Видео

Great video and so nicely explained plus the fact that you included the slides download links just makes it brilliant, thank you!

Can you provide the name of the panelist who is the upper left corner? "Ambivert?" Citing this podcast in a piece I'm doing on my LinkedIn page, and I want to quote his insight, "like a year the last big breaches we've talked about or even the ones we're talking about today [are] social engineering, patch management, business logic flaws; it doesn't matter what language you write it in if I can pick up the phone and reset the IT admin's help desk MFA tokens." Thanks.

Yep it was bad timing for me. I got my windshield replaced on my Miata RF and they’re unable to replace the windshield garnishes at this time :( so my car looks like shit

GREAT JOB!

awesome ❤

Hormel Black Label Baconfest mentioned at 4:45

Jesus. This just popped up after we just finally came back online. Was about to put in my notice

I'm only halfway through, but as a software engineer, I don't agree with the premise of this show. I don't think the initiative is to rewrite all past programs, many of which are time tested, with memory safe programming languages. If you're writing new stuff though, you probably shouldn't be doing it in C++/C. Use Go/Rust instead. Google invented Go, because C++ was too problematic for their infrastructure code. It is easy to berate Java now, but it was revolutionary in the late 90s and early 2000s. The reason for all the security vulnerabilities, is that it made it possible for bad programmers to be more productive than they could be in C++. The same level programmers in C++ would have done far worse security wise.

Thank you very much for sharing your insightful and informative videos !! Intelligent and professional !! Outstanding !! Greetings from California … I wish you and folks good health , success and happiness !! Much Love ✌️😎💕

It's quite distracting having a different line of text running under the power point. Was this presentation adopted from something else?

My god I love deep dives so much.

Great Content Guys! ✌🏽😎

Seen better dns videos

Awesome thx

Like, you get infected through discord? What if Discord is in a flatpak sandbox?

Great presentation by Jack, appreciated your humor and demo's

gay

is it detected by antivirus at all?

✉ MailFail Extension (Firefox) and other resources m.ail.fail/ 🔗 Jack's list of DKIM selectors - github.com/ACK-J/MailFail/blob/main/DKIM_Selectors.txt - 🔗 Download the extension - addons.mozilla.org/en-US/firefox/addon/mailfail/ - 🔗 github repository - github.com/ACK-J/MailFail/ - 🔗 Reconstruct private keys from the two prime numbers - gist.github.com/ACK-J/487d0de5737458d953ca818a0645b09b - 🔗 Send DKIM signed emails script with a private key - gist.github.com/ACK-J/76585af46375641ec841cb6b77d345c3 - 🔗 Here's a bonus that wasn't in the presentation - Python script that takes in a list of domains and checks them for DMARC misconfigurations - gist.github.com/ACK-J/8a189bafbb54e00fb1b3f3e22dcd81c9 - 🛝 Webcast Slides - www.blackhillsinfosec.com/wp-content/uploads/2024/06/SLIDES_BHIS_MAILFAIL.pdf /// 🔗 Register for webcasts, summits, and workshops - blackhillsinfosec.zoom.us/ze/hub/stadium

Jack did great -- having someone technical give the webinar is fantastic. We got a good (review for me) technical explanation of SPF/DKIM/DMARC and why they really aren't that great. I'll stay tuned for more on the strength of this presentation --- the inclusion of misuse cases was one of the strongest points.

awesome , thanks

would be nice if you had chapter markers! and had use microsoft server to demonstrate instead of slides.

32:38 I believe you were talking about codespaces

taking my net+ here soon any good places to study? preferably free other than professor messer

There are still only 13 root servers. The reason for the limit has to do with the UDP packet size. Some roots do allow for an Anycast instance, but that instance is still the same IP as the primary root server that is being anycast’d. Speaking as a person that once ran L-Root for 3+ years

So, an interesting discussion all around concerning the biometrics topic. I found that it was missing some context in the discussion however, where no one mentioned that there are already other national protective laws under HIPAA; and there really needs to be correlation related to how that applies as well, and where the cross-over might exist. The CO state law takes inclusive steps to couple biometrics under state privacy laws (in the absence of an overall, cohesive national set), but I'm curious where the thought was that gaps existed in HIPAA that needed this type of additional regulation. Regardless of knowing about this law, this concept has led to some interesting group discussions lately. Are hosted data centers now, or going to be, responsible for providing HIPAA related audit data, in addition to SOC 1/2, as part of the reporting to their clients? Biometrics are a huge part of their security controls and they have lots of client data.

Man is sending full on helldivers 2 extraction codes 😂

Shecky bringing the real talk at 23:00 great points sir!

AONE ❤

That is not at all how it’s being used. Yes, it is Drone as First Response. But just as they would when physically on scene they can assess. And engage if the presented situation called for engagement and or simply be able to surveil and on going situation and provide live updates for those headed and to arriving on scene.

fkn banged my head trying to setup the proxy inside the emulator's settings. It worked super easy via adb. TY so much!

Is it going to help them get the right address ? Before they kick in the wrong door and shoot an innocent unarmed citizen ?

Why don't hackers do the right thing and delete peoples loans and mortgages

The DNS and BIND book should be required reading for anyone working in IT. The amount of people that only have surface level understanding of DNS is astounding.

Windows is malware, stop using it.

ACAB

Already in use, mostly for narcotic surveillance and prostitution stings as the test templates

Not gonna lie I totally agree with his statement 😂

can someone post the article by Daniel Meissler referenced at 3:20

Its such a evasive move im sure the a community will find a way to disable it

finalyyyyy thanks alot

This is gold!

I used my Flipper to find all the secret codes for my TV. It's been helpful because my TV needs an occasional hard reboot which I can do using an undocumented ir command. It was also awesome when I was pranking my nieces and nephews.

Thank you for this Serena and BHIS team. :D

42

Ethics, company have none. It’s all about money. Disclose after 90’days of just like Google does period. Then sue the vendor aka MS for dragging their feet.

Love these talks!! Thx for taking your time and doing them.

Sir tornet is safe? pip install tornet?

RUclips why have you been hiding this channel from me? Great video!😻

Hii Serena, Do you know any book that goes deep into this or atleast networkig?