Saturday, January 19, 2019


Security. Some assembly required. Security is HARD, and ‘real security’ is a compromise between usability and security while knowing you’re still accepting risk. This podcast alternates between interesting interviews and news analysis every other week – tune in, subscribe and join the conversation on REAL security issues relevant to your enterprise.

DtSR Podcast

DtSR Episode 330 – Biometrics for Authentication

This week, James and I sit down to discuss biometric authentication and some of the FUD around ways it can be broken. This ends pretty much the way you think it does.   Highlights from this week's show include......
DtSR Podcast

DtSR Episode 329 – Volunteering Your Career

This week, on the DtSR Podcast recorded way too early on a Monday morning, we talk volunteering in InfoSec with Kathleen Smith. Kathleen is the CMO of and - and she recently ran a volunteerism survey (link: you...
DtSR Podcast

DtSR Episode 328 – Who Who Who Are You

This week, James and Rafal welcome in 2019 with a look at the fundamentally fatalistic argument that "everyone gets hacked" - with Richard Bird. They discuss whether that's even a valid statement, and if so, what can we do...
DtSR Podcast

DtSR Episode 327 – Experienced Security Leadership

This week James is back on the microphone with Rafal as they interview 2 industry veterans to talk about the right approach to security leadership, and developing that talent pool. We talk to Yaron and Setu to get a...
DtSR Podcast

DtSR Episode 326 – MidMarket Security

This week, go down the security rabbit hole with someone who has been working on security in the mid-market (likely the kind of company you work at, statistically) for a long time. Bob has some great lessons learned and...
DtSR Podcast

DtSR Episode 325 – A CISO at AWS reInvent 2018

In another episode LIVE'ish from AWS re:Invent 2018 I catch perennial favorite and long-time friend Dustin Wilcox as he wandered the vendor show floor. Highlights from this week's show include... Raf asks Dustin the obvious question - what's a CISO...
DtSR Podcast

DtSR Episode 324-1 – AWS reInvent 2018 Delivering Security

At day 2 of re:Invent 2018 I tracked down Arash Marzban, Armor's head of product to talk about his stage session and where the market is going for security - at a developer/builder focused cloud conference. This short conversation...
DtSR Podcast

DtSR Episode 324 – AWS reInvent 2018 Preamble

This episode of the Down the Security Rabbithole Podcast is sponsored in part by Armor Cloud Security. Go check us out at!   This week's show is a multi-part release from AWS re:Invent 2018. We sit down with...
DtSR Podcast

DtSR Episode 323 – Security of a Global Enterprise

On episode 323, Richard Rushing (aka the "Security Ninua") joins us to talk about being the CISO of a global organization, and multi-national enterprise.   Highlights from this week's show include... Richard talks to us about his background We...
DtSR Podcast

DtSR Episode 322 – The Ethics of Cyber Security Panel

This week #DtSR tackles the topic no one else wants to - ethics in cybersecurity. There are a lot of things to be said, so rather than writing them down here, go listen to the episode. Repeatedly. Highlights from...
DtSR Podcast

DtSR Episode 321 – Putting Threats In Perspective

** Go Vote ** Do your civic duty, and go vote. Heck, while you're standing in that long line to vote, listen to the podcast, we're not picky. This week, Rob Graham joins Rafal and James (who's back!) to...
DtSR Podcast

DtSR Episode 320 – Specializing in Forensics

This week, James Habben joins me in studio for what turns out to be an introspective walk through the evolving world of forensics.   Highlights from this week's show include... James gives us some background on how he got...
DtSR Podcast

DtSR Episode 319 – Striking Out On Your Own

This week, my good friend and entrepreneur Rock Lambros (of the newly formed Rock Cyber) joins me to talk about getting the itch to go out on your own and actually doing it. Many of us have thought about...
DtSR Podcast

DtSR Episode 318 – War, Cyber and Policy

This week the DtSR podcast tackles one of the thornier issues going around in the news. As the accusations of Russsian hacking continue to mount, international leaders are speaking out and making bold statements that impact policy on a...
DtSR Podcast

DtSR Episode 317 – Protecting Higher Education

While James is away, Raf will podcast all day ...or something like that.   Highlights from this week's show include: Bill talks about what it's like to jump into a higher education system and try and play defense We...

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more