Dr. Jing Xie is the senior threat intelligence researcher for Venafi, the market leading cybersecurity company in machine identity protection. As a member of the Venafi thought leadership group, she leads Venafi Labs.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48 Follow us on Twitter: https://www.twitter.com/securityweekly
Concerns about WordPress' new "White Screen of Death", Google Chrome changes could 'destroy' ad-blockers, Mozilla is adding and ad-blocker to Firefox Focus 9.0, Websites can steal browser data via extensions APIs, a Fortnite security issue would have granted hackers access to accounts, and more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode48 Follow us on Twitter: https://www.twitter.com/securityweekly
Cellular carriers are implementing services to identify cell scam leveraging, New Android Malware uses motion sensor to avoid detection, Linux Malware disables security software to mine cryptocurrency, and how a Hacker threatened a family using a Nest Camera to broadcast a fake missile attack alert!
Full Show Notes: https://wiki.securityweekly.com/Episode591
Follow us on Twitter: https://www.twitter.com/securityweekly
In our second segment, the Security Weekly hosts talks about some of our favorite hacker movies, influencers in the community, and what software and devices make appearances in our labs!
Full Show Notes: https://wiki.securityweekly.com/Episode591
Follow us on Twitter: https://www.twitter.com/securityweekly
Christopher Morales is Head of Security Analytics at Vectra, where he advises and designs incident response and threat management programs for Fortune 500 enterprise clients. Christopher is a widely respected expert on cybersecurity issues and technologies and has researched, written and presented numerous information security architecture programs and processes.
Full Show Notes: https://wiki.securityweekly.com/Episode591
Follow us on Twitter: https://www.twitter.com/securityweekly
Jeff Man joins Paul to talk about Ping Identity offering advanced API cyber protection, AppDynamics keeps expanding monitoring vision, eSentire announces managed endpoint defense powered by Carbon Black, and Juniper Networks signs a deal with IBMs!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode123
Visit http://securityweekly.com/esw for all the latest episodes!
Paul and Jeff Man talk about Open-Source and free collaboration security tools.
1. Project Planning - OrangeScrum
2. Ticketing - Mantis Bug Tracker
3. Documentation - MediaWiki
4. Zabbix - Remote System Monitoring
5. Feedly - Share stories and RSS feed
6. Slack - Free!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode123
Visit http://securityweekly.com/esw for all the latest episodes!
This week on Application Security Weekly, Matt Alderman is joined by James Wickett, who is the Head of Research at Signal Sciences. They talk about the human element of application security training and testing.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47 Follow us on Twitter: https://www.twitter.com/securityweekly
In the News segment, Oracle patches 284 vulnerabilities, bug in Twitter Android app exposed protected tweets, 4 tips for better API Security in 2019, and more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode47 Follow us on Twitter: https://www.twitter.com/securityweekly
Zane Lackey is the Chief Security Officer at Signal Sciences. Zane comes on the show to talk about advising!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114
In the Leadership and Communications segment, customer surveys are no substitute for actually talking to customers, CEOs most concerned about Cybersecurity in 2019, the open workspace, doesn't work, and more!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode114
Two code execution flaws patched in Drupal, 773 million records exposed in massive data breach, prices for zero-day exploits are rising, new attacks target recent PHP framework vulnerability, and Microsoft launches a new Azure DevOps Bug Bounty program!
Full Show Notes: https://wiki.securityweekly.com/Episode590
Follow us on Twitter: https://www.twitter.com/securityweekly
Joff will demonstrate some syntax with PowerShell useful for transferring data into a network while pen testing. The technical segment assumes that the pen testing is able to directly use PowerShell from the console itself, although the techniques can be adapted for different purposes.
To learn more about BHIS, visit: https://securityweekly.com/bhis
Full Show Notes: https://wiki.securityweekly.com/Episode590
Follow us on Twitter: https://www.twitter.com/securityweekly
Dr. Eric Cole is the leading cybersecurity expert in the world, known as the go-to for major political and business power players.
Full Show Notes: https://wiki.securityweekly.com/Episode590
Follow us on Twitter: https://www.twitter.com/securityweekly
In this segment, we will discuss some security product launches & announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, and Synopsys!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode122
Visit http://securityweekly.com/esw for all the latest episodes!
In this segment, they discuss some mergers, acquisitions, and partnerships, such as TokenEx partnering with SureCloud, Check Point acquires ForceNock, Zix agrees to acquire AppRiver for $275 million, and more!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode122
Visit http://securityweekly.com/esw for all the latest episodes!
Another server security lapse at NASA exposed staff and project data, CRLF Injection Into PHP’s cURL Options, System Down: A systemd-journald exploit, GitHub now gives free users unlimited private repositories, Twitter is Broken, Government shutdown: TLS certificates not renewed, many websites are down, and much more!
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46 Follow us on Twitter: https://www.twitter.com/securityweekly
Rey is a security advocate at Microsoft focused on helping the community build secure systems & being a voice for researchers within MS. After a long career in software development, he developed a strong interest in cybersecurity 2 years ago & worked feverishly to transition into this new community.
Full Show Notes: https://wiki.securityweekly.com/ASW_Episode46 Follow us on Twitter: https://www.twitter.com/securityweekly
In business articles they discuss, how to be present, manage time, and avoid distractions, why your gut instinct is usually wrong, the 5 most efficient ways to get your work done, the creative difference between multitasking and multi-focus, and much more!
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode113
This week we introduce a new quarterly segment to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also created our own index to track public security companies called the Security Weekly 25. Let's understand how the security market is doing.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode113
Tim Callahan joined Aflac in 2014, bringing more than 30 years of experience in information and physical security, business resiliency and risk management. They talk about communicating threat intelligence to executives and the board.
Full Show Notes: https://wiki.securityweekly.com/BSWEpisode112
Why Hyatt Is Launching a Public Bug Bounty Program, Amazon Key partners with myQ, Web vulnerabilities up, IoT flaws down, enterprise iPhones will soon be able to use security dongles, and how El Chapo's IT manager cracked his encrypted chats and brought him down!
Full Show Notes: https://wiki.securityweekly.com/Episode589
Follow us on Twitter: https://www.twitter.com/securityweekly
Kory Findley talks about his Github project pktrecon. Internal network segment reconnaissance using packets captured from broadcast and service discovery protocol traffic. pktrecon is a tool for internal network segment reconnaissance using broadcast and service discovery protocol traffic. Individual pieces of data collected from these protocols include hostnames, IPv4 and IPv6 addresses, router addresses, gateways and firewalls, Windows OS fingerprints, and much more. This data is correlated and normalized with attackers in mind, and provides an effective method of initiating an engagement and obtaining as much target data as possible before resorting to more active methods.
Full Show Notes: https://wiki.securityweekly.com/Episode589
Follow us on Twitter: https://www.twitter.com/securityweekly
Bryson is the Founder and CEO of SCYTHE and Founder of GRIMM. He comes on the show to talk about Attack Simulation.
To learn more about SCYTHE.io, go to: https://www.scythe.io/securityweekly
Full Show Notes: https://wiki.securityweekly.com/Episode589
Follow us on Twitter: https://www.twitter.com/securityweekly
Neustar bolsters fraud detection capabilities with Trustid, almost half of containers in production have vulnerabilities, BlackBerry offers its security technology to IoT device makers, and Radware to acquire ShieldSquare for expansion of its cloud security portfolio!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode121
Visit http://securityweekly.com/esw for all the latest episodes!