Paul's Security Weekly

Incredibly Noisy - Enterprise Security Weekly #130

Paul's Security Weekly - Thu, 03/21/2019 - 1:00pm

This week, in the Enterprise Security News, I am joined by John Strand to discuss how Stackpath released new edge computing VMs, ExtraHop hires former Tenable and HPE leaders to support growth in cyber, Security professionals want to return fire to Venafi, Dragos acquires NexDefense, and 42Crunch unveils a new platform to discover API vulnerabilities and protect them from attacks! In the second segment, we air some pre recorded from RSA Conference 2019 with Endgame, Virsec, and Scythe!

 

Full Show Notes: https://wiki.securityweekly.com/ES_Episode130

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

A Bittersweet Ending - Application Security Weekly #54

Paul's Security Weekly - Wed, 03/20/2019 - 6:00pm

This week, we welcome Jamie Duncan, a recovering history major who has been at Red Hat for just over 7 years! Beginning with his role as a TAM, his focus has increasingly centered on the operations-oriented features of OpenShift, including the May 2018 publication of OpenShift In Action by Manning Publishing. Jamie has had this discussion with customers, OpenShift advocates, and technology fans on multiple continents to date. In the Application Security News, Owner of MAGA-Friendly Yelp Knockoff Threatens to Call FBI After Researcher Exposes Security Holes, Chinese Data Breach Exposes 'Breed Ready' Status Of Almost 2 Million Women, Dozens of companies leaked sensitive data thanks to misconfigured Box accounts, DARPA Is Building a $10 Million, Open Source, Secure Voting System, and much more!

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode54

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Super Geniuses - Business Security Weekly #121

Paul's Security Weekly - Tue, 03/19/2019 - 6:00pm

This week, we welcome Nick Galbreath, Co-founder and Chief Technology Officer at Signal Sciences, to discuss the Intersection of Development and Security! In the Leadership and Communications segment, How Boeing Should Have Responded to the 737 Max Safety Crisis, Digital Transformation is Not About Technology, Gartner's Top 10 Security Projects for 2019, and more!

 

To learn more about Signal Sciences, visit: https://securityweekly.com/signalsciences

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode121

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hack Naked News #211 - March 19, 2019

Paul's Security Weekly - Tue, 03/19/2019 - 5:55pm

This week, Zero-Days in Counter Strike client could be used to build a major botnet, huge aluminum plants hit by 'severe' ransomware attack, Myspace loses 50 million songs in server migration, wifi signals can reveal your password, and PuTTY in your hands: an SSH client gets patched after RSA key exchange memory vulnerability was spotted! Ralf Hund from VMRay joins us for expert commentary to discuss the Evolution of GandCrab!

 

To learn more about VMRay, visit: https://securityweekly.com/vmray

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode211

Visit https://www.securityweekly.com/hnn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

You're Killing Me Smalls - Paul's Security Weekly #597

Paul's Security Weekly - Mon, 03/18/2019 - 5:18pm

This week, we welcome Peter Smith, Founder and CEO of Edgewise to talk about the evolution of Zero Trust! In the Security News, New WordPress flaw lets unauthenticated remote attackers hack sites, Tesla allegedly spied on and ran a smear campaign on a whistleblower, Facebook and Instagram suffer most severe outage ever, a man drives 3,300 miles to talk to YouTube about a deleted video, and what do sexy selfies, search warrants, and tax files have in common? In the final segment, we air a pre recorded interview with Carsten Willems, Co-Founder and CEO at VMRay, discussing malware sandboxing!

 

To learn more about Edgewise, visit: https://securityweekly.com/edgewise/ To learn more about VMRay, visit: https://securityweekly.com/vmray

 

Full Show Notes: https://wiki.securityweekly.com/Episode597 Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

The Evil Empire - Enterprise Security Weekly #129

Paul's Security Weekly - Sat, 03/16/2019 - 5:00am

This week, we interview Gururaj Pandurangi, Founder and CEO at Cloudneeti, to discuss Continuous Cloud Assurance! Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj has 20 years of professional experience, a good portion of it as an early adopter of cloud technologies and building global scale cloud products like Windows Live, Bing platform, Consumer Identity and Federations. Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: - Venafi - XM Cyber - Onapsis Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More!

 

To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti

Full Show Notes: https://wiki.securityweekly.com/ES_Episode129

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Spot On - Application Security Weekly #53

Paul's Security Weekly - Fri, 03/15/2019 - 5:00pm

This week, Keith and Paul discuss the structure and experiences of 2019's RSA Conference! In the Application Security News, WordPress accounted for 90 percent of all hacked CMS sites in 2018, Japanese police charge 13-year-old for sharing 'unclosable popup' prank online, Facebook exploit – Confirm website visitor identities, NSA's top policy advisor: It's time to start putting teeth in cyber deterrence, study shows programmers will take the easy way out and not implement proper password security, and the CommitStrip for the week on Why check for incognito mode?

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode53

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hack Naked News #210 - March 12, 2019

Paul's Security Weekly - Tue, 03/12/2019 - 6:00pm

This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix!

 

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode210

Visit https://www.securityweekly.com/hnn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pick Your Brain - Business Security Weekly #120

Paul's Security Weekly - Tue, 03/12/2019 - 5:00pm

This week, we welcome Ben Carr, Chief Information Security Officer at Aristocrat! Prior to Aristocrat, we was VP of Strategy for Cyberbit and North America's Technical Director for Tenable! In the Leadership and Communications segment, how to make sure your board sets a good example for your company, cybersecurity is putting customer trust at the center of competition, 6 reasons your home office is better than your company office, and more!

 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode120

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

We All Was In High School - Paul's Security Weekly #596

Paul's Security Weekly - Sat, 03/02/2019 - 2:00pm

This week, we welcome Allan Liska, Senior Solutions Architect at our sponsor Recorded Future, to talk about Catching Up To The Hype w/ Threat Intelligence! In the second interview, we welcome David Marble, President and CEO at OSHEAN Incorporated, to talk about what to expect at at this years Rhode Island Cybersecurity Exchange Day! In the Security News, YouTube controversy on ALL fronts, Cisco SOHO wireless VPN firewalls and routers open to attack, Ring doorbell flaw opens door to spying, bot plagues, free hacking toolkits, and everything you need to know about the Huawei controversy!

 

Get Trending Threat Insights Delivered to Your Inbox, at: https://securityweekly.com/recordedfuture

OSHEAN is hosting RI Cybersecurity Exchange Day on March 13th at the O'Hare Academic Building at Salve Regina in Newport, RI! Register Now at https://OSHEAN.org/events.

 

Full Show Notes: https://wiki.securityweekly.com/Episode596

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Getting In & Getting Out - Enterprise Security Weekly #128

Paul's Security Weekly - Thu, 02/28/2019 - 5:00am

This week, Paul is joined by Matt Alderman to discuss some Funding and M&A, such as Elevate Security announces an $8 million series A to alter employee security behavior, Armorblox raises 16.5 million in series A, Bandura Cyber raises 10 million in venture funding, and much more! In the Enterprise Security News, Capsule8 expands threat detection platform for PCI DSS, BitSight unveils peer analytics for more effective security performance management, Imperva advances autonomous application protection capabilities, and Synopsys launches Polaris Software integrity platform!

 

Full Show Notes: https://wiki.securityweekly.com/ES_Episode128

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Lose Weight - Application Security Weekly #52

Paul's Security Weekly - Wed, 02/27/2019 - 5:00pm

This week, many websites threatened by highly critical code-execution bug in Drupal, UK parliament calls for antitrust, data abuse probe of Facebook, CommitStrip: Get rich quick, Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret', and more! In our second segment, we welcome Matt Springfield, is the Founder of 12Feet, Inc., an information security consulting firm based in the Dallas area! Matt has more than 23 years of information security experience spanning operations, architecture and consulting with a focus on large scale retail and service provider environments!

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode52

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hack Naked News #209 - February 26, 2019

Paul's Security Weekly - Tue, 02/26/2019 - 4:41pm

This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored!

 

To GET A FREE 14-DAY TRIAL of Acunetix, visit: https://securityweekly.com/acunetix

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode209

Visit https://www.securityweekly.com/hnn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Tea & Crumpets - Business Security Weekly #119

Paul's Security Weekly - Tue, 02/26/2019 - 5:00am

This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events!

 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119

Visit https://www.securityweekly.com/bsw for all the latest episodes!

SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting https://secureworldexpo.com and using the code 'SecurityWeekly'.

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly