The Social-Engineer Podcast

In this episode, Chris Hadnagy and Ryan MacDougall are joined by Jason Frank.  Jason has an extensive background in helping both government and Fortune 100 organizations, and has served a course instructor for the Black Hat security conference. Jason is now currently the COO at SpecterOps, where he is accountable for execution of the company. He oversees the Adversary Simulation and Detection delivery capabilities, where he helps clients to understand, detect, and respond to adversaries. May 17, 2021

 

00:00 – Intro 

CLUTCH 

03:05 – Podcast Guest Jason Frank Intro 

 03:22 – Jason at BlackHat 

03:30 - SpecterOps 

04:34 – How Jason got to where he is 

08:50 – Curiousity and motivation born from failing at a CTF 

09:50 – Adversary Simulation – why is Jason using this phrase? 

12:32 – Where are we in the current security culture? 

16:11 – How to get attention of stakeholders, what concepts do you put in play? 

18:03 – Reactive vs. Proactive 

21:56 – How can corporations prepare for and mitigate attacks? 

23:39 – What are the business repercussions of not letting machines talk to each other, and only the server? 

25:45 – What are the more recent attacks you’ve seen coming up that people should be looking for? 

28:14 – Knowledge bombs – terminology that people can look up to recognize “low hanging fruit” they may be missing – Bloodhound 

30:00 – Cycles where certain things can be exploited such as ActiveDirectory 

30:50 – What other things do companies need to be watching for 

32:14  – PowerShell 

33:44 – What are some action steps that corporations should start taking right now? 

34:51 – Colleagues Jason respects most in the industry 

  • Andrew Morris founder of GreyNoise 
  • Dane Stuckey from Palantir 
  • Jason Hill from DHS CISA 
  • Bryan Beyer and Keith McCammon from Red Canary 

36:50 – Jason's Book Recommendations 

38:31 – Wrap-Up 

@joemontmania on Twitter (Ryan MacDougall) 

@HumanHacker on Twitter (Chris Hadnagy) 

@InnocentOrg on Twitter (Innocent Lives Foundation) 


In this episode, Chris Hadnagy and Maxie Reynolds are joined by industry professional Jack Schafer, PhD.  Dr. Schafer is a psychologist, professor, intelligence consultant, and former FBI Special Agent. DrSchafer spent fifteen years conducting counter-intelligence and counterterrorism investigations, and seven years as a behavioral analyst for the FBI's National Security Division's Behavioral Analysis Program.  May 10, 2021  

 

00:00 - Intro 

Clutch 

03:32 - Introduction to Dr. Jack Schafer, PhD. 

04:54 - How Jack decided to start training people in his field after retirement 

07:46 - Why is rapport building important? 

11:49 - How do you stop rapport from being used against you? 

13:51 - Explaining “The Truth Bias” 

15:37 - Rapport works across different cultures 

18:15 - The basic human need to correct other people 

19:28 - Integrating the knowledge of that need into work as an FBI agent - “Brian’s Loop” 

23:01 - People don’t answer yes or no, they answer Yes+, No+, I Don’t Know+ 

23:19 - Flattery 

25:13 - Roundabout vs Direct Approach 

26:45 - The “right” way is the way that works for you 

29:58 - The Truth “Default Mode” and breaking the baseline 

33:05 - Verbal vs. Non-Verbal Cues 

36:19 - Get A Commitment 

37:36 - Why does getting a commitment work on humans? 

39:50 - The Lip Purse 

42:40 - Wrap Up 

Emma 

44:45 - Jack’s Mentors 

46:30 - Contact Jack 

47:06 - Outro 

CLUTCH 

 

Direct download: Human_Element_Series_Podcast_-_145_Jack_Schafer_FINAL.mp3
Category:Human Element Series -- posted at: 1:00am EST

1