Login
This week, we welcome Jason Nickola, COO and Senior Security Consultant at Pulsar Security, to talk about Building An InfoSec Career! In our second segment, we welcome back Sven Morgenroth, Security Researcher at Nesparker, to talk about HTTP Security Headers In Action! In the Security News, Hackers target the air-gapped networks of the Taiwanese and Philippine military, Stored XSS in WP Product Review Lite plugin allows for automated takeovers, Remote Code Execution Vulnerability Patched in VMware Cloud Director, Shodan scan of new preauth RCE shows 450k devices at risk including all QNAP devices, and The 3 Top Cybersecurity Myths & What You Should Know!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode652
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on the Wrap Up, Danny Trejo, COVID-19 Contact Tracing, SaltStack, and lots of hacked Supercomputers with cool names!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode36
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how RSA Conference 2021 Changes Date from February to May 2021, Docker partners with Snyk on container image vulnerability scanning, Venafi acquires Jetstack to bring together developer speed and enterprise security, Onapsis expands assessments for its Business Risk Illustration service, Volterra launches VoltShare to simplify the process of securely encrypting confidential data end-to-end, and more! In our second segment, we welcome Dan DeCloss, President & CEO of PlexTrac, to talk about Managing Enterprise Security Assessments! In our final segment, we welcome DJ Sampath, Co-Founder & CEO of Armorblox, to discuss Dealing with Phishing Attacks Outside Of Email!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode184
To learn more about PlexTrac or to claim your Free Month, visit: https://securityweekly.com/plextrac
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Ann Cleaveland, the Executive Director of the Center for Long-Term Cybersecurity, a research and collaboration think tank housed within the University of California, Berkeley School of Information! We have the pleasure of having Ann for the entire show today in this two part interview!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode29
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug returns to the studio, to discuss how DEFCON is Cancelled, Many Applications have Security flaws, Verizon Security Report for 2019, The FBI and DoJ want encryption backdoors, and Space, the final Frontier! The Master of Commentary Jason Wood joins us to talk about how a Ransomware Gang Was Arrested for Spreading Locky to Hospitals!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode35
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Mike Adler, Vice President of RSA NetWitness Platform at RSA Security, for a conversation on the question: Is the Virtual SOC Our "New Normal"? In the Leadership and Communications segment, Burnt out CISOs are a huge cyber risk, to build strategy, start with the future, 78% of Organizations Use More than 50 Cybersecurity Products to Address Security Issues, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode174
To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity
To check out the RSA NetWitness Platform (SIEM and integrated EDR), visit: https://www.rsa.com/en-us/products/threat-detection-response
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jack Zarris, Senior Sales Engineer at Signal Sciences, to talk about Using Rate Limiting to Protect Web Apps and APIs! In our second segment, we welcome Tim Mackey, Principal Security Strategist at Synopsys, to discuss the Highlights From the New Open Source Security and Risk Analysis Report!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode108
To learn more about Synopsys, visit: https://securityweekly.com/synopsys
To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Mike Nichols, Head of Product at Elastic Security, to talk about MITRE ATT&CK & Security Visibility: Looking Beyond Endpoint Data! In our second segment, we welcome back Harry Sverdlove, Founder and CTO of Edgewise Networks, to discuss Securing Remote Access, Quarantines, and Security! In the Security News, Palo Alto Networks Patches Many Vulnerabilities in PAN-OS, Zerodium will no longer acquire certain types of iOS exploits due to surplus, New Ramsay Malware Can Steal Sensitive Documents from Air-Gapped Networks, vBulletin fixes critical vulnerability so patch immediately!, U.S. Cyber Command Shares More North Korean Malware Variants, and The Top 10 Most-Targeted Security Vulnerabilities!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode651
To learn more about Elastic Security, visit: https://securityweekly.com/elastic
To view the Elastic Dashboard of MITRE ATT&CK Round 2 Evaluation Results, visit: https://ela.st/mitre-eval-rd2
To learn more about Edgewise Networks or to request a Demo, visit: https://securityweekly.com/edgewise
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug wraps up all the shows across our network, including the Show News, Bunny Lebowski's toes, STAMINA, RAMSAY, and US-Cert Vulnerabilities!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode34
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how GitHub Code Scanning aims to prevent vulnerabilities in open source software, SlashNext Integrates with Palo Alto Networks Cortex XSOAR to Deliver Automated Phishing IR and Threat Hunting, Portshift Announces Extended Kubernetes Cluster Protection, Vigilant Ops InSight Platform V1 automatically generates device software bill of materials, and more! In our second segment, we welcome Georges Bellefontaine, Manager of Vulnerability Management at Toyota Financial, to discuss the approach to vulnerability management and the benefits of a full life-cycle approach to vulnerability management with Qualys' VMDR Solution! In our final segment, we welcome Sid Nanda, Senior Product Marketing Manager at VIAVI Solutions, to talk about Using the Network to Reduce Remediation Costs!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode183
To learn more about Qualys VMDR, visit: https://securityweekly.com/qualys
To learn more about VIAVI Solutions, visit: https://securitweekly.com/viavi
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jake Williams, Founder and Principal Consultant at Rendition Infosec, to talk about Security vs. Compliance: Where are the overlaps? Where are the differences?
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode28
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Dr. Mike Lloyd, CTO at RedSeal, to talk about Lessons for Cybersecurity From a Pandemic! In the leadership and communications section, Top 5 Tactical Steps for a New CISO, Good Leadership Is About Communicating Why , 5, ok maybe only 4, CISO Priorities During the COVID-19 Response, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode173
To learn more about RedSeal, visit: https://securityweekly.com/redseal
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Security Weekly News, DEFCON 28 is indeed cancelled, Paying Ransomware may double the recovery cost, ThunderSpy evil maid attack on thunderbolt devices, FBI to release a warning about Chinese hackers targeting virus research, and more! Jason Wood returns for the Expert Commentary to talk about Four GDPR Violations that multiple companies have been fined for!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode33
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Joe Garcia, DevOps Security Engineer at CyberArk, to discuss How Can Security Work TOGETHER, Not Against, Developers! In the Application Security News, Cloud servers hacked via critical SaltStack vulnerabilities, Samsung Confirms Critical Security Issue For Millions: Every Galaxy After 2014 Affected, Mitigating vulnerabilities in endpoint network stacks, Microsoft Shells Out $100K for IoT Security, and Secure your team s code with code scanning and secret scanning!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode107
To learn more about CyberArk, visit: https://securityweekly.com/cyberark
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White wraps up the hot topics and interviews across all of our shows on the network! Then delving into some of the top news stories like No more foreign power equipment, AppleGoogle bans the use of GPS in tracking, power supply oohs and aahs, and the Love Bug Remembered!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode32
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Elgee, Major at the Massachusetts Army National Guard, and Jim McPherson, Cyber Security Analyst, to talk about Public utility security and the National Guards support! In our second segment, we welcome back Mick Douglas, Founder and Owner of InfoSec Innovations, to discuss Project Fantastic - Bringing The CLI to GUI Users! In the Security News, Naikon APT Hid Five-Year Espionage Attack Under Radar, PoC Exploit Released for DoS Vulnerability in OpenSSL, 900,000 WordPress sites attacked via XSS vulnerabilities, Kaiji, a New Linux Malware Targets IoT Devices in the Wild, Another Stuxnet-Style Vulnerability Found in Schneider Electric Software, and remembering the ILOVEYOU virus!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode650
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how Microsoft is to buy Israeli cybersecurity startup CyberX, ExtraHop Data Shows Shifts in IoT Device Usage During COVID-19 Have Broad Security Implications, Immuta and Snowflake help customers share data with automated privacy protection, Code42 Integrates with Palo Alto Networks Cortex XSOAR to Speed and Automate Insider Threat Incident Response, and more! In our second segment, we welcome Matt Cauthorn and Ted Driggs of ExtraHop, to talk about Why the Cloud Stall is Now the Cloud Surge! In our final segment, we welcome Justin Buchanan, Senior Manager of Solutions, Vulnerability Management and Offensive Security at Rapid7, to discuss Effective Goal Setting and Tracking!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode182
To learn more about Rapid7, or to request a Demo, visit: https://securityweekly.com/rapid7
To learn more about ExtraHop, visit: https://securityweekly.com/extrahop
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Today we will discuss the PCI DSS and some of its myths, misunderstandings, and misconceptions, including: Why most vendors don't understand how their products fit within PCI, The six overall goals of the PCI DSS, Why PCI is perceived as a check box program, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode27
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Hackers are using infected movie downloads to spread malware to PC, Esoteric Exfiltration using Power Supplies on Airgapped machines, US Government bans purchase of bulk power system equipment from hostile foreign powers, Eventbot malware targets banking apps on Android Phones, and Apple makes it easier to unlock your phone while wearing a mask! In the Expert Commentary, we welcome Corey Thuen, Co-Founder at Gravwell, to discuss how Gravwell is built to ingest data from anything for collection and correlation with logs, security events, or network packets. They're releasing Packetfleet open source as a tool that makes it easier to do on-demand packet capture from multiple locations!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode31
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
ย
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Graeme Payne, President at Cybersecurity4Executives, to discuss Impacts of a Data Breach! During the Equifax 2017 Data Breach, Graeme Payne was Senior Vice President and CIO of Global Corporate Platforms. He was fired the day before the former Chairman and CEO of Equifax testified to Congress that the root cause of the data breach was a human error and technological failure. Graeme would later be identified as the human error . In the Leadership and Communications Segment, CISO position burnout causes high churn rate, 7 Rules for Staying Productive Long-Term, Now Is an Unprecedented Opportunity to Hire Great Talent, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode172
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Gareth Rushgrove, Director of Product Management at Snyk, to talk about Modern Application Security and Container Security! In the Application Security News, Psychic Paper demonstrates why a lack of safe and consistent parsing of XML is disturbing, Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams, Salt Bugs Allow Full RCE as Root on Cloud Servers, and Love Bug's creator tracked down to repair shop in Manila!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode106
To learn more about Snyk, visit: https://securityweekly.com/snyk
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Security Weekly News Wrap Up, Doug White talks Brute Forcing Returns, Zero Days in Salt and SOPHOS, COVID Tracking APPS and privacy, Drones delivering drugs, Digital Identity, and no more double spacing at the end of a sentence!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode30
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jeremy Miller, CEO of the SecOps Cyber Institute, and Philip Niedermair, CEO of the National Cyber Group, to talk about Fighting the Cyber War with Battlefield Tactics! In our second segment, we talk Security News, discussing How to encrypt AWS RDS MySQL replica set with zero downtime and zero data loss, how Cybercriminals are using Google reCAPTCHA to hide their phishing, the NSA shares a list of vulnerabilities commonly exploited to plant web shells, Using Pythons pickling to explain Insecure Deserialization, and how Half a Million Zoom Accounts were Compromised by Credential Stuffing and Sold on the Dark Web! In our final segment, the crew talks accomplishing asset management, vulnerability management, prioritization of remediation, with a Deep Dive demonstration of the Qualys VMDR end-to-end solution!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode649
To learn more about Qualys and VMDR, please visit: https://securityweekly.com/qualys
Link to the Cyberspace Solarium Commission (CSC): https://www.solarium.gov/
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how Obsidian Security lets security teams monitor Zoom usage, Guardicore Infection Monkey now maps its actions to MITRE ATT&CK knowledge base, Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture, Netskope's security controls and protection now available for Microsoft Teams, Why You Need Both SIEM and SOAR Solutions in your Cybersecurity Ecosystem, and more! In our second segment, we welcome Gerald Beuchelt, Chief Information Security Officer of LogMeIn, to discuss the Security Challenges When Working Remotely and Enabling a Remote Workforce! In our final segment, we welcome Wim Remes, CEO & Principal Consultant of Wire Security, to talk about How to Build an Enterprise Security Team, including How to Find the Right People!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode181
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Joe Brinkley, Director Offensive Security at ACTIVECYBER, to discuss Cyber and Disabilities! We're taking a different angle on compliance today; talking to Joe Brinkley, the "Blind Hacker"!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode26
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on the Security Weekly News, Shade Ransomware End of Life, Microsoft vulnerability in Teams can allow hijacking of accounts, Two spaces after a period now decreed a "typo", Israel reports attacks on SCADA Water Systems, Microbes have memory and the use of biofilm to create a biological computing environment, and more! In the Expert Commentary, Jason Wood discusses how Agent Tesla was delivered by the same phishing campaign for over a year!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode29
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome David Spark, Producer of the CISO Series, to discuss how relations are improving between buyers and sellers of security products! In the Leadership and Communications segment, Executives and Boards, Avoid These Missteps in a Crisis, Strategizing a return to the office, How to Answer an Unanswerable Question, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode171
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Avi Douglen, Founder and CEO of Bounce Security, to talk about Threat Modeling in Application Security, DevSecOps, and how Application Security is mapping Security culture! In the Application Security News, Nintendo Confirms Breach of 160,000 Accounts via a legacy endpoint, NSA shares list of vulnerabilities commonly exploited to plant web shells, Code Patterns for API Authorization: Designing for Security, Health Prognosis on the Security of IoMT Devices? Not Good, and 8 Tips to Create an Accurate and Helpful Post-Mortem Incident Report!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode105
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Steven Bay, Director of Security Operations at Security On-Demand, to talk about Insider Threats! In our second segment, we welcome Patrick Laverty, Conference Organizer at Layer8 Conference, and Ori Zigindere, Co-Founder of WorkshopCon, to discuss all things Layer8 Conference and WorkshopCon! In the Security News, Zoom releases 5.0 update with security and privacy improvements, Zero-click, zero-day flaws in iOS Mail 'exploited to hijack' VIP smartphones, NSA shares list of vulnerabilities commonly exploited to plant web shells, Legions of cybersecurity volunteers rally to protect hospitals during COVID-19 crisis, & the Top 10 In-Demand Cybersecurity Jobs in the Age of Coronavirus!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode648
To sign up for the Layer8 Conference, please visit: https://layer8conference.com/
To watch our interview with Steven Bay on Enterprise Security Weekly #170, visit: https://youtu.be/nbnSSiVUSSw
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on the Security Weekly News Wrap Up, Cyber Justice League volunteers working with healthcare in the COVID-19 plague, Android 8.0-9.0 Bluetooth zero click RCE - Bluefrag, IBM refuses to patch 4 zero days and so, they are released on github, Audits Don't solve security problems, and Hack a satellite with the US Air Force CTF!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode28
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss F-Secure launching protection and response service to protect remote workers, Sectigo and Infineon integrate to advance IoT security with automated certificate provisioning, Enhanced continuous threat detection and secure remote access with the Claroty Platform, and some acquisition and funding updates from SafeBreach, Swimlane, & Syncurity! In our second segment, we welcome Mark Orsi, President of the Global Resilience Federation, to talk about the Business Impacts and Security Risks with Working from Home! In our final segment, we welcome Peter Warmka, Founder of the Counterintelligence Institute, to discuss how The Threat of Social Engineering Goes Well Beyond Phishing!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode180
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome our Founder and CTO of Security Weekly, Paul Asadoorian, to talk about his vision for Security Weekly Productions and how Security & Compliance Weekly fits into the mix! In the Security and Compliance News, Back to basics: The GDPR and PCI DSS, Why Compliance is for Guidance, Not a Security Strategy, Cognizant hit by 'Maze' ransomware attack, Audits Don't Solve Security Problems, Contact Tracing Apps Attempt to Balance Necessary Public Health Measures With User Privacy, and more!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode25
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Summer Fowler, Co-Chair of the Leadership Board for InfoSec World Conference, to discuss how this is an excellent opportunity for Executive, Management, and Technical teams to attend a conference together to learn more about both the business of cyber security and the latest in technical capabilities! In the Leadership and Communications segment, Leaders, Do You Have a Clear Vision for the Post-Crisis Future?, 3 recession scenarios and their impact on tech spend, Supply chain transparency: Technology, partnership and progress, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode170
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on the Security Weekly News, COVID-19 affects web traffic and attack trends, Hackers continue to exploit patched Pulse Secure VPN Flaws, Starbleed: Flaw in FPGA chips exposes safety-critical devices to attacks, COVID-19's impact on Tor, and more! Jason Wood delivers the Expert Commentary on how Attackers Are Not Letting This Crisis Go To Waste!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode27
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Rebecca Black, Senior Staff Application Security Engineer at Avalara, to talk about Building an AppSec Ecosystem! This week in the Application Security News, JSON Web Token Validation Bypass in Auth0 Authentication API, Mining for malicious Ruby gems, A Brief History of a Rootable Docker Image, Privacy In The Time Of COVID, and Threat modeling explained: A process for anticipating cyber attacks!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode104
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Wade Woolwine, Principal Threat Intelligence Researcher at Rapid7 to talk about Threat Intel Program Strategies! In our second segment, we welcome Magno Gomes, Director of Sales Engineering at Core Security (a HelpSystems Company), to discuss Penetration Testing to Validate Vulnerability Scanners! In the Security News, How to teach your iPhone to recognize you while wearing a mask, Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic, VMware plugs critical flaw in vCenter Server, Russian state hackers behind San Francisco airport hack, and Macs Are More Secure, and Other Jokes You Can Tell Yourself!
ย
To learn more about Core Security, visit: https://securityweekly.com/coresecurity
To learn more about Rapid7 or to request a demo, visit: https://securityweekly.com/rapid7
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode647
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week in the Security Weekly News Wrap Up Show, Doug White covers the hot topics and and stories across all our shows on the Security Weekly Network! How to teach your iPhone to recognize FACE ID while wearing a mask, Energetic bear behind SFO Airport site hacks, Hackers are targeting critical healthcare facilities with ransomware during the pandemic, Cyber insurance providers using "act of war" exclusion in reference to "cyberwar" in notPetya Claims, and more!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode26
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how NeuVector adds to container security platform and automates end-to-end vulnerability management, Sysdig Expands Unified Monitoring Across IBM Cloud Services Globally, Optiv Hires Deloitte Stalwart Kevin Lynch as Chief Executive Officer, Illusive Networks Integrates with Infoblox to Speed Deployment, and Microsoft's April 2020 Patch Tuesday arrives with fixes for 3 zero-day exploits and 15 critical flaws! In our second segment, we welcome Terry McCorkle, Founder and CEO of PhishCloud, to discuss Phishing's effect on the Corporate Culture! In our final segment, we welcome Tim Williams, Founder and CEO of Index Engines, to talk about how Testing is the Missing Link for Protecting Your Data Against a Ransomware Attack!
ย
Show Notes: https://wiki.securityweekly.com/ESWEpisode179
Visit https://www.securityweekly.com/esw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jeffrey Smith, Managing Partner at Cyber Risk Underwriters, to sell us Cyber Insurance, and how he wants to take on the skeptics (e.g. the SCW hosts) about the role that Cyber Insurance plays in security! Jeffrey stays on for the Security and Compliance News, to talk about how Cyber Insurance in playing out in the real world, or at least how it's showing up in the news!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode24
Visit https://www.securityweekly.com/scw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, it's our Security Money show, where we'll review the Security Weekly 25 Index and all the financial updates for both the public and private security markets! In the Leadership and Communications segment, the 3 stages of adapting to a crisis, build a culture that aligns to people's values, stop, start, defer: how companies are navigating technology spend in a crisis, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode169
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Brad Geesaman, Co-Founder of Darkbit, to talk about Making Kubernetes a Hostile Place for Attackers! In the Application Security News, Zoom Taps Ex-Facebook CISO Amid Security Snafus, Lawsuit, How we abused Slack's TURN servers to gain access to internal services, Moving from reCAPTCHA to hCaptcha, Automate Security Testing with ZAP and GitHub Actions, Shift-Right Testing: The Emergence of TestOps, and Building Secure and Reliable Systems!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode103
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week on the Security Weekly News, Checkpoint Global Threat Index moved Dridex to third place, Dutch Telco towers damaged by 5G protestors, CyberCube reports indicate Increased targeting of C-Suite employees, Cybercrime may be the world's third-largest economy by 2021, and Jason Wood joins for the Expert Commentary on how WooCommerce Falls to Fresh Card-Skimmer Malware!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode25
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we bring you one of Security Weekly's very own, Tyler Robinson, Managing Director of Network Operations at Nisos, for a Technical Segment titled: To Hunt or Not To Hunt: Using offensive tooling to obtain OSINT and Real-Time Intelligence on a subject of interest for hunting or targeting! In our second segment, we talk Security News, to discuss Vulnerabilities in B&R Automation Software Facilitate Attacks on ICS Networks, Using AWS to secure your web applications, Serious Vulnerabilities Patched in Chrome & Firefox, Email Provider that got Hacked & Data of 600,000 Users is Now being Sold on the Dark Web, and As if the world couldn't get any weirder, this AI toilet scans your anus to identify you! In our final segment, we air a pre recorded interview with Jeff Man, entitled "Tales from the Crypt...Analysts pt.2", discussing many myths, legends and fables in hacker history!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode646
Visit https://www.securityweekly.com/psw for all the latest episodes!
To view ngrok, visit: https://www.ngrok.com/
To check out the Trape tool, visit: https://github.com/jofpin/trape
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you the latest on the Security Weekly Network in the Weekly Wrap Up, discussing Soaring phone calls, analprints, yes, I said that correctly, snake oil, Grace Hopper's ghost, and COBOL. No one has ever said all those things in a single sentence in the history of the world. All this and more on the Security Weekly News Wrapup.
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode24
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss how Ping Identity's PingID multi-factor authentication is now available in AWS Marketplace, 8,000 Unprotected Redis Instances Accessible From Internet, Tufin Announces Free Firewall Change Tracker to Enhance Network Security and Connectivity for Remote Workforces, Simple Advanced Persistent Threat Emulation with BreakingPoint Attack Campaigns from Ixia, and more! In our second segment, we welcome back Ferruh Mavituna, CEO and Founder of Netsparker, to talk about the Time to Measure Security Improvement in Application Security! In our final segment, we air a pre recorded interview from RSAC 2020 with Ed Bellis, Co-Founder and Chief Technology Officer at Kenna Security, discussing Moving Towards Modern Vulnerability Management!
ย
To learn more about Netsparker, visit: https://securityweekly.com/netsparker
Show Notes: https://wiki.securityweekly.com/ESWEpisode178
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Golden, Board Member for the Accreditation Body, as he will answer questions surrounding the DOD's release of the CMMC program to keep the amount of false information to a minimum!
ย
Show Notes: https://wiki.securityweekly.com/SCWEpisode23
To view the CMMC Model, visit: https://www.acq.osd.mil/cmmc/docs/CMMC_v1.0_Public_Briefing_20200131_v2.pdf
ย
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Richard Clarke to discuss his new book, The Fifth Domain, and the need for cyber resilience, especially these days! In the Leadership and Communications segment, 4 Behaviors That Help Leaders Manage a Crisis, The Right Way to Keep Your Remote Team Accountable, 15 Steps to Take Before Your Next Video Call, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode168
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Zoombombers threatened with jail time by FBI, Cybercriminals are trying to cash in on Zoom use, How to protect your Zoom calls, Bad Bots in 2020, CyberHero Comics: Defending your Health, and zoom configurations along with the lack of effective zooming on the zoom camera application!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode23
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Grant Ongers, Co-Founder of Secure Delivery, to discuss why "You re (probably) Doing AppSec Wrong"! In the Application Security News, Zoom is gaining lots of attention for flaws, Popular Digital Wallet Exposes Millions to Risk in Huge Data Leak, 12k+ Android apps contain master passwords, secret access keys, secret commands in not-so-secret client-side code identified by a research tool Inputscope, and more!
ย
Show Notes: https://wiki.securityweekly.com/ASWEpisode102
Visit https://www.securityweekly.com/asw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Matt Allen, Senior Solutions Engineer at VIAVI Solutions, to discuss Collaboration between NetOps and SecOps in today's world! In our second segment, we welcome Lorrie Cranor, Director of CyLab Security and Privacy Institute at Carnegie Mellon University, to discuss Research on Security and Privacy labels for IoT devices! In the Security News, Two Zoom Zero-Day Flaws Uncovered, Millions of routers running OpenWRT vulnerable to attack, Marriott says 5.2 million guest records were stolen in another data breach, PoC Exploits for CVE-2020-0796 (SMBGhost) Privilege Escalation flaw published, and we welcome our very special guest for tonight, Dave Kennedy, who joins us to talk about Video Chat Client Vulnerability History and the recent Zoom Vulnerabilities!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode645
For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi
Visit https://www.securityweekly.com/psw for all the latest episodes!
ย
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to discuss OWASP Security Knowledge Framework, How to Write an Automated Test Framework in a Million Little Steps, Sumo Logic Selects StackRox to Protect Its Cloud-Native Applications and Services, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, and Windows users under attack via two new RCE zero-days! In our second segment, we welcome Sumedh Thakar, Chief Product Officer at Qualys, to talk about Cybersecurity Challenges Created by a Remote Workforce! In our final segment, we welcome Tod Beardsley, Director of Research at Rapid7, to discuss SMB exposures and User Behavior Analytics failures, using findings from Rapid7 Research Labs!
ย
To learn more about Qualys, visit: https://securityweekly.com/qualys
To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7
Show Notes: https://wiki.securityweekly.com/ESWEpisode177
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you the latest and greatest news across all of our shows on the network, as well as all of the hot topics this week! Doug discusses Zoombombing, Russian Hackers, Zuck turns over the controls to the AIs, free cybersecurity products to help out, Chubb hacked, and more!
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode22
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome David Walter, Vice President, RSA Archer and RSA Cloud at RSA Security, to discuss Compliance Risk Challenges! In our second segment, we welcome Kevin Haynes, Chief Privacy Officer at Nemours Children's Health System, to talk about Nemours' use of RSA Archer to manage Compliance Risk!
ย
To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity
Show Notes: https://wiki.securityweekly.com/SCWEpisode22
ย
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Jeff Costlow, Deputy CISO at ExtraHop, to discuss Protect Your Assets According to Their Value! In the Leadership and Communications segment, Matt, Jason, and Paul discuss Real Leaders: Abraham Lincoln and the Power of Emotional Discipline, Social Distancing: 15 Ideas for How to Stay Sane, Rethink Your Relationship with Your Vendors, and more!
ย
To learn more about ExtraHop, visit: https://securityweekly.com/extrahop
Show Notes: https://wiki.securityweekly.com/BSWEpisode167
ย
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings you the latest news for this week, including Zoombombing, Zero Days at Microsoft, AI Takes charge at Facebook, and COVID-19! In the Expert Commentary, we welcome Daniel Hampton, Sr. Technical Account Manager at Signal Sciences, to talk Working Smarter and Not Harder!
ย
To learn more about Signal Sciences or to request a demo, visit: https://securityweekly.com/signalsciences
Show Notes: https://wiki.securityweekly.com/SWNEpisode21
ย
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
This week, we welcome Adam Hughes, Chief Software Architect at Sylabs Inc., to discuss Singularity: A Different Take on Container Security! In the second segment, we welcome Utsav Sanghani, Senior Product Manager at Synopsys, to discuss Why combining SAST and SCA in your IDE produces higher quality, secure software faster!
ย
To learn more about Synopsys, visit: https://securityweekly.com/synopsys
Show Notes: https://wiki.securityweekly.com/ASWEpisode101
ย
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome back Corey Thuen, Founder and CEO of Gravwell, to discuss Zen and The Art of Logs In the Cloud! In our second segment, we welcome back Peter Smith, Founder and CEO of Edgewise, to discuss How remote users and administrators can work securely from home! In the Security News, Authorities Helpless as Crypto-Currency Scams Rock Nigeria, C.S. Lewis on the Coronavirus, Microsoft SMBv3.11 Vulnerability and Patch CVE-20200796 Explained, Drobo 5N2 4.1.1 - Remote Command Injection, DDoS attack on US Health agency part of coordinated campaign, A cyberattack hits the US Department of Health and Human Services, and more!
ย
Show Notes: https://wiki.securityweekly.com/PSWEpisode644
To learn more about Gravwell, visit: https://securityweekly.com/gravwell
To learn more about Edgewise, visit: https://securityweekly.com/edgewise
ย
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
ย
ย
This week, Doug White brings to you the Security Weekly News Wrap Up, with the hot topics across all of our shows, including, Pornhub has Italians singing from balconies, The Senate renews surveillance rules, Drobo hacks, Google Cloud bug bounties, all the show wrapups, and COVID-19
ย
Show Notes: https://wiki.securityweekly.com/SWNEpisode20
Visit https://www.securityweekly.com/swn for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we talk Enterprise News, to talk about Fortinet Introducing Self-Learning AI Appliance for Sub-Second Threat Detection Enterprise IT World, GreatHorn Offers Free Email Protection for 60 Days, ZeroNorth raises $10M to further expand engineering, customer support and sales, WordPress to get automatic updates for plugins and themes, and more!! In our second segment, we air two pre recorded interviews with Mehul Revanker of SaltStack and Utsav Sanghani of Synopsys from RSAC 2020! In our final segment, we air two more pre recorded interviews from the RSAC2020, with Kevin Gallagher of Netsparker and Mark Ralls of Acunetix!
ย
To request a demo with SaltStack, visit: https://securityweekly.com/saltstack
To get a demo of Synopsys, please visit: https://securityweekly.com/synopsys
To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix
To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker
ย
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Stephen Black, InfoSecWorld 2020 Speaker and Visiting Professor of Cyberlaw at the University of Houston, to discuss Where the Law Thinks Your Data Lives! In the Leadership and Communications segment, Drowning in a Sea of Alerts, Boeing taps Qantas exec Susan Doniz as CIO, CIO interview: Ian Cohen, chief product and technology officer, at Addison Lee, and more!
ย
Show Notes: https://wiki.securityweekly.com/BSWEpisode166
Visit https://www.securityweekly.com/bsw for all the latest episodes!
ย
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
FreshRSS