The Security Engineering Show

Something in the Water | Ep. #5 | The Security Engineering Show

A pentester navigated from basic internal network access to achieving full Domain Controller (DC) compromise and ultimately SCADA system control, revealing vulnerabilities that could have led to a hazardous chlorine release into a city's water supply. Episode 5 of The Security Engineering Show offers invaluable insights into modern offensive security and real-world breaches. This is the show for security engineers, by security engineers. Featuring Noah Stanford: CEO at 0pass Finn Foulds-Cook: Senior Penetration Tester at Volkis 00:00 - Intro 1:40 - The Engagement 4:45 - Windows Exploitation and Tooling 6:55 - ADCS, Coerced Auth, and Certs! 11:10 - Domain Controller Takeover 13:20 - Abusing DC Sync and EDR 15:55 - From DA to Azure 18:00 - Disabling your fancy EDR 19:30 - Escalating to Azure Global Admin 21:10 - Everything hacked, now what? 22:03 - Enumerating SCADA 24:31 - From SCADA to DEATH 27:44 - How do we fix all of this? 30:01 - Important security insights 31:47 - Message to Security / IT teams 33:36 - Outro

Hacking the Great Firewall | Ep. #4 | The Security Engineering Show

What happens when an American computer science student studies abroad in China and decides to find out what the Chinese government is censoring? Learn about how he did it, and what he discovered on this episode of The Security Engineering Show. This is the show for security engineers, by security engineers. Featuring Noah Stanford: CEO at 0pass Mitch Edwards: CEO at GrabbrApp 00:00 - Intro 1:16 - About Mitchell 4:12 - Chinese Yahoo Answers 6:00 - The Zhihu web scraper 9:10 - Analyzing the data 13:00 - Cat and mouse game 19:45 - Defense and iterations 21:35 - Threat Intel on the Dark Web 26:11 - Outro

Learning from Lazarus Group | Ep. #3 | The Security Engineering Show

Delve into the nitty-gritty of a company's two run-ins with the Lazarus Group. The first time, to clean up the mess they left behind, and the second, to stop them in their tracks after getting a telltale alert from the SEIM. This is the show for security engineers, by security engineers. Featuring Noah Stanford: CEO at 0pass Matt Toussain: Founder at Open Security 00:00 Intro 00:47 Lazarus Group Compromise #1: Negotiating ransomware payment 02:55 Lazarus Group Compromise #1: Their tactics and techniques 07:55 Lazarus Group Compromise #1: Bad practices that led to the first breach 10:43 Lazarus Group Compromise #1: Cleaning up the mess 15:38 SEIMs and how not to die the death of a thousand alerts 19:35 Lazarus Compromise #2: Intro 24:18 Lazarus Compromise #2: We're going to "hurt your billable rate" 27:38 Lazarus Compromise #2: How they gained access and what they did 33:27 Lazarus Compromise #2: Reverse engineering the malware 36:24 Lazarus Compromise #2: Hacking back and the FBI 45:10 Working in Private Sector vs US Gov 48:34 Outro advice

Hijacking the Most Important Web Page on the Internet | Ep. #2 | The Security Engineering Show

This story is about a security engineer who hijacked the most important web page on the internet as part of a capture the flag challenge. While I can't tell you which exact page or company this happened at, you definitely know it and most likely use it every day in your business and personal life. Ian talks about how he found This is the show for security engineers, by security engineers. Featuring: Noah Stanford: CEO at 0pass, formerly AWS and SpaceX Ian Pudney: Head of Engineering at 0pass, formerly at Google and Facebook

Oh The Places You'll Find Malware | Ep. #1 | The Security Engineering Show

"Oh the places you'll find malware" brings surprising stories of infections and security incidents. Michael Grube, formerly a security engineer at SpaceX and now a vulnerability researcher at an employer we won't disclose, tells the stories about how he found malware in a Hadoop cluster, on a water jet machine (bought straight from the manufacturer), and in an Active Directory environment. We talk about the tricks that threat actors used to cover their tracks and how they were exposed. This is the show for security engineers, by security engineers. Featuring Noah Stanford, CEO at 0pass: https://www.linkedin.com/in/pwned/ [https://www.linkedin.com/in/pwned/] Michael Grube: Vulnerability Researcher and Security Engineer