Tuesday, September 25, 2018
DtSR Podcast

DtSR Episode 315 – Women in Cybersecurity-Mary Cheney

On this episode of the Down the Security Rabbithole Podcast, Mary Cheney joins us fresh off her talk to the North Texas ISSA Women in Security group. She has such a colorful background and such great stories to tell...

2018-034-Pentester_Scenario

Interesting email from one of our listeners. Detailing an issue that came up on a client engagement. We walk through best ways to store information post-engagement, and what you need to do to document test procedures so you don't...
The Shared Security Podcast

Mobile Phone Call Scams, Pegasus Mobile Spyware, Newegg Data Breach – WB35

This is the Shared Security Weekly Blaze for September 24, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions and Silent Pocket.  This episode was hosted by Tom Eston. Listen to this episode and previous ones...
SANS ISC

ISC StormCast for Monday, September 24th 2018

Odd DNS Requests from Firewalls https://isc.sans.edu/forums/diary/Suspicious+DNS+Requests+Issued+by+a+Firewall/24128/Securing API Connections https://isc.sans.edu/forums/diary/The+danger+of+sending+information+for+API+consumption+without+adequate+security+measures/24130/Microsoft JET
Open Source Security Podcast

Episode 115 – Discussion with Brian Hajost from SteelCloud

Josh and Kurt talk to Brian Hajost from SteelCloud about public sector compliance. The world of public sector compliance can be confusing and strange, but it's not that bad when it's explained by someone with experience.
Purple Squad Security

Episode 40 – Tabletop D&D With Rally Security

It’s that time again!  With milestone episode 40, we have another Tabletop D&D episode for you to enjoy!  This time around we are joined by a few members of the Rally Security podcast to face some scenarios and see...
The Cyber Jungle

The CyberJungle Episode404: * PFIC2018: EXCLUSIVE – Chet Hosmer, Python Forensics * PFIC2018: EXCLUSIVE – Greg Kipper, Paraben Forensics * US/State/Local Government payment web portals breached * DarkWeb:...

Sep 22, 2018: * PFIC2018: EXCLUSIVE - Chet Hosmer, Python Forensics * PFIC2018: EXCLUSIVE - Greg Kipper, Paraben Forensics * US/State/Local Government payment web portals breached * DarkWeb: Social engineers targeting infosec pros ...
Security Weekly

An Infinite Door – Paul’s Security Weekly #576

This week, Paul interviews Mike Ahmadi, Global Director of IoT Security Solutions at DigiCert! Apollo Clark delivers the Technical Segment on Threat Hunting in the Cloud! In the Security News this week, Senate can't protect senators staff from Cyber...
The CyberWire Podcast

ICS honeypots attract sophisticated snoops. — Research Saturday

Researchers at security firm Cybereason recently set up online honeypots to attract adversaries interested in industrial control system environments. It didn't take long for sophisticated attackers to sniff out the virtual honey and start snuffling around. Ross Rustici is...

Weekly Update 105

Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech FabricIt's another day-late weekly update courtesy of another hectic week. Scott and I were at NDC Sydney doing a bunch of talks and other events and...

Podcast: Two Billion IoT Devices Still Vulnerable to BlueBorne Bug

Up to two billion devices are still vulnerable to the BlueBorne IoT attack - and may not ever get a patch.
The CyberWire Podcast

US National Cyber Strategy. New sanctions. GCHQ beefs up Russia unit. Cryptocurrency heist. Hacking Senatorial Gmail. Crime and punishment.

In today's podcast, we hear about the US national cyber security strategy, and developing international norms, calling out bad actors, establishing a credible deterrent, and imposing consequences are important parts of it. The State Department blacklists thirty-three Russian bad...
SANS ISC

ISC StormCast for Friday, September 21st 2018

Hunting for Suspicious Processes with OSSEC https://isc.sans.edu/forums/diary/Hunting+for+Suspicious+Processes+with+OSSEC/24122/NSSLabs Sues Crowdstrike, Symantec,
risky.biz

Risky Business feature: iOS exploits just got a lot more expensive

We’re going to be talking to two people in this podcast and the topic is, for the most part, the introduction of pointer authentication on the latest Apple iPhones. This is a development that flew under the radar of...
The CyberWire Podcast

Magecart is back. Bad apps booted from Google Play. OilRig taken seriously. Election influence operations. Sending in the National Guard. ICO fines Equifax for last year’s breach.

In today's podcast, we hear that Magecart has hit a Philippine media conglomerate. Bogus (and malicious) financial apps are ejected from Google Play. Gulf states are taking warnings about Iran's OilRig seriously. A cloud hosting service serves up phish. Taiwan believes China is...
Security Weekly

Tick That Box – Enterprise Security Weekly #107

This week, Doug White and Matt Alderman talk about Big Time IT Audit Mistakes in the Enterprise! In the Enterprise News this week, Cisco aims to make security foundational throughout Its business, Fidelis looks to grow cyber-security platform, how...
SANS ISC

ISC StormCast for Thursday, September 20th 2018

Adobe Releases Special Patch for Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb18-34.htmlAkamai State
Smashing Security

096: Bribing Amazon staff, and blinking deepfakes

Amazon staff are being bribed to delete negative reviews and leak data, deepfakes are getting more dangerous, an update on John McAfee's bitcoin bet, and our guest gets a shock... All this and much much more is discussed in the...
7 minute security

7MS #328: How to Succeed in Business Without Really Crying – Part 5

This episode is a cavalcade of fun! Why? First, I've got a big announcement: I've accepted a new position. "What?!" exclaimed my mom. "I thought you were president of 7MS, what the what?" No worries, it's...
The CyberWire Podcast

State Department cybersecurity issues. Iron Group’s pseudoransomware. Bristol Airport’s deliberate recovery. State of cryptojacking. Facebook offers campaigns help. US cyber strategy. Mirai masters.

In this podcast, we hear that the US State Department has acknowledged an email breach. The criminal gang Iron Group is hitting targets with data-stealing and data destroying pseudoransomware. Bristol Airport continues its slow recovery from whatever hit a...

Breach at US Retailer SHEIN Hits Over Six Million Users

Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers. The women’s clothing company revealed at the end of last week that...
The Register

Bug? Feature? Power users baffled as BitLocker update switch-off continues

Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
ZDNet

UK issues first-ever GDPR notice in connection to Facebook data scandal

Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
SecurityWeek

Symantec Completes Internal Accounting Investigation

Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements. read more

Are Colleges Teaching Real-World Cyber Security Skills?

The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...