Skip to main content
Ephemeral Security

Ephemeral Security

By Steve Stonebraker

Interviews and fun with professionals, hackers, and everything in between.
Listen on SpotifySend voice message
Available on
Amazon Music Logo
Apple Podcasts Logo
Castbox Logo
Google Podcasts Logo
Spotify Logo
Report content on Spotify
Currently playing episode

Presenting: AOL Underground "Origin story of a Digital Forensic Incident Responder (DFIR)"

Ephemeral SecurityJul 28, 2022

00:00
02:10:57
Jim Rigney - Senior Director - InfoSec Architecture, Engineering, Operations

Jim Rigney - Senior Director - InfoSec Architecture, Engineering, Operations

Jan 05, 202456:22
Dan Nowak - Threat Intelligence, Insider/Nation State Threats, and Beyond

Dan Nowak - Threat Intelligence, Insider/Nation State Threats, and Beyond

Chat with Dan Nowak about threat intelligence, insider threats, deception techniques, intellectual property theft, Made in China 2025, Unlimited Warfare, the future of ransomware, and Defcon.


Pick of the Week:

Steve - The Americans

Dan - Meat Church Guys - The Whisky Bent Barbecue


Episode Show Notes:

Dan Nowak - ⁠https://www.linkedin.com/in/nowakdaniel/⁠

Website: www.celsus.io

Substack: ⁠https://archetypesandobjectives.substack.com⁠


Links:

Podcast Website: ⁠https://ephemeralsecuritypodcast.com⁠

Steve's Other Podcast: https://aolunderground.com/

Brakertech LLC: ⁠https://brakertech.com⁠

Github: ⁠https://github.com/ssstonebraker⁠


Social:

LinkedIn: ⁠https://www.linkedin.com/in/stevestonebraker⁠

Twitter: ⁠https://twitter.com/brakertech⁠


Credits:

Audio Editing by Sam Fox - ⁠sam.fox.london@gmail.com⁠

Intro music by Margo Stonebraker

Aug 19, 202301:13:24
Matt Wright - Senior Security Engineer

Matt Wright - Senior Security Engineer

Jun 28, 202330:59
Presenting: AOL Underground "AOL History from the people that lived it - Erci Stern"

Presenting: AOL Underground "AOL History from the people that lived it - Erci Stern"

Erci Stern tells us her origin story.  We review in depth how she battled users that were uploading Warez on a customer's Anonymous FTP site and also hear a funny story about Slingo.  She takes us through her entire career at AOL where she started in Site Reliability (Systems Administration/Operations), moving to Information Security/QA, and then went into project management.  We also cover her life after AOL where she went back to System Administration and has been a champion of security along the way throughout her career. Other topics include Configuration Management, Security Certifications, passion projects, etc..  Erici also shares with us her experience mentoring at "Girls who Code" and advice for girls that want to go into IT.

Guest:

  • Erci Stern

Host: Steve Stonebraker

CoverArt: Created by Broast (https://broast.org), original idea by LampGold.

--

AOL Underground Podcast

Follow us on twitter - @AOLUnderground @brakertech

Merch - https://www.redbubble.com/people/AOL-Underground/shop

Donate - https://www.buymeacoffee.com/AOLUnderground

Contact the Host - https://aolunderground.com/contact-host/

Reconnect with old AOLers -

Oct 05, 202201:14:10
Presenting: AOL Underground "Origin story of a Digital Forensic Incident Responder (DFIR)"

Presenting: AOL Underground "Origin story of a Digital Forensic Incident Responder (DFIR)"

Surf Kahuna (Ryan Chapman) shares his origin story about a series of events that occurred on AOL that rocked his world and led him down the path of digital forensics.  Then Steve and Ryan talk espionage, multiple Advanced Persistent Threats, retro gaming, password spraying, ransomware, and what has helped Ryan be successful in Infosec.


Guest: Surf Kahuna/Mac Diablo (Ryan Chapman)

Host: Steve Stonebraker

CoverArt: Created by Broast (https://broast.org), original idea by LampGold.

--

Ryan Chapman

Follow Ryan on Twitter - @rj_chap

Ryan's Blog - https://incidentresponse.training/

Author of SANS FOR528 "Ransomware for Incident Responders" - for528.com/course

Instructor of SANS FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques  - https://www.sans.org/cyber-security-courses/reverse-engineering-malware-malware-analysis-tools-techniques/

Part of the @CactusCon crew - https://www.cactuscon.com/

--

AOL Underground Podcast

Follow us on twitter - @AOLUnderground @brakertech

Merch - https://www.redbubble.com/people/AOL-Underground/shop

Donate - https://www.buymeacoffee.com/AOLUnderground

Contact the Host - https://aolunderground.com/contact-host/

Reconnect with old AOLers -

Jul 28, 202202:10:57
Sandeep Lahane - Deepfence

Sandeep Lahane - Deepfence

Chat with Sandeep Lahane, CEO of Deepfence, on how ThreatStryker is changing the game for Cloud Workload Protection.  We go deep in to the product's unique full SSL decryption and packet capture capability, identification of an organizations most vulnerable endpoints, and automated workflows to remediate compromised systems.


Episode Show Notes:

Sandeep Lahane - https://www.linkedin.com/in/sandeep-lahane-b9520a4/

Deepfence - https://deepfence.io/

Review of Deepfence's sandbox environment - https://brakertech.com/deepfence-cloud-native-workload-protection-for-infosec-pros/

Links:

Podcast Website: https://ephemeralsecuritypodcast.com

Blog: https://brakertech.com

Github: https://github.com/ssstonebraker

Social:

LinkedIn: https://www.linkedin.com/in/stevestonebraker

Twitter: https://twitter.com/brakertech

Credits:

Intro music by Margo Stonebraker

Jun 15, 202248:25
Ryan Fried - Senior Security Engineer & Adjunct Professor

Ryan Fried - Senior Security Engineer & Adjunct Professor

Chat with Ryan Fried about being and adjunct professor in the Cyber Security space, being a virtual CISO and talking to executives, purple teaming, true positive security incidents, validating your controls and what you think you know, and Atomic Red Team


Episode Show Notes:

Ryan Fried - https://www.linkedin.com/in/ryan-fried-65747938/

Atomic Red Team - https://github.com/redcanaryco/atomic-red-team

Bloodhound - https://github.com/BloodHoundAD/BloodHound

Checkov - https://www.checkov.io/

Links:

Podcast Website: https://ephemeralsecuritypodcast.com

Blog: https://brakertech.com

Github: https://github.com/ssstonebraker

Social:

LinkedIn: https://www.linkedin.com/in/stevestonebraker

Twitter: https://twitter.com/brakertech

Credits:

Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio

Intro music by Margo Stonebraker


Jun 08, 202201:06:44
Lisa Falzone and Michael Green - Athena Security

Lisa Falzone and Michael Green - Athena Security

Chat with Lisa Falzone and Michael Green of Athena Security

Athena Security focuses on Entryway Security - https://www.athena-security.com/

Guests

Michael Green, CEO and Co-Founder

Lisa Falzone, President and Co-Founder

Show Notes

https://ephemeralsecuritypodcast.com/athena-security/

Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio

Intro music by Margo Stonebraker 

May 16, 202233:34
Ethan Heilman – BastionZero

Ethan Heilman – BastionZero

Chat with @Ethan_Heilman, CTO of @getBastionZero on how they are adding additional security when accessing remote infrastructure. BastionZero adds an additional separate Multi Factor Authentication into the authentication process and has a unique multi-root security model. 


Ethan can be found at: 

LinkedIn: https://www.linkedin.com/in/ethan-heilman-39896934/

Twitter: https://twitter.com/Ethan_Heilman 


//Show Notes//

BastionZero's website - https://www.bastionzero.com/ 

Video on how multiple MFA works with Bastion Zero - https://brakertech.com/aws-systems-manager-session-manager-on-steroids/


Podcast edited and mastered by Charlie Clark, https://www.fiverr.com/chuckaudio

Intro music by Margo Stonebraker 


//Chapter Timestamps// 

00:00:41 Meet Ethan Heilman 

00:01:10 When did you first use a computer? 

00:01:29 How did you get into Information Security 

00:02:42 Crypto Company to Bastion Zero 

00:05:08 Multiparty Computation 

00:06:07 Certificate Authorities 

00:08:13 AWS PrivateLink/VPC Endpoints 

00:10:38 How does Bastion Zero Work? 

00:14:55 Shared Responsibility 

00:16:50 Dynamic Targets 

00:19:46 What does the term "Zero Trust" mean to you? 

00:21:01 Proxying HTTP 

00:23:17 SELinux 

00:23:45 Privileged Access Management 

00:27:35 AWS Root Account 

00:33:26 Separate Admin Accounts 

00:36:12 API Keys 

00:40:58 Response for product in the wild? 

00:45:11 Stopping Ransomware 

00:52:26 Phishing 01:01:21 Modifying Linux Pluggable Authentication Module 01:06:18 Goodbye

May 08, 202201:07:03
Devin Casadey – Global Red Team Lead

Devin Casadey – Global Red Team Lead

Chat with @DevinCasadey, Managing Principal / Global Red Team Lead. Devin's

Certifications: OSCE3 (OSWE, OSEP, OSED), OSCP, OSCE, OSEE, OSWP, eCTHP, GCPN 

Devin can be found at:

Hack the Box: https://www.hackthebox.eu/profile/28293

HTB & CTF Team: https://www.hackthebox.eu/teams/profile/1685

Github: https://keramas.github.io/about.html

LinkedIn: https://www.linkedin.com/in/devin-casadey-198117b/

Twitter: https://twitter.com/DevinCasadey 

Show Notes 

Don't Roll Your Own: Devin's Writeup for how he decoded the database (referenced in the episode) - https://keramas.github.io/2022/05/03/dont-roll-your-own.html

EvilGinx: Man in the Middle Two Factor Auth - https://github.com/kgretzky/evilginx2 

Chapter Timestamps

01:09 -- Why are you passionate about Infosec?

02:17 -- First use a computer?

05:31 -- What are you doing now?

06:16 -- Best way to hone skills?

07:54 -- Difference between Redteaming and Pentesting 09:12 -- Are Pentesters ever asked to emulate APTs?

11:51 -- Do you test different EDR Vendors?

16:18 -- Test Scenario 17:42 -- Do you have to write custom exploits for engagements?

23:31 -- Do you tell vendors you can bypass their EDR product?

26:02 -- Trying to get caught by Security Team 27:21 -- What can customers do to get the most out of a pentesitng engagement?

32:09 -- Pentest Client Behavior 35:56 -- Linux Boxes 37:11 -- Windows Security 40:30 -- Found Machine Already Compromised?

41:44 -- Pentest Planning

43:46 -- Memorable Engagements

47:07 -- Zero Trust

53:44 -- Initial Point of Entry

58:55 -- Okta Breach

01:01:27 -- Triple MFA

01:02:53 -- Avoid Burnout?

01:05:00 -- Joining a Redteam

01:09:44 -- Any Passion Projects?

01:10:21 -- Goodbye

Links:

Podcast Website: https://ephemeralsecuritypodcast.com

Blog: https://brakertech.com

Github: https://github.com/ssstonebraker

Social:

LinkedIn: https://www.linkedin.com/in/stevestonebraker

Twitter: https://twitter.com/brakertech

May 05, 202201:11:27
Mike Wyatt: CYDERES

Mike Wyatt: CYDERES

Chat with Mike Wyatt, Chief Security Officer at CYDERES



Mike can be found at:
twitter.com/cleverexploit
www.linkedin.com/in/cleverexploit/



Note: This episode has chapters embedded in the file!
Apr 22, 202201:08:29
Cyclops Blink

Cyclops Blink

The Cyclops Blink botnet is explained (how it worked) and a question is posed to the guests if this should be considered an act of Cyber War



Guests: Matt Wright and Brad Lindsley



Episode Extras: ephemeralsecuritypodcast.com/cyclops-blink/ (includes diagram of botnet, link to the court order to disrupt the botnet, and more)
Apr 12, 202223:33
Iman Joshua: Vimeo

Iman Joshua: Vimeo

Guest: Iman Joshua - Head of Information Security at Vimeo
Host: Steve Stonebraker stevestonebraker.com



Special Thanks
Audio Editing and Sound - Adam Joesph - www.adamjosephsounds.com/
Theme music - Margo Stonebraker - codewithmargo.com
Dec 09, 202147:32
Deidre Diamond: CyberSN

Deidre Diamond: CyberSN

Interview with CyberSN founder Deidre Diamond, who is redefining passive recruiting for cybersecurity professionals and throwing the resume out the window.

Guest:
Deidre Diamond, Founder and CEO
CyberSN.com



Host:
Steve Stonebraker
brakertech.com

Special Thanks:
Theme music - Margo Stonebraker - codewithmargo.com
Aug 16, 202148:22
Information Security Career Do-over: Joe South, Jason Thorn, Shane Armbrister

Information Security Career Do-over: Joe South, Jason Thorn, Shane Armbrister

What would you do differently if you could start your Information Security career over again? Special Thanks: Audio Editing and Sound - Adam Joesph - daseinazam.wixsite.com/website Theme music - Margo Stonebraker - codewithmargo.com Host: Steve Stonebraker Information Security Manager, Architecture & Engineering OSCP (Offensive Security Certified Professional) AWS Certified Security - Specialty AWS Certified Solutions Architect - Associate AWS Certified SysOps  Administrator - Associate AWS Certified Cloud Practitioner https://brakertech.com https://ephemeralsecuritypodcast.com https://aolunderground.com Guests: Joe South Senior Cloud Security Engineer CISSP AWS Certified Security - Specialty AWS Certified Cloud Practicioner Host of the "Security Unfiltered" Podcast https://securityunfiltered.buzzsprout.com/ Jason Thorn Information Security Manager GIAC Advisory Board GIAC Penetration Tester GIAC Certified Incident Handler GIAC Certified Forensic Analyst Shane Armbrister IT Security Analyst - Team lead Splunk Certified Admin GIAC Security Essentials Certification Sound used in the episode: Alice In the City by Jeris (c) copyright 2013 Licensed under a Creative Commons Attribution (3.0) license. http://dig.ccmixter.org/files/VJ_Memes/43424 Ft: Orrisroot To See The Past by Hayden Folker | https://soundcloud.com/hayden-folker Music promoted by https://www.free-stock-music.com Creative Commons Attribution 3.0 Unported License https://creativecommons.org/licenses/by/3.0/deed.en_US
Aug 04, 202155:05