Paul's Security Weekly

Mad Skillz - PSW #645

Paul's Security Weekly - Fri, 04/03/2020 - 5:30pm

This week, we welcome Matt Allen, Senior Solutions Engineer at VIAVI Solutions, to discuss Collaboration between NetOps and SecOps in today's world! In our second segment, we welcome Lorrie Cranor, Director of CyLab Security and Privacy Institute at Carnegie Mellon University, to discuss Research on Security and Privacy labels for IoT devices! In the Security News, Two Zoom Zero-Day Flaws Uncovered, Millions of routers running OpenWRT vulnerable to attack, Marriott says 5.2 million guest records were stolen in another data breach, PoC Exploits for CVE-2020-0796 (SMBGhost) Privilege Escalation flaw published, and we welcome our very special guest for tonight, Dave Kennedy, who joins us to talk about Video Chat Client Vulnerability History and the recent Zoom Vulnerabilities!

 

Show Notes: https://wiki.securityweekly.com/PSWEpisode645

For more information on VIAVI Solutions, visit: https://securityweekly.com/viavi

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Wash Your Hands! - ESW #177

Paul's Security Weekly - Fri, 03/27/2020 - 5:00pm

This week, we talk Enterprise News, to discuss OWASP Security Knowledge Framework, How to Write an Automated Test Framework in a Million Little Steps, Sumo Logic Selects StackRox to Protect Its Cloud-Native Applications and Services, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, and Windows users under attack via two new RCE zero-days! In our second segment, we welcome Sumedh Thakar, Chief Product Officer at Qualys, to talk about Cybersecurity Challenges Created by a Remote Workforce! In our final segment, we welcome Tod Beardsley, Director of Research at Rapid7, to discuss SMB exposures and User Behavior Analytics failures, using findings from Rapid7 Research Labs!

 

To learn more about Qualys, visit: https://securityweekly.com/qualys

To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7

Show Notes: https://wiki.securityweekly.com/ESWEpisode177

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Maze Ransomware, DEER.IO, & Unacast - Wrap Up - SWN #22

Paul's Security Weekly - Fri, 03/27/2020 - 3:07pm

This week, Doug White brings you the latest and greatest news across all of our shows on the network, as well as all of the hot topics this week! Doug discusses Zoombombing, Russian Hackers, Zuck turns over the controls to the AIs, free cybersecurity products to help out, Chubb hacked, and more!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode22

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Plausible Deniability - SCW #22

Paul's Security Weekly - Wed, 03/25/2020 - 5:00pm

This week, we welcome David Walter, Vice President, RSA Archer and RSA Cloud at RSA Security, to discuss Compliance Risk Challenges! In our second segment, we welcome Kevin Haynes, Chief Privacy Officer at Nemours Children's Health System, to talk about Nemours' use of RSA Archer to manage Compliance Risk!

 

To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity

Show Notes: https://wiki.securityweekly.com/SCWEpisode22

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

A Craving for Hummus - BSW #167

Paul's Security Weekly - Tue, 03/24/2020 - 7:00pm

This week, we welcome Jeff Costlow, Deputy CISO at ExtraHop, to discuss Protect Your Assets According to Their Value! In the Leadership and Communications segment, Matt, Jason, and Paul discuss Real Leaders: Abraham Lincoln and the Power of Emotional Discipline, Social Distancing: 15 Ideas for How to Stay Sane, Rethink Your Relationship with Your Vendors, and more!

 

To learn more about ExtraHop, visit: https://securityweekly.com/extrahop

Show Notes: https://wiki.securityweekly.com/BSWEpisode167

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Zoombombing, Signal Sciences, & Zero Days - SWN #21

Paul's Security Weekly - Tue, 03/24/2020 - 3:54pm

This week, Doug White brings you the latest news for this week, including Zoombombing, Zero Days at Microsoft, AI Takes charge at Facebook, and COVID-19! In the Expert Commentary, we welcome Daniel Hampton, Sr. Technical Account Manager at Signal Sciences, to talk Working Smarter and Not Harder!

 

To learn more about Signal Sciences or to request a demo, visit: https://securityweekly.com/signalsciences

Show Notes: https://wiki.securityweekly.com/SWNEpisode21

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Syncing of the Minds - ASW #101

Paul's Security Weekly - Mon, 03/23/2020 - 6:00pm

This week, we welcome Adam Hughes, Chief Software Architect at Sylabs Inc., to discuss Singularity: A Different Take on Container Security! In the second segment, we welcome Utsav Sanghani, Senior Product Manager at Synopsys, to discuss Why combining SAST and SCA in your IDE produces higher quality, secure software faster!

 

To learn more about Synopsys, visit: https://securityweekly.com/synopsys

Show Notes: https://wiki.securityweekly.com/ASWEpisode101

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Idaho Experience - PSW #644

Paul's Security Weekly - Fri, 03/20/2020 - 5:00pm

This week, we welcome back Corey Thuen, Founder and CEO of Gravwell, to discuss (TOPIC)! In our second segment, we welcome back Peter Smith, Founder and CEO of Edgewise, to discuss How remote users and administrators can work securely from home! In the Security News, Authorities Helpless as Crypto-Currency Scams Rock Nigeria, C.S. Lewis on the Coronavirus, Microsoft SMBv3.11 Vulnerability and Patch CVE-20200796 Explained, Drobo 5N2 4.1.1 - Remote Command Injection, DDoS attack on US Health agency part of coordinated campaign, A cyberattack hits the US Department of Health and Human Services, and more!

 

Show Notes: https://wiki.securityweekly.com/PSWEpisode644

To learn more about Gravwell, visit: https://securityweekly.com/gravwell

To learn more about Edgewise, visit: https://securityweekly.com/edgewise

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

 

SMBv3.11, COVID-19, & Drobo Exploit - Wrap Up - SWN #20

Paul's Security Weekly - Fri, 03/20/2020 - 4:02pm

This week, Doug White brings to you the Security Weekly News Wrap Up, with the hot topics across all of our shows, including, Pornhub has Italians singing from balconies, The Senate renews surveillance rules, Drobo hacks, Google Cloud bug bounties, all the show wrapups, and COVID-19

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode20

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pulling Pieces Together - ESW #176

Paul's Security Weekly - Thu, 03/19/2020 - 5:00pm

This week, we talk Enterprise News, to talk about Fortinet Introducing Self-Learning AI Appliance for Sub-Second Threat Detection Enterprise IT World, GreatHorn Offers Free Email Protection for 60 Days, ZeroNorth raises $10M to further expand engineering, customer support and sales, WordPress to get automatic updates for plugins and themes, and more!! In our second segment, we air two pre recorded interviews with Mehul Revanker of SaltStack and Utsav Sanghani of Synopsys from RSAC 2020! In our final segment, we air two more pre recorded interviews from the RSAC2020, with Kevin Gallagher of Netsparker and Mark Ralls of Acunetix!

 

To request a demo with SaltStack, visit: https://securityweekly.com/saltstack

To get a demo of Synopsys, please visit: https://securityweekly.com/synopsys

To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix

To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

More Comfy Clothes - BSW #166

Paul's Security Weekly - Wed, 03/18/2020 - 5:00pm

This week, we welcome Stephen Black, InfoSecWorld 2020 Speaker and Visiting Professor of Cyberlaw at the University of Houston, to discuss Where the Law Thinks Your Data Lives! In the Leadership and Communications segment, Drowning in a Sea of Alerts, Boeing taps Qantas exec Susan Doniz as CIO, CIO interview: Ian Cohen, chief product and technology officer, at Addison Lee, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode166

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Artifacts - SCW #21

Paul's Security Weekly - Wed, 03/18/2020 - 9:31am

This week, we welcome Matt Allen from VIAVI Solutions! The SCW crew discusses compliance requirements and SecOps frameworks like NIST - checking boxes rather than a holistic view? The vendor eco-system feeding on checking boxes (of which we are one, we HAVE to be.) RSA s theme this year: the human factor . Are CFOs driving technical decisions that put SecOps teams underwater? Investing in Protect vs. Detect vs. Responding tools/resources.

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode21

To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

COVIDLock, HHS, & Android Stalkerware - SWN #19

Paul's Security Weekly - Tue, 03/17/2020 - 5:37pm

This week, Doug White talks Plague surveillance coming soon, the US government is worried about cryptocurrency, dbags attack the HHS, and new attacks on Android phones! Jason Wood delivers the Expert Commentary on Coronavirus Phishing Scams!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode19

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

100 Years - ASW #100

Paul's Security Weekly - Tue, 03/17/2020 - 11:20am

This week, we welcome Clint Gibler, Research Director at NCC Group, to discuss DevSecOps and Scaling Security! In the Application Security News, Data of millions of eBay and Amazon shoppers exposed as another supply chain casualty, Announcing Bottlerocket, a new open-source Linux-based operating system purpose-built to run containers, and The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 1)!

 

Show Notes: https://wiki.securityweekly.com/ASWEpisode100

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

COVID-19, ShmooCon, & FIDO - Wrap Up - SWN #18

Paul's Security Weekly - Mon, 03/16/2020 - 4:17pm

This week, Doug White brings you the Security Weekly News Wrap up, discussing Biting other passengers on EU flights, Everyone is going to telecommute, NSO argues with Facebook in court of phone bugging, the return of FIDO, and more!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode18

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

A Bunch of Old Farts - PSW #643

Paul's Security Weekly - Sun, 03/15/2020 - 10:49am

This week, we welcome back Gabe Gumbs, Chief Innovation Officer at Spirion, to discuss How attackers will change their strategy to target those working from home! In our second segment, we welcome Bianca Lewis, Founder, and CEO of Girls Who Hack, to discuss Girls Who Hack, teaching classes to middle school girls on hacking, and Secure Open Vote, open-source election system that is in the design stages! In the final segment, we air a pre-recorded interview with Dorit Naparstek, director of R&D at NanoLock Security, to discuss Hacks performed on connected & IoT devices, and revealing major vulnerabilities in existing security measures!

 

Show Notes: https://wiki.securityweekly.com/PSWEpisode643

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Drink All the Booze, Log All the Things - ESW #175

Paul's Security Weekly - Thu, 03/12/2020 - 5:00pm

This week, we talk Enterprise News, to talk about Neustar's enhanced UltraDNS capabilities boast greater capacity, global reach, and security, WatchGuard acquires Panda Security to expand endpoint capabilities, Ping Identity launches two-hybrid IT-focused solution packages, and Fortinet updates FortiOS & launches next-gen firewall product! In our second segment, we welcome back Corey Thuen, Co-Founder and CEO of Gravwell, to discuss Secondary Consequences of Bad Pricing Models! In our final segment, we air two pre-recorded interviews from the RSA conference 2020, with Corey Bodzin of ExtraHop, and Todd Weller of Bandura!

 

Show Notes: https://wiki.securityweekly.com/ESWEpisode175

To try RevealX Cloud for Free visit: https://securityweekly.com/extrahop

To find out more about Bandura Cyber, please email Todd.Weller@banduracyber.com

To learn more about ExtraHop, visit: https://securityweeky.com/extrahop

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Visit https://www.securityweekly.com/esw for all the latest episodes! 

Hysteria Abound - BSW #165

Paul's Security Weekly - Thu, 03/12/2020 - 5:00am

This week, we discuss how we breakdown the categories in Information Security. We look at the major areas of Infosec and how they relate to your security programs and the vendors/technologies in each category. Our category breakdown will be used to label each segment we produce and allow subscribers to select categories of interest! In the Leadership and Communications segment, CISOs who leave after 2 years may not finish what they start, Most CISOs ready to move jobs if something better comes along, A New Framework for Executive Compensation, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode165

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Beer & Napkins - SCW #20

Paul's Security Weekly - Wed, 03/11/2020 - 5:00pm

This week, we welcome Winn Schwartau for an interview. The goal of the show is to explore all the attitudes and impressions between security and compliance regardless of where you stand. for security folks - how to navigate compliance to promote security; for compliance folks - to expose them to the depth of research/knowledge/capabilities of the hacker community.

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode20

Visit https://www.securityweekly.com/scw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

FIDO, PwnedLocker, & Crex24 - SWN #17

Paul's Security Weekly - Wed, 03/11/2020 - 12:00pm

This week, Microsoft starts disabling authentication, New ransomware called PwndLocker is out and about, and a secret-sharing app called Whisper is "the safest place on the internet. James Adams from Core Security, a Help Systems Company joins us today talking about "How to think and act like a hacker."

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode17

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pages