Episode 126 – The not so dire future of supply chain security
Josh and Kurt continue the discussion from episode 125. We look at the possible future of software supply chains. It's far less dire than previously expected. It's likely there will be some change in the
Episode 125 – Open Source, supply chains, npm, and you
Josh and Kurt talk about how open source deals with malicious events. It's probably impossible to stop these from happening, but the open source universe deals with it in its own unique way. We start to discuss what you can do, since...
Episode 124 – Cloudflare’s service workers and the economics of security
Josh and Kurt talk about Cloudflare's new Workers service. We spend a lot of time discussing how economics drives technology, not security. It's quite likely this new service is less secure than existing alternatives, but it will be cheaper and faster which...
Episode 123 – Talking about Kubernetes and container security with Liz Rice
Josh and Kurt talk to Liz Rice about Kubernetes and container security. How did we get where we are today, what's new and exciting today, and where do we think things are going.
Episode 122 – What will Apple’s T2 chip mean for the rest of us?
Josh and Kurt talk about Apple's new T2 security chip. It's not open source but we expect it to change the security landscape in the coming years.
Episode 121 – All about the security of voting
Josh and Kurt talk about voting security. What does it mean, how does it work. What works, what doesn't work, and most importantly why we may not see secure electronic voting anytime soon.
Episode 120 – Bloomberg and hardware backdoors – it’s already happening
Josh and Kurt talk about Bloomberg's story about backdoors and motherboards. The story is probably false, but this is almost certainly happening already with hardware. What does it mean if your hardware is already backdoored by one or more countries?
Episode 119 – The Google+ and Facebook incidents, it’s not your data anymore
Josh and Kurt talk about the Google+ and Facebook data incidents. We don't have any control over this data anymore. The incidents didn't really affect the users because we have no idea who has access to it. We also touch on GDPR...
Episode 118 – Cloudflare’s IPFS and onion service
Josh and Kurt talk about Cloudflare's new IPFS and Onion services. One brings distributed blockchain files to the masses, the other lets you host your site on tor easily.
Episode 117 – Will security follow Linus’ lead on being nice?
Josh and Kurt talk about Linus' effort to work on his attitude. What will this mean for security and IT in general?
Episode 116 – The future of the CISO with Michael Piacente
Josh and Kurt talk to Michael Piacente from Hitch Partners about the past, present, and future role of the CISO in the industry.
Episode 115 – Discussion with Brian Hajost from SteelCloud
Josh and Kurt talk to Brian Hajost from SteelCloud about public sector compliance. The world of public sector compliance can be confusing and strange, but it's not that bad when it's explained by someone with experience.
Episode 114 – Review of “Click Here to Kill Everybody”
Josh and Kurt review Bruce Schneier's new book Click Here to Kill Everybody. It's a book everyone could benefit from reading. It does a nice job explaining many existing security problems in a simple manner.
Episode 113 – Actual real security advice
Josh and Kurt talk about actual real world advice. Based on a story about trying to secure political campaigns, if we had to give some security help what should it look like, who should we give it to?
Episode 112 – Google’s Titan Key and the latest Struts issue
Josh and Kurt talk about the new Google Titan security key. There are some in the industry uneasy about the supply chain for the devices. We also discuss the latest Struts security issue. Struts is old and scary now, stop using it.
Quarter of NHS Trusts Have No Security Pros
Quarter of NHS Trusts Have No Security ProsNew research has revealed a dearth of qualified cybersecurity staff in the NHS and low levels of spending on in-house training for employees.
RedScan received Freedom of Information (FOI) responses from 159 trusts...
What is a keylogger? How attackers can monitor everything you type
Keylogger definitionTo read this article in full, please click here(Insider Story)
And that was actually the CLEAN version!
It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there."It was part of an email security product," fish says. "The filter could identify emails containing...
Review: How StackRox protects containers
With the rise of cloud computing and later DevOps, containerization has never been more popular. But cybersecurity has yet to fully catch up. Even security applications designed to work natively in the cloud have trouble protecting the most popular...
Dark web goldmine busted by Europol
What’s the safest way to buy counterfeit banknotes? Not on the dark web market, as 235 people have just discovered to their cost.
