Info

Security Weekly Podcast Network (Video)

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2024
December
November
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: podcast
Nov 14, 2024

We kicked things off by talking about the Holiday Hack Challenge, which is like this massive cyber playground that Sans puts out every year for everyone from fifth graders to government spooks. Ed Skoudis broke down how they're changing things this time, with an early release and a phased approach that'll give you more time to play and learn. But the real mind-bender was when Ed spilled the beans on how they build this whole thing using one giant Google sheet - I mean, we're talking hundreds of tabs, color-coded cells, and JSON to create entire virtual worlds. Then we covered the rest of the security news including hacking Mazda's infotainment system and more!

Segment Resources:

Show Notes: https://securityweekly.com/psw-851

Nov 14, 2024

Alright, so we dove deep into some pretty wild stuff this week. We started off talking about zip files inside zip files. This is a variation of old-school zip file tricks, and the latest method described here is still causing headaches for antivirus software. Then we geeked out about infrared signals and the Flipper Zero, which brought back memories of the TV-B-Gone. But the real kicker was our discussion on end-of-life software and the whole CVE numbering authority mess. Avanti's refusal to issue a CVE for their end-of-life product sparked a heated debate about cybersecurity accountability and conflicts of interest.

Show Notes: https://securityweekly.com/psw-851

Nov 12, 2024

In the leadership and communications segment, Managing Cybersecurity Stress: A Deep Dive into the 93% CISO Burnout Rate, How to Win at Cyber by Influencing People, Boost Your Team’s Productivity by Hiring Force Multiplier, and more!

Show Notes: https://securityweekly.com/bsw-372

Nov 12, 2024

This week, in the Application Security News, we spend a lot of time on some recent vulnerabilities. We take this opportunity to talk about how to determine whether or not a vulnerability is worth a critical response.

Can AI fully automate DevSecOps Governance? Adrian has his reservations, but JLK is bullish.

Is it bad that 70% of DevSecOps professionals don't know if code is AI generated or not?

All that and more on this week's news segment.

Show Notes: https://securityweekly.com/asw-307

Nov 12, 2024

Struwwelpeter, Krampus, Flutter, Apple, DLink, C++, Josh Marpet and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-430

Nov 12, 2024

In this week's interview, Melinda Marks' joins us to discuss her latest research. Her recent report Modernizing Application Security to Scale for Cloud-Native Development delves into many aspects and trends affecting AppSec as it matures, particularly in cloud-first organizations.

We also discuss the fuzzy line between "cloud-native" AppSec and everything else that refuses to disappear, particularly for organizations that weren't born cloud-native and still have legacy workloads to worry about.

Integrating security into the SDLC and CI/CD pipelines, infrastructure as code (IaC) trends, best of breed vs platform, and other aspects of AppSec get discussed as well!

Show Notes: https://securityweekly.com/asw-307

Nov 12, 2024

Stress in cybersecurity is an industrywide problem. The CISO role is one of the most stressful in any organization. And the stress levels are at an all time high, leading to a mental health crisis. How should CISOs cope with this stress and improve their mental health?

Ram Movva, CEO & Founder at Securin, joins Business Security Weekly to discuss the CISO challenges leading to this increased stress and how to cope. Ram will discuss how networking, peer groups, and trusted partners can help CISOs deal with stress and improve their overall mental health.

Show Notes: https://securityweekly.com/bsw-372

Nov 9, 2024

In the enterprise security news,

  1. Some big fundings
  2. no less than 4 acquisitions
  3. Silencing the EDR silencers
  4. ghost jobs
  5. overinflated estimates on open cybersecurity jobs
  6. weaponizing Microsoft Copilot
  7. fun projects with disposable vapes

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-383

Nov 8, 2024

Is it a product or a feature? Is it DLP 4.0, or something legitimately new? Buy now, or wait for further consolidation?

There are SO many questions about this market. It's undeniably important - data hygiene and governance continues to be a frustrating mess in many organizations, but is this the solution? We'll discuss with Todd to find out.

Show Notes: https://securityweekly.com/esw-383

Nov 8, 2024

Robo-Turing, BlueNoroff, Palo Alto, German Law, Fabric, Cisco, Banning Things, Aaran Leyland, and More, on this edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-429

Nov 8, 2024

CISOs struggle more with reactive budgets than CIOs or CTOs. It's not that part of the CISO's budget shouldn't be reactive, it's certainly necessary to an extent. The problem is when proactive measures suffer as a result. In this interview, we'll discuss some of the causes behind this and some strategies for breaking out of this loop.

This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them!

Show Notes: https://securityweekly.com/esw-383

Nov 7, 2024

In the news: Pacific Rim, Linux on Windows for attackers, one of the worst cases of a former employee's retaliation, Zery-Day FOMO, we predicted that, hacking for fun, working hard for no PoC, an LLM that discovers software vulnerabilities, absurd fines, long usernames and Okta, and paying a ransom with dough!

Show Notes: https://securityweekly.com/psw-850

Nov 7, 2024

We chatted with Kayne about education systems security, funding for cyber tools and services, and what the future of education might look like to fill more cyber roles.

Show Notes: https://securityweekly.com/psw-850

Nov 6, 2024

Tariffs, Pygmy Goat, Schneider, SQLite and Dixie Flatline, Deepfakes, Military AI, Josh Marpet, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-428

Nov 5, 2024

Today’s cyber threat actors are capitalizing on organizations’ identity vulnerabilities, such as MFA. Nearly 75% of cloud security failures now result from mismanaged identities, access, and privileges, and the identity attack surface is becoming more challenging to protect as companies expand their cloud environments and supply chains to meet their IT needs.

Damon McDougald, Global Cyber Protection lead at Accenture, joins Security Weekly's Mandy Logan to share his perspective on why identity is so crucial in today’s hybrid work environment, the innovations that are changing the game when it comes to cybersecurity, the top challenges companies face in implementing identity, and how identity can help keep threat actors at bay.

Segment Resources: https://www.accenture.com/us-en/services/security/digital-identity

Hybrid workforces are here to stay. This means protecting today’s workforce requires securing access to applications from any device, anywhere, while maintaining a seamless user experience. Punit Minocha, the EVP of Business Development & Corporate Strategy at Zscaler, joins SC Media to discuss the challenges companies are facing with securing their hybrid workforces and how integrated, best-of-breed solutions from Zscaler and Okta deliver zero trust security that helps companies protect their data, infrastructure, and employees as they scale and innovate.

Segment Resources: https://www.okta.com/press-room/press-releases/zscaler-and-okta-enhance-enterprise-cybersecurity-with-new-zero-trust/

This segment is sponsored by Oktane, to view all of the CyberRisk TV coverage from Oktane visit https://securityweekly.com/oktane.

Show Notes: https://securityweekly.com/esw-382

Nov 5, 2024

In the leadership and communications segment, How to Find the Right CISO, New Security Leadership Style Needed for Stressed Workers, Combatting Human Error: How To Safeguard Your Business Against Costly Data Breaches, and more!

Show Notes: https://securityweekly.com/bsw-371

Nov 5, 2024

Microsoft delays Recall AGAIN, Project Zero uses an LLM to find a bugger underflow in SQLite, the scourge of infostealer malware, zero standing privileges is easy if you have unlimited time (but no one does), reverse engineering Nintendo's Alarmo and RedBox's... boxes.

Bonus: the book series mentioned in this episode The Lost Fleet by Jack Campbell.

Show Notes: https://securityweekly.com/asw-306

Nov 5, 2024

After spending a decade working for appsec vendors, Grant McKracken wanted to give something back. He saw a gap in the market for free or low-cost services for smaller organizations that have real appsec needs, but not a lot of means to pay for it. He founded DarkHorse, who offers VDPs and bug bounties to organizations of all sizes for free, or for as low of cost as possible.

While not a non-profit, the company's goal is to make these services as cheap as possible to increase accessibility for smaller or more budget-constrained organizations. The company has also introduced the concept of "fractional pentesting", access to cyber talent when and how you need it, based on what you can afford. This implies services beyond just offensive security, something we'll dive deeper into in the interview.

We don't see DarkHorse ever competing with the larger Bug Bounty platforms, but rather providing services to the organizations too small for the larger platforms to sell to.

Show Notes: https://securityweekly.com/asw-306

Nov 5, 2024

Merger and acquisition (M&A) activity in finally starting to pick up. Although the allure of financial gains and market expansion drives these deals, the digital age demands a rigorous assessment of cybersecurity risks accompanying such mergers. Unanticipated cyber issues, like dormant malware or inconsistent access controls, can transform an ideal transaction into a costly headache for the acquiring company post-merger.

So how do you assess the potential cyber risks of the transaction? Craig Davies, Chief Information Security Officer at Gathid, joins Business Security Weekly to review the five crucial cyber questions to ask before finalizing any deal. If you're in a merger or acquisition, or plan to merge or acquire another company, don't miss this episode.

Show Notes: https://securityweekly.com/bsw-371

Nov 4, 2024

This week, in the enterprise security news:

  1. the latest cybersecurity fundings
  2. Cyera acquires Trail Security
  3. Sophos acquires Secureworks
  4. new companies and products
  5. more coverage on Cyberstarts’ sunrise program
  6. AI can control your PC
  7. public cybersecurity companies are going private
  8. Splunk and Palo Alto beef

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-382

Nov 4, 2024

Recall III: the Re-Re-Recalling, Russia, Win 10, Phish n Ships, Midnight Blizzard, Emerald Whale, Rob Allen, and More, on this edition of the Security Weekly News.

Segment Resources: https://www.bleepingcomputer.com/news/security/unitedhealth-says-data-of-100-million-stolen-in-change-healthcare-breach/

This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!

Show Notes: https://securityweekly.com/swn-427

Nov 4, 2024

The future is here! Imagine if you could get into the office, a datacenter, or even an apartment building as easily as you unlock your smartphone. Alcatraz AI is doing exactly that with technology that works similarly to how smartphones unlock using your face. It works in the dark, if you shave off your beard, and so quickly you don't even need to slow down for the scan - you can just keep on walking.

We don't often cover physical security, so this interview is going to be a treat for us. There are SO many questions to ask here, particularly for our hosts who have done physical penetration tests, social engineering, and tailgating in the past to get past physical security measures.

Show Notes: https://securityweekly.com/esw-382

Oct 31, 2024

Google's cookie encryption drama, Microsoft accusing Google of shady antitrust tactics, AI shenanigans, the rejected Defcon talk and hacking traffic lights, vulnerabilities in Realtek SD card readers, the never-ending debate on quantum computing vs. cryptography, backdoors are not secrets and where we are pushing attackers, firmware leakage, more on Windows Downgrade (and UEFI locks), super nerdy Linux things, EDR is dead, well not really but more on how to make it not phone home, bypassing memory scanners, couple of Bluetooth hacking things, and a really awesome article about an IoT 0-Day that is no longer on the Internet.

Show Notes: https://securityweekly.com/psw-849

Oct 30, 2024

Halloween, TikTok Rip Off, Telcos, Win 11, Five Eyes, AWS, France, ChatGPT, and more on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-426

Oct 30, 2024

We had the pleasure of finally having Dave Lewis on the show to discuss shadow IT and security debt. Dave shared some fascinating insights from his long career in cybersecurity, emphasizing the importance of addressing fundamental security issues and the human aspect of security. We delved into the challenges of managing shadow IT, the complexities of security debt, and the need for organizations to prioritize security practices. Overall, it was a great conversation that highlighted the ongoing struggles in our industry and the importance of learning from past mistakes to build a more secure future.

Show Notes: https://securityweekly.com/psw-849

1 « Previous 1 2 3 4 5 6 7 Next » 66