Info

Security Weekly Podcast Network (Video)

This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: April, 2023
Apr 28, 2023

Github, FIN7, Banks, Minecraft, Google Authenticator, Qualcomm, TenCent, BlueSky, Derek Johnson talks about China and More on this episode of the Security Weekly News.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly 

Like us on Facebook: https://www.facebook.com/secweekly 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn293

Apr 27, 2023

Quantum computing is a rapidly emerging technology that harnesses the laws of quantum mechanics to solve problems that today’s most powerful supercomputers cannot practically solve. IBM's Dr. Kayla Lee will explain how close we are to a computational quantum advantage: the point where a computational task of business or scientific relevance can be performed more efficiently, cost-effectively, or accurately using a quantum computer than with classical computations alone.

 Segment Resources:

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw315 

Apr 27, 2023

STM32 boards, soldering, decapping chips, RTOS development, lasers, multiple flippers and for what you ask? So I can be alerted about a device I already know is there. The Flipper Zero attracted the attention of news outlets and hackers alike as people have used it to gain access to restricted resources. Is the Flipper Zero that powerful that it needs to be banned? This is a journey of recursion and not taking “no” for an answer. Kailtyn Hendelman joins the PSW crew to discuss the Flipper Zero and using it to hack all the things.

Flipper resources: * [Changing Boot Screen Image on ThinkPad's UEFI](https://www.youtube.com/watch?v=kvqZRTMAlMA -Flipper Zero) *

[A collection of Awesome resources for the Flipper Zero device.](https://github.com/djsime1/awesome-flipperzero) *

[Flipper Zero Unleashed Firmware](https://github.com/DarkFlippers/unleashed-firmware) - This is what Paul is using currently. *

 [A maintained collective of different IR files for the Flipper!](https://github.com/UberGuidoZ/Flipper-IRDB) - Paul uses these as well. *

[Alternative Infrared Remote for Flipperzero](https://github.com/Hong5489/ir_remote)

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw782

Apr 27, 2023

In the Security News: SSDs use AI/ML to prevent ransomware (And more buzzword bingo), zombie servers that just won't die, spectral chickens, side-channel attacks, malware-free cyberattacks!, your secret key should be a secret, hacking smart TVs with IR, getting papercuts, people still have AIX, ghosttokens, build back better SBOMs, Salsa for your software, Intel let Google hack things, and they found vulnerabilities, and flase positives on your drug test, All that and more on this episode of Paul’s Security Weekly.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw782 

Apr 25, 2023

Jeff Moss shares some of history of DEF CON, from CFPs to Codes of Conduct, and what makes it a hacker conference. We also discuss the role of hackers and researchers in representing users within policy discussions.

Segment links

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw238 

Apr 25, 2023

Teenage Mutant Ninja Hackers, Mark Twain, TP-Link, Intel, Papercut, Rustbucket, Solarwinds, Blue Check Marks, Jason Wood, and more on this edition of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn292 

Apr 25, 2023

Microsoft turns to a weather-based taxonomy, k8s shares a security audit, a GhostToken that can't be exorcised from Google accounts, BrokenSesame RCE, typos and security, generative AI and security that's more than prompt injection

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw238 

Apr 24, 2023

After discussing the requirements for working in cybersecurity, part 2 will tackle where to find the talent. We will explore education, apprenticeships, mentorships, and training. We will also identify areas within the business that have resources with skills that are very complementary with cybersecurity that also make great recruiting areas.

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw303

Apr 24, 2023

We talk a lot about closing the skills gap, but it's harder said than done. So we thought we'd tackle the problem in our 2nd episode os Say Easy, Do Hard. Part 1 will discuss the skills needed, the requirements of the position, and the real qualifications for cybersecurity jobs. We will discuss the practical, realistic expectations of working in cybersecurity, not the hyped stereotypical positions.

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw303

Apr 21, 2023

We're talking with Matt Johansen about his new newsletter, Vulnerable U. We'll discuss his journey from vendors to massive enterprises to less massive enterprises and what he's learned about InfoSec along the way. Like us, Matt has some strong takes on many InfoSec topics, so this conversation could go down many paths. Regardless, we're excited about the journey and the destination with this interview.

 

Subscribe to [Vulnerable U]: https://link.mail.beehiiv.com/ss/c/CygrK4bVgDWxdDLo_7X0UUe8u_TcBPAeAQlRvYdH5hN2mTxFi32BUXbh9K9a2mS8ILJXWKo4rmayv53niV3c6NrsGo7UAp6yFd9EScNQoNwURBhep7S6sIyNBsEMNJ7Z/3v8/6L9W-AB2Sx6Ts9cCBWFiYw/h9/mYsvCYdHno82QRYGHJuyaUZtu8PbgH5PWFi3mLY1CNg

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw315 

Apr 21, 2023

In the Enterprise Security News, Lots of funding announcements and new companies, Private Equity acquires Maltego, Cinven acquires RSA Archer Comcast launches a security product, Zscaler has beef with Gartner, CISA releases updated Zero Trust Model, Amazon jumps into the AI LLM fray, AutoGPT stretches the imagination and potential use cases, The Ever Changing API security market, New security books just released, Zombie birds!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw314 

Apr 21, 2023

Elon, Clop, EvalPhP, VMWare, Google, Fancy Bear, Routers, 3CX, Aaran Leyland, and More on this episode of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn291

Apr 21, 2023

Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break some of the most widely-used security protocols in the world. Dr. Vadim Lyubashevsky will discuss how quantum-safe cryptography protects against this potential future.

Segment Resources:

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw315 

Apr 21, 2023

With over 1 billion records exposed in just the top 35 breaches, over $2.6 billion stolen in the top nine cryptocurrency breaches, and over $2.7 billion in fines levied to the top 35 violators, lessons abound for security teams. We will walk through some of the biggest trends in last year's data breaches and privacy violations, and we'll talk about what security leaders can learn from these events.

 

Segment Resources:

https://www.forrester.com/blogs/2022-breaches-and-fines-offer-lessons-to-security-leaders

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw314 

Apr 21, 2023

Discuss observations and trends across the venture capital ecosystem as it pertains to cybersecurity. This will include a re-cap in how 2022 ended, what we saw in Q12023, and what we expect from an investing standpoint.

Segment Resources:

https://forgepointcap.com/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw314 

Apr 20, 2023

In the security news: Blizzards, Sleet, Typhoons, Sandstorms and Tsunamis, masking your car stealing tech in a Nokia phone, kill -64, Google doesn't want to fix an RCE, hijacking packages, monitoring macs, beating Roulette, lame advice from Microsoft, are post-authentication vulnerabilities even vulnerabilities?, Ghosts, burpgpt, and do you trust Google? All that and more on this episode of Paul’s Security Weekly.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw781 

Apr 20, 2023

We will talk about Supply chain security, the TPM 2.0 vulnerabilities recently discovered by a Quarkslab researcher, bugs in reference implementations, vulnerability disclosure and perhaps various other topics.

Segment Resources:

Vulnerabilities in the TPM2.0 reference implementation

 https://blog.quarkslab.com/vulnerabilities-in-the-tpm-20-reference-implementation-code.html

Vulnerabilities in High Assurance Boot of NXP i.MX microprocessors

https://blog.quarkslab.com/vulnerabilities-in-high-assurance-boot-of-nxp-imx-microprocessors.html

Heap memory corruption in ASN.1 parsing code generated by Objective Systems Inc. ASN1C compiler for C/C++

 https://github.com/programa-stic/security-advisories/blob/master/ObjSys/CVE-2016-5080/README.md

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw781 

Apr 19, 2023

In the leadership and communications segment, Security Is a Revenue Booster, Not a Cost Center, How cybersecurity leaders can tackle the skills shortage, Engaged Employees Create Better Customer Experiences, and more! 

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw302

Apr 19, 2023

A new deps.dev API for supply chain enthusiasts, hacking and modding agricultural devices, guidance from CISA on secure by design (and by default!), Glaze brings adversarial art to AI training, key transparency for WhatsApp, a new appsec myth(?), Android hacking tool list, and a Chrome extension to find web debugging behavior.

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw237

Apr 18, 2023

Sisyphus and Elon, Action1, Cyber insurance, CISA, LockBit, AI, Jason Wood, and more on this edition of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn290

Apr 18, 2023

We talk with Ben about the rewards, hazards, and fun of bug bounty programs. Then we find out different ways to build successful and welcoming communities.

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw237 

Apr 18, 2023

Securing the business can often come at a cost of employee productivity, but it doesn’t have to be this way. Especially in today’s economic climate, the security team cannot be seen as a blocker to business. Aviv discusses how to find that balance in today’s episode.

 

This segment is sponsored by Votiro. Visit https://securityweekly.com/votiro to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw302 

Apr 17, 2023

So much of the tech world went remote at the start of the pandemic, and many of those jobs (and engineers) show no sign of ever going back into an office. Building successful teams in this environment takes a different approach, one defined by autonomy and trust. In this segment, Nickolas Means, VP of Engineering at Sym, will share insights from more than a decade of leading distributed teams to help us all thrive in a world where distributed is the new normal.

 

Segment Resources:
https://symops.com/?utm_campaign=eswp&utm_medium=social&utm_source=podcast

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw311

Apr 14, 2023

In this news segment, we discuss the art of branding/naming security companies, some new cars just out of stealth, 5 startups just out of Y Combinator, and Cybereason's $100M round from Softbank. We also talk new features (Semgrep's new GPT-4 use case), new newsletters, and new reports. We break down Nexx's broken vulnerability disclosure program and its broken products. We also discuss the FDA's new ability to block device certification for security reasons. Android announces rules to make it easier for consumers to delete accounts and remove data when they uninstall apps. IT and Security professionals everywhere are asked not to report breaches, but in some countries more than others. CISOs are more prone to drinking problems, and finally, for our squirrel stories, we discuss a crazy app called Newnew and new ideas in prosthetics.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw313 

Apr 14, 2023

MSMQ, CLFS, Fortinet, Spectre redux, Google Pay, BingBots, Aaran Leyland, and More on this episode of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn289 

1 2 Next »