S05E12: Open Source Security at Scale
In this episode, PhoneBoy talks about the challenges with ensuring security with open-source software , which is in many products and services you use today.
Episodes
CheckMates Go: Cyber Security Podcast from Check Point
Learn about Cyber Security topics through brief, informal conversations with experts from Check Point. Topics include: Incident Response, Customer Success Stories, Cyber Security Trends and Technologies.
Episodes
S05E11: Work Multiplier
In this episode, PhoneBoy talks with Aaron Brongersma about his exploration of AI tools, the issues with data residency and AI, the societal issues with AI, AI as a Service, and a few words about Quantum SASE.
S05E10: Blockchain Security FAQs
Some questions and answers around Blockchain Security from our TechTalk on Blockchain Security.
S05E09: The Altavista of Large Language Models
PhoneBoy talks to Adam Gray, CTO of Novacoast about how ChatGPT is used by threat actors to compromise systems, the GPT-4 System Card , where ChatGPT seems to be useful in general with respect to cyber security, ChatGPT writing legal briefs , what early search engines and ChatGPT have in common, and how the more some things change, the more they stay the same....
S05E08: Blockchain Security Issues and Trends
A discussion between Check Point's Chief Strategy Officer Itai Greenberg and Idan Levin, Partner at Collider Ventures about the security trends related to blockchain security.
S05E07: A Step in the Wrong Direction
In this episode, PhoneBoy talks to Adam Gray, CTO of Novacoast to discuss some of what he's seen as part of their MSSP operations, including Living off the Land attacks, how AI is being actively used to exploit vulnerabilities, mobile security, CIS Controls , browser extensions, the data modern cars collect and share , password managers being a source of compromise , biometrics, why organizations use MSSPs like Pillr , automation and orchestration, vulnerability management, and Windows XP s...
S05E06: Shadow Access in the Cloud
In this episode, I talk about how over-provisioning identities in the cloud leads to "shadow access" by malicious actors...and what you can do about it. Eight Key Success Factors for Cloud-Native Application Protection (CNAPP) CloudGuard Cloud Native Application Protection Platform...
S05E05: RogueGPT
In this episode, PhoneBoy talks about some of the more rogue uses of GPT-like tools. ChatGPT generates 'convincing' fake scientific article 'DarkBERT' GPT-Based Malware Trains Up on the Entire Dark Web The WormGPT case: How Generative artificial intelligence (AI) can improve the capabilities of cybercriminals and allows them to launch sophisticated attacks Lowering the Bar(d)? Check Point Research’s security analysis spurs concerns over Google Bard’s limitations...
S05E04: Have An Opinion
In this episode, PhoneBoy talks with Aaron Brongersma about the challenges of ensuring your code is secure, particularly when people who traditionally haven't written code are having to do so to leverage certain technologies like ChatGPT. VSCode Security: Malicious Extensions Detected- More Than 45,000 Downloads- PII Exposed, and Backdoors Enabled...
S05E03: DNS Attacks
Ralph Bonnell did a great session on DNS as a CheckMates TechTalk. You can access the materials (including some Q&A) here .
S05E02: CheckMates GPT
In this episode, PhoneBoy covers a few recent stories related to the legal and cybersecurity issues related to generative AIs such as ChatGPT. Highly effective responses to the alarming democratization of AI Breaking GPT-4 Bad: Check Point Research Exposes How Security Boundaries Can Be Breached as Machines Wrestle with Inner Conflicts Authors Accuse OpenAI of Using Pirate Sites to Train ChatGPT...
S05E01: ChatGPT, AI, and the Evolving Threat Landscape
Cyber Security Evangelist Ashwin Ram talks about ChatGPT in the context of Artificial Intelligence and the Evolving Threat Landscape. Full TechTalk: https://community.checkpoint.com/t5/General-Topics/AI-and-the-Evolving-Threat-Landscape-TechTalk-Video-Slides-and-Q/m-p/181992/highlight/true#M30319
S04E12: Purple Monday Androids in Canada
Another series of headlines from our friends at CyberTalk.org What is purple teaming and why is it useful? One easy way to secure your Android 6 simple & straightforward Cyber Monday fraud prevention tips Canada advances cyber security via Indo-Pacific Strategy...
S04E11: Just Another New Buzzword
Second in a series on business data and how organizations can protect it. Mazhar Hamayun is a Security Engineer with Check Point and a member of the Office of the CTO who covered this topic on CyberTalk.org. We discuss some of his tips in this episode. The book I mentioned in this section: Building Internet Firewalls 2nd Edition ....
S04E10: Passwords, Phishing, and Passkeys, Oh My!
Some articles from our friends at CyberTalk.org about passwords, phishing, and passkeys. 20 Password Management Best Practices 10 Signs of Phishing for Anyone Who Champions Security 5 Steps to Mitigate Credential Exposure Risks This is How We Will Replace Passwords in the Near Future…...
S04E09: Digital Droppings
First of a series on business data and how organizations can protect it. Mazhar Hamayun is a Security Engineer with Check Point and a member of the Office of the CTO who covered this topic on CyberTalk.org. We begin the series by discussing what business data is, where it might reside, who might want it that shouldn't, and why....
S04E08: CyberTalk Headlines
Some recent headlines from our friends at CyberTalk.org : FOMO on the latest cyber security tech? 8 mistakes CIOs make and how to avoid them American Airlines learns breach caused by phishing Adware installed 13 million times + how to uninstall it...
S04E07: Protect Yourself
Part 2 of my conversation with Cyber Security Evangelist Eddie Doyle about how organizations can create a culture of cyber security that goes beyond just the technical people, and it's easier than you think! Miller's Law
S04E06: Cybertalk Headlines
From our friends at CyberTalk.org : How to prevent sneaky zero day attacks on fleets of smartphones CISO’s Guide to Mobile Security Hackers could crash power grids, but they’re mostly after… 10 mind-boggling cyber security statistics (and they might scare you) 7 actionable CISO strategies for effective executive-level communication...
S04E05: This Is Not Training
PhoneBoy talks with Cyber Security Evangelist Eddie Doyle about how organizations can create a culture of cyber security that goes beyond just the technical people, and it's easier than you think!
S04E04: CISO Headlines
Some recent CISO-focused headlines from our friends at CyberTalk : 5 key traits of highly effective CISOs 6 different types of CISOs and the environments they thrive in Zero Trust Segmentation: A primer for CISOs...
S04E03: Not Affiliated With Us
Part 2 of 2 of our conversation with Check Point Evangelist Mark Ostrowski about how to protect yourself from the threats out there today. Full TechTalk here: https://community.checkpoint.com/t5/Threat-Prevention/Malware-2021-to-Present-Day-Building-a-Preventative-Cyber/m-p/152918#M4011
S04E02: Cyber Talk Headlines
We're going to try something a little different with PhoneBoy reading and commenting on a few articles from CyberTalk.org . If you like this format, let us know by commenting! Links: SmokeLoader distributes Amadey malware, what you need to know Xiaomi Phone Bug, Payment Forgery Researching Xiaomi's TEE to get Chinese Money Healthcare Payer CISO Shares Real World Insights MailChimp Breach Exposes Email Addresses and Callback Phishing 10 Key Facts About Callback Phishing Attacks...
S04E01: Malware Rising
Part 1 of 2 with Check Point Evangelist Mark Ostrowski on the state of malware over the last 18 months or so. Full TechTalk here: https://community.checkpoint.com/t5/Threat-Prevention/Malware-2021-to-Present-Day-Building-a-Preventative-Cyber/m-p/152918#M4011
S03E21: It Starts With Data
Part 3 of my conversation with Adam Gray at Novacoast about what powers NovaSOC .
S03E20: The One Prince Charles Fancies
PhoneBoy and fellow Cyber Security Evangelist Grant Asplund talk about the current state of the workplace in the era of Covid and some stories of pre-Covid business travel.
S03E19: The Things They're Missing
Part 2 of PhoneBoy's conversation with Adam Gray at Novacoast about Incident Response, Remote Access, and the challenges of doing cyber security in a distributed world.
S03E18: Next Generation is So 1999
Part 2 of PhoneBoy's conversation with fellow Cyber Security Evangelist who hosts the CISO's Secrets podcast as well as the Talking Cloud podcast. We talk a little bit about MetaInfo, a company Check Point acquired in 1998, and a bit more technology history that is still impacting cyber security today. That diagram from 1997 mentioned in the show is on the CheckMates post for this episode ....
S03E17: Fun With Browser Extensions
PhoneBoy talks with Adam Gray, a founding and current member of the Board of Directors of Novacoast . We talk a bit about the early days of Cyber Security, how that led to the NovaSOC offering, then a bit about the potential security issues with browser extensions.
S03E16: He's No Gilligan
PhoneBoy talks with fellow Cyber Security Evangelist Grant Asplund, host of the CISO's Secrets podcast as well as the Talking Cloud podcast. Grant's got quite an interesting history, which we get into in this episode, talking his history opening up an Apple dealer back in the 1980s and what networking looked like back then.