Tuesday, August 3, 2021
Security Weekly

Shrug & Move On – ASW #160

This week, we welcome Maggie Jauregui, Offensive Security Researcher at Intel, to discuss Platform Firmware Security! Firmware security is complex and continues to be an industry challenge. In this podcast we'll talk about the reasons firmware security remains a...
Security Weekly

The Dr. Strange Moment – PSW #704

This week, we kick off the show with an interview featuring Alyssa Miller, BISO at S&P Global, to talk about the how the “B” in BISO is for Business! Next up, we welcome Michael Welch, Managing Director at Morgan Franklin, to discuss Cyber-Physical Attacks!! In the...
Security Weekly

PetitPotam Attack, PyPI Malware, NSA Device Guidance, & Meteor Wiper – Wrap Up – SWN #138

This week Dr. Doug talks: Patching, PetitPotam, Elon, Microsoft Defender, Ransomware rules, Meteor, and more, on this edition of the Security Weekly News Wrap up Show! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn138
Security Weekly

Bad Example – ESW #236

This week, in our first segment, we welcome Da-Wyone Haynes, Consultant in Data Analytics at Aegon & Transamerica, to talk about The Need for CyberSecurity Training Programs and the Role Cyber Professionals Play! Then we welcome Stephanie Aceves, Senior...
Security Weekly

Ancient Court – SCW #81

Priya Chaudhry joins us today as co-host and we are eager to catch up with her and get her legal perspective on recent litigations and proposed legislation that impacts our world of security and compliance. Hear ye, Hear ye!...
Security Weekly

Coffee & Cocktails – BSW #225

This week, we talk Security Money! Both the Security Weekly 25 Index and the NASDAQ close at record highs on 7/23/2021. See how the security market continues to stay hot. In the Leadership and Communications section for this week:...
Security Weekly

Babuk Forum Hack, Exotic Programming, Kaseya Decryption, & "Petitpotam" Attack – SWN #137

This week: Dr. Doug talks Elon saying scary things, Exotic Programming languages, Babuk, Kaseya, Petitpotam, litigation and of course the Expert Commentary of Jason Wood on this edition of the Security Weekly News!   Show Notes: https://securityweekly.com/swn137 Visit https://www.securityweekly.com/swn...
Security Weekly

Policy of Truth – ASW #159

This week, we welcome Peter Klimek, Director of Technology, Office of the CTO at Imperva, to discuss Navigating the seas of security in serverless functions! In the AppSec News: CWE releases the top 25 vulns for 2021, findings bugs...
Security Weekly

Nefarious Drivers – PSW #703

This week, we kick off the show with an interview featuring Jeff Tinsley, CEO of RealMe, to talk about The Online Safety and Security as it Pertains to Dating Apps and Online Marketplaces! Next up, we welcome Gordon Draper,...
Security Weekly

SeriousSam, Kaseya Decrypts REvil, Hacker Bounties, SonicWall, & Pegasus – Wrap Up – SWN #136

This week in the Security Weekly News Wrap Up: Pornageddon, Pegasus, Kaseya, SeriousSam, The FBI Wants hackers dead or alive, SonicWall, HPrinters, Show Wrap Ups, and more!   Show Notes: https://securityweekly.com/swn136 Visit https://www.securityweekly.com/swn for all the latest episodes!  ...
Security Weekly

Everyone Works Everywhere – ESW #235

This week, in our first segment, we welcome Ed Rossi, Vice President of Product Management, Asset Inventory & Discovery at Qualys, to talk about Reinventing Asset Inventory for Security! Then, in the Enterprise News, SafeBreach adds support for new...
Security Weekly

Constantly Frustrated – SCW #80

This week, we welcome Joseph Kirkpatrick, President at KirkpatrickPrice, to talk about Your Security Is ALWAYS in Scope!   Our client was using a hosted service to perform remote monitoring and management and resisted its inclusion in the audit...
Security Weekly

Use Your Network – BSW #224

In light of recent events and the pressures of the digital world, the landscape is finally shifting towards risk. The opportunity for cyber risk profiling, standardization, and seamless collaboration between CISOs, CIOs, and business-side leadership has come. Padraic O'Reilly,...
Security Weekly

iOS RCE, Pegasus Spyware Leak, Florida Victims Targeted, & Debugging MosaicLoader – SWN #135

This week in the Security News: Billionaires in Space again, grayware, Candiru fish, iOS, China, Mosaic, and of course the returning Expert Commentary of Jason Wood!   Show Notes: https://securityweekly.com/swn135 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow...
Security Weekly

Fall On Our Sword – ASW #158

This week, we welcome David DeSanto, Senior Director, Product Management, Dev & Sec at Gitlab! In the wake of events such as the Solarwinds breach, there has been a lot of misinformation about the role of open source in...
Security Weekly

Glorious Purpose – PSW #702

This week, we kick off the show with an interview featuring Scott Scheferman, Principal Strategist at Eclypsium, to talk about The BIOS Disconnect and vulnerabilities affecting the BIOSConnect feature within the Dell Client BIOS! Next up, we welcome Jack...
Security Weekly

Kaseya, Luminous Moth, Amazon, Microsoft, REvil, & Luminous Moth – Wrap Up – SWN #134

Where have all the PS5s gone, Luminous Moth, Amazon, Microsoft, Revil, Kaseya, and more along with show wrap-ups on this edition of Security Weekly News.   Show Notes: https://securityweekly.com/swn134 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us...
Security Weekly

Following the Dollar – ESW #234

This week, in our first segment, we welcome Rajiv Thomas, Sr Systems Engineer at Gas South LLC, to discuss Gas South and ExtraHop- A Journey of Security Partnership! In the Enterprise News, Contrast Security partners with Secure Code Warrior,...
Security Weekly

Tell the Truth – SCW #79

We'll start with a brief discussion of what HIPAA and is not (e.g., it's doesn't prevent your employer from ask you about your health). Then discuss recent developments like ongoing how ransomware attacks are targeting healthcare and, when successful,...
Security Weekly

Tell the Truth – SCW #79

We'll start with a brief discussion of what HIPAA and is not (e.g., it's doesn't prevent your employer from ask you about your health). Then discuss recent developments like ongoing how ransomware attacks are targeting healthcare and, when successful,...
SecurityWeek

Mismanagement Driving Cybersecurity Skills Gap: Research

“To some extent, this data supports the theory that the cybersecurity skills shortage is related to mismanagement rather than a dearth of qualified candidates or advanced skills.” read more
Google

Linux Kernel Security Done Right

Posted by Kees Cook, Software Engineer, Google Open Source Security TeamTo borrow from an excellent analogy between the modern computer ecosystem and the US automotive industry of the 1960s, the Linux kernel runs well: when driving down the highway,...

Raccoon Stealer Bundles Malware, Propagates Via Google SEO

An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
SecurityWeek

SAP Customer Survey Reveals False Sense of Security

Many SAP customers have a false sense of security, according to a new report from risk management consultancy Turnkey Consulting and business-critical application security firm Onapsis. The SAP Security Survey Report 2021 is based on information from over 100 SAP...

BazarCaller – the malware gang that talks you into infecting yourself

Calling someone back feels safer than clicking an unknown link... but it isn't! Remind your friends and family.