Paul's Security Weekly

Two Strokes - Paul's Security Weekly #604

Paul's Security Weekly - Sat, 05/18/2019 - 5:00am

This week, we welcome Julian Zottl, Cyber and Information Operations SME at Raytheon, to talk about defending against advanced adversaries! In the second segment, we welcome Federico Simonetti, CTO of Xiid Corporation, to talk about how to fix identity and access management! In the Security News, Singapore passes an anti-fake news law, WhatsApp Vulnerability Exploited to Infect Phones with Israeli Spyware, major security issues found in Cisco routers, and Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability!

 

Full Show Notes: https://wiki.securityweekly.com/Episode604

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Networking Side - Enterprise Security Weekly #137

Paul's Security Weekly - Fri, 05/17/2019 - 2:30pm

This week, we welcome Ferruh Mavituna, CEO and Founder at our sponsor Netsparker, to talk about centralization of web application security in large enterprises! In the Enterprise News, Atos launches a new unified cloud identity and access management solution, ExtraHop announces new panorama partner program, SysDig and In-Q-Tel partnership to provide U.S. government agencies with the SysDig Cloud Native VSP, and LogRhythm releases a Cloud Based NextGen SIEM platform! In our final segment, we talk about Enterprise Open-Source Firewalls!

 

To learn more about Netsparker, visit: https://netsparker.com/securityweekly

Full Show Notes: https://wiki.securityweekly.com/ES_Episode137

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Rhode Island Things - Business Security Weekly #128

Paul's Security Weekly - Wed, 05/15/2019 - 5:00am

This week, we welcome Jon Fredrickson, Information Security Officer at Blue Cross & Blue Shield of Rhode Island! In the Leadership and Communications segment, Transformational leadership style inspires 'moonshot goals', How to Deal With Information Overload, The surprising secret of success: it's not about winning, and more!

 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode128

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Hack Naked News #218 - May 14, 2019

Paul's Security Weekly - Tue, 05/14/2019 - 5:00pm

This week, hacking the unhackable eyeDisk USB stick, how to brick all Samsung mobile phones, how Twitter shared user location data through advertising, a 0-Day flaw used to install spyware on phones, and a Linux kernel flaw allows remote code execution! In the expert commentary, we welcome Marcin Szary, CTO at Secfense, to talk about Web Authentication!

 

To learn more about Secfense, visit: https://securityweekly.com/secfense

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode218

Visit https://www.securityweekly.com/hnn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Right Direction - Application Security Weekly #61

Paul's Security Weekly - Tue, 05/14/2019 - 5:00pm

This week, Derek Weeks joins us to talk about DevSecOps and Securing Software Supply Chains! Derek is the VP and DevOps Advocate at Sonatype! In the Application News, Chrome constrains the cookies and Edge pushes privacy, Windows builds a sandbox for Linux, Android Q for more quarantined code with more LLVM features, Steve Singh stepping down as Docker CEO, and Verizon releases its 2019 DBIR!

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode61

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Billy Ray Built a Meth Lab - Paul's Security Weekly #603

Paul's Security Weekly - Fri, 05/10/2019 - 1:00pm

This week, we welcome back Lesley Carhart, Principal Threat Analyst at Dragos Inc., to talk about moving from IT security to OT security, DFIR in ICS, and more! In the second segment, we welcome Chris Sanders, Founder of Applied Network Defense & Director of the Rural Technology Fund, to talk about delivering high quality IT training and donating scholarships and equipment to further education in schools! In the Security News, the top 5 mistakes that create field days for hackers, WordPress 5.2 brings new security features, a discontinued Insulin pump with security a security flaw in high demand, and how to communicate privately in the age of digital policing!

 

Full Show Notes: https://wiki.securityweekly.com/Episode603

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Break Stuff - Enterprise Security Weekly #136

Paul's Security Weekly - Thu, 05/09/2019 - 12:00pm

This week, we welcome Nik Whitfield, CEO at Panaseer, to talk about Continuous Controls Monitoring! In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! In our final segment, we have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium!

 

Full Show Notes: https://wiki.securityweekly.com/ES_Episode136

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Drive the Bus - Business Security Weekly #127

Paul's Security Weekly - Wed, 05/08/2019 - 5:00am

This week, Matt, Jason, and Paul do a recap on the Global Cyber Innovation Summit that was held in Baltimore last week! In the Leadership and Communications segment, How to build a startup, You Don't Have To Be Nice To Be Respected. Boeing and the Importance of Encouraging Employees to Speak Up, and more!

 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode127

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hack Naked News #217 - May 7, 2019

Paul's Security Weekly - Tue, 05/07/2019 - 3:11pm

This week, software flaw exposed most dell computers to remote hacking, Israel neutralizes cyber attack by blowing up a building with hackers, an expert that found hundreds of vulnerable Jenkins plugins, a bug in Mirai code allows crashing C2 servers, and how researchers discovered a highly stealthy Microsoft Exchange Backdoor! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Japan is developing a computer virus to fight cyber attacks!

 

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode217

Visit https://www.securityweekly.com/hnn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Defense In Depth - Application Security Weekly #60

Paul's Security Weekly - Tue, 05/07/2019 - 12:00pm

This week, we welcome Sven Morgenroth, Security Researcher at Netsparker to talk about securing our applications, web applications, and how we can make it easier to build applications! In the AppSec News, Firefox gives more scrutiny to add-ons but Firefox also forgot to give more scrutiny to a cert, Path traversals trampled by ransomware, Secure Software Design: The Next Frontier In Cybersecurity, Trust the Stack, Not the People, VRT adds a CAN, and MDM, parental controls, and security!

 

To learn more about Netsparker, visit: https://securityweekly.com/netsparker

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode60

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

It's Gonna' Be Heavy! - Paul's Security Weekly #602

Paul's Security Weekly - Mon, 05/06/2019 - 5:41pm

This week, we welcome Philip Niedermair, CEO at the National Cyber Group, to discuss the National Cyber Education Program! In our second interview, we welcome back Josh Abraham, Staff Engineer at Praetorian, to talk about the MITRE attack framework for attackers! In the Security News, how Tenable experts found 15 flaws in wireless penetration systems, Julian Assange refused exfiltration to the US, PoC exploits for old SAP config flaws increase risk of attacks, and how 1.75 million dollars was stolen from a Church through a phishing attack!

 

Full Show Notes: https://wiki.securityweekly.com/Episode602

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Cognitive Dissonance - Enterprise Security Weekly #135

Paul's Security Weekly - Thu, 05/02/2019 - 5:00am

This week, we welcome Jay Prassl, CEO of Automox joins us to discuss Patch Management struggles and how to overcome them! In our second interview, we're joined by Josh Abraham in studio, who is a Staff Engineer at Praetorian, to talk about the MITRE attack framework for defenders! In the Enterprise news, ThreatConnects new features make creating security playbook's easier, SolarWinds adds password management to security portfolio, Checkpoint Systems announces HALO IoT platform, and BlackHat USA offers an inside look at Intel's security engine!

 

To get involved with Automox, visit: https://securityweekly.com/automox

Why Praetorian Benchmarks to MITRE ATT&CK: https://p16.praetorian.com/blog/why-praetorian-benchmarks-to-mitre-attack

Full Show Notes: https://wiki.securityweekly.com/ES_Episode135

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Wide Open - Business Security Weekly #126

Paul's Security Weekly - Wed, 05/01/2019 - 5:00am

This week, we welcome Craig Sandman, President and Co Founder of Symbol Security, a Cyber Security SaaS company with a mission to reduce corporate risk through Security Awareness Education! Craig will discuss Security Awareness, Education, and Training! In the Leadership and Communications segment, 5 Myths about Strategy, The making of a technology leader, Want Fewer Employees to Quit? Listen to Them, and more!

 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode126

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hack Naked News #216 - April 30, 2019

Paul's Security Weekly - Tue, 04/30/2019 - 3:52pm

This week, how a politicians' kids accessed his laptop through facial recognition, critical flaws in WordPress and Qualcomm chips, how 2 million IoT security cameras and baby monitors are vulnerable to takeover, and how a new Emotet variant uses connected devices as proxy C2 servers! In the expert commentary, the return of Jason Wood from Paladin Security, joins us to talk about how Microsoft is telling IT admins to nix 'obsolete' password reset practices!

 

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode216

Visit https://www.securityweekly.com/hnn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Other Side - Application Security Weekly #59

Paul's Security Weekly - Tue, 04/30/2019 - 5:00am

This week, we welcome Larry Maccherone, Senior Director of Comcast, to talk about the world of SecOps vs. DevSecOps! In the Application Security News, Software update gums up fingerprints, a counterproductive security practice expires thanks to well-considered guidelines, Docker Hub breach response, a path to hacking Ruby Gems, 5 Security Challenges to API Protection, and more!

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode59

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Shake It! - Paul's Security Weekly #601

Paul's Security Weekly - Sat, 04/27/2019 - 5:00am

This week, we welcome Haroon Meer, CEO and Researcher at our sponsor Thinkst, to talk about why hackers should create companies, and some of the technical details behind Thinkts' tool Canary! In the second segment, we welcome Gururaj Pandarangi, CEO and Co-Founder of Cloudneeti, to talk about how their SaaS product is delivering continuous cloud security and compliance assurance to businesses! In the Security News, serious vulnerabilities found in fujifilm x-ray devices, facebook could be fined 5 billion over privacy violations, preinstalled malware on bootleg streaming devices, hackers using SIM swapping to steal cryptocurrency, and how a 29 year old computer scientist created the algorithm that took the first ever picture of a black hole!

 

To learn more about Thinkst, visit: https://securityweekly.com/canary

To learn more about CloudNeeti, visit: https://cloudneeti.com/securityweekly

Full Show Notes: https://wiki.securityweekly.com/Episode601

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Creativity Points - Enterprise Security Weekly #134

Paul's Security Weekly - Thu, 04/25/2019 - 5:00am

This week, Paul Asadoorian is joined by Matt Alderman, as we interview Francis Dinha, the CEO of OpenVPN! In the Enterprise News, ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS, Tenable Integrates with Google Cloud Security Command Center, Capsule8 to help Google Cloud SCC members consolidate findings and speed up response, and Evident and Okta partnership simplifies identity verification and reduces risk for businesses! In the final segment, Security Legend Dave Kennedy sits down with our Founder and CTO Paul Asadoorian at InfoSec World 2019 to discuss his company Binary Defense and how they're helping the Security community!

 

Full Show Notes: https://wiki.securityweekly.com/ES_Episode134

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Emotional Intelligence - Business Security Weekly #125

Paul's Security Weekly - Wed, 04/24/2019 - 5:00am

This week, we welcome Adam Fletcher, Chief Information Security Officer for Blackstone! In the Leadership and Communications segment, 5 Ways to Find Natural Leaders for Your Team, Business Wisdom Learned From Bomb Squad Experts And Their Commanders, Why Rest Is Essential To High Performance, 4 Ways Working Dads Can Make More Time for Family, and more!

 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode125

Please join Adam and other CISOs at the Global Cyber Innovation Summit by visiting https://globalcybersummit.org/request-information to request your invitation.

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hacking for Lazy People - Application Security Weekly #58

Paul's Security Weekly - Tue, 04/23/2019 - 5:00pm

This week, we welcome Thomas Hatch, the creator of the Salt open source software project, and is the CTO of SaltStack, the company behind Salt! In the Application Security News, Breach at IT outsourcer Wipro, SCP serves the file it wants, Confluence Path traverses to RCE, another Local PrivEsc on Windows, easier sandboxing for C and C++ APIs, and Computer Science plus Ethics!

 

To learn more about SaltStack, visit: https://securityweekly.com/saltstack

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode58

 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hack Naked News #215 - April 23, 2019

Paul's Security Weekly - Tue, 04/23/2019 - 3:53pm

This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores, and how attackers are weaponizing more vulnerabilities than ever before! In the expert commentary, we welcome Itai Tevet, CEO of Intezer, to talk about Linus threats, recent Mirai variants, and general code reuse in the cyber space!

 

To learn more about Intezer, visit: https://securityweekly.com/intezer

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode215

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly