In the Security News, the US government issues a light aircraft cyber alert, thieves steal a laptop with 30 years of Data from University of Western Australia, RCE is possible by exploiting flaws in Vxworks, and the alleged Capital One hacker is barely bothered to hide! Full Show Notes: https://wiki.securityweekly.com/Episode614 Visit https://www.securityweekly.com/psw for all the latest episodes!...
Talk about the way Signal Sciences is implemented, especially in the container world. Where we sit in the stack for protection of the web apps in those containers and common first things identified after install (Attack Scanners, Injection Attacks, actionable anomalies like 404 or 500 errors). Finally do a short demo walking through installing Signal Sciences in a Kubernetes environment and the Signal Sciences dashboard. To learn more about Signal Sciences, visit: https://securityweekly.com/sign...
Sam Straka is the Technical Product Manager at LogRhythm, and he will be talking about the movement of their market to the Cloud, how LogRhythm is innovating in that area, and why total cost of ownership is important when looking at a SIEM platform. To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm Full Show Notes: https://wiki.securityweekly.com/Episode614 Visit https://www.securityweekly.com/psw for all the latest episodes!...
In the Security News, a phishing scheme that targets AMEX cardholders, the list of labs affected by the American Medical Collection Agency data breach continues to grow, a Silk Road drug dealer gets caught converting Bitcoin to cash, how GDPR is forcing the tech industry to rethink Identity Management and Authentication, and a Mirai-Like botnet wages massive application layer DDoS attack! Full Show Notes: https://wiki.securityweekly.com/Episode613 Visit https://www.securityweekly.com/psw for all...
Troels Oerting is the Head of the Global Centre for Cybersecurity established by World Economic Forum in 2018. Troels talks about Security, Privacy, Integrity through Prevention, Protection and Prosecution via People, Tech and Processes. Full Show Notes: https://wiki.securityweekly.com/Episode613 Visit https://www.securityweekly.com/psw for all the latest episodes!
Murray Goldschmidt is the COO & Co-founder of Sense of Security. Murray talks about the Intro to Sense of Security, DDoS in 2019, New trends, and How to address these issues! Full Show Notes: https://wiki.securityweekly.com/Episode613 Visit https://www.securityweekly.com/psw for all the latest episodes!
Slack Resets User Passwords After 2015 Data Breach, Hacker Breached Sprint Customer Accounts Through Samsung Website, Why 72% of people still recycle passwords Why 100% of Security Weekly hosts drink, A.I. has a bias problem and that can be a big challenge in cybersecurity I'll bet some of us agree with this and some disagree. Why? Bias., and much more! Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.securityweekly.com/psw for all the latest episodes!...
Topics being discussed: Vulnerability Management, Patching, Asset Management, and System Hardening. Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.securityweekly.com/psw for all the latest episodes!
Katie Nickels is the ATT&CK Threat Intelligence Lead at MITRE Corporation. MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.secu...
In the Security News, Zoom's RCE Vulnerability is affecting over 700,000 companies, how YouTube is trying to ban hacking videos, 1TB of police body cam footage is available online, and how the US Cyber Command warns of Outlook flaw exploited by Iranian Hackers! Full Show Notes: https://wiki.securityweekly.com/Episode611 Follow us on Twitter: https://www.twitter.com/securityweekly...
Growth of account takeover and how to prevent it Data breaches continue to threaten organizations and expose usernames and passwords on the Dark Web, enabling fraudsters to use stolen data to access a user s existing account, tips to protect against account takeover. Full Show Notes: https://wiki.securityweekly.com/Episode611 Follow us on Twitter: https://www.twitter.com/securityweekly...
Ben has been working in technology and development for over 20 years. He spent 13 years doing defense in the medical industry before moving over to the offense. He uses his knowledge of defense in order to refine his offensive skills and then uses this knowledge to equip customers with a better understanding of defensive methodologies. To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode611 Follow us on Twitter: htt...
Nearly 100 drivers following Google Maps detour get stuck in muddy field, Breach at Cloud Solution Provider PCM Inc., Inside the West s failed fight against China s Cloud Hopper hackers, Mozilla fixes second Firefox zero-day, Trump story. More stories and links here: https://wiki.securityweekly.com/Episode610 Follow us on Twitter: https://www.twitter.com/securityweekly...
Kathleen Smith is the CMO at CyberSecJobs.Com/ClearedJobs.Net. We all have cool tools, but not necessarily the best ones for career search or professional development. Why is it so hard? Many of the resources are at our fingertips, we just are using them or are too scared to reach for them. Slides: https://www.slideshare.net/CyberSecJobs/cyber-security-community-volunteering-survey-results-2018 Links to more slides here: https://wiki.securityweekly.com/Episode610 Follow us on Twitter: https://ww...
Don Pezet will be discussing the new CySA+ and PenTest+ certs that ITProTV has to offer! Don has been working in the IT industry for more than 18 years and in training for more than 12 years. He is the co-founder of ITProTV. Don is certified by many vendors including Microsoft and Cisco. To learn more about ITProTV, visit: https://securityweekly.com/itprotv Full Show Notes: https://wiki.securityweekly.com/Episode610 Follow us on Twitter: https://www.twitter.com/securityweekly...
In the Security News, how not to prevent a cyberwar with Russia, the case against knee-jerk installation of Windows patches, U.S. customs and Border Protection data breach is the result of a supply chain attack, and a phishing scam that hacks 2 factor authentication! Full Show Notes: https://wiki.securityweekly.com/Episode609 Follow us on Twitter: https://www.twitter.com/securityweekly...
We welcome back Bryson Bort, who is the Founder/CEO of GRIMM. Bryson will be talking about Purple Teaming, Top Attack Simulation Scenarios, and Testing Command & Control Channels. To learn more about SCYTHE, visit: https://securityweekly.com/scythe Full Show Notes: https://wiki.securityweekly.com/Episode609 Follow us on Twitter: https://www.twitter.com/securityweekly...
We interview Vivek Ramachandranis the Founder & CEO of Pentester Academy. Pentester Academy, our AttackDefense Labs platform and other topics. Vivek will show a demo of their AttackDefense labs. We also have a free community security for your users to try out without requiring a subscription or credit card. Full Show Notes: https://wiki.securityweekly.com/Episode609 Follow us on Twitter: https://www.twitter.com/securityweekly...
In the Security News, the rise of purple teaming, the World's largest beer brewer sets up a Cyber-security team, a mystery signal shutting down key fobs in an Ohio neighborhood, why hackers ignore most security flaws, and warnings of real world-wide worm attacks are the real deal! Full Show Notes: https://wiki.securityweekly.com/Episode608 Follow us on Twitter: https://www.twitter.com/securityweekly...
We welcome back Corey Thuen, Founder and CEO of Gravwell, to talk about security analytics using the new Sysmon DNS logging that dropped this week! To get involved with Gravwell, visit: https://securityweekly.com/gravwell Full Show Notes: https://wiki.securityweekly.com/Episode608 Follow us on Twitter: https://www.twitter.com/securityweekly...
Peter Smith, Edgewise Founder and CEO, is a serial entrepreneur who built and deployed Harvard University’s first NAC system before it became a security category. Peter comes on the show to talk about Edgewise's 1 click microsegmentation! To get involved with Edgewise, visit: https://securityweekly.com/edgewise Full Show Notes: https://wiki.securityweekly.com/Episode608 Follow us on Twitter: https://www.twitter.com/securityweekly...
In the Security News, SalesForce bans customers from gun sales, what is your iPhone talking to overnight, Office retires support for old Android versions, and really how likely are weaponized cars?! Full Show Notes: https://wiki.securityweekly.com/Episode607 Follow us on Twitter: https://www.twitter.com/securityweekly
We welcome back Amanda Berlin, CEO of Mental Health Hackers to talk about why its important to educate technology professionals about unique mental health risks faced by people in the field, and how we can provide them with the proper support services to help! Full Show Notes: https://wiki.securityweekly.com/Episode607 Follow us on Twitter: https://www.twitter.com/securityweekly...
In this episode of Paul's Security Weekly, we will talk with Paul Ewing of Endgame about how to close the 'breakout window' between detection and response, and hear about Endgame's recently announced technology, Reflex, that was built with customized protection in mind. To learn more about Endgame, visit: https://securityweekly.com/endgame Full Show Notes: https://wiki.securityweekly.com/Episode607 Follow us on Twitter: https://www.twitter.com/securityweekly...
In the security news, giving you the latest on thousands of infected servers from a cryptojacking campaign, an open letter to the GCHQ calling out spy agencies, and a new vulnerability that makes you WannaCry! Full Show Notes: https://wiki.securityweekly.com/Episode606 Follow us on Twitter: https://www.twitter.com/securityweekly
David Boucha is a Sr. Engineer at SaltStack. David will be talking about how Salt Open and SaltStack Enterprise can help you automate your infrastructure including servers (cloud, on-prem, virtual), network devices, and endpoints. From "day 0" provisioning to "day n" configuration drift management and compliance management, Salt can scale to automate all the most difficult and frustrating tasks. To learn more about SaltStack, visit: https://securityweekly.com/saltstack Full Show Notes: https://w...
Paul Asadoorian and Robert Graham from Errata Security show you how to search for the BlueKeep vulnerability, or CVE-2019-0708, that has been affecting hundreds of thousands of systems! Full Show Notes: https://wiki.securityweekly.com/Episode606 Follow us on Twitter: https://www.twitter.com/securityweekly
Eric Butash and Mike Klein from Highlander Institute, join us on the show to talk about, what schools are doing to protect Student Data?, how do we teach our student the importance of good digital hygiene if we don't have the proper education in place?, what is Digital Citizenship, and how is the Privacy playing a roll in our always-on youth? Full Show Notes: https://wiki.securityweekly.com/Episode606 Follow us on Twitter: https://www.twitter.com/securityweekly...
In our final segment, Doug, Jeff, Patrick, and Lee give you the latest security news to talk about a Zero Day for Windows, the battle over Huawei with the US and Google, & unpatched hardware and companies tripping themselves up! Full Show Notes: https://wiki.securityweekly.com/Episode605 Follow us on Twitter: https://www.twitter.com/securityweekly
In our second segment, we welcome Justin Murphy, Cloud Security Engineer at Cisco, to talk about DNS in the Security Architecture! Full Show Notes: https://wiki.securityweekly.com/Episode605 Follow us on Twitter: https://www.twitter.com/securityweekly
