Security Noise

Attackers and threat actors use command and control techniques, also known as C2, to gain access to networks and communicate with compromised devices. On this episode of Security Noise, Geoff and Skyler are joined by Principal Research Analyst Scott Nusbaum to discuss C2 techniques. Listen as they cover how different types of attackers typically use C2, how that differs from what pentesters and red teamers...

Red Teaming 101: understand your target before you attack. On this episode, we invited two heavy hitters, Principal Security Consultants Hans Lakhan and Oddvar Moe on the show to talk about Red Team operations. We discuss footprinting and reconnaissance techniques including identifying a target's online presence, the tools and methods used for reconnaissance, and social engineering. Listen as we walk through how we map the digital ...

On this special Friday Edition of Security Noise, Geoff lets Skyler out of the sound booth and sends him to Deadwood, South Dakota to attend (and speak at) Wild West Hackin' Fest! Skyler also interviews TrustedSec's Senior Security Consultant David Boyd on his WWHF talk on Social Engineering and Principal Security Consultant Adam Compton's GrrCON talk titled "An Old Hillbilly's Guide to BASH for Pentests...". Listen in as Skyler ta...

On this episode, Alex Hamerstone, TrustedSec's Advisory Solutions Director, joins the show for Cybersecurity Awareness Month! We go over recent trends in cybersecurity and the importance of ongoing training for employees. We also take a look at different ways to safely authenticate and authorize your users, the risks with IoT devices in your home, and the rapidly growing number of scams utilizing AI.

About this podcast: Security No...

Need to catch up on this summer's security news? In this episode of Security Noise, Geoff and Skyler chat with TrustedSec Founder and CEO Dave Kennedy about recent national security breaches, the role of AI in software development, and the challenges of public awareness regarding cyber threats. How have national security disclosures impacted politics? How has AI influenced trends in cyber attacks? Listen now as we discuss the state...

Security Noise is back for its 8th season! The weather is getting cooler but we are still chatting about our experiences in Las Vegas for "Hacker Summer Camp." In this episode, Geoff and Skyler speak with Senior Security Consultants David Boyd and Whitney Phillips about their experiences at DEFCON 33 and Black Hat 2025. We discuss the evolution of DEFCON, the challenges of navigating large conferences, and tips for making the most ...

Hack the planet! In this episode of Security Noise, Geoff and Skyler chat with TrustedSec CSO & VP of Consulting Martin Bos and Principal Security Consultant Mike Felch about the evolution of hacker culture. They talk about their early experiences with hacking, cyber tech, and movies as well as cultural shifts over the years and how it has impacted the conference experience. Join us for a trip down memory lane with some cybersecuri...

On this episode of Security Noise, Geoff and Skyler chat with Security Consultant Shane Jones about how AI can accelerate workflows and the pros and cons of using automation in penetration testing. Skyler covers his experiences with voice cloning, which AI tools assisted his engagement, and how he was able to trick the IVR system.

About this podcast:

Security Noise, a TrustedSec Podcast hosted by ...

On this episode of Security Noise, Geoff and Skyler chat with Identity Security Architect Sean Metcalf about securing Active Directory, Entra, DS, and that messy space in between. Sean also talks about his recent presentation at RSA, common challenges in the identity security space, frequently seen penetration test findings, and more!

About this podcast:

Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Produ...

Who doesn't love a new tool? In this episode of Security Noise, Geoff and Skyler talk to Senior Research Analyst Alex Ball about his new open-source tool DIT Explorer. DIT Explorer opens a .dit file of your choosing (NTDS.dit is the file housing the data for Windows Active Directory), loads the directory schema, and presents the objects as a tree. Alex takes us through the tool's functions, why and how he created it, and upcoming u...

Let's Encrypt now offers certificates with 6-day lifetimes but what does that mean for the commercial TLS trust anchor world? On this episode of Security Noise, Geoff and Skyler are joined by Principal Security Consultant Justin Bollinger to discuss new options for certificate lifetimes and the implications of the new maximum ages, good and bad.

About this podcast:

Security Noise, a TrustedSec Podcast hosted by Geoff Walto...

In this episode of Security Noise, Geoff and Skyler talk with IR Practice Lead Carlos Perez and Security Consultant Zach Bevilacqua about the world of security operations. They discuss current trends, the role of AI, challenges with traditional SIEM tools, and the value of proper logging and monitoring configurations. How important are proactive measures and effective communication within SOC teams? Find out what our team has to sa...

How has email security evolved over the years? What challenges do organizations face in protecting against sophisticated phishing attacks? Find out on this episode of Security Noise! Business Email Compromise (BEC) attacks are becoming increasingly common and sophisticated. In this episode, Geoff and Skyler speak with Incident Response Security Consultant Olivia Cate and Director of Advisory Innovation Rocky Brockway about BEC and ...

In this episode, Geoff and Skyler talk with TrustedSec Security Consultants Whitney Phillips and Justin Bollinger about their recent presentations and experiences at CactusCon in Mesa, Arizona. Justin delves deep into the complexities surrounding the Common Vulnerabilities and Exposures (CVE) identification process and bug bounty programs, highlighting key challenges security researchers face. Whitney shares her expertise on crafti...

It's time to talk about TikTok! On this episode of Security Noise, Geoff and Skyler speak with Senior Security Consultants Kelsey Segrue and Travis Kaun about algorithms, data security, and how we got to where we are today with the popular Chinese-owned app. They also discuss other Chinese technologies and devices that you may want to keep an eye on if you have them on your network.

About this podcast: Security Noise, a TrustedSec ...

In this episode of Security Noise, Geoff and Skyler are joined by two TrustedSec experts, Security Consultant Edwin David and Principal Security Consultant Justin Bollinger, to talk about the evolution of authentication and what it looks like in 2025. We discuss passwordless authentication, multi-factor authentication (MFA), and the implications of OAuth and identity providers. The crew also discusses the dangers of using antiquate...

In this episode, Geoff and Skyler are joined by TrustedSec's Force Cloud Security Practice Lead @nyxgeek to talk about his findings after 3 years of user enumeration in Azure! He also dives into techniques and the implications of "presence data" in Microsoft Teams. We get a preview of his conference talks at (the now past) Shmoocon and HackCon, which he will be delivering in Norway on February 2, 2025. What is in the future of auth...

Find out what's in Security Noise 2024 Wrapped in this special year-end episode! Is AI being used to shape public perceptions and military strategies? Are we living in a simulation or is this all one big PsyOp? Geoff and Skyler are joined by IR Practice Lead and Director of Security Intelligence Carlos Perez to discuss how cybersecurity has evolved in 2024, the effectiveness of AI tools in coding, and the accountability of vendors ...

Are all IT admins cave-dwelling gnomes? In this episode of Security Noise, Geoff and Skyler swap hard-to-believe, humorous, and sometimes scary InfoSec stories with members of the TrustedSec team: Senior Security Consultant Joe Sullivan and Principal Security Consultants Drew Kirkpatrick and Adam Compton. Listen as they share insights on network security, proactive measures, and a few mishaps along the way. Join us for some great d...