This week, in the Enterprise Security News, I am joined by John Strand to discuss how Stackpath released new edge computing VMs, ExtraHop hires former Tenable and HPE leaders to support growth in cyber, Security professionals want to return fire to Venafi, Dragos acquires NexDefense, and 42Crunch unveils a new platform to discover API vulnerabilities and protect them from attacks! In the second segment, we air some pre recorded from RSA Conference 2019 with Endgame, Virsec, and Scythe!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode130
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Β
This week, we welcome Jamie Duncan, a recovering history major who has been at Red Hat for just over 7 years! Beginning with his role as a TAM, his focus has increasingly centered on the operations-oriented features of OpenShift, including the May 2018 publication of OpenShift In Action by Manning Publishing. Jamie has had this discussion with customers, OpenShift advocates, and technology fans on multiple continents to date. In the Application Security News, Owner of MAGA-Friendly Yelp Knockoff Threatens to Call FBI After Researcher Exposes Security Holes, Chinese Data Breach Exposes 'Breed Ready' Status Of Almost 2 Million Women, Dozens of companies leaked sensitive data thanks to misconfigured Box accounts, DARPA Is Building a $10 Million, Open Source, Secure Voting System, and much more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode54
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Nick Galbreath, Co-founder and Chief Technology Officer at Signal Sciences, to discuss the Intersection of Development and Security! In the Leadership and Communications segment, How Boeing Should Have Responded to the 737 Max Safety Crisis, Digital Transformation is Not About Technology, Gartner's Top 10 Security Projects for 2019, and more!
Β
To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode121
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Zero-Days in Counter Strike client could be used to build a major botnet, huge aluminum plants hit by 'severe' ransomware attack, Myspace loses 50 million songs in server migration, wifi signals can reveal your password, and PuTTY in your hands: an SSH client gets patched after RSA key exchange memory vulnerability was spotted! Ralf Hund from VMRay joins us for expert commentary to discuss the Evolution of GandCrab!
Β
To learn more about VMRay, visit: https://securityweekly.com/vmray
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode211
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Peter Smith, Founder and CEO of Edgewise to talk about the evolution of Zero Trust! In the Security News, New WordPress flaw lets unauthenticated remote attackers hack sites, Tesla allegedly spied on and ran a smear campaign on a whistleblower, Facebook and Instagram suffer most severe outage ever, a man drives 3,300 miles to talk to YouTube about a deleted video, and what do sexy selfies, search warrants, and tax files have in common? In the final segment, we air a pre recorded interview with Carsten Willems, Co-Founder and CEO at VMRay, discussing malware sandboxing!
Β
To learn more about Edgewise, visit: https://securityweekly.com/edgewise/ To learn more about VMRay, visit: https://securityweekly.com/vmray
Β
Full Show Notes: https://wiki.securityweekly.com/Episode597 Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Gururaj Pandurangi, Founder and CEO at Cloudneeti, to discuss Continuous Cloud Assurance! Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj has 20 years of professional experience, a good portion of it as an early adopter of cloud technologies and building global scale cloud products like Windows Live, Bing platform, Consumer Identity and Federations. Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: - Venafi - XM Cyber - Onapsis Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More!
Β
To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti
Full Show Notes: https://wiki.securityweekly.com/ES_Episode129
Β
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul discuss the structure and experiences of 2019's RSA Conference! In the Application Security News, WordPress accounted for 90 percent of all hacked CMS sites in 2018, Japanese police charge 13-year-old for sharing 'unclosable popup' prank online, Facebook exploit β Confirm website visitor identities, NSA's top policy advisor: It's time to start putting teeth in cyber deterrence, study shows programmers will take the easy way out and not implement proper password security, and the CommitStrip for the week on Why check for incognito mode?
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode53
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ben Carr, Chief Information Security Officer at Aristocrat! Prior to Aristocrat, we was VP of Strategy for Cyberbit and North America's Technical Director for Tenable! In the Leadership and Communications segment, how to make sure your board sets a good example for your company, cybersecurity is putting customer trust at the center of competition, 6 reasons your home office is better than your company office, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode120
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Allan Liska, Senior Solutions Architect at our sponsor Recorded Future, to talk about Catching Up To The Hype w/ Threat Intelligence! In the second interview, we welcome David Marble, President and CEO at OSHEAN Incorporated, to talk about what to expect at at this years Rhode Island Cybersecurity Exchange Day! In the Security News, YouTube controversy on ALL fronts, Cisco SOHO wireless VPN firewalls and routers open to attack, Ring doorbell flaw opens door to spying, bot plagues, free hacking toolkits, and everything you need to know about the Huawei controversy!
Β
Get Trending Threat Insights Delivered to Your Inbox, at: https://securityweekly.com/recordedfuture
OSHEAN is hosting RI Cybersecurity Exchange Day on March 13th at the O'Hare Academic Building at Salve Regina in Newport, RI! Register Now at https://OSHEAN.org/events.
Β
Full Show Notes: https://wiki.securityweekly.com/Episode596
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul is joined by Matt Alderman to discuss some Funding and M&A, such as Elevate Security announces an $8 million series A to alter employee security behavior, Armorblox raises 16.5 million in series A, Bandura Cyber raises 10 million in venture funding, and much more! In the Enterprise Security News, Capsule8 expands threat detection platform for PCI DSS, BitSight unveils peer analytics for more effective security performance management, Imperva advances autonomous application protection capabilities, and Synopsys launches Polaris Software integrity platform!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode128
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Β
This week, many websites threatened by highly critical code-execution bug in Drupal, UK parliament calls for antitrust, data abuse probe of Facebook, CommitStrip: Get rich quick, Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret', and more! In our second segment, we welcome Matt Springfield, is the Founder of 12Feet, Inc., an information security consulting firm based in the Dallas area! Matt has more than 23 years of information security experience spanning operations, architecture and consulting with a focus on large scale retail and service provider environments!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode52
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored!
Β
To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119
Visit https://www.securityweekly.com/bsw for all the latest episodes!
SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting https://secureworldexpo.com and using the code 'SecurityWeekly'.
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode595
To learn more about our sponsor Black Hills Information Security, visit: https://securityweekly.com/bhis
To see the SILENTTRINITY code itself on Github, visit: https://github.com/byt3bl33d3r/SILENTTRINITY
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Cody Cornell, Founder and CEO at Swimlane to discuss Security Orchestration, Automation, and Response! In the Enterprise Security News, CylancePROTECT now available on AWS Marketplace, Attivo Networks enhances deception platform with forensic collection, cyber security market will reach $365.26 billion dollars by 2026, and Elevate Security raises 8 million dollars in Series A!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode127
Visit http://securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Gurpreet S. Sachdeva, the Assistant Vice President of Technology for Altran! Gurpreet will be discussing "Integrating Security into DevOps"! In the Application Security News, A PNG Android Vulnerability, 620 million stolen accounts for sale on the dark web, how shifting security left speeds development, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode51
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Google paid out $3.4 million for vulnerabilities reported in 2018, hackers target WordPress sites via WP cost estimation plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for recent container escape flaw in runc published online! Jason Wood from Paladin Security joins us for expert commentary on Apple being sued over their two factor authentication!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode208
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Brendan Goodwin, the Regional Cyber Director for the Northeast & Mid-Atlantic at Alfred J. Gallagher Co. Brendan comes on the show to talk about "How Cyber Insurance can Augment Your Cyber Security Strategy." In the Leadership and Communications segment, Jason Albuquerque joins Matt to discuss if boards of directors responsible for cybersecurity, cybersecurity mental health warning, how to cope with a Mid-Career Crisis, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode118
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future of Firewalls! In the Technical Segment, we discuss some Enterprise-ish Network Security hardware and software that we've incorporated here in our Security Weekly Studio! In the Security News, why it's way too easy to sell counterfeit goods on Amazon, how to defend against the runC container vulnerability, creating a dream team for the new age of cyber security, how you can get a Windows 95 emulator for Windows 10, Linux, or MAC, DEF CON goes to Washington, and InfoSec institutes top podcasts that take your computer skills to the next level!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode594
To learn more about Edgewise, visit: https://www.edgewise.net/security-weekly
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul is joined by Matt Alderman in the absence of John Strand, to discuss The Evolution of Vulnerability Management, and where we stand today in areas such as Applications, Infrastructure, and Mobile! In the Enterprise Security News, Cisco unlocks IoT potential with Intent-Based Networking, Qualys extends cloud platform with patch management, Tenable announces general availability of Predictive Prioritization, Lacework announces security support for Azure and Multicloud environments, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode126
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Visit http://securityweekly.com/esw for all the latest episodes!
This week, Paul is joined by Joff Thyer to interview Tim Eades, CEO of vArmour, to talk about basic flow of problem, solution, and value! In the Application Security News, many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome extension with millions of users is now serving popup ads!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, your Lenovo X is watching you & sharing information, a client-side DNS attack emerges from academic research, a macOS vulnerability leaks safari data, hackers hit VFEmail & wipe US servers and backups, and a check-in system flaw puts major airlines at risk! Jason Wood from Paladin Security joins us for expert commentary on how fraudsters are scamming teenage 'money mules' on Instagram and Snapchat!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode207
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ed Moyle, General Manager and Chief Content Officer at Prelude Institute! Ed is on the Advisory Board for InfoSec World and joins us to talk about InfoSec World 2019 and its upcoming plans, where he'll be giving a talk titled "Cryptocurrency Lessons for Enterprise Blockchain"! In the Leadership and Communications segment, keep your employees and youβll keep your customers, why leadership development is superficial and how to fix it, simple techniques to overcome negative emotions when negotiating with others, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode117
Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul start the show with the Application Security News, discussing concerns about WordPressβ new βWhite Screen of Deathβ, Google Chrome changes could βdestroyβ ad-blockers, Mozilla is adding and ad-blocker to Firefox Focus 9.0, websites can steal browser data via extensions APIs, and a Fortnite security issue would have granted hackers access to accounts! In the second segment, Keith and Paul interview Jing Xie, Product Manager at Venafi, to talk about Static Analysis, Secure Code Signing, and more!!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Long, Security Engineer at Palantir for our Technical Segment to talk about DetectionLab, a collection of Vagrant and Packer scripts that allow you to automate the creation of networks! In the Security News, 5G networks must be secured from hackers and bad actors, Zero-Day vulnerability highlights the responsible disclosure dilemma, a flaw in multiple airline systems exposes passenger data, security bugs in video chat tools enable remote attackers, and an original World War II German message decrypts to go on display at the National Museum of Computing! In our final segment, we air a Pre Recorded interview with InfoSec World Speaker Connie Mastovich, the Sr. Security Compliance Analyst at Reclamere to talk about the Dark Web!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode593 Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about DetectionLab, visit: https://detectionlab.network
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and John interview Randall Trzeciak, the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute! Randall will also be speaking at InfoSec World 2019 about "An Effective Insider Threat Program" on Saturday, March 30th @ 9:00 am! In the Enterprise Security News, RSA Conference announces finalists for Innovation Sandbox Contest 2019, DigiCert announces all-in-one digital certificate management solution, Google's new Chrome extension warns you about stolen passwords, Signal Sciences raises 35$ Million to accelerate market expansion and tech innovation, and Palo Alto is in talks to buy Information Security firm Demisto!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode125
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
VisitΒ https://infosecworld.misti.com/Β and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass!Β
Β
Like us on Facebook: https://www.facebook.com/secweekly
Visit http://securityweekly.com/esw for all the latest episodes!
This week, roughly 500,000 Ubiquiti devices may be affected by a flaw already exploited in the wild, Outlaw Shellbot infects Linux servers to mine for Monero, Apple's Siri shortcuts feature vulnerable to abuse, Google's new Chrome extension warns you about stolen passwords, and Google patches critical .png image bug! David Pearson from Awake Security joins us for expert commentary on recent news around Japan performing an IoT pentest on their public IPs!
Β
To learn more about Awake Security, visit: https://securityweekly.com/awake
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode206
Β
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul discuss the current state of privacy and software development! They discuss how Facebook pays teens to install VPN that spies on them, how Apple blocks Facebook from running its internal iOS apps, and more! In the Application Security News, Three UK customer details exposed in homepage blunder, Microsoft cloud services see global authentication outage, the age of surveillance capitalism, the rise of DevXOps, and much more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode49
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome David Kennedy, Founder and CEO at TrustedSec, to discuss why it's important to be investing in the right technology and resources! In our second segment, we welcome Sandra Toms, Vice President and Curator, and Britta Glade, Director of Content and Curation from RSA Conference, to preview what's new at RSA Conference 2019!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode116
To learn more about TrustedSec, visit: https://www.securityweekly.com/trustedsec
Go to https://rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Benjamin Daniel Mussler, Senior Security Researcher at Acunetix to talk about Web App Scanning with Authentication! In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture! In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigated a DDoS attack that generated 500 million packets per second!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode592
Visit https://www.securityweekly.com/psw for all the latest episodes!
To learn more about Acunetix, visit: https://www.acunetix.com/securityweekly/
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Shreyans Mehta, Chief Technology Officer at Cequence Security to talk about Advanced Bot Protection! In the Leadership and Communications segment, Cybersecurity isn't just for tech people anymore, The Weird Approach to leadership, 4 things to do before a tough conversation, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode115
Visit https://www.securityweekly.com/bsw for all the latest episodes!
To find out more about Cequence Security visit: https://securityweekly.com/cequence
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, I am joined by Matt Alderman and John Strand to interview Andrew Peterson, Founder and CEO of Signal Sciences, to talk about prioritizing bugs, functionality, and security fixes! In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode124
Visit https://www.securityweekly.com/esw for all the latest episodes!
If you want to learn more about Signal Sciences, visit: https://www.signalsciences.com/psw
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a tool that finds vulnerable robots on the Internet, a new exploit that threatens over 9,000 Cisco routers, apple turns of group FaceTime after an eavesdropping bug, wordpress sites under attack via Zero-Day in abandoned plugin, and OpenBMC caught with 'pantsdown' over a new security flaw! Jason Wood from Paladin Security joins us for expert commentary on Abusing Exchange: One API call away from Domain Admin!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode205
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Morales, the Head of Security Analytics at Vectra for an interview to talk about Machine Learning! In our second segment, the Security Weekly hosts talks about some of our favorite hacker movies, influencers in the community, and what software and devices make appearances in our labs! In the Security News, cellular carriers are implementing services to identify cell scam leveraging, new Android malware uses motion sensor to avoid detection, Linux malware disables security software to mine cryptocurrency, and how a hacker threatened a family using a Nest camera to broadcast a fake missile attack alert!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode591
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, I am joined by Jeff Man for the Enterprise News, to talk about Ping Identity offering advanced API cyber protection, AppDynamics keeps expanding monitoring vision, eSentire announces managed endpoint defense powered by Carbon Black, and Juniper Networks signs a deal with IBMs! In the Technical Segment, we will discuss some Open-Source and Free Collaboration Security Tools for Project Planning, Ticketing Systems, Remote System Monitoring, RSS feeds, and Documentation!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode123
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on Application Security Weekly, Matt Alderman takes the reigns and is joined by Co-Host James Wickett, who is the Head of Research at Signal Sciences! They talk about the human element of application security training and testing! In the Application Security News, Oracle patches 284 vulnerabilities, a bug in Twitter Android app exposed protected tweets, four tips for better API Security in 2019, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a flaw in MySQL could allow rogue servers to steal files, a state agency exposes 3TB of data including FBI info, how cybercriminals clean their dirty money, a critical RCE flaw in Linux APT allows remote attackers to hack systems, and how to protect against a new breed of cyber attack! Jason Wood from Paladin Security joins us for expert commentary on how attackers used a LinkedIn job ad and Skype call to breach a bank's defense!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode204
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Zane Lackey, Co-Founder and Chief Security Officer at Signal Sciences! In the Leadership and Communications segment, customer surveys are no substitute for actually talking to customers, CEOs most concerned about Cybersecurity in 2019, the open workspace, doesn't work, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114
Visit https://www.securityweekly.com/bsw for all the latest episodes!
For more information about Signal Sciences, visit:Β https://www.signalsciences.com/psw
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dr. Eric Cole, the Founder and CEO of Secure Anchor Consulting for an interview! In the Technical segment, our very own Joff Thyer will be demonstrating some syntax with PowerShell useful for transferring data into a network while pen testing! In the Security News, two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for Zero-Day Exploits are rising, new attacks target recent PHP Framework Vulnerability, Microsoft launches a new Azure DevOps Bug Bounty program, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode590
Visit https://www.securityweekly.com/psw for all the latest episodes!
For more information about Black Hills Information Security, visit:Β securityweekly.com/bhis
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul is joined by Matt Alderman to discuss some mergers, acquisitions, and partnerships, such as TokenEx partnering with SureCloud, Check Point acquires ForceNock, Zix agrees to acquire AppRiver for $275 million, and more! In this second segment, they discuss some security product launches and announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, Synopsys, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode122
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Rey Bango, Security Advocate for Microsoft! Rey is focused on helping the community build secure systems & being a voice for researchers within MS! In the Application Security News, Another server security lapse at NASA exposed staff and project data, CRLF Injection Into PHPβs cURL Options, System Down: A systemd-journald exploit, GitHub now gives free users unlimited private repositories, Twitter is broken, Government shutdown: TLS certificates not renewed, many websites are down, and much more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, US Government shutdown leaves dozens of .gov sites vulnerable, Firefox 69 to disable Adobe Flash, an unpatched vCard flaw could leave your PCs open to attackers, Tesla's contest Pwn2Own could win you a Model 3, and how building site cranes are easier to hack than garage door openers! Jason Wood from Paladin Security joins us for expert commentary on how the Boston Hospital Attacker was sentenced to 10 years in prison, and more on this episode of Hack Naked News!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode203
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul introduce a new quarterly segment to review the money of security, including public companies, IPOs, funding rounds, and acquisitions from the previous quarter! We've also created our own index to track public security companies called the Security Weekly 25, so let's understand how the security market is doing! In the Leadership Articles, Matt and Paul discuss how to be present, manage time, and avoid distractions, why your gut instinct is usually wrong, the 5 most efficient ways to get your work done, the creative difference between multitasking and multi-focus, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode113
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Bryson Bort, the Founder and CEO of SCYTHE to talk about Attack Simulation! In the Technical Segment, Kory Findley will be presenting a tool he created entitled βpktreconβ, for internal network segment reconnaissance using broadcast and service discovery protocol traffic! In the Security News, why Hyatt Is launching a public bug bounty program, Amazon Key partners with myQ, web vulnerabilities up, IoT flaws down, enterprise iPhones will soon be able to use security dongles, how El Chapo's IT manager cracked his encrypted chats and brought him down, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode589
Visit https://www.securityweekly.com/psw for all the latest episodes!
For more information about SCYTHE, visit:Β https://www.scythe.io/securityweekly
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Tony Cole, Chief Technology Officer at Attivo Networks for an interview! Tony joins us to discuss the cyber deception in the enterprises today, and gives a brief history of deception and its applicability to cybersecurity! In the Enterprise News, Neustar bolsters fraud detection capabilities with Trustid, almost half of containers in production have vulnerabilities, BlackBerry offers its security technology to IoT device makers, and Radware to acquire ShieldSquare for expansion of its cloud security portfolio!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode121
Visit https://www.securityweekly.com/esw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Ken Johnson, Application Security Engineer at GitHub! Ken joins us to discuss approaching AppSec the right way, "running a scanner without context", getting the right context/importance of context, and how to figure what's real and what's legit! In the Application Security News, Wormable stored XSS on WordPress.org, a security lapse revealed private complaints from Silicon Valley employees, hackers hijack thousands of Chromecasts to warn of latest security bug, a linting tool for checking accessibility, speed, and security, host websites on GitHub, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode45
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Ethereum hit by Double Spend attack, NSA to release reverse engineering tool for free, a Skype glitch allowed Android Authentication Bypass, Zerodium offers $2 Million for remote iOS jailbreaks, and tens of thousands of hot tubs are exposed to hacking! Our CEO Matt Alderman joins us for expert commentary on how Container Security lags amidst DevOps enthusiasm, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode202
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Tim Callahan, Global Chief Security Officer of Aflac, to discuss communicating threat intelligence to executives and the board! In the Leadership Articles, Matt and Paul discuss how to moderate a panel discussion, the secret to leading organizational change is empathy, DevOps explained, 5 cloud computing predictions for 2019, and the top 3 things CIOs lose sleep over!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode112
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dameon Welch-Abernathy, or βPhoneboyβ, a Cyber Security Evangelist at Check Point Software Technologies for an interview! Dameon joins us to discuss how to help people in the security community, a topic near and dear to our hearts! In the Technical Segment, the Security Weekly crew accompanied by Dameon holds a discussion on Breaches, Privacy, Compliance, and more! In the Security News, the worst hacks of 2018, hijacking smart TV's to promote PewDiePie, hackers attempt to sell stolen 9/11 documents, and turning your house into a DOOM level with a Roomba! All that and more, on this episode of Paul's Security Weekly!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode588
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Vaughn Adams, Enterprise Sales Engineer at LogRhythm! Vaughn will be talking about using freely available tools and logs you are already collecting to detect attacker behavior! In our second segment, we have a Round Table discussion entitled "What the Heck Are Security Basics?", to talk about what should organizations be doing to meet the basic security requirements, and much more! In our final segment, we air a pre-recorded interview with Mandy Logan on "Hacking the Brainstem", her trip through recovery, and how she came to love Information Security!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode587
Visit https://www.securityweekly.com/psw for all the latest episodes!
To get involved with LogRhythm, go to: www.securityweekly.com/logrhythm
Support Mandy by going to her GoFundMe Page: https://www.gofundme.com/hacking-recovery-brainstem-stroke
Β
Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul, John Strand, and Matt Alderman talk the Enterprise News, which includes TPG in early talks to sell McAfee to Thoma Bravo, Bitdefender offers new managed threat monitoring service, Symantec and Fortinet partner to deliver robust and comprehensive Cloud Security Service, and Untangle partners with Malwarebytes to bring Layered Security to SMBs! In our final segment of the year, Paul brings you his personal Top Ten List for 2018 including his favorite acquisitions, breaches, vulnerabilities, interviews, attack tools, news articles, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode120
Visit https://www.securityweekly.com/esw for all the latest episodes!
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Harry Sverdlove, CTO and Founder of Edgewise! Harry joins us to discuss what Edgewise does in the AppSec world, segmentation, cloud migration, trying different architectures, and more! In the Application Security News, Facebook bug exposed private photos of 6.8 million users, thousands of Jenkins servers will let anonymous users become admins, Signal app can't include a backdoor for the Australian government, WordPress plugs bug that led to Google indexing some user passwords, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode44
To get involved with Edgewise, go to: https://www.edgewise.net/securityweekly
Β
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
Visit our website: https://www.securityweekly.com
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, when meme's attack, how Google's taking steps to secure Kubernetes, suggestions for last minute Holiday IT gifts, Twitter fixes bug that exposed data, and how WordPress was targeted with clever SEO Injection Malware! Ed Sattar from Quickstart joins us for expert commentary on how to optimize your cyber security investment to maximize ROI, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode201
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Bob Ackerman, a legend in venture capital investing, and is referred to as one of "Cyber's Money Men". Bob is also the Founder and Managing Director of venture capital firm AllegisCyber! In the Leadership Articles, Matt and Paul discuss how to be productive during the holiday season, how to work from home without losing your mind, how to talk to your boss when youβre underperforming, selling your product as you build it, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode111
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, how Taylor Swift used Facial Recognition to thwart stalkers, unlocking Android phones with a 3D printed head, Ticketmaster fails to take responsibility for malware, and it's December of 2018, to Hell with it, just patch your stuff already! In our first interview, we welcome back Ed Skoudis, Founder of the Counter Hack Challenge and Kringle Con 2018! Ed joins us on the show to talk about this years challenge and what's in store! In our final interview, we welcome back Don Murdoch, the Assistant Director at Regent University Cyber Range! Don joins us this week to discuss his book, "Blue Team Handbook: Incident Response Edition", and more!
Β
Full Show Notes: https://wiki.securityweekly.com/Episode586
Visit https://www.securityweekly.com/psw for all the latest episodes!
Join KringleCon 2018: www.kringlecon.com
Β
Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and John Strand interview John Bradshaw, Senior Director and Solutions Engineer at Acalvio Technologies, to talk about 5 Tenets of Enterprise Deception! In the Enterprise News this week, NopSec announces the latest release of its flagship product, Minerva Labs Anti-Evasion Platform Achieves VMware Ready Status, SecurityScorecard Announces Partnership with Cybernance to Drive Holistic View of Cyber Risk Across the Enterprise, and we have some acquisition and funding updates from Venafi, WhiteFox, and Pindrop!
Β
Full Show Notes: https://wiki.securityweekly.com/ES_Episode119
Visit https://www.securityweekly.com/esw for all the latest episodes!
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Chris Elgee, the Technical Engineer at Counter Hack Challenges! Chris joins Keith and Paul this week to talk about the Counter Hack Challenge, how itβs been working on the challenge vs. playing it, and more! In the Application Security News, Kubernetes instances are being hijacked worldwide, malicious sites abuse 11-year old Firefox bug that Mozilla failed to fix, Google is on a Witch Hunt for Internal Leakers, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode43
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Google+ flaw leads Chocolate Factory to shut down early, 40,000 credentials for government portals found online, one tweak that can save you from NotPetya, ESET discovers 21 new Linux malware variants, and how this Phishing Scam group built a list of 50,000 execs to target! Jason Wood from Paladin Security joins us for expert commentary on how Microsoft is calling for facial recognition tech regulation!
Β
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode200
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Brian Carey, Senior Security Consultant at Rapid7! Brian talks about emerging trends that he is seeing with his clients, and how they impact their clientsβ security programs, including maturity, roadmap, and recommendations! In the Leadership Articles, Matt and Paul discuss how to collaborate with people you donβt like, the right way to solve complex business problems, what the habits are of successful people, three things to know before you land a tech job, and more!
Β
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode110
To learn more about Rapid7, go to: www.rapid7.com/securityweekly
Β
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!
Β
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly