Friday, June 5, 2020


Security. Some assembly required. Security is HARD, and ‘real security’ is a compromise between usability and security while knowing you’re still accepting risk. This podcast alternates between interesting interviews and news analysis every other week – tune in, subscribe and join the conversation on REAL security issues relevant to your enterprise.

DtSR Podcast

DtSR Episode 397 – Modern-ish Vulnerability Management

Welcome Down the Security Rabbithole to yet another edition of the DtSR Podcast. We we roll on towards milestone episode 400 James and Rafal discuss a topic that doesn't get nearly enough airplay - vulnerability management. This isn't just...
DtSR Podcast

DtSR Episode 396 – Verizon DBIR 2020 Analysis

It's Verizon Data Breach Investigations Report time again. This episode is a yearly walk-through of the DBIR, where Rafal and James once again welcome Gabe Bassett back to the show to talk data, graphics, and lessons we need to...
DtSR Podcast

DtSR Episode 395 – Can We Fix the MSSP

Special thanks to our friends at AlertLogic - for providing some great discussion points and John for the episode! This week, as DtSR hits episode 395 on our way to Episode 400, James and Rafal take some time out...
DtSR Podcast

DtSR Episode 394 – High Profile Healthcare Security Leadership

Episode 394 Rafal & James host Keith Duemling from the Cleveland Clinic (talk about high-profile jobs!) to talk about security in the healthcare space, challenges, the future, and other random topics. Keith has spent a large part of his...
DtSR Podcast

DtSR Episode 393 – Smartish Cities

Guess who's back, back again ... James is back, so listen in! So James is officially back after a bit of a hiatus from the podcast, and on this episode him and Rafal sit down over a fun interview...
DtSR Podcast

DtSR Episode 392 – Chris Nickerson is an Original

Ladies and Gentlemen, friends, countrymen, lend me your ears! This episode of DtSR features one of my favorite guests and one of the better storytelling from the "old days" opportunities I can recall. It also, not accidentally, features one...
DtSR Podcast

DtSR Episode 391 – Unprecedented Cyber Badness

This week, I'd like to thank JD Work for taking the time to be on the show and sharing his professional experience and expertise with us. The space of cyber policy, at the national and international level, is growing...
DtSR Podcast

DtSR Episode 390 – DFIR 20-20

This week, Brian Carrier joins DtSR to talk about digital forensics and incident response in 20/20. Forensics and incident response has had to evolve and change as devices become more mobile, smaller, and purpose-built. Brian talks through what this...
DtSR Podcast

DtSR Episode 389 – Leading Cyber Security in Academia

This week, DtSR dives into security leadership with an academic twist. We have the pleasure of hosting Robert Turner, the CISO of the University of Wisconsin, Madison. This episode was recorded March 13th, 2020 right as the University and...
DtSR Podcast

DtSR Episode 388 – The SIEM is Dead Long May It Live

Welcome to episode 388, an episode at least 5 years in the making...mainly because it's taken this long to figure out a good way to get Anton on the podcast! Now that he's not an analyst anymore, I snagged...
DtSR Podcast

DtSR Episode 387 – Remote Workforce Leadership

This week, as we all continue quarantines and work-from-home DtSR hosts Valentina Thörner, who is an expert on remote workforce leadership. Valentina literally wrote the book (From a Distance) and now she's on the show discussing how to be a leader...
DtSR Podcast

DtSR Episode 386 – Securing a Suddenly Remote Workforce

Covid-19 ... that's the headlines. Everywhere. The suddenly remote workforce is a problem for many enterprises, and as workers are forced to work from home - security is a problem. To that end, I snagged Brian Foster who has...
DtSR Podcast

DtSR Episode 385 – Malware on the Lifeline

Greetings! On this episode of the podcast we present to you an episode we recorded back in January (but then due to a storage error we lost temporarily) with Nathan Collier from Malwarebytes. Nathan reported some findings from his...
DtSR Podcast

DtSR Episode 384 – Zero Trust Redux 2020

This week Rafal hosts Dr. Chase Cunningham, Forrester analyst and all-around security badass to redux Zero Trust. The last time we tackled the topic was Episode 222 with John Kindervag back in 2016 - so it's time to see...
DtSR Podcast

DtSR Episode 383 – The Jennifer Ayers Interview

Join Rafal & James this week, as they welcome Jennifer Ayers. Jennifer is the Vice President of Overwatch and Security Response at Crowdstrike. Rafal and Jennifer worked together "back in the day" so the conversation starts with a little...

FTC Slams Children’s App Developer for COPPA Violations

Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.

Business Services Provider Conduent Hit by Ransomware

Business process services provider Conduent has been the victim of a ransomware attack that appears to be the work of Maze operators. Formed in 2017 as a divestiture from Xerox and headquartered in New Jersey, the company offers digital platforms...
SC Magazine

Cisco security advisories address 47 flaws, three critical

Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software. Among the most series flaws is a...

Electrolux, Others Conned Out of Big Money by BEC Scammer

Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.
The Register

Kind of goes without saying, but fix your admin passwords or risk getting borged by this brute-forcing botnet

Publishing platforms, hosts being targeted by Stealthworker malware Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…