This week, we welcome Philippe Courtot, Chairman and CEO of Qualys, and Sumedh Thakar, Chief Product Officer at Qualys, to talk about a new prescription for security, and Security in the Cloud Era! In our second segment, we air a pre-recorded Technical Segment with Sven Morgenroth of Netsparker! In our final segment, we air another pre-recorded interview with Dave Bitner, producer and host from the CyberWire podcast! Show Notes: https://wiki.securityweekly.com/PSWEpisode625 To learn more about Q...
Nov 01, 2019•2 hr 27 min
This week, we welcome Tom Williams, Director of Veterans Operations for the Veterans Mental Health Hackers, to talk about How Mental Health Hackers is going to help Veterans in Infosec in 2020 and beyond! In our second segment, we talk Security News, discussing how Amazon Echo and Kindle devices were affected by a WiFi bug, Ransomware and data breaches linked to uptick in fatal heart attacks, a woman was ordered to type in her iPhone password so police could search the device, and how the milita...
Oct 26, 2019•2 hr 57 min
This week, we welcome Daniel DeCloss, President and CEO of PlexTrac, to talk about what makes an excellent pentest report! In our second segment, we talk Security News, how hackers can hijack your local airport, Baltimore to buy $20M in cyber insurance months after the attack, a dangerous Kubernetes bug that allows authentication bypass-DoS, and using machine learning to detect IP hijacking! In our final segment, we air a pre-recorded interview with Peter Kruse, Co-Founder of the CSIS Security G...
Oct 19, 2019•2 hr 44 min
This week, we talk Security News, how Turkey fines Facebook $282,000 over privacy breach, why the FBI is encouraging not to pay ransomware demands, the top 10 cybersecurity myths that criminals love, Doordash third-party breach hits 4.9 Million users, and how a "Bulletproof" Dark Web data center was seized by German police! In our second segment, we air a pre-recorded interview with Stewart Room, Partner at PwC, to talk about Data Privacy and The Journey to Code! In our final segment, we air a s...
Oct 07, 2019•3 hr 4 min
This week, we talk Security News, discussing how a hacker took over a smart home with vulgar music and rising temperatures, a security warning for 23 million YouTube creators following a crazy hack attack, Vimeo sued for storing faceprints of people without their say-so, Selfie Android apps push ads and can record audio, and how adopting DevOps leads to an improved security posture! In our second segment, we air three pre-recorded interviews from the SE village at DEFCON 27 with Billy Boatright,...
Sep 30, 2019•1 hr 55 min
This week, we welcome Jason Lang, Sr. Security Consultant at TrustedSec, to talk about modern-day Red Teaming against some of the largest companies in the U.S.! In our second segment, we welcome Wes Widner, Cloud Engineering Manager at CrowdStrike, to talk about Audio Security, and why personal voice assistants are the wave of the future! In the Security News, how an iOS 13 flaw could provide access to contacts with a passcode, Equifax demands more information before making payouts, confidential...
Sep 21, 2019•2 hr 44 min
This week, we present the Security News, to discuss new ransomware growing 118% as cybercriminals adopt fresh tactics and code innovations, Period Tracker Apps share data with Facebook, U.S. Cyber Command trolls North Korea with Malware Release, and a lot more! In our second segment, we welcome back Peter Smith, the Founder & CEO of Edgewise, to talk about Edgewise's 1-Click Microsegmentation! In our final segment, we air a pre-recorded interviews from SE Village with Chris Kirsch and Micah!...
Sep 16, 2019•2 hr 30 min
This week, we present the Security News, to discuss how AT&T employees took bribes to plant malware on the company’s network, how hackers could decrypt your GSM calls, 80 suspects charged with massive BEC scam, and how the passports and licenses of 300 people were leaked in New Zealand! In our second segment, we welcome back Corey Thuen, Co-Founder at Gravwell, to talk about analyzing custom log sources! In our final segment, we air a pre-recorded interview with Chris Hadnagy, Founder, CEO, ...
Aug 30, 2019•2 hr 40 min
This week, we present a Technical Segment sponsored by our partner DomainTools, on Deobfuscating JavaScript to investigate Phishing Domains! In our second segment, we welcome Richard Melick, Senior Technology Product Marketing Manager at Automox, to talk about why waiting to deploy critical patches makes you a bigger target! In our final segment, we air two pre recorded interviews from BlackHat USA 2019, with Roman Sannikov from Recorded Future and Ray Dimeo of Virsec! To learn more about Automo...
Aug 26, 2019•2 hr 36 min
This week, we welcome Tony Punturiero, Community Manager at Offensive Security, to talk about the journey of turning from a Blue Teamer to a Red Teamer, and kick starting an InfoSec community! In the Security News, BlackHat USA 2019 breaks records once again, new flaws in Qualcomm Chips expose Android devices to hacking, DEFCON 27 badge hacking for beginners, the CapitalOne hacker may have stolen from more than 30 companies, and a new data breach that exposed millions of fingerprint and facial r...
Aug 19, 2019•2 hr 55 min
This week, from BlackHat 2019, we welcome back Gabriel Gumbs, Chief Innovation Officer at Spirion! Gabe talks about his role at the company, and shares some stories of his endeavors in the world of security! In the second segment, Paul, Larry, Doug, and Gabe, talk Software Development: Security Do's and Don'ts! In the final segment, we welcome Josh Douglas, VP of Threat Intelligence at Mimecast, to discuss the threats facing organizations today, and how IT and security teams need to understand t...
Aug 12, 2019•2 hr 19 min
This week, we welcome Sam Straka, Technical Product Manager at LogRhythm, to talk about LogRhythm's Next Gen SIEM Platform orchestration! In our second segment, we welcome Doug Coburn, Director of Professional Services at Signal Sciences, to talk about how Signal Sciences is Implemented, and we'll take a look at installing Signal Sciences in a Kubernetes environment and the Signal Sciences dashboard! In the Security News, the U.S. Government issues a light aircraft cyber alert, thieves steal a l...
Aug 05, 2019•2 hr 41 min
This week, we welcome Troels Oerting, Head of the Global Centre for Cybersecurity at the World Economic Forum, to discuss Integrity through Prevention, and protection and prosecution via people, technology, and processes! In the Security News, a phishing scheme that targets AMEX cardholders, the list of labs affected by the American Medical Collection Agency data breach continues to grow, a Silk Road drug dealer gets caught converting Bitcoin to cash, how GDPR is forcing the tech industry to ret...
Jul 29, 2019•3 hr 2 min
This week, we welcome Katie Nickels, ATT&CK Threat Intelligence Lead at the MITRE Corporation, to talk about the MITRE ATT&CK Framework! In our second segment, a security roundtable discussion on Vulnerability Management, Patching, Hunt Teaming, Asset Management, and System Hardening! In the Security News, Lenovo confirms 36TB Data Leak security vulnerability, Slack resets passwords after 2015 data breach, why BlueKeep hasn't reeked havoc yet, and why you don't need a burner at a hacking...
Jul 20, 2019•2 hr 49 min
This week, we welcome Ben Ten, Team Lead of Defense and Countermeasures at TrustedSec, to talk about Purple Teaming and avoiding detection! In the Security News, Zoom's RCE Vulnerability is affecting over 700,000 companies, how YouTube is trying to ban hacking videos, 1TB of police body cam footage is available online, and how the U.S. Cyber Command warns of Outlook flaw exploited by Iranian Hackers! In our final segment, we air a pre recorded interview with Reinhard Hochrieser, CMO at Jumio, to...
Jul 15, 2019•2 hr 35 min
This week, we welcome Don Pezet, Co-Founder and Edutainer at our sponsor ITProTV, to discuss the new CySA+ and PenTest+ certifications! In the second segment, we welcome Kathleen Smith, CMO at CyberSecJobs.com and ClearedJobs.net, to talk about tools to hack your career and tips to help your career search! In the Security News, a massive DHS data breach raises questions about Oregon's cybersecurity protocols, The fake French minister in a silicone mask who stole millions, a police officer reward...
Jun 29, 2019•3 hr 20 min
This week, we welcome Vivek Ramachandran, Founder and CEO of the Pentester Academy, to talk about their AttackDefense Labs platform, and how the Pentester Academy is helping thousands of customers from government agencies to Fortune 500 companies! In the second segment, we welcome back Bryson Bort, Founder and CEO of Scythe, to talk about purple teaming, top attack simulation scenarios, and testing command and control channels! In the Security News, how not to prevent a cyberwar with Russia, the...
Jun 22, 2019•3 hr 1 min
This week, we welcome Peter Smith, Founder and CEO of Edgewise, to talk about Edgewise's 1 Click Micro Segmentation! In the second segment, we welcome back Corey Thuen, Founder and CEO of Gravwell, to talk about security analytics using the new Sysmon DNS Logging that dropped this week! In the Security News, the rise of purple teaming, the World's largest beer brewer sets up a Cybersecurity team, a mystery signal shutting down key fobs in an Ohio neighborhood, why hackers ignore most security fl...
Jun 17, 2019•2 hr 59 min
In this episode of Paul's Security Weekly, we will talk with Paul Ewing of Endgame about how to close the 'breakout window' between detection and response, and hear about Endgame's recently announced technology, Reflex, that was built with customized protection in mind! In our second interview, we welcome back Amanda Berlin, CEO of Mental Health Hackers to talk about why its important to educate technology professionals about unique mental health risks faced by people in the field, and how we ca...
Jun 08, 2019•2 hr 45 min
This week, we welcome Eric Butash, Director of Digital Platforms at InnovateEDU, and Mike Klein, Professional Learning Coordinator at Highlander Institute, to talk about how important it is to teach good digital hygiene to the future generations of cybersecurity! In the second segment, we welcome Robert Graham, CEO of Errata Security, to take a deep dive on his tool rdpscan! In our third segment, we welcome David Boucha, Sr. Engineer at SaltStack, to talk about how Salt Open and SaltStack Enterp...
Jun 01, 2019•3 hr
This week, we welcome Matthew McMahon, Head of Security Analytics at Salve Regina University, to talk about Medical devices, Cybersecurity and Resilience, and Cybersecurity Training! In our second segment, we welcome Justin Murphy, Cloud Security Engineer at Cisco, to talk about DNS in the Security Architecture! In our final segment, Doug, Jeff, Patrick, and Lee give you the latest security news to talk about a Zero Day for Windows, the battle over Huawei with the US and Google, & unpatched ...
May 28, 2019•2 hr 21 min
This week, we welcome Julian Zottl, Cyber and Information Operations SME at Raytheon, to talk about defending against advanced adversaries! In the second segment, we welcome Federico Simonetti, CTO of Xiid Corporation, to talk about how to fix identity and access management! In the Security News, Singapore passes an anti-fake news law, WhatsApp Vulnerability Exploited to Infect Phones with Israeli Spyware, major security issues found in Cisco routers, and Microsoft Releases Security Updates to A...
May 18, 2019•2 hr 58 min
This week, we welcome back Lesley Carhart, Principal Threat Analyst at Dragos Inc., to talk about moving from IT security to OT security, DFIR in ICS, and more! In the second segment, we welcome Chris Sanders, Founder of Applied Network Defense & Director of the Rural Technology Fund, to talk about delivering high quality IT training and donating scholarships and equipment to further education in schools! In the Security News, the top 5 mistakes that create field days for hackers, WordPress ...
May 10, 2019•2 hr 55 min
This week, we welcome Philip Niedermair, CEO at the National Cyber Group, to discuss the National Cyber Education Program! In our second interview, we welcome back Josh Abraham, Staff Engineer at Praetorian, to talk about the MITRE attack framework for attackers! In the Security News, how Tenable experts found 15 flaws in wireless penetration systems, Julian Assange refused exfiltration to the US, PoC exploits for old SAP config flaws increase risk of attacks, and how 1.75 million dollars was st...
May 06, 2019•2 hr 42 min
This week, we welcome Haroon Meer, CEO and Researcher at our sponsor Thinkst, to talk about why hackers should create companies, and some of the technical details behind Thinkts' tool Canary! In the second segment, we welcome Gururaj Pandarangi, CEO and Co-Founder of Cloudneeti, to talk about how their SaaS product is delivering continuous cloud security and compliance assurance to businesses! In the Security News, serious vulnerabilities found in fujifilm x-ray devices, facebook could be fined ...
Apr 27, 2019•3 hr 19 min
Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirion’s rapidly-growing security platform. Merissa Villalobos is the North America Talent Acquisition Leader for NCC Group, a global security consulting firm and has been recruiting in security for 10 years. She got her start in Virginia, at a Federal Government contractor, filling roles for the intelligence community and various Government Agencies. Jessica Gulick leads Katzcy...
Apr 24, 2019•2 hr 44 min
This week, we welcome back Mary Beth Borgwing, President and Founder of of the Cyber Social Club, to talk about Uniting Women in Cyber! In the Technical Segment, we welcome back our friend Chris Brenton, Chief Operating Officer at Active Countermeasures, to discuss why threat hunting is the missing link between our protection tools and our response tools, and will take a deep dive into the AI Hunter! In the Security News, Attackers exploiting IMAP to bypass MFA on O365 and G-Suite accounts, Viet...
Apr 05, 2019•2 hr 31 min
This week, we welcome Marcus Carey, CEO and Founder of ThreatCare, to talk about Tribe of Hackers, a collection of industry, career, and personal insights from 70 cybersecurity professionals! In the Security News, WordPress plugin removed after zero day discovered, why you should change your facebook password NOW, threat hunting tips to improve security operations, hacked tornado sirens taken offline ahead of a major storm, and how a white hat hacker found a new bug class in Windows! In the fina...
Mar 25, 2019•1 hr 52 min
This week, we welcome Peter Smith, Founder and CEO of Edgewise to talk about the evolution of Zero Trust! In the Security News, New WordPress flaw lets unauthenticated remote attackers hack sites, Tesla allegedly spied on and ran a smear campaign on a whistleblower, Facebook and Instagram suffer most severe outage ever, a man drives 3,300 miles to talk to YouTube about a deleted video, and what do sexy selfies, search warrants, and tax files have in common? In the final segment, we air a pre rec...
Mar 18, 2019•3 hr 3 min
This week, we welcome Allan Liska, Senior Solutions Architect at our sponsor Recorded Future, to talk about Catching Up To The Hype w/ Threat Intelligence! In the second interview, we welcome David Marble, President and CEO at OSHEAN Incorporated, to talk about what to expect at at this years Rhode Island Cybersecurity Exchange Day! In the Security News, YouTube controversy on ALL fronts, Cisco SOHO wireless VPN firewalls and routers open to attack, Ring doorbell flaw opens door to spying, bot p...
Mar 02, 2019•3 hr 9 min
