Career Ladders In Information Security – Marc French – BSW Vault
Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020. Marc French has more than 25 years of technology experience in engineering, operations, product management,...
Career Ladders In Information Security – Marc French – BSW Vault
Check out this interview from the BSW VAULT, hand picked by main host Matt Alderman! This segment was originally published on June 8, 2020. Marc French has more than 25 years of technology experience in engineering, operations, product management,...
SWN #301 – Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou , Aaran Leyland, and More
Ferret Legging, Elon's Brain Implants, Volt Typhoon, CosmicEnergy, OAuth, ILoveYou (and that's not just the Molly talking), Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on...
ESW #319 – Amitai Ratzon, Steve Ragan, Deepika Chauhan, Thomas Kinsella, Jon Check
On this edition of the ESW news, we're all over the place! Funding and acquisitions are a little sad right now, but AI and TikTok bans raise our spirits. The hosts are split on feelings about the new .zip...
Generative AI Security Implications – Liam Mayron – PSW #786
Liam Mayron from Fastly comes on the show to talk about his unique path into information security, the security implications of generative AI, advances in technologies to protect web applications, detecting bots, and enabling better MSP services! This segment...
SWN #300 – Space, Naughty Cell Phones, HP, ASUS, Meta, Google, Gil Kirkpatrick and more
Space, the final frontier, Naughty Cell Phones, HP, ASUS, Meta, Google, Gil Kirkpatrick, and more on this edition of the Security Weekly News. Segment Resources: https://www.darkreading.com/cloud/microsoft-azure-vms-highjacked-in-cloud-cyberattack This segment is sponsored by Semperis. Visit https://securityweekly.com/semperis to learn more about...
ASW #242 – Ten Things I Hate About Lists
The OWASP Top 10 dates back to 2003, when appsec was just settling on terms like cross-site scripting and SQL injection. It's a list that everyone knows about and everyone talks about. But is it still the right model...
BSW #307 – Matt Radolec
You can rebuild infrastructure. But you can’t un-breach data – Data sits at the core of an organization and is often the most open and vulnerable. This is why data security is the most important and urgent security problem...
SWN #299 – Wemo Vulnerability, EXSI Threats, Critical Cisco Flaws, IAM, Malware, and More
$10M reward, a serious wemo vulnerability, EXSI threats, critical Cisco flaws, millions of smart phones with preinstalled malware and Bill Brenner Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly ...
ESW #318 – Mickey Bresman, Dave Merkel, Michaël Lakhal, Ashley Leonard, Jason Rolleston, Eve Maler
This week, we discuss fundings, acquisitions (TWO DSPM exits!), the ongoing market downturn/weirdness, and surprise - LLM-based AIs! We spend a fair amount of time talking about the importance of breach transparency - we need to be able to...
PSW #785 – Kevin Johnson
Kevin Johnson joins us to discuss pen testing, automated testing, why AI testing is not pen testing! In the security news: How AI Knows Things No One Told It, Dragos Employee Gets Hacked, VMProtect Source Code Leaks, CISA...
SWN #298 – ChatGPT, PentestGPT, BurpGPT, Cyber Resilience Act's Poison Pill & Malicious Actors
This week in the Security News, Aaran Leyland joins remotely to dish out the latest news: Cyber Resilience Act contains a poison pill, a powerful backdoor, Malicious Actors and Jason Wood - Valued Co-Host OR Malicious Actor? All that...
ASW #241 – Asaf Ashkenazi, Chris Eng, Jeff Martin
What happens to an app's security after six months? What about a year or two years? A Secure SDLC needs to maintain security throughout an app's lifetime, but too often the rate of new flaws can outpace the rate...
BSW #306 – Mayeuresh Ektare, Molly McLain Sterling, Lenny Zeltser
Medtronic's Security Ambassador program has seen tremendous growth and engagement in recent years. Learn how they gave their program a shot of adrenaline and haven't looked back since. Cybersecurity teams today are inundated with tools that provide an...
SWN #297 – Terminators, Joe Sullivan, Dragos, ESXi, Microsoft, Greatness, Jessica Davis and More
Singing Terminators, Gmail, Joe Sullivan, Dragos, ESXi, Microsoft, Greatness, Jessica Davis, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly ...
ESW #317 – Brian Kenyon, Rhett Dillingham, Antonio Sanchez, Deepen Desai
We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference this year, as well as automation across security operations and...
PSW #784 – Paula Januszkiewicz
In this talk, Paula Januszkiewicz, renowned cybersecurity expert with years of experience in the field, shares her insights on critical tasks that must be included in any successful penetration testing checklist. She will offer the listeners a sneak peek...
SWN #296 – Chat GPT, QR codes, Boot Guard, Akira, SuperCare, Jason Wood, and More News
Poisonous Parsley and Chat GPT, QR codes, Boot Guard, Akira, Wanted Posters, SuperCare, VPNS, Jason Wood, and more on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like...
ASW #240 – Kelly Shortridge, Eric Fourrier, Richard Yew
What does software resilience mean? Why is status quo application security unfit for the modern era of software? How can we move from security theater to security chaos engineering? This segment answers these questions and more. Segment Resources: Book...
BSW #305 – Alla Valente, Joe Payne, Jim Broome, Cody Scott
Each year, Forrester tracks the top systemic risks — external events that impact your firm and customers but are out of your control — facing organizations. The impacts of climate change are both short-term, in the form of severe...
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting...
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites
WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites.
The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0,...
Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims
Not to be confused with K-Pop sensation BLACKPINK, gang pops military, govt and education orgs Dark Pink, a suspected nation-state-sponsored cyber-espionage group, has expanded its list of targeted organizations, both geographically and by sector, and has carried out at...
Feds, you’ll need a warrant for that cellphone border search
Here's a story with a twist A federal district judge has ruled that authorities must obtain a warrant to search an American citizen's cellphone at the border, barring exigent circumstances.…
Smashing Security podcast #324: .ZIP domains, AI lies, and did social media inflame a riot?
height="315" class="aligncenter size-full wp-image-292324" />
ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?
All this and...
