-
Continue reading →: Health and Wellness in InfoSecMost of us know that being a hacker isn’t exactly the lowest stress gig out there. With the holiday season fast approaching, thinking about taking care of our well-being and that of our colleagues, family, and friends becomes even more important than usual. I’d like to have a quick chat…
-
Continue reading →: Using Team Cymru’s MHR with VolatilityToday we’ll briefly discuss crosschecking Team Cymru’s Malware Hash Registry against files found in memory or hibernation files by Volatility. We’re going to do it by hand at the command line, as a quick exercise in some ways to manipulate both tools and think through command line problems. Please note…
-
Continue reading →: 101 Ways I Screwed Up Making a Fake IdentityAs most of you know, my professional area of expertise in security is incident response, with an emphasis on system / malware forensics and OSINT. I’m fortunate enough in my position in the security education and con community to sometimes get pulled into other directions of blue teaming and the…
-
Continue reading →: What’s a Challenge Coin, Anyway? (For Hackers)So what are these “challenge coins”? Challenge coins come from an old military tradition that bled into the professional infosec realm then into the broader hacker community through the continual overlap between the communities. In some ways like an informal medal, coins generally represent somewhere you have been or something…
-
The $5 Vendor-Free Crash Course: Cyber Threat Intel
Published by
on
Continue reading →: The $5 Vendor-Free Crash Course: Cyber Threat IntelThreat intelligence is currently the trendy thing in information security, and as with many new security trends, frequently misunderstood and misused. I want to take the time to discuss some common misunderstandings about what threat intelligence is and isn’t, where it can be beneficial, and where it’s wasting your (and…
-
Continue reading →: CypherCon ’16 Presentation – “You’re Right, this Sucks”
(In this presentation, penetration tester and “TSA Key Guy” Johnny Christmas and I discuss the problems inherent to the disconnect between the information security community and the public and media at large, and how to bridge the skills and stigmas gap between “us” and “them”.)
-
Continue reading →: Why do Smartphones make great Spy Devices?
There has been extensive, emotional political debate over the use of shadow IT and misuse of mobile phones in sensitive areas by former US Secretaries of State Colin Powell and Hillary Clinton. There is a much needed and very complex discussion we must have about executive security awareness and buy-in,…
-
Continue reading →: Starting an InfoSec Career – The Megamix – Chapter 7
Chapter 7: Landing the Job So, we’ve come this far in your infosec journey. You’ve studied hard, attended conferences, played a CTF or two, updated your resume, and networked a bit within the information security community. Great work! Let’s prepare for your very first information security interview. ===…
-
Continue reading →: The Worst InfoSec Resume, Ever
I do quite a bit of InfoSec résumé reviewing and critiquing, both personally and professionally, so I’m repeatedly asked for tips on common problems. In order to ensure that these problems were not exclusive to me, I recently had a lengthy discussion with a number of InfoSec professionals involved in…
Hello,
I’m Lesley, aka Hacks4Pancakes
Nice to meet you. I’m a long-time digital forensics and incident response professional, specializing in industrial control and critical infrastructure environments. I teach, lecture, speak, and write about cybersecurity.
I’m from Chicago, living in Melbourne.
Follow Me on Social!
ai career careers certification cfp challenge coins conferences cybersecurity cybersecurity careers dfir digital forensics education featured ff giac hacking health and wellness ics incident response information security infosec infosec education iot management mastodon mentoring nation state attacks off topic osint phishing podcast privacy security security education security operations self study social media talks technology threat attribution threat intelligence university video volatility women in tech
Recent posts
Join the fun!
Stay up-to-date with my recent posts, podcasts, and blogs!
Lesley Carhart's Cybersecurity Blog 