Paul's Security Weekly

The Reality - BSW #193

Paul's Security Weekly - Wed, 10/28/2020 - 5:00am

This week, we welcome Matt Ashburn, Federal Engagement Lead at Authentic8, to talk about Scale Your SOC: Protecting Against Browser-Based Threats! In the Leadership and Communications section, Cybersecurity, a risk to all board of directors, Is The Cybersecurity Industry Selling Lemons? Apparently Lots Of Important CISOs Think it Is, 4 critical strategies for tech leaders in Gartner's CIO agenda, and more!

 

Show Notes: https://securityweekly.com/bsw193

Visit https://securityweekly.com/authentic8 to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Winston Privacy Vulns, 'KashmirBlack' Botnet, IoT, & Roger Hale - SWN #77

Paul's Security Weekly - Tue, 10/27/2020 - 5:34pm

This week, Dr. Doug talks IoT, Southern Comfort, Winston Privacy, backdoor wars, KashmirBlack, healthcare keeps getting hit, and Roger Hale from BigID joins us for Expert Commentary!

 

Show Notes: https://securityweekly.com/swn77

Visit https://securityweekly.com/bigid to learn more about them!

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Spookiest Month - ASW #127

Paul's Security Weekly - Tue, 10/27/2020 - 3:00pm

This week, we welcome Cesar Rodriguez, Head of Developer Advocacy at Accurics, to talk about Cyber Resiliency Through Self-Healing Cloud Infrastructure! In the Application Security News, NSA publishes list of top vulnerabilities currently targeted by Chinese hackers, Nvidia Warns Gamers of Severe GeForce Experience Flaws, Addressing cybersecurity risk in industrial IoT and OT, Firefox 'Site Isolation' feature enters user testing, expected next year, Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser, and Exit Stage Left: Eradicating Security Theater!

 

Show Notes: https://wiki.securityweekly.com/asw127

Visit https://securityweekly.com/accurics to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Not Very Moist - PSW #671

Paul's Security Weekly - Fri, 10/23/2020 - 5:30pm

This week, we welcome back Corey Thuen from Gravwell, to talk about Sysmon Endpoint Monitoring complete with Clipboard Voyeurism! Next up, Scott Scheferman, the Principal Cyber Strategist at Eclypsium, joins us to talk about how Hackers Are Hitting Below The Belt! In the Security News, testing firm NSS Labs closes up shop, stringing vulnerabilities together to pwn the Discord desktop app, a Wordpress plugin aimed at protecting Wordpress does the opposite, the FDA approves the use of a new tool for medical device vulnerability scoring, and 8 new hot, steamy, moist cybersecurity certifications!

 

Show Notes: https://wiki.securityweekly.com/psw671

Visit https://securityweekly.com/gravwell to learn more about them!

Visit https://securityweekly.com/eclypsium to learn more about them!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Make Your Brain Hurt - ESW #203

Paul's Security Weekly - Thu, 10/22/2020 - 8:00pm

This week, first we talk Enterprise News, discussing how Palo Alto Networks announces cloud native security platform, Akamai launches new API security tool, SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage, Splunk helps security teams modernize and unify their security operations in the cloud, and Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks! In our second segment, we welcome Ed Bellis, Co-Founder and CTO at Kenna Security, to discuss Prioritization to Prediction Vulnerability Research Series! In our final segment, we welcome back Corey Bodzin, CTO at deepwatch, to talk about deepwatch Lens Score and Series B!

 

Show Notes: https://securityweekly.com/esw203

Visit https://securityweekly.com/deepwatch to learn more about them!

Visit https://securityweekly.com/kennasecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Oracle Patches, Cisco Firepower Threats, & July Twitter Hack - Wrap Up - SWN #76

Paul's Security Weekly - Thu, 10/22/2020 - 7:17pm

This week, Dr. Doug wraps up all the shows from this week, and talks about Twitter hacks, Oracle patches, Sandworm, Singapore facial recognition, and Donald Trump says we don't need security!

 

Show Notes: https://securityweekly.com/swn76

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Black Swan - SCW #48

Paul's Security Weekly - Wed, 10/21/2020 - 5:00pm

This week, we welcome Steve Schlarman, Integrated Risk Management Strategist at RSA Security, to discuss Integrated Risk Management & Operational Resiliency! In our second segment, we welcome David Mundhenk, Principal Security Consultant at Herjavec Group, and Ivan Tsarynny, Co-Founder and CEO at Feroot Security, to talk about How Backdoors Lead To Breaches & GRC Compliance Issues!

 

Show Notes: https://wiki.securityweekly.com/scw48

Visit https://securityweekly.com/rsasecurity to learn more about them!

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Fight Over It - BSW #192

Paul's Security Weekly - Wed, 10/21/2020 - 5:00am

This week we update you on the Security Weekly 25 Index! In the Leadership and Communications segment, 96% of Cybersecurity Professionals are Happy With Their Roles, 4 Tips for Effective Virtual Collaboration, What’s Really Happening in Infosec Hiring Now?, 5 Signs That Point to a Schism in Cybersecurity, Tactical vs Strategic: CISOs and Boards Narrow Communication Gap, and CISO Stressbusters: 7 tips for weathering the cybersecurity storms!

 

Show Notes: https://securityweekly.com/bsw192

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

GRU Hackers Indicted, Trickbot Rises, & Danny Akacki - SWN #75

Paul's Security Weekly - Tue, 10/20/2020 - 5:47pm

Danny Akacki discusses how do we, as a NDR product company with an emphasis on user outreach and education, continue not only to keep our product effective for distributed workforce's but also continue to beat the drum on education and knowledge share? It's not easy but we've come up with a few ways both to stay connected to our clients and help them keep an eye on their wires. This segment is sponsored by GigaMon.

 

Show Notes: https://securityweekly.com/swn75

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Way Over My Head - ASW #126

Paul's Security Weekly - Tue, 10/20/2020 - 12:30pm

This week, we welcome Taylor McCaslin, Security Product Manager at GitLab, to discuss current trends in the application security testing industry! In the Application Security News, Patch Your Windows - “Ping of Death” bug revealed, 800,000 SonicWall VPNs vulnerable to remote code execution bug, T2 Exploit Team Creates Cable That Hacks Mac, Zoom Rolling Out End-to-End Encryption, and 'BleedingTooth' Bluetooth flaw!

 

Show Notes: https://wiki.securityweekly.com/asw126

Visit https://securityweekly.com/GitLab to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Larry's 10 Second Delay - PSW #670

Paul's Security Weekly - Fri, 10/16/2020 - 5:30pm

This week, we welcome back Shani Dodge and Roi Cohen from Vicarius, to present their segment on Vulnerabilities entitled Prioritize This, Prioritize That, Prioritize with Context! In our second segment, we welcome Patrick Garrity, VP of Operations at Blumira, to talk about Democratizing and Saasifying Security Operations! In the Security News, Microsoft Uses Trademark Law to Disrupt Trickbot Botnet, Barnes & Noble cyber incident could expose customer shipping addresses and order history, Zoom Rolls Out End-to-End Encryption After Setbacks, Google Warns of Severe 'BleedingTooth' Low to Medium risk vulnerabilities, Windows TCP/IP Remote Code Execution vulnerability, and a Prison video visitation system exposed calls between inmates and lawyers!

 

Show Notes: https://wiki.securityweekly.com/psw670

Visit https://securityweekly.com/vicarius to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Gamer Scams, 'ZeroLogon' Attacks, & 'BleedingTooth' Flaw - Wrap Up - SWN #74

Paul's Security Weekly - Fri, 10/16/2020 - 4:03pm

This week, Dr.Doug talks about naughty camera captures being sold on Discord, Zoom End to End, Patching, Trickbot attacks, Bleeding Tooth, Gamer Scams, and hiding your cash while wearing a toga!

 

Show Notes: https://securityweekly.com/swn74

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Nuke That System - ESW #202

Paul's Security Weekly - Thu, 10/15/2020 - 5:00am

This week, first we talk Enterprise News, discussing the Bad Neighbor Vulnerability, FireEye Announced ‘Mandiant Advantage: Threat Intelligence’ SaaS-based Offering, Aqua’s Trivy Now Available as a GitHub Action, Datadog adds Deployment Tracking to its APM to prevent outages related to bad code deploys, and Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors! In our second segment, we welcome Whitney Maxwell, Security Consultant at Rapid7, for and interview on Vishing/Phishing! In our final segment, we wrap up the show with two pre-recorded micro interviews from Security Weekly's Virtual Hacker Summer Camp, with Liam Downward, CEO of CYRISMA, and Matthew Gardiner, Principal Security Strategist at Mimecast!

 

Show Notes: https://securityweekly.com/esw202

Visit https://securityweekly.com/rapid7 to learn more about them!

Visit https://securityweekly.com/cyrisma to learn more about them!

Visit https://securityweekly.com/mimecastbh to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

You Must Be This Tall - SCW #47

Paul's Security Weekly - Wed, 10/14/2020 - 5:30pm

This week, we welcome Michael Brooks, vCISO at Abacode, to discuss Turning Cybersecurity Challenges Into a Competitive Advantage! In the second segment, the SCW crew along with Michael Brooks delve into an update on the goings on of Cybersecurity Maturity Model Certification (CMMC)!

 

Show Notes: https://wiki.securityweekly.com/scw47

Visit https://www.securityweekly.com/scw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Fitbit Spyware, Facebook Bug Bounty Club, & FAA Gets Airline Warning - SWN #73

Paul's Security Weekly - Tue, 10/13/2020 - 3:58pm

This week, Dr. Doug talks Facebook Bug Bounty club, Zuck reverses, Trickbot, the FAA gets airline warning, IoT, Zerologon, and Fitbit! Jason Wood returns for Expert Commentary on Office 365: A Favorite for Cyberattack Persistence!

 

Show Notes: https://securityweekly.com/swn73

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Made In the Shade - BSW #191

Paul's Security Weekly - Tue, 10/13/2020 - 1:30pm

This week, we welcome back Dr. Mike Lloyd, CTO at RedSeal, to discuss Navigating Complexity: Orienting Your Security Solutions! In our second segment, Michael Santarcangelo and Matt discuss The 4 C's of Leadership!

 

Show Notes: https://securityweekly.com/bsw191

Visit https://securityweekly.com/redseal to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Still Raging - ASW #125

Paul's Security Weekly - Mon, 10/12/2020 - 6:30pm

This week, we welcome James Manico, CEO at Manicode Security, to talk about Application Security Best Practices! In the Application Security News, Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device, Facebook Bug Bounty Announces "Hacker Plus", Anti-Virus Vulnerabilities, and Chrome Introduces Cache Partitioning!

 

Show Notes: https://wiki.securityweekly.com/asw125

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Taco Thursday - PSW #669

Paul's Security Weekly - Fri, 10/09/2020 - 5:00pm

This week, in our first segment, we welcome Alexander Krizhanovsky, CEO at Tempesta Technologies, to talk about Fast And Secure Web! In our second segment, we welcome Tony Punturiero, Community Manager at Offensive Security, to discuss Assembling Your First Infosec Home Lab! In the Security News, US Air Force slaps Googly container tech on yet another war machine to 'run advanced ML algorithms', Rare Firmware Rootkit Discovered Targeting Diplomats - NGOs, Hackers exploit Windows Error Reporting service in new fileless attack, HP Device Manager vulnerabilities may allow full system takeover, Malware exploiting XML-RPC vulnerability in WordPress, and it's the 10 year anniversary of Stuxnet!

 

Show Notes: https://wiki.securityweekly.com/psw669

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Stuxnet Redux, UEFI Bootkits, & Fancy Bear - Wrap Up - SWN #72

Paul's Security Weekly - Fri, 10/09/2020 - 1:56pm

This week, Dr. Doug talks Stuxnet Redux, Fancy Bear, HP Printers, UEFI bootkits, EGregor, and locked up naughty bits!

 

Show Notes: https://securityweekly.com/swn72

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

One Bug Away - ESW #201

Paul's Security Weekly - Thu, 10/08/2020 - 6:00pm

This week, first we talk Enterprise News, discussing how Anchore Rolls Out Open Source DevOps Tools, Rapid7 Cloud Identity and Access Management Governance Module for DivvyCloud, Digital Shadows launches access key alerts, Microsoft Azure customers can now implement Datadog as a monitoring solution for their cloud workloads, and Ping Identity unveils PingOne Services! In our second segment, we welcome Cris Neckar, CISO of Spring Labs, to discuss Trading Least Privilege for Security Theater! In our final segment, we welcome Jen Ayers, VP of OverWatch at Crowdstrike, for an interview on the 2020 Threat Hunting Report: Insights from the CrowdStrike OverWatch Team!

 

Show Notes: https://securityweekly.com/esw201

Visit https://securityweekly.com/crowdstrike to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pages