Shows
West Coast CyberS5E3 - Insights to a real Crypto ScamStory 1https://www.reuters.com/business/retail-consumer/ms-co-op-cyberattackers-duped-it-help-desks-into-resetting-passwords-says-report-2025-05-06/Story 2Disney Employee gets 3 yearshttps://www.ctvnews.ca/world/article/fired-disney-employee-gets-3-years-in-prison-for-hacking-and-changing-menusMain TopicGuest Interview - Sean HannanUpcoming EventsRed Piranha Crystal Eye 5.5 launch events.https://redpiranha.net/eventsCyber Resilience Summit Brisbane May 14 https://forefrontevents.co/event/cyber-qldAISA WA Branch MeetingPresentation Title: BeyondCorp...2025-05-0750 min
AUSCERT "Share today, save tomorrow"040 - Securing from insider threatsIn this episode, AUSCERT features the following guests:
> Sal Bowman, UQSchoolsNet
> Mark Carey-Smith, AUSCERT
Anthony sits down with Sal Bowman from UQSchoolsNet to discuss how she works with schools who's biggest threat comes from inside. Sal explains how she helps schools assess and minimise risks through an effective and school appropriate threat assessment process.
In the second half of the episode, Bek chats with Mark Carey-Smith from AUSCERT to discuss the process of narrowing almost 200 conference program submissions to just 30 and how representation of minority groups in cyber are starting to become more prominent.
This episode was hosted by Anthony...2025-02-2836 minAUSCERT "Share today, save tomorrow"039 - AI, Evolving Threats & the End of Attribution?In this episode, AUSCERT features the following guests:
> Michael Hamm, CIRCL
> Ivano Bongiovanni, AUSCERT
Anthony sits down with the Michael Hamm from CIRCL the CERT of Luxembourg and creators of MISP. They discuss AI, the emerging threat landscape and whether attribution is going to become impossible
In the second half of the episode, Bek chats with Ivano Bongiovanni from AUSCERT to discuss what AUSCERT has in store for 2025.
This episode was hosted by Anthony Caruana and Bek Cheb2025-01-3128 min
KBKASTEpisode 290 Deep Dive: Dr. Ivano Bongiovanni | How To Get The Most From Maturity-Based And Risk-Based Approaches To CybersecurityIn this episode, we sit down with Dr. Ivano Bongiovanni, General Manager at AUSCERT, as he discusses how to get the most from maturity-based and risk-based approaches in the cybersecurity arena. Ivano delves into the importance of balancing both approaches to enhance cyber resilience, the role of organizational size and industry mandates, and the need for critical assessment of cyber risks. We also explore the challenges of decision-making in risk management, the impact of subjective judgment, and the significance of quality data sources. Ivano emphasizes a collaborative approach involving various organizational constituencies and the crucial role of effective communication...2025-01-2942 minAUSCERT "Share today, save tomorrow"038 - Security awareness + Education culture = Behaviour changeIn this episode, AUSCERT features the following guests:
> Kelsy Luengen, SEEK
> David Stockdale, AUSCERT
Anthony sits down with the amazing Kelsy Luengen, Security Influencer from SEEK to look at how security awareness and education culture come together to create behaviour change.
In the second half of the episode, Bek chats with David Stockdale from AUSCERT to reflect on the year that was and what we can expect in 2025.
This episode was hosted by Anthony Caruana and Bek Cheb2024-12-2443 min
Redefining Society and Technology PodcastHow Do We Make Decisions in Cyber Security? Operational, Tactical, and Strategic Decision-Making in the Age of AI | An Australian Cyber Conference 2024 in Melbourne Conversation with Ivano Bongiovanni | On Location CoverageGuest: Ivano Bongiovanni, General Manager / Sr Lecturer, AusCERT / UQOn LinkedIn | https://www.linkedin.com/in/ivano-bongiovanni-cybersecurity-management/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ivano-bongiovanni-ibtppHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis AISA Cyber Con 2024 On L...2024-11-2824 min
Redefining CyberSecurityHow Do We Make Decisions in Cyber Security? Operational, Tactical, and Strategic Decision-Making in the Age of AI | An Australian Cyber Conference 2024 in Melbourne Conversation with Ivano Bongiovanni | On Location CoverageGuest: Ivano Bongiovanni, General Manager / Sr Lecturer, AusCERT / UQOn LinkedIn | https://www.linkedin.com/in/ivano-bongiovanni-cybersecurity-management/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ivano-bongiovanni-ibtppHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis AISA Cyber Con 2024 On L...2024-11-2824 min
On Location With Sean Martin And Marco CiappelliHow Do We Make Decisions in Cyber Security? Operational, Tactical, and Strategic Decision-Making in the Age of AI | An Australian Cyber Conference 2024 in Melbourne Conversation with Ivano Bongiovanni | On Location CoverageGuest: Ivano Bongiovanni, General Manager / Sr Lecturer, AusCERT / UQOn LinkedIn | https://www.linkedin.com/in/ivano-bongiovanni-cybersecurity-management/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ivano-bongiovanni-ibtppHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis AISA Cyber Con 2024 On L...2024-11-2824 min
ITSPmagazine PodcastsHow Do We Make Decisions in Cyber Security? Operational, Tactical, and Strategic Decision-Making in the Age of AI | An Australian Cyber Conference 2024 in Melbourne Conversation with Ivano Bongiovanni | On Location CoverageGuest: Ivano Bongiovanni, General Manager / Sr Lecturer, AusCERT / UQOn LinkedIn | https://www.linkedin.com/in/ivano-bongiovanni-cybersecurity-management/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ivano-bongiovanni-ibtppHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis AISA Cyber Con 2024 On L...2024-11-2824 min
AUSCERT "Share today, save tomorrow"037 - Conference MC Extraordinaire, Adam SpencerIn this episode, AUSCERT features the following guests:
> Adam Spencer
> Ivano Bongiovanni, AUSCERT
Anthony sits down with our favourite conference MC, the one and only Adam Spencer! So many highlights, reflections and changes across his fifteen AUSCERT conferences!
In the second half of the episode, Bek chats with Ivano Bongiovanni from AUSCERT to talk about his recent travels to Fiji and Papua New Guinea for the DFAT Cyber and Critical Tech Cooperation Program.
This episode was hosted by Anthony Caruana and Bek Cheb2024-09-0633 minAUSCERT "Share today, save tomorrow"036 -Changing face of Incident ResponseIn this episode, AUSCERT features the following guests:
> Kylie Watson, DXC
> Mark Carey-Smith, AUSCERT
Anthony sits down with Kylie Watson from DXC to talk about the changing face of Incident Response and the inportance of having robust decision making processes.
In the second half of the episode, Bek chats with Mark Carey-Smith from AUSCERT to talk about business disruption and a deep dive into Tabletop Exercises.
This episode was hosted by Anthony Caruana and Bek Cheb2024-08-1243 minAUSCERT "Share today, save tomorrow"035 - Introducing IvanoFirst episode of Season 4!
In this episode, AUSCERT features the following guests:
> Ivano Bongiovanni, AUSCERT
> Michael McAlary, AUSCERT
Anthony sits down with AUSCERT's new General Manager, Ivano Bongiovanni to discuss his career journey and future aspirations for AUSCERT.
In the second half of the episode, Bek chats with Michael McAlary from AUSCERT to talk about the recent makeover and improved user experience of the AUSCERT Member Portal and future work and improvements.
This episode was hosted by Anthony Caruana and Bek Cheb2024-06-2135 min
TLP - The Digital Forensics PodcastEpisode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)Send us a textIn this conclusion of the Detection phase, Clint wraps up Incident Prioritisation. This includes Functional impacts of the incident, information impact of the incident and the recoverability of the incident.Not all of these are needed, or relevant when tracking your incident and Clint explains when to categorise incidents using these factors.To finish off, Clint discusses incident notification - Who are the stakeholders that need to be informed and included in your incident response process, and how will they be notified?Auscert: www.auscert.org.au2024-05-3111 minAUSCERT "Share today, save tomorrow"034 - Wireless in an undiscovered countryIn this episode, AUSCERT features the following guest:
> Edward Farrell, Mercury ISS
Anthony sits down with Ed Farrell from Mercury ISS, well known for his AUSCERT Conference tutorials and presentations over the years as well as his leadership across the cyber security industry. Ed shares his perspectives on wireless in our undiscovered country.
In the second half of the episode, Bek chats with Anthony in anticipation of next weeks AUSCERT Conference!
This episode was hosted by Anthony Caruana and Bek Cheb2024-05-1733 minAUSCERT "Share today, save tomorrow"033 - The world of AIIn this episode, AUSCERT features the following guests:
> Luke Zaphir, The University of Queensland
> Mark Carey-Smith, AUSCERT
Anthony sits down with Luke Zaphir from The University of Queensland to discuss where we are in the world of AI
In the second half of the episode, Bek chats with Mark Carey-Smith from AUSCERT to continue the topic of AI and the value of looking for new opportunities.
This episode was hosted by Anthony Caruana and Bek Cheb2024-04-2436 minAUSCERT "Share today, save tomorrow"032 - Behaviour change to reduce threatsIn this episode, AUSCERT features the following guests:
> Jane O'Louglin, CERTNZ
> Mike Holm, AUSCERT
Anthony sits down with Jane O'Lougline from CERTNZ for a fascinating discussion about why behaviour change is so critical when looking at ways to migitate threats and blocking threat actors.
In the second half of the episode, Bek chats with Mike Holm from AUSCERT about the history and role of CERT teams and the fast approaching AUSCERT Conference.
This episode was hosted by Anthony Caruana and Bek Cheb2024-03-2737 minAUSCERT "Share today, save tomorrow"031 -CybercrimeIn this episode, AUSCERT features the following guests:
> Nigel Phair, Monash University
> James Chadwick, AUSCERT
Anthony sits down with Nigel Phair from Monash University to discuss the murky world of Cybercrime!
In the second half of the episode, Bek chats with James Chadwick, Principal Analyst of AUSCERT about the release of the NIST 2.0 Framework and the fast approaching AUSCERT Conference.
This episode was hosted by Anthony Caruana and Bek Cheb2024-03-0837 minAUSCERT "Share today, save tomorrow"030 - Security CultureIn this episode, AUSCERT features the following guests:
> Daisy Wong, FlyBuys
> David Stockdale, AUSCERT
Anthony sits down with Daisy Wong, AUSCERT's Diversity and Inclusion Champion for 2023 to talk about her unique experience and background which has helped her become a security culture advocate and champion.
In the second half of the episode, Bek chats with David Stockdale, Director of AUSCERT for an exciting announcement about a new recruitment opportunity.
This episode was hosted by Anthony Caruana and Bek Cheb2024-01-2533 minAUSCERT "Share today, save tomorrow"029 -CTI (The importance of information and why context matters)In this episode, AUSCERT features the following guests:
> Chris Horsley, Cosive
> David Stockdale, AUSCERT
Anthony sits down with Chris from Cosive to discuss Cyber Threat Ingelligence, the importance of information and why context matters so much.
In the second half of the episode, Bek chats with David Stockdale, Director of AUSCERT to reflect on the past 12 months achievements and celebration of 30 years of AUSCERT.
This episode was hosted by Anthony Caruana and Bek Cheb2023-12-1845 min
With InterestMeet the “hacker” protecting you from cyber threatsWith Interest presents an episode from CPA Australia's INTHEBLACK podcast. Penetration testers hack into your company servers. Don’t worry – these are friends who can help your company stay safe from the dark web’s cyberthreats. “Pen testers” do it to protect you from the real hackers out there trying to steal your data. In this episode we meet a lead penetration tester. Learn what he does, how he does it and how you can improve your own organisation’s cyber security. Host: Garreth Hanley, podcast producer, CPA Australia Guests: Dan Weis, Practice...2023-12-1127 min
AUSCERT "Share today, save tomorrow"028 -Cyber artefactsIn this episode, AUSCERT features the following guests:
> Mike Pritchard, Cydarm Technologies
> Mark Carey-Smith, AUSCERT
Anthony sits down with Mike to discuss his passion for collecting hardware artefacts that help us understand the history of cyber.
In the second half of the episode, Bek chats with Mark Carey-Smith, Principal Analyst of AUSCERT about the launch AusMISP and the AUSCERT2024 mentoring program and call for presentations.
This episode was hosted by Anthony Caruana and Bek Cheb2023-11-2035 min
Stories of Infosec Journeys - Indian EditionStories of Infosec Journeys - In conversation with Aseem & MurtujaSpeaker Intro
Aseem Jakhar is the Director, R&D at Payatu https://payatu.com a research-powered cyber security services company specialized in IoT, Embedded, cloud, mobile and infrastructure security. He is the founder of null-The open security community, a registered not-for-profit organization and one of the largest security communities in Asia https://null.co.in and also organizes https://nullcon.net and https://hardwear.io security conferences. He is currently working on solving the IoT Security problem with his latest venture EXPLIoT. He is an active speaker and trainer at various security conferences like AusCERT, Black Hat...2023-10-2430 minAUSCERT "Share today, save tomorrow"027 - Celebrating NeurodiversityIn this episode, AusCERT features the following guests:
> Shelly Mills, The University of Queensland
> Trinity McNicol, University of Sunshine Coast
> Mark Carey-Smith, AusCERT
Anthony sits down with Shelly and Trinity to discuss neurodiversity and share their advice and experience with how to work with people who might see and feel the world differenlty.
In the second half of the episode, Bek chats with Mark Carey-Smith, Principal Analyst of AusCERT about the new Cyber Resilience for Executives course and preparations for AusCERT2024!
This episode was hosted by Anthony Caruana and Bek Cheb2023-10-0935 min
Breakpoint Security Podcast#S02EP04 IoT Security: Safeguarding Your Smart World! | Aseem JakharThe world is getting smarter and the number of IoT devices is growing by the day. Securing such environments presents unique challenges due to the diverse nature of these devices and the complexity of their interactions.Guest: Aseem Jakhar Co-Founder & Dir. Research at PayatuLinkedin: @aseemjakharX: @aseemjakharAseem Jakhar is a Cybersecurity Entrepreneur and Technologist with two decades of experience in security product development, services, building and scaling teams and communities. He is currently working on solving the IoT Security problem with his latest venture EXPLIoT. H...2023-10-0350 minAUSCERT "Share today, save tomorrow"026 -Communication is keyIn this episode, AusCERT features the following guests:
> Darren Pauli, Telstra
> Mark Carey-Smith, AusCERT
Anthony sits down with Darren Pauli who's specialty is writing and reporting about cyber security. Darren shares his insights about why written communication is so important and how to be a better communicator.
In the second half of the episode, Bek chats with Mark Carey-Smith, Principal Analyst of AusCERT about communication and the new upcoming course Data Governance Principles and Practices.
This episode was hosted by Anthony Caruana and Bek Cheb.2023-08-2936 minAUSCERT "Share today, save tomorrow"025 - What does the future hold?In this episode, AusCERT features the following guests:
> Dr Joseph Voros, The Voroscope
> Mike Holm, AusCERT
Anthony sits down with Futurist, Dr Joseph Voros who has been teaching and studying in the fascinating field of Strategic Foresight. He has worked with governments across the world, helping them prepare for uncertain futures.
Bek talks with Mike Holm, Senior Manager of AusCERT about the importance of community and how that helps us prepare for the future.
This episode was hosted by Anthony Caruana and Bek Cheb.2023-07-3132 minAUSCERT "Share today, save tomorrow"024 - People, People, People, Process and TechnologyThe first episode of season 3!
In this episode, AusCERT features the following guests:
> Rachel Tobac, SocialProof Security
> David Stockdale, AusCERT
Anthony sits down with Rachel Tobac, CEO of SocialProof Security to discuss how to boost the human side of People, Process and Technology to make your organisation more secure.
Bek talks with David Stockdale, Director of AusCERT about the recent Member Survey results and the upcoming events in each capital city to give Members the opportunity to provide feedback and help shape the future of AusCERT and its services.
This episode was hosted by Anthony Caruana and Bek Cheb.2023-07-0325 minAUSCERT "Share today, save tomorrow"023 - Mobile Device Security & AusCERT2023 Wrap UpIn this episode, AusCERT features the following guests:
> Martin McGregor, Devici
Anthony and Bek take a rare moment to chat together at the AusCERT2023 conference and provide a wrap up of the conference and the celebrations for 30 years of AusCERT.
Anthony sits down with Martin McGregor, CEO of Devici to discuss mobile device security and why the Essential 8 applies to mobile devices.
This episode was hosted by Anthony Caruana and Bek Cheb.2023-05-3135 minAUSCERT "Share today, save tomorrow"022 - Changing behaviour in cyberIn this episode, AusCERT features the following guests:
> Eric Pinkerton, Phronesis Security
> Mark Carey-Smith, AusCERT
Anthony sits down with Eric Pinkerton CEO to discuss if there is lessons to be learnt from how peoples behaviour changed during the pandemic that we can use to influence cyber.
Bek returns with colleague Mark Carey-Smith to chat about the importance of how we communicate and the range of people focused tutorials and presentations at this years AusCERT conference.
This episode was hosted by Anthony Caruana and Bek Cheb.2023-04-2532 min
INTHEBLACKMeet the “hacker” protecting you from cyber threatsPenetration testers hack into your company servers. Don’t worry – these are friends who can help your company stay safe from the dark web’s cyberthreats. “Pen testers” do it to protect you from the real hackers out there trying to steal your data. In this episode we meet a lead penetration tester. Learn what he does, how he does it and how you can improve your own organisation’s cyber security. Don’t miss this episode if data security is a priority in your company. Host: Garreth Hanley, podcast producer, CPA Australia...2023-03-2927 minAUSCERT "Share today, save tomorrow"021 - Secure code (Happy Birthday AusCERT!)In this episode, AusCERT features the following guests:
> Pieter Danhieux, Secure Code Warrior
> David Stockdale, AusCERT
> Mike Holm, AusCERT
Anthony sits down with Pieter Danhieux, CEO of Secure Code Warrior, to discuss the impact and importantance of writing secure code.
Bek returns with colleagues David and Mike to chat about AusCERT's 30th Birthday and how the organisation has changed over the years since it's creation.
This episode was hosted by Anthony Caruana and Bek Cheb.2023-03-2030 min
The Host Unknown PodcastEpisode 143 - The Flat Roof Special EpisodeThis week in InfoSec ( 11:47)With content liberated from the “today in infosec” twitter account and further afield4th March 1989: The article "COMPUTER DETECTIVE FOLLOWED TRAIL TO HACKER SPY SUSPECT" was published. It covers how Clifford Stoll's discovery of a 75¢ accounting discrepancy led to the arrest of Marcus Hess. It was also the topic of Stoll's book, The Cuckoo's Egg. COMPUTER DETECTIVE FOLLOWED TRAIL TO HACKER SPY SUSPECThttps://twitter.com/todayininfosec/status/1632213421268533250 8th March 1993: AusCERT (@AusCERT) began as the Security Emergency Response Team (SERT), when it commenced incident...2023-03-1042 minAUSCERT "Share today, save tomorrow"020 - Cyber Risk and InsuranceIn this episode, AusCERT features the following guests:
> Ben Di Marco, WTW
> Mark Carey-Smith, AusCERT
Anthony sits down with Ben Di Marco, Cyber and Technology Risk Specialist for WTW (Willis Towers Watson), to discuss the different perspectives of risk and explain the landscape of cyber insurance.
Bek returns with colleague Mark to chat about working with Ben on a roadshow of events and provide an update on how conference planning is progressing for AusCERT2023.
This episode was hosted by Anthony Caruana and Bek Cheb.2023-02-1731 min
AUSCERT "Share today, save tomorrow"019 - Zero TrustIn this episode, AusCERT features the following guests:
> Jess Dodson, Microsoft
> David Stockdale, AusCERT
> Mike Holm, AusCERT
Anthony sits down with Jess Dodson (GirlGerms),
Senior Cyber Security Cloud Solution Architect for Microsoft, to discuss her Zero Trust trilogy and how to bring the organisation along the Zero Trust journey.
The discussion begins with digital passwords and the evolution of security parameters and requirements and, whether they’re as efficient and effective as intended.
Bek returns with colleagues David and Mike to chat about what is in store for 2023.
This includes some new projects in the pipeline and conversation about what ev...2023-01-2528 min
AUSCERT "Share today, save tomorrow"018 - Bad Cyber Security Habits and Technical DebtIn this episode, AusCERT features the following guests:
> Dave Lewis, Cisco
> Mark Carey-Smith, AusCERT
In our final podcast for 2022, Anthony sits down with Dave Lewis,
Global Advisory CISO for Cisco, to discuss bad cyber security habits and how to break them along with how technical debt impacts cyber security strategy and response.
The discussion begins with digital passwords and the evolution of security parameters and requirements and, whether they’re as efficient and effective as intended.
Bek returns with colleague Mark to chat about the year that was 2022 and, what is on the horizon in 2023.
This includes some new initiatives th...2022-12-1640 min
AUSCERT "Share today, save tomorrow"017 – Digital Forensics and Incident ResponsesIn this episode, AusCERT features the following guests:
> Shanna Daly, Cosive
> Mark Carey-Smith, AusCERT
With the changing threat surface presenting new and evolving challenges, Anthony speaks with Shanna Daly to discuss her views on digital forensics and incident response.
They delve into the ‘how’ and ‘why’, which requires looking for proof of how something happened, from low-level investigations to evidence-based hypotheses of what is likely to have occurred.
Shanna explains how understanding the connection between digital forensics and incident response helps help paint a picture of attribution that is factually accurate but also, identifies oversights or errors that can be removed...2022-11-2532 minAUSCERT "Share today, save tomorrow"016 - Understanding and Combatting Cyber AttacksIn this episode, AusCERT features the following guests:
> Alex Tilley, SecureWorks
> Mark Carey-Smith, AusCERT
Australia has recently seen several cyber-attacks that impacted millions of Australians with the fallout still expanding and likely to be experienced for some time.
It’s timely that this month’s podcast features a chat with Alex Tilley who shares his experience combatting cyber experience and insights into the evolution of this growing aspect of modern society.
Continuing with the thread of security breaches, Bek chats with Mark about the intangible nature of cyber threats and the need for greater awareness of their relevance and potential impa...2022-10-2528 minAUSCERT "Share today, save tomorrow"015 - Understanding Mental and Physical Wellbeing in The WorkplaceIn this episode, AusCERT features the following guests:
> Dr Carla Rogers - Holistic Psychologist
> Mike Holm, AusCERT
Anthony chats to Dr Carla Rogers about the connection between mind and body along with techniques to help individuals identify, treat and overcome challenges in the workplace.
Later in the episode, Bek discusses with Mike AusCERT's return to travelling! Specifically, engaging with our members in order to understand their needs and what's most important to them.
This episode was hosted by Anthony Caruana and Bek Cheb.2022-09-0829 minAUSCERT "Share today, save tomorrow"014 - Diversity and Culture in Cyber SecurityIn this episode, AusCERT features the following guests:
> Sasenka Abeysooriya, The University of Queensland
> Jasmine Woolley, Trustwave
Anthony sits down with Sasenka Abeysooriya, a skilled and passionate strategist, innovative thinker and strong communicator, about sustainable and long-term solutions by changing behaviours and influencing organisational culture.
Later in the episode, Anthony talks with Jasmine Woolley, a proud First Nations woman, who shares her unique journey into cyber security and how she has utilised her Indigenous knowledge to provide a fresh perspective on emerging threats to Australia’s security.
This episode was hosted by Anthony Caruana.2022-08-0237 minAUSCERT "Share today, save tomorrow"013 - ITOT ConvergenceIn this episode, AusCERT features the following guests:
> Lesley Carhart, Dragos
> Mike Holm, AusCERT
Anthony sits down with Lesley Carhart to discuss the intersection between cyber security and operational technology, including the increased risk and vulnerability throughout the industry.
Bek then chats to Mike Holm as they look back at AusCERT2022 - the highlights and key learnings from this year's cyber security conference.
This episode was hosted by Anthony Caruana and Bek Cheb.2022-06-3031 minAUSCERT "Share today, save tomorrow"012 - AusCERT2022 Review + The Role of a CERTIn this episode, AusCERT features the following guests:
> Rob Pope, CERT NZ
> David Stockdale, AusCERT
Anthony and co-host Bek open the final episode of Season One by chatting about the recent cyber security conference, AusCERT2022.
Highlights from the event include the simpatico of a large number of speakers with presentations focused on people. Also noted was the wonderful representation of women across the speakers, presenters, and, attendees.
Anthony then sits down for a discussion with Rob Pope of CERT NZ and AusCERT's very own David Stockdale, about the current threat landscape in our region, including their advice for mitigating security...2022-06-0128 minAUSCERT "Share today, save tomorrow"011 - EthicsIn this episode, AusCERT features the following guests:
> Shawn Richardson, FIRST and Senior Manager, Product Security Incident Response at NVIDIA
> Jeroen van der Ham, FIRST and University of Twente
> Mark Carey-Smith, Principal Analyst, AusCERT
Anthony chats with Shawn and Jeroen, both Chairs of the FIRST (Forum of Incident Response and Security Teams) Ethics SIG, about ethics in incident response and their respective journeys into the cyber security arena.
Also discussed is the need to develop and sustain trust and how a code of ethics can assist teams to positively contribute to and understand the changing world we all work within.
...2022-04-2632 min
(CS)²AI Podcast Show: Control System Cyber Security33: Certifications and Instructional Careers in Cybersecurity with Justin SearleDerek Harp is excited to welcome Justin Searle as his guest for another episode in the series on security leaders! Justin is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing. He has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences. He is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, Nullcon, and AusCERT.2022-04-0545 minAUSCERT "Share today, save tomorrow"010 – Security Orchestration, Automation and ResponseIn this episode, AusCERT features the following guests:
> Virginia Calegare, RightSec, Founding Director, Cyber Security Adviser
> JP Haywood, Acumenis, Senior Security Consultant
> Dushyant Sattiraju, Deakin University, Manager, Cybersecurity Operations and Engineering
> Mike Holm, AusCERT, Senior Manager
Anthony chats with Virginia, JP and Dushyant about Security Orchestration, Automation, and Response - or SOAR - the topic for last year’s conference and how it can benefit organisational processes, automation and improving efficiencies – regardless of size.
Later in the episode, Mike and Bek talk about the malicious URL feed and how it works with SOAR, Member Slack, AusCERT’s AusISAC and how these...2022-03-3137 min
DevDiscussS8:E6 - How Physical Pen-Testing Will Expand Your Developer MindIn this episode, we talk about physical pen-testing with Deviant Ollam, author of the book, “Practical Lock Picking: A Physical Penetration Tester's Training Guide.”
Show Notes DevNews (sponsor) CodeNewbie (sponsor) DataStax (sponsor) Cockroach Labs (DevDiscuss) (sponsor) Swimm (DevDiscuss) (sponsor) Stellar (sponsor) Practical Lock Picking: A Physical Penetration Tester's Training Guide Deviant Ollam - I'll Let Myself In Tactics of Physical Pentesters B-sides Orlando 2017 Vape door (side-by-side) Deviant OllamWhile paying the bills as a physical penetration specialist with The CORE Group and the Director of Education for Red Team Alliance, Deviant Ollam is also...2022-03-1645 minAUSCERT "Share today, save tomorrow"009 - Strategic Resilience and Psychology in Cyber SecurityIn this episode, AusCERT features the following guests:
> Kylie Watson, Lead Partner at IBM. Technology Executive (Cybersecurity, Cloud, Data) and Sociologist
> Mark Carey-Smith, AusCERT Principal Analyst
Kylie and Anthony discuss the unique perspective of psychology in cyber security, including diversity of thinking and approaching problems by looking at them through a different lens.
Later in the episode, Mark and Bek talk about the importance of personal and organisational resilience as well as some exciting news about the keynote speaker at AusCERT2022.
This episode was hosted by Anthony Caruana and Bek Cheb.2022-02-1835 min
AUSCERT "Share today, save tomorrow"008 - Podcasts and cyber security, is this the future of communications in our sector?In this episode, AusCERT features the following guests:
> Amy Holden, Senior Enterprise Marketing Manager at Mimecast
> Garrett O'Hara, Field CTO at Mimecast
> Mike Holm, AusCERT Senior Manager
Amy and Garrett talk about podcasts and communication in cyber including lessons learnt from their podcast "The Get Cyber Resilient Show" as well as Cyber Resilience.
In follow up Mike talked about how AusCERT are focused on collaboration and layered security as well as excitement building for AusCERT2022 with the Call for Presentations closing soon.
This episode was hosted by Anthony Caruana and Bek Cheb.2022-01-2536 minAUSCERT "Share today, save tomorrow"007 - The future of the cyber security pipeline and education in AustraliaIn this episode, AusCERT features the following guests:
> Professor Ryan Ko, Chair & Director, UQ Cyber Security
> Ivano Bongiovanni, Lecturer at The University of Queensland
> Mike Holm, AusCERT Senior Manager
> Mark Carey-Smith, AusCERT Principal Analyst
Ryan and Ivano talked about how UQ Cyber Security is helping build a pipeline of cybersecurity talent and the different approach their masters program takes to deliver a more diverse offering to the industry.
Mark provided insight about how AusCERT is supporting UQ
Cyber Security through lectures as well assupervising student capstone and research projects.
Mike talked about the recent AusCERT Quarter 3 report findings as well...2021-11-1636 minAUSCERT "Share today, save tomorrow"006 - Red Teaming, Social Engineering and Stolen Identities - War Stories from the FieldIn this episode, AusCERT features the following guests:
> Chris Gatford, Co-Founder at Hacktive
> Mike Holm, AusCERT Senior Manager
Chris Gatford is the Founder and Director of Hacktive.io in Sydney, Australia and performs penetration tests for organisations all around the world.
Chris has reviewed countless IT environments and has directed and been responsible for numerous security assessments for a variety of corporations and government departments. Specifically, and somewhat uniquely Chris has been performing Penetration Testing for over 10 years commercially. Chris has co-authored “Network Security Assessment: From Vulnerability to Patch” from Syngress Publishing.
Chris is also a frequent speaker at many secu...2021-10-1125 minAUSCERT "Share today, save tomorrow"005 - Creating a Culture of Care and Weaving it into Workplaces StrategicallyIn this episode, AusCERT features the following guests:
> Julie Gillespie, Mental Well Being Consultant
> Mike Holm, AusCERT Senior Manager
Julie's consulting. coaching, and training work is grounded in over 25 years of business leadership experience and technical training, supported by a Bachelor of Commerce degree and an Executive Masters of Business Administration.
Mike provided an update on what has been happening at AusCERT since episode 4 of this podcast series. In particular, AusCERT's involvement in the APCERT Drill, the newly released AusCERT Daily Bulletin Digest and the new pilot service DFN.
This episode was hosted by Anthony Caruana and Bek Cheb.2021-09-0750 minAUSCERT "Share today, save tomorrow"004 - Cyber Security Awareness and Team Culture - Why is it so Important?In this episode, AusCERT features the following guests:
> Tracey Weeks, Manager of Cyber Security (Training and Awareness) in the Cyber Security Group at eHealth Queensland - Queensland Health
> Brian Hay, Executive Director at Cultural Cyber Security
> Dr David Stockdale, AusCERT Director
With a career spanning 27 years in Queensland Health and 10 years’ experience in the field of cyber security in the healthcare sector, Tracey leads her team within Cyber Security Group driving cultural change across the state in cyber security awareness with the focus on the workforce being the key to ensuring the protection of Queensland Health information and service delivery.
Br...2021-08-1332 min
AUSCERT "Share today, save tomorrow"003 - Passion Led Us HereIn this episode, AusCERT features the following guests:
> Jacqui Loustau, AWSN Founder and AusCERT2021 Individual Excellence in Information Security Winner
> Phillip "Pip" Jenkinson, CEO of Baidam Solutions and AusCERT2021 Diversity & Inclusion Champion
> Dr David Stockdale, AusCERT Director
Jacqui Loustau is the Founder and Executive Manager of AWSN, the Australian Women in Security Network. AWSN’s mission is to support, inspire, and connect women and female-identifying professionals in the industry and those looking to enter the field with the tools, knowledge, a connected network and platforms they’ll need in order to build their confidence and cultivate their interest. AWSN has been...2021-07-1436 min
CISO Talk by James AzarEp. 120 - Mark Loveless, Senior Security Researcher at GitLabSecurity Researcher & CISO’s
Mark Loveless joins me for a special episode to talk about security researchers' relationship with CISO, how the entire stack can be built and what we should all know about security researchers. Senior
Bio:
Mark Loveless is a Senior Security Researcher at Gitlab. His past employers have included startups, large corporations, hardware and software vendors, and even a government think tank. He has spoken at numerous security and hacker conferences worldwide on security and privacy topics, including Black Hat, DEF CON, ShmooCon, RSA, AusCERT, SANS among others. He has been quoted in television, online, and print med...2021-07-0125 minAUSCERT "Share today, save tomorrow"002 - Crossing Into The Blue Team In Cyber SecurityIn this episode, AusCERT features the following guests:
> Lukasz Gogolkiewicz, Head of Corporate Security at SEEK
> Mike Holm, AusCERT Senior Manager
> Dr Mark Carey-Smith, AusCERT Principal Analyst
Lukasz currently heads up Corporate Security at SEEK. In this role, he is responsible for ensuring the protection of sensitive information across a multitude of business systems, corporate systems and IT infrastructure. He was also a keynote at AusCERT2020 and spoke on the topic of “Threat driven cyber security, does security compliance work?” On this podcast episode, we sat down with Lukasz to discuss his career journey in cyber security, his transition from a Re...2021-06-1036 minAUSCERT "Share today, save tomorrow"001 - "Share Today, Save Tomorrow" AusCERT Podcast AnnouncementIn this launch episode, AusCERT features the following guests, in random order:
> Dr David Stockdale, AusCERT Director
> Mike Holm, AusCERT Senior Manager
> Bek Cheb, AusCERT Business Manager, long-time AusCERT event convenor and producer
> Dr Mark Carey-Smith, AusCERT Principal Analyst, long-time AusCERT conference supporter and GRC presenter
> Mandy Turner, Manager, Security Operations Centre at UQ
> Tim Lane, AHECS Cyber Security Community of Practice (CoP) Chair
This episode was hosted by Anthony Caruana and Laura Jiew2021-05-1221 min
Le Comptoir Sécu[SECHebdo] 25 novembre 2020 - Data Protection: EU vs US, youtube-dl le retour, Fuite AnimalJam, DDoS 2020, URL shortener, etc.2020-11-2500 min
CyberWire DailyTurning good words into bad. Crooks push those exploits through aging software while they still can. A big OSINT DB out of Shenzehn. TikTok’s fate grows narrower but murkier. Wildfire misinformation.Social engineers use text from legitimate recent warnings. Cybercrooks go for whatever they can get from software about to reach the end of its life. A big database filled with individual information is leaked from a Chinese government contractor. In the race to do whatever it is US companies hope to do with TikTok, Microsoft is apparently out, but Oracle is apparently in. Rick Howard looks at red versus blue. Our gust is Colby Prior, Infrastructure Engineer for AusCERT, on running honeypots. And the FBI wants you to know, contrary what you may have seen online, that Oregon wildfires are...2020-09-1425 min
Real World DevOpsInfoSec For DevOps Engineers with Kelly ShortridgeAbout Kelly ShortridgeKelly Shortridge is currently VP of Product Strategy at Capsule8. Kelly is known for research into the applications of behavioral economics to information security, which Kelly has presented conferences internationally, including Black Hat, AusCERT, Hacktivity, Troopers, and ZeroNights. Most recently, Kelly was the Product Manager for Analytics at SecurityScorecard. Previously, Kelly was the Product Manager for cross-platform detection capabilities at BAE Systems Applied Intelligence as well as co-founder and COO of IperLane, which was acquired. Prior to IperLane, Kelly was an investment banking analyst at Teneo Capital covering the data security and...2019-05-2329 min
Re-thinking The Human Factor with Bruce HallasHow a Victim of Identity Theft Uses Humor to Generate Cyber Awareness, with Bennett ArronHow a Victim of Identity Theft Uses Humour to Generate Cyber Awareness, with Bennett Arron Welcome to Episode 20 of the Re-Thinking the Human Factor Podcast. Joining us on the show today is Bennett Arron, Bennett was one of the first major victims of Identity Theft in the UK. According to the Police and credit reference agencies, he owed thousands of pounds to phone companies, banks and department stores. The only thing was, it wasn’t him. This theft resulted in Bennett becoming penniless and homeless. A comedy about iden...2019-03-2152 min
SecTools Podcast SeriesSecTools Podcast E11 with Aseem JakharAseem Jakhar is the Director, research at Payatu Software Labs payatu.com a boutique security testing company. He is a renowned security researcher with extensive experience in system programming, security research and consulting. He is well known in the hacking and security community as the founder of null - The open security community, registered not-for-profit organization http://null.co.in and also the founder of nullcon security conference nullcon.net and hardwear.io security conference http://hardwear.io He currently spends his time researching on IoT security and hacking things. He is an active speaker and trainer at security...2018-12-2233 min
FIRSTCON Podcast2018 Episode 9: Live from FIRST | How to Avoid Having a Really Bad Day...Rob McMillan, Research Director, GartnerJoin the interview in progress! Join Martin and Chris as they chat with Rob McMillan and discuss the evolution of incident response. Rob is the Research Director at Gartner and former co-founder and general manager of AusCERT. Rob was a featured keynote speaker at the 2018 annual conference.2018-08-2400 min![DEF CON 22 [Materials] Speeches from the Hacker Convention.](https://www.defcon.org/images/defcon-22/dc-22-itunes-logo-materials.jpg){kind=logo}
DEF CON 22 [Materials] Speeches from the Hacker Convention.Fatih Ozavci - VoIP Wars: Attack of the Cisco PhonesSlides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Ozavci/DEFCON-22-Fatih-Ozavci-VoIP-Wars-Attack-of-the-Cisco-Phones-UPDATED.pdf
VoIP Wars: Attack of the Cisco Phones
Fatih Ozavci SENIOR SECURITY CONSULTANT, SENSE OF SECURITY
Many hosted VoIP service providers are using Cisco hosted collaboration suite and Cisco VoIP solutions. These Cisco hosted VoIP implementations are very similar; they have Cisco Unified Communication services, SIP protocol for IP Phones of tenants, common conference solutions, Skinny protocol for compliance, generic RTP implementation, VOSS Solutions product family for management services for tenants. Cisco hosted VoIP implementations are vulnerable to many attacks, including:
...2014-12-1424 minDEF CON 22 [Materials] Speeches from the Hacker Convention.Deviant Ollam & Howard Payne - Elevator Hacking - From the Pit to the PenthouseElevator Hacking - From the Pit to the Penthouse
Deviant Ollam The CORE Group
Howard Payne The CORE Group
Throughout the history of hacker culture, elevators have played a key role. From the mystique of students at MIT taking late-night rides upon car tops (don't do that, please!) to the work of modern pen testers who use elevators to bypass building security systems (it's easier than you think!) these devices are often misunderstood and their full range of features and abilities go unexplored. This talk will be an in-depth explanation of how elevators work... allowing...2014-12-1324 min
Risky Business 2PRESENTATION: AusCERT speed debate 2014We're going to close out this year's coverage the way we normally do it: with a recording of the AusCERT speed debate!
I was a debater this year and as you'll hear I had zero time to prepare, so my contributions are pretty lame, but there was a hell of a panel like always. The whole thing was moderated by Adam Spencer.
Most of it makes no sense, some of it is funny, some of it is just stupid. Like it or loathe it, it's almost become an institution at this point so we absolutely...2014-05-1800 minRisky Business 2INTERVIEW: Dr. Jason Fox on gamificationOn the final day of AusCERT last week delegates were treated to a fascinating talk by Dr. Jason Fox, gamification expert and author of the book The Game Changer.
Jason's expertise is in finding out how to take the motivational aspects of games and apply them to work processes. We all know that sitting your staff down in a dimly lit auditorium to lecture them on spear phishing does precisely nothing to change user behaviour. But what if you made the hunt for spear phishing messages a game?
I sat down with Jason Fox after...2014-05-1800 minRisky Business 2INTERVIEW: Hacking supercomputers with y011In this interview we're chatting with Neal Wise of Assurance.com.au. Don't let the accent fool you, Neal is based in Melbourne and has been for as long as I can remember, and he did a great talk here at the AusCERT conference called Hacking the Gibson, which was all about pwning supercomputers.
I warn you in advance that there are a few references from the movie Hackers in this interview... sorry about that... HACK THE PLANET!! .... but yeah, Neal has been doing some work involving supercomputers and I decided to interview him about them. They...2014-05-1500 minRisky Business 2PRESENTATION: When is a cyberwar (drink!) a cyberwar (drink!)?PRESENTATION: When is a cyberwar (drink!) a cyberwar (drink!)?
Bob Clark returns to AusCERT\u2026
This is a recording of a presentation by Bob Clark, who these days teaches at the US Naval Academy. He has a long history as a department of defence lawyer including a stint as the counsel for the US Army Cyber Command.
In this talk Bob covers some ground he has covered before -- looking at when an online action represents an act of war under the laws of armed conflict -- but also takes a look at some...2014-05-1400 minRisky Business 2PRESENTATION: Felix “FX” Lindner’s AusCERT keynoteWe're going to kick things off with a recording of the opening keynote from the conference... this talk is by Felix "FX" Lindner of Recurity Labs.
Felix is a very well known hacker and researcher, and his talk is titled we come in peace, they don't. As you'll hear, he's not exactly Google's number one fan. Here he is, I hope you enjoy it!2014-05-1400 minRisky Business 2PRESENTATION: Ed Felton on security in the surveillance ageThis is a recording of Ed Felton's plenary session from AusCERT 2014.
Ed Felton is a professor of computer science and public affairs at Princeton's centre for information technology policy. From 2011 to 2012 he was the first Chief Technologist for the Federal Trade Commission. He's a very well known and highly regarded researcher and academic and he spoke at AusCERT on security in a surveilled world.2014-05-1400 minRisky Business 2INTERVIEW: Information leaks into North KoreaOur coverage continues now with an interview I recorded with Olivia Maree and Dave Jorm. Olivia holds a law degree and just finished a six month stint as a community manager with BugCrowd\u2026 Dave Jorm studies geology and mathematics at UQ and has worked in the software industry for around 14 years.
Some of you would remember the interview I did with Dave last year about his OSINT analysis of North Korea, I also recorded and published his AusCERT talk on that topic last year. Well, this year he returned to AusCERT with his pal Olivia Maree...2014-05-1400 min
Naked SecuritySophos Security Chet Chat - Episode 110 - June 4, 2013Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest security news: Microsoft reading Skype messages, the IP Commission Report, small business cybersecurity, and AusCERT 2013 #SophosPuzzle.2013-10-2715 minRisky Business 2PRESENTATION: Marcus Ranum on militarisation trendsThe following is a recording of Marcus Ranum's AusCERT keynote speech on CYBER WAR. Marcus was doing the circuit a few years ago with a talk titled "Cyber war is bullshit", which I think makes clear his position, but this one is titled Never Fight a Land War in Cyberspace. He basically argues that the application of traditional military thinking to the cyber domain is flawed. He also argues there's a massive money and power grab taking place as the military and the private sector defence base tries to set the agenda so it can profit from it. It's...2013-05-2800 minRisky Business 2PRESENTATION: Does Anonymous have a future?You're about to hear Parmy Olson's presentation from AusCERT's 2013 conference. Parmy is a journalist for Forbes, but she's also an author -- she wrote We Are Anonymous, Inside the Hacker world of LulzSec, Anonymous and the Global Cyber Insurgency. She got amazing access to the LulzSec crew and the book is well worth reading.
In this presentation she looks at why these young men got involved in such risky activity. What drove them, and what does the future of Anonymous look like?2013-05-2800 minRisky Business 2PRESENTATION: AusCERT speed debateThe following is a recording of the traditional closing event of the AusCERT event -- the speed debate. It's hosted by Australian television and radio presenter Adam Spencer, and it's a bit of light fun to end the whole thing on... debaters include Eugene Kaspersky, Bill Caelli, Charlie Miller, Scott McIntyre and more. I'll drop you in here as Adam sets the whole thing up. Enjoy.
2013-05-2800 minRisky Business 2PRESENTATION: Dmitri Alperovitch pitches active defenceActive defence is the new black. It's the issue of 2013. One of the organisations that helped put the issue on to the agenda is CrowdStrike, a business founded by some senior ex technologists from McAfee. CrowdStrike was founded on the premise that simply relying on defensive measures in information security isn't enough -- you need to be able to mess with your adversaries.
One of CrowdStrike's founders was Dmitri Alperovitch. He was at AusCERT and used his speaking slot to basically deliver the thinking behind CrowdStrike's pitch. It's nothing earth shattering, but it's a really well packaged...2013-05-2800 minRisky Business 2PRESENTATION: All your SCADAS are belong 2 Mark FabroThis is a recording of Mark Fabro's day two keynote speech from AusCERT. Mark is a control systems security expert and a terrific speaker. He's the president and chief security scientist for Lofty Perch, a control system security consultancy. He's extremely well plugged in to the SCADA security scene, he's done a bunch of strategy consulting to the US government. Basically Mark is Mr. SCADA. It's his thing.
In this talk Mark argues that we're focussing on the wrong stuff when it comes to SCADA security. He gives us an experts view on the conversation we should...2013-05-2300 minRisky Business 2PRESENTATION: OSINT observation of DPRKThe following is a recording of David Jorm's AusCERT presentation. You might have heard Dave preview his talk on last week's episode of the regular Risky Business podcast.
Dave, who works as a security response engineer for a vendor, studies geography and mathematics at the University of Queensland and recently completed a study on long-term remote-sensing analysis of North Korea. In his talk he looks at an OSINT analysis of North Korea\u2026 he talks about the work he did as well as looking at what other North Korea watchers are up to. There's some really cool...2013-05-2300 minRisky Business 2PRESENTATION: BYOD in government, a high level talkThe following is a recorded presentation from AusCERT. It's by Al Blake, the Chief Information Officer of the Department of Sustainability, Environment, Water, Population and Communities. In it he talks about BYOD, basically, from an Australian government perspective. It's not an overly technical talk, but it is a good overview of what a CIO like him has to consider when allowing staff to use their own devices in a heavily regulated environment.
2013-05-2200 minRisky Business 2PRESENTATION: HD Moore's AusCERT plenaryThe following is a recording of HD Moore's AusCERT plenary, all about the research he's done scanning the entire Internet. HD is one of the smartest guys in the business, and it's a great talk. But you might actually need to slow it down a bit, because I don't think I've ever encountered anyone in my life who can speak as fast as HD does. He sometimes speaks at a pace that is faster than my ability to comprehend what he's saying. But as I say, it's a great talk -- it's called Global Vulnerability Analysis.
2013-05-2200 minRisky Business 2PRESENTATION: AusCERT opening keynote with Google's Michael JonesWe're kicking off our AusCERT 2013 coverage today with the conference's opening keynote by Michael Jones, Google's chief technology advocate. He's charged with advancing technology to organise the world's information and make it universally accessible and useful.
Michael has worked as chief technologist of Google Maps, Earth, was the CTO of Keyhole Corporation, the company that developed the technology behind Google Earth and was also CEO of Intrinsic Graphics, and was director of advanced graphics at Silicon Graphics.
His presentation was called Security's Biggest Risk, and it basically boils down to the dumb stuff bringing us...2013-05-2200 minRisky Business 2SPONSOR PODCAST: Why do we expect users to make good decisions?At AusCERT last week I caught up with Phil Piotrowski, a threat researcher with Sophos, as well as Rob Forsyth, a director of Sophos here in Australia.
Really what this chat is all about is interface. We cover a few topics; how users are finding it increasingly difficult to determine when a warning dialogue or popup is genuine or fake, how online crime syndicated are investing a great deal more effort into pretty graphics and good copywriting, and then we chat about how mobile operating systems like Android have succeeded by making extraordinarily complicated things appear very...2012-05-2100 minRisky Business 2DEBATE: AusCERT speed debate 2012The following is the closing session from AusCERT's 2012 conference, the speed debate.
It's a chance to have a bit of a laugh at all things security and it's hosted by ABC personality Adam Spencer. Enjoy!2012-05-2100 minRisky Business 2INTERVIEW: Is the regulation of SCADA networks futile?Yesterday I caught up with SCADA security expert and AusCERT speaker Mark Fabro of Lofty Perch.
We spoke about attempts by governments to mandate minimum security requirements for critical infrastructure through regulation. I started off by asking him what regulation attempts in North America look like now.2012-05-1700 minRisky Business 2PRESENTATION: Forensics and SCADA/DCSThe following is a recording of Mark Fabro's AusCERT plenary.
As soon as you listen to Mark for more than five minutes you'll quickly realise he really knows what he's talking about.
This talk is about performing incident response and forensic analysis on live SCADA networks. It's very interesting stuff and Mark is a great presenter.2012-05-1700 minRisky Business 2PRESENTATION: Christopher Hoff on virtualisation, cloud, deperimiterisationThe following is a complete recording of Christopher Hoff's AusCERT presentation. He's the chief security architect with Juniper Networks. He has a vendor-heavy background, but don't hold that against him -- he's got some very interesting ideas around virtualisation, cloud computing and deperimiterisation. His talk is about automating security at scale, but he starts off, off all things, with a history innovation in toilets, which surprisingly works pretty well.
Here he is: Christopher Hoff, chief security architect of Juniper Networks. Enjoy.2012-05-1500 minRisky Business 2PRESENTATION: Mikko Hypponen on "The Enemy"The following is a complete recording of Mikko Hyppponen's opening keynote to the AusCERT 2012 conference. Mikko is the chief research officer for the Finnish antivirus firm F-Secure.
It takes him a few minutes to pick up steam, but I definitely recommend sticking with his talk. It starts out good and winds up fascinating. The title of his talk is The Enemy, and in it he examines three groups of attackers -- Criminals, Hacktivists and Nation States. It sounds like well worn material, but Mikko's take is definitely worth listening to.2012-05-1500 minRisky Business 2SPONSOR PODCAST: Microsoft's Maarten Van Horenbeeck on vulnerability scoringMicrosoft was kind enough to sponsor our coverage of AusCERT's 2011 conference and as a part of that sponsorship arrangement we're doing these sponsored podcasts. We've already posted two interviews with Microsoft peeps about security issues, but we're posting this full talk as well.
Maarten Van Horenbeeck works in the Microsoft Security Response Center managing Microsoft's efforts to share information on security vulnerabilities with third party security software providers, government agencies and national CERT teams.
This talk is about how Microsoft applies ratings to its product vulnerabilities... there are a bunch of ratings systems out there...2011-05-2300 minRisky Business 2PRESENTATION: Cambridge University's Ross Anderson on the economics of information securityThis is a full presentation by AusCERT's day three keynote speaker Ross Anderson.
Ross has kindly allowed us to podcast his entire talk.
Ross is professor of security engineering at Cambridge University, and author of the bestselling textbook "Security Engineering: A Guide to Building Dependable Distributed Systems". He was a pioneer of peer-to-peer systems, of hardware tamper-resistance, and of the economics of information security.
Ross will discuss the economics of information security in two contexts: frauds against payment networks, and the resilience of the Internet. The talk will draw on a recent major...2011-05-2300 minRisky Business 2PRESENTATION: AusCERT speed debatesYou're about to hear one of the highlights of AusCERT's annual conference -- the speed debates! Not to be taken too seriously, the speed debate happens at the end of the con -- it's a chance to have a laugh and shed some lighter perspectives on the security discipline.
It's hosted by Australian broadcaster and journalist Adam Spencer. I hope you enjoy it.2011-05-1900 minRisky Business 2SPONSOR PODCAST: Stuart Strathdee on the PSN breachMicrosoft was kind enough to sponsor our coverage of AusCERT's 2011 conference and as a part of that sponsorship arrangement we're doing these sponsored podcasts. They're general chats with Microsoft peeps about security issues.
And in this interview we're chatting with Microsoft Australia's Chief Security Advisor Stuart Strathdee about the affect the PSN network breach has had on large organisations' security outlook. As you'll hear, Stuart says a lot of security projects that had been on the back burner are now being brought forward.
Enjoy!2011-05-1900 minRisky Business 2PRESENTATION: Scott McIntyre on the security "generation gap"You're about to hear a full presentation recorded at the AusCERT conference. Scott McIntyre is a recent immigrant to Australia... he used to work for XS4all in the Netherlands, but these days he works as the Senior Technology Architecture Specialist in Security Operations for Telstra in Melbourne. His presentation is all about his views though, not those of Telstra. Disclaimer. Etc.
His talk focuses on what he calls the IT Security Generation Gap. Too often are today's security policies written and enforced by people who don't "get" social media, the public Internet, iPads and BitTorrent. But...2011-05-1700 minRisky Business 2PRESENTATION: Mark Newton makes IPv6 security interesting!You're about to hear a full presentation recorded at the AusCERT conference: a great presentation by Mark Newton, an engineer with Internode, all about IPv6 security.
Internode is an ISP and Mark really knows his stuff. We all know security considerations in IPv6 aren't exactly thrilling, but Mark managed to actually make this presentation interesting and a little bit thought provoking. I was popping in and out throughout this session and yeah, it was definitely more interesting than I was expecting. So here it is!2011-05-1700 minRisky Business 2RB2: AusCERT podcast: Speed debateWhat you're about to hear is the speed debating panel from AusCERT's 2010 conference.
A highlight of the conference, this year's panel was hosted by Australian media personality guy Adam Spencer. Panelists were: Max Kilger, Scott McIntyre, Marcus J. Ranum, Roger Dingledine, Alastair MacGibbon, Paul Gampe and Tim Redhead.2010-05-2000 minRisky Business 2RB2: AusCERT interview: E-mail crypto a "pain in the ass" says PKI inventorIn this interview we check in with a bit of a legend, Whitfield Diffie. He's universally credited as one of the creators of public key infrastructure, and he was the opening keynote speaker at the AusCERT conference.
I grabbed Whit for an interview in the hotel lobby bar and started off by asking him if he's disappointed that PKI hasn't been universally adopted yet.2010-05-1700 minRisky Business 2RB2: AusCERT interview: Neal Wise on the seven deadly sins of mobilityIn this podcast you'll hear me speaking with Assurance.com.au's Neal Wise about the seven deadly sins of mobility. Neal's a penetration tester and a complete and utter wireless nerd. He's a regular on the show and as it turns out he's a standby speaker for this year's AusCERT conference. If anyone winds up too hungover on Wednesday to speak, Neal will step in.
You'll have most likely heard that Google has been busted collecting payload data from wireless networks as its vans drove around doing Google Street view videos... so I asked Neal for his...2010-05-1700 min![DEFCON 17 [Video and Slides] Speeches from the Hacker Convention.](http://www.defcon.org/images/podcast/defcon-17-itunes-logo-video.png){kind=logo}
DEFCON 17 [Video and Slides] Speeches from the Hacker Convention.Richard Thieme - Hacking Biohacking and the Future of Humanity - Video and SlidesHacking, Biohacking, and the Future of HumanityRichard Thieme ThiemeWorksI was asked in 2006 at AusCert in Australia, my second of three years of keynoting, where did I see hacking headed in the future? I described biohacking and noted that genetic engineering, neuroscience (both black and white R&D) and the availability of everything one needs for a few thousand bucks to hack the genome in a garage, all made hacking human attributes and identity the next level of the transformation of human possibility.This talk illuminates how current and future developments in information systems...2009-10-0751 minDEFCON 17 [Video and Slides] Speeches from the Hacker Convention.Richard Thieme - Hacking UFOlogy 102 The Implications of UFOs for Life the Universe and Everything - VideoHacking UFOlogy 102: The Implications of UFOs for Life, the Universe, and EverythingRichard Thieme ThiemeWorks – Speaking, Writing, Unusual and Interesting InsightsTwo years ago at Def Con 15, Richard presented Hacking UFOlogy. He supported his contention that (1) UFOs are real and (2) the data to support that statement is voluminous with numerous references and links which he encouraged others to explore in good old try-it-and-see hacker fashion. Who better than hackers to have open minds, a willingness to try new things, an ability to look deeply into systems, including systems of thought, to see how machinery can be made to...2009-10-071h 02
ISTS - i sh0t the sheriffEdição 36 - 06.10.071 hora e 5 minutos
Eventos
ClubHack
http://clubhack.com/cfp.html
USENIX Security '08 Call for Papers
http://www.usenix.org/events/sec08/cfp/
Auscert
http://conference.auscert.org.au/conf2008/cfp2008.html
Noticias
Several buffer overflows in Checkpoint’s Firewall-1
http://www.heise-security.co.uk/news/96860
iPhone Turned into Pocket-Sized Hacking Platform
http://www.eweek.com/article2/0,1895,2191373,00.asp
Symantec redefines viral marketing with costumed Norton Fighter
http://www.engadget.co...2007-10-061h 06![Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference](http://media.blackhat.com/bh-usa-05/bh-usa-05-itunes.jpg)
Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conferenceAndrew van der Stock: World Exclusive - Announcing the OWASP Guide To Securing Web Applications and Services 2.0After three years of community development, the Open Web Application Security Project (OWASP) is proud to introduce the next generation of web application security standards at BlackHat USA 2005. The Guide to Securing Web Applications and Services 2.0 is a major new release - written from the ground up, with many new sections covering common and emerging risks, including:
* How to design more secure software
* How to conduct a security review using the Guide
* How to perform the most difficult web application processes correctly: processing credit cards, interacting with payment gateways (such as PayPayl), and anti-phishing controls
* Reorganized and easily navigated chapters...2006-06-0553 minBlack Hat Briefings, Las Vegas 2005 [Video] Presentations from the security conferenceAndrew van der Stock: World Exclusive - Announcing the OWASP Guide To Securing Web Applications and Services 2.0After three years of community development, the Open Web Application Security Project (OWASP) is proud to introduce the next generation of web application security standards at BlackHat USA 2005. The Guide to Securing Web Applications and Services 2.0 is a major new release - written from the ground up, with many new sections covering common and emerging risks, including:
* How to design more secure software
* How to conduct a security review using the Guide
* How to perform the most difficult web application processes correctly: processing credit cards, interacting with payment gateways (such as PayPayl), and anti-phishing controls
* Reorganized and easily navigated chapters...2006-06-0553 min