In this episode of Cyber Threat Perspective, Spencer Alessi and Brad Causey, CISSP discuss the various locations where unsecured credentials can be found, providing valuable insights and tips for IT admins and pen testers. Here's what you can find in this episode: • Probing custom web apps: Discover how pen testers can read log files and request certain files to uncover hidden credentials. • Exploring application configuration files: Learn why it's crucial to search for .NET configuration files during pen testing for potential username and password exposures. • Active Directory attribute hunt: Find out where sensitive data, including outdated credentials, can often be found in Active Directory and how PowerShell logs can help identify potential breaches. • File shares: Delve into the world of file shares, where both sensitive data and unsecured credentials can be uncovered, making it a target for pen testers and red team members. • Document Management Systems (DMS): Gain insights into the vulnerabilities and security risks associated with DMS and how users sometimes inadvertently use it as a password manager. Watch or listen to the full episode: https://lnkd.in/g4VzTft9 --- 🔒 Follow and connect with SecurIT360 for consulting, guidance, and implementation of security protocols for your organization, anchored by our 24/7 SOC.
SecurIT360’s Post
More Relevant Posts
-
Senior Security Architect | {Security Business Analyst} | (Risk Management) | Cybersecurity
Check out this recent podcast by David Spark that I found very insightful. I've been a long-time fan of Defense in Depth, also by the CISO Series, and all of their podcasts are great. Give it a listen and let me know what you think! #resilience #cybersecurity #podcast #diversity
We’ll Invest in Resilience as Soon as the Ransom Payment Clears
davidspark.libsyn.com
-
I encourage my network to watch this great conversation between Mike Battistella and Richard Pharro on Cybersecurity Beyond Compliance Mike dispels the misconception that passing a compliance audit guarantees long-term security. Richard and Mike explore how continuous improvement is vital for cybersecurity and why organizations must go beyond compliance to protect their digital assets. Mike also highlights the crucial role of leadership in embedding cybersecurity into business strategy, ensuring it’s seen as essential for survival, not just a technical necessity. #cybersecurity #cybersecurityrisk #nistcybersecurityframework
Podcast: Cybersecurity beyond compliance, with Mike Battistella
https://www.youtube.com/
-
Please give this a listen! Our CISO and my friend Noah D. with some insight in how you can grow into CyberSecurity and then also how to present and speak to management to make an impact!
Exciting News! Our podcast has a new name – Welcome to the Future of Threat Intelligence! We’re diving deeper into the critical world of proactive threat management to bring you even more insightful content. Tune into our latest episode featuring Noah D., VP & Chief Information Security Officer at Ingersoll Rand. In this episode, Noah shares his BBG approach to speaking: be bold, be bright, and be gone. It’s all about making your point with confidence, showcasing your expertise, and keeping it concise – key traits that mark a leader worth listening to. Don’t miss out on this and more invaluable insights. Tune in now: https://ow.ly/CLnB50RAU8i #futureofthreatintelligence #cybersecurity #threatintelligence
-
-
Exciting News! Our podcast has a new name – Welcome to the Future of Threat Intelligence! We’re diving deeper into the critical world of proactive threat management to bring you even more insightful content. Tune into our latest episode featuring Noah D., VP & Chief Information Security Officer at Ingersoll Rand. In this episode, Noah shares his BBG approach to speaking: be bold, be bright, and be gone. It’s all about making your point with confidence, showcasing your expertise, and keeping it concise – key traits that mark a leader worth listening to. Don’t miss out on this and more invaluable insights. Tune in now: https://ow.ly/CLnB50RAU8i #futureofthreatintelligence #cybersecurity #threatintelligence
-
-
Enhancing Operational Efficiency, Safety, Sustainability, and Compliance for the world of Physical Operations | Account Development Benelux at Samsara (NYSE: IOT)
💡New InfoTech Growth Partner Podcast In this episode, we're having an insightful conversation with Izak Oosthuizen, CEO & Founder of Zhero Cybersecurity & IT Support and 3x Bestselling Author. We'll discuss the current state of SMEs when it comes to their cybersecurity, the risks of not having your security in order, and the foundational things SMEs need to have in place (which doesn't cost much time or money). Tune in for an interesting conversation and let us know if you have any things to add! Find the full episode here: https://lnkd.in/e_ynNsXM
-
Enhance your cannabis dispensary’s security with insights from Aaron Burn! Discover how to identify vulnerabilities and implement effective security practices. Available now on your favourite podcast platforms. 🎧 Listen to the full episode here: web.kayapush.com/3KxpSA5 #KayaCast #SecureYourBusiness #businesstips Bri-Bet Security Solutions
-
What five questions should you ask an OT vendor before sealing the deal? Get ready for Thursday's episode featuring Managing Consultant Philip Marasco, an OT and ICS Security expert 🔒 Tune in for insights on assessing vendors, boosting cybersecurity with management consoles, and overcoming risk challenges in OT environments 🤩 Don't miss out - catch us on all major podcast platforms this Thursday! 🎙
-
In this engaging episode of CyberSound, Vancord's Cybersecurity Podcast, hosts Jason Pufahl, Michael Grande, and Steve Maresca explore the intriguing parallels between cybersecurity and the historical figure Benedict Arnold. Tying the discussion to the July Fourth holiday, they delve into how Arnold's betrayal during the American Revolution can provide valuable insights into modern insider threats. The episode covers Arnold's background, his rise and fall, and his ultimate act of treason, drawing lessons on how organizations can detect and prevent insider threats today. Emphasizing the importance of trust, vigilance, and thorough background checks, the hosts highlight the need for robust security measures and a culture of awareness to safeguard against similar risks in the cybersecurity landscape. https://hubs.ly/Q02F5Dgj0 #vancord #cybersound #cybersecurity #insiderthreat #IT #informationtechnology #fourthofjuly
CyberSound™ Podcast by Vancord 2024 / Independence Day: Benedict Arnold & Cybersecurity / Ep. 106
https://www.youtube.com/
-
Did you see Hazel's episode? In Episode 4, Hazel McPherson talks about the complexities of CISO placement in today's businesses and how you can learn to optimise your CISO role for success. If you missed it, make sure to check out Hazel's episode below! 🚀 #Security #CISO #CyberSecurityPodcast #FutureOfWork #TechPodcast
4: Chat 4: Hazel McPherson CISO at ALD Automotive UK - How the job market in cyber security has evolved & where CISO's sit in the industry
https://spotify.com
