Purple Squad Security
If you know the enemy and know yourself, you need not fear the result of a hundred battles.
January 20, 2019

Episode 48 – All About Magecart with Yonathan Klijnsma

Yonathan Klijnsma joins me from RiskIQ to discuss Magecart, what it is, what it does, and how they found it.

Magecart - a web-based credit card skimming kit used by various groups to grab ahold of online shoppers credit cards.  Interesting?  You bet!  On this episode of the Purple Squad Security podcast I have Yonathan Klijnsma, Head Researcher at RiskIQ, joining me to discuss their research on Magecart.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
January 6, 2019

Episode 47 – Happy New Year! Show Updates and Other News

John talks about his plans for the upcoming year and some show updates.

Welcome to 2019!  John goes solo in this episode and talks about his personal goals for 2019, plus some updates for the show that should make things a bit more structured and hopefully more interesting for the listeners.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
December 16, 2018

Episode 46 – Holiday Special – Storytime with Jayson E. Street

Jayson E. Street shares a familiar story from one of his #HackerAdventures, but also follows up with a not-well-known epilogue that has me in stitches!

Continuing our storytime theme for the holidays, on this week's show we have a special guest, Jayson E. Street!  For those who follow Jayson online, his hacker adventures bring him to all sorts of interesting places.  Jayson shares a story of one of those places, in which he robs the wrong bank.  Some of you may know this story, but he also provides us with an epilogue to this story that few have heard!  Thanks Jayson!

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
December 13, 2018

Episode 45.1 – Holiday Special – Storytime with Tinker – NO MUSIC!!!

NO MUSIC EDITION!!! Tinker (@Tinkersec) stops by to share a story, and pull a few pop quizzes with John on offensive techniques!

Hey everyone, this is a re-release of episode 45 with Tinker, but this one is WITHOUT the background music.  I hope this makes up for the snafu in an otherwise great interview!


Happy December everyone!  Whatever holiday you may be celebrating this season, may it be enjoyable.  I've decided for the month of December to treat myself, by having a bunch of people I hold in high regard to join me in sharing of their tales, similar to the fireside chats I've had in the past.  We have no set agenda, we have no set time, but we do plan on sharing some fun stories that hopefully you will enjoy. So consider this a holiday gift my dear listener, and I hope you find it as enjoyable as I do.

This episode we are going to have a man whom I honestly believe should write as many books as possible, and provide audiobook versions as well, the one and only Tinker!

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
November 18, 2018

Episode 44 – SANS Holiday Hack Challenge with Ed Skoudis

Ed Skoudis joins me this week to talk all about the 2018 Holiday Hack Challenge.

So, a very popular season is coming up shortly.  I'm not talking about Thanksgiving (for my US listeners) and I'm not talking about Christmas for my Christian listeners.  No, I'm talking about the season that all good little hackers look forward to - the time when the SANS Holiday Hack Challenge is released!

This is probably one of the most ambitious CTFs I have ever known about, and I am lucky enough to get one of the main drivers behind it to join me for today's episode!  Ed Skoudis joins me to talk all about the SANS Holiday Hack Challenge, what it is, what goes into it, and why you should give it a try.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening! And as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
November 4, 2018

Episode 43 – Not all vulnerabilities are created equal with Tanya Janca

Tanya Janca joins me to talk about vulnerabilities, and how not all of them are created equal.

Vulnerability disclosure is one of those things that either brings a smile or a scowl to your face, depending on what end of the disclosure you're on.  For some, it's a thing of pride, and hopefully a monetary reward!  For others, it's a punch to the gut, fear inducing, "Oh crap!" moment because someone has shown you a flaw you weren't aware of.

But what if the disclosure isn't actually a valid vulnerability? That's the topic for this episode discussion, and thankfully I have someone who knows about exactly that!  Tanya Janca joins me to discuss when a vulnerability is not a vulnerability!

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
October 21, 2018

Episode 42 – CyberZoology with Patrick Kelley

Patrick Kelley comes on to talk about CyberZoology, trains, and Raspberry Pi!

Defending is hard.  The adage of "an attacker only has to be right once" is a bit played out, but it does have a hint of truth in that trying to defend everything is a monumental task.  Defenders are often short on budgets, short on time, and short on patience for silly sayings like these.

This week I'm happy to have Patrick Kelley on to talk about some very interesting work he has done on coming up with defensive techniques for freight trains using a Raspberry Pi!  If you want to hear about unique ways to defend unique environments, you will not want to miss this episode.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
October 7, 2018

Episode 41 – Cyber Security Awareness Month with Tracy Maleeff

Tracy @InfoSecSherpa Maleeff joins me to talk about Cyber Security Awareness Month

October is Cyber Security Awareness Month, and with that who better to help share some ideas on how to give back to the community than our own InfoSecSherpa!  Tracy Maleeff joins me to talk about Cyber Security Awareness Month, #ginfosec and #inforum.  This will be one of the most relaxed Infosec podcasts you'll hear this year.... Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
September 23, 2018

Episode 40 – Tabletop D&D With Rally Security

I'm joined by a few folks from the Rally Security podcast for another Tabletop D&D Episode!

It's that time again!  With milestone episode 40, we have another Tabletop D&D episode for you to enjoy!  This time around we are joined by a few members of the Rally Security podcast to face some scenarios and see how they fare.  Let's just say this was a rather impressive episode for a number of reasons. Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…
September 16, 2018

Episode 39 – John’s OSCP Journey

John goes through his OSCP journey, sharing his preparation, thoughts on the labs and the exam experience.

Over the past few months, John has been working on obtaining his OSCP certification.  Recently he attempted and successfully passed the exam!  In this episode he goes over his journey, what he learned as well as a few tips to help those attempting this rather difficult certification.

Some links of interest:



Want to reach out to the show?  There's a few ways to get in touch!



Thanks for listening, and as always, I will talk with you all again next time.

Support Purple Squad Security by donating to the tip jar: https://tips.pinecast.com/jar/purple-squad-security

Find out more at http://purplesquadsec.com

Read more…