Paul's Security Weekly

Netgear Soho Vulns, Lucifer Botnet, & Failed Facial Recognition - Wrap Up - SWN #46

Paul's Security Weekly - Thu, 07/02/2020 - 6:50pm

This week, Dr. Doug wraps up the hot topics across all the shows for this week, talking about Bad laws, bad hackers, India bans 59 Chinese Apps including TikTok, Lucifer botnet threatens Windows Systems, Schuchman sentenced to 13 months for botnet development, and more!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode46

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Good Side - ESW #189

Paul's Security Weekly - Thu, 07/02/2020 - 5:00am

This week, we talk Enterprise News, to talk about how Semperis adds vulnerability assessment, security reporting, and auto-remediation to its DSP, AWS launches Amazon Honeycode to help quickly build mobile and web apps without programming, Attivo Networks Advanced Protection Disrupts Ransomware 2.0, Improved threat visibility, defense and protection across social platforms with SafeGuard 7.6, and more! In our second segment, we welcome Greg Thomas, Lead Security Engineer at Jvion, to talk about HITRUST Compliance vs. Security and Diversity in InfoSec! In our final segment, we welcome Franz Payer, CEO at Cyber Skyline, to discuss Cybersecurity Hiring!

 

Show Notes: https://wiki.securityweekly.com/ESWEpisode189

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Major One - SCW #33

Paul's Security Weekly - Tue, 06/30/2020 - 7:00pm

This week, we welcome Matt Springfield, Founder of 12Feet, Inc., to talk about PCI Workloads in the Cloud! In the Security and Compliance News, Cloud Security for a Dynamic Environment, Why identity-based, distributed controls are better suited to address cloud-era threats, Top Cloud Security Challenges in 2020, Exposed Cloud Databases Attacked 18 Times Per Day, and more!

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode33

Visit https://www.securityweekly.com/scw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Greatest Challenges - BSW #178

Paul's Security Weekly - Tue, 06/30/2020 - 6:00pm

This week, we welcome Graeme Park, CISO at Matillion, to discuss Cybersecurity Challenges in Growth Organizations! In the Leadership and Communications section, Why Cybersecurity Is Really A Business Problem, 6 Reasons Your Strategy Isn t Working, 5 cities with the highest tech salaries, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode178

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

TikTok Bans, BlueLeaks, & Top 10 Bug Bounties - SWN #45

Paul's Security Weekly - Tue, 06/30/2020 - 4:54pm

This week, TikTok bans, OZ increases Cyber budgets, The US Senate wants the justice department to read your mail, the Top Ten Bug Bounties, and BlueLeaks! Jason Wood returns for Expert Commentary on how the REvil Ransomware Gang Adds Auction Feature for Stolen Data!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode45

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Completely Forgotten - ASW #112

Paul's Security Weekly - Mon, 06/29/2020 - 6:00pm

This week, we welcome Cesar Rodriguez, Head of Developer Advocacy at Accurics, to talk about Using IaC to Establish And Analyze Secure Environments! In the Application Security News, DLL Hijacking at the Trend Micro Password Manager, Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms, The State of Open Source Security 2020, Microservices vs. Monoliths: Which is Right for Your Enterprise?, What Modern CI/CD Should Look Like, and Build trust through better privacy!

 

Show Notes: https://wiki.securityweekly.com/ASWEpisode112

To learn more about Accurics, visit: https://securityweekly.com/accurics

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Akamai DDoS, Ripple 20, & CallStranger - Wrap Up - SWN #44

Paul's Security Weekly - Thu, 06/18/2020 - 4:46pm

This week, Show News, Ebay thugs, Ripple 20, T-Mobile, Zoom, and the call may be coming from inside the house! All this and more on the Security Weekly News Wrap Up!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode44

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Raiding the Humidor - ESW #188

Paul's Security Weekly - Thu, 06/18/2020 - 5:00am

This week, we talk Enterprise News, to talk about how BeyondTrust Announces Integration with the SailPoint Predictive Identity Platform, Check Point Launches CloudGuard Cloud Native Security, CyberArk Alero enhancements provide secure privileged access for remote users, Digital Shadows announces new capabilities to identify and remediate unwanted code exposure, and more! In our second segment, we welcome back Ferruh Mavituna, CEO of Netsparker, to talk about Debunking DAST Myths and Short-Term Strategies To Fixing Vulnerabilities! In our final segment, we welcome Jason Fruge, Vice President, Business Application Cybersecurity at Onapsis, to talk about Emerging Security Threats to Your Digital Supply Chain!

 

Show Notes: https://wiki.securityweekly.com/ESWEpisode188

To learn more about Netsparker, visit: https://securityweekly.com/netsparker

To request a complimentary assessment, visit https://securityweekly.com/onapsis

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Break On Through - SCW #32

Paul's Security Weekly - Wed, 06/17/2020 - 5:00pm

This week, Jeff, Matt, Scott, and Josh continue the conversation and talk "How to Become an InfoSec Professional With Limited Resources", and talk about "What Is An InfoSec Professional?"!

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode32

Visit https://www.securityweekly.com/scw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

DARPA Bug Bounties, T-Mobile Outage, & Bob Erdman - SWN #43

Paul's Security Weekly - Wed, 06/17/2020 - 5:00am

This week, Cute robot dogs available for sale, T-Mobile was down all day, lightbulbs can be bugged, DARPA bug bounties, Ebay is going to get ya, and Bob Erdman from Core Security talks about Ransomware!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode43

To learn more about Core Security, visit: https://securityweekly.com/coresecurity

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Bug Bounties, Show News, & REvil - Wrap Up - SWN #42

Paul's Security Weekly - Tue, 06/16/2020 - 5:23pm

Show news, Facebook and the FBI try to catch a child predator, REvil, State Sponsored hacking, Darpa bug bounties, and the F Word!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode42

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Happy Hour - BSW #177

Paul's Security Weekly - Tue, 06/16/2020 - 5:00pm

This week, we welcome Lewie Dunsworth, CEO of Nuspire, to talk about How CISOs Can Best Prioritize Security With a Decreased Budget! In the Leadership and Communications section, Five signs a virtual CISO makes sense for your organization, How to Negotiate Virtually, Why Securing Endpoints Is The Future Of Cybersecurity, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode177

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Boy Who Cried Wolf - ASW #111

Paul's Security Weekly - Mon, 06/15/2020 - 5:10pm

This week, we welcome Michelle Dennedy, CEO of DrumWave, to discuss Data Mapping & Data Value Journey! In the Application Security News, CallStranger hits the horror trope where the call is coming from inside the house, SMBleedingGhost Writeup expands on prior SMB flaws that exposed kernel memory, Misconfigured Kubeflow workloads are a security risk, Verizon Data Breach Investigations Report, and more!

 

Show Notes: https://wiki.securityweekly.com/ASWEpisode111

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Thunderstruck - PSW #655

Paul's Security Weekly - Fri, 06/12/2020 - 5:00pm

This week, we welcome back Dan DeCloss, President and CEO of PlexTrac, to talk about Enhancing Vulnerability Management By Including Penetration Testing Results! In the Security News, Hospital-busting hacker crew may be behind ransomware attack that made Honda halt car factories, 3 common misconceptions about PCI compliance, SMBleed could allow a remote attacker to leak kernel memory, Kubernetes Falls to Cryptomining via Machine-Learning Framework, and The F-words hidden superpower: How Repeating it can increase your pain threshold! In our Final Segment, we air a Pre-Recorded Interview with Ben Mussler, Senior Security Researcher at Acunetix, discussing New Web Technology and its Impact on Automated Security Testing!

 

Show Notes: https://wiki.securityweekly.com/PSWEpisode655

To learn more about PlexTrac, visit: https://securityweekly.com/plextrac

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Other Side - ESW #187

Paul's Security Weekly - Thu, 06/11/2020 - 5:00am

This week, we talk Enterprise News, to talk about how Morpheus Announces Zero-Trust Cloud Management Platform, Thycotic Releases New Version of DevOps Secrets Vault, Qualys Remote Endpoint Protection gets malware detection, F-Secure launches ID PROTECTION, Vectra integrates network threat detection and response for Microsoft Security Services, and more! In our second segment, we welcome Scott Kuffer, Co-Founder & COO at Nucleus Security, to talk about Vulnerability Management! In our final segment, we welcome Heather Adkins, Senior Director of Information Security and Privacy at Google, to talk about Google s New Site Reliability Engineering Book and best practices for designing scalable and reliable systems that are fundamentally secure!

 

Show Notes: https://wiki.securityweekly.com/ESWEpisode187

To learn more about Nucleus Security, visit: http://nucleussec.com

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Shiny Object - SCW #31

Paul's Security Weekly - Wed, 06/10/2020 - 5:00am

This week, we welcome Chris Patteson and Robert Carey from RSA Security, to talk about Navigating the Risks Associated With the Return to "Normal"! Jeff, Scott, Josh, and Matt round out the show with the Compliance News of the week!

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode31

To learn more about RSA Security, visit: https://securityweekly.com/RSAsecurity

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

CallStranger, Tycoon Ransomware, & Matt Allen - SWN #41

Paul's Security Weekly - Tue, 06/09/2020 - 5:28pm

This week, Twitter cracks down on 5G, Tycoon Ransomware, Citizen App, CallStranger, and REvil! Matt Allen from VIAVI Solutions joins us for Expert Commentary to talk about Leveraging enriched flow insights to accelerate response and remediation!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode41

To learn more about VIAVI Solution, visit: https://securityweekly.com/viavi

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Purple Squirrel - BSW #176

Paul's Security Weekly - Tue, 06/09/2020 - 5:00pm

This week, we welcome Marc French, CISO & Managing Director at Product Security Group, Inc., to talk about Career Ladders in Information Security! In the Leadership and Communications section, Challenges of a New CISO: The First Year, Why a robust security culture begins with people, How Cybersecurity Leaders Can Chart the Seas of Business Communication, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode176

All of the open source career ladders can be found here: https://github.com/product-security-group/Security_Ladders

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Full of Ideas - ASW #110

Paul's Security Weekly - Tue, 06/09/2020 - 10:34am

This week, we welcome Phillip Maddux, Sr. Technical Account Manager at Signal Sciences, to talk about The Future State of AppSec! In the Application Security News, Two vulnerabilities in Zoom could lead to code execution, Zero-day in Sign in with Apple, Focus on Speed Doesn t Mean Focus on Automation, Apple pushes fix across ALL devices for unc0ver jailbreak flaw, and more!

 

Show Notes: https://wiki.securityweekly.com/ASWEpisode110

To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Crazy Johnny's Discount All You Can Eat - PSW #654

Paul's Security Weekly - Fri, 06/05/2020 - 5:00pm

This week, first we present a Technical Segment, on Lightweight Vulnerability Management using NMAP! In our second segment, we welcome back Corey Thuen, Co-Founder of Gravwell, for a second Technical Segment, entitled "PCAPS or it didn't happen", diving into Collecting Packet Captures on Demand within a Threat Hunting use case with Gravwell! In the Security News, Octopus Scanner Sinks Tentacles into GitHub Repositories, RobbinHood and the Merry Men, Zoom Restricts End-to-End Encryption to Paid Users, Hackers steal secrets from US nuclear missile contractor, and Had a bad weekend? Probably, if you're a Sectigo customer, after root cert expires and online chaos ensues!

 

Show Notes: https://wiki.securityweekly.com/PSWEpisode654

To learn more about Gravwell, visit: https://securityweekly.com/gravwell

To check out Packet Fleet, visit: https://github.com/gravwell/ingesters/tree/master/PacketFleet

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pages