Paul's Security Weekly (Video)

John Strand, Managing Intern of Black Hills Information Security, delivers the Technical Segment on MITRE! Full Show Notes: https://wiki.securityweekly.com/Episode546 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Will Gragido is an internationally recognized information security specialist. Mark Arnold brings more than 20 years of technical and leadership experience to his role as a Senior Director of Security and Compliance and CISO at Navisite. They join Paul and crew this week for the feature interview! Full Show Notes: https://wiki.securityweekly.com/Episode546 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Bitcoin exchange robbed, Deepfakes AI celebrity porn channel shut down by Discord, NSA Exploit Use On Rise For Crypto Currency Mining, First Jackpotting Attacks Hit U.S. ATMs, and more! Full Show Notes: https://wiki.securityweekly.com/Episode546 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, Intel warns "Don't install our patch!", what you need to know about hash length extension attacks, Meltdown and Spectre patching has been a total train wreck,and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode545 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

John Strand delivers the Technical Segment on Critical Security Control Resources! Full Show Notes: https://wiki.securityweekly.com/Episode545 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Kevin is one of ObserveIT's insider threat experts and a Senior Solutions Architect. He joins Larry and team this week for an interview on Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode545 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, BIND comes apart thanks to ancient denial of service vuln, Brickerbot taking out your IoT one device at a time, Intel fix causes reboots and slowdowns, WiFi alliance announces WPA3 and updates to WPA2, hackers exploiting three Microsoft Office flaws to spread Zyklon malware,and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode544 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Rebekah Brown has spent more than a decade working in intelligence and information security. Today, Rebekah leads the threat intelligence programs at Rapid7, where her responsibilities include programs architecture, management, analysis, and operations. This week she joins Paul and team for an interview! Full Show Notes: https://wiki.securityweekly.com/Episode544 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

With over 30 years of experience as both an educator and IT professional, Adam holds numerous Professional IT Certifications. He joins Paul and team this week for an interview on Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode544 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Rebekah Brown has spent more than a decade working in intelligence and information security. Today, Rebekah leads the threat intelligence programs at Rapid7, where her responsibilities include programs, architecture, management, analysis, and operations. This week she joins Paul and team for an interview! Full Show Notes: https://wiki.securityweekly.com/Episode544 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, prosecutors say Mac Spyware stole millions of user images over 13 years, Skype finally getting end-to-end encryption, Apple set to patch yet another macOS password security flaw, 147 security vulnerabilities reported in ICS mobile applications, we discuss,and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episdoe543 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Jake Williams is the founder of Rendition Infosec and is a Senior Instructor at the SANS Institute. MalwareJake clears last weeks news story with the latest news on Meltdown and Spectre. He joins us this week for an interview! Full Show Notes: https://wiki.securityweekly.com/Episdoe54 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Diana Kelley is the Cybersecurity Field CTO at Microsoft and a cybersecurity thought leader, practitioner, executive advisor, speaker, author and co-founder of SecurityCurve. Ed Moyle is currently Director of Thought Leadership and Research for ISACA. Prior to joining ISACA, Ed was Senior Security Strategist with Savvis and a founding partner of the analyst firm Security Curve. Diana and Ed join us this week for an interview on Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episdoe54 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

10 things in cybersecurity that you might have missed in 2017, a flaw in major browsers, a critical flaw in phpMyAdmin, beware of a VMWare VDP remote root issue, how to protect your home router, Meltdown and Spectre explain how chip hacks work, and Intel is in the security Hot Seat over a serious CPU design flaw! Full Show Notes: https://wiki.securityweekly.com/Episode542 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

John will be talking about the new mimikatz event log clearing feature. Full Show Notes: https://wiki.securityweekly.com/Episode542 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Marcello Salvati is a senior security consultant at Coalfire Labs by day and by night a tool developer who discovered a novel technique to turn tea, sushi and dank memes into somewhat functioning code. Full Show Notes: https://wiki.securityweekly.com/Episode542 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, we discuss Uber paying hacker to keep quiet, flaw in Intel processors, banking apps found vulnerable to MITM attacks, Apple patching all other High Sierra security holes,and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode541 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Kevin Finisterre is a principal of the security consultancy Digitalmunition, he enjoys testing the limits and is constantly dedicated to thinking outside the box. Kevin's primary focus has always been on the dissemination of information relating to the identification and exploitation of software vulnerabilities on various hardware and software platforms. Full Show Notes: https://wiki.securityweekly.com/Episode541 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Bob Hillery join us on Security Weekly and is an experienced consultant in Information Systems Security Management. He is a founder and Chief Research Officer with InGuardians, Inc. and has an extensive background in computer networks gained through the Navy and R&D labs. Full Show Notes: https://wiki.securityweekly.com/Episode541 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, we talk about pentesting, On-Demand webcasts, net neutrality, Vegemite, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode540 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. In the interview, Ed talks with the team about the Holiday Hack Challenge and what's going on recently in his cybersecurity life! Full Show Notes: https://wiki.securityweekly.com/Episode540 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Joe Gray is a native of East Tennessee. He joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. He is also the owner of the Advanced Persistent Security Podcast! Visit Joe's website and blog: https://advancedpersistentsecurity.net/ Full Show Notes: https://wiki.securityweekly.com/Episode540 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

In the news, a new Windows evasion technique, naked rowers, undetectable malware, social engineering from your shed and banking apps vulnerable to MITM attacks. →Full Show Notes: https://wiki.securityweekly.com/Episode539 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Former Head of Israeli Air Force CERT & Forensics Team, Senior Security Researcher at Javelin Networks. Eyal Neemany talks about bypassing two-factor authentication on Active Directory. →Full Show Notes: https://wiki.securityweekly.com/Episode539 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Lisa leads Global Security Research and Development at Accenture Labs. In this role, she curates and manages a portfolio of cyber research, including threat intelligence, advanced cyber hunting, orchestration for resilient cyber architectures, edge analytics, analytics and machine learning, active defense and security of the Industrial Internet of Things. →Full Show Notes: https://wiki.securityweekly.com/Episode539 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

More secure WordPress updates, paying attention to SD-WAN security, NSA's "Red Disk" data leak, why gets you root, HP bloatware, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode538 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Our good friend Mick Douglas takes an excerpt from SANS 555 and demonstrates using network telemetry to find unauthorized hosts with ELK stacks! Full Show Notes: https://wiki.securityweekly.com/Episode538 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Allison Miller has been working in the intersection of cybersecurity, human behavior, and predictive analytics for almost two decades. She has pioneered the use of data-driven detection technologies within security, anti-abuse (anti-abuse), and payments systems around the world. Full Show Notes: https://wiki.securityweekly.com/Episode538 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Blaming Russia, compromising Apple's facial recognition, books to give to your 30-year old self, malware on NSA employee computers, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode537 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Our good friends Mike Roderick and Adam Gordon, two of ITProTV's many security ninjas, deliver a tech segment and demo on virtualization, TPM, VMware, and virtual desktop infrastructure (VDI) as they relate to endpoint security and business! Full Show Notes: https://wiki.securityweekly.com/Episode537 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Kyle Wilhoit, a Senior Security Researcher for DomainTools, discusses all things dark web, illegal internet trade, and more with Paul! Full Show Notes: https://wiki.securityweekly.com/Episode537 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Marissa Mayer testifies, starting wars by hacking back, hacking fingerprint biometrics, the halfway point of Mr. Robot, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode536 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

We welcome Sven Morgenroth back to the show! Sven currently works as a Security Researcher at Netsparker. He rejoins us to deliver a technical segment on content security policies and cross-site scripting! Full Show Notes: https://wiki.securityweekly.com/Episode536 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Amanda Berlin of NetGroup and Lee Brotherston of Wealthsimple join Paul, Michael, and Larry for a discussion on the Defensive Security Handbook and its implications in the world of security! Full Show Notes: https://wiki.securityweekly.com/Episode536 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Gadi Evron founded Cymmetria in 2014 with a vision of revolutionizing security technology, strategy, and innovation. He joins Paul, Doug, and Jeff for an interview about honeypots, hacking back, and cyber deception! Full Show Notes: https://wiki.securityweekly.com/Episode535 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Tim Medin from SANS comes on the show and does a tech segment on Windows PowerShell using PowerShell Empire. Full Show Notes: https://wiki.securityweekly.com/Episode535 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Richard Moulds, General Manager of Whitewood Security, makes his triumphant return to the show! Full Show Notes: https://wiki.securityweekly.com/Episode535 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Microsoft mocks Google for failed security fix, 5 steps to building a vulnerability management program, Pornhub, and kids smartwatches are harbouring major security flaws. Full Show Notes: https://wiki.securityweekly.com/Episode534 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Joe Vest and Andrew Chiles from MINIS talk about Borrowing data to hide binaries. Joe Vest is the Co-Founder of the security consulting company MINIS LLC. He has over 17 years' experience with a focus on red teaming, penetration testing, and application security. Joe is the co-author of the SANS SEC564 Red Teaming and Threat Emulation course. →Full Show Notes: https://wiki.securityweekly.com/Episode534 →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly

Wendy Nather is Principal Security Strategist at Duo Security. Wendy is also a good friend of the Security Weekly team! She speaks regularly on topics ranging from threat intelligence to identity and access management, risk analysis, incident response, data security, and societal and privacy issues. Full Show Notes: https://wiki.securityweekly.com/Episode534 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Windows Phone is dead, Disqus gets hacked, malvertising on X rated websites, North Korea ups their cyberattack game, the FBI arrests a cyberstalker, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode533 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Matthew Toussain is an active-duty Air Force officer and the founder of Spectrum Information Security. He regularly hunts for vulnerabilities in computer systems and releases tools to demonstrate the effectiveness of attacks and countermeasures. Full Show Notes: https://wiki.securityweekly.com/Episode533 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Mick Douglas is a SANS instructor and the Managing Partner for InfoSec Innovations. He joins us to demonstrate pausing potentially malicious executables in PowerShell! Full Show Notes: https://wiki.securityweekly.com/Episode533 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

New Gmail security, who to blame for the Equifax breach, three billion compromised Yahoo accounts, embarrassing encryption ignorance, and why is Alex Stamos hunting down Russian political ads on Facebook? Full Show Notes: https://wiki.securityweekly.com/Episode532 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Ran Levi started Making History! Podcast in 2007, which has become the most successful podcast in Israel. He has authored three books on malware, science, and more. Full Show Notes: https://wiki.securityweekly.com/Episode532 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Our good friend Don Pezet joins Paul, Doug, and Ran for a discussion on his background in security! Don is a Co-Founder and Host of ITProTV, a video IT training company based in central Florida. Full Show Notes: https://wiki.securityweekly.com/Episode532 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Don't worry about PGP private key exposure, Signal taps up Intel's SGX for increased security, a two-year-old Linux Kernel issue resurfaces, Bill Gates's biggest mistake, Oracle patches away, and is society becoming desensitized to the loss of personal data? Full Show Notes: https://wiki.securityweekly.com/Episode531 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Ed Skoudis is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. He has the rare ability to translate advanced technical knowledge into easy-to-master guidance. Ed rejoins us to talk about new projects, his robotic dog, and more! Full Show Notes: https://wiki.securityweekly.com/Episode531 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Jim Nitterauer, CISSP is currently a Senior Security Specialist at AppRiver. He's well-versed in ethical hacking and penetration testing techniques. Jim joins us for a nostalgia-packed DNS discussion! Full Show Notes: https://wiki.securityweekly.com/Episode531 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

No excuses for Equifax, mixed reviews for Apple's facial recognition, Adobe and Microsoft patch away, one MILLION dollars for Tor zero-days, and more security news! Full Show Notes: https://wiki.securityweekly.com/Episode530 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly