Info

Security Weekly Podcast Network (Video)

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: August, 2023
Aug 15, 2023

DARPA unleashes an AI Cyber Challenge to find flaws, CISA asks for input on securing open source software and memory safety, what five years of vuln research shows for vuln management programs, siphoning security tokens from VS Code, and more!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-251 

Aug 15, 2023

A key part of modern appsec is communication. From interpersonal skills for fostering collaborations to presentation skills for delivering a message, the ability to tell a story and engage an audience is a skill that doesn't appear on top ten lists and that doesn't come up in secure coding checklists. Josh shares his path to becoming a presenter on technical topics, including stumbles he's made along the way and how he helps others develop their skills for slides.

Resources:

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-251 

Aug 15, 2023

DEFCON, ScrutisWeb, DoubleDrive, GitHub, npms, AI Cheating advice, More news and Jason Wood

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-318 

Aug 14, 2023

The modern web browser is the single most commonly used application by enterprises worldwide. Its power, simplicity, and usability makes it an essential tool at work. And yet, the browser is not an enterprise application. It lacks the fundamental controls enterprises require to ensure proper security, visibility, and governance over critical apps and data. As a result, we surround the browser with a massive security ecosystem in an attempt to manage the intersection between users, web applications, and the underlying data. In the process, our technology stack becomes complex, expensive, and fragile to maintain, while end users are left with a frustrating experience. All because the consumer browser was not designed with enterprise needs in mind. The question is: What if there was a browser designed exclusively for the enterprise?

This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more about them!

 

Hear from Karim Toubba, CEO of LastPass, on LastPass' journey to passwordless, the importance of a passwordless world and why authentication is becoming more complex and facilitating the ease of authentication for users at work and at home.

 

This segment is sponsored by LastPass. Visit https://securityweekly.com/lastpassbh to learn more about them!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-316 

Aug 14, 2023

In the leadership and communications section, CISO is Crisis, Will SEC Cybersecurity Regulations Make a Difference?, NIST Drafts Major Update to Its Widely Used Cybersecurity Framework, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-316 

Aug 11, 2023

We discuss Ian Amit's background and what led him to want to leave the CISO life to create a startup! It's one thing for a security product to report problems to a security team. Everyone has these tools, but the problem is that someone has to analyze and triage all those findings, leading to alert fatigue and not a lot getting fixed. Gomboc is proposing to address this gap by auto-generating the fix.

https://www.blackhat.com/us-23/spotlight.html

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-327 

Aug 11, 2023

Creepy AI, Codesys, Kyber768, .net, Gootloader, DARPA, EvilProxy, Aaran Leyland, and More on this edition of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-317 

Aug 11, 2023

This week, we discuss Kubernetes attacks and CPU attacks. We also have a better idea of what valuation losses might be for security startups, thanks to the Check Point/Perimeter 81 acquisition. MITRE releases, ATLAS, an ATT&CK-style framework for machine learning models. Bloodhound's new rearchitected Community Edition is out, and Las Vegas's Sphere hasn't been hacked... yet.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-327 

Aug 10, 2023

Binarly is one of only a few startups focused on highlighting security issues in firmware. The company has discovered a remarkable number of vulnerabilities in firmware in a very short time. Its' founder, Alex Matrosov, joins us to discuss insights discovered along his company's journey to convince vendors that firmware is worth securing.

https://www.blackhat.com/us-23/spotlight.html

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-327 

Aug 10, 2023

In the Security News: Hacking your Tesla to enable heated seats (and so much more), The Downfall of Intel CPUs, The Inception of AMD CPUs, that’s right we’re talking about 3 different hardware attacks in this episode! Intel issues patches and fixes stuff even though its hard to exploit, Rubber Ducky you’re the one, history of Wii hacking, don’t try this at home Linux updates, we are no longer calling about your vehicle warranty, cool hardware hacking stuff including building your own lightsaber, you Wifi keys are leaking again, the evil FlipperZero, Buskill, complaining publically works sometimes, these are not the CVSS 10.0 flaws you are looking for, when side channel attacks, dumpster diving for plane ticks, and go ahead, try and hack a robotaxi! All that and more on this episode of Paul’s Security Weekly!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-794 

Aug 10, 2023

Just how prepared are you for the next cybersecurity incident? Depending on the definition, security incidents likely happen daily at most enterprises. Because we can't prevent everything, the key to success is to be in a constant state of readiness. This means regular training with a focus on preparation. Gerard will walk us through tips and tricks to keep our incident response teams in tip-top condition.

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-794 

Aug 8, 2023

Zap gets a jolt of new support, using Clang for security research, LLM attacks learn models, Rust visualizes dependencies, a National Cyber Workforce and Education Strategy, and more!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-250 

Aug 8, 2023

BilDad the Shuhite, Points.com, Papercut, Prospect Medical, SMS, Microsoft, DAAS, Chatbots, More News, and Jason Wood.

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-316 

Aug 8, 2023

Mature shops should be looking to a security architecture process to help scale their systems and embrace security by design. We talk about what it means to create a security architecture process, why it's not just another security review, and why it requires security to dig into engineering.

Segment Resources:

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-250 

Aug 8, 2023

In the leadership and communications section, How CISOs can engage the C-suite and Board to manage and address cyber risk, CISOs Need Backing to Take Charge of Security, It’s OK to Fail, but You Have to Do It Right, and more!

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-315 

Aug 7, 2023

On July 31st, 2023, the Biden administration released a national strategy addressing cyber workforce shortages, calling long-standing vacancies a national security imperative. The National Cyber Workforce and Education Strategy focuses on four major pillars: equipping every American with cyber skills, transforming cyber education, expanding and enhancing the national cyber workforce and strengthening the federal cyber workforce. The strategy relies heavily on non-governmental and private sector entities to provide funding, internship and apprenticeship programs to increase the number of workers with cybersecurity skills. One of those entities referenced in the strategy is Dakota State University. Dr. José-Marie Griffiths joins us to discuss education's role in the strategy, but offers other insights, including:

  • immigration policies and how it limits the current cyber workforce,
  • diversity, equity, and inclusion initiatives and the reduction of women in the cyber workforce, and
  • what can the cyber community do to help.

 

Segment Resources:

https://www.dsucyber27.com/

https://dsu.edu/programs/artificial-intelligence-bs.html

https://dsu.edu/programs/computer-science-artificial-intelligence.html

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-315 

Aug 4, 2023

This week in the Enterprise Security News: we discuss securing open source, Cyberinsurance, Hackerone Layoffs, and whether or not Sharks have noses!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-326 

Aug 4, 2023

Midnight Blizzard, Citrix, Bloodhound, Five Eyes, Canon, Cult of the Dead Cow, AI Shopping, Aaran Leyland, and More on this edition of the Security Weekly News.

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-315 

Aug 4, 2023

Fareedah Shaheed, aka CyberFareedah, has dedicated herself to educating the public on online safety. Today, we'll talk about the challenges she has faced in building a training company from scratch, targeting both consumers, and private business. Her journey is interesting from multiple perspectives: as a business owner, an immigrant, becoming an influencer, and establishing herself as a cybersecurity thought leader - all within less than half a decade!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-326 

Aug 3, 2023

While malware and ransomware tend to dominate cybersecurity headlines, Fortra’s research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email impersonation scams rely on social engineering rather than technology, the barrier to entry for an aspiring cybercriminal is almost non-existent. In this segment, we’ll explore strategies for defending against email impersonation.

Segment Resources:

Fortra Cybersecurity Learning Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000012210&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness

2023 BEC Trends, Targets, and Changes in Techniques: https://static.fortra.com/agari/pdfs/report/fta-ag-2023-bec-trends-targets-changes-in-techniques-rp.pdf

 

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-326 

Aug 3, 2023

In the Security News: Canon shoots out your Wifi password, I want to be Super Admin, you don’t need fancy hacks to bypass air gaps, U.S. Senator attacks Microsoft, Tenable CEO attacks Microsoft, we should all be hopeful despite the challenges in infosec, SEC requires reporting Cyberattacks within 4 days, Mirai attacks Tomcat, scanning a car before stealing it, a little offensive appliance, no Internet access for you and that will solve the problem, Ubuntu blunders, it’s so secure no one can actually use it, and yet another CPU data leak! All that and more on this episode of Paul’s Security Weekly!

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-793 

Aug 3, 2023

Our good friend Bill Swearingen joins us to talk about some of the incident response work he's been doing lately. Many people have it wrong, you don't need to be a cybersecurity ninja to respond to a security incident. Its about knowing who does what in your organization and executing a plan. Bill has put together a a set of free resources to help the community with incident response as well!

Visit the Awesome Incident Response project here: https://github.com/hevnsnt/Awesome_Incident_Response/

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw-793 

Aug 1, 2023

Zenbleed in AMD, Google's TAG sees a drop in zero-days, new security testing handbook from Trail of Bits, Phil Venables' advice on public speaking, car battery monitor that monitors location(!?), more news on TETRA

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-249 

Aug 1, 2023

Throbbing Gristle, China, Dragos, Ransomware, Tomcat, Ivanti, Radio Radio, My Mother the Car, Jason Wood, and More

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Show Notes: https://securityweekly.com/swn-314 

Aug 1, 2023

Identity isn't new, but we do have new ways of presenting and protecting identity with things like payment wallets and verifiable credentials. But we also have identity in surprising places -- like cars.

We'll answer some questions like:

  • Why do we even have identities in cars?
  • What else is your car connected to?
  • How should devs be thinking about security in this space?

And, yeah, we'll have that song (https://youtu.be/MkeO7ThL8yg?feature=shared) you're thinking about stuck in our heads the whole time. 

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-249

« Previous 1 2