Security Weekly Podcast Network (Audio)

Chris Rock is a Cyber Mercenary who has worked in the Middle East, US and Asia for the last 30 years working for both government and private organizations. ˇHe is the Chief Information Security Officer and co-founder of SIEMonster. Chris has presented three times at the largest hacking conference in the world, DEFCON in Las Vegas on controversial vulnerabilities. Chris is also the author of the Baby Harvest, a book based on criminals and terrorists using virtual babies and fake deaths for financing. He has also been invited to speak at TED global. In the Security News: Fried squid is tasty, but the squid proxy is vulnerable, Flipper zero and other tools can now BLE Spam more than just Apple devices, Cisco IOS vulnerability in the web interface, again, is Signal vulnerable?, WinRAR being exploit, still, Math.Random is not really all that random, get your malware samples, and my inside look into Android TV devices, malware, and the horrors of the supply chain! All that and more on this episode of Paul’s Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-803

It's no surprise that OT security has fared poorly over the last 30+ years. To many appsec folks, these systems have uncommon programming languages, unfamiliar hardware, and brittle networking stacks. They also tend to have different threat scenarios. Many of these systems are designed, successfully, to maintain availability. But when a port scan can freeze or crash a device, that availability seems like it hasn't put enough consideration into adversarial environments. We chat about the common failures of OT design and discuss a few ways that systems designed today might still be secure 30 years from now. In the news, how HTTP/2's rapid reset is abused for DDoS, a look at the fix for Curl's recent high severity bug, OWASP moves to make CycloneDX a standard, Microsoft deprecates NTLM, VBScript, and old TLS -- while also introducing an AI bug bounty program. Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-259

This week in the Security News Dr. Doug talks: Cisco, Juniper, AVOSLocker, NoEscape, Valve, FreedomGPT, More News and Aaran Leyland. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-334

Do we sound like a broken record? Leadership, communication, and risk management skills are key traits of the Chief Information Security Officer. But don't just take our word for it, Jason Loomis, CISO at Freshworks, joins Business Security Weekly to discuss why companies should be hiring CISOs for their leadership talent, not their technical talent. Segment Resources: Switch Five Dysfunctions of a Team Drive Extreme Ownership Simon Sinek In the leadership and communications section, Is Your Board Cyber-Ready?, Chief security officers' salary growth slowing, The Secret to Making Difficult Decisions, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-324

The world of AI is exploding, as excitement about generative AI creates a gold rush. We've already seen a huge number of new GenAI-based startups, products, and features flooding the market and we'll see a lot more emerge over the next few years. Generative AI will transform how we do business and how we interact with businesses, so right now is an excellent time to consider how to adopt AI safely. Pamela Gupta's company literally has "trust" and "AI" in the name (Trusted.ai), so we couldn't think of anyone better to come on and have this conversation with. Interview Resources: https://trusted.ai https://nvlpubs.nist.gov/nistpubs/ai/nist.ai.100-1.pdf There's a lot of talk about AI, especially with the rise of apps like ChatGPT. Despite there being a huge amount of hype, there are legitimately practical applications for leveraging AI concepts in meaningful ways to improve the efficiency and effectiveness of your cybersecurity program. We'll discuss a few examples and show you some ways to bring AI out of the hype and into a proper tool to empower your security and risk program. This segment is sponsored by Tenable. Visit https://www.securityweekly.com/tenableisw to learn more about them! Threat actors don’t think in silos and neither should cybersecurity solutions. In this fireside chat with Uptycs’ newly appointed CRO, Mike Campfield, learn why organizations need to adopt a consolidation approach to win in cyber security, why it’s important to “shift up,” and what Mike is most excited about in his new role. This segment is sponsored by Uptycs. Visit https://www.securityweekly.com/uptycsisw to learn more about them! Deidre Diamond, founder & CEO of CyberSN, talks about her efforts to address InfoSec burnout and the skills shortage impacting the industry. As long as there are profits to be made, cybercriminals will continue to monetize enterprise assets—whether they be devices, applications, data, or users. It only takes one weak or unknown asset to compromise an entire organization. Brian will discuss why enterprises need to move away from assumption-based approaches to asset data and decision making to evidence-based asset intelligence to secure their environments quickly, easily, and at scale. This segment is sponsored by Sevco Security. Visit https://www.securityweekly.com/sevcoisw to learn more about them! In this ISW interview, CRA's Bill Brenner catches up with Kevin Johnson of Secure Ideas for a chat about application security. In this segment from ISW, Dakota State COO and General Counsel Stacy Kooistra talks to Bill Brenner about the university's effort create more cyber warriors. Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes!

This week Dr. Doug talks: Microsoft, SeroxenRAT, Smart Links, Vogons, ToddyCAT, ShellBot, Hidden servers, Aaran Leyland, and More on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-333

In our first segment: the PSW hosts drop valuable insight on how to start your own journey into reverse engineering hardware! Resources we mentioned: The Hardware Hackers Handbook is a great start Do a badge challenge: https://www.cyberark.com/resources/threat-research-blog/an-introduction-to-hardware-hacking Take some classes Do some Arduino stuff: https://www.arduino.cc/ Take free courses on electrical engineering: https://ocw.mit.edu/courses/6-01sc-introduction-to-electrical-engineering-and-computer-science-i-spring-2011/ (And here: https://www.tinkerforge.com/en/doc/ and here: https://www.youtube.com/watch?v=LSQf3iuluYo&list=PLoFdAHrZtKkhcd9k8ZcR4th8Q8PNOx7iU) Building a lab - The list: Soldering iron (and tools and parts such as Solder, Flux, Tweezer, Soldering wick, Cutter, Wire stripper) Hot air rework station (can be bundled with soldering iron) Multi-meter (and lots of associated cables) Jumper and pinout wires Breadboard USB microscope Bench power supply Specific lighting (e.g. my document camera has an LED light that works great) Magnification - magnifying lenses and a headset (esp. if you are old, like us) USB serial devices (or Bus Pirate if you fancy) Then, in the Security News: Windows 11 tries to fix legacy authentication, Rapid resets and the world’s largest DDoS attack, we finally get to see the cURL vulnerability, and its pretty ugly, turns out Android TV boxes with pre-installed malware are a hot topic, patch your Netscaler, root for everyone with emergency responder software, learn THIS hacking Tools First, long live Wayland, how to actually hack a WiFi device with a Flipper Zero, scanning open source packages, GNOME bugs and a bonus, security is a great idea until there is a bypass in apparmor,a tool that everyone should have in their kit, and we could talk for hours about 25 hard hitting lessons from Cybersecurity! All that and more on this episode of Paul’s Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-802

What if all these recommendations to shift left were more about shifting focus? It's all too easy to become preoccupied with vulns, whether figuring out how to find them earlier in the SDLC or spending time fixing them within specific number of days. Successful DevSecOps approaches can be so much more than just vulns and so much more than just tools. Sure, tools are useful for identifying known vulns in dependencies and new vulns in code, but teams that emphasize people and culture will find it easier to shift their attention to the security of their product and creating secure designs. In the news, anticipating Curl's upcoming patch for a high severity flaw, the Looney Tunables flaw in Glibc, ShellTorch flaw hits PyTorch and lots of AI, lessons from some X.Org security patches, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-258

This week Aaran Leyland rants: about Google, 23andMe, Facebook, GitHub's Secret Scanning, MGM Resorts, Grindr, More News, and is joined by the notorious Jason Wood on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-332

CEOs and boards struggle with their digital transformation process. Does their operations hinder or align with business initiatives? Has their security operations scaled to meet the data and digital demands to protect against business risk? In today’s episode, we’re talking to Chris Morales, CISO at Netenrich, who’ll provide compelling insights towards security transformation. Security organizations all face similar security challenges of too much data, siloed teams, underperforming legacy tools, and time-consuming and laborious threat investigation work. We’ll discuss the approach enterprises need to consider in advancing their security maturity. It’s one that’s data-driven, adaptive, and predictive. In the leadership and communications section, The Data Your Board Actually Wants to Hear About When Valuing Cybersecurity Investments, Cybersecurity is a CFO issue, Must-know insights when navigating the CISO career path, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-323

This week Dr. Doug talks: Feet, Google, Apple, Predator vs. Lemurs, r77, Qualcomm, qakbot, deepfakes, More News and with the exotic Aaran Leyland! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-331

In this segment, we'll explore some of the most useful lessons and interesting insights to come out of the last year's worth of breaches and data leaks! We'll explain why we will NOT be covering MGM in this segment. The breaches we will be covering include: - Microsoft AI Research Data Leak - Microsoft/Storm-0558 - CommutAir - Riot Games - Lastpass - CircleCI - RackSpace - Drizly (yes, this breach is older, but the full story just wrapped a year ago!) On this week's news segment, we go down a bit of a rabbit hole on data lakes and have a GREAT conversation about where security data wrangling might or might not go in the future. We also discuss Nord Security's funding and $3B valuation, try to figure out what Synqly is doing, and discuss IronNet's demise. We also find out which email solution is more secure (at least, according to insurance claim data), Google or Microsoft! We wrap up, learning that forms of CAPTCHAs are apparently broken now, $3800 gets you a gaming PC in the shape of a sneaker, and someone has created the DevOps equivalent of dieselgate! Each employee serves as a potential gateway to their organization, and the personal information of your workforce is readily accessible and exposed on the internet, making the organization susceptible to threats. DeleteMe is the solution that locates and eliminates personal data from the open web, safeguarding your organization. This segment is sponsored by DeleteMe. Visit https://www.securityweekly.com/deletemeisw to learn more about them! With all of the fancy tools, equipment, and logos most organizations are unable to understand where their data is and how it can be accessed. In the world of work from wherever and whenever orgs need a better handle on what this means. Ridge has worked to curate a set of solutions to meet and implement this need! This segment is sponsored by Ridge IT Cyber. Visit https://www.securityweekly.com/ridgeitisw to learn more about them! Why are we seeing a re-emergence of the demand for packet and flow-based forensic data in cloud environments? In this session, we’ll discuss three reasons why IT leaders still need the same if not even better visibility in the cloud than they have in their data centers. We’ll also discuss the growing demand for Threat Exposure Management (TEM). Why does a leading analyst describe this as a transformation technology and how can you quickly visualize your environment the way the attackers do? Segment Resources: https://www.viavisolutions.com/en-us/ptv/solutions/threat-exposure-management https://www.viavisolutions.com/en-us/ptv/solutions/high-fidelity-threat-forensics-remediation This segment is sponsored by VIAVI Solutions. Visit https://www.securityweekly.com/viaviisw to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Anuj joins us to discuss recent trends in malware. What are the malware authors up to lately? What are the latest techniques for reverse engineering malware? Learn about the latest tools and techniques from Anuj! Anuj is a Principal Threat Researcher at Blackberry, where he performs malware research and reverse engineering. He has more than 15 years of experience in malware analysis and incident response. Anuj also brings his problem-solving abilities to his position as a SANS Certified Instructor and author, which gives him the opportunity to impart his deep technical knowledge and practical skills to students. Segment Resources: https://www.youtube.com/@sonianuj In the Security News: No Flipper Zero for you!, your glibc is hanging out and other Looney Tunables, and it vulnerable, for no reasons, other than the obvious ones, a Russian firm will pay $20m for Android or iPhone 0days, you do what you do and other Exim vulnerability stories, yet another way to become root on Linux, if you ever wanted to read the source code for Sub7, well, now you can, more people want to trash bug bounties (and they are wrong), Curl has something coming, and its not good, tricking AI with your dead grandma’s locket, GPU driver vulnerabilities could lead to something, and the path to the cloud is filled with holes. All that and more on this episode of Paul’s Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-801

Communication is a skill that doesn't appear on top 10 lists, rarely appears as a conference topic, and doesn't appear enough on job requirements. Yet communication is one of the critical ways that security teams influence developers, convey risk, and share knowledge with others. Even our own Security Weekly site falls a little short with only a podcast category for "Training" instead of more options around communication and collaboration. Lina shares her experience presenting to executives and boards in high-stress situations, as well as training incident responders on real-world scenarios. Segment resources https://training.xintra.org https://www.scmagazine.com/podcast-episode/2839-pointers-and-perils-for-presentations-josh-goldberg-asw-251 In the news segment, attackers impersonate Dependabot commits, an alg of "none" plagues a JWT, CISA calls for hardware bills of materials, OpenSSF lists its critical projects, Exim (finally! maybe?) has some patches, bug bounties and open source projects, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-257

This week Dr. Doug talks: Minority Report, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA, More News, and is joined by the illustrious Jason Wood! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-330

As we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just human identities. Cloud infrastructure introduces additional identity types that need to be addressed as part of your risk management program. Eric Kedrosky, CISO at Sonrai Security, joins us to discuss how to think differently about risk in the cloud. In the leadership and communications section, The CISO Carousel and its Effect on Enterprise Cybersecurity, CISOs are struggling to get cybersecurity budgets, Respectfully, I Disagree, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-322

We ALL use SaaS. It has become ubiquitous in both our personal and professional lives. Somehow, the SaaS Security market has only recently began to emerge. Today's interview with Yoni Shohet, co-founder and CEO of Valence Security, aims to understand why it has taken so long for SaaS Security products to come to market, what that market currently looks like, and what a SaaS Security product actually does. The concept of Edge computing has evolved over the years and now has a distinct role alongside public cloud. Theresa Lanowitz, from AT&T Cybersecurity, and Chris Goettl from Ivanti join us to discuss what edge computing means for the market and for cybersecurity. Specifically, we'll discuss how: Strong use cases in the market today for edge computing Security's role in edge computing, as a relative newcomer to part of the broader planning process Edge computing requires new thinking about security because of its distributed nature This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them! This week, we changed things up a bit for the news segment and Allie Mellen joins us as a surprise guest host! We discuss Cisco's Splunk acquisition and what it means for Splunk customers, and "The Blob" - Allie's term describing the negative forces responsible for much of the overhyped marketing, silly trends, and substandard products we see in the industry. Segment Resources: Allie's blog on Cisco/Splunk: https://www.forrester.com/blogs/splunk-is-good-for-cisco-but-cisco-needs-to-convince-splunk-customers-that-cisco-is-good-for-them/ Allie's blog on The Blob: https://www.forrester.com/blogs/the-blob-is-poisoning-the-security-industry/ Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-333

This week Dr. Doug talks: NarcBots, Blacktech, ZenRat, Chrome, CISO Churn, lots of privacy issues, Aaran Leyland, will Dr. Doug drink the Y3K Special Edition Coke? And more on this edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-329

This week, First up its the Security News: libwebp or die: we unravel some of the details behind the webp vulnerability first fixed by Apple and Google, then, hopefully by everyone else, attackers can steal your pixels using your GPU, someone cough China cough has been hacking Cisco routers, Kia boys are still a problem, How the Cult of the Dead Cow plans to save the internet, how iOS updates could break glucose monitors, spamming the CVE database, and when a medium is really a high! Just what are the right skills to have or acquire to work in cybersecurity today? Kayla and the Security Weekly crew talk about it in this segment. We also touch on why we get burnt out and how to avoid it, all in anticipation for SOC Analyst Appreciation Day! This segment is sponsored by Devo . Visit https://securityweekly.com/devo to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-800

Supply chain has been a hot topic for a few years now, but so many things we need to do for a secure supply chain aren't new at all. We'll cover SBOMs, vuln management, and putting together a secure pipeline. Segment resources: https://www.solarwinds.com/assets/solarwinds/swresources/whitepaper/2111swiwhitepaper_nextgenbuild.pdf https://next.redhat.com/project/tekton-chains/ https://tekton.dev/ In the news, a stroll back through the Apache Struts breach of Equifax, CISA's list of Known Exploited Vulnerabilities, Rust's replacement for OpenSSL, Go no longer throws programmers for a loop, complexity vs. design (that leads to better security), and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-256

This week Dr. Doug talks: The Year 3000, Sandman, ShadowSyndicate, National Student Clearing House, Apple, Predator, Xenomorph, Mixin, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-328

In this episode, we interview Jake Wilson, Western Governor University's Security Awareness Evangelist. We'll learn about how he built up and matured WGU's security awareness program, eliminating blind spots, and improving efficacy through data analysis and better reporting. This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them! This week in the leadership and communications section: building a feedback-driven culture, letting go of the reins, 25 hard-hitting lessons from 17 years in cybersecurity, and more! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-321

Forrester Research releases a few annual reoccurring cybersecurity reports, but one of the biggest that covers the most ground is the Security Risk Planning Guide, which was recently released for 2024. One of the report's 17 authors, and research director, Merritt Maxim, will walk us through the report's most interesting insights and highlights. This is going to be considerably interesting considering some of this year's trends impacting security teams: An economic downturn, resulting in layoffs and budget freezes The widespread proliferation of generative AI technology The relentless and resilient nature of cybercrime, despite some notable law enforcement wins Ongoing discussion about the role and relevance of SOCs, CISO's, as well as the security department place in today's enterprise Increased enterprise reliance on SaaS and Cloud, as vendors and service providers continue to struggle with securing their products and services If you've ever played Dungeons & Dragons, you probably know that the quality of the experience depends on how prepared, experienced, and talented the Dungeon Master is. Today, we'll talk to InfoSec DM and practitioner extraordinaire Ryan Fried about some of the key elements that separate a good cybersecurity tabletop exercise from a bad one! This is literally his day job at Mandiant, and it doesn't hurt to have one of the world's largest libraries of attacker TTPs and the collective lessons learned from thousands of actual incident response experiences. This week we talk about finding, acquisitions and the state of the market. If you're interested in cybersecurity market discussion, this is the episode for you. We also discuss what makes a cybersecurity influencer. Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-332

This week on the Security Weekly News: Passkeys, bots, hotels, conning the con, TrendMicro, Pizza, Aaran Leyland, & more! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-327

Nathan comes on the show to discuss LLMs, such as ChatGPT, the issues we face today and in the future. Learn about prompt injection attacks, jailbreaking, LLMs for threat actors, and more! In the Security News: LVFS is not a backdoor, attackers are in physical proximity, when you need to re-cast risk, oh Fortinet, pre-installed backdoors again, deep down the rabbit hole, the buffer overflow is in your BIOS!, what is 345gs5662d34?, a cone is all you need, we are compliant because we said so but we lied, 10 years of updates, Microsoft looks at ncurses and finds bad things, they also lost 38TB of data (Microsoft that is), when MFA isn’t really MFA, China and Russia are cyber attacking things, and MGM and Caesars are in hot water, All that and more on this episode of Paul’s Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-799

The majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based defenses insufficient to stop targeted business logic attacks on their own. In this discussion, Karl Triebes shares how flaws in business logic design can leave applications and APIs open to attack and what tools organizations need to effectively mitigate these threats. This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them! In the news segment, a slew of XSS in Azure's HDInsights, CNCF releases fuzzing and security audits on Kyverno and Dragonfly2, CISA shares a roadmap for security open source software, race conditions and repojacking in GitHub, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-255

This week Dr. Doug talks: SprySocks, Lazarus, Fortinet, Juniper, CISA, Transparent Tribe, AI Art, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-326

This week Dr. Doug talks: Cyberdog, Pegasus, Webex, Peach Sandstorm, SAP, Caesar, Penn State, Aaran Leyland, and More News on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-325

Organizations still struggle with DDoS, ransomware, and personal information exfiltration. In order the prevent these attacks, we first need to understand the ‘types’ of DDoS and emerging threat techniques used by the adversary. In this interview, we explore these attacks in the context of edge computing. As edge computing use cases evolve, organizations need to understand the intersection of edge computing, networking, and cybersecurity. We discuss the risks associated with edge computing, the controls that can mitigate these risks, and how to plan for implementation, including security budgeting. Segment Resources: https://www.akamai.com/blog/security/defeating-triple-extortion-ransomware This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them! In the leadership and communications section, Board Members Struggling to Understand Cyber Risks, Cybersecurity Goals Conflict With Business Aims, Navigating Change: The Essence of Agile Leadership, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-320

Discussing ways to ensure client success with MDR and discuss the ways organizations hurt MDR efficacy with overly broad global exclusions, poor deployment practices, and poor policy hygiene. This segment is sponsored by Sophos. Visit https://securityweekly.com/sophos to learn more about them! We talk to Chris Sanders today, who has been steeped in the world of SecOps and detection/response for many years. After many years of writing books and training folks in the cybersecurity industry, he started delving into cognitive psychology and educational effectiveness. He leverages this knowledge in the training classes he builds and delivers. Today we'll discuss why it seems like defenders are still failing, despite the security industry largely (and arguably) receiving the resources it has been requesting. In this news segment, we start off by discussing funding, acquisitions, and Ironnet's unfortunate demise. We discuss Gmail's new, extra verifications for sensitive actions and Lockheed Martin's Hoppr SBOM and software supply-chain utility kit. We get into CISA's roadmap to help secure open source software, and their offer to run free vulnerability scans for the United States' 150,000+ water utilities. Then, discussion turns back to some more negative items with Brazil's self-inflicted $11 billion dollar data leak, and the MGM/Caesar's ransomware attacks, which seem like they could have a common attacker and initial attack vector (a shared IT support company, perhaps). We also discuss Microsoft's post mortem on the Storm-0558 attack. Kelly Shortridge wants to know, "why are you logging into production hosts", someone is submitting garbage CVEs, and Mozilla finds that privacy policies from auto manufacturers are a privacy TRAIN WRECK. Finally, we wrap up discussing tools that can detect deepfake audio, as well as the likelihood that this will be the start of a game of leapfrog, as deepfakes get increasingly better over time. And we discuss Delphi's offer to create a 'digital clone' of you that could live on forever, haunting your descendants. Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-331

Ryan has his finger on the pulse of ransomware and response. We discuss how the initial infections are occurring, how they've changed over time, and where they are going in the future! Segment Resources: For folks to see my recent presentations: for528.com/playlist For folks to see the recordings of our recent Ransomware Summit: https://for528.com/summit23 For folks to watch my recent (free) ransomware workshop: https://for528.com/workshop23 Materials: https://for528.com/workshop Lots in the Security News this week. Stay tuned! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/psw Show Notes: https://securityweekly.com/psw-798

Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about more than just code. Segment Resources: - https://www.zaproxy.org/ - https://softwaresecurityproject.org/blog/welcoming-zap-to-the-software-security-project/ - https://owasp.org/www-project-vulnerable-web-applications-directory/ In the news segment, a key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example of keeping OSS projects alive, a quick note on BLASTPASS, and a look at privacy in cars, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-254

This week Dr. Doug talks: Mopria, Cisco, Seimens and Schneider, Word, AP Stylebook, DarkGate, GitHub, Chrome, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-324

Managing identities continues to add complexity for granting access to enterprise resources. Between the increasing number and expanding types of identities, including carbon-based, silicon-based, and artificial identities, and the evolution of cloud computing and remote work, managing the perimeter is now an identity problem. What risks do each of these identity types pose and how do you mitigate them? Jeff Reich, Executive Director at Identity Defined Security Alliance (IDSA), joins us to discuss the challenges of digital identities, how to discover risk with digital identities, and how best to mitigate those risks. Segment Resources: IDSA's 2023 Trends in Security Digital Identities: https://www.idsalliance.org/white-paper/2023-trends-in-securing-digital-identities/ Securing Your Remote Workforce Through Identity-Centric Security: https://www.idsalliance.org/white-paper/securing-your-remote-workforce-through-identity-centric-security/ In the leadership and communications section, The importance of CISOs is not recognised by senior leadership, The secret habits of top-performing CISOs, Get *Free* copies of two of our favorite leadership books, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-319

Doug talks with Chat GPT in an interview format just to see what having a conversation with the AI is like. It even gets around to asking Chat GPT the famous six questions from Paul's Security Weekly. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly \Show Notes: https://securityweekly.com/vault-swn-4

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on November 18, 2022. This segment will focus on (1) Why Did Sephora Get Fined $1.2M and Why Are They on Probation? (2) Why Data Privacy is Being Overhauled in 2023 (and How You Can Be Ready) Segment Resources: https://www.consumerreports.org/electronics-computers/privacy/i-said-no-to-online-cookies-websites-tracked-me-anyway-a8480554809/ https://www.geekwire.com/2022/the-bittersweet-serendipity-that-gave-these-two-startup-leaders-a-shared-mission-in-online-privacy/ https://www.boltive.com/blog/why-having-a-consent-management-platform-is-not-enough https://www.boltive.com/blog/bracing-for-2023-privacy-laws https://ceoworld.biz/2022/07/03/three-ways-your-data-is-leaking-in-advertising-and-how-to-avoid-it/ Show Notes: https://securityweekly.com/vault-esw-4 Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Check out this interview from the PSW Vault, hand picked by main host Paul Asadoorian! This segment was originally published on February 4, 2013. Dr. Spafford is one of the senior, most recognized leaders in the field of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security and intelligence, education, cybercrime and computing policy to a number of major companies, law enforcement organizations, academic and government agencies... [With] over three decades of experience as a researcher and instructor, Professor Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy, and computing curriculum design. Dr. Spafford is a professor with an appointment in Computer Science at Purdue University, where he has been a member of the faculty since 1987. Spaf's new book, Cybersecurity Myths and Misperceptions, is available at https://informit.com/cybermyths Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-psw-4

Check out this interview from the SDL Vault, hand picked by main host Doug White! This segment was originally published on January 22, 2019. Today, we begin the journey to the quantum realm on SDL. Marketing is telling us, everything is quantum now, don't be fooled, let us tell you how it works on SDL. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-swn-3

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on January 10, 2022. There's an understandable focus on "shift left" in modern DevOps and appsec discussions. So what does it take to broaden what we call appsec into something effective for modern apps, whether they're on the web, mobile, or cloud? We'll talk about moving on from niche offerings into successful appsec programs. Show Notes: https://securityweekly.com/vault-asw-4

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on March 15, 2021. In 1989, Stephen Covey first published "The 7 Habits of Highly Effective People," empowering and inspiring leaders for over 25 years. Is there an equivalent or new set of habits for CISOs? George Finney, Chief Security Officer at Southern Methodist University, joins Business Security Weekly to discuss the Nine Cybersecurity Habits. Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-bsw-4

Having direct visibility into your access data is crucial for two reasons: 1. Simplifying audit preparation and 2. Managing progress of your identity program to ensure peak performance. Internal auditors and compliance managers need easy access to granular data points to understand and demonstrate compliance to external agencies. Gaining access to real time data creates a great deal of autonomy for audit and identity teams to be able to delve deep into their identity programs and prove compliance. However, making the data available even internally can put organizations at risk for data leaks and data policy violations. Erik will outline how companies can gain access to their current identity search and dashboard data and be able to query in their preferred BI tool based on their own data privacy policies and business needs, significantly reducing risk. This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpoint to learn more about them! There's still serious, late stage funding for compelling tech in cybersecurity, SpyCloud proves with it's $110M Series D. We discuss the SentinelOne/Wiz merger rumors. Sadly layoffs and even company failures are still occurring, thought Tyler thinks the market downturn is close to bottoming out. NordVPN spins off an AI skunkworks called NordLabs. The Browser Company has a great company vision page that's worth checking out. Two interesting LLM prompt-related tools to check out are PIPE and promptmap (both on github). Brazilian phone spyware WebDetetive (sic) gets hacked and all victim data deleted. US takes down QakBot and *removes* it from infected systems! Finally, a homing pigeon proves that birds are faster than gigabit Internet :D In this interview, Raghu discusses the specific challenges in securing the cloud and how to overcome them. He shares how to make your life easier by making security a team sport, how to gain the visibility you need across clouds, data centers, and endpoints, and how to get a return on your cloud security investments. This segment is sponsored by Illumio. Visit https://securityweekly.com/illumiobh to learn more about them! It’s no secret that the attack surface is increasing and the best defense is one that’s matched to the most relevant risks. Through proactive and reactive research, The SafeBreach Labs team helps customers discover their most critical threats and security gaps by building the industry’s most current and complete playbook of attacks. In this session, SafeBreach Director of Research Tomer Bar will share how attacks are conducted, which APT group have been the most active, and how breach and attack simulation can help teams think like an adversary and leverage recent vulnerabilities to gain accurate insights. Segment Resources: https://www.safebreach.com/safebreach-labs/ This segment is sponsored by SafeBreach. Visit https://securityweekly.com/safebreachbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-330

This week Dr. Doug talks: AI vs. Hunter Thompson, Sandstorm, BGP, Earth Estries, DOE, VMWare Aria, Key Group, DSA, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-323

Amanda joins us to discuss aspects of incident response, including how to get the right data to support findings related to an incident, SMB challenges, cloud event logging, and more! Amanda works for Blumira and is the co-author of "Defensive Security Handbook: Best Practices for Securing Infrastructure." In the Security News: How not to send all your browser data to Google, apparently Microsoft needs pressure to apply certain fixes, the mutli-hundred-billion-dollar-a-year industry that tries to secure everything above the firmware, security through obscrurity doesn’t work, should you hire cybersecurity consultants, pen testing is key for compliance, defense contractor leaks, inside a McFlurry machine, Barracuda is still chasing hackers, why Linux is more secure than windows, more details on WinRar and middle-out compression, a Wifi worm?, CVE-2020-19909 is almost everything that is wrong with CVE, Tacos, and hacking through a Fire stick! All that and more on this episode of Paul’s Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-797

We go deep on LLMs and generative AIs to shine a light on areas that security leaders should focus on. There are technical concerns like prompt injection and access controls, and privacy concerns in training and usage. But there are also areas where security tools are starting to address these concerns as well as areas where security tools are adopting AI themselves. We'll share where we see AI showing promise, as well as where we suspect it's still premature. In the news, a Go Crypto presentation from Real World Crypto, Excel releases support for Python, protecting users from malware like the Luna Grabber and WinRAR RCE, DARPA's V-SPELLS project, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-253

This week Dr. Doug rants: Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-322

The metaverse is an evolving storytelling environment in which humans have congregated for millennia to experience alternate, immersive, and simulated realities, with or without technology. Storytelling is designed to influence mental and physical perceptions suiting the purposes of the content creators. Metawar is the art of applying science to create and defend against the influence of alternate realities in the metaverse. What if we can longer rely on our senses to determine what is real and what is fiction? Winn's research into Metawar initially focused on metaversal technologies. Unexpectedly, it morphed into an intensely personal experience, triggering Winn's own Metanoia, which had a profound impact on the entire Metawar Thesis. Winn joins Business Security Weekly to share his Metanoia. In the leadership and communications section, A CISO's Actionable Strategy for Success, Security basics aren’t so basic — they’re hard, Building a Culture Where Employees Feel Free to Speak Up, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-318

Incredibly, the seemingly simple task of managing corporate-owned devices is still a struggle for most organizations in 2023. Maybe best MDM for Mac doesn't work with Windows, or the best MDM for Windows doesn't work with Mac. Maybe neither have Linux support. Perhaps they don't provide enough insight into the endpoint, or control over it. Whatever the case, security leaders never seem satisfied with their MDM solution and are always investigating new ones. Now, Kolide has stepped in with a unique approach to device management, combining the flexibility and industry support for OSQuery and built to integrate with IdP giant Okta. We discuss Kolide's entrance into the device management space and the current state of MDM - what's wrong with it, and how does Kolide propose to fix it? This segment is sponsored by Kolide. Visit https://securityweekly.com/kolide to learn more about them! Segment description coming soon! Record funding levels over the last two weeks top 2023 and the same time last year. We discuss Palo Alto's plans for the future, CISA's analysis of the LAPSUS$ hacking group, and the uselessness of Quantum Security pitches. Chrome adds the ability to alert users about malicious extensions. A great post from Thinkst has us talking about why vendors (and buyers) need to be careful about default behaviors and documentation. You won't want to miss the excellent squirrel story - a front end for Reddit that looks like Microsoft Outlook. During this segment, Jon will explore today’s ransomware economy players from IABS to RaaS affiliates, to money launders and now C2Ps. For the discussion, Jon will leverage Halcyon’s latest research, which demonstrates a new technique to uncover how C2Ps, like Cloudzy, are used to identify upcoming ransomware campaigns and other advanced attacks. The research revealed that Cloudzy, knowingly or not, provided services to attackers while assuming a legitimate business profile. Threat actors that leveraged Cloudzy include APT groups tied to the Chinese, Iranian, North Korean, Russian, Indian, Pakistani, and Vietnamese governments; a sanctioned Israeli spyware vendor whose tools are known to target civilians; several criminal syndicates and ransomware affiliates whose campaigns have spurred international headlines. This segment is sponsored by Halcyon. Visit https://securityweekly.com/halcyonbh to learn more about them! In this session, Snehal will discuss several real-world examples of what autonomous pentesting discovered in networks just like yours. You’ll hear more about how fast and easy it was to safely compromise some of the biggest (and smallest) networks in the world - with full domain takeover in a little more than a few hours. Learn how you can safely do the same in your own network today! This segment is sponsored by Horizon3.ai. Visit https://securityweekly.com/horizon3aibh to learn more about them! In this Black Hat 2023 interview, CRA’s Bill Brenner and Sophos’ John Shier discuss the company’s latest research on the Royal ransomware gang. Though Royal is a notoriously closed off group that doesn’t openly solicit affiliates from underground forums, granular similarities in the forensics of the attacks suggest all three groups are sharing either affiliates or highly specific technical details of their activities. This segment is sponsored by Sophos. Visit https://securityweekly.com/sophosbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-329

This week in the Security News Dr. Doug talks: Openfire, Firepower, Barracuda, CosmicBeetle, Lazarus, Encryption, Network Tourism, India's on the Moon, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn-321

Jared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The scale is massive and I think we can all learn a thing or two about vulnerability management and bug bounties! Segment Resources: https://www.microsoft.com/en-us/msrc/bounty?rtc=1 https://www.microsoft.com/en-us/msrc https://msrc.microsoft.com/report/vulnerability/new https://www.microsoft.com/en-us/msrc/bounty https://msrc.microsoft.com/blog/ https://jobs.careers.microsoft.com/global/en/search?q=msrc&l=en_us&pg=1&pgSz=20&o=Relevance&flt=true https://www.microsoft.com/bluehat/ In the Security News: Lora projects are popular, simple checksums are not enough, WinRAR: shareware or native OS?, ATM software is vulnerable, attackers could learn from security researchers (but lets hope they don’t), NoFilter and behavior by design, Apple vs. A security researcher: there are no winners, sneaky npm packages, faster Nmap scans, kali on more phones, more LOl drivers, comparing security benchmarks to the real world, tunnelcrack and why VPNs are over-hyped, Ubuntu has lost its mind, and there’s a Python in the sheets! All that and more on this episode of Paul’s Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-796

Two featured interviews from this year's Black Hat. In the news, Discord.io ceases to be, Azure AD breach to get scrutiny from the CSRB, Zoom's AI stumbles show security concerns, model confusion attacks, a look at how far we have -- and haven't -- come with XSS flaws, an approachable article on AI, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-252