRPodcast.com/podcast/

EPISODE-008 "EPIC FAILURE, Who Do You Blame? You decide" Newsworthy Items: 1. NSS Labs fires off anti-malware-testing lawsuit at infosec toolmakers 2. Gartner says EDR will be a 1.5 BILLION, with a B business by 2020 3. Forrester Report on is EDR overblown Topic of the day - "EPIC FAILURE, Who Do You Blame? You decide" Show Notes may be found at: https://www.imfsecurity.com/podcast/ (edited)

JOIN US FOR EPISODE-007, OUR GUEST WILL BE: Katie Nickels, ATT&CK Threat Intelligence Lead, MITRE and will discuss with us: "A little known guide of hacking tactics - ATT&CK - PART 1 (TORA TORA TORA)" Newsworthy Items: ----------------------- After Sept 21st Credit Freezes are FREEEEEE - Article - by Krebs "Do you use a Tumi bag? Registered it with Tumi's Tracer service? British airways website hacked 380K users affected How Hackers Slipped by British Airways' Defenses - Wired Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob - WIRED Exploit vendor drops Tor Browser zero-day on Twitter - zdnet Bad Actors Sizing Up Systems Via Lightweight Recon Malware Site-worthy - websites of the trade to share Tool-worthy - some tools of the trade to share Malware of the month - EMOTET Topic of the day - "A little known guide of hacking tactics - ATT&CK - PART 1 (TORA TORA TORA)" --------------------------------------------------------------------------------------------------------------------

JOIN US FOR EPISODE-006, OUR GUEST WILL BE: Jim Schwar, Lead Analyst (Cybersecurity) will discuss with us "Logging - How many tricks does it take to get to the center of a Log-iPop?" Newsworthy Items: The most expensive Cyber attack EVER !!! (wired) City of Atlanta 17 million ransom attack APT32 proves what we say about logging - Monitor Scheduled Tasks Malware of the month - None, so send us something interesting... Site-worthy - websites of the trade to share Tool-worthy - some tools of the trade to share Topic of the day - Logging - How many tricks does it take to get to the center of a Log-iPop? Show Notes may be found at: https://www.imfsecurity.com/podcast/

JOIN US FOR EPISODE-005, OUR GUEST WILL BE: Chris Truncer with FortyNorthSec and author of WMImplant will discuss with us "WMI - Exploitation and Detection" Newsworthy Items - New Sysmon and Autoruns versions released. Be careful of VirusTotal uploads Malware of the month - None, so send us something interesting... Site-worthy - websites of the trade to share Tool-worthy - some tools of the trade to share Topic of the day - WMI - Exploitation and Detection Show Notes may be found at: https://www.imfsecurity.com/podcast/ (edited)

  JOIN US FOR EPISODE-004, OUR GUESTS WILL BE: Pieter Heyn and Kresten Krab with Humio will discuss with us Cloud based Log Management and/or On-Prem Log Management Newsworthy Items - The FBI asks us to reboot our routers Malware of the month - None, so send us something interesting... Site-worthy - websites of the trade to share Tool-worthy - some tools of the trade to share Topic of the day - Cloud based Log Management and/or On-Prem Log Management (edited)   https://www.imfsecurity.com/podcast/

Our guest will be: Lesley Carhart - Principal Threat Hunter at Dragos Inc. Topic of the Day: The Incident Response Process, - Program, Plan, Policy, Process, Playbooks, and roles Show Notes: Introductions Introduce our Guest Twitter: @Hacks4Pancakes Blog: www.tisiphone.net News-Worthy Site-Worthy Tool-Worthy Topic of the Day

BDIR Episode - 002 Our guests will be: David Longenecker - InfoSec Practioner Topic of the Day: Windows Logging: Who, What, Where, When, Why Show Notes: Introductions Introduce our Guest Twitter: @dnlongen Blog: SecurityForRealPeople.com GitHub - https://github.com/dnlongen News-Worthy Site-Worthy Tool-Worthy Topic of the Day (edited)

BDIR Episode - 001 Our guests will be: Martin Brough - Manager of the Security Solutions Engineering team in the #email #phishing industry Topic of the Day: CREDENTIAL STEALING EMAILS WHAT CAN YOU DO   Join us for Episode-001, our guest will be: Martin Brough - Manager of the Security Solutions Engineering team in the email phishing industry Topic of the day will be: "CREDENTIAL STEALING EMAILS WHAT CAN YOU DO" Show Notes: Introductions Introduce our Guest Martin Brough Twitters - @HackerNinja Blog - InfoSec512.com   More show notes at https://www.imfsecurity.com/podcasts/2018/2/28/bdir-podcast-episode-001  

BDIR Episode - 000 Our guests will be: Dave Cowen - Forensic Lunch Podcast and G-C Partners Tyler Hudak - Trainer in Malware Analysis and Reverse Engineering Topic of the Day: WHAT IS THIS NEW PODCAST ALL ABOUT, WHAT WILL IT COVER? "Incident Response, Malware Discovery, and Basic Malware Analysis, Detection and Response, Active Defense, Threat Hunting, and where does it fit within DFIR" SHOW NOTES: https://www.imfsecurity.com/podcast/2018/1/18/bdir-podcast-episode-000