Waching daily Jan 26 2019

Hey InfoSec Addicts welcome to another edition of whiteboard Friday I'm really

hoping that I can help you guys out today with where is penetration testing

going

I've got asked this question recently by a student who was trying to say well I'm

already a penetration tester but I want to do more penetration testing where

should I be looking to go in penetration testing so there's a couple of things to

consider the first thing to really consider is drivers so when you look at

a penetration testing you need to be thinking about well what drives

penetration testing there's two primary things so the first thing is compliance

so regulatory compliance and data criticality so if you work somewhere

that's a heavily regulated industry financials publicly traded companies

government obviously the healthcare industry these are entities that

generally will require at least an annual penetration test so you'll

generally have to do at a minimum quarterly vulnerability scanning and at

least an annual penetration test of some sort so these types of places are places

that you want to be thinking about because where you're working at is gonna

drive the type of penetration test you're gonna be required to do what if

you're like well I really want to do some really cool stuff well then I'll be

thinking about so much of the regulatory compliance I'd be thinking about someone

who's got really really really important data criticality so maybe some place

like you know Tesla with their batteries is like the coolest thing on earth

you know and they're really super secretive about that battery technology

you know so that you know that technology and you know that's really

critical so you know the the secrecy around you know how they're trying to

you know how's that data it's probably gonna require some really interesting

penetration testing right once you figure out where you're gonna work you

know then that is gonna drive the technology that you're gonna be

penetration testing so if you're working somewhere specifically like the

government oftentimes you're gonna be testing a lot of legacy and industrial

control systems right so you know if you're interested in that kind of

penetration testing you know yeah government is probably where you're

you're gonna be doing if you're interested on a lot of network

penetration testing also government as well now I do want to kind of throw

something out there and that is network penetration testing you know that in map

Metasploit all that kind of stuff that's actually I don't want to say it's

shrinking because it's not going away you know we're doing more of it so the

amount of penetration testing is going up but the salary for it is going down

and the reason is because the tools that you use to do the penetration testing

are so sophisticated today they really don't require such a highly skilled

person as it did in years past so because of that you're finding that you

know every year the salary for a network penetration tester has been declining so

if there were any advice I could give you that would be be thinking about

testing some of the other technologies web apps mobile apps cloud-based stuff

Internet of Things IOT and big data the reason is all this stuff in this box

below Web Apps mobile apps cloud Internet of Things Big Data these types

of technologies are are so new that there's not a lot of security testing

tools for them so because of that the amount of money that they have to pay is

higher because the tester has to do manual penetration testing he can't just

run Metasploit he has to do manual manual penetration testing so I would

really be thinking about that career-wise now a lot of people say ok

so which one is gonna make the most money and I don't think that's a good

question to ask I think what you really want to say is what interests you

instead of worrying about the money figure out what interests you once you

can figure out the technology that interests you you're gonna make the

money if you're good at it if you're really good at pentesting big data

you're gonna be gainfully employed if you're really good at pentesting stuff

that runs in the cloud you're gonna be gainfully employed and you're gonna make

a lot of money I don't want you to worry about that worry about being good

that'll get you the money next thing something I wish I had really

known to do think about tool development if you look in this space there are so

few security testing tools in this space if you develop a tool for testing

security vulnerabilities in this space I think you'll very quickly find that one

a lot of notoriety so great for job interviews people often want to see your

github page so that they can interview you second thing that you'll often see

is there's a potential to sell your product right so a lot of people that I

know monetize by selling their product right they developed a security testing

tool and then productized it and sold it to a security company right and a lot of

these guys got seven figure exits in other words they sold for millions so

think about that and even if you're not a developer I know a lot of people go

well I'm not a tool developer it's really not about how good of a tool

developer you are it's more about how big of a problem you see because if you

can identify a problem that's facing someone who's heavily regulated or

someone who has really really really critical data and then you see that this

technology that one of these entities implements has common security flaws

that you can say well when we test we should perform these types of tests on

these types of technology we're gonna find that there's gonna be someone who's

probably gonna want to buy that make friends with a developer get them to

help you to develop it or hire a company overseas maybe find an outsourcing

website and get started developing it maybe you can get somebody develop the

base of it and then open source it try to get more people's tons of options but

don't sleep on tool development as a real big kick starter to your path in

Pentesting alright guys that's it for today give me

give me some comments below what you think of this video and then ask more

questions and I'll do my best to make more videos for you

you guys take care be sure you subscribe and like the channel take care guys

For more infomation >> The future of Penetration Testing? | Scope for Ethical Hacking | 2019 - Duration: 7:12.

-------------------------------------------

First Rap I Ever Wrote (W/ Subtitles) • Skr∆tch R∆pture √ - Duration: 2:10.

Yo!

This is about all you mother Fuckin morons working at Frederick fence your whole lives..

Never did anything..

Never tried, Never applied yourself..

Fuck you!

Can't take a joke?

Get the fuck out!

I think I found the missing link his name is Timmy Christensen

& I'm thinkin' you didn't think that I would mention him

Well, he may not be a winner - just an innocent sinner

Mentally ILLest dude I've worked with since I worked with him last winter

Bret Butler - Yes, the one and only When he talks to you he's genuine - he's not

being phony He likes to have a blast & he likes to spend

his money He enjoys a good laugh when somebody says

something funny

Our next candidate comes from a long line of killers

Watch your backs everybody - we've got a natural born Miller

It's Miller time - sky rocketing out of his prime

He'd get the death penalty - yeah, if aging were a crime

He's cool, he's collected - he gets his fence erected

Without a doubt, he's in & out - can anyone else detect it?

As expected, I was directing that to Sweeney He's his own Fucking boss - he takes his orders

from his weeny

Who the fuck is next?

Motherfucking Timmy Demmons He sure deserves credit - he made lemonade

out of lemons He was once a convicted felon - you wouldn't

know it when you see him Though these days he stays all about the "Carpe

Diem"

Russel the love muscle - we also call him Russelsprout

But don't say it to his face or else he'll probably knock you out

But for real, hear me out - the man, he has a lot of pride

Yeah, he busts his ass from day to day, which nobody can deny

Manuel, he's one hell of a swell guy Well, he comes to work everyday & he gives

it a decent try I would consider him considerate & a little

dimwitted / illiterate Figuratively, he figured it out - installed

it wrong & ripped it out

Now it's time for Charlie Powers - he's the man of every hour

& I've got to give his credit - he built this rock into a tower

Man, if you're feeling sour about your mother fucking wages

You can kiss his ass & suck his dick or keep up with the ages, bitch

For more infomation >> First Rap I Ever Wrote (W/ Subtitles) • Skr∆tch R∆pture √ - Duration: 2:10.

-------------------------------------------

This Is What Happens When You Trust Corporations - Duration: 4:59.

rev up your engines, bird says scotty since you grew up in

Niagara Falls do you remember the Love Canal disaster, well yeah as a matter of fact

Love Canal was half a mile from my outside, I lived on a island

that was on the other side of the Island, which is what they called the Little rivers

where they were digging the canal, it was gonna

be a competitor it's the Erie Canal

but they only got like a mile and a half and the guy ran out of money, so I actually

have friends that grew up with Love Canal in Love Canal the filled in part with

the chemicals in their backyard, you can

drive around today they got fences around it, nobody's living in the houses

they're just sitting there I guess maybe one day they're gonna try

to sucker people to move them back in but yeah it was a fast one, I mean it

was weird the Hooker chemical company dumped the

stuff in there, and then some of the property they gave to the city of

Niagara Falls and they built an elementary school on it, it wasn't such a

hot thing that was done in those day, let me tell

you, James Ross says sometimes I have to go from park to

drive like four times before my car actually stops moving, what's wrong, well

your transmission is wearing out, now I'll give you a typical one that it

happened to, about 15-20 years ago the Nissan Maximas as they aged they would

all do that, and it was because the oil pump inside the transmission was

starting to get weak, now just like an engine, your engine has an oil pump that

pumps oil to lubricate, well your transmission automatic ones, they have an

oil pump to build up the pressure to flow the fluid through because they

drive by fluid pressure dynamics, what's happening is yours is just flat starting

to wear out, now if you're lucky, I've had some people drain a quart of fluid out

of the transmission, put a quart of the Lucas automatic transmission additive in

and then they'd actually shift better, so you could try that if you want, but it's

generally a sign that your transmission is starting to go out, Simon and he says

I got a 2012 Chevy Aveo, the car wobbles on the highway above the speed

of 80 miles an hour, tires are new amd alignment and balancing has been done, any

suggestions, my first suggest would be driving a Aveo that fast, they're kind of

cheaply made little cars, they're not made for going all that fast, if you're

wobbling on a higher speed and you're positive that the tires are balanced

right, that the wheels aren't bent, and the alignment is correct, then odds are

you got a problem in your drive shafts, CV joints could be worn

and the faster you go they start to wobble a little bit, I've seen that many

times, you can also check engine and transmission mounts, that can cause

bouncing and wobbly, but the drive shafts are the most common reason that they go

if the alignment the balancing is correct, I've seen many people go places

they come to me and they're shaking like that, and I check it and say, well your

tires just aren't balanced right, because a lot of times the guys just don't

balance them right, Jacob forces says Scotty is a manual 2003 Audi TT 1.8 turbo a

good first car, I found a TT in great condition, it's cheep and has low

kilometers on it, Cheers, okay you got Kilometer so I'm assuming your in Europe or

something, and if you are, a lot of people drive them around, I'm not a fan of them

but it's a manual transmission, and if it really is low mileage, and if people

change the oil enough, then it could be a good car, but before you buy it, do a

compression test, it's only four cylinders, to see if the engine is worn

or not, because I've seen a lot of those 1.8 turbo TTS

where the engines out and the pressure would be too low and they need

rebuilding, and it doesn't take on that car 20 minutes to do a compression test

to see if the engine still has good compression, have that done before you

buy it, jim-jim says Scotty love the show

I got a 97 GMC Sierra and as a slipping transmission what's the most economical

reliable place to get one, okay here's the problem, you're talking about what

you're talking about a 22 year old transmission, and of course I mean you

could try one in a junkyard, but it's 22 years old, who's to say it's in any

better shape, the problem was something that old is, you're better off getting a

remanufactured one, that's just the truth of that matter, you know unless you got a

friend owns a junkyard and he's got one that he really knows only had 60-80,000

miles or something then you could do that, but other than that you're really

better off trying to find a good remanufactured one from a quality

rebuilder with a guarantee, cuz it's so old

going used would be just an absolute insane crapshoot on something like that

hozer says I'm thinking about buying a 2003 Lincoln Towncar

128 thousand miles for 2,500 bucks, are they good cars, if they've been taken care

of then they can be excellent cars,

128,000 miles isn't all that much for that car, it's got a big v8 engine in them

and they can last quite some time if it was taken care of, now as car especially

that which is a more luxurious type car, you want to pay mechanic like me, we get

our fancy scan tools, we plug them in and we spend about an hour analyzing the

car and driving it, and we'll tell you what kind of shape it's in, so if you

never want to miss another one of my new car repair videos, remember to ring that

Bell!

For more infomation >> This Is What Happens When You Trust Corporations - Duration: 4:59.

-------------------------------------------

How To Publish Your Videos On Facebook ~ Premiere Publishing Option - Duration: 1:09.

Hi Taylor here with Financial Potion where video is your Financial Potion.

Today we're going to talk about Facebook's Publishing Option to Premiere your video post.

To never miss out on a video, please make sure you're subscribed to our channel and

click on the bell to get notified when a new video is uploaded.

Of course if you want one to one training, click above for our Patreon page.

When posting a video to Facebook you have the option to publish the video as a premiere.

What this means is for the first showing of the video, it will almost act as a live video

in that all your contacts will be notified of the premiere and can help boost that initial

viewing of the video.

After the premiere the video will be on your profile page and present on the wall like

a normal video posting, however choosing the premiere option is a great way to get an initial

push of views.

If you have any questions about this topic, please leave them in the comments below and

till next week, stay engaging!

For more infomation >> How To Publish Your Videos On Facebook ~ Premiere Publishing Option - Duration: 1:09.

-------------------------------------------

The 3 Elements of Caregiver Recruitment - Duration: 4:05.

- You do not build the business.

As a business owner you actually do not build the business,

you build the people and then the people build the business.

Without people, do you have a business?

(audience answering)

NO, Who is making money in your business?

Who is making money for you?

(audience answering)

The caregivers, yes. Thirteen million.

So in twenty years it is expected this to be about

thirteen million adults 85 and older.

And that`s a big increase from where we are today.

You see the curve is really starting to get steeper.

So that`s the good news for the industry,

you`re in the growth sector

and you properly know that already.

The bad news is, what is the bad news?

(audience answering)

Yes, that the number of caregivers is not increasing

proportionality with the need for services.

It`s amazing to me, to know that the industry,

the direct senior care industry is adding

10 thousand new jobs every month.

Did you know that?, 10 thousand across the nation.

That is huge, and as you well know, the home care industry

is struggling to attract those workers.

We`ve talked many times in the past couple of days

about Home Care Pulse and their benchmark survey.

Every year they ask the same question of all

their respondents what are the top threats

as you`ve perceived them for your agency?

And we see here that in 2016 by far the blue bar represents

caregiver shortage, 70% of respondents said

that`s one of the top threat.

And then, and it`s way way above everything else

which is in red, that the increasing minimum wage.

I`ve come to develop a pretty good system,

when I work with my clients on how to develop a caregiver

recruitment program that works for you, for your agency,

and works for you in your community.

But in all case is you need at least three elements of

a good recruitment program and that`s why I call it

the three legged stool.

Online presents, recruitment from schools

and a good employee referral program.

Again Home Care Pulse interviews caregivers

and they ask them why did you choose the agency

in which you`re employed today?

The bad news is there`s not one overwhelming reason.

So everybody if you look at the chart here is about

around 20 % so that`s the bad news.

There`s not one sort of sure-fire solution.

The good news is you can pick and choose, because they

think you all have about the same pool on caregivers.

So the agency is known as a good work environment,

the work schedule work for me, the agency has a good

reputation and it was recommended by family and friends.

So what I`m saying is, pick a couple of themes that ring

true to your agency and tailor a job ad that works.

The other thing is do you look at the other job ads

that are coming out in your community?

Yes. Okay that`s great, do you wanna be standing out

or do the same as everybody else?

(upbeat music)

- Over the top, tremendous.

- Fantastic (laugh).

- You`d meet a lot of people, you`ll learn a lot

about making money, helping money, networking,

connecting with Steve "The Hurricane".

- Don`t come if you`re my competitive,

but come want to get good business (laugh).

(upbeat music)