Episodes
-
A pentester navigated from basic internal network access to achieving full Domain Controller (DC) compromise and ultimately SCADA system control, revealing vulnerabilities that could have led to a hazardous chlorine release into a city's water supply. Episode 5 of The Security Engineering Show offers invaluable insights into modern offensive security and real-world breaches.
This is the show for security engineers, by security engineers.
Featuring
Noah Stanford: CEO at 0pass
Finn Foulds-Cook: Senior Penetration Tester at Volkis
00:00 - Intro
1:40 - The Engagement
4:45 - Windows Exploitation and Tooling
6:55 - ADCS, Coerced Auth, and Certs!
11:10 - Domain Controller Takeover
13:20 - Abusing DC Sync and EDR
15:55 - From DA to Azure
18:00 - Disabling your fancy EDR
19:30 - Escalating to Azure Global Admin
21:10 - Everything hacked, now what?
22:03 - Enumerating SCADA
24:31 - From SCADA to DEATH
27:44 - How do we fix all of this?
30:01 - Important security insights
31:47 - Message to Security / IT teams
33:36 - Outro
-
What happens when an American computer science student studies abroad in China and decides to find out what the Chinese government is censoring? Learn about how he did it, and what he discovered on this episode of The Security Engineering Show.
This is the show for security engineers, by security engineers.
Featuring
Noah Stanford: CEO at 0pass
Mitch Edwards: CEO at GrabbrApp
00:00 - Intro
1:16 - About Mitchell
4:12 - Chinese Yahoo Answers
6:00 - The Zhihu web scraper
9:10 - Analyzing the data
13:00 - Cat and mouse game
19:45 - Defense and iterations
21:35 - Threat Intel on the Dark Web
26:11 - Outro
-
Missing episodes?
-
Delve into the nitty-gritty of a company's two run-ins with the Lazarus Group. The first time, to clean up the mess they left behind, and the second, to stop them in their tracks after getting a telltale alert from the SEIM. This is the show for security engineers, by security engineers.FeaturingNoah Stanford: CEO at 0passMatt Toussain: Founder at Open Security00:00 Intro00:47 Lazarus Group Compromise #1: Negotiating ransomware payment02:55 Lazarus Group Compromise #1: Their tactics and techniques07:55 Lazarus Group Compromise #1: Bad practices that led to the first breach10:43 Lazarus Group Compromise #1: Cleaning up the mess15:38 SEIMs and how not to die the death of a thousand alerts19:35 Lazarus Compromise #2: Intro24:18 Lazarus Compromise #2: We're going to "hurt your billable rate"27:38 Lazarus Compromise #2: How they gained access and what they did33:27 Lazarus Compromise #2: Reverse engineering the malware36:24 Lazarus Compromise #2: Hacking back and the FBI45:10 Working in Private Sector vs US Gov48:34 Outro advice
-
This story is about a security engineer who hijacked the most important web page on the internet as part of a capture the flag challenge. While I can't tell you which exact page or company this happened at, you definitely know it and most likely use it every day in your business and personal life. Ian talks about how he found This is the show for security engineers, by security engineers.Featuring:Noah Stanford: CEO at 0pass, formerly AWS and SpaceXIan Pudney: Head of Engineering at 0pass, formerly at Google and Facebook
-
"Oh the places you'll find malware" brings surprising stories of infections and security incidents. Michael Grube, formerly a security engineer at SpaceX and now a vulnerability researcher at an employer we won't disclose, tells the stories about how he found malware in a Hadoop cluster, on a water jet machine (bought straight from the manufacturer), and in an Active Directory environment. We talk about the tricks that threat actors used to cover their tracks and how they were exposed.
This is the show for security engineers, by security engineers.
Featuring
Noah Stanford, CEO at 0pass: https://www.linkedin.com/in/pwned/
Michael Grube: Vulnerability Researcher and Security Engineer