DevSecOps & Software Supply Chains, Microsoft – Application Security Weekly #64

    Tanya Janca, also known as SheHacksPurple, is a senior cloud advocate for Microsoft, specializing in application, cloud security, and more! Tanya is joining us on the show to talk about DevSecOps and Securing Software Supply Chains! Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts           Announcements Register for […]
The post DevSecOps & Software Supply Chains, Microsoft – Application Security Weekly #64 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/VWWTkDxNqCo/

Shellphish – Phishing Tool For 18 Social Media (Instagram, Facebook, Snapchat, Github, Twitter…)

Phishing Tool for 18 social media: Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, WordPress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest.This script uses some webpages generated by SocialFish Tool (https://github.com/UndeadSec/SocialFish)Instagram webpage generated by An0nUD4Y (@its_udy) (https://github.com/An0nUD4Y)Phishing Tool for Instagram, Facebook, Twitter, Snapchat, Github, Yahoo, Protonmail, Google, Spotify, Netflix, Linkedin, WordPress, Origin, Steam, Microsoft, InstaFollowers, Pinterest +1 customizableFeatures:Port Forwarding using Ngrok or ServeoLegal disclaimer:Usage of Shellphish for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this programUsage:git clone https://github.com/thelinuxchoice/shellphishcd shellphishbash shellphish.shAuthor: github.com/thelinuxchoiceIG: instagram.com/linux_choiceDownload Shellphish

Link: http://feedproxy.google.com/~r/PentestTools/~3/5hBi829B8IU/shellphish-phishing-tool-for-18-social.html

Joomla, BlueKeep, & Chinese OS – Hack Naked News #220

    This week, Microsoft brings hardware-based isolation to Chrome & Firefox, the US border’s license plate scanning technology hacked, Crooks leverage WordPress and Joomla sites for malicious redirects, the Chinese military wants to replace Windows OS in fear of US hacking, and how Google-protected mobile browsers were open to phishing for over a year! […]
The post Joomla, BlueKeep, & Chinese OS – Hack Naked News #220 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/OH0NJULeRnA/

From Dev to InfoSec Part 5 – Fortis Fortuna Adiuvat

Two years ago, I set out to get into cybersecurity. I had no idea where this journey would take me, and I had no aspirations at the time of turning this into a career. I’ve found that very rarely do people who have been doing something as long as me decide to completely change their profession and eschew the comforts of years of experience. Fortis Fortuna Adiuvat! I knew last year that security was where I wanted to be, and I was coming to the realization that I may need to leave Microsoft in order to do it. It wasn’t a decision that I would take lightly having been with the company for 8 years. Then I got a surprise.
The post From Dev to InfoSec Part 5 – Fortis Fortuna Adiuvat appeared first on The Ethical Hacker Network.

Link: https://www.ethicalhacker.net/columns/bango/from-dev-to-infosec-part-5-fortis-fortuna-adiuvat/

Webinar: Inside the MSRC – Blue Team, Bug Bounties & IR

Register Now to See Security Done the Microsoft Way!
Mechele Gruhn of Microsoft gives a behind the scenes view of the Microsoft Security Response Center (MSRC). Get the inside scoop on lessons from the past, how MS handles security incidents and bug bounties, the mysterious Blue Team, the mayhem that is Patch Tuesday, community outreach and much more in this FREE EH-Net Live! webinar on Thursday March 21, 2019 at 1:00 PM US Eastern. Join us live to receive certificates for easy submission of CPEs!

The post Webinar: Inside the MSRC – Blue Team, Bug Bounties & IR appeared first on The Ethical Hacker Network.

Link: https://www.ethicalhacker.net/eh-net-tv/eh-net-live/webinar-inside-the-msrc-blue-team-bug-bounties-ir/

Video: Inside the MSRC – Blue Team, Bug Bounties & IR

See Security Done the Microsoft Way!
Video and Slide Deck from EH-Net Live! March 2019
So… here we are. For many of us, it’s been a brutal winter. As bad as it was, we survived! We’re only a few days into Spring, but it’s spring nonetheless. And we’ll take it! With it comes not only a change in weather (well at least we hope) but also the traditional and quite natural feelings of birth, re-birth and new opportunities. It’s time to plant those seeds and plan for our growth, and that includes our careers! As the data continues to fly in, it’s pretty clear that the skills gap in the InfoSec industry is a real thing with over 3 million jobs that will go unfilled over the next few years because of a lack of a skilled workforce. In order to fill those jobs and secure our futures on many levels, we not only need to see where we’ve been & where we’re going, but it’s also imperative to pull talent from a very wide spectrum of people. In this webinar, we’re proud to present a “behind-the-scenes” view of how one of the largest companies in the world handles security and has done so in a somewhat non-traditional manner. We hope to share, educate and inspire!
Mechele Gruhn of Microsoft gives a behind the scenes view of the Microsoft Security Response Center (MSRC). Get the inside scoop on lessons from the past, how MS handles security incidents and bug bounties, the mysterious Blue Hat con, the mayhem that is Patch Tuesday, community outreach, benefits of diversity and much more in this replay of an EH-Net Live! webinar from Thursday March 21, 2019.
The post Video: Inside the MSRC – Blue Team, Bug Bounties & IR appeared first on The Ethical Hacker Network.

Link: https://www.ethicalhacker.net/members-only/