Saturday, June 25, 2022

DtSR

Security. Some assembly required. Security is HARD, and ‘real security’ is a compromise between usability and security while knowing you’re still accepting risk. This podcast alternates between interesting interviews and news analysis every other week – tune in, subscribe and join the conversation on REAL security issues relevant to your enterprise.

DtSR Podcast

DtSR Episode 505 – Reflections on RSA Conference 2022

Prologue RSA Conference 2022 has come and gone. Rafal was there for all the circus and madness, and sits down with James to discuss what was seen and heard. Also, you'll get some clips in here from some of...
DtSR Podcast

DtSR Episode 504 – DNS Turns 40

Prologue In this RSA conference-themed episode, I bring on Jonathan Barnett from OpenText to discuss DNS turning 40 years old. Yeah, it was originally invented in 1983 y'all. As DNS turns 40, some of the lingering problems are getting...
DtSR Podcast

DtSR Episode 500 – Looking Back to Look Forward in Tech – Part 3

Prologue This is a bonus episode for the Episode 500 live-stream we did. I brought together Crowdstrike, OpenText, and Netskope technologists to talk about the technology they've worked with over the last 10 years, where it stands today, and what the future...
DtSR Podcast

DtSR Episode 503 – Blowing Up Your Cloud (Permissions Structure)

Prologue This week, we talk about the cloud in a different way than we have previously. We discuss "blast radius" with regard to vast numbers of roles and permissions inside of a public cloud infrastructure. The numbers are staggering...
DtSR Podcast

DtSR Episode 502 – Why Can't Gov Figure Out Supplier Security

Prologue CMMC may be something you know nothing of, but if you're a government contractor, or work with government contractors of the DIB - you're probaby alll too familiar. For some, it's hell. For the rest, it's mostly insane....
DtSR Podcast

DtSR Episode 501 – Netskope's Bad SaaS Report

Prologue This week, on the first post-500 episode, we welcome Netskope's Ray Canzanese to talk about the Cloud & Threat Report they just published ( https://www.netskope.com/netskope-threat-labs/cloud-threat-report ) which has some interesting bits in it. Ray discusses the details...
DtSR Podcast

DtSR Episode 500 – Looking Back to Look Forward – Part 2

Prologue - Part 2 of 2 First - thank you to everyone who listens to this show, shares it, and has left us a review. You all are the reason these past 500 episodes got published, and why this...
DtSR Podcast

DtSR Episode 500 – Looking Back to Look Forward – Part 1

Prologue - Part 1 of 2 First - thank you to everyone who listens to this show, shares it, and has left us a review. You all are the reason these past 500 episodes got published, and why this...
DtSR Podcast

DtSR Episode 499 – Four Hundred Ninety Nine and Counting

Prologue Friends and colleagues - I want to thank you from the bottom of my heart. It almost brings me to tears that over the last 11 years you've been sharing, downloading, and talking about this little thing I...
DtSR Podcast

DtSR Episode 498 – Living in the Tornado

Prologue Super pumped this week to have James Azar on the show. James hosts a collection of podcasts including one I try to catch as often as possible - https://www.linkedin.com/company/cyberhubpodcast/. We cover a lot of ground, but you'll walk...
DtSR Podcast

DtSR Episode 497 – Security Buzzword Bingo

Prologue This week, as we approach episode 500 and the extravaganza that it will be, James and I welcome my personal friend and all-around wonderful marketing dude, Russell Wurth. We joke about what's wrong with cyber-security, and why it's...
DtSR Podcast

DtSR Episode 496 – How to Win Friends and Influence CISOs

Prologue Have you noticed that the relationship between buyer and seller, or more precisely, between CISO and seller is... eh ... tenuous lately? OK, maybe it's a lot worse than that in some cases. Why is that? How did...
DtSR Podcast

DtSR Episode 495 – Analyzing Russia's Offensive Cyber Ops

Prologue This week, as Vladimir Putin's Russia continues to commit war crimes and genocide against the people of Ukraine, DtSR gathered a panel of experts to discuss and dissect the threat of a Russian-based cyber offensive against the west....
DtSR Podcast

DtSR Episode 494 – Forensics The Art of the Science Plus a Cat

Prologue Special thanks on this episode to OpenText for bringing Mike to us on this show. What a fantastic conversation about the state of forensics and a little bit of reminiscing too! This episode we talk forensics, and the...
DtSR Podcast

DtSR Episode 493 – Breaches: Is Anyone Learning Anything

Prologue A big Texas welcome back to the podcast to our friend Shawn Tuma, our legal-eagle in residence. This week Shawn talks to us about the cases he's involved in, and the types of trends he's seeing in his...
Security Affairs

Multiple malicious packages in PyPI repository found stealing AWS secrets

Researchers discovered multiple malicious Python packages in the official PyPI repository stealing AWS credentials and other info. Sonatype researchers discovered multiple Python packages in the official PyPI repository that have been developed to steal secrets (i.e. AWS credentials and environment...

The Post-Roe Privacy Nightmare Has Arrived

Plus: Microsoft details Russia’s Ukraine hacking campaign, Meta’s election integrity efforts dwindle, and more.

How to Move Your WhatsApp Chats Across Devices and Apps

It's never been easier to switch between iPhone and Android—and to get your messages out of the Meta ecosystem entirely.
The Register

We’re now truly in the era of ransomware as pure extortion without the encryption

Why screw around with cryptography and keys when just stealing the info is good enough Feature  US and European cops, prosecutors, and NGOs recently convened a two-day workshop in the Hague to discuss how to respond to the growing...
The Hacker News

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF

In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management...