FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
Before yesterdayPaul's Security Weekly

GRU Hackers Indicted, Trickbot Rises, & Danny Akacki - SWN #75

Danny Akacki discusses how do we, as a NDR product company with an emphasis on user outreach and education, continue not only to keep our product effective for distributed workforce's but also continue to beat the drum on education and knowledge share? It's not easy but we've come up with a few ways both to stay connected to our clients and help them keep an eye on their wires. This segment is sponsored by GigaMon.

Β 

Show Notes: https://securityweekly.com/swn75

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Way Over My Head - ASW #126

This week, we welcome Taylor McCaslin, Security Product Manager at GitLab, to discuss current trends in the application security testing industry! In the Application Security News, Patch Your Windows - β€œPing of Death” bug revealed, 800,000 SonicWall VPNs vulnerable to remote code execution bug, T2 Exploit Team Creates Cable That Hacks Mac, Zoom Rolling Out End-to-End Encryption, and 'BleedingTooth' Bluetooth flaw!

Β 

Show Notes: https://wiki.securityweekly.com/asw126

Visit https://securityweekly.com/GitLab to learn more about them!

Β 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Larry's 10 Second Delay - PSW #670

This week, we welcome back Shani Dodge and Roi Cohen from Vicarius, to present their segment on Vulnerabilities entitled Prioritize This, Prioritize That, Prioritize with Context! In our second segment, we welcome Patrick Garrity, VP of Operations at Blumira, to talk about Democratizing and Saasifying Security Operations! In the Security News, Microsoft Uses Trademark Law to Disrupt Trickbot Botnet, Barnes & Noble cyber incident could expose customer shipping addresses and order history, Zoom Rolls Out End-to-End Encryption After Setbacks, Google Warns of Severe 'BleedingTooth' Low to Medium risk vulnerabilities, Windows TCP/IP Remote Code Execution vulnerability, and a Prison video visitation system exposed calls between inmates and lawyers!

Β 

Show Notes: https://wiki.securityweekly.com/psw670

Visit https://securityweekly.com/vicarius to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Β 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Gamer Scams, 'ZeroLogon' Attacks, & 'BleedingTooth' Flaw - Wrap Up - SWN #74

This week, Dr.Doug talks about naughty camera captures being sold on Discord, Zoom End to End, Patching, Trickbot attacks, Bleeding Tooth, Gamer Scams, and hiding your cash while wearing a toga!

Β 

Show Notes: https://securityweekly.com/swn74

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Nuke That System - ESW #202

This week, first we talk Enterprise News, discussing the Bad Neighbor Vulnerability, FireEye Announced β€˜Mandiant Advantage: Threat Intelligence’ SaaS-based Offering, Aqua’s Trivy Now Available as a GitHub Action, Datadog adds Deployment Tracking to its APM to prevent outages related to bad code deploys, and Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors! In our second segment, we welcome Whitney Maxwell, Security Consultant at Rapid7, for and interview on Vishing/Phishing! In our final segment, we wrap up the show with two pre-recorded micro interviews from Security Weekly's Virtual Hacker Summer Camp, with Liam Downward, CEO of CYRISMA, and Matthew Gardiner, Principal Security Strategist at Mimecast!

Β 

Show Notes: https://securityweekly.com/esw202

Visit https://securityweekly.com/rapid7 to learn more about them!

Visit https://securityweekly.com/cyrisma to learn more about them!

Visit https://securityweekly.com/mimecastbh to learn more about them!

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

You Must Be This Tall - SCW #47

This week, we welcome Michael Brooks, vCISO at Abacode, to discuss Turning Cybersecurity Challenges Into a Competitive Advantage! In the second segment, the SCW crew along with Michael Brooks delve into an update on the goings on of Cybersecurity Maturity Model Certification (CMMC)!

Β 

Show Notes: https://wiki.securityweekly.com/scw47

Visit https://www.securityweekly.com/scw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Fitbit Spyware, Facebook Bug Bounty Club, & FAA Gets Airline Warning - SWN #73

This week, Dr. Doug talks Facebook Bug Bounty club, Zuck reverses, Trickbot, the FAA gets airline warning, IoT, Zerologon, and Fitbit! Jason Wood returns for Expert Commentary on Office 365: A Favorite for Cyberattack Persistence!

Β 

Show Notes: https://securityweekly.com/swn73

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Made In the Shade - BSW #191

This week, we welcome back Dr. Mike Lloyd, CTO at RedSeal, to discuss Navigating Complexity: Orienting Your Security Solutions! In our second segment, Michael Santarcangelo and Matt discuss The 4 C's of Leadership!

Β 

Show Notes: https://securityweekly.com/bsw191

Visit https://securityweekly.com/redseal to learn more about them!

Β 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Still Raging - ASW #125

This week, we welcome James Manico, CEO at Manicode Security, to talk about Application Security Best Practices! In the Application Security News, Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device, Facebook Bug Bounty Announces "Hacker Plus", Anti-Virus Vulnerabilities, and Chrome Introduces Cache Partitioning!

Β 

Show Notes: https://wiki.securityweekly.com/asw125

Visit https://www.securityweekly.com/asw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Taco Thursday - PSW #669

This week, in our first segment, we welcome Alexander Krizhanovsky, CEO at Tempesta Technologies, to talk about Fast And Secure Web! In our second segment, we welcome Tony Punturiero, Community Manager at Offensive Security, to discuss Assembling Your First Infosec Home Lab! In the Security News, US Air Force slaps Googly container tech on yet another war machine to 'run advanced ML algorithms', Rare Firmware Rootkit Discovered Targeting Diplomats - NGOs, Hackers exploit Windows Error Reporting service in new fileless attack, HP Device Manager vulnerabilities may allow full system takeover, Malware exploiting XML-RPC vulnerability in WordPress, and it's the 10 year anniversary of Stuxnet!

Β 

Show Notes: https://wiki.securityweekly.com/psw669

Visit https://www.securityweekly.com/psw for all the latest episodes!

Β 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Stuxnet Redux, UEFI Bootkits, & Fancy Bear - Wrap Up - SWN #72

This week, Dr. Doug talks Stuxnet Redux, Fancy Bear, HP Printers, UEFI bootkits, EGregor, and locked up naughty bits!

Β 

Show Notes: https://securityweekly.com/swn72

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

One Bug Away - ESW #201

This week, first we talk Enterprise News, discussing how Anchore Rolls Out Open Source DevOps Tools, Rapid7 Cloud Identity and Access Management Governance Module for DivvyCloud, Digital Shadows launches access key alerts, Microsoft Azure customers can now implement Datadog as a monitoring solution for their cloud workloads, and Ping Identity unveils PingOne Services! In our second segment, we welcome Cris Neckar, CISO of Spring Labs, to discuss Trading Least Privilege for Security Theater! In our final segment, we welcome Jen Ayers, VP of OverWatch at Crowdstrike, for an interview on the 2020 Threat Hunting Report: Insights from the CrowdStrike OverWatch Team!

Β 

Show Notes: https://securityweekly.com/esw201

Visit https://securityweekly.com/crowdstrike to learn more about them!

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

They Can't Do Pizza - SCW #46

This week, we're going to look back on our favorite episodes of the first year, reflect on how we are doing, solicit feedback from listeners, look ahead to the future/coming year - what to expect! In our second segment, the crew discusses Ransomware Attacks!

Β 

Show Notes: https://wiki.securityweekly.com/scw46

Visit https://www.securityweekly.com/scw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Qualified Opinions - BSW #190

This week, we welcome Parham Eftekhari, SVP & Executive Director of Cybersecurity Collaborative, to discuss The Power of True Peer-to-Peer Collaboration! In the Leadership and Communications section, What it takes to be a transformational CISO, Put Your Metrics Where Your Mouth Is, 5 Simple Ways to Make Better Decisions, and more!

Β 

Show Notes: https://securityweekly.com/bsw190

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Static Kitten, Targeting Trickbot, & 'Raccine' Ransomware - SWN #71

This week, Dr. Doug talks John McAfee in trouble again, Tenda routers, Egregor, Someone is going after Trickbot, the OFAC may come after you for paying ransoms, Maxwell's Demon, the second law of thermodynamics, and Jason Wood joins for Expert Commentary on Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam!

Β 

Show Notes: https://securityweekly.com/swn71

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Laughing Isn't Helping - ASW #124

This week, we welcome Chris Romeo, CEO at Security Journey, to discuss Things Every Developer Should Know About Security! In the Application Security News, DOMOS 5.8 - OS Command Injection, 4G, 5G networks could be vulnerable to exploit due to β€˜mishmash’ of old technologies, Google sets up research grant for finding bugs in browser JavaScript engines, Announcing the launch of the Android Partner Vulnerability Initiative, and more!

Β 

Show Notes: https://wiki.securityweekly.com/asw124

Visit https://www.securityweekly.com/asw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

A 55 Gallon Drum Cut In Half - PSW #668

This week, in our first segment, Paul will take you through his process for creating a docker container for running NGINX as an RTMP proxy for streaming video to multiple services; complete with SSL and authentication! In our second segment, we welcome Chris Sanders, Founder of the Applied Network Defense & Rural Technology Fund, to talk about Intrusion Detection Honeypots! In the Security News, Rumored Windows XP Source Code Leaked Online, Hospitals hit by countrywide ransomware attack, China-linked 'BlackTech' hackers start targeting U.S, a 13-year-old student was arrested for hacking school computers, Who caused the 14 state Monday 911 outage, and A Return to 'Hackers' Is "Being Actively Considered," Says Director!

Β 

Show Notes: https://wiki.securityweekly.com/psw668

Visit https://www.securityweekly.com/psw for all the latest episodes!

Β 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pinchy Spider, Microsoft 365 Outage, & Emotet Strikes DNC - Wrap Up - SWN #70

This week, Dr. Doug talks about The debate (no politics), Microsoft & 911 (& more Microsoft), Pinchy Spider, Twitch debates, and Emotet!

Β 

Show Notes: https://securityweekly.com/swn70

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

That's Where the Lemons Go - SCW #45

This week, we welcome Liam Downward, CEO at CYRISMA, to talk about Data Centric Security! In our second segment, Jeff, Josh, Scott, John, and Liam discuss Vulnerability Management & the Art of Prioritization of Risk!

Β 

Show Notes: https://wiki.securityweekly.com/scw45

Visit https://securityweekly.com/cyrisma to learn more about them!

Β 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Joker Trojan, Microsoft Outage, & Alien Android Trojan - SWN #69

This week, Dr. Doug discusses the Microsoft outage, Jokers wild, Alien Forking at Android, Ryuk, United Health, possessed coffee makers, and Jason Wood joins us for Expert Commentary to talk about REvil Ransomware!

Β 

Show Notes: https://wiki.securityweekly.com/swn69

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Necessary Evil - BSW #189

This week, we welcome Ryan Benson, Director of Service Offerings at deepwatch, to discuss the State of the Managed Detection & Response Market! In the Leadership and Communications section, 6 types of CISO and the companies they thrive in, What are the habits of highly effective CISOs, Cybersecurity is Not a Four-Letter Word, and more!

Β 

Show Notes: https://securityweekly.com/bsw189

Visit https://securityweekly.com/deepwatch to learn more about them!

Β 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hot Off the Press - ASW #123

This week, Mike, Matt, and John talk about The Difference Between Finding Vulns & Securing Apps! In the Application Security News, 6 Things to Know About the Microsoft 'Zerologon' Flaw, You can bypass TikTok's MFA by logging in via a browser, Instagram RCE: Code Execution Vulnerability in Instagram App for Android and iOS, and more!

Β 

Show Notes: https://wiki.securityweekly.com/asw123

Visit https://www.securityweekly.com/asw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Lokibot Returns, Tesla Outage, & Maze Ransomware in VMs - Wrap Up - SWN #68

This week, Dr. Doug talks the Tesla outage, Microsoft Redux, Lokibot, Wicked Panda, Maze, Facebook gone forever, Magic Swords, and enchanted codpieces!

Β 

Show Notes: https://wiki.securityweekly.com/swn68

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

My Head's Spinning - ESW #200

This week, first we talk Enterprise News, ExaGrid releases version 6.0 with Time-Lock for Ransonware Recovery Feature, Microsoft overhauls 'Patch Tuesday', Palantir to begin New York trading on September 30th, Accenture acquires SALT Solutions to build cloud-based industrial IoT platforms, and Code42 Incydr: A cloud-native product that mitigates insider data exposure and exfiltration! In our second segment, we welcome Edward Wu, Principal Data Scientist of ExtraHop, and Ted Driggs, Head of Product at ExtraHop, to discuss Demystifying AI & ML for Cybersecurity! In our final segment, we welcome Jeff Capone, CEO & Co-Founder of SecureCircle, for an interview on ZeroTrust Data Security!

Β 

Show Notes: https://securityweekly.com/esw200

Visit https://securityweekly.com/securecircle to learn more about them!

Visit https://securityweekly.com/extrahop to learn more about them!

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

You Can't Handle the Truth! - SCW #44

This week, we welcome Chas Ballew, Co-Founder and CEO at Aptible, to discuss Reducing the Headache of Audit Prep With Automation! In the second segment, we welcome back Priya Chaudhry, Jedi Warrior Princess and Criminal Defense Trial Lawyer at ChaudhryLaw PLLC, to discuss the Legal Review of CFAA Supreme Court Case!

Β 

Show Notes: https://wiki.securityweekly.com/scw44

Visit https://securityweekly.com/aptible to learn more about them!

Β 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Blood, Sweat, & Beers - BSW #188

This week, we welcome Corey Thuen, Founder of Gravwell, to discuss The Power of Context & Collaboration in a Data Driven World! In the second segment, Michael Santarcangelo and Sam Estrella join us to discuss the anatomy of an acquisition! A listener request, Michael will walk us through the Security Weekly acquisition by CyberRisk Alliance to understand the key criteria, processes, and challenges of an acquisition, especially during COVID-19!

Β 

Show Notes: https://wiki.securityweekly.com/bsw188

Visit https://securityweekly.com/gravwell to learn more about them!

Β 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

German Ransomware, Wicked Panda, & Dark Overlord Sentenced - SWN #67

This week, Dr. Doug talks Zerologon, Wicked Panda, OSINT, Doom found to run on Xbox, and Dark Overlord! Jason Wood returns for Expert Commentary on why to Think Twice Before Using Facebook, Google, or Apple to Sign In Everywhere!

Β 

Show Notes: https://wiki.securityweekly.com/swn67

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

One Love, One Fuzz - ASW #122

This week, we welcome Justin Massey, Product Manager, Security Monitoring at Datadog, to discuss Visualizing and Detecting Threats For Your Custom Application! In the Application Security News, Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale, Bluetooth Spoofing Bug Affects Billions of IoT Devices, Firefox bug lets you hijack nearby mobile browsers via WiFi, Safeguarding Secrets Within the Pipeline, and more!

Β 

Show Notes: https://wiki.securityweekly.com/asw122

Visit https://securityweekly.com/datadog to learn more about them!

Β 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

11 Tons of Typewriters - PSW #667

This week, we welcome we welcome Mike Ware, Senior Director of Technology at Synopsys, to talk about the Key Findings From The Newly Released BSIMM11 Report! In our second segment, we welcome James Spiteri, Solutions Architect and Cyber Security Specialist Global Solutions Lead at Elastic, to discuss how Elastic Security Opens Public Detections Rules Repo! In the Security News, Three Cybersecurity Lessons from a 1970s KGB Key Logger, MFA Bypass Bugs Opened Microsoft 365 to Attack, How Hackers Can Pick Your LocksJust By Listening, U.S. House Passes IoT Cybersecurity Bill, the Largest Hacking Campaign Since 2015 Targeted Magento Stores Via Unpatched Bug, and 5 Security Lessons Humans Can Learn From Their Dogs!

Β 

Show Notes: https://wiki.securityweekly.com/psw667

Visit https://securityweekly.com/elastic to learn more about them!

Visit https://securityweekly.com/synopsys to learn more about them!

Β 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

QAnon Shut Down, Mozi Botnet, & Trump Bans TikTok - Wrap Up - SWN #66

This week, Dr. Doug discusses Microsoft OneFuzz, Tik Tok, QAnon, Mozi, and more news from the sunny shores of Venus!

Β 

Show Notes: https://wiki.securityweekly.com/swn66

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pointing Fingers - ESW #199

This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations!

Β 

Show Notes: https://securityweekly.com/esw199

Visit https://securityweekly.com/netsparker to learn more about them!

Visit https://securityweekly.com/signalsciences to learn more about them!

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Wrong Movie - SCW #43

This week, we welcome David King, Founding Member and Owner at Cyber Support Alliance and Governing Goliath Media, to discuss How We Lost the Cybersecurity War (and What Happens Next), in this two part interview!

Β 

Show Notes: https://wiki.securityweekly.com/scw43

Visit https://www.securityweekly.com/scw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Zoom Rolls Out 2FA, Fancy Bear Returns, & Massive Mailfire Leak - SWN #65

This week, Dr. Doug talks Candiru fish, Office Phishing attacks with a twist, Fancy Bear, Zhenhua data leaks, TikTok and Oracle, and Big Eyed Beans from Venus! Jason Wood returns for Expert Commentary on a Russian hacker selling a how-to video on exploiting unsupported Magento installations to skim credit card details for $5,000!

Β 

Show Notes: https://wiki.securityweekly.com/swn65

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Deep Cover - BSW #187

This week, we welcome back John Loucaides, VP of Research & Development at Eclypsium, to discuss Cracks in the Foundation: Understanding the New Endpoint Challenge! In the Leadership and Communications section, we're playing 3 questions - Does Your Board Really Understand Your Cyber Risks?, How can the C-suite support CISOs in improving cybersecurity?, Think You're Spending Enough on Security?, and more!

Β 

Show Notes: https://wiki.securityweekly.com/bsw187

Visit https://securityweekly.com/eclypsium to learn more about them!

Β 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Wire Stripper - ASW #121

This week, we welcome Frank Catucci, Sr. Director GTP of Application Security at Gartner, to discuss The People & Process of DevOps! In the Application Security News, BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys, Microsoft Patch Tuesday, Sept. 2020 Edition, XSS->Fix->Bypass: 10000$ bounty in Google Maps, Academics find crypto bugs in 306 popular Android apps, none get patched, using CRYLOGGER to detect crypto misuses dynamically, Remote Code Execution as SYSTEM/root via Backblaze, and more!

Β 

Show Notes: https://wiki.securityweekly.com/asw121

Visit https://www.securityweekly.com/asw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

One Hell of a Show - PSW #666

This week, we welcome we welcome David Asraf, C++ Developer at Vicarius, and Roi Cohen, Co-Founder & VP Sales at Vicarius, to discuss The Patchless Horseman! In our second segment, we welcome back Sumedh Thakar, President and Chief Product Officer at Qualys, to talk about Building Security Into the DevOps Lifecycle! In the Security News, Cisco Patches Critical Vulnerability in Jabber for Windows, Expert found multiple critical issues in MoFi routers, TeamTNT Gains Full Remote Takeover of Cloud Instances, Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks, Former NSA chief General Keith Alexander is now on Amazon’s board, and the Legality of Security Research is to be Decided in a US Supreme Court Case!

Β 

Show Notes: https://wiki.securityweekly.com/psw666

Visit https://securityweekly.com/qualys to learn more about them!

Visit https://securityweekly.com/vicarius to learn more about them!

Β 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Insider Threats, BLURtooth Flaw, & More 0-Days - Wrap Up - SWN #64

This week, Dr. Doug talks Cisco patching Jabber Flaw, Insider Threats are huge, BLURtooth, Apple COVID-19 opt ins, and pretty much everyone is trying to interfere with the election!

Β 

Show Notes: https://wiki.securityweekly.com/swn64

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Impossible Traveler - ESW #198

This week, first we talk Enterprise News, discussing how Yubico Delivers New Security Key the YubiKey 5C NFC, ManageEngine ADSelfService Plus now supports MFA for VPNs to protect remote workforce, Sysdig partners with VulnDB to strengthen vulnerability intelligence reporting, 3 Signs it’s Time for a Penetration Test, and CrowdStrike Expands Support for AWS Workloads and Container Deployments! In our second segment, we welcome Corey Williams, VP Marketing/Idaptive by CyberArk at CyberArk, to talk about Exploring Identity Security and Its Role in the Modern Enterprise! In our final segment, we welcome Bradon Rogers, SVP of Global Pre-Sales Engineering at Mimecast, to discuss Cloud Based Cyber Resiliency!

Β 

Show Notes: https://securityweekly.com/esw198

Visit https://securityweekly.com/mimecast to learn more about them!

Visit https://securityweekly.com/cyberark to learn more about them!

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Dark Side - SCW #42

This week, we welcome Oleg Shomonko, Head of Business Development, Co-founder at Ekran System for an interview! Ekran System is a universal insider threat protection platform that combines three essential insider security controls: activity monitoring, access management, and identity management. Functionality is provided in a single universal software platform delivering light-weight agents for all types of endpoints. This segment is sponsored by Ekran System.

Β 

Show Notes: https://wiki.securityweekly.com/scw42

Visit https://securityweekly.com/ekran to learn more about them!

Β 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

WhatsApp Bugs, Argentina Ransomware, & Cisco Jabber RCE - SWN #63

This week, Dr. Doug talks Security Weekly sold to Cyber Risk Alliance, Argentina and Newcastle ransomwared, Cisco Jabber, the NSA wants to educate you, and Jason Wood returns for Expert Commentary on how Creepy β€˜Geofence’ Finds Anyone Who Went Near a Crime Scene!

Β 

Show Notes: https://wiki.securityweekly.com/swn63

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Squeegee Guy - PSW #665

This week, we welcome Fredrick "Flee" Lee, Chief Security Officer at Gusto, to discuss Lovable Security: Be a Data Custodian, Not a Data Owner! In our second segment, we welcome Justin Armstrong, Security Architect at MEDITECH, to talk about Cybersecurity & Patient Safety! In the Security News, The NSA Makes Its Powerful Cybersecurity Tool Open Source, The bizarre reason Amazon drivers are hanging phones in trees near Whole Foods, Elon Musk Confirms Serious Russian Bitcoin Ransomware Attack On Tesla, Foiled By The FBI, Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers, and the FBI is investigating after an alarmed pilot tells the LAX tower: We just passed a guy in a jet pack!

Β 

Show Notes: https://wiki.securityweekly.com/psw665

Visit https://www.securityweekly.com/psw for all the latest episodes!

Β 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Tesla Dodges Attack, 'Sepulcher' Malware, & Snowden Vindicated? - Wrap Up - SWN #62

This week, Dr. Doug talks Snowden Vindicated? Hermain Cain tweets from beyond the grave, APT TA413, Iranian cats again, Carolyn Meinel, hard coded credentials, and KryptoCibule!

Β 

Show Notes: https://wiki.securityweekly.com/swn62

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Absolute Nightmare - ESW #197

This week, first we talk Enterprise News, discussing Proofpoint's $300 Million buyback program, LogRhythmn Power Users share their use cases, Bitdefender Enhances MDR Service to Increase Proactive Protection and Advanced Detection, Anchore Unveils Enterprise 2.4 With Expanded & Updated Capabilities, and Auth0's new bot detection! In our second segment, we air two pre recorded interviews from Security Weekly Virtual Hacker Summer Camp with Corey Bodzin from Deepwatch, and Michael Sanders from Extrahop! In our final segment, we air two more pre-recorded interviews from Security Weekly Virtual Hacker Summer Camp with Ian McShane of Crowdstrike, and Michael Borohovski from Synopsys!

Β 

Show Notes: https://securityweekly.com/esw197

Visit https://securityweekly.com/crowdstrike for a totally free trial!

Visit https://securityweekly.com/synopsys to learn more about them! V

isit https://www.deepwatch.com/lens-score/ to try deepwatch Lens Score for free!

Visit https://securityweekly.com/extrahop to learn more about them!

For a free trial of Reveal(x)360 visit: www.extrahop.com/swbh

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pound Sand - SCW #41

This week, we welcome Priya Chaudhry, Jedi Warrior Princess, at ChaudhryLaw PLLC (Criminal Defense Trial Lawyer), to discuss the Uber Indictments in a special two part interview!

Β 

Show Notes: https://wiki.securityweekly.com/scw41

Visit https://www.securityweekly.com/scw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Across State Lines - BSW #186

This week, we welcome Carlos Becerra, Co-Founder at CB Universal, to discuss Role of the CISO, Why Do You Need a vCISO? In the Leadership and Communications section, the lucky 7's have it: 7 Keys to Effective Leadership in Our New Normal, The 7 elements of an enterprise cybersecurity culture, 7 Quotes from Military Leaders to Help You Win at Life, and more!

Β 

Show Notes: https://wiki.securityweekly.com/bsw186

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Charming Kitten, Slack RCE, & KryptoCibule Malware - SWN #61

This week, Dr. Doug talks Tesla, Slack, Charming Kitten returns, KryptoCibule, and Tweets from the great beyond! In the Expert Commentary, we welcome Ian McShane, VP, Product Marketing at CrowdStrike, to discuss remote work/return to office, and the challenges therein!

Β 

Show Notes: https://wiki.securityweekly.com/swn61

Visit https://securityweekly.com/crowdstrike to learn more about them!

Β 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Little Bit Too High - ASW #120

This week, we welcome Marc Tremsal, Director of Product Management of Security at Datadog, to discuss Detecting Threats & Avoiding Misconfigs In The Cloud-Age! In the Application Security News, A Tale of Escaping a Hardened Docker container, Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform, Upgrading GitHub to Ruby 2.7, Upgrading GitHub to Ruby 2.7, Redefining What CISO Success Looks Like, and Lessons from Uber: Be crystal clear on the law and your bug bounty policies!

Β 

Show Notes: https://wiki.securityweekly.com/asw120

Visit https://securityweekly.com/datadog to learn more about them!

Β 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Floppies Are Burning In The Driveway - PSW #664

This week, first we talk Security News! We'll be discussing how a Google Researcher Reported 3 Flaws in Apache Web Server Software, Medical Data Leaked on GitHub Due to Developer Errors, Experts hacked 28,000 unsecured printers to raise awareness of printer security issues, Tesla Is Cracking Down On Performance-Enhancing Hacks For The Model 3, Former Uber CSO Charged Over Alleged Breach Cover-Up, and Researchers Sound Alarm Over Malicious AWS Community AMIs! In our second segment, we air two pre recorded interviews from Security Weekly's Virtual Hacker Summer Camp, with Ferruh Mavituna, CEO of Netsparker, and Paul Battista, CEO and Founder of Polarity! In our final segment, we air one more pre recorded interview with Roi Cohen, Co-Founder and VP of Sales at Vicarius, and Shani Dodge, C++ Developer at Vicarius, discussing Predicting Vulnerabilities in Compiled Code!

Β 

Show Notes: https://wiki.securityweekly.com/psw664

Visit https://securityweekly.com/vicarius to learn more about them!

Take the Polarity Challenge! Get your free community edition by visiting: www.polarity.io/sw

Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market!

Β 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Let That Sink In - ESW #196

This week, first we talk Enterprise News, discussing Checkmarx Announces GitLab Integration, Panaseer Automates IRM with Archer Integration, How Attivo Networks Strengthens Active Directory Defense, Elastic Security 7.9 delivers a major milestone toward endpoint security integrated into the Elastic Stack, VMware brings Kubernetes to its VMware Fusion and VMware Workstation solutions, and more! In our second segment, we welcome Kwan Lin, Principal Data Scientist at Rapid7, to discuss "Under the Hoodie:" Rapid7's 2020 Pen Testing Report! In our final segment, we welcome Patrick Carey, Director of Product Marketing at Synopsys, to talk about Building Security into Application Development!

Β 

Show Notes: https://securityweekly.com/esw196

Visit https://securityweekly.com/rapid7 to learn more about them!

Visit https://securityweekly.com/synopsys to learn more about them!

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

MITRE Shield Matrix, Zoom Outages, & 'SourMint' - Wrap Up - SWN #60

This week, Dr. Doug talks MITRE, COBALT, SNYK, CISOs behaving badly at Uber, Zoom says it's all better now, and Amazon AI wants you to send nudes for criticism, and all the show wrap ups from this past week!

Β 

Show Notes: https://wiki.securityweekly.com/swn60

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Memes Are Killing Me - SCW #40

This week, Jeff, John, Josh, and Scott talk Pragmatic Approaches to Cybersecurity Maturity! There are a lot of ways to measure/assess the level of organizational maturity of security programs. But, how do you mature your organization? We will discuss practical steps, like prioritizing the to-do list, the balance between people, process, and technology, as well as the balance between policies, standards, procedures vs. technical controls, to develop a pragmatic approach to mature your cybersecurity program.

Β 

Show Notes: https://wiki.securityweekly.com/scw40

Reference Slides: https://securityweekly.com/scw-episode-40-reference-slides/

Β 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Dharma Ransomware, Zoom Crash, & Elon Musk's Neuralink - SWN #59

This week, Dr. Doug talks Zoom crash, Apple insecurities, Dharma, MITRE, Elon Musk is about to eat your brain, and Jason Wood returns with Expert Commentary on Ex-Uber chief security officer charged, accused of covering up theft of personal info from databases by hackers!

Β 

Show Notes: https://wiki.securityweekly.com/swn59

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Set It & Forget It - BSW #185

This week, we welcome Ed Amoroso, CEO at TAG Cyber, to discuss Disrupting Traditional Security Research & Advisory! In the Leadership and Communications section, Why Do Your Employees Resist New Tech?, Who’s Responsible for a Safer Cloud?, Publicly Reported Data Breaches Stand at its Lowest Point in 5 Years, and more!

Β 

Show Notes: https://wiki.securityweekly.com/bsw185

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Heavy Pressure - ASW #119

This week, we welcome Sundar Krish, CEO & Co-Founder at Sken.ai, to talk about DevOps-First Application Security For Mid-Markets! In the Application Security News, The Confused Mailman: Sending SPF and DMARC passing mail as any Gmail or G Suite customer, ATM makers Diebold and NCR deploy fixes for 'deposit forgery' attacks, Control Flow Guard for Clang/LLVM and Rust, Fuzzing Services Help Push Technology into DevOps Pipeline, and 7 Things to Make DevSecOps a Reality!

Β 

Show Notes: https://wiki.securityweekly.com/asw119

Visit https://www.securityweekly.com/asw for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hacking Naked & Not Afraid - PSW #663

This week, we welcome back Harry Sverdlove, Founder and CTO of Edgewise, and Dan Perkins, Principal Product Manager at ZScaler, to talk about Protecting Critical Infrastructure and Workloads In Hybrid Clouds! In our second segment, it's the Security News! We'll be talking about how New Microsoft Defender ATP Capability Blocks Malicious Behaviors, Voice Phishers Targeting Corporate VPNs, IBM finds vulnerability in IoT chips present in billions of devices, Marriott faces London lawsuit over vast data breach, US firm accused of secretly installing location tracking SDK in mobile apps, and Disrupting a power grid with cheap equipment hidden in a coffee cup! In our final segment, we air two pre recorded interviews from Security Weekly's Virtual Hacker Summer Camp, with Corey Thuen, Co-Founder of Gravwell, and Deral Heiland, Principal Security Researcher for IoT at Rapid7!

Β 

Show Notes: https://wiki.securityweekly.com/psw663

Visit https://securityweekly.com/edgewise to learn more about them!

To learn more, visit: https://www.gravwell.io/summercamp2020

Visit https://securityweekly.com/rapid7 to learn more about them!

Β 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Locate X, FritzFrog Botnet, & 'Spear Vishing' - Wrap Up - SWN #58

This week, Dr. Doug White talks 3D keys, Emotet returns, FritzFron, Voice Phishing, ICS, coffee cup magnets, and how the Secret Service is buying your location data!

Β 

Show Notes: https://wiki.securityweekly.com/swn58

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Snake Oil - ESW #195

This week, first we talk Enterprise News, discussing how ThreatConnect Integrates with Microsoft Graph Security API to Strengthen Security Automation, Sectigo unveils Sectigo Quantum Labs to help orgs prepare for quantum computers, Trend Micro to offer comprehensive network and endpoint protection for IoT and 5G private networks, Thycotic Releases Thycotic Identity Bridge, and more! In our second segment, we air two pre recorded interviews from Security Weekly Virtual Hacker Summer Camp with Chris Morales from Vectra, and Anton Chuvakin from Google Cloud & Matt Hastings from Tanium! In our final segment, we air two more precorded interviews from Virtual Hacker Summer Camp with Dan DeCloss from PlexTrac, and Gabe Gumbs from Spirion!

Β 

Show Notes: https://securityweekly.com/esw195

To get one month of PlxTrac for free, visit: https://securityweekly.com/plextrac

Visit https://securityweekly.com/spirionbh to learn more about them!

Visit https://securityweekly.com/tanium to learn more about them!

To see how Vectra can detect attacks in SaaS like Office 365, please visit: https://www.vectra.ai/o365

Β 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Keys to the Castle - SCW #39

This week, we welcome Matt Tarr, Principal Solutions Engineer at CyberArk! He talks about how his 15 years in Systems and Sales Engineering roles adds a layer of experience at CyberArk. Matt will then explain how CyberArk provides Security for the Heart of the Enterprise by adding a layer of security around privileged accounts. Matt will also discuss the overarching importance of securing privileged access throughout the organization as it relates to the overall security posture and compliance requirements!

Β 

Show Notes: https://wiki.securityweekly.com/scw39

Visit https://securityweekly.com/cyberark to learn more about them!

Endpoint Privilege Manager Free Trial: https://www.cyberark.com/products/privileged-account-security-solution/endpoint-privilege-manager/endpoint-privilege-manager-free-trial/

Blueprint for PAM Implementation: https://www.cyberark.com/blueprint/

Β 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

'EmoCrash' Exploit, IcedID, & TeamTNT - SWN #57

This week, Dr. Doug talks Russel Kirsch, Carol Baskin, IcedID, Emotet, TeamTNT, and the CRA! Jason Wood returns for Expert Commentary on how the Secret Service reportedly paid to access phone location data!

Β 

Show Notes: https://wiki.securityweekly.com/swn57

Visit https://www.securityweekly.com/swn for all the latest episodes!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Juicy Secrets - BSW #184

This week, we welcome Jeff Costlow, Deputy CISO at ExtraHop, to discuss the challenges of detecting and patching Ripple20! Ripple 20 is a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. In the Leadership and Communications section, CISOs say new problem solving strategies required, How Remote Work is Reshuffling Your Security Priorities and Investments, Security Jobs With a Future -- And Ones on the Way Out and more!

Β 

Show Notes: https://wiki.securityweekly.com/bsw184

Visit https://securityweekly.com/extrahop to learn more about them!

Β 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

❌