Understanding Cyber

Episode 20 - The Darkweb We explore what the Darkweb is, who uses it, how to access it, and why you should be careful of it. Further reading here: https://en.wikipedia.org/wiki/Dark_web https://us.norton.com/internetsecurity-how-to-how-can-i-access-the-deep-web.html Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 19 - Question and Answer - Q&A We cover a large number of questions that you are asked in this episode, including: Whats more secure Android or iPhone? Do I need AV on my phone? Why is hacking illegal? How do I know if a wifi network is safe? What is End to End Encryption? What is the blockchain? and more. Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 18 - working from home We cover the basics of security when working from home, specifically: protecting yourself from scams, protecting your network, how to securely access the office, and what happens if something goes wrong. Further reading: Resources SANS guide https://www.sans.org/security-awareness-training/sans-security-awareness-work-home-deployment-kit NCSC Guide https://www.ncsc.gov.uk/guidance/home-working Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 17 - Employee Identity and Access Management Dicko returns to chat to us about Employee and Identity Access Management. He explains how this technology can make life significantly easier and more secure for the business and IT departments, but why you want to carefully plan and test any rollout before going live. Further reading: NCSC Identity and Access Management: https://www.ncsc.gov.uk/guidance/introduction-identity-and-access-management Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 16 - Have I been hacked? Have you been hacked? How do you know? What to do if you have been? We address these questions and more in this episode. Further reading: NCSC small business recovery: https://www.ncsc.gov.uk/collection/small-business-guidance--response-and-recovery Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 15 - Cloud What is the cloud? We have all heard of it, but what exactly is it and what are the options? We look at what cloud is, public vs private cloud, and the different levels of service you can have. We also discuss the benefits and drawbacks of the cloud. Further reading: What is cloud - by Cloudflare: https://www.cloudflare.com/learning/cloud/what-is-the-cloud/ NCSC Cloud Security: https://www.ncsc.gov.uk/collection/cloud-security?curPage=/collection/cloud-security/implementing-the-cloud-security-principles Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 14 - Phishing We will cover - What is Phishing, Spear Phishing, Whaling, Vishing and Business Email Compromise and how to defend yourself from these attacks. Further reading: Example of a Vishing phone call: https://www.youtube.com/watch?v=uv4s_ltHzFw NCSC guidance: https://www.ncsc.gov.uk/guidance/phishing https://www.ncsc.gov.uk/guidance/suspicious-email-actions https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 13 - SIEM / Security Information Event Management A slight change - we have a guest! Our friend Dicko joins the show to explain what SIEM is, how it works, and when you might want one. Pretty business cyber security focused rather than home user. We went a bit longer than normal as Dicko had so much great material. Other resources + NCSC guidance: How to build a free (NCSC logger / SIEM) https://www.ncsc.gov.uk/blog-post/logging-made-easy NCSC managed security service guidance: https://www.ncsc.gov.uk/guidance/security-operations-centre-soc-buyers-guide CSO online: what is SIEM: https://www.csoonline.com/article/2124604/what-is-siem-software-how-it-works-and-how-to-choose-the-right-tool.html Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 11 - Email We will cover - What email is and how it works, email vulnerabilities, how to secure email, when email is not the best option, and top tips for using email. Further reading: NCSC guidance: https://www.ncsc.gov.uk/guidance/email-security-and-anti-spoofing https://www.ncsc.gov.uk/blog-post/improving-email-security https://www.ncsc.gov.uk/information/mailcheck Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 11 - Web Browsing We will cover - The difference between the internet and the world wide web (WWW), how a web browser works, what the padlock means, what cookies are, and how to stay safe online. Further reading: Get safe online (UK Gov): https://www.getsafeonline.org/protecting-your-computer/safe-internet-use/ Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 10 - Testing cyber security: Pentests and cyber exercises We will cover - Why you want to test your cyber security. How to do test your security. Different types of test / engagement, and when to use them. Further reading: NCSC pentesting guidance: https://www.ncsc.gov.uk/guidance/penetration-testing Cyber exercises: https://clearcutcyber.com/exercising-overview/ Info on bug bounties vs pentests: https://soroush.secproject.com/blog/2018/02/bug-bounty-vs-penetration-testing-simple-unbiased-comparison/ Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 8 - VPNs - Virtual Private Networks We will cover - What is a VPN. Why you might want to use them. How they keep you secure on the internet. Privacy considerations. How to choose a good VPN. Further reading: NCSC guide to VPNs (excellent): https://www.ncsc.gov.uk/collection/end-user-device-security?curPage=/collection/end-user-device-security/eud-overview/vpns Wikipedia info on VPNs https://en.wikipedia.org/wiki/Virtual_private_network Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 8 - DDOS and DOS (Denial of Service) We will cover - What is a DOS and DDOS. What is the difference. Why attackers might use them. How to protect against them. Further reading: NCSC blog on DOS: https://www.ncsc.gov.uk/collection/denial-service-dos-guidance-collection Wikipedia info on DDOS - includes history of and large attacks https://en.wikipedia.org/wiki/Denial-of-service_attack Cloudflare info on DDOS: https://www.cloudflare.com/en-gb/learning/ddos/what-is-a-ddos-attack/ Attack map showing attacks and research on costs etc: https://www.digitalattackmap.com/understanding-ddos/ LOIC!: https://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 7 - Home Security Part 2 - IOT We will cover - What is IOT (Internet of Things). What are these things? How can they be attacked /abused. What to think about when buying / using them. How to secure them. Further reading: UK Goverment advice: staysafeonline.org/stay-safe-onlin…g-home-network/ www.cyberaware.gov.uk/ NCSC blog on how to fix all the things: https://www.ncsc.gov.uk/blog-post/fixing-all-things Music by Jahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/

Episode 6 - Home Security Part 1 We will cover - What is a router and why it is important, how to connect to it, what settings on it to change, how to protect it, and how to keep it up to date. Music byJahzzar and used under CC BY-SA 4.0 license: creativecommons.org/licenses/by-sa/4.0/ Further reading: UK Goverment advice: https://staysafeonline.org/stay-safe-online/securing-key-accounts-devices/securing-home-network/ https://www.cyberaware.gov.uk/ Norton info page on Routers: https://us.norton.com/internetsecurity-iot-smarter-home-what-is-router.html

Understanding Cyber - Episode 5 - Social Engineering Today's show we explain what social engineering is, how it works, a small part of the science behind it, how to recognise when you are being social engineered, and how to protect yourself from it. Music byJahzzar and used under CC BY-SA 4.0 license: https://creativecommons.org/licenses/by-sa/4.0/ Further reading: Wiki on Robert Cialdine https://en.wikipedia.org/wiki/Robert_Cialdini Amazon link for his book on influence https://www.amazon.co.uk/Influence-Psychology-Robert-Cialdini-PhD/dp/006124189X A good explanation of the principals of persuasion https://www.influenceatwork.com/principles-of-persuasion/ Social Engineer Inc Podcast https://www.social-engineer.org/category/podcast/

Episode 4 - Anti Virus We will cover - What is Anti Virus, what does it protect from (more than just viruses). How does AV work - traditional and next generation. Why it is important to update your AV. Top Tips for using AV. Music byJahzzar and used under CC BY-SA 4.0 license: https://creativecommons.org/licenses/by-sa/4.0/ Further reading: Different types of scanning, false positives and other info: https://www.howtogeek.com/125650/htg-explains-how-antivirus-software-works/ Wikipedia: https://en.wikipedia.org/wiki/Antivirus_software Next Gen AV (by a next gen AV vendor): https://www.carbonblack.com/2016/11/10/next-generation-antivirus-ngav/

Understanding Cyber - Episode 1 - What is Cyber? We introduce the show, define cyber and cyber security, and take a look at what will be covered in the podcast. Sorry the audio quality is echoey - we had this problem for episodes 1 and 3, all others should be much better quality. Music byJahzzar and used under CC BY-SA 4.0 license: https://creativecommons.org/licenses/by-sa/4.0/ Further reading: Academic discussion and definition of cyber: https://commons.erau.edu/jdfsl/vol12/iss2/8/

Understanding Cyber - Episode 2 - Passwords Why passwords are important, how a password might be attacked, how to create a good password, how attackers capitalise on bad passwords, how to store passwords and finally how to add extra security with 2 Factor Authentication - 2FA. Music byJahzzar and used under CC BY-SA 4.0 license: https://creativecommons.org/licenses/by-sa/4.0/

Episode 3 - How to hack We will cover - what is hacking, stages of hacking (gather info, get access, get to right place, do badness). Today is not how to protect yourself, because as we will see there are lots of different ways to attack, and therefore defend. Sorry, the audio quality is echoey - we had this problem for episodes 1 and 3, all others should be much better quality. Music byJahzzar and used under CC BY-SA 4.0 license: https://creativecommons.org/licenses/by-sa/4.0/