Lessons in Incident Response (with Ben Shipley)

Lessons in Incident Response (with Ben Shipley)

ADVANCED PERSISTENT SECURITY PODCAST

EPISODE 27

GUEST: Ben Shipley

NOVEMBER 28, 2016

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.

NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

Lessons in Incident Response (with Ben Shipley) SHOW NOTES

PART 1

Lessons in Incident Response (with Ben Shipley)
Adult Friend Finder

This week, we discuss Adult Friend Finder’s data breach in the news segment. We draw parallels with Ashley Madison and contrast it with PornHub and the Security of Porn Blog post.

Next, we discuss the possibilities of how and why as well as the magnitude to society. We also examine follow-up mitigations for the future and derail the conversation into password managers.

Related Stories

Graham Cluley’s Analysis (Trip Wire)
Sophos’ Naked Security Initial Post about Adult Friend Finder
Sophos’ Naked Security Follow Up Post
Advanced Persistent Security’s Emily McCamy’s Analysis

PART 2

In this segment, Ben talks about a time that he “Cried Wolf” per se in an incident response effort. He called in more resources and ended up overkilling the situation. In the end, it was an incident, so no harm, no foul. Joe shares a couple of anecdotes of his own blunders in times past. A time when Joe misidentified Dropbox as Trin00 popped up as well as the time he did group policy wrong and tried to reboot a domain controller with a USB hard drive attached, completely killing all web presence for the organization. Information Security is as much about learning as it is doing.

PART 3

We do something a little different in this segment. We do a “belly aching” segment where we talk about what is bothering us from an information security perspective. Joe is bellyaching because a pharmacy did not allow him to opt out from them selling his data. Ben is bellyaching about a similar situation. They both converge and bellyache about in-store surveys and the OSINT perspective as well as data handling and motives.

ABOUT Ben

Lessons in Incident Response (with Ben Shipley)
Ben Shipley

Ben Shipley is an undergrad majoring in Information Technology with a focus in Information Security & Assurance. He currently works in Incident Response for a globally recognized Security Solutions Provider. He is also passionate about consumer-data privacy, threat-intelligence, as well as foreign affairs.

CONTACTING Ben:

Twitter: @Infosecsual


PASSWORD BLOG LINKS:

AlienVault
Hosted Locally on Advanced Persistent Security

WI-FI BLOG LINK:

AlienVault
Hosted Locally on Advanced Persistent Security

POWERSHELL LINK:

AlienVault


Joe’s Blog on Tripwire:

Burgling From an OSINT Point of View

Joe’s Blogs on Sword & Shield Enterprise Security’s site:

Holiday Shopping Safety Series: Shopping Via Credit Card and e-Commerce
Holiday Shopping Safety Series: Holiday Scams and Hoaxes

Joe’s Work with WATE 6 News in Knoxville, TN:

Shopping online safely this holiday season
iPhone scam uses text messages to hack iCloud information
Maryville hacker takes over Facebook accounts

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:


Delivered by FeedBurner

SUBSCRIBE TO OUR MAILING LIST

* indicates required