This week, we welcome Judy Ngure, Cybersecurity Engineer at Africastalking, to talk about DevSecOps! In the Application Security News, Microsoft OneDrive client for Windows Qt QML module hijack, Zero-day flaw found in Zoom for Windows 7, Protecting your remote workforce from application-based attacks like consent phishing, Verizon Media, PayPal, Twitter Top Bug-Bounty Rankings, Mozilla suspends Firefox Send service while it addresses malware abuse, and Stop Talking About Technical Debt!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode114
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome our very own Joff Thyer, Security Analyst at Black Hills Information Security, to deliver a Technical Segment on IPv6 Tunneling! In our second segment, we welcome Terry Dunlap, Co-Founder at ReFirm Labs, to talk about IoT Security! In the Security News, Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment, Cisco Talos discloses technicals details of Chrome and Firefox flaws, Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS, Zoom zero-day flaw allows code execution on victim's Windows machine, and how the Trump administration is looking into ban on TikTok and other Chinese apps!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode657
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Look, this week, it's all about the RCE. Seriously, there were so many RCE stories, wow. Oh and a creepy guy story. All this and more on the Security Weekly News Wrap Up!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode48
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we talk Enterprise News, to talk about Why You Need Recorded Futures Ultimate Security Intelligence Kit, Securing the Multi-Cloud Environment through CSPM and SSPM, CyberKnight joins forces with Armis to bring agentless EDR to OT, IoT and ICS environments, Attivo Networks' enhanced EDN solution prevents attackers from seeing or exploiting production data, Check Point Infinity SOC is launched, and more! In our second segment, we welcome Scott DeLong, Chief Information Officer and Sr. Technology & Security Officer at Scott DeLong & Associates, to talk about Living Through a Ransomware Attack! In our final segment, we welcome Robb Reck, Chief Information Security Officer at Ping Identity, to discuss Trends in Enterprise Identity!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode190
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Kimber Dowsett (@mzbat) for a two part interview! @mzbat is a frequent speaker at hacker conferences, and likes to help folks prepare for job searches by performing mock interviews and resume reviews!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode34
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Juan Canales, an ExtraHop customer, and Matt Cauthorn, VP Sales Engineering at ExtraHop, to discuss An Honest Conversation About "Response"! In the Leadership and Communications section, Profile of the Post-Pandemic CISO, Time to rethink business continuity and cyber security, Protecting Remote Workers Productivity and Performance, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode179
To request a demo with ExtraHop, visit: https://securityweekly.com/extrahop
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, TikTok bans part 2, Try2Cry, Lazarus rises from the dead, Chinese Data blocking, and the Bubonic Plague! Jason Wood returns for Expert Commentary on how a flashy Nigerian Instagram star was extradited to the U.S. to face BEC charges!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode47
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Catherine Chambers and Will Hickie from Irdeto, to discuss Protecting Mobile Applications! In the Application Security News, Would you like some RCE with your Guacamole?, Attackers Will Target Critical PAN-OS Flaw, Security Experts Warn, Microsoft releases emergency security update to fix two bugs in Windows codecs, The Current State of Kubernetes Threat Modelling, and How To Build a Culture of Resilience Through Good Habits!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode113
To download the white paper, visit: https://securityweekly.com/irdeto
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jerry Chen, Co-Founder of Firewalla, to discuss Work From Home Cyber Security! In our second segment, we welcome Ryan Hays, Offensive Security Manager at RSA Security, to talk about OSINT Scraping with Python! In the Security News, Cisco Releases Security Advisory for Telnet Vulnerability in IOS XE Software, Firefox 78 is out with a mysteriously empty list of security fixes, Python Arbitrary File Write Prevention: The Tarbomb, New Lucifer DDoS Botnet Targets Windows Systems with Multiple Exploits, Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking, and how the Internet is too unsafe, and why we need more hackers!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode656
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug wraps up the hot topics across all the shows for this week, talking about Bad laws, bad hackers, India bans 59 Chinese Apps including TikTok, Lucifer botnet threatens Windows Systems, Schuchman sentenced to 13 months for botnet development, and more!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode46
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about how Semperis adds vulnerability assessment, security reporting, and auto-remediation to its DSP, AWS launches Amazon Honeycode to help quickly build mobile and web apps without programming, Attivo Networks Advanced Protection Disrupts Ransomware 2.0, Improved threat visibility, defense and protection across social platforms with SafeGuard 7.6, and more! In our second segment, we welcome Greg Thomas, Lead Security Engineer at Jvion, to talk about HITRUST Compliance vs. Security and Diversity in InfoSec! In our final segment, we welcome Franz Payer, CEO at Cyber Skyline, to discuss Cybersecurity Hiring!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode189
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Matt Springfield, Founder of 12Feet, Inc., to talk about PCI Workloads in the Cloud! In the Security and Compliance News, Cloud Security for a Dynamic Environment, Why identity-based, distributed controls are better suited to address cloud-era threats, Top Cloud Security Challenges in 2020, Exposed Cloud Databases Attacked 18 Times Per Day, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode33
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Graeme Park, CISO at Matillion, to discuss Cybersecurity Challenges in Growth Organizations! In the Leadership and Communications section, Why Cybersecurity Is Really A Business Problem, 6 Reasons Your Strategy Isn t Working, 5 cities with the highest tech salaries, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode178
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, TikTok bans, OZ increases Cyber budgets, The US Senate wants the justice department to read your mail, the Top Ten Bug Bounties, and BlueLeaks! Jason Wood returns for Expert Commentary on how the REvil Ransomware Gang Adds Auction Feature for Stolen Data!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode45
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Cesar Rodriguez, Head of Developer Advocacy at Accurics, to talk about Using IaC to Establish And Analyze Secure Environments! In the Application Security News, DLL Hijacking at the Trend Micro Password Manager, Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms, The State of Open Source Security 2020, Microservices vs. Monoliths: Which is Right for Your Enterprise?, What Modern CI/CD Should Look Like, and Build trust through better privacy!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode112
To learn more about Accurics, visit: https://securityweekly.com/accurics
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, Show News, Ebay thugs, Ripple 20, T-Mobile, Zoom, and the call may be coming from inside the house! All this and more on the Security Weekly News Wrap Up!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode44
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about how BeyondTrust Announces Integration with the SailPoint Predictive Identity Platform, Check Point Launches CloudGuard Cloud Native Security, CyberArk Alero enhancements provide secure privileged access for remote users, Digital Shadows announces new capabilities to identify and remediate unwanted code exposure, and more! In our second segment, we welcome back Ferruh Mavituna, CEO of Netsparker, to talk about Debunking DAST Myths and Short-Term Strategies To Fixing Vulnerabilities! In our final segment, we welcome Jason Fruge, Vice President, Business Application Cybersecurity at Onapsis, to talk about Emerging Security Threats to Your Digital Supply Chain!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode188
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
To request a complimentary assessment, visit https://securityweekly.com/onapsis
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Jeff, Matt, Scott, and Josh continue the conversation and talk "How to Become an InfoSec Professional With Limited Resources", and talk about "What Is An InfoSec Professional?"!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode32
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Cute robot dogs available for sale, T-Mobile was down all day, lightbulbs can be bugged, DARPA bug bounties, Ebay is going to get ya, and Bob Erdman from Core Security talks about Ransomware!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode43
To learn more about Core Security, visit: https://securityweekly.com/coresecurity
ย
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show news, Facebook and the FBI try to catch a child predator, REvil, State Sponsored hacking, Darpa bug bounties, and the F Word!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode42
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Lewie Dunsworth, CEO of Nuspire, to talk about How CISOs Can Best Prioritize Security With a Decreased Budget! In the Leadership and Communications section, Five signs a virtual CISO makes sense for your organization, How to Negotiate Virtually, Why Securing Endpoints Is The Future Of Cybersecurity, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode177
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Michelle Dennedy, CEO of DrumWave, to discuss Data Mapping & Data Value Journey! In the Application Security News, CallStranger hits the horror trope where the call is coming from inside the house, SMBleedingGhost Writeup expands on prior SMB flaws that exposed kernel memory, Misconfigured Kubeflow workloads are a security risk, Verizon Data Breach Investigations Report, and more!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode111
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dan DeCloss, President and CEO of PlexTrac, to talk about Enhancing Vulnerability Management By Including Penetration Testing Results! In the Security News, Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, 3 common misconceptions about PCI compliance, SMBleed could allow a remote attacker to leak kernel memory, Kubernetes Falls to Cryptomining via Machine-Learning Framework, and The F-words hidden superpower: How Repeating it can increase your pain threshold! In our Final Segment, we air a Pre-Recorded Interview with Ben Mussler, Senior Security Researcher at Acunetix, discussing New Web Technology and its Impact on Automated Security Testing!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode655
To learn more about PlexTrac, visit: https://securityweekly.com/plextrac
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about how Morpheus Announces Zero-Trust Cloud Management Platform, Thycotic Releases New Version of DevOps Secrets Vault, Qualys Remote Endpoint Protection gets malware detection, F-Secure launches ID PROTECTION, Vectra integrates network threat detection and response for Microsoft Security Services, and more! In our second segment, we welcome Scott Kuffer, Co-Founder & COO at Nucleus Security, to talk about Vulnerability Management! In our final segment, we welcome Heather Adkins, Senior Director of Information Security and Privacy at Google, to talk about Google s New Site Reliability Engineering Book and best practices for designing scalable and reliable systems that are fundamentally secure!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode187
To learn more about Nucleus Security, visit: http://nucleussec.com
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Patteson and Robert Carey from RSA Security, to talk about Navigating the Risks Associated With the Return to "Normal"! Jeff, Scott, Josh, and Matt round out the show with the Compliance News of the week!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode31
To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity
ย
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Twitter cracks down on 5G, Tycoon Ransomware, Citizen App, CallStranger, and REvil! Matt Allen from VIAVI Solutions joins us for Expert Commentary to talk about Leveraging enriched flow insights to accelerate response and remediation!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode41
To learn more about VIAVI Solution, visit: https://securityweekly.com/viavi
ย
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Marc French, CISO & Managing Director at Product Security Group, Inc., to talk about Career Ladders in Information Security! In the Leadership and Communications section, Challenges of a New CISO: The First Year, Why a robust security culture begins with people, How Cybersecurity Leaders Can Chart the Seas of Business Communication, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode176
All of the open source career ladders can be found here: https://github.com/product-security-group/Security_Ladders
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Phillip Maddux, Sr. Technical Account Manager at Signal Sciences, to talk about The Future State of AppSec! In the Application Security News, Two vulnerabilities in Zoom could lead to code execution, Zero-day in Sign in with Apple, Focus on Speed Doesn t Mean Focus on Automation, Apple pushes fix across ALL devices for unc0ver jailbreak flaw, and more!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode110
To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, first we present a Technical Segment, on Lightweight Vulnerability Management using NMAP! In our second segment, we welcome back Corey Thuen, Co-Founder of Gravwell, for a second Technical Segment, entitled "PCAPS or it didn't happen", diving into Collecting Packet Captures on Demand within a Threat Hunting use case with Gravwell! In the Security News, Octopus Scanner Sinks Tentacles into GitHub Repositories, RobbinHood and the Merry Men, Zoom Restricts End-to-End Encryption to Paid Users, Hackers steal secrets from US nuclear missile contractor, and Had a bad weekend? Probably, if you're a Sectigo customer, after root cert expires and online chaos ensues!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode654
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
To check out Packet Fleet, visit: https://github.com/gravwell/ingesters/tree/master/PacketFleet
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show news, Anonymous Returns, Deep Fakes and Deep Fake Hunters, IP in IP hacks, and IPv6.
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode40
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about how SureCloud Launches Cyber Resilience Assessment Solution, Blackpoint Cyber launches 365 Defense - a Microsoft 365 security add-on for its MDR service, Endace and Palo Alto Networks Cortex XSOAR enable accelerated forensics of cyberthreats, Zscaler acquires Edgewise Networks, WatchGuard Technologies Completes Acquisition of Panda Security, and more! In our second segment, we welcome Alyssa Miller, Application Security Advocate at Snyk, to talk about Unraveling Your Software Bill of Materials! In our final segment, we welcome Aaron Rinehart, CTO and Co-Founder of Verica, and Casey Rosenthal, CEO and Co-Founder of Verica, to talk about Security Chaos Engineering!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode186
To learn more about Snyk, visit: https://securityweekly.com/snyk
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Jeff loves PCI DSS. Josh has been a fierce critic of it... and... Josh has been working with public policy... We'll dig into the nuances and offer better ways to tell good from bad policy incentives.
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode30
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, SpaceX docks, Anonymous returns, Apple pays, Zephyr blows, and Mobile Phishing is Expensive!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode39
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jen Ellis, Vice President of Community & Public Affairs at Rapid7, to talk about How to Truly Disrupt Cybercrime! In the Leadership and Communications section, CISO vs. CEO: How executives rate their security posture, 3 Reasons Why Cybersecurity Is Not A Technical Problem, How to Be a Great Listener in Remote Meetings and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode175
To learn more about Rapid7 or to request a demo, visit: https://securityweekly.com/rapid7
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we speak with John Chirhart, Customer Experience Engineer at Google Cloud, to discuss How to Prevent Account Takeover Attacks! In our second segment, we welcome Catherine Chambers, Senior Product Manager at Irdeto, to talk about why Apps Are the New Endpoint!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode109
To learn more about Irdeto, visit: https://securityweekly.com/irdeto
To learn more about Google Cloud and reCAPTCHA, visit: https://securityweekly.com/recaptcha
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Greg Foss, Senior Threat Researcher at VMware Carbon Black's Threat Analysis Unit, to talk about 2020 MITRE ATT&CK Malware Trends! In this week's Security News, NSA warns Russia-linked APT group is exploiting Exim flaw since 2019, 'Suspicious superhumans' behind rise in attacks on online services, Hackers Compromise Cisco Servers Via SaltStack Flaws, OpenSSH to deprecate SHA-1 logins due to security risk, all this and more with Special Guest Ed Skoudis, Founder of Counter Hack and Faculty Fellow at SANS Institute! In our final segment, we air a pre recorded interview with Peter Singer, Strategist at New America, and Author of Burn-In: A Novel of the Real Robotics Revolution, talking all things about his new novel Burn-In!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode653
To get a discounted copy of Burn-In: A Novel of the Real Robotic Revolution, visit: https://800ceoread.com/securityweekly
To check out the SANS Pen Test HackFest and Cyber Range Summit, visit: https://www.sans.org/event/hackfest-ranges-summit-2020
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show news, 5G Quantum Oscillations, Ragnar, Windows Hello, Facebook, and FISA!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode38
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about the MITRE ATT&CK for ICS: A Technical Deep Dive, Tufin Expands Security Automation Capabilities, Strengthen Business and Security Alignment with ThreatConnect, BeyondTrust Privilege Management for Windows and Mac SaaS Accelerates and Enhances Endpoint Security, Re-imaging threat detection, hunting and response with CTI, and more! In our second segment, we welcome Adam Bosnian, Executive Vice President of Global Business Development at CyberArk, discussing What Is The Real Value Of Identity In A Multi-vendor IT Environment? In our final segment, we welcome Zack Moody, Head of Global Cybersecurity & Privacy at AVX Corporation, to talk about how Cybersecurity Is a Mindset That Cannot Be Taught!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode185
To learn more about CyberArk, visit: https://securityweekly.com/cyberark
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Defcon is still cancelled, Cyber insurance?, Phishing, rogue drones, the return of the dark web, Sarwent malware, and Dutch Grandmothers in trouble. Jason Wood joins us for the Expert Commentary on how eBay users spot the online auction house port-scanning their PCs!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode37
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jason Nickola, COO and Senior Security Consultant at Pulsar Security, to talk about Building An InfoSec Career! In our second segment, we welcome back Sven Morgenroth, Security Researcher at Nesparker, to talk about HTTP Security Headers In Action! In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode652
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on the Wrap Up, Danny Trejo, COVID-19 Contact Tracing, SaltStack, and lots of hacked Supercomputers with cool names!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode36
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how RSA Conference 2021 Changes Date from February to May 2021, Docker partners with Snyk on container image vulnerability scanning, Venafi acquires Jetstack to bring together developer speed and enterprise security, Onapsis expands assessments for its Business Risk Illustration service, Volterra launches VoltShare to simplify the process of securely encrypting confidential data end-to-end, and more! In our second segment, we welcome Dan DeCloss, President & CEO of PlexTrac, to talk about Managing Enterprise Security Assessments! In our final segment, we welcome DJ Sampath, Co-Founder & CEO of Armorblox, to discuss Dealing with Phishing Attacks Outside Of Email!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode184
To learn more about PlexTrac or to claim your Free Month, visit: https://securityweekly.com/plextrac
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Ann Cleaveland, the Executive Director of the Center for Long-Term Cybersecurity, a research and collaboration think tank housed within the University of California, Berkeley School of Information! We have the pleasure of having Ann for the entire show today in this two part interview!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode29
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug returns to the studio, to discuss how DEFCON is Cancelled, Many Applications have Security flaws, Verizon Security Report for 2019, The FBI and DoJ want encryption backdoors, and Space, the final Frontier! The Master of Commentary Jason Wood joins us to talk about how a Ransomware Gang Was Arrested for Spreading Locky to Hospitals!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode35
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mike Adler, Vice President of RSA NetWitness Platform at RSA Security, for a conversation on the question: Is the Virtual SOC Our "New Normal"? In the Leadership and Communications segment, Burnt out CISOs are a huge cyber risk, to build strategy, start with the future, 78% of Organizations Use More than 50 Cybersecurity Products to Address Security Issues, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode174
To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity
To check out the RSA NetWitness Platform (SIEM and integrated EDR), visit: https://www.rsa.com/en-us/products/threat-detection-response
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jack Zarris, Senior Sales Engineer at Signal Sciences, to talk about Using Rate Limiting to Protect Web Apps and APIs! In our second segment, we welcome Tim Mackey, Principal Security Strategist at Synopsys, to discuss the Highlights From the New Open Source Security and Risk Analysis Report!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode108
To learn more about Synopsys, visit: https://securityweekly.com/synopsys
To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Mike Nichols, Head of Product at Elastic Security, to talk about MITRE ATT&CK & Security Visibility: Looking Beyond Endpoint Data! In our second segment, we welcome back Harry Sverdlove, Founder and CTO of Edgewise Networks, to discuss Securing Remote Access, Quarantines, and Security! In the Security News, Palo Alto Networks Patches Many Vulnerabilities in PAN-OS, Zerodium will no longer acquire certain types of iOS exploits due to surplus, New Ramsay Malware Can Steal Sensitive Documents from Air-Gapped Networks, vBulletin fixes critical vulnerability so patch immediately!, U.S. Cyber Command Shares More North Korean Malware Variants, and The Top 10 Most-Targeted Security Vulnerabilities!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode651
To learn more about Elastic Security, visit: https://securityweekly.com/elastic
To view the Elastic Dashboard of MITRE ATT&CK Round 2 Evaluation Results, visit: https://ela.st/mitre-eval-rd2
To learn more about Edgewise Networks or to request a Demo, visit: https://securityweekly.com/edgewise
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug wraps up all the shows across our network, including the Show News, Bunny Lebowski's toes, STAMINA, RAMSAY, and US-Cert Vulnerabilities!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode34
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how GitHub Code Scanning aims to prevent vulnerabilities in open source software, SlashNext Integrates with Palo Alto Networks Cortex XSOAR to Deliver Automated Phishing IR and Threat Hunting, Portshift Announces Extended Kubernetes Cluster Protection, Vigilant Ops InSight Platform V1 automatically generates device software bill of materials, and more! In our second segment, we welcome Georges Bellefontaine, Manager of Vulnerability Management at Toyota Financial, to discuss the approach to vulnerability management and the benefits of a full life-cycle approach to vulnerability management with Qualys' VMDR Solution! In our final segment, we welcome Sid Nanda, Senior Product Marketing Manager at VIAVI Solutions, to talk about Using the Network to Reduce Remediation Costs!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode183
To learn more about Qualys VMDR, visit: https://securityweekly.com/qualys
To learn more about VIAVI Solutions, visit: https://securitweekly.com/viavi
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jake Williams, Founder and Principal Consultant at Rendition Infosec, to talk about Security vs. Compliance: Where are the overlaps? Where are the differences?
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode28
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dr. Mike Lloyd, CTO at RedSeal, to talk about Lessons for Cybersecurity From a Pandemic! In the leadership and communications section, Top 5 Tactical Steps for a New CISO, Good Leadership Is About Communicating Why , 5, ok maybe only 4, CISO Priorities During the COVID-19 Response, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode173
To learn more about RedSeal, visit: https://securityweekly.com/redseal
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Security Weekly News, DEFCON 28 is indeed cancelled, Paying Ransomware may double the recovery cost, ThunderSpy evil maid attack on thunderbolt devices, FBI to release a warning about Chinese hackers targeting virus research, and more! Jason Wood returns for the Expert Commentary to talk about Four GDPR Violations that multiple companies have been fined for!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode33
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Joe Garcia, DevOps Security Engineer at CyberArk, to discuss How Can Security Work TOGETHER, Not Against, Developers! In the Application Security News, Cloud servers hacked via critical SaltStack vulnerabilities, Samsung Confirms Critical Security Issue For Millions: Every Galaxy After 2014 Affected, Mitigating vulnerabilities in endpoint network stacks, Microsoft Shells Out $100K for IoT Security, and Secure your team s code with code scanning and secret scanning!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode107
To learn more about CyberArk, visit: https://securityweekly.com/cyberark
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White wraps up the hot topics and interviews across all of our shows on the network! Then delving into some of the top news stories like No more foreign power equipment, AppleGoogle bans the use of GPS in tracking, power supply oohs and aahs, and the Love Bug Remembered!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode32
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Elgee, Major at the Massachusetts Army National Guard, and Jim McPherson, Cyber Security Analyst, to talk about Public utility security and the National Guards support! In our second segment, we welcome back Mick Douglas, Founder and Owner of InfoSec Innovations, to discuss Project Fantastic - Bringing The CLI to GUI Users! In the Security News, Naikon APT Hid Five-Year Espionage Attack Under Radar, PoC Exploit Released for DoS Vulnerability in OpenSSL, 900,000 WordPress sites attacked via XSS vulnerabilities, Kaiji, a New Linux Malware Targets IoT Devices in the Wild, Another Stuxnet-Style Vulnerability Found in Schneider Electric Software, and remembering the ILOVEYOU virus!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode650
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how Microsoft is to buy Israeli cybersecurity startup CyberX, ExtraHop Data Shows Shifts in IoT Device Usage During COVID-19 Have Broad Security Implications, Immuta and Snowflake help customers share data with automated privacy protection, Code42 Integrates with Palo Alto Networks Cortex XSOAR to Speed and Automate Insider Threat Incident Response, and more! In our second segment, we welcome Matt Cauthorn and Ted Driggs of ExtraHop, to talk about Why the Cloud Stall is Now the Cloud Surge! In our final segment, we welcome Justin Buchanan, Senior Manager of Solutions, Vulnerability Management and Offensive Security at Rapid7, to discuss Effective Goal Setting and Tracking!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode182
To learn more about Rapid7, or to request a Demo, visit: https://securityweekly.com/rapid7
To learn more about ExtraHop, visit: https://securityweekly.com/extrahop
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Today we will discuss the PCI DSS and some of its myths, misunderstandings, and misconceptions, including: Why most vendors don't understand how their products fit within PCI, The six overall goals of the PCI DSS, Why PCI is perceived as a check box program, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode27
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Hackers are using infected movie downloads to spread malware to PC, Esoteric Exfiltration using Power Supplies on Airgapped machines, US Government bans purchase of bulk power system equipment from hostile foreign powers, Eventbot malware targets banking apps on Android Phones, and Apple makes it easier to unlock your phone while wearing a mask! In the Expert Commentary, we welcome Corey Thuen, Co-Founder at Gravwell, to discuss how Gravwell is built to ingest data from anything for collection and correlation with logs, security events, or network packets. They're releasing Packetfleet open source as a tool that makes it easier to do on-demand packet capture from multiple locations!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode31
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
ย
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Graeme Payne, President at Cybersecurity4Executives, to discuss Impacts of a Data Breach! During the Equifax 2017 Data Breach, Graeme Payne was Senior Vice President and CIO of Global Corporate Platforms. He was fired the day before the former Chairman and CEO of Equifax testified to Congress that the root cause of the data breach was a human error and technological failure. Graeme would later be identified as the human error . In the Leadership and Communications Segment, CISO position burnout causes high churn rate, 7 Rules for Staying Productive Long-Term, Now Is an Unprecedented Opportunity to Hire Great Talent, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode172
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Gareth Rushgrove, Director of Product Management at Snyk, to talk about Modern Application Security and Container Security! In the Application Security News, Psychic Paper demonstrates why a lack of safe and consistent parsing of XML is disturbing, Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams, Salt Bugs Allow Full RCE as Root on Cloud Servers, and Love Bug's creator tracked down to repair shop in Manila!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode106
To learn more about Snyk, visit: https://securityweekly.com/snyk
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly