Podcasts by Security Weekly Podcast Network (Audio)

The Impact of the New SEC Regulations on Cybersecurity - BSW #331 from 2023-12-12T02:43

Materiality, Disclosure, and Evidence...  New terms for cybersecurity professionals to understand under the new SEC Regulations for Cybersecurity.  And the Solarwinds indictment is just the begi...

Q*, Unitronics, SLAM, Bluetooth, Cold Fusion, Google Drive, Aaran Leyland, and More - SWN #347 from 2023-12-08T18:28

Q*, Water Wars, Unitronics, SLAM, Bluetooth, Cold Fusion, Google Drive, Push notifications, Aaran Leyland, and More News on the Security Weekly News.

Visit Listen

Surprise Cam Nudes, Staples, Turtle, Apple, 23andme, P2Pinfect, Gmail, Jason Woods - SWN #346 from 2023-12-08T14:34

Surprise Cam Nudes, Staples, Turtle, Apple, 23andme, P2Pinfect, Sellafield, Gmail, Jason Wood, and more on this edition of the Security Weekly News.

Visit Listen

Lessons from 10 years running the first cyber-exclusive investment firm - Bob Ackerman - ESW #342 from 2023-12-08T13:24

Bob Ackerman argues that, from an investment perspective, cybersecurity is like life sciences - a complex, nuanced field that is difficult field to invest in part-time. So his firm, Allegis Cybe...

Holiday Extravaganza - Supply Chain, Hardware Hacking, Vulnerabilities, News - PSW #809 from 2023-12-06T00:00

Join the Security Weekly crew in a riveting podcast episode where they delve into the fascinating realm of hardware hacking. Picture a dimly lit room resonating with the nostalgic hum of vintage...

All the News - Just Six Months Later - Application Security Weekly #265 from 2023-12-05T19:11

We cover appsec news on a weekly basis, but sometimes that news is merely about the start of a new project, sometimes it's yet another example of a vuln class, and sometimes it's a topic we hope...

Real Edge Computing Use Cases from the AT&T Cybersecurity Insights Report - Theresa Lanowitz, Mark Freifeld - BSW #330 from 2023-12-04T21:25

Theresa Lanowitz joins Business Security Weekly to review real edge computing use cases from the AT&T Cybersecurity Insights Report. Specifically, we'll cover the following industry sector repor...

Cybertruck, Okta, Google, Black Basta, Zoom, Unitronics, Aaran Leyland, and More - SWN #345 from 2023-12-01T18:46

Cybertruck, Okta, Google and More Google, Black Basta, Zoom, Unitronics, Aaran Leyland, and More News on the Security Weekly News.

Visit Listen

Non-profits need security too&Cybercrime is booming - Keith Jarvis, Kelley Misata - ESW #341 from 2023-12-01T16:33

While non-profit doesn't mean "no budget" when it comes to cybersecurity, a lot of smaller to mid-sized non-profits operate on a shoestring, with little to no money for cybersecurity talent or s...

AI&LLMs - Josh More, Matthew Carpenter - PSW #808 from 2023-11-30T22:33

What will the future bring with respect to AI and LLMs? Josh has spent some time thinking about this and brings us some great resources. We'll discuss how to get students involved with AI in a s...

Starting with Appsec -- Is It More of a Position or a Process? - ASW #264 from 2023-11-30T17:03

This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec ...

Chimera, Aliquippa, FNF, Lazarus, DARPA, Namedrop, Google, Aaran Leyland, and More - SWN #344 from 2023-11-28T20:16

Chimera, Aliquippa, FNF, Lazarus, DARPA, Ransom Payments, Namedrop, Google, Aaran Leyland, and more are on this edition of the Security Weekly News.

Visit Listen

1% Leadership - Andy Ellis - BSW #329 from 2023-11-28T16:43

Most leadership books suffer from one of two critical failures (and sometimes both). The book might be a hagiography: telling you the biography of some amazing leaders, pretending there is one s...

Spying&Cyber Warfare - SDL - SWN Vault from 2023-11-24T15:00

From Russia With Love, come Doug and Russ, doing a segment on spying! Not the 007 spying, but spying when it comes to cyber warfare.

Visit Listen

Breaking into Cyber – Perspective from a High School - Tim Cathcart - ESW Vault from 2023-11-23T18:00

High School students represent the very beginning of the pipeline for the Cyber industry. What are the attitudes and perspectives of these young people? How can we attract the best and brightest...

Interview with Brian Snow - PSW Vault from 2023-11-22T21:00

Brian Snow spent his first 20 years at NSA doing and directing research that developed cryptographic components and secure systems. Many cryptographic systems serving the U.S. government and mil...

Travel Security - SDL - SWN Vault from 2023-11-21T15:00

Russ runs the show solo with the absence of Dr. Doug to talk about Travel Security! He explains different aspects such as Personal Security, Asset Security, and Digital Security! Traveling is a ...

Building Security from Scratch: One Year as CISO at a Start-up - Guillaume Ross - BSW Vault from 2023-11-20T22:00

We often think "this would be so much better if done properly from the beginning", but the reality is, doing things from scratch comes with different challenges. Managing priorities, deciding wh...

Platform Firmware Security - Maggie Jauregui - ASW Vault from 2023-11-20T15:00

Firmware security is complex and continues to be an industry challenge. In this podcast we'll talk about the reasons firmware security remains a challenge and some best practices around platform...

Cashwarp vs. Reptar, Rackspace, BlackCat, Bots, Aaran Leyland and More - SWN #343 from 2023-11-17T18:56

Cashwarp vs. Reptar, Rackspace, BlackCat, Intel, AMD, Bots and more bots, Aaran Leyland, and More News on the Security Weekly News.

Visit Listen

Exploring the Intersection of Security for Edge Computing and Endpoint - Theresa Lanowitz, Mani Keerthi Nagothu - ESW #340 from 2023-11-16T23:43

Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well th...

3 Layers of App Security to Keep Hackers Out, Let Customers In - Aviad Mizrachi - PSW #807 from 2023-11-16T22:51

Attackers pursue the shortest path to achieve their goals in your app. With a tri-layered security architecture, you can force hackers to crawl through a triathlon in your app. What’s in the thr...

How 2023 Changed Application Security and What’s to Come in 2024 - Karl Triebes - ASW #263 from 2023-11-14T22:00

In the rapidly evolving landscape of application security, 2023 brought significant changes with the rise of generative AI tools and an increase in automated threats. In this discussion, Karl Tr...

Cybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood - SWN #342 from 2023-11-14T18:52

This week Dr. Doug quacks: Cybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood, on this edition of the Security Weekly News.

Visit Listen

Say Easy, Do Hard - Cyber Risk Management - BSW #328 from 2023-11-14T10:00

Inspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of cyber risk management. Why is cyber risk management so elusive and what can we do to solve it?

Aidan Holland, Kelly Shortridge - ESW #339 from 2023-11-10T22:00

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minu...

Fakes, SysAid, Sumo, farnetwork, CPU-Z, Google, Chat-GPT, Aaran Leyland, and More - SWN #341 from 2023-11-10T19:16

This week Dr. Doug discusses: Fakes, Sysaid, Sumo, farnetwork, CPU-Z, Google, Chat-GPT, Aaran Leyland, and More News on the Security Weekly News!

Visit Listen

Testing AI Before It Comes To Get You - Austin Carson - PSW #806 from 2023-11-09T22:00

Austin spends the majority of his time thinking about ways to abuse LLMs, the impact of the attacks, and the effects on society. He brings a truly unique perspective to the way to use, attack, a...

Security from a Developer's Perspective - Josh Goldberg - ASW #262 from 2023-11-07T22:00

A lot of appsec conferences have presentations for appsec audiences -- but that's not often the group that's building apps. What if more developer conferences had appsec content? We talk with Jo...

Grok, Okta, Looney Tunables, HelloKitty, Gootbot, Veeam, More News and Jason Wood - SWN #340 from 2023-11-07T18:15

This week Dr. Doug expounds: Grok, Okta, Looney Tunables, HelloKitty, Gootbot, Veeam, More News and Jason Wood, on this edition of the Security Weekly News!

Visit Listen

Security Money: The Index is Rebounding - Business Security Weekly #327 from 2023-11-07T10:00

It's time to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also update you on the Security Weekly 25 index. The in...

Jackie McGuire, Hank Thomas - ESW #338 from 2023-11-03T21:00

In this segment, we discuss the current state of the market recovery with Hank Thomas, founder of Strategic Cyber Ventures.

We've got market questions, like:

• What has changed...
  Listen

Bots, Citrix, Mitre, Solarwinds, Naked Nudes, Scarlett, Aaran Leyland, and More News - SWN #339 from 2023-11-03T17:51

This week Dr. Doug talks: Bots, Citrix, Mitre, Solarwinds, Naked Nudes, Scarlett, and is joined by Aaran Leyland, on the Security Weekly News!

Visit Listen

Trustworthy AI for National Security - Kathleen Fisher - PSW #805 from 2023-11-02T21:00

AI/ML is providing significant benefits in a wide range of application domains but also provides adversaries with a new attack surface. Learn about DARPA's efforts to help evaluate AI/ML and wor...

How Security Tools Must Evolve - Dan Kuykendall - ASW #261 from 2023-11-01T21:35

The categories of security tools that we're most familiar with have struggled to keep up with how modern apps are designed and what modern devs need. What if instead of being beholden to categor...

Dr. Who, iLeakage, Canada, AI, Killnet, NuGet, More News and Jason Wood - SWN #338 from 2023-10-31T19:29

This week our own Dr. Doug talks: Dr. Who, iLeakage, Canada, AI, Killnet, NuGet, You might be a North Korean, Jason Wood, and more Spooky News on this Halloween edition of the Security Weekly Ne...

The Enterprise Browser for the Modern Workforce - Robert Shield - BSW #326 from 2023-10-31T09:00

As the workforce increasingly relies on the cloud, the browser has become a critical aspect of enterprise security. Employees now use browsers to access data and applications from various device...

Pumpkin Spice, VMWARE, RoundCube, Apple, Big-IP, Oktapus, Aaran Leyland and More - SWN #337 from 2023-10-27T21:33

This week Dr. Doug talks: Pumpkin Spice, VMWARE, Winter Vivern, RoundCube, Apple, Big-IP, Oktapus, is joined by an eight-armed Aaran Leyland, and More on the Security Weekly News!

Visit <...

Marco Genovese, Noriko Bouffard, Chad Cardenas - ESW #337 from 2023-10-27T21:00

In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's secur...

VSCode Vulnerabilities - Thomas Chauchefoin, Paul Gerste - PSW #804 from 2023-10-26T22:00

For the Security News, we officially welcome Bill Swearingen to our expert panel of PSW hosts, and discuss the news including hacking shenanigans, QNAP, recovering crypto currency, Android malwa...

OAuth, WebAuthn,&The Impact of Design Choices - Dan Moore - ASW #260 from 2023-10-24T21:00

We return to discussions of OAuth and all sorts of authentication. This time around we're looking at the design of authentication protocols, the kinds of trade-offs they weigh for adoption and s...

Goatse, Okta, Cisco, Ducktail, 0Auth, China, Spain, More News and Aaran Leyland. - SWN #336 from 2023-10-24T18:18

This week Dr. Doug bleats: Goatse, Okta, Cisco, Ducktail, 0Auth, China, Spain, More News and is joined by the woolly Aaran Leyland!

Visit Listen

Securing Edge Computing Use Cases by Aligning to Business Outcomes - Theresa Lanowitz, Scott Stout - BSW #325 from 2023-10-24T09:00

As the CISO role continues to transform from a technician to a risk manager, how do you secure emerging technologies, such as edge computing? By aligning to business objectives. In this segment,...

Shane Sims, Philippe Humeau - ESW #336 from 2023-10-20T21:00

Today we interview Shane Sims, CEO of Kivu Consulting. We'll be talking about the current state of cybercrime and insights from incidents his consulting firm has recently worked. We'll discuss s...

Skynet, India, North Korea, China, passwords, KeePass, Cisco, AI, Aaran Leyland, More - SWN #335 from 2023-10-20T17:37

This week Dr. Doug talks: Skynet, India, North Korea, China, passwords, KeePass, Cisco, AI, expert commentary from suspected Chicken Man accomplice Aaran Leyland, and More on the Security Weekly...

Meet the Cyber Mercenary Who Can Overthrow a Government - Chris Rock - PSW #803 from 2023-10-20T14:19

Chris Rock is a Cyber Mercenary who has worked in the Middle East, US and Asia for the last 30 years working for both government and private organizations. ˇHe is the Chief Information Security ...

OT Security - Huxley Barbee - ASW #259 from 2023-10-17T21:00

It's no surprise that OT security has fared poorly over the last 30+ years. To many appsec folks, these systems have uncommon programming languages, unfamiliar hardware, and brittle networking s...

Cisco, Juniper, AVOSLocker, NoEscape,Valve, FreedomGPT, More News,&Aaran Leyland - SWN #334 from 2023-10-17T17:12

This week in the Security News Dr. Doug talks: Cisco, Juniper, AVOSLocker, NoEscape, Valve, FreedomGPT, More News and Aaran Leyland.

Visit Listen

Companies should be hiring CISOs for their leadership talent - Jason Loomis - BSW #324 from 2023-10-17T09:00

Do we sound like a broken record? Leadership, communication, and risk management skills are key traits of the Chief Information Security Officer. But don't just take our word for it, Jason Loomi...

Trustworthy AI, ISW Interviews - Pamela Gupta - ESW #335 from 2023-10-13T21:00

The world of AI is exploding, as excitement about generative AI creates a gold rush. We've already seen a huge number of new GenAI-based startups, products, and features flooding the market and ...

Microsoft, SeroxenRAT, Smart Links, ToddyCAT, ShellBot, More News&Aaran Leyland - SWN #333 from 2023-10-13T18:32

This week Dr. Doug talks: Microsoft, SeroxenRAT, Smart Links, Vogons, ToddyCAT, ShellBot, Hidden servers, Aaran Leyland, and More on the Security Weekly News!

Visit Listen

Getting Started With Reverse Engineering Hardware - PSW #802 from 2023-10-12T21:00

In our first segment: the PSW hosts drop valuable insight on how to start your own journey into reverse engineering hardware!

Resources we mentioned:

• The Hardware Hackers Han...
  Listen

Shifting Focus to Make DevSecOps Successful - Janet Worthington - ASW #258 from 2023-10-11T21:00

What if all these recommendations to shift left were more about shifting focus? It's all too easy to become preoccupied with vulns, whether figuring out how to find them earlier in the SDLC or s...

23andMe, Facebook, GitHub's Secret Scanning, MGM Resorts, Grindr,&Jason Wood - SWN #332 from 2023-10-10T16:44

This week Aaran Leyland rants: about Google, 23andMe, Facebook, GitHub's Secret Scanning, MGM Resorts, Grindr, More News, and is joined by the notorious Jason Wood on the Security Weekly News! Listen

Digital Transformation Breaks Risk Management - Chris Morales - BSW #323 from 2023-10-10T09:00

CEOs and boards struggle with their digital transformation process. Does their operations hinder or align with business initiatives? Has their security operations scaled to meet the data and dig...

Feet, Google, Apple, Predator, r77, Qualcomm, qakbot, Deepfakes,&Aaran Leyland - SWN #331 from 2023-10-06T19:24

This week Dr. Doug talks: Feet, Google, Apple, Predator vs. Lemurs, r77, Qualcomm, qakbot, deepfakes, More News and with the exotic Aaran Leyland!

Visit Listen

Lessons From the Last Year's Breaches, ISW Interviews - ESW #334 from 2023-10-06T18:00

In this segment, we'll explore some of the most useful lessons and interesting insights to come out of the last year's worth of breaches and data leaks! We'll explain why we will NOT be covering...

Malware Trends - Anuj Soni - PSW #801 from 2023-10-05T22:44

Anuj joins us to discuss recent trends in malware. What are the malware authors up to lately? What are the latest techniques for reverse engineering malware? Learn about the latest tools and tec...

Creating Presentations and Training That Engage an Audience - Lina Lau - ASW #257 from 2023-10-03T21:00

Communication is a skill that doesn't appear on top 10 lists, rarely appears as a conference topic, and doesn't appear enough on job requirements. Yet communication is one of the critical ways t...

PKD, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA, More News, and Jason Wood - SWN #330 from 2023-10-03T17:22

This week Dr. Doug talks: Minority Report, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA, More News, and is joined by the illustrious Jason Wood!

Visit Listen

Risk Management in the Cloud Starts with Identities - Eric Kedrosky - BSW #322 from 2023-10-03T09:00

As we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just...

Golden SaaS Age, Edge Computing, Cisco/Splunk - Allie Mellen, Theresa Lanowitz, Yoni Shohet, Chris Goettl - ESW #333 from 2023-09-29T21:00

We ALL use SaaS. It has become ubiquitous in both our personal and professional lives. Somehow, the SaaS Security market has only recently began to emerge. Today's interview with Yoni Shohet, co...

NarcBots, Blacktech, ZenRat, Chrome, CISOs, Privacy, More News&Aaran Leyland - SWN #329 from 2023-09-29T17:22

This week Dr. Doug talks: NarcBots, Blacktech, ZenRat, Chrome, CISO Churn, lots of privacy issues, Aaran Leyland, will Dr. Doug drink the Y3K Special Edition Coke? And more on this edition of th...

The Right Skills For The Job - Kayla Williams - PSW #800 from 2023-09-28T21:00

This week, First up its the Security News: libwebp or die: we unravel some of the details behind the webp vulnerability first fixed by Apple and Google, then, hopefully by everyone else, attacke...

Supply Chain Security Security with Containers and CI/CD Systems - Kirsten Newcomer - #ASW 256 from 2023-09-26T21:00

Supply chain has been a hot topic for a few years now, but so many things we need to do for a secure supply chain aren't new at all. We'll cover SBOMs, vuln management, and putting together a se...

Y3000, Sandman, ShadowSyndicate, MoveIt, Apple, Predator, More News, and Jason Wood - SWN #328 from 2023-09-26T17:13

This week Dr. Doug talks: The Year 3000, Sandman, ShadowSyndicate, National Student Clearing House, Apple, Predator, Xenomorph, Mixin, More News, and Jason Wood on the Security Weekly News.

Human Risk Management at Western Governors University - Jake Wilson - BSW #321 from 2023-09-26T09:00

In this episode, we interview Jake Wilson, Western Governor University's Security Awareness Evangelist. We'll learn about how he built up and matured WGU's security awareness program, eliminatin...

2024 Security Planning, Better Tabletop Exercises - Merritt Maxim, Ryan Fried - ESW #332 from 2023-09-22T21:00

Forrester Research releases a few annual reoccurring cybersecurity reports, but one of the biggest that covers the most ground is the Security Risk Planning Guide, which was recently released fo...

Passkeys, bots, hotels, conning the con, TrendMicro, Pizza&Aaran Leyland - SWN #327 from 2023-09-22T17:37

This week on the Security Weekly News: Passkeys, bots, hotels, conning the con, TrendMicro, Pizza, Aaran Leyland, & more!

Visit Listen

AI Attacks and LLM Security Matters - Nathan Hamiel - PSW #799 from 2023-09-21T21:00

Nathan comes on the show to discuss LLMs, such as ChatGPT, the issues we face today and in the future. Learn about prompt injection attacks, jailbreaking, LLMs for threat actors, and more!

Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255 from 2023-09-19T21:00

The majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based...

Cyberdog, Pegasus, Webex, Peach Sandstorm, SAP, Caesar, Penn, Aaran Leyland, and More - SWN #325 from 2023-09-19T18:08

This week Dr. Doug talks: Cyberdog, Pegasus, Webex, Peach Sandstorm, SAP, Caesar, Penn State, Aaran Leyland, and More News on this edition of the Security Weekly News.

Visit Listen

SprySocks, Lazarus, Fortinet, Juniper, CISA, AI Art, More News,&Jason Wood - SWN #326 from 2023-09-19T18:08

This week Dr. Doug talks: SprySocks, Lazarus, Fortinet, Juniper, CISA, Transparent Tribe, AI Art, More News, and Jason Wood on the Security Weekly News.

Visit Listen

2023 AT&T Cybersecurity Insights Report: Edge Ecosystem - Theresa Lanowitz, Steve Winterfeld - BSW #320 from 2023-09-18T20:50

Organizations still struggle with DDoS, ransomware, and personal information exfiltration. In order the prevent these attacks, we first need to understand the ‘types’ of DDoS and emerging threat...

MDR&Self Sabotage, Detection Difficulty - Jason Lassourreille, Chris Sanders - ESW #331 from 2023-09-15T21:00

Discussing ways to ensure client success with MDR and discuss the ways organizations hurt MDR efficacy with overly broad global exclusions, poor deployment practices, and poor policy hygiene. Th...

Ransomware Infection Vectors - Ryan Chapman - PSW #798 from 2023-09-14T21:00

Ryan has his finger on the pulse of ransomware and response. We discuss how the initial infections are occurring, how they've changed over time, and where they are going in the future!

Se...

Building a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254 from 2023-09-12T21:00

Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security proj...

Mopria, Cisco, Seimens , Word, DarkGate, AP Stylebook, More News,&Jason Wood - SWN #324 from 2023-09-12T17:12

This week Dr. Doug talks: Mopria, Cisco, Seimens and Schneider, Word, AP Stylebook, DarkGate, GitHub, Chrome, More News, and Jason Wood on the Security Weekly News.

Visit Listen

Identity is the Perimeter, The Secrets of Top Performing CISOs - Jeff Reich - BSW #319 from 2023-09-11T19:58

Managing identities continues to add complexity for granting access to enterprise resources. Between the increasing number and expanding types of identities, including carbon-based, silicon-base...

The one in which Doug interviews Chat GPT - SWN Vault from 2023-09-08T16:00

Doug talks with Chat GPT in an interview format just to see what having a conversation with the AI is like. It even gets around to asking Chat GPT the famous six questions from Paul's Security W...

Why Data Privacy is Being Overhauled in 2023 - Dan Frechtling - ESW Vault from 2023-09-07T16:00

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on November 18, 2022. This segment will focus on (1) Why Did Sephora ...

Interview with Dr. Gene Spafford - Eugene Spafford - PSW Vault from 2023-09-06T21:00

Check out this interview from the PSW Vault, hand picked by main host Paul Asadoorian! This segment was originally published on February 4, 2013. Dr. Spafford is one of the senior, most recogniz...

Quantum Computing - SWN Vault from 2023-09-05T16:00

Check out this interview from the SDL Vault, hand picked by main host Doug White! This segment was originally published on January 22, 2019. Today, we begin the journey to the quantum realm on S...

Broadening What We Call AppSec - Christien Rioux - ASW Vault from 2023-09-05T09:00

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on January 10, 2022. There's an understandable focus on "shift left" in mo...

The Nine Cybersecurity Habits - George Finney - BSW Vault from 2023-09-04T09:00

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on March 15, 2021. In 1989, Stephen Covey first published "The 7 Habits...

Simplify Your Audit Process, News, BlackHat Interviews - Tomer Bar, Raghu Nandakumara, Erik Huckle - ESW #330 from 2023-09-01T21:00

Having direct visibility into your access data is crucial for two reasons: 1. Simplifying audit preparation and 2. Managing progress of your identity program to ensure peak performance. Internal...

AI cars, Sandstorm, BGP, Earth Estries, DOE, Aria, Aaran Leyland and More - SWN #323 from 2023-09-01T17:18:32

This week Dr. Doug talks: AI vs. Hunter Thompson, Sandstorm, BGP, Earth Estries, DOE, VMWare Aria, Key Group, DSA, Aaran Leyland, and More on this edition of the Security Weekly News.

Vis...

Incident Response: Clouds, SMBs,&More! - Amanda Berlin - PSW #797 from 2023-08-31T21:00

Amanda joins us to discuss aspects of incident response, including how to get the right data to support findings related to an incident, SMB challenges, cloud event logging, and more! Amanda wor...

How Can Security Be Smart About Using AI? - Jeff Pollard - ASW #253 from 2023-08-29T21:00

We go deep on LLMs and generative AIs to shine a light on areas that security leaders should focus on. There are technical concerns like prompt injection and access controls, and privacy concern...

Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, Jason Wood - SWN #322 from 2023-08-29T17:10:59

This week Dr. Doug rants: Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, More News, and Jason Wood on the Security Weekly News.

Visit Listen

The Art&Science of Metawar - Winn Schwartau - BSW #318 from 2023-08-29T13:39

The metaverse is an evolving storytelling environment in which humans have congregated for millennia to experience alternate, immersive, and simulated realities, with or without technology. Stor...

Tackling the Perennial Problem of Device Management, News, BlackHat Interviews - Jason Meller - ESW #329 from 2023-08-25T21:00

Incredibly, the seemingly simple task of managing corporate-owned devices is still a struggle for most organizations in 2023. Maybe best MDM for Mac doesn't work with Windows, or the best MDM fo...

Openfire, Firepower, Barracuda, CosmicBeetle, Encryption, Aaran Leyland,&More - SWN #321 from 2023-08-25T18:00

This week in the Security News Dr. Doug talks: Openfire, Firepower, Barracuda, CosmicBeetle, Lazarus, Encryption, Network Tourism, India's on the Moon, Aaran Leyland, and More on this edition of...

Managing Bug Bounty Programs At Scale - Dr. Jared DeMott - PSW #796 from 2023-08-24T21:00

Jared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The scale is massive and I think we can all learn a...

Security in a Cloud Native World&Mobile App Attacks - ASW #252 from 2023-08-22T21:00

Two featured interviews from this year's Black Hat. In the news, Discord.io ceases to be, Azure AD breach to get scrutiny from the CSRB, Zoom's AI stumbles show security concerns, model confusio...

Cold Fusion, EncroChat, Apple Device Spoofing, Tesla Breach, Jason Wood&More - SWN #320 from 2023-08-22T18:00

This week Aaran Leyland subs in to discuss: Cold Fusion Flaw, EncroChat, sneaky Amazon and Google, Spoofing Apple devices, Telsa data breach, Space and Jason Wood on this episode of the Security...

Security Money&BlackHat Interviews - BSW #317 from 2023-08-22T09:00

The Security Weekly 25 Index is still trying to recover. Inflation fears have tampered the recovery and the NASDAQ is outperforming the Index. Fastly replaces Sumo Logic in the Index and Thoma B...

News and Interviews from BlackHat 2023 - ESW #328 from 2023-08-18T21:00

In the Enterprise Security News, 1. Check Point buys Perimeter 81 to augment its cybersecurity 2. 2023 Layoff Tracker: SecureWorks Cuts 300 Jobs 3. Hackers Rig Casino Card-Shuffling Machines for...

Dilithium, Africa, Suse, Citrix, QR, AI,&More News - SWN #319 from 2023-08-18T18:00

This week Dr. Doug talks: Elon Throttling, Dilithium, Africa, Suse, Citrix, QR Codes, AI Meetings, and More on this edition of the Security Weekly News.

Visit Listen

Defending Public Infrastructure While At War - Antranig Vartanian - PSW #795 from 2023-08-18T14:29:52

The 2020 Armenian war with Azerbaijan called into action over 100 volunteer incident responders from across the country (and the globe) into action. Our guest for this segment was one of the lea...

DEFCON, ScrutisWeb, DoubleDrive, GitHub, npms, AI Cheating, More news, and Jason Wood - SWN #318 from 2023-08-15T18:00

This week in the Security News, Dr. Doug talks: DEFCON, ScrutisWeb, DoubleDrive, GitHub, npms, AI Cheating advice, More news and Jason Wood

Visit Listen

CISO in Crisis, but Will the SEC Regulations Make a Difference and New NIST CSF Draft - BSW #316 from 2023-08-15T17:00

In the leadership and communications section, CISO is Crisis, Will SEC Cybersecurity Regulations Make a Difference?, NIST Drafts Major Update to Its Widely Used Cybersecurity Framework, and more...

Pointers and Perils for Presentations - Josh Goldberg - ASW #251 from 2023-08-15T16:52:08

A key part of modern appsec is communication. From interpersonal skills for fostering collaborations to presentation skills for delivering a message, the ability to tell a story and engage an au...

Black Hat Startup Spotlight Finalists - Alex Matrosov, Ian Amit - ESW #327 from 2023-08-11T21:00

Binarly is one of only a few startups focused on highlighting security issues in firmware. The company has discovered a remarkable number of vulnerabilities in firmware in a very short time. Its...

Creepy AI, Codesys, Kyber768, .Net, Gootloader, DARPA, EvilProxy, Aaran Leyland - SWN #317 from 2023-08-11T18:00

This week: Dr. Doug talks Creepy AI, Codesys, Kyber768, .net, Gootloader, DARPA, EvilProxy, Aaran Leyland, and More on this edition of the Security Weekly News.

Visit Listen

Incident Response Readiness - Gerard Johansen - PSW #794 from 2023-08-10T21:00

Just how prepared are you for the next cybersecurity incident? Depending on the definition, security incidents likely happen daily at most enterprises. Because we can't prevent everything, the k...

You've Got Appsec, But Do You Have ArchSec? - Merritt Baer - ASW #250 from 2023-08-08T21:00

Mature shops should be looking to a security architecture process to help scale their systems and embrace security by design. We talk about what it means to create a security architecture proces...

BilDad, points.com, Papercut, Prospect , SMS, Microsoft, DAAS, Jason Wood, and More - SWN #316 from 2023-08-08T18:00

This week in the Security News, Dr. Doug talks: BilDad the Shuhite, Points.com, Papercut, Prospect Medical, SMS, Microsoft, DAAS, Chatbots, More News, and Jason Wood. 

Visit Listen

Deciphering The National Cyber Workforce and Education Strategy - Dr. José-Marie Griffiths - BSW #315 from 2023-08-08T09:00

On July 31st, 2023, the Biden administration released a national strategy addressing cyber workforce shortages, calling long-standing vacancies a national security imperative. The National Cyber...

Surging Email Impersonation Threats, Creating Online Kids' Safety Community - Fareedah Shaheed, John Wilson - ESW #326 from 2023-08-04T20:00

While malware and ransomware tend to dominate cybersecurity headlines, Fortra’s research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malwa...

Midnight Blizzard, Cult of the Dead Cow, Five Eyes, Aaran Leyland, and More News - SWN #315 from 2023-08-04T18:00

Midnight Blizzard, Citrix, Bloodhound, Five Eyes, Canon, Cult of the Dead Cow, AI Shopping, Aaran Leyland, and More on this edition of the Security Weekly News.

Visit https://www.security...

Incident Response Stories - Bill Swearingen - PSW #793 from 2023-08-03T21:00

Our good friend Bill Swearingen joins us to talk about some of the incident response work he's been doing lately. Many people have it wrong, you don't need to be a cybersecurity ninja to respond...

Identity and Verifiable Credentials in Cars - Eve Maler - ASW #249 from 2023-08-01T21:00

Identity isn't new, but we do have new ways of presenting and protecting identity with things like payment wallets and verifiable credentials. But we also have identity in surprising places -- l...

Throbbing Elon, China, Dragos, Ransomware, Tomcat, Ivanti, Jason Wood and More - SWN #314 from 2023-08-01T18:00

This week in the Security News: Throbbing Gristle, China, Dragos, Ransomware, Tomcat, Ivanti, Radio Radio, My Mother the Car, Jason Wood, and More! 

Visit Listen

How to Effectively Embrace and Protect Generative AI Tools, Models,&Data - Randy Lariar - BSW #314 from 2023-08-01T16:08:13

Some organizations are banning ChatGPT and other generative AI models out of fear of the risks they could introduce. While this is understandable, the reality is generative AI is accelerating so...

Post-Breach: The Hardening Continues - Sean Metcalf - PSW #792 from 2023-08-01T13:57

Once an incident has occurred and you've responded, then what? Join us for a chat with Sean Metcalf on what we can do to ensure our infrastructure remains resilient after a security incident. Se...

Rethinking the CISO Model, Edge Ecosystem Insights - Nathan Case, Theresa Lanowitz - ESW #325 from 2023-07-28T21:00

The traditional concept of the CISO may literally be 'too much', according to Nathan Case. It's based on systems of control and unrealistic assumptions that don't survive contact with real life....

GameOver(lay), ZenBleed, Maximus, Redline, the SEC, More News&Aaran Leyland - SWN #313 from 2023-07-28T18:00

GameOver(lay), ZenBleed, Maximus, Redline and others, the SEC, SiegedSec, Microsoft, Aaran Leyland, and More on the Security Weekly News.

Visit Listen

Navigating the Complexities of Development to Create Secure APIs - Kristen Bell - ASW #248 from 2023-07-25T21:00

Appsec teams and developers must both understand the consequences of what they're doing when building APIs. Appsec teams need to push for collaboration and help implement tools that augment the ...

Improving Diversity and Accessibility in Cybersecurity - Laurie Salvail - BSW #313 from 2023-07-25T09:00

CYBER.ORG, in partnership with CISA, is helping create a diverse cyber workforce by breaking down the barriers to cybersecurity education by improving access for all K-12 students nationwide. CY...

Citrix, Ivanti, DOJ changes, Elon X, TETRA Radio, Google WEI, Jason Wood, and More - SWN #312 from 2023-07-25T00:00

Citrix, Ivanti, DOJ changes, Elon X, TETRA Radio, Google WEI, Jason Wood, and More on the Security Weekly News.

Visit https://www.securitywee...

Enhancing Enterprise Security UX: Embracing Zero-ish Trust - Ryan Fried, Juliet Okafor - ESW #324 from 2023-07-21T21:00

Today, we talk to Juliet about what's wrong with security programs today and what security leaders should be doing to fix them. We'll discuss how security programs can look rosy... until the inc...

AirGaps, Slackware, Mitnick, Awareness, Microsoft, Bad API, Aaran Leyland and More - SWN #311 from 2023-07-21T18:00

AirGaps, Slackware, Kevin Mitnick, Awareness, Microsoft, Bad API, JumpCloud, Megarac, Aaran Leyland, and More on the Security Weekly News.

Visit Listen

Security Certification - Rohit Misuriya, Sumit Siddharth - PSW #791 from 2023-07-20T21:00

This week, up first is the Security News: Microsoft lost its keys, LOL drivers, If you were the CSO, try to keep employees happy but remove their accounts when they leave, gaming device finds a ...

Brian Glas - ASW #247 from 2023-07-18T21:00

While much has been written and argued about the security of election systems - the things that do the actual ballot counting - there's other systems that have to be in place and secured before ...

Scotty in Hell, CISA, S3, White House,Microsoft, Mali, Jason Wood and More - SWN #310 from 2023-07-18T18:00

Scotty in Hell, CISA, S3, the White House, Risky Devices, Microsoft, Mali, Virus Total, Jason Wood, and More on the Security Weekly News.

Visit Listen

Say Easy, Do Hard - BSW #312 from 2023-07-18T09:00

Less than 50% of the Fortune 500 have a Chief Information Security Officer (CISO) or Chief Security Officer (CSO) listed on their executive team. Why is that? Is this role not considered an exec...

SIEM Rules - Eric Capuano, Tim MalcomVetter - ESW #323 from 2023-07-14T21:00

InfoSec might have a hoarding problem, but it’s easy to understand why. It’s almost impossible to know what logs you’re doing to need, when you’re going to need them, or for what reason. SIEM ve...

Microsoft, Zimbra, Rockwell, Joe Biden, Tax Software, Black Mirror, and Aaran Leyland - SWN #309 from 2023-07-14T18:00

Microsoft, Zimbra, Rockwell, Joe Biden, Tax Software, Black Mirror, Aaran Leyland, and More on the Security Weekly News.

Visit https://www.se...

Getting Control Of Your Security Data Pipeline - JP Bourget - PSW #790 from 2023-07-13T21:00

Getting the correct data in the right place for incident response is challenging. JP comes on the show to talk about how he is helping companies with these challenges, getting control of the sec...

Software Trust&Adversaries, Developer-Focused Security - Shannon Lietz, Melinda Marks - ASW #246 from 2023-07-11T20:11:05

Infosec is still figuring out useful metrics, how to talk about risk, and how to make resilience more relevant. Shannon talks about a new community effort to measure software trust. She also cov...

Hairy Tongue, MoveIt redux, HCA, Apple, Threads, Jason Wood, and More on SWN - SWN #308 from 2023-07-11T18:00

Green, Hairy Tongue, MoveIt redux, HCA, Apple, Threads, Jason Wood, and More on the Security Weekly News.

Visit https://www.securityweekly.co...

The Golden Age of Email Security - Jess Burn - BSW #311 from 2023-07-11T09:00

A golden age is a time of great achievement in a society or industry — a time of innovation and the furthering of new ideas via new mediums or technological advancements. Email security is now e...

AI Bots - SWN Vault from 2023-07-07T09:00

Robots have always had a kind of scaling from very mechanical to autonomous devices that are self aware. On this episode of SDL, Russ and Doug discuss AI, how bots work, and botnets in general.<...

Zero to Full Domain Admin: The Real-World Story of a Ransomware Attack - Joseph Carson - ESW Vault from 2023-07-06T09:00

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on August 11, 2022.

Following in the footsteps of an attacker ...

The Psychology of Training - Matias Madou - ASW Vault from 2023-07-05T18:33

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on May 23, 2022.

Developers want bug-free code -- it frees up their...

Thoughts From A Security Legend - Dan Geer - PSW Vault from 2023-07-05T17:54

Welcome to another edition of a Paul's Security Weekly Vault episode! This episode was previously recorded on April 5, 2012 and features an interview with none other than Dan Geer. Unfortunately...

Killer Robots - SDL - SWN Vault from 2023-07-04T09:00

AI, machines, and killer robots, oh my! Elon Musk and 116 people sent a letter to the UN asking that Autonomous Weapons be banned.

Visit Listen

Russian Satellites, Cl0p, CISA, YouTube, ArcServ, EarlyRat, Aaran Leyland,&More - SWN #307 from 2023-07-03T17:33:35

This week in the Security News, Dr. Doug talks: Russian Satellites, Cl0p, CISA, YouTube, ArcServ, EarlyRat, Aaran Leyland, and More on this edition of the Security Weekly News!

Visit Listen

The Fifth Domain - Richard Clarke - BSW Vault from 2023-07-03T09:00

This week, we welcome Dick Clarke to discuss his new book, The Fifth Domain, and the need for cyber resilience, especially these days! In the Leadership and Communications segment, 4 Behaviors T...

Unveiling DSPM&the Future of Cloud Data Security: State of IoT in 2023 - Dan Benjamin, Paddy Harrington - ESW #322 from 2023-06-30T21:00

Securing data is hard. Business stops when data flows are hindered, stopped, sometimes even slowed. Placing controls around data traditionally leads to more friction and less productivity. Can i...

Adversary Emulation w/ Carlos Perez - PSW #789 from 2023-06-29T21:00

In this segment we welcome Carlos Perez back to the show! Carlos will discuss the different types of penetration testing, including adversary emulation, and a cool method we can use to cover our...

Latest Web Vulnerability Trends&Best Practices - Patrick Vandenberg - ASW #245 from 2023-06-28T21:04:38

Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vul...

Win 3.1, Fortinet, Women in Cyber, Teams, IOS, Mockingjay, Jason Wood and More - SWN #306 from 2023-06-28T21:03:25

This week in the Security News, Dr. Doug talks: Win 3.1, Fortinet, Women in Cyber nominations, Teams, IOS, Mockingjay, Jason Wood and More!

Visit Listen

Vendor Consolidation, CISO Burnout Prevention&Maximizing Leadership Potential - Shawn Surber - BSW #310 from 2023-06-27T09:00

In a tight economy, security budgets have been under scrutiny. Vendor consolidation strategies are real, but what are the pros and cons of this strategy? Shawn Surber from Tanium joins us to dis...

Penetration Testing Stories w/ Emilie St-Pierre - PSW #788 from 2023-06-22T21:00

Emilie comes on the show to talk about penetration testing and share her knowledge and stories! In the Security News: There is no national cyber director, time to move away from MoveIT, update M...

How Good CISOs Build Bad Security Programs - Juliet Okafor - ESW Vault from 2023-06-22T16:40:57

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 29, 2021.

No Man is an Island. Neither c...

Policy Momentum in Coordinated Vulnerability Disclosure - Amit Elazari - ASW Vault from 2023-06-20T16:16:19

Security is one of the most evolving and impactful landscapes in the regulatory sphere. Proposed initiatives in the areas of Incident Response, Software and Product Assurance, Coordinated Vulner...

The 4 C's of Leadership with Michael Santarcangelo - BSW Vault from 2023-06-19T16:00

Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on October 12, 2020. 

We go off script. Michael Santarc...

Downer News Week - Andrew Mundell, Daniel Corbett - ESW #321 from 2023-06-16T21:00

The WAF has a relatively long history with InfoSec. A few years back, we saw the traditional architecture separated by new technologies and philosophies on the best way to detect and stop web-bo...

Killer Robots, ESXI, Lockbit, MoveIt, CISA, SEC, Texas, Aaran Leyland,&More - SWN #305 from 2023-06-16T18:35:17

This week Dr. Doug talks: Killer Robots, ESXI, Lockbit, MoveIt, CISA, SEC, Texas, Aaran Leyland, and More on this edition of the Security Weekly News.

Visit Listen

Enhancing Security: App Modernization, Identity Orchestration,&Big IAM Challenge - Eric Olden - ASW #244 from 2023-06-14T21:00

Eric Olden, CEO and Co-Founder of Strata Identity, discusses the concept of Identity Orchestration. He covers the evolving identity landscape and how it has evolved to keep pace with modern apps...

Interview with Bill Cheswick - PSW VAULT from 2023-06-14T18:10:03

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on April 9, 2013.

Bill Cheswick logged into his first...

Mad Dogs&Paper Clips, Fortinet, MoveIt, BatCloak, More News,&Jason Wood - SWN #304 from 2023-06-13T18:40:08

This week Dr. Doug talks: Mad dogs and paper clips, Fortinet, MoveIt, BatCloak, China, More News, and Jason Wood on this edition of the Security Weekly News.

Visit Listen

Where is the Human in Your Risk Management Program? - Ashley Rose - BSW #309 from 2023-06-12T22:05:49

The Gartner definition of integrated risk management is a set of practices and processes supported by a risk-aware culture and enabling technologies, that improves decision making and performanc...

Phrenology, Barracuda, MoveIt, Lazarus, Minecraft, ChatGPT, Adrian Sanabria,&More - SWN #303 from 2023-06-09T19:00:32

Phrenology, Barracuda, MoveIt, Lazarus, Minecraft, ChatGPT, Adrian Sanabria, and More on this edition of the Security Weekly News.

 Visit htt...

Daniel Miessler, Alex Babin - ESW #320 from 2023-06-08T23:45:58

This is the first interview in a two-part AI special! First up, we talk with Daniel Miessler, who has been following the generative AI trend very closely and is one of the most prolific writers ...

L0pht Heavy Industries Panel - PSW Vault from 2023-06-07T15:47:09

Check out this interview from the PSW VAULT, hand picked by main host Paul Asadoorian! This segment was originally published on October 18, 2015. L0pht Heavy Industries was a hacker collective a...

AI, Kimsuky, SMBs, MoveIt, Gigabyte, Splunk, Chrome, more news,&Jason Wood - SWN #302 from 2023-06-06T18:04:22

Ducking AI, Kimsuky redux, SMB signing, MoveIt, Gigabyte, Splunk, Chrome Extensions, AI, Jason Wood and more on this edition of the Security Weekly News.

Visit Listen

New AI Algorithm Regulations Coming: Will Yours Pass Government Scrutiny? - Mike O'Malley - BSW #308 from 2023-06-06T15:29:08

The American Data Privacy and Protection Act introduces oversight of how companies handle the data they collect and process from U.S. citizens, including AI algorithms used to uncover insights t...

What's the Deal with API Security? - Sandy Carielli - ASW #243 from 2023-06-06T13:41:51

Walking the show floor at RSA Conference, you couldn't trip without falling into an application security vendor booth ... and API security specialists were especially plentiful. Join Forrester P...

Crazy Chronicles: Hilarious Penetration Tester Stories&Unbelievable Security News - PSW #787 from 2023-06-02T17:25:57

Penetration Tester stories, dumb and funny stuff that's crazier than movies.

Segment Resources:
https://www.cyberpointllc.com/index.php
https://www.cyberpointllc.com/srt.php Listen

What We've Learned From Interviewing Cybercriminals - Adam Janofsky - ESW Vault from 2023-06-01T16:58:39

Check out this interview from the ESW VAULT, hand picked by main host Adrian Sanabria! This segment was originally published on October 21, 2021.

The Record has published several intervie...

Career Ladders In Information Security - Marc French - BSW Vault from 2023-05-31T16:56:40

Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020. 

Marc French has more than 25 years of technolo...

Doing Application Security Right - Farshad Abasi - ASW VAULT from 2023-05-29T16:00

Check out this interview from the ASW VAULT, hand picked by main host Mike Shema! This segment was originally published on March 14, 2022.

Cybersecurity is a large and often complex domai...

SWN #301 - Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou , Aaran Leyland, and More from 2023-05-26T19:50:56

Ferret Legging, Elon's Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou (and that's not just the Molly talking), Aaran Leyland, and More on this episode of the Security Weekly News. Listen

ESW #319 - Amitai Ratzon, Steve Ragan, Deepika Chauhan, Thomas Kinsella, Jon Check from 2023-05-26T00:44:45

On this edition of the ESW news, we're all over the place! Funding and acquisitions are a little sad right now, but AI and TikTok bans raise our spirits. The hosts are split on feelings about th...

Generative AI Security Implications - Liam Mayron - PSW #786 from 2023-05-25T20:20:58

Liam Mayron from Fastly comes on the show to talk about his unique path into information security, the security implications of generative AI, advances in technologies to protect web application...

SWN #300 - Space, Naughty Cell Phones, HP, ASUS, Meta, Google, Gil Kirkpatrick and more from 2023-05-23T17:28:33

Space, the final frontier, Naughty Cell Phones, HP, ASUS, Meta, Google, Gil Kirkpatrick, and more on this edition of the Security Weekly News.

Segment Resources:

  Listen

ASW #242 - Ten Things I Hate About Lists from 2023-05-23T16:14:53

The OWASP Top 10 dates back to 2003, when appsec was just settling on terms like cross-site scripting and SQL injection. It's a list that everyone knows about and everyone talks about. But is it...

BSW #307 - Matt Radolec from 2023-05-22T23:17:37

You can rebuild infrastructure. But you can’t un-breach data – Data sits at the core of an organization and is often the most open and vulnerable. This is why data security is the most important...

SWN #299 - Wemo Vulnerability, EXSI Threats, Critical Cisco Flaws, IAM, Malware, and More from 2023-05-19T17:06:52

$10M reward, a serious wemo vulnerability, EXSI threats, critical Cisco flaws, millions of smart phones with preinstalled malware and Bill Brenner

Visit Listen

ESW #318 - Mickey Bresman, Dave Merkel, Michaël Lakhal, Ashley Leonard, Jason Rolleston, Eve Maler from 2023-05-18T23:13:05

This week, we discuss fundings, acquisitions (TWO DSPM exits!), the ongoing market downturn/weirdness, and surprise - LLM-based AIs! We spend a fair amount of time talking about the importance o...

PSW #785 - Kevin Johnson from 2023-05-18T19:18:31

Kevin Johnson joins us to discuss pen testing, automated testing, why AI testing is not pen testing!

In the security news: How AI Knows Things No One Told It, Dragos Employee Get...

SWN #298 - ChatGPT, PentestGPT, BurpGPT, Cyber Resilience Act's Poison Pill&Malicious Actors from 2023-05-16T19:22:59

This week in the Security News, Aaran Leyland joins remotely to dish out the latest news: Cyber Resilience Act contains a poison pill, a powerful backdoor, Malicious Actors and Jason Wood - Valu...

ASW #241 - Asaf Ashkenazi, Chris Eng, Jeff Martin from 2023-05-16T17:17:08

What happens to an app's security after six months? What about a year or two years? A Secure SDLC needs to maintain security throughout an app's lifetime, but too often the rate of new flaws can...

BSW #306 - Mayeuresh Ektare, Molly McLain Sterling, Lenny Zeltser from 2023-05-15T21:20:54

Medtronic's Security Ambassador program has seen tremendous growth and engagement in recent years. Learn how they gave their program a shot of adrenaline and haven't looked back since.

 <...

SWN #297 - Terminators, Joe Sullivan, Dragos, ESXi, Microsoft, Greatness, Jessica Davis and More from 2023-05-12T18:17:44

Singing Terminators, Gmail, Joe Sullivan, Dragos, ESXi, Microsoft, Greatness, Jessica Davis, and More on this episode of the Security Weekly News.

Visit Listen

ESW #317 - Brian Kenyon, Rhett Dillingham, Antonio Sanchez, Deepen Desai from 2023-05-12T14:52:36

We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference thi...

PSW #784 - Paula Januszkiewicz from 2023-05-11T16:18

In this talk, Paula Januszkiewicz, renowned cybersecurity expert with years of experience in the field, shares her insights on critical tasks that must be included in any successful penetration ...

SWN #296 - Chat GPT, QR codes, Boot Guard, Akira, SuperCare, Jason Wood, and More News from 2023-05-09T19:46:29

Poisonous Parsley and Chat GPT, QR codes, Boot Guard, Akira, Wanted Posters, SuperCare, VPNS, Jason Wood, and more on this edition of the Security Weekly News.

Visit Listen

ASW #240 - Kelly Shortridge, Eric Fourrier, Richard Yew from 2023-05-09T15:24:07

What does software resilience mean? Why is status quo application security unfit for the modern era of software? How can we move from security theater to security chaos engineering? This segment...

BSW #305 - Alla Valente, Joe Payne, Jim Broome, Cody Scott from 2023-05-08T23:09:44

Each year, Forrester tracks the top systemic risks — external events that impact your firm and customers but are out of your control — facing organizations. The impacts of climate change are bot...

SWN #295 - Kimsuky, WinRAR, Microsoft, AI, Siemens, Apple, Aaran Leyland and more from 2023-05-05T17:31:36

St. Alban's Day, Kimsuky, WinRAR, Microsoft, fake AI, Siemens, Apple, and More on this episode of the Security Weekly News.

Visit ht...

ESW #316 - Theresa Lanowitz, Vinay Anand, Christopher Kruegel, Geoff Bibby, Randy Watkins, Nick Biasini from 2023-05-05T17:08:31

This week, we start with the news: 2 weeks of news to catch up on! 16 funding stories, 4 M&A stories, Cybereason prunes its valuation… a lot, First Republic Bank seized by FDIC, Ransomware is ir...

PSW #783 - Rob Fuller from 2023-05-04T06:46:39

Rob "Mubix" Fuller comes on the show to talk about penetration testing, what's changed over the years? He'll also discuss "Jurassic Malware" and creating games in your BIOS.

This...

SWN #294 - Pornhub, LobShot, TMobile, lawsuits, CISA, CERN, AI, Jason Wood, and More from 2023-05-02T19:23:36

Pornhub, LobShot, TMobile, lawsuits, CISA, CERN, AI, Jason Wood, and more on this edition of the Security Weekly News.

Visit https:/...

ASW #239 - Patrick Vandenberg, Karl Triebes, Francesco Cipollone from 2023-05-02T16:33:38

Application security is messy and is getting messier. Modern application security teams are struggling to identify what's more important to fix. Cloud security and application security is gettin...

BSW #304 - Kunal Anand, John Grancarich from 2023-05-01T23:27:43

This week, it's time for Security Money. We recap Q1 2023 with the latest financial results, funding announcements, and layoffs. Don't miss this quarterly update. At the market close on April 28...

SWN #293 - Github, FIN7, Banks, Minecraft, Qualcomm, TenCent, BlueSky, Derek Johnson, and More from 2023-04-28T17:00:46

Github, FIN7, Banks, Minecraft, Google Authenticator, Qualcomm, TenCent, BlueSky, Derek Johnson talks about China and More on this episode of the Security Weekly News.

Visit Listen

PSW #782 - Kaitlyn Handelman from 2023-04-27T02:06:19

STM32 boards, soldering, decapping chips, RTOS development, lasers, multiple flippers and for what you ask? So I can be alerted about a device I already know is there. The Flipper Zero attracted...

SWN #292 - Mark Twain, TP Link, Intel, Papercut, Rustbucket, SolarWinds, Jason Wood, and More from 2023-04-25T22:27:29

Teenage Mutant Ninja Hackers, Mark Twain, TP-Link, Intel, Papercut, Rustbucket, Solarwinds, Blue Check Marks, Jason Wood, and more on this edition of the Security Weekly News.

Vi...

ASW #238 - Jeff Moss from 2023-04-25T22:26:43

Jeff Moss shares some of history of DEF CON, from CFPs to Codes of Conduct, and what makes it a hacker conference. We also discuss the role of hackers and researchers in representing users withi...

BSW #303 - Say Easy, Do Hard - Closing the Skills Gap from 2023-04-24T09:00

We talk a lot about closing the skills gap, but it's harder said than done. So we thought we'd tackle the problem in our 2nd episode os Say Easy, Do Hard. Part 1 will discuss the skills needed, ...

SWN #291 - Clop, EvalPhP, VMWare, Google, Fancy Bear, Routers, 3CX, Aaran Leyland, and More from 2023-04-21T18:07:35

Elon, Clop, EvalPhP, VMWare, Google, Fancy Bear, Routers, 3CX, Aaran Leyland, and More on this episode of the Security Weekly News.

Visit Listen

ESW #314 - Ernie Bio, Sandy Carielli from 2023-04-21T17:49:01

Discuss observations and trends across the venture capital ecosystem as it pertains to cybersecurity. This will include a re-cap in how 2022 ended, what we saw in Q12023, and what we expect from...

ESW #315 - Matt Johansen, Kayla Lee, Vadim Lyubashevsky from 2023-04-21T09:00

Quantum computing is a rapidly emerging technology that harnesses the laws of quantum mechanics to solve problems that today’s most powerful supercomputers cannot practically solve. IBM's Dr. Ka...

PSW #781 - Ivan Arce from 2023-04-20T16:52:21

We will talk about Supply chain security, the TPM 2.0 vulnerabilities recently discovered by a Quarkslab researcher, bugs in reference implementations, vulnerability disclosure and perhaps vario...

BSW #302 - Aviv Grafi from 2023-04-19T09:00

Securing the business can often come at a cost of employee productivity, but it doesn’t have to be this way. Especially in today’s economic climate, the security team cannot be seen as a blocker...

ASW #237 - Ben Sadeghipour from 2023-04-18T21:53:35

We talk with Ben about the rewards, hazards, and fun of bug bounty programs. Then we find out different ways to build successful and welcoming communities. A new deps.dev API for supply chain en...

SWN #290 - Sisyphus and Elon, Action1, CyberInsurance, CISA, LockBit, AI, more News&Jason Wood from 2023-04-18T19:08:19

Sisyphus and Elon, Action1, Cyber insurance, CISA, LockBit, AI, Jason Wood, and more on this edition of the Security Weekly News.

Visit Listen

SWN #289 - MSMQ, CLFS, Fortinet, Spectre redux, Google Pay, BingBots, Aaran Leyland, and More from 2023-04-14T19:47:03

MSMQ, CLFS, Fortinet, Spectre redux, Google Pay, BingBots, Aaran Leyland, and More on this episode of the Security Weekly News.

Visit Listen

ESW #313 - Pablo Zurro, Travis Howerton from 2023-04-14T19:13:57

Fortra's Core Security has conducted it's fourth annual survey of cybersecurity professionals on the usage and perception of pen testing. The data collected provides visibility into the full spe...

PSW #780 - Billy Boatright from 2023-04-13T21:47:17

Imagine an illness that requires surgery a few times a month and restricts your mobility. What would that do to your career? In our chat with Billy Boatright today, we'll find out how he not onl...

ASW #236 - Vandana Verma Sehgal from 2023-04-11T23:44:17

Application security in the cloud is a crucial aspect of protecting data and preventing unauthorized access to applications hosted on cloud platforms. As cloud computing becomes more prevalent, ...

SWN #288 - FTX, CISA, Apple, RPKI, Circle, NEXX, MSI,&Jason Wood from 2023-04-11T17:31:52

FTX, CISA, Apple, RPKI, Circle, NEXX, MSI, Jason Wood, and more on this edition of the Security Weekly News.

Visit https://www.secur...

BSW #301 - Fleming Shi from 2023-04-11T13:22:04

Barracuda just released a report on Ransomware findings, here: https://assets.barracuda.com/assets/docs/dms/2023 -Ransomware-insi...

SWN #287 - Naughty Tesla, Flipper Zero, Rilide, Styx, Genesis, Sophos, Cisco, Meta, and More from 2023-04-10T18:03:08

Naughty Tesla, Flipper Zero, Rilide, Styx, Genesis, Sophos, Cisco, Meta, Aaran Leyland, and More on this episode of the Security Weekly News.

Visit Listen

PSW #779 - Sin Ming Loo from 2023-04-07T00:15:36

The approach of cybersecurity workforce development and how someone with such technical background come to designing a degree program with non-traditional approach. What it takes to keep it goin...

ESW #312 - Tom Kellermann, Donald Fischer from 2023-04-07T00:13:20

Kellermann will discuss the recently published report “Cyber Bank Heist” that exposes the cybersecurity threats facing the financial sector. Security must be a top-of-mind issue amid rising geop...

ASW #235 - Liz Rice from 2023-04-05T09:00

Following on from her successful title "Container Security", Liz has recently authored "Learning eBPF", published by O'Reilly. eBPF is a revolutionary kernel technology that is enabling a whole ...

BSW #300 - The Journey to Episode 300 from 2023-04-04T19:38:09

Why 300? 300 is a perfect game in bowling, a milestone few have achieved (unless you're Brendan Alderman who has done it twice before the age of 20). 300 podcast episodes is almost 7 years of re...

SWN #286 - ProtoCell Phones, KEV, Efile, 3CX, Western Digital , NATO, More News&Jason Wood from 2023-04-04T19:13:34

ProtoCell Phones, KEV, Efile, 3CX, Western Digital, NATO, Jason Wood, and More on this edition of the Security Weekly News.

Visit ht...

SWN #285 - TREXes, WooCommerce, 3CX, Zimbra, OneNote, ChatGPT, ProPump,&Aaran Leyland from 2023-03-31T19:23:54

Flappy TREX lips, WooCommerce, 3CX, Zimbra, OneNote, ChatGPT, ProPump, Aaran Leyland, and More on this episode of the Security Weekly News.

Visit Listen

ESW #311 - Josh Corman, Nick Means from 2023-03-30T23:02:07

So much of the tech world went remote at the start of the pandemic, and many of those jobs (and engineers) show no sign of ever going back into an office. Building successful teams in this envir...

PSW #778 - Philippe Laulheret from 2023-03-30T17:31:46

How to get into reversing embedded firmware? Can the planet really be hacked? We'll go over a couple of fun exploitation examples, see what mistakes were made and maybe what could have been done...

ASW #234 - Frank Catucci from 2023-03-28T21:00

With the increased interest and use of AI such as GTP 3/4, ChatGPT, GitHub Copilot, and internal modeling, there comes an array of use cases and examples for increased efficiency, but also inher...

SWN #284 - Twitter, Tax Scams, Microsoft, Executive Orders, Pwn2Own, more News&Jason Wood from 2023-03-28T18:06:10

Twitter, Tax Scams, Microsoft, Executive Orders, Pwn2Own, French Bans, and more on this edition of the Security Weekly News.

Visit h...

BSW #299 - Melissa Bischoping from 2023-03-28T16:17:02

We often see security as a thing that has definitive check boxes, end states and deliverables. Audits "end" and then start again, but if you are looking at security as a noun -- as in, a thing t...

ESW #310 - Shamim Naqvi, Grace Burkard from 2023-03-24T18:57:45

SafeLiShare delivers tamperproof security from inside out across clouds and eliminate algorithmic complexity attacks and reverse never-ending cycles of defense using policy controlled Confidenti...

SWN #283 - TikTok, GitHub, CISA, More CISA, a Little More CISA, Netgear,&DoKwon from 2023-03-24T18:18:02

This week Dr. Doug talks: TikTok, Github, CISA and More CISA, Netgear, Do Kwon and More on this episode of the Security Weekly News.

Visit Listen

PSW #777 - Nico Waisman from 2023-03-23T18:25:07

We sit down with Nico Waisman to discuss vulnerability research and other security-related topics!

In the Security News: Windows MSI tomfoolery, curl turns 8...point owe, who doe...

BSW #298 - Jeff Pollard from 2023-03-21T21:00

When CISOs report into CEOs it gives them more autonomy, empowers them with more decision making authority, and eliminates the inherent conflict of interest present when CISOs report into IT lea...

ASW #233 - Josh Goldberg from 2023-03-21T17:30:01

Static analysis is the art of scrutinizing your code without building or running it. Common static analysis tools are formatters (which change whitespace and other trivia), linters (which detect...

SWN #282 - ZippyShare, NuGet, PinDuoDuo, ERNIE, Lantern, HDDs,&Jason Wood from 2023-03-21T17:28:52

Dr. Doug talks: The Tang Dynasty, ZippyShare, NuGet, PinDuoDuo, Ernie, Lantern, HDD hard drives, and more on this edition of the Security Weekly News!

Visit Listen

SWN #281 - Financial Scams, Microsoft, BianLian, Leihigh Medical, CISA,&Vile Hackers from 2023-03-17T18:27:36

Financial Scams, Microsoft, BianLian, Leihigh Medical, CISA, Vile, and More on this episode of the Security Weekly News!

Visit https...

ESW #309 - Tal Morgenstern, Casey Smith from 2023-03-16T23:48:35

The CI/CD pipeline is the backbone of the software development process, so it's critical to ensure you are meeting and exceeding the most critical security measures. Throughout this podcast, Tal...

PSW #776 - Santiago Torres Arias from 2023-03-16T14:11:25

Software supply chain attacks, those in which hackers target the "water supply" of software are on the rise. This makes software developers everywhere valid targets. We will discuss the develope...

ASW #232 - Josh Grossman from 2023-03-15T09:00

In this segment, Josh will talk about the OWASP ASVS project which he co-leads. He will talk a little about its background and in particular how it is starting to be used within the security ind...

BSW #297 - Dr. Kiri Addison from 2023-03-14T21:01:30

Natural language processing AI will be at the forefront in 2023, as it will enable organizations to better understand their customers and employees by analyzing their emails and providing insigh...

SWN #280 - Casper, Flipper, NordVPN, Ring, SVBk, GoBruteforcer, Aaran Leyland, and more from 2023-03-14T19:15:22

Casper, Flipper, NordVPN, Ring, Silicon Valley Bank, GoBruteforcer, Aaran Leyland, and more on this edition of the Security Weekly News.

Visit Listen

ESW #308 - Roland Diaz, Ross Haleliuk from 2023-03-10T19:22:45

You know SBOMs can help you keep track of your software assets and therefore, their vulnerabilities. Despite even the White House pressing the issue, many vendors aren't forthcoming with SBOMs, ...

SWN #279 - Snailbrook, Xenomorph, SonicWALL, Github, Veeam, TSA, Ring, Aaran Leylan, and more from 2023-03-10T18:55:13

Selling your soul to the company store, Xenomorph, Sonicwall, Github, Veeam, TSA, Ring, Aaran Leylan, and More on this episode of the Security Weekly News.

Visit Listen

PSW #775 - Ask Our PSW Hosts Anything! from 2023-03-09T14:42:03

Tune in to ask our PSW hosts anything you want to know! Join the live discussion in our Discord server to ask a question. Visit securityweekly.com/discord for an invite!

Larry Pesce, Jeff...

ASW #231 - Neatsun Ziv from 2023-03-07T22:00

In this episode, Neatsun Ziv, co-founder and CEO of OX Security, takes a deep dive into software supply chain security. He focuses on the new Open Software Supply Chain Attack Reference (OSC&R),...

SWN #278 - AI and More AI, Word, OneNote, FiXS, Wago, Water, More News&Aaran Leyland from 2023-03-07T20:57:07

Lots of AI, Deepfakes, Microsoft Word, OneNote, Russian Pranksters, FIXS, Wago, Water, Aaron Leyland, and more on this edition of Security Weekly News. 

Visit Listen

BSW #296 - Terry Ray from 2023-03-07T19:48

From protecting application and data from cyberattacks to meeting compliance regulations, healthcare providers face the complex challenge of providing secure and reliable access to medical data....

SWN #277 - Organoids, Decider, BlackLotus, Mustang Panda, Ex22, Dish, Aaran, and more from 2023-03-03T19:45:35

Human brain bots grown in petri dish, CISA Decider, BlackLotus, Mustang Panda, Ex22, Dish and Aaran Leyland, and more on the Security Weekly News.

Visit Listen

ESW #307 - Raffael Marty, Jim Routh from 2023-03-03T10:00

The MSP space has undergone a lot of changes in the past few decades, with the emphasis on security increasing dramatically in the last 5-10 years. We discuss how ConnectWise, which builds and s...

PSW #774 - Asaf Cidon from 2023-03-02T23:17:55

Barracuda published its 2023 Email Security Trends report that shows how email-based security attacks affect organizations around the world. 75% of the organizations surveyed for the report had ...

SWN #276 - ClippyNator, NewsCorp, Lastpass, US Marshals, Housez, more News&Jason Wood from 2023-03-01T14:05:51

ClippyNator, NewsCorp, Lastpass, US Marshals, Housez, PureCryptor, CyberStrategy, Jason Wood and more on this edition of Security Weekly News. show.fullaudio_desc_addendum

Visit ...

ASW #230 - Lina Lau from 2023-03-01T10:00

Join us for this segment with Lina Lau to learn lessons from real incident response engagements covering types of attacks leveraged against the cloud, war stories from supply chain breaches seen...

BSW #295 - ChatGPT: Cybersecurity's Savior or Devil? from 2023-02-28T19:02:18

Lots of press lately regarding ChatGPT and its impact on cybesecurity. Some say it will help us fight adversaries, while others say it will only make adversaries more sophisticated. Lot's of FUD...

Throwback Episode - ESW #293 from 2023-02-23T19:12:55

It's another holiday week, so enjoy this episode from the ESW archives!

The cloud and SaaS were supposed to make things easier, simpler, more scalable. Arguably, they _have_ done...

Throwback Episode - PSW #480 from 2023-02-23T02:56:47

It's another holiday week, so enjoy this interview from the PSW archives!

We chat with Marcus J. Ranum of Tenable, pit ODROID against Raspberry Pi, and introduce you to USBee in ...

Throwback Episode - BSW #172 from 2023-02-22T10:00

It's another holiday week, so enjoy this episode from the BSW archives!

This week, we welcome Graeme Payne, President at Cybersecurity4Executives, to discuss Impacts of a Data Br...

Throwback Episode - ASW #178 from 2023-02-21T14:22:28

It's another holiday week, so enjoy this episode from our archives!

What does a collaborative approach to security testing look like? What does it take to tackle an entire attack class as...

SWN #275 - Liquid Robots, Korean Cars, Fortinet, Atlassian, BingBots,&Derek Johnson from 2023-02-17T20:49:03

This week Dr. Doug civilly discusses: a Liquid Robot Death Punch, Korean cars, Fortinet, Frebniis, Atlassian, BingBots, Hacking Back, Derek Johnson covers the National Cyber Strategy documents a...

ESW #306 - Space Rogue, Pablo Zurro, Dr. Inka Karppinen from 2023-02-16T23:23:44

Organizations today operate under the constant looming threat of cyber attacks. While reactive cybersecurity measures will help organizations respond to past and present threats, offensive measu...

PSW #773 - Ron Woerner from 2023-02-16T15:42:11

Zero Trust is the buzzword of the 2020’s. Vendors are selling it, the US Federal Government is requiring it, and organizations are implementing it, but what does it really mean (I mean really be...

ASW #229 - Nick Selby from 2023-02-14T22:00

Organizations spend hundreds of work hours to build applications and services that will benefit customers and employees alike. Whether the application/service is externally facing or for interna...

SWN #274 - Clipper Malware, Chinese Hackers, Record Ddos Attack, Apple Patch&Josh Marpet from 2023-02-14T18:48:24

This week, guest host Aaran Leyland takes over with expert commentator Josh Marpet! Tune in for Clipper malware, Chinese hackers, record DDoS attack, Apple patch zero day flaw and more!

 ...

BSW #294 - Drew Rose from 2023-02-14T18:16:49

How do you manage the human side of cybersecurity? Traditionally, security awareness programs have checked this box from a compliance angle but had minimal impact on cyber risk. Human Risk Manag...

SWN #273 - Dysentery, Privacy , Gootloader, Bing Ai, Vela, Reddit, and Bradley Barth from 2023-02-10T20:02:59

Dysentery, Healthcare Privacy, Gootloader, Bing AI, Vela, Russian jobs, Reddit, and Bradley Barth discusses his series on Walmart. All this and more on the Security Weekly News.

...

ESW #305 - Tom Goings, Ashley Leonard from 2023-02-10T17:30:04

Tanium has recently released a new capability called Tanium Software Bill of Materials (SBOM) to help customers identify third-party libraries associated with software packages.

• What is...

PSW #772 - Hal Pomeranz from 2023-02-09T18:09:06

Linux systems are a collection of free and Open Source software-- some packaged by your distro, some built from source. How do you verify that your upstream isn't polluted by bad actors?

...

ASW #195 - Lynn Marks from 2022-05-03T22:30

This week, Mike and John interview Lynn Marks, Product Manager at Imperva, & discuss Bad Bots: The Automated Threat Targeting Your Websites, Apps, & APIs! In the AppSec News: ExtraReplica in Azu...

SWN #209 - Aruba/Avaya, DoD, Apple Obsolescence, Google, GitHub,&Cyber Forced Labor from 2022-05-03T21:49:12

This week Dr. Doug Talks: Office Pets, Aruba and Avaya, DoD Scammed, Russian forced labor, Google, Apple Obsolescence, as well as the Expert Commentary of Jason Wood on the Security Weekly News!...

ESW #271 - Rich Mogull&Andrew Hindle from 2022-05-03T18:30

This week, in our first segment, we welcome Rich Mogull, the CISO of DisruptOps - FireMon to discuss The Turbulent Cloud Security Market! Then, Andrew Hindle, the Content Chair at Identiverse & ...

PSW #738 - Michael Aminov&Marcus Sachs from 2022-04-29T21:00

This week, we start the show off with an interview with Michael Aminov, Founder & Chief Architect at Perception Point to discuss Security Blind Spots: Are You Protected? An interview featuring M...

NPM, Docker, Nimbuspwn, Edge, Emotet,&Owl Grease - Wrap Up - SWN #208 from 2022-04-29T19:23:54

This week on the Security Weekly News: Owl grease, Docker, Nimbuspwn, Edge, Emotet, NPM, as well as all the Show Wrap Ups for this week!

Visit Listen

BSW #260 - Jess Burn from 2022-04-28T17:30

This week, Senior Analyst Jess Burn will go highlight Forrester's eight security program recommendations for 2022 that will help security leaders take full advantage of their political capital —...

SWN #207 - Hare, Quantum, VMWARE, APT 34, Brakes, Elon Buys Twitter, Lapsus,&BlackCat from 2022-04-26T19:33:55

This week in the Security News: Secret C Cabal of killer rabbits, Quantum Locker, VMWare, Ricochet Chollima, Truck Braking, Elon, Lapsus$, BlackCat, and the returning Expert Commentary of Jason ...

ASW #194 - Dr. Chenxi Wang from 2022-04-26T18:30

How should we empower developers to embrace the NIST software development practices? Because from here on out, developers need to view themselves as the front lines of defense for the end-consum...

ESW #270 - Dan Allen&Will Lin from 2022-04-22T21:00

This week, in the first segment, we learn all about the technical ins and outs of HP SureClick Enterprise with HP expert Dan Allen and discover how SureClick Enterprise can help improve security...

SWN #206 - Lemon Duck, Crypto Theft, Pwn2Own, Sinclair, Microsoft,&Google - Wrap Up from 2022-04-22T17:41:05

On this episode of the Security Weekly News: Dr. Doug talks: Lemon Duck, Lemon Curry, Crypto, Pwn2Own, Google, Microsoft, and Sinclair, all this and the show wrap-ups from this week!

Visi...

PSW #737 - Capt. John Alfred&Thomas Lonardo from 2022-04-21T22:30

This week on Paul's Security Weekly, an interview with Captain John Alfred retired from the Rhode Island State Police. Second up is a discussion with Tom Lonardo, John Alfred, and the hosts to t...

BSW #259 - Tim Woods from 2022-04-20T22:00

This week, Tim Woods, VP Technology Alliances at Firemon, joins BSW to discuss how centralized policy management can provide the visibility, enforcement, and compliance of policies across hybrid...

SWN #205 - Win 11, iPhone Zero Clicks, LinkedIn, Scraping, Conti Lies,&Webex Mics from 2022-04-19T22:30

This week in the Security News: Windows 11, iPhone Zero Click, LinkedIn, Scraping, Ransomware Gangs are not nice, Webex Microphones always on, as well as the Expert Commentary of Jason Wood!

ASW #193 - AppSec (&adjacent) Metrics from 2022-04-19T22:00

We can create top 10 lists and we can count vulns that we find with scanners and pen tests, but those aren't effective metrics for understanding and improving an appsec program. So, what should ...

ESW #269 - Bob Erdman&Justin Tolman from 2022-04-15T21:00

In our first segment, we welcome Bob Erdman, Director of Development at HelpSystems to discuss The Role of Automation in Pen Testing! Then, Justin Tolman, Forensic Evangelist at Exterro joins us...

SWN #204 - Struts, Management Networks, Elon Spits in My Soup,&Zero-Days - Wrap Up from 2022-04-15T20:12:38

This week Dr. Doug talks: Zero-Day Day, Cisco and other Management Networks, "Elon spits in my soup", Struts, as well as all the show Wrap Ups from this week!

Visit Listen

PSW #736 - Mike Wilkes&Amanda Berlin from 2022-04-15T20:00

This week, we start the show off with an interview Mike Wilkes, Chief Information Security Officer at SecurityScorecard, for an interview about Third Party Risk Management! An interview featurin...

BSW #258 - Derek Manky from 2022-04-13T21:00

By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of a...

SWN #203 - Sandworm, Protestware, FancyBear, Spring4Shell,&PacketStreamer from 2022-04-12T20:14:40

This week, Dr. Doug talks: Sandworm, Protestware, FancyBear, Eyeball McSqueezy, Quantum, Spring4Shell, PacketStreamer, Bad Tax Software, and autonomous crime, all this and Russ Beauchemin on thi...

ASW #192 - William Morgan from 2022-04-12T16:30

The zero trust approach can be applied to almost every technology choice in the modern enterprise, and Kubernetes is no exception. For Kubernetes network security particularly, adopting a zero t...

ESW #268 - Josh Snow&Catherine Ullman from 2022-04-08T21:00

In our first segment, we welcome Josh Snow, Principal Sales Engineer at ExtraHop to discuss Common Sense Steps for Implementing Shields Up! Then, Catherine Ullman, Sr. Information Security Foren...

SWN #202 - Microsoft, VMWare, Burnout, Android, HIMEM.SYS, Parrot,&Rants - Wrap Up from 2022-04-08T18:58:57

This week in the Security Weekly News, Dr. Doug talks: Rants, Burnout, VMWARE, Microsoft, Android, HIMEM.SYS, Parrot, all this and show Wrap Ups from this week!

Follow us on Twitter: Listen

PSW #735 - Sean Metcalf&Jay Beale from 2022-04-07T21:00

This week, we start the show off with an interview Sean Metcalf, the Founder & CTO of Trimarc, where we talk “Active Directory, Azure AD, & Okta Oh My!” An interview featuring featuring Jay Beal...

BSW #257 - Jonathan Gohstand from 2022-04-07T09:00

As the world shifted to remote work, then hybrid work, organizations have struggled with legacy technologies to solve the security challenges of this new way of working. But what if you could us...

SWN #201 - VMware, Hydra, MailChimp, Cisco, PEAR PHP, Red Hat, GitLab,&Digital Diplomacy from 2022-04-05T21:48:08

This week, Dr. Doug talks: VMware, Hydra, MailChimp, Cisco, Pear, Red Hat, GitLab, Creepy Agencies, lungworm tentacle robots, the triumphant return of Expert Commentary featuring Jason Wood, & m...

ASW #191 - Eric Allard from 2022-04-05T21:00

Making a positive impact to how we package software to make developer's lives easier in how they have to manage security. FORCEDENTRY implications for the BlastDoor sandbox, Spring RCE, Zlib fla...

ESW #267 - Tim Cathcart,&Steven Turner from 2022-04-01T21:53:56

This week, Tim Cathcart from Knox County Schools is with us to discuss breaking into cyber from a high school perspective! Then, Steven Turner from Microsoft joins us to sweep away the noise and...

SWN #200 - Apple, Spring4shell, Zlib, Honda, Rockwell,&Backup Day - Wrap Up from 2022-04-01T19:16:14

In this episode of the Security Weekly News: Information overload, Zlib, spring4shell, Apple, Honda Keyless, Rockwell PLCs, Elon Musk's dastardly plans, and National Backup Day, all this as well...

PSW #734 - Mark Boltz-Robinson, Hanine Salem from 2022-03-31T21:00

This week, we start the show off with an interview featuring Mark Boltz-Robinson, the Manager of the ADRP Team at Trellix, about the State of the SOC today! Next up, we welcome Dr. Hanine Salem,...

BSW #256 - Charlene Deaver-Vazquez from 2022-03-30T09:00

Every CISO CIO asks the question, what's the risk? Quantitative analysis, mathematical models are designed to answer this question. Understand how they work, when to use them, and what they can ...

SWN #199 - WordPress, CISA Alerts, VerbleCon, Rapid Attacks, Sophos,&Fleming Shi from 2022-03-29T21:20:51

This week, Dr. Doug talks: The Rhodesian Secret Police, WordPress, CISA Alerts, VerbleCon, Rapid attacks, Sophos, Apple Watch Spying, as well as the Special Expert Commentary of guest Fleming Sh...

ASW #190 - Harshil Parikh from 2022-03-29T09:00

Developers ignore security issues. But can we really blame them? After all, security folks bombard them with an endless stream of issues that need to be addressed with no way for them to separat...

SWN #198 - North Korea, Supply Chain, Lapsus$, Russian Indictments,&Deepfakes - Wrap Up from 2022-03-25T21:22:27

This week in the Security News, Dr. Doug talks: Deepfakes, Supply Chain Attacks, Lapsus$, Russian Indictments, North Korea, as well as all the show Wrap-Ups from this week!

Visit Listen

ESW #266 - Zane Bond,&Erin Kenneally from 2022-03-25T21:00

This week, in our first segment, we welcome Zane Bond, Director of Product Management at Keeper Security, for an interview on How to Secure Your Secrets! We discuss how, Since IT network secrets...

PSW #733 - Stephen Ward,&David Kennedy from 2022-03-24T21:00

This week, we start the show off with an interview featuring Stephen Ward, the CMO of Source Defense, about Exposing the Shadows: Managing Shadow Code and the Blind Side in 3rd Party Risk! Next ...

BSW #255 - Olesia Klevchuk from 2022-03-24T09:00

The most recent trends in social engineering, the latest methods attackers are using to trick their victims, and the best practices to protect your business from these evolving threats. In the L...

SWN #197 - Conti Ransomware, BitRAT Malware, HP Printer RCE,&Browser Phishing from 2022-03-22T22:07:24

This week, Dr. Doug talks: Modern problems, Conti, Toyota, Android and Android, BitB, HP, and Jason Wood on this edition of the Security Weekly News!

Show Notes: Listen

ASW #189 - Alvaro Muñoz from 2022-03-22T09:00

This week in the AppSec News: A great escape isn't always as great as it sounds, Solana cryptocurrency logic isn't always as great as intended, some people's idea of "peace" isn't that great at ...

ESW #265 - Johanna Ydergard&Pablo Zurro from 2022-03-21T16:00

This week, in our first segment we're joined by Johanna Ydergard, VP of Product at Detectify joins us to cover a brief overview of the attack surface market - what it is, why it’s necessary to h...

SWN #196 - Sat-Com, Node-IPC, Counterfeit Chips, Go, AI,&Shortwave Radio - Wrap Up from 2022-03-18T18:02:06

This week in the Security Weekly News, Dr. Doug talks: War rants, sat-com, node-IPC, Counterfeit Chips, Go, AI, shortwave radio, all this and the show Wrap Ups from this week!

Visit Listen

PSW #732 - G Mark Hardy, Lawrence Nunn,&Ricky Tan from 2022-03-18T09:00

This week, we start the show off with an interview featuring G Mark Hardy, President of the National Security Corporation, for an interview where we go from From Hacker Jeopardy to CISO Tradecra...

BSW #254 - Jody Brazil from 2022-03-17T20:30

It doesn't matter how much security technology you have, how much you spend on security: security outcomes are achieved by doing all the little things right. You can spend $10M on network securi...

ASW #188 - Farshad Abasi from 2022-03-16T09:00

Cybersecurity is a large and often complex domain, traditionally focused on the infrastructure and general information security, with little or no attention to Application Security. Security pro...

SWN #195 - The Ukraine, Conti, Pandora, BYOD, Crypto ATMS,&Pirate Hunting from 2022-03-15T22:22:32

This week Dr. Doug talks: ASCII Porn, Pirate Hunting, The Ukraine, Conti, Pandora, Mobile Device Hell, and Crypto ATMs, along with Jason Wood on this edition of the Security Weekly News!

...

ESW #264 - Jeff Styles&Andrew Morris from 2022-03-14T22:30

Managing firewall rule reviews, especially for PCI-DSS, can be complex but it doesn't have to be. Hear from Jeff Styles as he talks about how you can automate this process to keep you compliant ...

PSW #731 - Daniel Trauner, Antranig Vartanian,&David Marble from 2022-03-11T23:00

This week, we start the show off with an interview featuring Daniel Trauner, Senior Director of Security at Axonius, to discuss why Technology Changes, but Security (Often) Stays the Same! Next ...

SWN #194 - Russians, IT Armies, Supply Chains, BazarBackdoor,&Scary Studies - Wrap Up from 2022-03-11T19:19:23

In the Security News, Dr. Doug talks: War of course, supply chains, certs, Ukrainian IT army malware, BazarBackdoor, some scary studies, Walter Cronkite as PewDiePie, along with all the show Wra...

BSW #253 - Michael McPherson from 2022-03-09T23:30

Something is seriously wrong with our current approach to cybersecurity––the more we spend, the worse the situation becomes. In an industry plagued by a chronic talent shortage, one thing is cle...

SWN #193 - Ragnar Locker, Linux Vulns, Samsung Code, Nvidia Certs, Adafruit Data Breach,&ICS from 2022-03-08T21:55:58

This week in the Security Weekly News, Dr. Doug talks: Ragnar Locker, more Linux vulnerabilities, Samsung, Nvidia, Adafruit and Ada Lovelace, CrowdStrike, Cloudflare, Ping Coalition, and ICS alo...

ASW #187 - Lebin Cheng from 2022-03-08T10:00

As the volume of API traffic increases, it becomes a greater threat to an organization’s sensitive data. Motivated attackers will increasingly target APIs as the pathway to the underlying infras...

ESW #263 - Chad Skipper, Karen Worstell,&Sharon Goldberg from 2022-03-04T22:00

This week, in our first segment, we welcome Chad Skipper, Global Security Technologist at VMware, & Karen Worstell, Sr. Cybersecurity Strategist at VMWare, for an interview on Exposing Malware i...

DynamicWeb, Toyota, War, Google,&Zero-Trust - Wrap Up - SWN #192 from 2022-03-04T19:22:15

This week in the Security Weekly News, Dr. Doug talks: War, of course, Toyota, DynamicWeb, open-source, scams, Google, and zero-trust, along with all the Wrap-Ups for this week!

Visit Listen

PSW #730 - Alissa Torres&Rich Mogull from 2022-03-03T23:00

This week, we start the show off with the Security News for this week: Was It Russia?, Blocking software updates, crowd-sourced attacks, protecting FPGAs, moving Linux to modern C, Nvidia hit, t...

Good Human Nature - BSW #252 from 2022-03-02T10:00

Ransomware developments we saw over the past year—along with a look ahead at what to expect in 2022. In the Leadership and Communications section, Answer this question to assess your leadership,...

Daxin Backdoor, Ukraine IT, Judyrecords, Insta-Scammers,&Crypto Scams - SWN #191 from 2022-03-01T21:49:54

This week, Dr. Doug talks: Erotica, daxin, Judyrecords, the Ukraine, a bunch of scams, as well as the returning Expert Commentary of Jason Wood on the Security Weekly News!

Show ...

Good People - ASW #186 from 2022-03-01T10:00

This week, we welcome Steve Wilson, Chief Product Officer at Contrast Security, to discuss Integrating Appsec Tools for DevOps Teams! In the AppSec news: Salesforce reveals their bounty totals f...

A "Blessing" of Unicorns - ESW #262 from 2022-02-25T22:00

This week, in our first segment, we welcome Jimmy Vo, Detection Engineer at Datadog for an interview on Detection Engineering in the Age of Cloud! Then, Brian Peterson, ICS4ICS Program Manager, ...

Cyber Attacks, Airtags, CyclopsBlink, Armageddon, ElectronBot,&Sandworms - Wrap Up - SWN #190 from 2022-02-25T20:12:32

This week Dr. Doug talks: Disney Adventures, Sandworm, Cyclops Blink, Armageddon, Electron Bot, Airtags, SockDetour, as well as all the Wrap Ups for this week on the Security Weekly News!

Sous Vide Your Spam - PSW #729 from 2022-02-25T00:00

This week, we start the show off with the Security News for this week: Unskilled hacker linked to years of attacks on aviation, transport sectors, The Elite Hackers of the FSB, Bionic Eyes Go Da...

Accurate Assessment - BSW #251 from 2022-02-24T10:00

The Business Information Security Officer, or BISO, is relatively new and somewhat controversial role. Does this role act as the CISO's non-technical liaison to the business units or as the CISO...

Coinbase Bounty, Clearview Expansion, Stone Panda, Xenomorphs,&Teams Malware - SWN #189 from 2022-02-22T22:53

This week in the Security News, Dr. Doug Talks: Clearview, Iran, the biggest bug bounty, stone panda, "Adult" scamming, xenomorph, chat attacks, along with the returning Expert Commentary of Jas...

The DIY Lab - ASW #185 from 2022-02-22T10:00

Lots of web hacking can be done directly from the browser. Throw in a proxy like Burp plus the browser's developer tools window and you've got a nearly complete toolkit. But nearly complete mean...

MFA Fatigue, WordPress Vuln, Iranian Code,&Free Crypto! (Scams) - Wrap Up - SWN #188 from 2022-02-18T22:42:15

This week, Guest Host Aaran Leyland talks: Phishers, WordPress, Free Crypto Scams, Ukraine & Russia, MFA and more, along with the show Wrap Ups for this week in the Security News!

Story L...

Flying Really High - ESW #261 from 2022-02-18T10:00

This week, we welcome Mitja Kolsek, Founder, CEO at ACROS Security, to talk about 0patch - Security Patching That Doesn't Make Your Life Miserable! In the next segment, we welcome Vikram Asnani,...

Burn It All Down - PSW #728 from 2022-02-17T22:00

This week, we start the show off with an interview featuring Michael Daniel, President & CEO, Cyber Threat Alliance! Next up, A tech segment walking through Running Windows Inside Containers On ...

Top Notch - BSW #250 from 2022-02-16T10:00

This week, we welcome John Wheeler, CEO at Wheelhouse Advisors, and Padraic O'Reilly, Chief Product Officer & Co-Founder at CyberSaint, to discuss why it's Time To Move Away From "G - little R -...

Blackbyte V. The 49ers, Ukraine, Malicious Mods, Adobe 0-Day,&Teams Bugs - SWN #187 from 2022-02-15T20:28:48

This week in the Security News: The Ukraine, Defender, Mimikatz, Chrome, Blackbyte, Cities Skylines, Adobe, and Teams, along with special guest commentator Aaran Leyland on this Edition of the S...

Tasty Beverage - ASW #184 from 2022-02-15T10:00

Doug Kersten, CISO of Appfire, will discuss how the nature of vulnerabilities today makes it critical for developers to make sure they’re building projects in a secure manner in order to quickly...

Buying a CISO - ESW #260 from 2022-02-11T22:09:55

This week, in our first segment, we welcome our own Tyler Robinson for a segment discussing how "To err is human, but the blockchain is forever"! Then, Branden Williams, VP of IAM Strategy at Pi...

Maze Decryption, Sim Swaps, Crypto Megaheists,&Infected Win 11 Installers - Wrap Up - SWN #186 from 2022-02-11T20:29:49

This week in the Security Weekly News: Dr. Doug talks Crypto and more crypto, Sim swapping, Maze resigns, Win 11 scam, Tesla, and all the Wrap-Ups on the Security Weekly News!

Visit Listen

Mood Lighting - PSW #727 from 2022-02-11T10:00

This week, we start the show off with Brian Honan, the CEO of BH Consulting joins to discuss why Cybersecurity is Not Just a Technical Problem! In the Security News for this week: Microsoft to b...

Sharpen Our Tools - BSW #249 from 2022-02-09T10:00

This week, we welcome Ann Marie van den Hurk, Small Business Cybersecurity Champion at Mind The Gap Cyber, to talk about Effective Communications During & After a Cyber Attack! In the Leadership...

Google MFA, Avast Decrypts, QBOT, QuaDream Spyware,&Slackware 15.0 - SWN #185 from 2022-02-08T21:09:39

This week in the Security Weekly News: Avast, Google MFA, CISA, QBOT, QuaDream, the IRS, Slackware, and ms-appinstaller, along with the returning expert commentary of Jason Wood on this edition ...

Internal Jokes - ASW #183 from 2022-02-08T10:00

Security is one of the most evolving and impactful landscapes in the regulatory sphere. Proposed initiatives in the areas of Incident Response, Software and Product Assurance, Coordinated Vulner...

The 1000th Unicorn - ESW #259 from 2022-02-04T22:00

This week, in our first segment, Attila Török, joins for an interview on Manages Security for A 100% Remote Workforce! After that, we welcome Darwin Salazar, Cloud Security Consultant at Accentu...

Getting Zucked, LinkedIn, Elementor RCE,&Underused MFA - Wrap Up - SWN #184 from 2022-02-04T18:49:40

In this episode, Dr. Doug talks: Zuck gets zucked, MFA threats, DHS, Elementor, LinkedIn, and all the show Wrap-Ups for this week on the Security Weekly News!

Visit Listen

Life Changing Bag of Cash - PSW #726 from 2022-02-03T22:00

This week, we start the show off with an interview with Brent White, Principal Security Consultant at Dark Wolf Solutions! Next up, we have a technical segment where I walk through Linux Post Ex...

Speed&Quality - BSW #248 from 2022-02-02T23:00

Dan Matthews, Director, Worldwide Sale Engineering from Constella Intelligence, will discuss the challenges with digital risk protection and how to protect your executives, employees, and corpor...

CISA Lists, UPnP, Samba, SMS Trickery, Secret Pixels,&Lazarus Returns - SWN #183 from 2022-02-02T22:35:21

This Week in the Security News: UPnP strikes back, Lazarus, Samba, CISA, SMS Scams, secret pixels, OMB Zero Trust, and Wordle, along with the Expert Commentary of Jason Wood on this edition of t...

Perfect Direction - ASW #182 from 2022-02-01T10:00

This week, we welcome Larry Maccherone, DevSecOps Transformation at Contrast Security, to discuss Shift Left, NOT S#!T LEFT! In the AppSec News: PwnKit LPE in Linux, two different smart contract...

Vultur, Overreach, Trickbot, QNAP, Apple, pkexec,&Space Force - SWN #182 from 2022-01-28T19:44:12

This week in the Security News: Overreach, Vultur, QNAP, Trickbot, Apple, pkexec, Space Force, & more on the Security Weekly News Wrap Up show!

Visit Listen

Skipping Around - ESW #258 from 2022-01-28T10:00

This week, we welcome Jamie Moles, Senior Technical Marketing Manager at ExtraHop, to discuss Log4Shell: Impact and Lessons Learned! In the Enterprise Security News, Hunters raises a series C to...

Software Flea Market - PSW #725 from 2022-01-27T22:00

This week, we start the show off with an interview with Jimmy Sanders, CISO at Netflix, to talk about Cracks in the Castle! Next up, we have a technical segment where I walk through Securing Ubi...

Changing Trends - BSW #247 from 2022-01-25T22:27:42

Enabling the business requires a nuanced view of verticalization and what it means to an enterprise. Why is this important as CISO’s think about how to apply cyber to enterprise resiliency? Mark...

Russia, Control Web Panel, Belarus, Office Macros, Trickbot,&Molerats - SWN #181 from 2022-01-25T22:25:48

This week in the Security News, Dr. Doug talks: Control Web Panel, Russia, Belarus, Office Macros, Trickbot, MoleRats, DTPacker, and Tesla! All that along with the Expert Commentary of Jason Woo...

Cheesy Tomato Dreams - ASW #181 from 2022-01-25T10:00

It is hard, if not impossible, to secure something you don’t know exists. While security professionals spend countless hours on complex yet interesting issues that *may* be exploitable in the fu...

Quality of Ingredients - ESW #257 from 2022-01-21T22:00

This week, Rickard Carlsson from Detectify is with us to discuss a funeral for vulnerability management! Then, Will Clark from Accela joins us to talk about architecture and security in the tren...

UEFI, 2-Factor Failure, McAfee, Whispergate, Oracle Patches&More! - Wrap Up - SWN #180 from 2022-01-21T19:38:46

This week, Dr. Doug talks: 2-factor failure, UEFI, McAfee, Whispergate, oracle patches, and more on the Security Weekly News Wrap-up Show!

Show Notes: Listen

Really Good Brownies - PSW #724 from 2022-01-21T00:30

This week, we start the show off with an interview with Neal O’Farrel, Founder of The PsyberResilience Project, to talk about Cyber Resilience & Cybersecurity Mental Health! Next up, it’s the Se...

Something For Everybody - ASW #180 from 2022-01-20T20:30

This isn't a story about NPM even though it's inspired by NPM. Twice. The maintainer of the "colors" NPM library intentionally changed the library's behavior from its expected functionality to p...

Firefox Relay, WordPress, Microsoft, Russia,&VPNLab - SWN #179 from 2022-01-18T22:54:21

This week, Dr Doug talks: WordPress, Firefox Relay, Multiple Microsoft, White House Summit, Russia Strikes back, VPNLab, my crush on Judy Jetson, and Aaran Leyland.

Show Notes: <...

The Index Has Cooled Off - BSW #246 from 2022-01-14T22:00

The Security Weekly 25 index has finally cooled off, closing at 2226.93 on January 13th, 2022, which is an increase of 122.69% (down from last Q) since inception. The NASDAQ Index closed at 14,8...

Gootloader, Apple, Microsoft Servers, Taco Tuesday,&Remote Desktops - Wrap Up - SWN #178 from 2022-01-14T21:01:47

Dr. Doug talks: Remote desktop, Apple, Microsoft Servers, Taco Tuesday, Gootloader, and "Farmville: Gangsta Edition", as well as his Favorite Threat of the Week!

Visit Listen

Peach Melba Day - ESW #256 from 2022-01-14T10:00

It’s a new year and a time when we make resolutions…which often drop off by the start of February. To keep your security resolutions for 2022, today’s show will be about enterprise security pitf...

Toddler Scientists - PSW #723 from 2022-01-13T22:00

This week, we kick off the show with a tech segment walking through the Log4j Vuln, step by step! Then, Dragos Ruiu, creator of Pwn2Own, joins for an interview! In the Security News: Attacking R...

Dust It Off - BSW #245 from 2022-01-13T03:00

How cloud resources are architected and utilized is different for every organization, but whether cloud native or cloud traditionalist – security risk and complexity are problems. Concerns over ...

QNAP, CISA, KCodes, Supply Chain Hijinx, Chuds,&CES 2022 - SWN #177 from 2022-01-11T21:29:07

This week in the Security Weekly News: Toilet snakes, CES, CISA, Supply Chain Library Hijinx, QNAP, colors and fakers, and the first episode of 2022 for the Security Weekly News! All this and th...

Big Smiles - ASW #179 from 2022-01-11T10:00

There's an understandable focus on "shift left" in modern DevOps and appsec discussions. So what does it take to broaden what we call appsec into something effective for modern apps, whether the...

Happy Holidays! - ESW #255 from 2021-12-24T10:00

This week, Dr. David Brumley from ForAllSecure is with us to discuss Bringing Autonomy to Appsec Then, in the enterprise security news, ZeroFox has a $1.4 billion dollar blank check, Corellium r...

Singing Elephant - PSW #722 from 2021-12-23T22:00

This week, we kick off the show with an interview featuring Deviant Ollam, Physical Penetration Specialist, at Red Team Alliance, where we delve into Lock Picking & Physical Security! Then, John...

hmi/scada, log4j, Apache, Office, Scams,&FBI Bitcoins - Wrap Up - SWN #176 from 2021-12-23T20:15:47

This week, guest host Aaran Leyland talks: LOG4J Advisories, HMI/SCADA, Apache, Office Patches, Delivery Scams, and the FBI along with all the show Wrap Ups for this week!

Show N...

Becoming the Avengers - SCW #99 from 2021-12-23T10:00

Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneerin...

The Art of Negotiation - BSW #244 from 2021-12-22T22:00

Throughout her career, Sandy Dunn has continued to mature and refine her skills. In the early days, she describes her job as a "hostage negotiator", constantly negotiating between the business t...

haveibeenpwned Passwords, log4j2, log4shell, Joker App, Zoho 0-Day,&Conti Group - SWN #175 from 2021-12-21T22:12:40

This week Dr. Doug talks: Conti, log4j2, log4shell redux, the return of the Joker, Your Car's warranty is expired, haveibeenpwned, Zoho, Microsoft, and more! All this, the Expert Commentary of J...

Fuzzing Like It's 1999 - ASW #178 from 2021-12-21T10:00

What does a collaborative approach to security testing look like? What does it take to tackle an entire attack class as opposed to fixing a bunch of bugs? If we can shift from vulnerability miti...

Facebook Bans, SimSwaps, DarkWatchman, Pseudomanuscrypt,&Log4Shell - Wrap Up - SWN #174 from 2021-12-17T18:52:19

In the Security Weekly News, Dr. Doug talks: LogJammin, sim swapping, Dark Watchman, Pseudomanuscrypt, Facebook bans, high school hijinx, all this and the Show Wrap Ups for this week!

Vis...

Facebook Bans, SimSwaps, DarkWatchman, Pseudomanuscrypt, & Log4Shell - SWN #174 from 2021-12-17T18:52:19

In the Security Weekly News, Dr. Doug talks: LogJammin, sim swapping, Dark Watchman, Pseudomanuscrypt, Facebook bans, high school hijinx, all this and the Show Wrap Ups for this week!

Vis...

The Worst Metaphor - ESW #254 from 2021-12-17T10:00

This week, we welcome Shoshana Gourdin, to discuss how Morale Is a Safety Control! Up next, we welcome Scott Crawford, Research Director at 451 Research / S&P Global Market Intelligence, to talk...

Have a Couple Beers on the Lawnmower - PSW #721 from 2021-12-16T23:00

This week, we kick off the show with an interview featuring Ed Skoudis, SANS Fellow and Counter Hack Founder, where we talk about the holiday hack challenge! Then, Sinan Eren, VP of Zero Trust A...

Under the Bus - SCW #98 from 2021-12-16T10:00

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its...

Against the Law - BSW #243 from 2021-12-15T10:00

This week, we welcome Mike Murray, CEO and Founder at Scope Security, to discuss Why Hospitals Face Unique Security Challenges! In the Leadership and Communications section: 13 traits of a secur...

Irish Healthcare Scam, Malicious PyPl, Bad Bluetooth, Satoshi Nakamoto,&Log4Shell - SWN #173 from 2021-12-14T21:53:46

This week Dr. Doug talks: Satoshi Nakamoto, log4shell, PyPl, bad Bluetooth, bad Google, & bad Elon! All this and the Expert Commentary of Jason Wood on this edition of the Security Weekly News!<...

Vulnerability Phone - ASW #177 from 2021-12-14T10:00

This week, we welcome Francesco Cipollone - CEO & Founder - AppSec Phoenix Ltd, to discuss DevSecOps, Compliance GRC, and the Future of Application Security! In the AppSec News, Mike & John talk...

Treacherous Devs, Selling Text Messages, Spicy Takes,&Unicorns Galore - ESW #253 from 2021-12-10T20:00

This week, we welcome Allie Mellen, Industry Analyst at Forrester Research to discuss Digging Into XDR! In the second segment, Vincent Berk, CTO and Chief Security Architect at Riverbed to talk ...

IoT Standards, NginRAT, AT&T Botnet,&Bad Wifi Routers - Wrap Up - SWN #172 from 2021-12-03T21:05:07

This week in the Security Weekly News Wrap Up Dr. Doug talks: Ben Dorsey, NginRat, AT&T, Decryption, IoT, and Bad WIFI Routers! All this and Dr. Doug's favorite threat of the week, & the show wr...

The Human Element - ESW #252 from 2021-12-03T10:00

In this interview, we discuss defenders sharing information, how Edna deals with Azure's supply chain challenges, ransomware trends, and some future predictions. Edna has been in security as lon...

Bud's Budtender - PSW #720 from 2021-12-03T00:00

This week, we kick off the show with an interview featuring Shailesh Athalye, Senior Vice President of Product Management at Qualys joins to discuss why Cybersecurity is an Unfair Game! Then, we...

Too Authentic - SCW #97 from 2021-12-02T10:00

There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to b...

Completely Off the Rails - BSW #242 from 2021-12-01T10:00

We cover a lot of articles about CISO leadership, communications, skills, and yes, transition. This week we discuss the CISO transition from a CISO's perspective. I will interview my co-hosts on...

Reaper Chinotto, Tardigrade, Cannazon DDoS, IKEA, Webcam Hijinks,&Seoul's Metaverse - SWN #171 from 2021-11-30T22:11:43

This week in the Security Weekly News: Tardigrade, Reaper, HP, Cannazon, Ikea, Cameras, The Virtual DMV Verse, and the Expert Commentary Jason Wood on this edition of the Security Weekly News! Listen

Cyber Monday - ASW #176 from 2021-11-30T10:00

In today’s session Chris Wysopal will address a number of topics with Mike, including systemic risk in software development and how developers and security teams can work together to meet common...

A Good Mission - SCW #96 from 2021-11-24T22:00

In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the...

SquirrelWaffel, Scams, Exchange Flaws, Honeypots,&Hoodies - Wrap Up - SWN #170 from 2021-11-24T19:45:43

This week in the Security Weekly News Wrap Up: Dr. Doug rants in preparation for the Holidays, Scams, Exchange Flaws, SquirrelWaffel, honeypots, hoodies, & more!

Show Notes: Listen

Invest Properly - BSW #241 from 2021-11-24T10:00

As a CISO tasked to present to the Board or other executives, communicating cybersecurity in business context is critical to success. Hear from Kevin Powers, who has taught hundreds of CISOs in ...

GoDaddy Breached, Imunify360, Holiday Scams, Bug Bounties Surge,&Bryon Hundley - SWN #169 from 2021-11-23T22:24:51

This week in the Security Weekly News, Dr. Doug talks: Grandma's recipe, Imunify360, GoDaddy, Nigeria, holiday scams, bug bounties, & Bryon Hundley from ISAC joins for Special Guest Commentary! ...

Max Headroom - ASW #175 from 2021-11-23T10:00

This week, we welcome Liam Randall, CEO at Cosmonic, to talk about wasmCloud - Distributed Computing With WebAssembly! CNCF wasmCloud helps developers to build distributed microservices in WebAs...

Kinky VR, FatPipe, Win11, Glitch, Perswaysion,&Satoshi Nakamoto - Wrap Up - SWN #168 from 2021-11-19T20:28:52

This Week Dr. Doug talks: Satoshi Nakamoto, Weird Sex Objects, teaching hackers, Fatpipe, Banks, Win 11, Glitch, and Perswaysion [sic], and Show Wrap-Ups, on the Security Weekly News!

Fol...

Crystal Ball Gazing - ESW #251 from 2021-11-19T10:00

ExtraHop VP, GM of International and Global Security Programs Mike Campfield joins Security Weekly for a retrospective on ransomware in 2021, shares his predictions on how it will evolve in 2022...

Hackers Be Hackin' - PSW #719 from 2021-11-18T23:00

This week, we kick off the show with a technical segment where we walk through creating vulnerable Docker Containers – On Purpose! Then, Derek Rook from Senior Director Purple Team atTeradata, &...

Massive Damage - SCW #95 from 2021-11-18T10:00

CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to ...

Cyber Money Ball - BSW #240 from 2021-11-17T10:00

This week, we welcome Tony Cole, CTO at Attivo Networks, to discuss Protecting Identity Services! Identity Services such as Active Directory is an area that is almost always utilized by the atta...

FBI, Eyeball Lies, Intel, Microsoft,&Smishing - SWN #167 from 2021-11-16T22:02

This week on the Security Weekly News, Dr. Doug talks: The Eyes don't lie, the FBI, Intel, Microsoft, pompompurin, smishing, and ransom consulting! All this and Aaran Leyland's Expert Commentary...

Eyes Open - ASW #174 from 2021-11-16T17:00

This week, we welcome Ryan Lloyd, Chief Product Officer at Guardsquare, to discuss Mobile Application Security! Mobile applications have a unique attack surface. The tools and techniques being u...

Attack&Defense - ESW #250 from 2021-11-12T22:00

This week, we welcome Angela Marafino, PM at Microsoft, to talk about MegatronAL on Kicking in the Door to Cybersecurity! In the second segment, we welcome Nick Leghorn, Director of Application ...

Lyceum, Elon, Buzz Words, PS5, PunyCode, Palo Alto,&Small Business - Wrap Up - SWN #166 from 2021-11-12T19:01:14

This week, Dr. Doug talks: Elon buys my motorcycle, Lyceum, Buzz word security, PS5, Puny Code, Palo Alto, and Small biz, and the show wrap ups on the Security Weekly News Wrap Up show!

 ...

Snowed In - PSW #718 from 2021-11-11T22:00

This week, we kick off the show with an interview featuring Lodrina Cherne, and Martijn Grooten join to discuss the Realworld capabilities of Stalkerware! Then, Sachin Mahajan from Inguardians j...

A Good Crisis - SCW #94 from 2021-11-11T10:00

Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should ...

Getting Involved - BSW #239 from 2021-11-10T18:30

The rise in cyberattacks and the switch to remote work has kept security teams busy, but it has also left them isolated by halting their ability to meet with peers and network with industry frie...

You Browser, MediaMarkt Hack, RobinHood Breach, Zoho,&Elon's Twitter Poll - SWN #165 from 2021-11-09T22:26:02

This week Dr. Doug talks: ThisElon, UL, You, Robin Hood, Zoho, lots of ransomware, and the return of Jason Wood for Expert Commentary on the Security Weekly News!

Show Notes: Listen

Schools of Magic - ASW #173 from 2021-11-09T10:00

This week, Mike, John and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply...

Linux CVE, War Driving, Pegasus Blacklisted, Darkside Bounty,&Braktooth - Wrap Up - SWN #164 from 2021-11-05T18:46:54

This Week in the Security News Dr. Doug talks: War driving, Linux kernels, Pegasus, Darkside, Braktooth, Clippy, and more, on the Security Weekly News Wrap Up!

Show Notes: Listen

The Big Ol' Nothing Burger - ESW #249 from 2021-11-05T17:00

This week, we welcome Chad Skipper, Director Product Marketing at VMware, to talk about Detecting the Next Breach: How to Win the War With NSX NDR! In the second segment, we welcome Frank McGove...

Funny Stories - PSW #717 from 2021-11-04T22:30

This week, we kick off the show with an interview featuring Doug Burks, CEO of Security Onion Solutions, who joins to discuss Peel Back the Layers of Your Enterprise with Security Onion 2! Then,...

Diversity&Equality - SCW #93 from 2021-11-04T09:00

With cybersecurity skills already in short supply, the prospect of losing what little workforce there is to pull from to resignations (especially in the context of the ‘Great Resignation’), is a...

Fail Fast - BSW #238 from 2021-11-03T09:00

This week, we welcome Kyle McNulty, Founder and Host at Secure Ventures, to discuss Easy Ways for Businesses to Become More Resilient! More and more, start-ups and small companies have to consid...

Ransomware Busts, Dancing Holograms, HTTP Headers, FreeSwitch,&Trojan Source - SWN #163 from 2021-11-02T20:58:50

This week in the Security Weekly News, Dr. Doug talks: Dancing holograms, REvil again, Ransomware busts, hiding malware in source code, http header smuggling, Freeswitch, and the return of Jason...

Actual Secrets - ASW #172 from 2021-11-02T19:30

This week, we welcome Peter Klimek, Director of Technology, Office of the CTO at Imperva! Peter will talk to the challenges he's hearing from customers and partners about managing the security o...

Virtual Crime, SEO Poisoning, QR Code Phishing, Meta,&War-Driving - Wrap Up - SWN #162 from 2021-10-29T18:13:09

This week in the Security News Wrap Up, Dr. Doug talks: Virtual crime, wardriving, Iran, SEO, QR Code Attacks, Avast, CISA, Windows 11, Zuck strikes back, & more!

Visit Listen

World Chocolate Day - ESW #248 from 2021-10-29T09:00

This week, we welcome Jamie Moles, Senior Technical Marketing Manager at ExtraHop, to discuss Decrypt As If Your Security Depends On It! In the Enterprise Security News, Devo, Dragos, Cato Netwo...

The Supreme Counsel - PSW #716 from 2021-10-28T21:30

This week, we kick off the show with an interview featuring Roger Grimes, Data-Driven Defense Evangelist, KnowBe4, who joins to discuss the Evolution and Maturity of the Cybersecurity Industry! ...

Overly Prescriptive - SCW #92 from 2021-10-28T09:00

Tony and Thomas will discuss the importance, value, and challenge of cross-mapping security frameworks, and the rationale and process used by CIS to create end support mapping, and some real-wor...

The Sky Is Falling! - BSW #237 from 2021-10-27T09:00

This week, we welcome Renee Tarun, Deputy CISO at Fortinet, to discuss Fight Fire With Fire: Proactive CyberSec Strategies for Security Leaders! In the Leadership and Communications section for ...

Horror Stories - ASW #171 from 2021-10-26T21:00

This week, we welcome Ashish Rajan, Head of Security & Podcast Host at Cloud Security Podcast, to discuss Security Champions in an Online First World! Ashish will talk about building a security ...

SMS Fraud, REvil Revenge, XP Users, Nobelium Returns,&Polygon Bug Bounty - SWN #161 from 2021-10-26T20:32:05

This week in the Security News Dr.Doug talks: REvil strikes back, Windows XP, SMS fraud, Nobelium, BQE, Discourse, Polygon, and the returning Expert Commentary of Jason Wood!

Sho...

Truth Social, GPS Chaos, Quickfox, FIN7, Cyber-Training,&Bye-Bye FTP - Wrap Up - SWN #160 from 2021-10-22T21:32

This Week Dr. Doug talks: CyberTraining, the death of FTP, Quickfox VPN, Zerodium, FIN7, TruthSocial, GPS hijinx, candy corn, as well as all the show wrap ups on this edition of the Security Wee...

Holy Guacamole - PSW #715 from 2021-10-22T21:23:53

The business of Security is gaining in maturity, from being an obscure corner of IT to becoming a core part of the C-Suite. How is this transformation happening and what can we learn from the si...

Dancing In the Pool - ESW #247 from 2021-10-22T09:00

This week, we welcome Joshua Copeland, SOC Director at ATT, to talk about the First Jobs in Cybersecurity: The Analyst Role! In the Enterprise News: HelpSystems Acquires PhishLabs, Elastic and O...

Different Directions - SCW #91 from 2021-10-22T00:30

We’re getting closer to the Q1 2022 release of PCI DSS 4.0, which is expected to differ from the current PCI DSS 3.2.1 version in a few key ways. This includes giving organizations more options ...

Just Crazy - BSW #236 from 2021-10-20T09:00

The Security Weekly 25 Index hits an all-time high for the third straight quarter! In this segment, Matt, Jason, and Ben break down the cybersecurity market winners and losers, in both the publi...

Faux FBI Sites, Sinclair Outage, ISC Squared, TianFu Winnings,&Phishing For 0-Days - SWN #159 from 2021-10-19T20:23:30

This week, Dr. Doug talks: Sinclair, Ransomware, angry governors, ISC-square, Tian Fu, Fake Government sites, robot umpires, along with the returning Expert Commentary of Jason Wood on this Edit...

Highly Technical - ASW #170 from 2021-10-19T09:00

This week, we welcome Nuno Loureiro, CEO at Probely, and Tiago Mendo, CTO at Probely, to talk about Dev(Sec)Ops Scanning Challenges & Tips! There's a plenitude of ways to do Dev(Sec)Ops, and eac...

Wastewater Ransoms, Juniper Networks, South Korea,&Acer Hack - Wrap Up - SWN #158 from 2021-10-15T19:37:50

This Week in the Security Weekly News Wrap Up Show: Juniper, Wastewater Attacks, South Korea, Phone Scanning, Acer, Android, and Journalists Under Fire as well as all the show Wrap-Ups for this ...

Space Force - PSW #714 from 2021-10-15T19:00

This week, we kick off the show with an interview featuring Zach Wasserman, CTO & Co-Founder of Fleet, who joins us to discuss Open Source Endpoint Security with OSquery & Fleet! Then, Sven Morg...

Beautiful Sites - ESW #246 from 2021-10-15T15:00

This week, Adrian and Paul talk about why we need A Plea for Better Press Releases! In the second segment, we welcome Surag Patel, Chief Strategy Officer at Contrast Security, to discuss Why Les...

This Is Fascinating - SCW #90 from 2021-10-14T09:00

Tune in for this discussion on social engineering and its merits on being recognized as a legitimate component of cyber security. We'll also dive into the whole notion of motive and intent as it...

Shiny Toys - BSW #235 from 2021-10-13T09:00

It is Cybersecurity Awareness Month, but security awareness is a lot tougher than just dedicating a month to awareness activities. Security awareness is a journey, requiring motivation along the...

NSA Warnings, SnapMC, Olympus Hacked, Brother Printers,&Android Lists Malware - SWN #157 from 2021-10-12T20:41:31

This week Dr. Doug talks: More Apple 0-Days, SnapMC, the NSA, Olympus, Brother, Android, Facebook, GTA Remakes, and the returning Expert Commentary of Jason Wood on the Security Weekly News!

Halloween Horror - ASW #169 from 2021-10-12T09:00

This week, we welcome Tom Gibson, Senior Staff Engineer at Cloudsmith, to talk about Modernizing the Management of Your Software Supply Chain! This week in the AppSec News, Mike and John talk: T...

Excel Macros, Twitch Leaks, Canopy Unpatched XSS, LANtenna,&Apache - Wrap Up - SWN #156 from 2021-10-08T19:01:47

This week in the Security Weekly News: Dr. Doug talks Resilience, Twitch, Apache, Canopy, Microsoft, LANtenna, and the US Navy playing Age of Empires, as well as all the show Wrap-Ups on this ep...

Feeling Really Lame - PSW #713 from 2021-10-08T17:00

This week, we kick off the show with an interview featuring Dan DeCloss, the Founder of PlexTrac, for a segment all about Survey Says: Improve Your Security Posture by Purple Teaming! Then, a se...

Complete Nightmare - ESW #245 from 2021-10-07T21:00

This week, we welcome Richard Reinders, Head of Security at Gravity Payments, to discuss Better Sales, Worse Relationships? In the next segment, we welcome Ryan Kalember, Executive Vice Presiden...

Providing the Assurance - SCW #89 from 2021-10-07T09:00

This week we're talking all things ISO27001 with Wim Remes! We're starting with what it is, the who, what, where, when, why etc. then we'll talk about the bad and the good. Tune in for this spec...

Getting Better - BSW #234 from 2021-10-06T09:00

With the first recorded death from a Ransomware attack during the Pandemic, it's time to take medical device security seriously. Dan Purvis, CEO at Velentium, joins Business Security Weekly to d...

Python Ransomware, Facebook BGP, Coinbase MFA,&Windows 11 Release - SWN #155 from 2021-10-05T21:38:33

This Week Dr. Doug talks: Facebook BGP, Disabled Vets, Coinbase, Cybermonth, Windows 11, Python Ransomware, fake plumbuses, & the Special Guest Expert Commentary of Adrian Sanabria on this episo...

Opposite Direction - ASW #168 from 2021-10-05T09:00

This week, we welcome Hillary Benson, Director, Product Management of Secure & Protect at Gitlab, to discuss The Power of Developer-First Security! In the AppSec News, John and Mike discuss Prot...

GiantPay, Google 0-Days, CISOs in Organizations,&CISA Tools - Wrap Up - SWN #154 from 2021-10-01T19:07:33

Special guest host Aaran Leyland joins us for the Security News Wrap Up! This week: Google Patches 0 Days, 5-Figure Ransoms, new CISA Tools, & the show Wrap Ups for this week!

Follow us o...

Blinky Boxes - PSW #712 from 2021-10-01T09:00

This week, we welcome Mehul Revankar, VP Product Management and Engineering, VMDR at Qualys, to discuss Defense Strategies to Combat Sophisticated Ransomware! In the Security News, Microsoft add...

Nice&Slow - ESW #244 from 2021-09-30T21:00

This week, we welcome Juliet Okafor, CEO & Founder at RevolutionCyber, to discuss How Good CISOs Build Bad Security Programs! In the second segment, we welcome Joseph Salazar, Technical Deceptio...

Little Bugs - SCW #88 from 2021-09-30T09:00

This week, we welcome Casey Ellis, Founder/Chair/CTO at Bugcrowd, to talk about Compliance and “The Crowd”! Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they ...

Shiny Thing - BSW #233 from 2021-09-29T09:00

This week, we welcome Guillaume Ross, CISO at Finaptic, to discuss Building Security from Scratch: One Year as CISO at a Start-up! We often think "this would be so much better if done properly f...

Zix Phishing, Side Eye Toddler NFT, VCenter Redux, Auntie M,&Safepal Fraud - SWN #153 from 2021-09-28T21:27:55

This Week in the Security News: The Side Eye Toddler, Zix, Clubhouse, VCenter redux, Auntie M, Safepal, Virgil Griffith, the FBI, & the Expert Commentary of Jason Wood!

Show Note...

Skills&Knowledge - ASW #167 from 2021-09-28T18:30

This week, we welcome Anita D'Amico, VP, Market Development at Synopsys, and Patrick Carey, Senior Director of Product Marketing at Synopsys, to discuss AppSec Orchestration/Correlation & DevSec...

Everything's All Blurry - PSW #711 from 2021-09-24T19:00

This week, we kick off the show with an interview featuring Mike Cohen, from Rapid 7, and Wes Lambert from Security Onion Solutions, for a segment all about Velociraptor & Digging Deeper! Then, ...

NanoMQ 0-Day, iOS Patches, GeoFencing,&FamousSparrow APT- Wrap Up - SWN #152 from 2021-09-24T17:32:48

This week in the Security News: Dr. Doug's Favorite Threat of the Week, Apple, Apple, and Apple, NanoMQ, geofencing, FamousSparrow, VMWare, the Foundation Trilogy, as well as all the show Wrap-U...

Break All Your Stuff - ESW #243 from 2021-09-24T09:00

This week, we welcome Joe Gillespie, Director at Probely, and Nuno Loureiro, CEO at Probely, to talk about Scaling Application Security! In the next segment, we welcome Chris Cochran, Founder an...

Blinky Lights - SCW #87 from 2021-09-23T09:00

This week, we welcome Johanna Baum, CEO, Founder at Strategic Security Solutions, to talk about Activism v. Hacktivism! "Hacktivism" is a controversial term with several meanings. The word was c...

Turning the Battleship - BSW #232 from 2021-09-22T09:00

This week, we welcome Tom Roeh, Director of Systems Engineering at ExtraHop, to discuss Accelerating 0-Trust Adoption W/ End2End Visibility & Increased Collaboration! In this episode, we discuss...

Healthcare Policy, Amazon AI, Google OSTIF, OMIGOD Vuln, iOS 15,&Time Crystals - SWN #151 from 2021-09-21T19:18:31

This Week in the Security News: Cosa Nostra, Amazon AI, Healthcare Apps, OSTIF, OMIGOD, IOS 15, Thailand, and Time Crystals! All this and the triumphant return of Jason Wood for Expert Commentar...

Don't Hate the Player, Hate the Game - ASW #166 from 2021-09-21T09:00

This week, we welcome Jeff Williams, Co-Founder and Chief Technology Officer at Contrast Security, to discuss Transforming Modern Software Development with Developer-first Application Security! ...

Playing Hanky Panky - PSW #710 from 2021-09-17T19:00

This week, we kick off the show with an interview featuring Sinan Eren, VP of Zero Trust Access at Barracuda Networks, to discuss The State of Network Security in 2021! Then, we welcome Justin C...

Infosec Training Advice&Soft Skills From Offensive Security - Wrap Up - SWN #150 from 2021-09-17T17:46:42

Offensive Security expert Jeremy Miller walks us through his own career progression and training, revealing what it takes to be successful in infosec, especially the soft skills required. He com...

Not That Mysterious - ESW #242 from 2021-09-17T09:00

This week, we welcome Tolga Kayas, Assistant Application Security Manager at Invicti Security, to discuss Web Asset Discovery in Application Security! Next up, we welcome back John Loucaides, VP...

Chocolate Bar Bounty - SCW #86 from 2021-09-16T09:00

This week, we welcome Jim Henderson, Insider Threat Mitigation Training Course Instructor & Consultant at Insider Threat Defense Group, Inc., to discuss Insider Threats Overview - Going Beyond T...

Dead End - BSW #231 from 2021-09-15T09:00

This week, we welcome Kevin Nolten, Director of Academic Outreach from Cyber.org! Kevin joins Business Security Weekly to discuss how cyber education is the key to solving the skills gap and dev...

REvil Redux, Pegasus Patch, Meris Botnet, Litecoin's Fraudulent Gains,&Sinan Eren - SWN #149 from 2021-09-14T20:54:13

This week in the Security News: Pegasus, Revil Redux, WooCommerce, Kaspersky reports, Meris, workers going around security, & litecoin. All this and Sinan Eren from Barracuda Networks joins to d...

Drive - ASW #165 from 2021-09-14T09:00

This week, we welcome Manish Gupta, CEO and Co-Founder of ShiftLeft, to discuss Findings From the 2021 AppSec Shift Left Progress Report! Data from the ShiftLeft customer report shows that compa...

The Magic Fix - PSW #709 from 2021-09-03T09:00

This week, we kick off the show with a technical segment, all about working with NMAP Vuln Scanning & Flan! In the Security News: Lightning cables that steal passwords, Malicious Code in your VR...

Large Stacks - ESW #241 from 2021-09-02T21:00

This week, first up, we welcome, Philippe Lafoucrière Distinguished Security Engineer GitLab Inc, to talk about Transparency in Large Supply Chains! Then, John Smith, Principal Engineer of Secur...

CREAM, IoT Hacks, DDoS, McFlurries,&iDriver's Licenses - Wrap Up - SWN #148 from 2021-09-02T18:22:32

This week Dr. Doug talks: "The Gubmint", McFlurries, CREAM, IoT hacks, DDos, and New IDrivers licenses, as well as all the show McWrap Ups on this edition of the Security Weekly News Wrap Up Sho...

We Love Your Dog - SCW #85 from 2021-09-01T09:00

This week, we welcome Christopher Bulin, Founder & CEO at Proven PCI, to talk about The Truth Behind the Payments! SMB needs to understand the importance of being PCI compliant and that just bec...

Who Do You Trust? - BSW #230 from 2021-08-31T21:00

This week, we welcome Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, to discuss the State of Cyber Threats: Tenfold Increase in Ransomware! Lookin...

ChaosDB, China Limits Games, CISA MFA, Sudo Warnings, Samedit,&Jason Wood - SWN #147 from 2021-08-31T19:06:42

This Week Dr.Doug talks: China limits gaming, ISIS gets caught using AWS, Tensorflow, ChaosDB, CISA and multifactor, sudo bugs, Baron Samedit, and Papa Legba. All this and Jason Wood returns for...

Magical Forest - ASW #164 from 2021-08-31T09:00

This week, we welcome Caroline Wong, Chief Strategy Officer at Cobalt, to discuss A DevOps Perspective on Risk Tolerance & Risk Transfer! In the segment Mike and Caroline will discuss Risk Toler...

Yard Sale - PSW #708 from 2021-08-27T19:00

This week, we kick off the show with a technical segment, all about working with OpenVAS! Next up, we welcome Patrick Wardle, founder of Objective-See, to talk Trends in Mac Malware and Apple Se...

Ragnarok Decryptor, Cost of Hacking, OnlyFans,&IoT Camera Flaws - Wrap Up - SWN #146 from 2021-08-27T18:41:13

This week Aaran Leyland joins as a guest host and talks: the true cost of hacking social network accounts, OnlyFans rescinds policy changes, IoT Camera Flaws, & the Ragnarok Decryptor release, a...

Eliminating the Variants - ESW #240 from 2021-08-26T09:00

This week, first up, we welcome Kelly Shortridge, Senior Principal Product Technologist at Fastly, to talk about “Deciduous”, Decision Trees, and Security Chaos Engineering! Then, Deb Radcliff, ...

Homework - SCW #84 from 2021-08-25T09:00

This week, we welcome Tim Callahan, SVP, Global CISO at Aflac, to talk about From Compliance to Resiliency: The Evolution of InfoSec! Because only maintaining compliance is not enough to protect...

Controls&Conditions - BSW #229 from 2021-08-24T21:00

This week, Ben Carr, CISO at Qualys, joins Business Security Weekly to share his views on the evolving role of the CISO. He’ll dive into the ever changing risks and how CISOs need to understand ...

ProxyShell Attacks, Liquid Robbed, Realtek SDK,&3D Printing Peril - SWN #145 from 2021-08-24T19:41:31

This week in the Security News, Dr.Doug talks: Liquid, proxyshell redux redux, Realtek and Mirai, The Spaghetti Detective, the Taliban, Powerapps, and Hong Kong censorship, and the returning Exp...

Strange New Clouds - ASW #163 from 2021-08-24T09:00

This week, we welcome Shubhra Kar, Global CTO and GM of Products & IT at The Linux Foundation, to discuss Challenges in Open Source Application Security! In the AppSec News: BlackBerry addresses...

Win 11 ISOs, OnlyFans, Cisco Critical Flaw, Kalay,&Fortinet vs. Rapid7 - Wrap Up - SWN #144 from 2021-08-20T18:45:52

This week in the Security Weekly News Wrap Up, Dr. Doug Talks: Fortinet vs. Rapid7, OnlyFans, Cisco, Kalay, TMobile, the "gub'mint", & more!

Visit Listen

Burning Hard Drive - PSW #707 from 2021-08-20T09:00

This week, we jump straight Into the Security News for this week: Buffer overflows galore, how not to do Kerberos, no patches, no problem, all your IoTs belong to Kalay, the old pen test vs. vul...

Crushing It - ESW #239 from 2021-08-19T21:00

This week, in our first segment, we welcome Allie Mellen, Industry Analyst at Forrester Research, to talk about Humanizing Security Operations! Then, we welcome Darren Guccione, CEO & Co-Founder...

Exception to the Rule - SCW #83 from 2021-08-19T09:00

This week, we welcome Naomi Buckwalter, Founder & Executive Director at Cybersecurity Gatebreakers Foundation, to discuss Gatekeeping in Cybersecurity! The “cybersecurity skills gap” is a myth. ...

Recipe for Disaster - BSW #228 from 2021-08-18T09:00

This week, we welcome Fleming Shi, CTO at Barracuda Networks, to discuss Ransomware Trends 2021! In the Leadership and Communications segment, 7 tips for better CISO-CFO relationships, 5 Simple ...

DeepBlueMagic, T-Mobile, Shell Code, Colonial Returns,&Fake CAPTCHA - SWN #143 from 2021-08-17T20:23:56

This week, Dr. Doug talks: T-Mobile, Deepbluemagic, shell games. China strikes back, Colonial revisited, Fortinet, Captchas, and Cardinals on Parade, All this and the return of Jason Wood on the...

Time Traveling - ASW #162 from 2021-08-17T17:30

This week, we welcome Mike Rothman, President & Co-founder at DisruptOps, to discuss DevSecOps - Making It Real! In the AppSec News, Bug bounty report that cleverly manipulates a hash for profit...

Turn That JIT Off! - PSW #706 from 2021-08-13T19:29:08

This week, we kick off the show with an interview featuring Joe Gray, Senior OSINT Specialist at Qomplx, where we talk OSINT & Social Engineering ! Next up, we welcome Kyle Avery, a Penetration ...

Zoom Payout, PrintNightmare 0-Day, Chaos Malware, Aggah,&INFRA:HALT Bugs - Wrap Up - SWN #142 from 2021-08-13T18:55:22

This Week, Dr. Doug talks: Printnightmare, Chaos, VR Nightmares, Aggah, Infra:Halt, Zoom, and Dallas County revisited, as all the show Wrap Ups on this edition of the Security Weekly News!

Zombie Security Control - ESW #238 from 2021-08-12T22:00

This week, Paul, Tyler, and Adrian talk about the Different Approaches To Vulnerability Management! In the Enterprise News: Latent AI, Optiv Security Launches Next-Gen Managed XDR, An Intriguing...

Time Lord - SCW #82 from 2021-08-12T09:00

This week, we welcome Matthew Erickson, Vice President of Solutions at SpiderOak Mission Systems, to discuss Protecting Comm. & Collaboration in Contested Environments! Protecting digital commun...

The Road Map - BSW #227 from 2021-08-11T22:30

This week, we welcome Jim Routh, Former CSO, Board member, Advisor at Virsec, to discuss The 3 Mistakes All First Time CISOs Make That No One Tells You! In the Leadership and Communications sect...

Thinking Alike - ASW #161 from 2021-08-10T22:00

This week, we welcome Tom Hudson, Security Research Team Lead at Detectify, to discuss Securing Modern Web Apps: Development Techniques are Changing! In the AppSec News, Hardware hacking for aut...

GPT-3, SOHO Routers Redux, Proxy Shell,&Jason Wood - SWN #141 from 2021-08-10T21:30:59

This week, SOHO Routers Redux, GPT-3, Microsoft Proxy Shell and Petitpotam, Flytrap, Nichestack, Bitcoin taxes, and Rickrolling. All this and Jason Wood on the Security Weekly News!

Cisco Patches, CISA Task Force, Black Hat Recap,&LockBit 2.0 - Wrap Up - SWN #140 from 2021-08-06T18:47:53

This week, Dr. Doug talks Blackhat, NSA, CISA, Autonomous Vehicles, Bazar, evil Liver, Lockbit 2.0 as well as all the show wrap ups on this edition of the Security Weekly News Wrap up Show!

Backhanded Softball - PSW #705 from 2021-08-06T16:00

This week, we kick off the show with an interview featuring Rick Farina, & Rick Mellendick Board Members at RF Hackers Sanctuary, to talk about RF Village at DefCon! Next up, we.0 welcome Scott ...

Monolithic Approach - ESW #237 from 2021-08-06T01:00

This week, in our first segment, we welcome Matt Cauthorn, VP Cloud Security at ExtraHop, to talk about the Cyber Hat Trick: How Ransomware Gangs Exfiltrate, Encrypt & Exploit! Then, we welcome ...

Blurred Lines - BSW #226 from 2021-08-04T09:00

This week, we welcome Edward Liebig, CISO at Delviom LLC, to discuss OT Security for Critical Infrastructure and Why It Is Not “Intuitive”! In the Leadership and Communications articles, 10 secu...

NSA Warning, NSO Spyware, Pneumatic Tubes Vulns,&Hidden Crypto Regulations - SWN #139 from 2021-08-03T20:06:51

This week in the Security Weekly News: The NSA, The NSO, Microsoft, Sonic Screwdrivers, regulating cryptocurrency, a mysterious NPM, All this and Jason Wood's legendary Expert Commentary!

Shrug&Move On - ASW #160 from 2021-08-03T16:00

This week, we welcome Maggie Jauregui, Offensive Security Researcher at Intel, to discuss Platform Firmware Security! Firmware security is complex and continues to be an industry challenge. In t...

The Dr. Strange Moment - PSW #704 from 2021-07-30T18:30

This week, we kick off the show with an interview featuring Alyssa Miller, BISO at S&P Global, to talk about the how the “B” in BISO is for Business! Next up, we welcome Michael Welch, Managing ...

PetitPotam Attack, PyPI Malware, NSA Device Guidance,&Meteor Wiper - Wrap Up - SWN #138 from 2021-07-30T17:41:37

This week Dr. Doug talks: Patching, PetitPotam, Elon, Microsoft Defender, Ransomware rules, Meteor, and more, on this edition of the Security Weekly News Wrap up Show! Visit https://www.security...

Bad Example - ESW #236 from 2021-07-30T09:00

This week, in our first segment, we welcome Da-Wyone Haynes, Consultant in Data Analytics at Aegon & Transamerica, to talk about The Need for CyberSecurity Training Programs and the Role Cyber P...

Ancient Court - SCW #81 from 2021-07-29T09:00

Priya Chaudhry joins us today as co-host and we are eager to catch up with her and get her legal perspective on recent litigations and proposed legislation that impacts our world of security and...

Coffee&Cocktails - BSW #225 from 2021-07-28T16:30

This week, we talk Security Money! Both the Security Weekly 25 Index and the NASDAQ close at record highs on 7/23/2021. See how the security market continues to stay hot.

In the Leadershi...

Babuk Forum Hack, Exotic Programming, Kaseya Decryption,&"Petitpotam" Attack - SWN #137 from 2021-07-27T19:57:40

This week: Dr. Doug talks Elon saying scary things, Exotic Programming languages, Babuk, Kaseya, Petitpotam, litigation and of course the Expert Commentary of Jason Wood on this edition of the S...

Policy of Truth - ASW #159 from 2021-07-27T17:30

This week, we welcome Peter Klimek, Director of Technology, Office of the CTO at Imperva, to discuss Navigating the seas of security in serverless functions!

In the AppSec News: CWE relea...

Nefarious Drivers - PSW #703 from 2021-07-23T18:00

This week, we kick off the show with an interview featuring Jeff Tinsley, CEO of RealMe, to talk about The Online Safety and Security as it Pertains to Dating Apps and Online Marketplaces! Next ...

SeriousSam, Kaseya Decrypts REvil, Hacker Bounties, SonicWall,&Pegasus - Wrap Up - SWN #136 from 2021-07-23T17:26:23

This week in the Security Weekly News Wrap Up: Pornageddon, Pegasus, Kaseya, SeriousSam, The FBI Wants hackers dead or alive, SonicWall, HPrinters, Show Wrap Ups, and more!

Show ...

Everyone Works Everywhere - ESW #235 from 2021-07-23T09:00

This week, in our first segment, we welcome Ed Rossi, Vice President of Product Management, Asset Inventory & Discovery at Qualys, to talk about Reinventing Asset Inventory for Security! Then, i...

Constantly Frustrated - SCW #80 from 2021-07-23T00:00

This week, we welcome Joseph Kirkpatrick, President at KirkpatrickPrice, to talk about Your Security Is ALWAYS in Scope!

Our client was using a hosted service to perform remote m...

Use Your Network - BSW #224 from 2021-07-21T09:00

In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collabor...

iOS RCE, Pegasus Spyware Leak, Florida Victims Targeted,&Debugging MosaicLoader - SWN #135 from 2021-07-20T20:13:32

This week in the Security News: Billionaires in Space again, grayware, Candiru fish, iOS, China, Mosaic, and of course the returning Expert Commentary of Jason Wood!

Show Notes: ...

Fall On Our Sword - ASW #158 from 2021-07-20T17:30

This week, we welcome David DeSanto, Senior Director, Product Management, Dev & Sec at Gitlab! In the wake of events such as the Solarwinds breach, there has been a lot of misinformation about t...

Glorious Purpose - PSW #702 from 2021-07-16T18:30

This week, we kick off the show with an interview featuring Scott Scheferman, Principal Strategist at Eclypsium, to talk about The BIOS Disconnect and vulnerabilities affecting the BIOSConnect f...

Kaseya, Luminous Moth, Amazon, Microsoft, REvil,&Luminous Moth - Wrap Up - SWN #134 from 2021-07-16T17:57:12

Where have all the PS5s gone, Luminous Moth, Amazon, Microsoft, Revil, Kaseya, and more along with show wrap-ups on this edition of Security Weekly News.

Show Notes: Listen

Following the Dollar - ESW #234 from 2021-07-16T16:30

This week, in our first segment, we welcome Rajiv Thomas, Sr Systems Engineer at Gas South LLC, to discuss Gas South and ExtraHop- A Journey of Security Partnership! In the Enterprise News, Cont...

Tell the Truth - SCW #79 from 2021-07-15T09:00

We'll start with a brief discussion of what HIPAA and is not (e.g., it's doesn't prevent your employer from ask you about your health). Then discuss recent developments like ongoing how ransomwa...

Stop the Bleeding - BSW #223 from 2021-07-14T09:00

Every day brings news of more breaches and ransomware attacks. Why are organizations failing to protect themselves, and what can we do to combat these cybersecurity threats? Technological advanc...

Drink Our Own Champagne - ASW #157 from 2021-07-13T21:00

In the AppSec news, a password manager makes predictable mistakes, Trusted Types terminate DOM XSS, waking up from PrintNightmare, understanding hardware fault injections.

The tr...

SolarWinds, Kaseya, Cisco, Schneider,&Jason Wood - SWN #133 from 2021-07-13T20:58:55

This week, Dr. Doug talks Billionaires in Space, Killer Robots, Kaseya, Solarwinds, Charming Kitten, Schneider Electric, and CISA reports! All this and Jason Wood on this edition of the Security...

Meat Scented Candles - PSW #701 from 2021-07-02T19:00

This week, we kick off the show with an interview featuring Rob Shavelle, Co-Founder and CEO of Abine & DeleteMe, to talk about New Security Threats Stemming from PII Online! Then, Haseeb Awan, ...

LinkedIn Leaks, PrintNightmare, Cyber Legislation,&Beer Bots - Wrap Up - SWN #132 from 2021-07-02T17:54:51

This week in the Security Weekly News: The Revenge of the AI Beer Bots, NIST Software definitions, Printspooler, LinkedIn leaked out, Cybersecurity legislation, and more along with the show Wrap...

Hope&Pray - ESW #233 from 2021-06-30T23:00

This week, in our first segment, we welcome Suha Akyuz, Application Security Manager at Invicti Security, to discuss “Why DAST? from the Project Management Perspective”! In the Enterprise News, ...

Greased Lightning - SCW #78 from 2021-06-30T21:00

This week, we welcome Steve Lenderman, Director, Strategic Fraud Prevention at ADP, to discuss CARES Act Fraud, Paying People & Fraudsters! We will review how synthetics are being utilized to pe...

The Behemoth - BSW #222 from 2021-06-30T09:00

This week, we welcome Jim Richberg, Public Sector Field CISO at Fortinet, to discuss The Year of Hybrid! In the Leadership and Communications section: Cybersecurity today requires greater digita...

GitHub Bounties, Returning Guest Host, CISCO, Binance Banned,&WD Hacks - SWN #131 from 2021-06-29T20:09:23

This week in the Security Weekly News, Number one in the charts, the cyber charts that is, Binance receives the ban hammer from UK's FCA, Lawmakers introduce American Cybersecurity Literacy Act ...

Everything Looks Crazy - ASW #156 from 2021-06-29T09:00

This week, we welcome Clint Gibler, Head of Security Research at r2c, to discuss Scaling Your Application Security Program! In the AppSec News: Visual Studio Code's Workplace Trust, Injured Andr...

The Godfather - PSW #700 from 2021-06-25T18:00

This week, we kick off the show with an interview featuring Jim O'Gorman, Chief Content and Strategy Officer at Offensive Security, to talk Career Pathing and Advice from Offensive Security! The...

Dark Radiation, John McAfee, Dell UEFI, Zyxel, Windows 11,&NYC Advisory - Wrap Up - SWN #130 from 2021-06-25T17:53:09

This week in the SWN Wrap Up, Dr. Doug talks: NYC Department of Health, Windows 11, John McAfee, Dell UEFI, Zyxel, DarkRadiation, and of course the Wrap Ups of all the shows from this week!

Figure It Out - ESW #232 from 2021-06-24T21:00

This week, in our first segment, we welcome Doni Brass, Product Management Lead at Cisco Umbrella, to discuss How Criminals Use Cloud Apps to Inject Chaos into Work Environments! In the second s...

Hesitation About the Test - SCW #77 from 2021-06-24T09:00

Join Dr. Casey Marks for a two-part discussion of the merits of cybersecurity certification and learn whether and how it provides training or proves experience or both, the pros and cons, how to...

'Oddball' Malware, iPhone WIFI Hacks, Russian VPN Bans,&A Special Guest Host - SWN #129 from 2021-06-23T21:18:24

This week in the Security Weekly News: Aaran Leyland guest hosts and talks Oddball, BDSM Videos, iPhone wifi hacks, South Korea, Russia, Carnival, and Google. All this and the returning Expert C...

Rip That Non-Value Add Out - BSW #221 from 2021-06-23T09:00

This week, Ben Higgins and Ted Driggs of ExtraHop join Security Weekly to explore how behavior transparency can give organizations an advantage by distinguishing between expected noise and indic...

Crawling Like a Human - ASW #155 from 2021-06-22T09:00

This week, we welcome Nuno Loureiro & Tiago Mendo from Probely to discuss some Challenges of DAST Scanners, and their Adoption by Developers! Then, in the AppSec News John and Mike discuss: SLSA...

Adrian Overlord - PSW #699 from 2021-06-18T21:00

This week, we welcome Brian Joe, Director of Security Product Marketing at Fastly, to discuss Avoiding the Silo: Bridging the Divide Between Security + Dev Teams! In the Security News: Jeff, Lar...

Cyber Insurance, Akamai Outages, Win 10 EOL,&Pinchy Spider - SWN #128 from 2021-06-18T19:15:48

This week, Dr. Doug talks: Pinchy Spider, Drones, Biden and Putin, Microsoft, CVS, along with the Show Wrap Ups & his Favorite Threat of the Week!

Visit Listen

Sassy&Thoughtful - ESW #231 from 2021-06-18T09:00

This week, in our first segment, we welcome Ian Tien, CEO and Co-Founder of Mattermost, to discuss "Open-Source Enterprise Communication Security "! In the second segment, Russell From, Enterpri...

Help Heal - SCW #76 from 2021-06-17T09:00

Join this segment with Danny Akacki to learn about educating both practitioners and executives on security topics of the day and helping to build community initiatives like trust groups and comm...

Frustratingly Effective - BSW #220 from 2021-06-16T09:00

This week, we welcome Jonny Noble, Technical Marketing Team Lead at Cisco Umbrella, to discuss Securing User Connections to Applications! In the Leadership & Communications articles: Attracting ...

Instagram Bugs, Nuclear RDP, Cyber Games, Risk in Utilities,&Crypto-Astrology - SWN #127 from 2021-06-15T21:15:24

This week Dr. Doug talks: Nuclear weapons, astrology, G7, cyber games, and we are joined by of Jason Wood for Expert Commentary on this episode of the Security Weekly News!

Show ...

Dead Simple - ASW #154 from 2021-06-15T09:00

This week, we welcome Sebastian Deleersnyder, CTO at Toreon, to talk about OWASP SAMM - Software Assurance Maturity Model! In the AppSec News, Mike and John talk: ALPACA surveys protocol confusi...

PCI Security Deathmatch - PSW #698 from 2021-06-11T18:00

This week, we kick off the show with an interview featuring Gene Erik, Senior Product Officer at Xcape, Inc, to talk OpenWRT for Enterprise and Labs! Then, Rob Gurzeev, CEO and Co-Founder of CyC...

RCE Bug in VMWare, Steam Malware, TikTok Biometrics,&Kubernetes Backdoors - Wrap Up - SWN #126 from 2021-06-11T17:55:32

This week in the Security Weekly News, Dr. Doug talks: Bezos in space, Steam, VMWARE, lots of ransomwmare, Siloscape, TikTok, of course the Show Wrap Ups, and his Favorite Threat for this Week!<...

Multiple Soups - ESW #230 from 2021-06-10T09:00

This week, in our first segment, we welcome Stephen Newman Vice President of Product Marketing, at Gigamon ThreatINSIGHT, to discuss " Redefining SaaS Security so SOC/IR Teams Aren’t in the Dark...

That's Nonsense - SCW #75 from 2021-06-09T21:00

This week, we welcome Doug Landoll, CEO at Lantego, to talk about CMMC Program and the DIB Preparation! Doing business with the Federal government has always had its share of requirements and re...

Brain Cycles - BSW #219 from 2021-06-09T09:00

This week, we welcome Travis Isaacson, Technical Expertise Manager at Detectify, to discuss Optimize Buying Criteria to Ensure Success of Your New Security Tools! In the Leadership and Communica...

DarkSide Crypto Repo, New Siloscape Malware, Amazon Sidewalk,&Internet Outages - SWN #125 from 2021-06-08T20:18:52

This week in the Security News Dr. Doug talks: Hillbilly Cannibal Weekend, Siloscape, Amazon is listening, the FBI and the DHS got their eye on you, DHS requirements, Apple Announcements, and Ja...

Something's Out There - ASW #153 from 2021-06-08T09:00

This week, we welcome Daniel Hampton, Senior Solutions Architect at Fastly, to discuss API Security: Understanding Threats to Better Protect Your Organization! In the AppSec News, Tyler Robinson...

The Wrong Lawyer - PSW #697 from 2021-06-07T15:00

This week, we welcome Dan Tentler, Executive Founder at Phobos Group, to discuss Attack Surface Discovery and Enumeration! In the second segment, we welcome back Sumedh Thakar, CEO at Qualys, to...

Jingle the Keys - PSW #696 from 2021-05-28T21:00

This week, Paul Battista, CEO of Polarity, joins us for an interview to talk about Polarity’s Power-up Sessions! Then, Rick Howard the CSO of The CyberWire, joins us to talk about the CyberSecur...

Bezos, Nobelium, Apple Vulns, SonicWall Patches,&VMware RCM - Wrap Up - SWN #124 from 2021-05-28T20:51:09

Nobelium returns, M1RACLES Vuln, Bezos 'The Devourer of Worlds', Vulnhub Doug Rants about his Favorite Threat of the Week and more, on this Security Weekly News Wrap-Up!

Increased Complexity - ESW #229 from 2021-05-28T09:00

This week, In the first segment, we welcome Nathan Hunstad, Principal Security Engineer & Researcher, at Code42, for an interview discussing SIEM and SOAR! Next up, In the Enterprise Security Ne...

Birthday Wishes - SCW #74 from 2021-05-27T09:00

This week, we welcome Allan Friedman, Director of Cybersecurity Initiatives at NTIA, to discuss SBOM!

What is SBOM? Who needs to think about this? Is this required today, and wha...

TrendMicro, DarkSide "Court",&Lessons Learned From Supply Chain Attacks - SWN #123 from 2021-05-26T20:59:58

This week: the Security Weekly News, and special guest Fleming Shi joins for an expert commentary where he discusses API security and supply chain attacks, application security, supply chain sec...

Stop the Bleeding - BSW #218 from 2021-05-26T09:00

This week, we welcome Chris Hallenbeck, CISO, Americas at Tanium, discussing how to Simplify & Accelerate Patch Management! Most people focus on the patch, check that box but they forget the oth...

Everybody's Looking For Something - ASW #152 from 2021-05-25T09:00

This week, we welcome Manish Gupta, CEO and Co-Founder at ShiftLeft, to discuss Bringing Appsec to a Modern CI Pipeline! Appsec in a modern CI pipeline needs a combination of tools, collaboratio...

Jerry the Hedgehog - PSW #695 from 2021-05-21T09:00

This week, we kick off the show with the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, se...

Through the Noise - ESW #228 from 2021-05-20T09:00

This week, in our first segment, we welcome John Masserini, Global Chief Information Security Officer at Millicom Telecom International, to discuss "Identity Management as a Foundation for Futur...

Manual Swivel Chairing - BSW #217 from 2021-05-19T09:00

This week, It's RSA Conference 2021. In our first segment, we welcome Joe Noonan, General Manager at Unitrends, to discuss "Unified BCDR: Why Backup Alone is No Longer Enough". In our second seg...

Hot Potato - ASW #151 from 2021-05-18T09:00

This week, we welcome Aanand Krishnan, CEO at Tala Security, Inc., to discuss Third Party Software Risk on the Web! Web applications are highly dependent on third party content and JavaScript. T...

Very Exciting&Very Scary - PSW #694 from 2021-05-17T16:00

This week, Alex Chaveriat, Chief Innovation Officer at Tuik Security Group, joins us for an interview where he tells us "How Hacking Naked Changed His Life"! Then, I will take you through attack...

The Dogefather, Frags Return, Horse Ridge, Ransomware,&Fightin' Joe - Wrap Up - SWN #122 from 2021-05-14T18:07:59

This week: Dr. Doug talks Elon tweets, Horse Ridge, Frag Attacks, Lots of Ransomware, Fightin' Joe Biden, as well as show Wrap Ups & his Favorite Threat of the Week!

Show Notes: ...

Negative Reinforcement - ESW #227 from 2021-05-14T09:00

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Conv...

What Was Old Is New Again - BSW #216 from 2021-05-12T09:00

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities, as shown in the latest Acunetix b...

Digital Bread Crumbs - SCW #73 from 2021-05-12T09:00

A flurry of legislative and legal activity is re-shaping the way privacy and cybersecurity professionals conduct business. As a result, in addition to actually carrying out their protection resp...

Net Neutrality Redux, Elon Musk, Colonial Pipeline,&Lemon Duck Botnet - SWN #121 from 2021-05-11T20:27:04

This week in the Security Weekly News: Elon, Jerry Lee Lewis, Colonial Pipeline, Net Neutrality redux, Lemon Duck, Rico, & Jason Wood returns for Expert Commentary!

Show Notes: <...

Talking Heads - ASW #150 from 2021-05-11T09:00

While the vision for app security is relatively clear, executing on that vision is still somewhat of a work in progress. Fast-moving, interdependent pieces—custom code and open source packages, ...

Dusty Corners - PSW #693 from 2021-05-07T21:00

This week, Bob Erdman, Associate Director of Development at Core Security, joins us for an interview to talk about Building a Risk-Based Vulnerability Management Program! Then, Jim Langevin, US ...

Bad Pings, Yahoo Answer Babbies, Python Bugs,&Spectre Attacks - Wrap Up - SWN #120 from 2021-05-07T18:07:02

This week in the Security Weekly News Wrap Up Dr. Doug talks: Pings are bad, m'kay, Yahoo Answers, Python ipaddress bugs and the curse of octal, Deepfakes, Qualcom, Spectre, First Horizon Bank, ...

Tyler Has Visitors - ESW #226 from 2021-05-07T09:00

This week, In the first segment, we welcome Steve Springett, Chair at CycloneDX SBOM Standard, Core Working Group, for a discussion on The Rise of SBOM! Next up, Carlos Morales, CTO Security Ser...

Enforcement Body - SCW #72 from 2021-05-06T21:00

Just last month, Virginia became the second state in the U.S. to pass a privacy law – the Consumer Data Protection Act (CDPA). While this doesn’t take effect until 2023, it’s important for busin...

Limitless - BSW #215 from 2021-05-05T21:30

Graham Keavney, President at Cybersecurity Collaboration Forum, joins us to provide an overview of the Cybersecurity Collaboration Forum and the benefits of CISO peer-to-peer networks. This week...

Alert Your Star Destroyers - ASW #149 from 2021-05-04T21:00

Rey Bango will be digging into the developer security training conundrum based on his own experiences with secure coding and security training.

He'll cover:

• The types of security...

Dan Kaminsky, 'BadAlloc' Flaws, Apple 0-Days,&Spectre Defenses Shattered - SWN #119 from 2021-05-04T20:56:24

This week Dr. Doug talks Dan Kaminsky, Spectre, Badalloc, Cardassian Overlords, Apple patches, and the notorious Jason Wood returns for Expert Commentary!

Show Notes: Listen

Passwordstate Backdoor, Gov't Tackles Ransomware,&BinD Updates - Wrap Up - SWN #118 from 2021-04-30T18:54:34

In the Security Weekly News Wrap Up for this week: Government intervention in Ransomware, Joe Biden's response to Russia, Passwordstate, AI, Mitre, Chrome, contaminated instruments, and Dr. Doug...

Vulcan Mind Meld - PSW #692 from 2021-04-30T16:30

This week, Fleming Shi, CTO of Barracuda Networks, joins us for an interview to talk about Protecting the Hybrid Workforce! Then, Fred Gordy, Director of Cybersecurity at Intelligent Buildings, ...

Between the Two Tylers - ESW #225 from 2021-04-30T09:00

This week, Rickard Carlsson, CEO at Detectify, joins us to talk about collaboration as the modern approach application security. In the Enterprise News for this week: HackerOne Enhances Security...

Boil the Ocean - SCW #71 from 2021-04-28T21:00

Richard Struse, Director of The Center for Threat-Informed Defense from MITRE Engenuity joins the SCW crew for a two part interview! -What is threat-informed defense and how does it relate to ot...

Skin in the Game - BSW #214 from 2021-04-28T09:00

Cyber accountability is often overlooked by Board of Directors and the C-Suite. They tend to turn a blind eye to their cyber security mandates or avoid the issue. But as Solarwinds, MS Exchange ...

Emotet Nukes Itself, Nvidia 0-Days, Babuk D.C Attack,&iOS 14.5 - SWN #117 from 2021-04-27T21:11

This week in the Security Weekly News: Dirty emojis, Nvidia zero-days, Shlayer, Cozy Bear, Emotet, Babuk, iOS 14.5, and Jason Wood returns for Expert Commentary!

Show Notes: Listen

Minimum Safe Distance - ASW #148 from 2021-04-27T20:10:03

We start with the article about "Researchers Secretly Tried To Add Vulnerabilities to Linux Kernel, Ended Up Getting Banned" and explore its range of issues from ethics to securing huge, distrib...

Curmudgeon Pills - PSW #691 from 2021-04-26T15:00

Kevin and the CYBER.ORG team are currently finalizing nationwide K-12 cybersecurity learning standards with the goal of having all 50 states adopt them. Expected in the fall, these standards wil...

Lots of Zero Days, SonicWall Vulns, The FBI, The Professor,&The Rest - Wrap Up - SWN #116 from 2021-04-23T20:19:02

Just sit right back and you'll hear a tale, Lots of Zero Days, CodeCov, FBI Hack backs, Cozy Bear, Mystery Science Theatre, the Professor and the rest, here on Security Weekly Wrap Up Island! Listen

Hall of Shame - ESW #224 from 2021-04-23T09:00

This week, we welcome Jeff Deininger, a Principal Cloud Security Engineer, joins us and will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectu...

The Other Guy - SCW #70 from 2021-04-22T09:00

This week, we welcome Chris Hughes, Principal Cybersecurity Engineer at Rise8, to talk about Compliance Innovations in the Cloud. Cloud has and continues to disrupt many traditional business pro...

Go Back To Work! - BSW #213 from 2021-04-21T09:00

When the world went fully remote a year ago, many systems had to migrate from on-premise to the cloud. Now that we're starting to re-open offices, do we move these system back to on-premise or i...

Codecov Attack, Major BGP Leak, Lazarus APT, Discord Ransomware,&GEICO Breach - SWN #115 from 2021-04-20T21:24:27

This week, Dr. Doug talks naughty vaccines, Air frying is not frying, BGP is leaking, Codecov, Lazarus, Google Alerts, Nitro Ransomware, & we're joined once more for expert commentary by Jason W...

That Will Bite Ya - ASW #147 from 2021-04-20T09:00

This week, we welcome Doug Barbin, Managing Partner at Schellman & Company, LLC, to discuss Supply Chain Management! Supply chain security isn't new, despite the renewed attention from the Solar...

When Things Go Sour - SCW #69 from 2021-04-13T21:00

Today we are going to take a look at security awareness training programs in organizations. We are joined to day by Kelley Bray and Stephanie Pratt who will help facilitate the discussion. We'll...

The Hunt for Red October - PSW #690 from 2021-04-09T21:00

This week, Lennart Koopmann, the CTO of Graylog, Inc, joins us for an interview to talk about Nzyme, a Free and Open WiFi Defense System. Then, Dutch Schwartz, Principal Security Specialist at A...

Virtual Audio Bars, Accellion Breach,&Discord/Slack Malware - Wrap Up - SWN #114 from 2021-04-09T18:03:12

This week, Elon visits an audio-only virtual bar, Ubiquity denies, Accellion, ToadSuck.gov, and more, plus show wrap-ups!

Show Notes: Listen

Love Your Energy - ESW #223 from 2021-04-09T09:00

This week, In the first segment, Ryan Noon from Material Security join us for a discussion on Zero Trust! Next up, John Loucaides joins for an interview on firmware attacks, and what enterprises...

A Little Hot - SCW #68 from 2021-04-08T09:00

Errol will talk about his experiences with information sharing and building the world's first Information Sharing & Analysis Center in 1999. Errol brings unique perspective to the table as he wa...

Culture of Innovation - BSW #212 from 2021-04-07T09:00

Are you struggling with Alert Overload, Manual Processes, Multiple/Disparate Tools, Talent Shortage, and/or Budget Constraints? Of course you are! John McClure, Chief Information Security Office...

Microsoft Edge Grows, IRS “Operation Hidden Treasure”,&'more_eggs' Malware - SWN #113 from 2021-04-06T19:39:49

This week, Dr. Doug talks Breaches, Microsoft, the Dead Return to Life, The IRS is coming for your Bitcoin, Have YOU been PWNed, and the Expert Commentary of none other than Jason Wood!

 ...

Contortions - ASW #146 from 2021-04-06T09:00

This week, we welcome Leif Dreizler - Engineering Manager, Product Security - Segment, to talk about Shifting Right: What Security Engineers Can Learn From DevSecOps! In the AppSec News, PHP dea...

Short Term Memory Issues - PSW #689 from 2021-04-02T19:00

This week, Nick Percoco, Chief Security Officer at Kraken, joins us for an interview to discuss The Intersection of Cybersecurity and Cryptocurrency. Robert Lemos, Cybersecurity and Data Journal...

Ubiquiti Breach, North Korean APT, PHP Compromised,&QNAP NAS 0-Day - Wrap Up - SWN #112 from 2021-04-02T18:12:30

This week, Dr. Doug talks Joe Biden, Bad Octal, North Korea Zinc Group, PhP Compromised, NMP, the Mafia, and the show Wrap Ups for the week!

Show Notes: Listen

Escape Room - ESW #222 from 2021-03-31T21:00

This week, In the first segment, Zack Moody from AVX Corporation join us for an interview on the Rise of Insider Threat post Covid-19! Next up, Juliet Okafor joins for an interview on Why User A...

Two Yellow Cards - SCW #67 from 2021-03-31T09:00

The SCW hosts discuss Rafal Los' recent blog post "Vulnerability Management is Still a Mess" ( Listen

Tighten Our Belts - BSW #211 from 2021-03-30T21:00

This week, we welcome Nemi George, VP, IT & Information Security Officer at Pacific Dental Services, to discuss How NDR Technology Helps Manage Cybersecurity Challenges! MoNDR technologies such ...

Apple Store, Microsoft, PhP,&Video Game Cheats - SWN #111 from 2021-03-30T20:28:13

This week, Dr. Doug talks Microsoft, Apple Store, PhP, Video Game Cheating, Joe Biden's executive order, & the return of Jason Wood for Expert Commentary!

Show Notes: Listen

Grab A Sword - ASW #145 from 2021-03-30T09:00

This week, we welcome Andrew van der Stock, Executive Director at OWASP Foundation, to talk about the OWASP Top 10 of 2021! The OWASP Top 10 2021 is in development. A public survey has just been...

Tesla Banned, SolarWinds Patch, Jack Dorsey BlockClock, 11 0-Days, Turing - Wrap-Up - SWN #110 from 2021-03-26T19:26:34

This week, Doug talks SolarWinds patches, Jack Dorsey's Clockblock, Tesla banned, 11 zero-days in one year, Turing, & the recaps of this week's content on the Security Weekly News Wrap-Up!

You Want More Budweiser? - PSW #688 from 2021-03-26T16:30

This week, Mehul Revankar VP Product Management and Engineering at Qualys discusses How to Tame Your Vulnerability Overload. Sven Morgenroth, Security Researcher at Netsparker talks about the da...

Wet Your Beak - ESW #221 from 2021-03-25T09:00

This week, Trey Ford from Salesforce joins us to talk about Platform Security, as well as PaaS and Hosting. Next Up, Jarrett Rodrick from VMware discusses how you can "Jump-start Your SOC Analys...

Wish List - SCW #66 from 2021-03-24T09:00

This week, Jeff, Liam Downward, Scott, & Josh talk PCI with Dan DeCloss and Shawn Scott from PlexTrac!

Show Notes: https://securitywee...

We Like Puppies - BSW #210 from 2021-03-23T21:00

This week, we welcome Christopher Gates, Director of Product Security at Velentium, to discuss the Medical Device Secure Development Lifecycle! How to incorporate security into your existing med...

DTLS Servers, F5, Black Kingdom Ransomware, GE Devices,&Gigamon - SWN #109 from 2021-03-23T20:39:16

This week, Dr.Doug talks GE Universal Relays, NETOP, Microsoft, F5, and has a special Guest Expert Commentary featuring Martyn Crew & Baseer Balazadeh from Gigamon!

Show Notes: <...

The Cure - ASW #144 from 2021-03-23T09:00

This week, we welcome Johanna Ydergard, VP of Detectify Crowdsource at Detectify, and Roberto Giachetta, Engineering Manager at Detectify, to discuss Approaching AppSec Like a Hacker! Security i...

Don't Waste Bourbon - PSW #687 from 2021-03-19T10:00

This week, we welcome Dan Decloss, Founder and CEO at Plextrac joins us to talk about getting the real work done: The case studies. In the Security News, If software got a security grade, most w...

Need More Cowbell - ESW #220 from 2021-03-19T09:00

This week, our good friend Ron Gula joins us to talk about cybersecurity investments, tips for both enterprises and enturprenurs. In the enterprise security news funding announcements from Coali...

Schneider Electric, Tinder, Chrome, Ulysses, Mirai,&Zero Days - Wrap Up - SWN #108 from 2021-03-19T00:11:56

Dr. Doug talks Tinder, Schneider Electric, Chrome, Ulysses, Mirai, as well as his Favorite Threat of the Week, all the show Wrap Ups from this week, & more!

Show Notes: Listen

Free Flowing - SCW #65 from 2021-03-18T09:00

We're excited to have Priya Chaudry with us today, so we are going to focus our discussion on news and events with legal implications (or the legal implications of news and events)!

Blind Spots - BSW #209 from 2021-03-17T21:00

In 1989, Stephen Covey first published "The 7 Habits of Highly Effective People," empowering and inspiring leaders for over 25 years. Is there an equivalent or new set of habits for CISOs? Georg...

Schneider Electric Meters, Chrome Zero Days, Exchange Redux,&Signal - SWN #107 from 2021-03-16T20:56:07

This week: Dr. Doug talks more chrome zero days, Schneider Electric Meters, Exchange redux, Signal, iPhone, Nvidia, and the triumphant return of Jason Wood for Expert Commentary on the Security ...

Always Interesting - ASW #143 from 2021-03-16T19:00

This week, we welcome John Morello, VP of Product at Palo Alto Networks, joins us to talk about Cloud Native Security Platforms! Modern appsec demonstrates the importance of a cloud native strat...

We're A Lot Happier - PSW #686 from 2021-03-12T22:00

This week, we welcome David Hétu, Chief Research Officer at Flare Systems, to discuss How Illicit Markets Really Operate! In the second segment, we jump right into the Security News Microsoft Ex...

Exchange Escalation, "Studmaster", John McAfee, z0Miner,&Bad Cameras - Wrap Up - SWN #106 from 2021-03-12T18:29:20

This week Dr. Doug talks Studmaster, McAfee, z0Miner, Exchange, Linux, and bad cameras! All this, with his Favorite Threat of the Week, and the show Wrap Ups for the week!

Show N...

Due Diligence - ESW #219 from 2021-03-11T10:00

This week, In the first segment, Chris Cleveland from PIXM join us to discuss using computer vision to combat phishing! Next up, Jeff Foley joins for an interview on the OWASP Amass Project! In ...

Another Flavor - SCW #64 from 2021-03-10T22:00

This week, we welcome Jim Gilsinn, Principal Industrial Consultant at Dragos, to discuss ICS/OT Regulation! Industrial Control Systems (ICS) and Operational Technology (OT) have risks and conseq...

DoD, Microsoft, Alexa, Intel, Aaran Leyland,&Side Channel Attacks - SWN #105 from 2021-03-09T22:59:54

This week Dr. Doug talks More Microsoft attacks and more info on the Exchange server attacks, a new Intel Side Channel attack, Your python may be poisoned, the DoD let down its guard on contract...

Flow Master - BSW #208 from 2021-03-09T22:00

In 2020, we interviewed Gerald Beuchelt on Enterprise Security Weekly. At that time, he was the CISO at LogMeIn. Now he's the CISO at Sprinklr. What's it like to transition jobs in the middle of...

Check Your Alibis - ASW #142 from 2021-03-09T10:00

This week, we welcome Cynthia Burke, Compliance Manager at Capsule8, to discuss Privacy, Data Security & Compliance! In most IT shops, privacy, data security and compliance often resided under t...

As Long As You're Happy - PSW #685 from 2021-03-05T22:00

This week, we welcome Phillip Wylie, instructor at INE, to discuss Offensive Cybersecurity Education and Getting Started in Pentesting! In the second segment, I will personally be walking you th...

Talon Cameras, Non-Fungible Tokens, OSINT,&Rockwell - Wrap Up - SWN #104 from 2021-03-05T21:25:53

This week Dr. Doug talks Non-fungible tokens, Exchange, Talon cameras, OSINT, Rockwell, & show wrap ups on the Security Weekly Wrap Up Show!

Show Notes: Listen

Half Listening - ESW #218 from 2021-03-05T10:00

This week, In the first segment, Matt Cauthorn & Sri Sundaralingam from ExtraHop join us to discuss why Traditional IDS is Dead! Kimberly Sutherland from LexisNexis Risk Solutions will discuss T...

Stumbled Upon A Problem - SCW #63 from 2021-03-04T10:00

This week, we welcome Albert "Nickel" Lietzau, V and Mike Volk from PSA Insurance & Financial Services! Nickel Lietzau and Mike Volk have heard that we are not huge fans of cyber insurance on SC...

Prepare&Practice - BSW #207 from 2021-03-03T10:00

This week, David Chamberlin, Managing Director at CRA, Inc., joins Business Security Weekly to discuss preparation for a security incident and how to develop a communications plan that's simple ...

The Darker&Lighter Web, Gootloader, Deep Fakes,&Aaran Leyland - SWN #103 from 2021-03-02T21:40:06

This week in the Security Weekly News, Gootloader, the darker web, Copyright infringement, a very special guest from the future, and deep fakes, all this and Aaran Leyland joins for guest Expert...

New Wave Post Punk Security Hour - ASW #141 from 2021-03-02T17:00

This week, we welcome Ted Harrington, Executive Partner at Independent Security Evaluators, to discuss Hackable; How to do Application Security Right! In the Application Security News, Implement...

Coming To A Theatre Near You - PSW #684 from 2021-02-26T22:00

This week, we welcome Peter Warmka the founder of the Counterintelligence Institute and author of the newly released new book titled: "Confessions of a CIA Spy - The Art of Human Hacking"! Senio...

Sandstorm Returns, Supply Chain, Flying Cars,&Net Neutrality - Wrap Up - SWN #102 from 2021-02-26T19:05:08

This week, Dr. Doug talks Flying cars, Net Neutrality, LOTS of supply chain stories, and all this weeks' shows, on the Security Weekly News Wrap Up!

Show Notes: Listen

Old School - ESW #217 from 2021-02-26T19:00

This week, in the Enterprise Security News, Lastpass is no longer free, Tenable helps with dynamic assets, SecurityScorecard and the Score Planner, Trendmicro XDR, Imperva launches sonar, Fundin...

Hacking&Hip Hop - SCW #62 from 2021-02-24T22:00

This week, we welcome John Threat, Hacker at Mediathreat, followed by Chris Cochran and Ronald Eddings from Hacker Valley Media! Jeff, Flee, & Scott talk to John Threat about his background and ...

Trust Factor - BSW #206 from 2021-02-24T10:00

This week, we welcome Dutch Schwartz, Cloud Security Strategist at AWS, to discuss cloud's influence on the evolving culture of security. Having worked with many Fortune 500 CISOs and CIOs, Dutc...

TDoS, Crippled Video Drivers, APT31, Typing Inference,&"Shadow Attacks" - SWN #101 from 2021-02-23T21:53:12

This week Dr. Doug talks Bad typing, Crippled Video Drivers from NVDIA, TDOS, APT31, Malformed URLs, and more! Also, Jason Wood returns for Expert Commentary!

Show Notes: Listen

Goose Egg - ASW #140 from 2021-02-23T18:00

This week, we welcome Brandon Edwards, Co-Founder and Chief Scientist at Capsule8, to discuss Targeting, Exploiting, & Defending Linux! Linux is all over the place (sometimes surprising), why is...

Party Time! - PSW #683 from 2021-02-12T22:00

This week, we welcome Peter Smith from ZScaler, to talk about What Does Zero Trust Mean To You?! Next, We dive straight Into the Security News, discussing Police Playing copyrighted music to sto...

Adobe Overflow, Microsoft Patches 3 and Skips 1,&Apple Sudo Fix - Wrap Up - SWN #100 from 2021-02-12T19:12:55

On this week's news recap, Microsoft Remote Desktop Web Access Authentication Timing Attack, Multiple TCP/IP stack flaws could leave millions of devices open to attack, Adobe fixes a buffer over...

Taking Selfies - ESW #216 from 2021-02-11T22:00

This week, in the Enterprise Security News, A new Open-source tool helps discover public Azure blobs, A New Eclypsium Integration with Kenna.VM, Armis Raises $125 Million, Okta launches its new ...

Dirty Hands - SCW #61 from 2021-02-10T22:00

This week, our co-host, Priya Chaudry will enlighten us on several other topics of interest to our community. There might be a mention of Solarwinds, Southwest Airlines, HIQ Labs, and more! We w...

Bits&Bytes - BSW #205 from 2021-02-09T22:00

This week, we welcome back Ben Carr, Global Chief Information Security Officer at Qualys! Ben steps in last minute to talk about his transition from Aristocrat to Qualys and the evolution of the...

Spotify Accounts Leaked, SonicWall Zero-Day,&Multiple Google Attacks! - SWN #99 from 2021-02-09T21:37:14

This week, hundred thousand Spotify accounts leaked in credential stuffing attack, Hacker breached Florida water facility, raising chemical levels to dangerous levels, SonicWall Zero-Day in the ...

Total Recall - ASW #139 from 2021-02-09T10:00

This week, we welcome Alissa Knight, Partner at Knight Ink, to discuss Being a Serial Entrepreneur, Business Leader, & Hacker! Alissa Knight has spent her career going against industry and socia...

Annual Checkup - PSW #682 from 2021-02-09T00:30

This week, we welcome our good friend Josh Marpet, COO at Red Lion and Co Host of Security and Compliance Weekly, for a discussion on 'Starting A Non-Profit To Help Small Companies With CMMC'! B...

Cisco, NIST 800-172, Fake News, Azure Functions,&Clearview - Wrap Up - SWN #98 from 2021-02-05T20:23:28

This week, Dr. Doug talks NIST, Fake News, Cisco, Azure Functions, Clearview, Uber drinks, followed by all of the show Wrap Ups!

Show Notes: Listen

Truly Special - ESW #215 from 2021-02-05T10:00

This week, in the Enterprise Security News, Mission Secure Announces Series B, Akamai Technologies Acquires Inverse,For Microsoft, Security is a $10 Billion Business, Sontiq acquires Cyberscout,...

Peeling the Onion - SCW #60 from 2021-02-04T22:30

This week, we welcome Wendy Nather, Head of Advisory CISOs at Duo Security at Cisco, to discuss The Security Poverty Line! Securing an organization means more than just spending money. For those...

Diamond Hands - BSW #204 from 2021-02-03T10:00

This week, it's time for our quarterly segment to review the money of security, including public companies, IPOs, funding rounds and acquisitions from Q4 2020. We'll also update you on our own i...

Sonic Wall, TikTok, NSA, BigNox, Slipstreaming, ESET&Jason Wood - SWN #97 from 2021-02-02T22:00:15

This week in the Security News, Dr. Doug talks TikTok naughtiness, Sonic Wall, the NSA, BigNox, Slipstreaming, and ESET research! Jason Wood returns with Expert Commentary on the US Court System...

The Sound of Silence - ASW #138 from 2021-02-02T10:00

This week, we welcome John Delaroderie, Security Solutions Architect at Qualys, to discuss Groundhog Day - It's Time to Reset the Script on Vulnerabilities! In honor of the movie Groundhog Day, ...

Outside Your Swim Lane - BSW #180 from 2021-01-31T22:10:42.023393

This week, it's our quarterly Security Money update of the Security Weekly 25 Index and the Nasdaq! At the close on July 10th, 2020: - SW25 Index is 1,437.23, which is an increase of 43.72% - NA...

Chris John Riley Demos Android Hacking - Episode 378, Part 2 of 3 - June 26, 2014 from 2021-01-31T22:10:42.023393

Wizards of Entrepreneurship - Business Security Weekly #75 from 2021-01-31T22:10:42.023393

This week, Michael is joined by Matt Alderman to interview Will Lin, Principal and Founding Investor at Trident Capital Security! In the Security News, Apptio rai...