Login
This week, Paul is joined by Matt Alderman in the absence of John Strand, to discuss The Evolution of Vulnerability Management, and where we stand today in areas such as Applications, Infrastructure, and Mobile! In the Enterprise Security News, Cisco unlocks IoT potential with Intent-Based Networking, Qualys extends cloud platform with patch management, Tenable announces general availability of Predictive Prioritization, Lacework announces security support for Azure and Multicloud environments, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode126
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Visit http://securityweekly.com/esw for all the latest episodes!
This week, Paul is joined by Joff Thyer to interview Tim Eades, CEO of vArmour, to talk about basic flow of problem, solution, and value! In the Application Security News, many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome extension with millions of users is now serving popup ads!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, your Lenovo X is watching you & sharing information, a client-side DNS attack emerges from academic research, a macOS vulnerability leaks safari data, hackers hit VFEmail & wipe US servers and backups, and a check-in system flaw puts major airlines at risk! Jason Wood from Paladin Security joins us for expert commentary on how fraudsters are scamming teenage 'money mules' on Instagram and Snapchat!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode207
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ed Moyle, General Manager and Chief Content Officer at Prelude Institute! Ed is on the Advisory Board for InfoSec World and joins us to talk about InfoSec World 2019 and its upcoming plans, where he'll be giving a talk titled "Cryptocurrency Lessons for Enterprise Blockchain"! In the Leadership and Communications segment, keep your employees and youโll keep your customers, why leadership development is superficial and how to fix it, simple techniques to overcome negative emotions when negotiating with others, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode117
Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul start the show with the Application Security News, discussing concerns about WordPressโ new โWhite Screen of Deathโ, Google Chrome changes could โdestroyโ ad-blockers, Mozilla is adding and ad-blocker to Firefox Focus 9.0, websites can steal browser data via extensions APIs, and a Fortnite security issue would have granted hackers access to accounts! In the second segment, Keith and Paul interview Jing Xie, Product Manager at Venafi, to talk about Static Analysis, Secure Code Signing, and more!!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Long, Security Engineer at Palantir for our Technical Segment to talk about DetectionLab, a collection of Vagrant and Packer scripts that allow you to automate the creation of networks! In the Security News, 5G networks must be secured from hackers and bad actors, Zero-Day vulnerability highlights the responsible disclosure dilemma, a flaw in multiple airline systems exposes passenger data, security bugs in video chat tools enable remote attackers, and an original World War II German message decrypts to go on display at the National Museum of Computing! In our final segment, we air a Pre Recorded interview with InfoSec World Speaker Connie Mastovich, the Sr. Security Compliance Analyst at Reclamere to talk about the Dark Web!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode593 Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. Visit https://www.securityweekly.com/psw for all the latest episodes! To learn more about DetectionLab, visit: https://detectionlab.network
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and John interview Randall Trzeciak, the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute! Randall will also be speaking at InfoSec World 2019 about "An Effective Insider Threat Program" on Saturday, March 30th @ 9:00 am! In the Enterprise Security News, RSA Conference announces finalists for Innovation Sandbox Contest 2019, DigiCert announces all-in-one digital certificate management solution, Google's new Chrome extension warns you about stolen passwords, Signal Sciences raises 35$ Million to accelerate market expansion and tech innovation, and Palo Alto is in talks to buy Information Security firm Demisto!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode125
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Visitย https://infosecworld.misti.com/ย and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass!ย
ย
Like us on Facebook: https://www.facebook.com/secweekly
Visit http://securityweekly.com/esw for all the latest episodes!
This week, roughly 500,000 Ubiquiti devices may be affected by a flaw already exploited in the wild, Outlaw Shellbot infects Linux servers to mine for Monero, Apple's Siri shortcuts feature vulnerable to abuse, Google's new Chrome extension warns you about stolen passwords, and Google patches critical .png image bug! David Pearson from Awake Security joins us for expert commentary on recent news around Japan performing an IoT pentest on their public IPs!
ย
To learn more about Awake Security, visit: https://securityweekly.com/awake
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode206
ย
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul discuss the current state of privacy and software development! They discuss how Facebook pays teens to install VPN that spies on them, how Apple blocks Facebook from running its internal iOS apps, and more! In the Application Security News, Three UK customer details exposed in homepage blunder, Microsoft cloud services see global authentication outage, the age of surveillance capitalism, the rise of DevXOps, and much more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode49
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome David Kennedy, Founder and CEO at TrustedSec, to discuss why it's important to be investing in the right technology and resources! In our second segment, we welcome Sandra Toms, Vice President and Curator, and Britta Glade, Director of Content and Curation from RSA Conference, to preview what's new at RSA Conference 2019!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode116
To learn more about TrustedSec, visit: https://www.securityweekly.com/trustedsec
Go to https://rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Benjamin Daniel Mussler, Senior Security Researcher at Acunetix to talk about Web App Scanning with Authentication! In our second segment, the Security Weekly hosts will discuss the Future of Security, such as major changes, evolving threats, and security culture! In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigated a DDoS attack that generated 500 million packets per second!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode592
Visit https://www.securityweekly.com/psw for all the latest episodes!
To learn more about Acunetix, visit: https://www.acunetix.com/securityweekly/
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Shreyans Mehta, Chief Technology Officer at Cequence Security to talk about Advanced Bot Protection! In the Leadership and Communications segment, Cybersecurity isn't just for tech people anymore, The Weird Approach to leadership, 4 things to do before a tough conversation, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode115
Visit https://www.securityweekly.com/bsw for all the latest episodes!
To find out more about Cequence Security visit: https://securityweekly.com/cequence
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, I am joined by Matt Alderman and John Strand to interview Andrew Peterson, Founder and CEO of Signal Sciences, to talk about prioritizing bugs, functionality, and security fixes! In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode124
Visit https://www.securityweekly.com/esw for all the latest episodes!
If you want to learn more about Signal Sciences, visit: https://www.signalsciences.com/psw
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a tool that finds vulnerable robots on the Internet, a new exploit that threatens over 9,000 Cisco routers, apple turns of group FaceTime after an eavesdropping bug, wordpress sites under attack via Zero-Day in abandoned plugin, and OpenBMC caught with 'pantsdown' over a new security flaw! Jason Wood from Paladin Security joins us for expert commentary on Abusing Exchange: One API call away from Domain Admin!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode205
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Morales, the Head of Security Analytics at Vectra for an interview to talk about Machine Learning! In our second segment, the Security Weekly hosts talks about some of our favorite hacker movies, influencers in the community, and what software and devices make appearances in our labs! In the Security News, cellular carriers are implementing services to identify cell scam leveraging, new Android malware uses motion sensor to avoid detection, Linux malware disables security software to mine cryptocurrency, and how a hacker threatened a family using a Nest camera to broadcast a fake missile attack alert!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode591
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, I am joined by Jeff Man for the Enterprise News, to talk about Ping Identity offering advanced API cyber protection, AppDynamics keeps expanding monitoring vision, eSentire announces managed endpoint defense powered by Carbon Black, and Juniper Networks signs a deal with IBMs! In the Technical Segment, we will discuss some Open-Source and Free Collaboration Security Tools for Project Planning, Ticketing Systems, Remote System Monitoring, RSS feeds, and Documentation!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode123
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on Application Security Weekly, Matt Alderman takes the reigns and is joined by Co-Host James Wickett, who is the Head of Research at Signal Sciences! They talk about the human element of application security training and testing! In the Application Security News, Oracle patches 284 vulnerabilities, a bug in Twitter Android app exposed protected tweets, four tips for better API Security in 2019, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a flaw in MySQL could allow rogue servers to steal files, a state agency exposes 3TB of data including FBI info, how cybercriminals clean their dirty money, a critical RCE flaw in Linux APT allows remote attackers to hack systems, and how to protect against a new breed of cyber attack! Jason Wood from Paladin Security joins us for expert commentary on how attackers used a LinkedIn job ad and Skype call to breach a bank's defense!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode204
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Zane Lackey, Co-Founder and Chief Security Officer at Signal Sciences! In the Leadership and Communications segment, customer surveys are no substitute for actually talking to customers, CEOs most concerned about Cybersecurity in 2019, the open workspace, doesn't work, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114
Visit https://www.securityweekly.com/bsw for all the latest episodes!
For more information about Signal Sciences, visit:ย https://www.signalsciences.com/psw
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dr. Eric Cole, the Founder and CEO of Secure Anchor Consulting for an interview! In the Technical segment, our very own Joff Thyer will be demonstrating some syntax with PowerShell useful for transferring data into a network while pen testing! In the Security News, two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for Zero-Day Exploits are rising, new attacks target recent PHP Framework Vulnerability, Microsoft launches a new Azure DevOps Bug Bounty program, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode590
Visit https://www.securityweekly.com/psw for all the latest episodes!
For more information about Black Hills Information Security, visit:ย securityweekly.com/bhis
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul is joined by Matt Alderman to discuss some mergers, acquisitions, and partnerships, such as TokenEx partnering with SureCloud, Check Point acquires ForceNock, Zix agrees to acquire AppRiver for $275 million, and more! In this second segment, they discuss some security product launches and announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, Synopsys, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode122
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Rey Bango, Security Advocate for Microsoft! Rey is focused on helping the community build secure systems & being a voice for researchers within MS! In the Application Security News, Another server security lapse at NASA exposed staff and project data, CRLF Injection Into PHPโs cURL Options, System Down: A systemd-journald exploit, GitHub now gives free users unlimited private repositories, Twitter is broken, Government shutdown: TLS certificates not renewed, many websites are down, and much more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, US Government shutdown leaves dozens of .gov sites vulnerable, Firefox 69 to disable Adobe Flash, an unpatched vCard flaw could leave your PCs open to attackers, Tesla's contest Pwn2Own could win you a Model 3, and how building site cranes are easier to hack than garage door openers! Jason Wood from Paladin Security joins us for expert commentary on how the Boston Hospital Attacker was sentenced to 10 years in prison, and more on this episode of Hack Naked News!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode203
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul introduce a new quarterly segment to review the money of security, including public companies, IPOs, funding rounds, and acquisitions from the previous quarter! We've also created our own index to track public security companies called the Security Weekly 25, so let's understand how the security market is doing! In the Leadership Articles, Matt and Paul discuss how to be present, manage time, and avoid distractions, why your gut instinct is usually wrong, the 5 most efficient ways to get your work done, the creative difference between multitasking and multi-focus, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode113
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Bryson Bort, the Founder and CEO of SCYTHE to talk about Attack Simulation! In the Technical Segment, Kory Findley will be presenting a tool he created entitled โpktreconโ, for internal network segment reconnaissance using broadcast and service discovery protocol traffic! In the Security News, why Hyatt Is launching a public bug bounty program, Amazon Key partners with myQ, web vulnerabilities up, IoT flaws down, enterprise iPhones will soon be able to use security dongles, how El Chapo's IT manager cracked his encrypted chats and brought him down, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode589
Visit https://www.securityweekly.com/psw for all the latest episodes!
For more information about SCYTHE, visit:ย https://www.scythe.io/securityweekly
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Tony Cole, Chief Technology Officer at Attivo Networks for an interview! Tony joins us to discuss the cyber deception in the enterprises today, and gives a brief history of deception and its applicability to cybersecurity! In the Enterprise News, Neustar bolsters fraud detection capabilities with Trustid, almost half of containers in production have vulnerabilities, BlackBerry offers its security technology to IoT device makers, and Radware to acquire ShieldSquare for expansion of its cloud security portfolio!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode121
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Ken Johnson, Application Security Engineer at GitHub! Ken joins us to discuss approaching AppSec the right way, "running a scanner without context", getting the right context/importance of context, and how to figure what's real and what's legit! In the Application Security News, Wormable stored XSS on WordPress.org, a security lapse revealed private complaints from Silicon Valley employees, hackers hijack thousands of Chromecasts to warn of latest security bug, a linting tool for checking accessibility, speed, and security, host websites on GitHub, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode45
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Ethereum hit by Double Spend attack, NSA to release reverse engineering tool for free, a Skype glitch allowed Android Authentication Bypass, Zerodium offers $2 Million for remote iOS jailbreaks, and tens of thousands of hot tubs are exposed to hacking! Our CEO Matt Alderman joins us for expert commentary on how Container Security lags amidst DevOps enthusiasm, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode202
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Tim Callahan, Global Chief Security Officer of Aflac, to discuss communicating threat intelligence to executives and the board! In the Leadership Articles, Matt and Paul discuss how to moderate a panel discussion, the secret to leading organizational change is empathy, DevOps explained, 5 cloud computing predictions for 2019, and the top 3 things CIOs lose sleep over!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode112
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dameon Welch-Abernathy, or โPhoneboyโ, a Cyber Security Evangelist at Check Point Software Technologies for an interview! Dameon joins us to discuss how to help people in the security community, a topic near and dear to our hearts! In the Technical Segment, the Security Weekly crew accompanied by Dameon holds a discussion on Breaches, Privacy, Compliance, and more! In the Security News, the worst hacks of 2018, hijacking smart TV's to promote PewDiePie, hackers attempt to sell stolen 9/11 documents, and turning your house into a DOOM level with a Roomba! All that and more, on this episode of Paul's Security Weekly!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode588
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Vaughn Adams, Enterprise Sales Engineer at LogRhythm! Vaughn will be talking about using freely available tools and logs you are already collecting to detect attacker behavior! In our second segment, we have a Round Table discussion entitled "What the Heck Are Security Basics?", to talk about what should organizations be doing to meet the basic security requirements, and much more! In our final segment, we air a pre-recorded interview with Mandy Logan on "Hacking the Brainstem", her trip through recovery, and how she came to love Information Security!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode587
Visit https://www.securityweekly.com/psw for all the latest episodes!
To get involved with LogRhythm, go to: www.securityweekly.com/logrhythm
Support Mandy by going to her GoFundMe Page: https://www.gofundme.com/hacking-recovery-brainstem-stroke
ย
Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul, John Strand, and Matt Alderman talk the Enterprise News, which includes TPG in early talks to sell McAfee to Thoma Bravo, Bitdefender offers new managed threat monitoring service, Symantec and Fortinet partner to deliver robust and comprehensive Cloud Security Service, and Untangle partners with Malwarebytes to bring Layered Security to SMBs! In our final segment of the year, Paul brings you his personal Top Ten List for 2018 including his favorite acquisitions, breaches, vulnerabilities, interviews, attack tools, news articles, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode120
Visit https://www.securityweekly.com/esw for all the latest episodes!
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Harry Sverdlove, CTO and Founder of Edgewise! Harry joins us to discuss what Edgewise does in the AppSec world, segmentation, cloud migration, trying different architectures, and more! In the Application Security News, Facebook bug exposed private photos of 6.8 million users, thousands of Jenkins servers will let anonymous users become admins, Signal app can't include a backdoor for the Australian government, WordPress plugs bug that led to Google indexing some user passwords, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode44
To get involved with Edgewise, go to: https://www.edgewise.net/securityweekly
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
Visit our website: https://www.securityweekly.com
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, when meme's attack, how Google's taking steps to secure Kubernetes, suggestions for last minute Holiday IT gifts, Twitter fixes bug that exposed data, and how WordPress was targeted with clever SEO Injection Malware! Ed Sattar from Quickstart joins us for expert commentary on how to optimize your cyber security investment to maximize ROI, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode201
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Bob Ackerman, a legend in venture capital investing, and is referred to as one of "Cyber's Money Men". Bob is also the Founder and Managing Director of venture capital firm AllegisCyber! In the Leadership Articles, Matt and Paul discuss how to be productive during the holiday season, how to work from home without losing your mind, how to talk to your boss when youโre underperforming, selling your product as you build it, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode111
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, how Taylor Swift used Facial Recognition to thwart stalkers, unlocking Android phones with a 3D printed head, Ticketmaster fails to take responsibility for malware, and it's December of 2018, to Hell with it, just patch your stuff already! In our first interview, we welcome back Ed Skoudis, Founder of the Counter Hack Challenge and Kringle Con 2018! Ed joins us on the show to talk about this years challenge and what's in store! In our final interview, we welcome back Don Murdoch, the Assistant Director at Regent University Cyber Range! Don joins us this week to discuss his book, "Blue Team Handbook: Incident Response Edition", and more!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode586
Visit https://www.securityweekly.com/psw for all the latest episodes!
Join KringleCon 2018: www.kringlecon.com
ย
Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and John Strand interview John Bradshaw, Senior Director and Solutions Engineer at Acalvio Technologies, to talk about 5 Tenets of Enterprise Deception! In the Enterprise News this week, NopSec announces the latest release of its flagship product, Minerva Labs Anti-Evasion Platform Achieves VMware Ready Status, SecurityScorecard Announces Partnership with Cybernance to Drive Holistic View of Cyber Risk Across the Enterprise, and we have some acquisition and funding updates from Venafi, WhiteFox, and Pindrop!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode119
Visit https://www.securityweekly.com/esw for all the latest episodes!
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Chris Elgee, the Technical Engineer at Counter Hack Challenges! Chris joins Keith and Paul this week to talk about the Counter Hack Challenge, how itโs been working on the challenge vs. playing it, and more! In the Application Security News, Kubernetes instances are being hijacked worldwide, malicious sites abuse 11-year old Firefox bug that Mozilla failed to fix, Google is on a Witch Hunt for Internal Leakers, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode43
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Google+ flaw leads Chocolate Factory to shut down early, 40,000 credentials for government portals found online, one tweak that can save you from NotPetya, ESET discovers 21 new Linux malware variants, and how this Phishing Scam group built a list of 50,000 execs to target! Jason Wood from Paladin Security joins us for expert commentary on how Microsoft is calling for facial recognition tech regulation!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode200
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Brian Carey, Senior Security Consultant at Rapid7! Brian talks about emerging trends that he is seeing with his clients, and how they impact their clientsโ security programs, including maturity, roadmap, and recommendations! In the Leadership Articles, Matt and Paul discuss how to collaborate with people you donโt like, the right way to solve complex business problems, what the habits are of successful people, three things to know before you land a tech job, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode110
To learn more about Rapid7, go to: www.rapid7.com/securityweekly
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, how Docker containers can be exploited to mine for cryptocurrency, WordPress sites attacking other WordPress sites, why the Marriott breach is a valuable IT lesson, malicious Chrome extensions, why hospitals are the next frontier of cybersecurity, and how someone is claiming to sell a Mass Printer Hijacking service! In our first Technical Segment, we welcome Marcello Salvati, Security Consultant at BHIS, to talk about SILENTTRINITY, a post-exploitation agent powered by Python, IronPython, C#/.NET! In our second Technical Segment, we air a pre-recorded interview of Lenny Zeltser, VP of Products at Minerva! Lenny will be discussing Evasion Tactics in Malware from the Inside Out!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode585
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly
To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW
To look more into SILENTTRINITY, go to: https://github.com/byt3bl33d3r/SILENTTRINITY
ย
Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and John Strand interview Mike Nichols, the VP of Product for Endgame! Mike joins us to talk about the MITRE evaluation of Endgame, Open-Source Query Language EQL, and more! In the Enterprise Security News, Ixia extends collaboration with ProtectWise, Ping Identity brings in New Customer Identity as a service solution, Fortinet introduces new security automation capabilities on AWS, Yubico announces YubiHSM 2 integration with AWS IoT Greengrass, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode118
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
To learn more about Endgame, go to: www.endgame.com
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Aleksei Tiurin, Senior Security Researcher at Acunetix! Aleksei joins Keith and Paul this week for a Technical Segment on reverse proxies using WebLogic, Nginx, and Tomcat! In the Application Security News, hackers are opening SMB ports on routers to infect PCโs with NSA malware, bug detectives whip up smarter version of classic AFL fuzzer to hunt code vulnerabilities, malware & rogue users can spy on some apps' HTTPS crypto, exploiting developer infrastructure is insanely easy, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42
To learn more about Acunetix, go to: www.acunetix.com/securityweekly
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, hijacking printers to promote a YouTube channel, fake iOS apps that steal money, Google patches 11 critical RCE Android Vulnerabilities, Marriott hack hits 500 million Starwood guests, and getting Pwned through an oscilloscope! Jason Wood from Paladin Security joins us for expert commentary to discuss how the "Iceman" hacker was charged with running a drone-smuggling ring from jail, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode199
ย
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt Alderman interviews Jay Prassl, CEO of Automox in a Pre-Recorded interview! Jay explains what Automox does, how Automox bridges the gap between ITOps and SecOps use case, and how Automox defines the way to patch systems in the MacOS, Linux, Windows, and MSP! In the Leadership Articles, Paul is joined by Jason Alburquerque to discuss the new math of leadership, how pragmatic leaders can transform stuck organizations, why building a work community is critical, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode109
ย
To learn more about Automox, go to: www.automox.com
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN) Sven Morgenroth of Netsparker will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function, and the crew will wrap the show with the Security News!
Full Show Notes: https://wiki.securityweekly.com/Episode584
To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, Paul and John Strand to interview Jeremy Winter, Director of Azure Management at Microsoft, to talk about Microsoft's Azure program, what they have built, and how it helps further the evolving roles of Cloud Ops and Cloud Security! In the Enterprise News this week, StackPath launches EdgeEngine Serverless Computing, Alcide advances Cloud-Native security firewall platform, Orkus launches Access Governance platform for Cloud Security, Tufin announces a new Cloud Security solution, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode117
Visit https://www.securityweekly.com/esw for all the latest episodes!
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Brent Dukes! Brent is a hacker, and Director of Information Security for an established manufacturing company. He joins Keith and Paul this week to talk about WAFโs, Pentesting, Burp Suite, and more! In the Application Security News, Hackers use Drupalgeddon 2 and Dirty COW exploits to take over web servers, second WordPress hacking campaign underway, USPS took a year to fix a vulnerability that exposed all 60 million users' data, this JavaScript can snoop on other Browser Tabs to work out what you're visiting, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode41
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, disastrous Rowhammer bitflips, malicious developer steals Bitcoin with NodeJS module, Germany proposes router security guidelines, Uber fined 148$ Million for data breach cover-up, Microsoft yanks two buggy Office patches, and a malware advertising campaign that impacts millions of iOS users! Jason Wood from Paladin Security joins us for Expert Commentary to discuss how the FBI created a fake FedEx website to unmask a cybercriminal, and more on this episode of Hack Naked News!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode198
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Richard Seiersen, former Chief Information Security Officer at Lending Club and Twilio to talk about his CISO experience, and the book Richard co-authored called, "How to Measure Anything in Cybersecurity Risk"! In the Leadership and Communications segment, the million-dollar question of cyber-risk, risk assessments essential to secure third-party vendor management, how digital tech is transforming business ecosystem, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode108
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, John Strand makes his triumphant return to join Paul and interview Rick Fernandez, Senior Sales Engineer at LogRhythm to talk about Choosing the Best Option for MSSPS! In the Enterprise News this week, Israeli cybersecurity company Tufin plans Nasdaq IPO, F-Secure boosts endpoint detection and response, Mimecast joins IBM Security app exchange community, and Awake Security debuts Network Traffic Analysis Platform to detect risks! In the Final Segment, we air some interviews we recorded at DEF CON and Black Hat 2018 with Irdeto, Venafi, and HP!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode116
To learn more about LogRhythm, go to: www.LogRhythm.com
For the Full DefCon18 Playlist, go to: https://securityweekly.com/summercamp18
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, Keith and Paul interview John Kinsella, Vice President of Container Security at Qualys! John discusses Qualysโ Container Security, continuous discovery, and tracking for containers and images! In the Application Security News, Instagram leaks passwords to the public, Clickjacking on Google MyAccount Worth $7,500, James Wickett's thread on Open Source SAST options, an advanced search tool for sensitive information stored in GitHub repos, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode40
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, what happens when support won't change your password, Gmail glitch Phishing Attacks, stopping the Infiltration of Things, Make-A-Wish website serves a Cryptojacking Script, Instagram exposes user passwords, and DirtyCOW is back in backdoor attack targeting Drupal Web Servers! Jason Wood from Paladin Security joins us for expert commentary to discuss how Ford is eyeing the use of customers personal data to boost profits!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode197
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Michael Pleasant, Chief Executive Officer and Founder at Open Security for an interview! They discuss transferring from Marine training to a business environment, and his company Open Security! In the Article Discussion, Special Guest Co-Host Jason Alburquerque joins me in studio to discuss Six ways you can establish which goals are important, How to diversify your professional network, the impact of perception and bias on leadership, and more on this episode of Business Security Weekly!!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode107
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jon Buhagiar, Network+ Review Course Instructor at Sybex for an interview to talk about Network Operations! In the Technical Segment, we welcome back John Moran, Senior Product Manager at DFLabs to talk about IncMan SOAR and how DFLabs Automation & Response platform helps automate, orchestrate, and measure CSIRTs and SOCs! In the Security News this week, 7 new Spectre/Meltdown attacks, Hacking ATM's for free cash is easier than Windows XP, AI can now fake fingerprints fooling ID scanners, and Japan's cybersecurity minister admits he's never used a computer!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode583
To learn more about DFLabs, go to: www.dflabs.com/securityweekly
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul and Matt Alderman interview James Wickett, Head of Research at Signal Sciences! James talks about how security is moving to the application space and web applications! In the Enterprise News this week, AlgoSec delivers Native Cloud Security Management for Azure, HP Reinvents customer experience with Ping Identity, what mid market security budgets will look like in 2019, and we have some acquisition & funding updates from ForeScout, Dragos, Netskope, Duality, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode115
To learn more about Signal Sciences, go to: www.signalsciences.com/psw
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul interview Brian Kelly, Head of Conjur Engineering at CyberArk! Brian focuses on creating products that add much-needed security and identity management to the landscape of DevOps tools and cloud systems. In the Application Security News, DJI Drone Vulnerability, Hackers are increasingly destroying logs to hide attacks, Adobe ColdFusion servers under attack from APT group, understanding Open Source Code use in your business, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode39
To learn more about Conjur, go to: www.conjur.org/asw
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!
Visit our website: https://www.securityweekly.com
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Vulnerabilities in SSD Encryption, Bypassing Windows UAC, Botnet Pwns over 100,00 routers w/ ancient security flaw, Google hit with IP Hijack, and 1 thing you can do to make your internet safer and faster! Jason Wood from Paladin Security joins us for expert commentary to discuss how Phineas Fisher got away with hacking Team Hacker!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode196
Visit https://www.securityweekly.com/hnn for all the latest episodes!
Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Dario Forte, Chief Executive Officer and Founder of DFLabs! Dario explains his journey to the position he is in now, DFLabs recent press release about Open Integration Framework, and what it allows people to do when it comes to the DFLabs platform addressing SOAR! In the Article Discussion, Matt and Paul talk the key to better focus and higher productivity, living your life on purpose, why people are willing to do more meaningful work for less money, the fundamentals of leadership, and more on this episode of Business Security Weekly!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode106
Check out Sponsor's website: www.dflabs.com/securityweekly
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Corin Imai, Senior Security Advisor for DomainTools! She joins Paul and the crew to talk about DNS, phishing tools, and tease what DomainTools has in store for 2019! In our Technical Segment, we welcome back Eyal Neemany, Senior Security Researcher at Javelin Networks to talk about securing remote administration, remote credentials, why Jump Servers arenโt as good, and he shows that you have to connect to remote machines using AD! In the Security News, Cisco accidentally released Dirty Cow exploit code, Apache Struts Vulnerabilities, Zero Day exploit published for VM Escape flaw, Spam spewing IoT botnet infects 100,000 routers, some of these vibrating apps turn your phone into a sex toy, and more on this episode of Paul's Security Weekly!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode582
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweeklyย
FreshRSS