Wednesday, October 27, 2021
The Security Ledger

Spotlight: Automation Beckons as DevOps, IoT Drive PKI Explosion

Brian Trzupek of DigiCert joins Paul to talk about the findings of a recent State of PKI Automation survey and the challenges of managing fast-growing population of tens of thousands of PKI certificates. The post Spotlight: Automation Beckons as DevOps,...
The Security Ledger

Episode 228: CISA’s Eric Goldstein and the Challenge of Being Everyone’s Friend in Cyber

Eric Goldstein, Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA), says the agency is all about helping companies and local government to keep hackers at bay. But are organizations ready to ask for help?...
The Security Ledger

Episode 228: CISA’s Eric Goldstein on being Everyone’s Friend in Cyber

Eric Goldstein, Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA), says the agency is all about helping companies and local government to keep hackers at bay. But are organizations ready to ask for help?...
The Security Ledger

Spotlight: COVID Broke Security. Can We Fix It In 2022?

In this Spotlight Podcast, Pondurance Founder and Chief Customer Officer Ron Pelletier gives us his predictions about the security trends that will shape 2022. The post Spotlight: COVID Broke Security. Can We Fix It In 2022? appeared first on The Security Ledger with Paul...
The Security Ledger

Episode 227: What’s Fueling Cyber Attacks on Agriculture ?

In this episode of the podcast (#227) we speak with Allan Liska, the head of the CSIRT at the firm Recorded Future. about the spate of attacks in recent months targeting food processing plants, grain cooperatives and other agriculture...
The Security Ledger

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson appeared first on The Security Ledger with Paul F. Roberts. Click the icon below...
The Security Ledger

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison appeared first on The Security Ledger with Paul F. Roberts. Click the icon below...
The Security Ledger

Spotlight: When Ransomware Comes Calling

With the attention given to the threats posed by ransomware, why do organizations still fall victim to these attacks? Max Henderson, the Manager of Incident Response at Pondurance joins us to talk about what companies get wrong in responding...
The Security Ledger

Spotlight: Is There A Cure For InfoSec’s Headcount Headache?

In this Spotlight Podcast, Lyndon Brown, the Chief Strategy Officer at Pondurance joins host Paul Roberts to talk about how changes in both the threat landscape and the workplace are driving demand for managed detection and response (MDR) services,...
The Security Ledger

Episode 226: The Cyber Consequences Of Our Throw Away Culture

We speak with John Shegerian of ERI about his new book: “The Insecurity of Everything” and how our e-waste may be exposing sensitive data to other nations. The post Episode 226: The Cyber Consequences Of Our Throw Away Culture appeared...
The Security Ledger

Spotlight: Securing COVID’s New Normal with Cathy Spence of Intel

In this Spotlight Podcast, Intel Senior Principle Engineer Cathy Spence joins me to talk about how COVID 19 has forged a new normal and shifted enterprise security battle lines. As always,  you can check our full conversation in our latest...
The Security Ledger

Episode 225: Unpacking the Azure CHAOS DB Flaw with Nir Ohrfeld of Wiz

We’re joined by Nir Ohfeld of Wiz. Nir helped discover the recent CHAOS DB flaw in Azure COSMOS DB, the flagship database for Microsoft’s Azure cloud platform. The post Episode 225: Unpacking the Azure CHAOS DB Flaw with Nir Ohrfeld...
The Security Ledger

Episode 225: Unpacking the Azure CHAOS DB Flaw with Nir Ohfeld of Wiz

We’re joined by Nir Ohfeld of Wiz. Nir helped discover the recent CHAOS DB flaw in Azure COSMOS DB, the flagship database for Microsoft’s Azure cloud platform. The post Episode 225: Unpacking the Azure CHAOS DB Flaw with Nir Ohfeld...
The Security Ledger

Spotlight: E-Commerce’s Bot and Mouse Game

In this Spotlight podcast we’re joined by Benjamin Fabre of DataDome to discuss the evolving risks to organizations as e-commerce shifts from web pages to mobile applications and APIs. The post Spotlight: E-Commerce’s Bot and Mouse Game appeared first on...
The Security Ledger

Episode 224: Engineering Trust In The Cyber Executive Order

In this spotlight edition of the podcast, sponsored by Trusted Computing Group* Thomas Hardjono and Henk Birkholz join us to talk about President Biden’s Cyber Executive Order and how the EO’s call for increasing trust in federal IT systems is...
The Register

China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks

FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…
SecurityWeek

150 People Arrested in US-Europe Darknet Drug Probe

Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday. read more

Free Tool Helps Security Teams Measure Their API Attack Surface

Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.

North Korea's Lazarus Group Turns to Supply Chain Attacks

State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.