Login
This week, we welcome Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future of Firewalls! In the Technical Segment, we discuss some Enterprise-ish Network Security hardware and software that we've incorporated here in our Security Weekly Studio! In the Security News, why it's way too easy to sell counterfeit goods on Amazon, how to defend against the runC container vulnerability, creating a dream team for the new age of cyber security, how you can get a Windows 95 emulator for Windows 10, Linux, or MAC, DEF CON goes to Washington, and InfoSec institutes top podcasts that take your computer skills to the next level!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode594
To learn more about Edgewise, visit: https://www.edgewise.net/security-weekly
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Brendan Goodwin, the Regional Cyber Director for the Northeast & Mid-Atlantic at Alfred J. Gallagher Co. Brendan comes on the show to talk about "How Cyber Insurance can Augment Your Cyber Security Strategy." In the Leadership and Communications segment, Jason Albuquerque joins Matt to discuss if boards of directors responsible for cybersecurity, cybersecurity mental health warning, how to cope with a Mid-Career Crisis, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode118
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Google paid out $3.4 million for vulnerabilities reported in 2018, hackers target WordPress sites via WP cost estimation plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for recent container escape flaw in runc published online! Jason Wood from Paladin Security joins us for expert commentary on Apple being sued over their two factor authentication!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode208
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Matt and Paul interview Gurpreet S. Sachdeva, the Assistant Vice President of Technology for Altran! Gurpreet will be discussing "Integrating Security into DevOps"! In the Application Security News, A PNG Android Vulnerability, 620 million stolen accounts for sale on the dark web, how shifting security left speeds development, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode51
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Cody Cornell, Founder and CEO at Swimlane to discuss Security Orchestration, Automation, and Response! In the Enterprise Security News, CylancePROTECT now available on AWS Marketplace, Attivo Networks enhances deception platform with forensic collection, cyber security market will reach $365.26 billion dollars by 2026, and Elevate Security raises 8 million dollars in Series A!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode127
Visit http://securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode595
To learn more about our sponsor Black Hills Information Security, visit: https://securityweekly.com/bhis
To see the SILENTTRINITY code itself on Github, visit: https://github.com/byt3bl33d3r/SILENTTRINITY
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119
Visit https://www.securityweekly.com/bsw for all the latest episodes!
SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting https://secureworldexpo.com and using the code 'SecurityWeekly'.
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored!
ย
To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, many websites threatened by highly critical code-execution bug in Drupal, UK parliament calls for antitrust, data abuse probe of Facebook, CommitStrip: Get rich quick, Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret', and more! In our second segment, we welcome Matt Springfield, is the Founder of 12Feet, Inc., an information security consulting firm based in the Dallas area! Matt has more than 23 years of information security experience spanning operations, architecture and consulting with a focus on large scale retail and service provider environments!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode52
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul is joined by Matt Alderman to discuss some Funding and M&A, such as Elevate Security announces an $8 million series A to alter employee security behavior, Armorblox raises 16.5 million in series A, Bandura Cyber raises 10 million in venture funding, and much more! In the Enterprise Security News, Capsule8 expands threat detection platform for PCI DSS, BitSight unveils peer analytics for more effective security performance management, Imperva advances autonomous application protection capabilities, and Synopsys launches Polaris Software integrity platform!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode128
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Allan Liska, Senior Solutions Architect at our sponsor Recorded Future, to talk about Catching Up To The Hype w/ Threat Intelligence! In the second interview, we welcome David Marble, President and CEO at OSHEAN Incorporated, to talk about what to expect at at this years Rhode Island Cybersecurity Exchange Day! In the Security News, YouTube controversy on ALL fronts, Cisco SOHO wireless VPN firewalls and routers open to attack, Ring doorbell flaw opens door to spying, bot plagues, free hacking toolkits, and everything you need to know about the Huawei controversy!
ย
Get Trending Threat Insights Delivered to Your Inbox, at: https://securityweekly.com/recordedfuture
OSHEAN is hosting RI Cybersecurity Exchange Day on March 13th at the O'Hare Academic Building at Salve Regina in Newport, RI! Register Now at https://OSHEAN.org/events.
ย
Full Show Notes: https://wiki.securityweekly.com/Episode596
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ben Carr, Chief Information Security Officer at Aristocrat! Prior to Aristocrat, we was VP of Strategy for Cyberbit and North America's Technical Director for Tenable! In the Leadership and Communications segment, how to make sure your board sets a good example for your company, cybersecurity is putting customer trust at the center of competition, 6 reasons your home office is better than your company office, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode120
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Keith and Paul discuss the structure and experiences of 2019's RSA Conference! In the Application Security News, WordPress accounted for 90 percent of all hacked CMS sites in 2018, Japanese police charge 13-year-old for sharing 'unclosable popup' prank online, Facebook exploit โ Confirm website visitor identities, NSA's top policy advisor: It's time to start putting teeth in cyber deterrence, study shows programmers will take the easy way out and not implement proper password security, and the CommitStrip for the week on Why check for incognito mode?
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode53
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we interview Gururaj Pandurangi, Founder and CEO at Cloudneeti, to discuss Continuous Cloud Assurance! Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj has 20 years of professional experience, a good portion of it as an early adopter of cloud technologies and building global scale cloud products like Windows Live, Bing platform, Consumer Identity and Federations. Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: - Venafi - XM Cyber - Onapsis Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More!
ย
To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti
Full Show Notes: https://wiki.securityweekly.com/ES_Episode129
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Peter Smith, Founder and CEO of Edgewise to talk about the evolution of Zero Trust! In the Security News, New WordPress flaw lets unauthenticated remote attackers hack sites, Tesla allegedly spied on and ran a smear campaign on a whistleblower, Facebook and Instagram suffer most severe outage ever, a man drives 3,300 miles to talk to YouTube about a deleted video, and what do sexy selfies, search warrants, and tax files have in common? In the final segment, we air a pre recorded interview with Carsten Willems, Co-Founder and CEO at VMRay, discussing malware sandboxing!
ย
To learn more about Edgewise, visit: https://securityweekly.com/edgewise/ To learn more about VMRay, visit: https://securityweekly.com/vmray
ย
Full Show Notes: https://wiki.securityweekly.com/Episode597 Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, Zero-Days in Counter Strike client could be used to build a major botnet, huge aluminum plants hit by 'severe' ransomware attack, Myspace loses 50 million songs in server migration, wifi signals can reveal your password, and PuTTY in your hands: an SSH client gets patched after RSA key exchange memory vulnerability was spotted! Ralf Hund from VMRay joins us for expert commentary to discuss the Evolution of GandCrab!
ย
To learn more about VMRay, visit: https://securityweekly.com/vmray
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode211
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Nick Galbreath, Co-founder and Chief Technology Officer at Signal Sciences, to discuss the Intersection of Development and Security! In the Leadership and Communications segment, How Boeing Should Have Responded to the 737 Max Safety Crisis, Digital Transformation is Not About Technology, Gartner's Top 10 Security Projects for 2019, and more!
ย
To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode121
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jamie Duncan, a recovering history major who has been at Red Hat for just over 7 years! Beginning with his role as a TAM, his focus has increasingly centered on the operations-oriented features of OpenShift, including the May 2018 publication of OpenShift In Action by Manning Publishing. Jamie has had this discussion with customers, OpenShift advocates, and technology fans on multiple continents to date. In the Application Security News, Owner of MAGA-Friendly Yelp Knockoff Threatens to Call FBI After Researcher Exposes Security Holes, Chinese Data Breach Exposes 'Breed Ready' Status Of Almost 2 Million Women, Dozens of companies leaked sensitive data thanks to misconfigured Box accounts, DARPA Is Building a $10 Million, Open Source, Secure Voting System, and much more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode54
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Enterprise Security News, I am joined by John Strand to discuss how Stackpath released new edge computing VMs, ExtraHop hires former Tenable and HPE leaders to support growth in cyber, Security professionals want to return fire to Venafi, Dragos acquires NexDefense, and 42Crunch unveils a new platform to discover API vulnerabilities and protect them from attacks! In the second segment, we air some pre recorded from RSA Conference 2019 with Endgame, Virsec, and Scythe!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode130
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Marcus Carey, CEO and Founder of ThreatCare, to talk about Tribe of Hackers, a collection of industry, career, and personal insights from 70 cybersecurity professionals! In the Security News, WordPress plugin removed after zero day discovered, why you should change your facebook password NOW, threat hunting tips to improve security operations, hacked tornado sirens taken offline ahead of a major storm, and how a white hat hacker found a new bug class in Windows! In the final segment, we run a Technical Demo with our sponsor DomainTools, all about Domain Investigation w/ DomainTools Iris! All that and more, on this episode of Paul's Security Weekly!
Full Show Notes:ย https://wiki.securityweekly.com/Episode598
To learn more about DomainTools and Iris, visit: https://securityweekly.com/domaintools
Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ian McShane, Vice President of Product Marketing at Endgame, to discuss Security ROI! In the Leadership and Communications segment, Even CEOs Should Clean Their Own Bathrooms Sometimes, Building an Effective Cybersecurity Program, How to Get Booked as a Podcast Guest, and more!
ย
To learn more about Endgame, visit:ย https://securityweekly.com/endgame
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode122
Visit https://www.securityweekly.com/bsย for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Asus pushes patch after hackers used updates to send malware, Microsoft announces Windows Defender ATP Antivirus for Mac, researchers find 36 new security flaws in LTE protocol, new settings let hackers easily pentest Facebook and Instagram Mobile Apps, and how researchers can get a free Tesla for spotting infotainment system bug! Sven Morgenroth from Netsparker joins us for expert commentary to discuss how Facebook stored hundreds of Millions of user passwords in plain text!
ย
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode212
ย
Subscribe to our YouTube channel: https://www.youtube.com/securityweekly
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mike Shema, Product Security Lead of Square! Mike joins us on the show to talk about where the wins and challenges are in AppSec! In the Application Security News, XSS Vulnerability in Abandoned Cart Plugin Leads to WordPress Site Takeover, The RedMonk Programming Language Rankings: January 2019, I Deleted Facebook Last Year; Here's What Changed (and What Didn't), CommitStrip: Over-excited, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode55
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dr. Branden R. Williams! Branden has more than twenty years of experience in business, technology, and information security as a consultant, leader, and an executive. His specialty is navigating complex landscapesโbe it compliance, security, technology, or businessโand finding innovative solutions that propel companies forward while reducing risk. In the second segment, Paul and Matt sit down with Wade Lance and Nir Greenberg of Illusive Networks at the RSA Conference 2019!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode131
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Mary Beth Borgwing, President and Founder of of the Cyber Social Club, to talk about Uniting Women in Cyber! In the Technical Segment, we welcome back our friend Chris Brenton, Chief Operating Officer at Active Countermeasures, to discuss why threat hunting is the missing link between our protection tools and our response tools, and will take a deep dive into the AI Hunter! In the Security News, Attackers exploiting IMAP to bypass MFA on O365 and G-Suite accounts, Vietnam's OceanLotus Group Ramps up hacking car companies, UC Browser violates Google Play Store Rules, & how Russia is spoofing GPS Signals on a massive scale!
ย
To learn more about Active Countermeasures and to get the slides for the Technical Segment today, visit: https://securityweekly.com/acm
Full Show Notes: https://wiki.securityweekly.com/Episode599
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Michael Murray, Chief Security Officer at Lookout! Michael joins us today to talk about Post-perimeter Security! In the Leadership and Communications segment, 94% of CIOs, CISOs have to make protection compromises, Accelerating Business Through Customer Centricity, 5 states dominating tech employment, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode123
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code, Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution, Computer virus alters cancer scan images, A Serious Apache server bug gives root to baddies in shared host environments, Cybercrime Groups Are Still Rampant on Facebook, 90% of OT organizations are cyberattack victims, Tenable Discloses Verizon Fios Router Vulnerabilities, and Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print!
Neil Butchart the SVP at Ekran, comes on the show to talk about "Is the industry broken?"
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode213
This week, we welcome Loris Degioanni from Sysdig to discuss their open source container native runtime security project called Falco! In the News segment, The Matrix turns 20, Containers are Weakest Security Leak Again, The Evolution of Application Security in the Serverless World, and more!
To learn more about Sysdig, visit: https://securityweekly.com/sysdig
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode56
Visit https://www.securityweekly.com/asw for all the latest episodes!
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
ย
Mike Weber is the Vice President of Coalfire and Rebecca Larson is the Director, Vulnerability Assessment Operations of Coalfire. Coalfire ASV Scanning: - ASV program (love, praise, struggle) - Development and growth of scanning, 1-5 person team, partnership, marketing position - Published opinion piece, getting knowledge, supporting the industry - Scan platform - RISE - movement in the company, coalfire programs, development at Coalfire - Limitations of scanning, pen testing? To learn more about Coalfire, visit:ย https://securityweekly.com/coalfire Full Show Notes:ย https://wiki.securityweekly.com/ES_Ep... Visitย http://securityweekly.com/eswย for all the latest episodes!
This last week was pretty busy with announcements and presentations from the Google Next Conference. In 2018 they previewed some security tools and this year many of them are now GA along with a lot of other developer-focused services. In the news, 3D fingerprints and unlocking Android, Ticking off another command injection, Alexa, audio, and annotations, STS no longer just for HTTP, and Hardenize goes beyond TLS.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode57 Follow us on Twitter: https://www.twitter.com/securityweekly
Will is a Partner and a Founding Investor at ForgePoint Capital. He has been an avid technology enthusiast for decades: building his first computer in elementary school and starting online businesses while completing his bachelorโs degree from the University of California, Berkeley. This week we have our quarterly segment to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also update the Security Weekly 25 index. Let's understand how the security market is doing.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode124
Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirionโs rapidly-growing security platform. Merissa Villalobos is the North America Talent Acquisition Leader for NCC Group, a global security consulting firm and has been recruiting in security for 10 years. She got her start in Virginia, at a Federal Government contractor, filling roles for the intelligence community and various Government Agencies. Jessica Gulick leads Katzcy Consulting, a growth hacker company that helps tech firms grow through strategy, market research, and digital marketing. With 20+ years in cybersecurity, she is a seasoned cybersecurity manager, marketer, consultant, and expert with a substantial network of technical and executive peers. In the news, Bitcoin mining ban considered by China's economic planner, Yahoo strikes $117.5 million data breach settlement, Serious flaws leave WPA3 vulnerable to hacks that steal Wi-Fi passwords, WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy, and How HTML5 Ping Is Used in DDoS Attacks.
Full Show Notes: https://wiki.securityweekly.com/Episode600
Follow us on Twitter: https://www.twitter.com/securityweekly
Follow us on Twitter: https://www.twitter.com/securityweekly
This week, the Apache Tomcat Patches Important Remote Code Execution Flaw, New variants of Mirai botnet detected, targeting more IoT devices, Hackers used credentials of a Microsoft Support worker to access users' webmail, TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids, Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest, Security weakness in popular VPN clients, and Open Source Tool From FireEye Automates Analysis of Flash Files! In the expert commentary, Jason Wood talks about The Impact of Cyber Warfare! All that and more, on this episode of Hack Naked News!
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode214
This week, we interview Matt Cauthorn, VP of Cyber Security Engineering at ExtraHop, to discuss "The Three Horsemen of SOC Intel"! In the news segment, Solarwinds to acquire Samanage for $350M, Tufin goes public, and Tenable releases Predictive Prioritization. And this week, our third segment airs our interview with Matt Tierney from Endgame for InfoSec World 2019. So stay tuned, for all that and more, on this episode, of Enterprise Security Weekly! To get involved with ExtraHop, vist: https://securityweekly.com/extrahop
Full Show Notes: https://wiki.securityweekly.com/ES_Episode133
Visit http://securityweekly.com/eswย for all the latest episodes!
This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores, and how attackers are weaponizing more vulnerabilities than ever before! In the expert commentary, we welcome Itai Tevet, CEO of Intezer, to talk about Linus threats, recent Mirai variants, and general code reuse in the cyber space!
ย
To learn more about Intezer, visit: https://securityweekly.com/intezer
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode215
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Thomas Hatch, the creator of the Salt open source software project, and is the CTO of SaltStack, the company behind Salt! In the Application Security News, Breach at IT outsourcer Wipro, SCP serves the file it wants, Confluence Path traverses to RCE, another Local PrivEsc on Windows, easier sandboxing for C and C++ APIs, and Computer Science plus Ethics!
ย
To learn more about SaltStack, visit: https://securityweekly.com/saltstack
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode58
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Adam Fletcher, Chief Information Security Officer for Blackstone! In the Leadership and Communications segment, 5 Ways to Find Natural Leaders for Your Team, Business Wisdom Learned From Bomb Squad Experts And Their Commanders, Why Rest Is Essential To High Performance, 4 Ways Working Dads Can Make More Time for Family, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode125
Please join Adam and other CISOs at the Global Cyber Innovation Summit by visiting https://globalcybersummit.org/request-information to request your invitation.
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Paul Asadoorian is joined by Matt Alderman, as we interview Francis Dinha, the CEO of OpenVPN! In the Enterprise News, ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS, Tenable Integrates with Google Cloud Security Command Center, Capsule8 to help Google Cloud SCC members consolidate findings and speed up response, and Evident and Okta partnership simplifies identity verification and reduces risk for businesses! In the final segment, Security Legend Dave Kennedy sits down with our Founder and CTO Paul Asadoorian at InfoSec World 2019 to discuss his company Binary Defense and how they're helping the Security community!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode134
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Haroon Meer, CEO and Researcher at our sponsor Thinkst, to talk about why hackers should create companies, and some of the technical details behind Thinkts' tool Canary! In the second segment, we welcome Gururaj Pandarangi, CEO and Co-Founder of Cloudneeti, to talk about how their SaaS product is delivering continuous cloud security and compliance assurance to businesses! In the Security News, serious vulnerabilities found in fujifilm x-ray devices, facebook could be fined 5 billion over privacy violations, preinstalled malware on bootleg streaming devices, hackers using SIM swapping to steal cryptocurrency, and how a 29 year old computer scientist created the algorithm that took the first ever picture of a black hole!
ย
To learn more about Thinkst, visit: https://securityweekly.com/canary
To learn more about CloudNeeti, visit: https://cloudneeti.com/securityweekly
Full Show Notes: https://wiki.securityweekly.com/Episode601
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Larry Maccherone, Senior Director of Comcast, to talk about the world of SecOps vs. DevSecOps! In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API Protection, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode59
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, how a politicians' kids accessed his laptop through facial recognition, critical flaws in WordPress and Qualcomm chips, how 2 million IoT security cameras and baby monitors are vulnerable to takeover, and how a new Emotet variant uses connected devices as proxy C2 servers! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Microsoft is telling IT admins to nix 'obsolete' password reset practices!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode216
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Craig Sandman, President and Co Founder of Symbol Security, a Cyber Security SaaS company with a mission to reduce corporate risk through Security Awareness Education! Craig will discuss Security Awareness, Education, and Training! In the Leadership and Communications segment, 5 Myths about Strategy, The making of a technology leader, Want Fewer Employees to Quit? Listen to Them, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode126
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jay Prassl, CEO of Automox joins us to discuss Patch Management struggles and how to overcome them! In our second interview, we're joined by Josh Abraham in studio, who is a Staff Engineer at Praetorian, to talk about the MITRE attack framework for defenders! In the Enterprise news, ThreatConnects new features make creating security playbook's easier, SolarWinds adds password management to security portfolio, Checkpoint Systems announces HALO IoT platform, and BlackHat USA offers an inside look at Intel's security engine!
ย
To get involved with Automox, visit: https://securityweekly.com/automox
Why Praetorian Benchmarks to MITRE ATT&CK: https://p16.praetorian.com/blog/why-praetorian-benchmarks-to-mitre-attack
Full Show Notes: https://wiki.securityweekly.com/ES_Episode135
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Philip Niedermair, CEO at the National Cyber Group, to discuss the National Cyber Education Program! In our second interview, we welcome back Josh Abraham, Staff Engineer at Praetorian, to talk about the MITRE attack framework for attackers! In the Security News, how Tenable experts found 15 flaws in wireless penetration systems, Julian Assange refused exfiltration to the US, PoC exploits for old SAP config flaws increase risk of attacks, and how 1.75 million dollars was stolen from a Church through a phishing attack!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode602
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Sven Morgenroth, Security Researcher at Netsparker to talk about securing our applications, web applications, and how we can make it easier to build applications! In the AppSec News, Firefox gives more scrutiny to add-ons but Firefox also forgot to give more scrutiny to a cert, Path traversals trampled by ransomware, Secure Software Design: The Next Frontier In Cybersecurity, Trust the Stack, Not the People, VRT adds a CAN, and MDM, parental controls, and security!
ย
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode60
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, software flaw exposed most dell computers to remote hacking, Israel neutralizes cyber attack by blowing up a building with hackers, an expert that found hundreds of vulnerable Jenkins plugins, a bug in Mirai code allows crashing C2 servers, and how researchers discovered a highly stealthy Microsoft Exchange Backdoor! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Japan is developing a computer virus to fight cyber attacks!
ย
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode217
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, Matt, Jason, and Paul do a recap on the Global Cyber Innovation Summit that was held in Baltimore last week! In the Leadership and Communications segment, How to build a startup, You Don't Have To Be Nice To Be Respected. Boeing and the Importance of Encouraging Employees to Speak Up, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode127
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Nik Whitfield, CEO at Panaseer, to talk about Continuous Controls Monitoring! In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! In our final segment, we have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium!
ย
Full Show Notes: https://wiki.securityweekly.com/ES_Episode136
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Lesley Carhart, Principal Threat Analyst at Dragos Inc., to talk about moving from IT security to OT security, DFIR in ICS, and more! In the second segment, we welcome Chris Sanders, Founder of Applied Network Defense & Director of the Rural Technology Fund, to talk about delivering high quality IT training and donating scholarships and equipment to further education in schools! In the Security News, the top 5 mistakes that create field days for hackers, WordPress 5.2 brings new security features, a discontinued Insulin pump with security a security flaw in high demand, and how to communicate privately in the age of digital policing!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode603
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Derek Weeks joins us to talk about DevSecOps and Securing Software Supply Chains! Derek is the VP and DevOps Advocate at Sonatype! In the Application News, Chrome constrains the cookies and Edge pushes privacy, Windows builds a sandbox for Linux, Android Q for more quarantined code with more LLVM features, Steve Singh stepping down as Docker CEO, and Verizon releases its 2019 DBIR!
ย
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode61
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication!
ย
To learn more about Secfense, visit: https://securityweekly.com/secfense
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jon Fredrickson, Information Security Officer at Blue Cross & Blue Shield of Rhode Island! In the Leadership and Communications segment, Transformational leadership style inspires 'moonshot goals', How to Deal With Information Overload, The surprising secret of success: it's not about winning, and more!
ย
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode128
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Ferruh Mavituna, CEO and Founder at our sponsor Netsparker, to talk about centralization of web application security in large enterprises! In the Enterprise News, Atos launches a new unified cloud identity and access management solution, ExtraHop announces new panorama partner program, SysDig and In-Q-Tel partnership to provide U.S. government agencies with the SysDig Cloud Native VSP, and LogRhythm releases a Cloud Based NextGen SIEM platform! In our final segment, we talk about Enterprise Open-Source Firewalls!
ย
To learn more about Netsparker, visit: https://netsparker.com/securityweekly
Full Show Notes: https://wiki.securityweekly.com/ES_Episode137
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Julian Zottl, Cyber and Information Operations SME at Raytheon, to talk about defending against advanced adversaries! In the second segment, we welcome Federico Simonetti, CTO of Xiid Corporation, to talk about how to fix identity and access management! In the Security News, Singapore passes an anti-fake news law, WhatsApp Vulnerability Exploited to Infect Phones with Israeli Spyware, major security issues found in Cisco routers, and Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability!
ย
Full Show Notes: https://wiki.securityweekly.com/Episode604
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Cody Wood, AppSec Product Support Engineer at Signal Sciences! In the AppSec News, Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and even resuscitates a patch process for XP, Microsoft's Attack Surface Analyzer gives DevSecOps teams more data, Clear design goals for better privacy and security, and Google Security blogs that basics are best!
ย
To get involved with Signal Sciences, visit: https://securityweekly.com/signalsciences
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode62
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Unistellar attackers wiped over 12,000 MongoDB databases, a Slack bug that allows remote file hijacking, Baltimore ransomware nightmare could last weeks more, over 25,000 smart Linksys routers are leaking sensitive data, and Huawei's microchip vulnerability explained! In the expert commentary, we welcome Charles Thompson, Senior Director of Product Management at VIAVI to talk about Security Forensics!
ย
To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi
Full Show Notes: https://wiki.securityweekly.com/HNNEpisode219
Visit https://www.securityweekly.com/hnn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Ferruh Mavituna, Founder and CEO of Netsparker! Ferruh will be discussing the discover and scan perspective of applications, how to handle in-house written applications vs. ones that are acquired, and more! In the Leadership and Communications segment, don't let your expertise narrow your perspective, don't be blinded by your own expertise, and the smartest cities in the future of urban development!
ย
To get involved with Netsparker, visit: https://securityweekly.com/netsparker
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode129
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Visit our website: https://www.securityweekly.com
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Corey Thuen, Co-Founder of Gravwell, to talk about focusing on the basics that sustain us! In our second interview, we welcome Candy Alexander, President of the Information Systems Security Association for an interview! In the Enterprise News, ThreatQuotient expands integration with MITRE ATT&CK Framework, JASK launches a new Heads Up Display for security operations centers, and we have some acquisition and funding updates from Guardicore, Auth0, and KnowBe4!
ย
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
Full Show Notes: https://wiki.securityweekly.com/ES_Episode138
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
FreshRSS 