This week in the Security Weekly News, Paul and the Crew Talk: Nagios exploits, hacking a Boeing 747, bypass container image scanning, unpatchable new vulnerability in Apple M1 chips, stop blaming employees (Especially interns), spying on mac users, don't tip off the attackers, security researcher plows John Deere, when FragAttacks, security by design, & more!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw696
Rick Howard joins to talk about his Cybersecurity Canon project, the rock and roll hall of fame for Cybersecurity literature! The Cybersecurity Canon Committee has announced it's hall of winners for 2021.
Segment Resources:
https://icdt.osu.edu/cybercanon
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw696
Training is critical but it is tough to break away from the day to day. Polarity is running free 15 minute training sessions that leverage our community edition to leave you with a new ability to automate search and save time. Examples include, how to write basic regular expressions, how to find exploit code faster, basics of cyberchef, or how to read a malware sandbox report.
Segment Resources:
Sign up page: https://polarity.io/ctt/
Past 15min session with GreyNoise: https://youtu.be/sEWQbRU4Duc
Teaser for future session on searching malware sandboxes: https://youtu.be/qo3GxeVSdGg
Teaser for future session on searching for exploit code: https://youtu.be/mGcA8_8dPfg
Teaser for future session on searching for YARA rules: https://youtu.be/Fx8d_fIeFy8
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw696
Metrics, Training, Culture – Why Your Phishing Program Isn’t Working - Drew Rose, Living Security Phishing reports have become the standard for measuring security awareness, and yet breaches keep happening. Something is broken. Knowing how to recognize a phishing attempt is a tiny part of creating a security-focused culture and protecting your business from attacks.
This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them!
A New Perspective on Cloud Security Resilience - Ganesh Pai, Uptycs Cloud security, the next frontier. How do we build resilient services in the cloud and secure them. Ganesh Pai, CEO at Uptycs, joins us to discuss a new perspective on cloud security resilience.
This segment is sponsored by Uptycs. Visit https://securityweekly.com/uptycs to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw229
This week in the Enterprise News, Paul and the Crew talk: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... & more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw229
SIEM tools have been the bedrock of Security Operation Centers, or SOCs, for much of the history of modern security. That does not mean that they are loved: most SIEM tools are overwrought, complex, and hard to manage. In the past few years a new category of tool has emerged: SOAR. While many teams that invest in SOAR platforms are first leveraging them for automation, Code42 Principal Security Engineer & Researcher Nathan Hunstad believes that SOAR tools are also poised to finally displace SIEM at the top of the blue team tool pyramid, and rightly so.
Segment Resources:
https://www.code42.com/blog/is-soar-the-new-siem/
This segment is sponsored by Code42. Visit https://securityweekly.com/code42 to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw229
What is SBOM? Who needs to think about this? Is this required today, and what might the future of compliance look like? What is in the recent EO?
Segment Resources:
ntia.gov/SBOM
Visit https://www.securityweekly.com/scw for all the latest episodes!
Show Notes: https://securityweekly.com/scw74
What is SBOM? Who needs to think about this? Is this required today, and what might the future of compliance look like? What is in the recent EO?
Segment Resources:
ntia.gov/SBOM
Visit https://www.securityweekly.com/scw for all the latest episodes!
Show Notes: https://securityweekly.com/scw74
This week, in the Leadership and Communications section, CISOs Struggle to Cope with Mounting Job Stress, Corporate Compliance Strategies to Protect Data, Cybersecurity Metrics That Matter, and more!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw218
Most people focus on the patch, check that box but they forget the other side of the coin. How do they make sure a bad actor isn't still in their network?
Segment Resources:
https://site.tanium.com/rs/790-QFJ-925/images/Tanium_SolutionPaper_DistributedWorkforce_FINAL.pdf
https://site.tanium.com/rs/790-QFJ-925/images/PB-Patch.pdf
This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw218
This week in the AppSec News segment, Mike and John talk: HTTP bug bothers IIS, Android platform security, supply chain security (new and old), brief (very brief) history of browser security, & more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw152
Appsec in a modern CI pipeline needs a combination of tools, collaboration, and processes to be successful. Importantly, it also needs to scale. We can't just shift responsibility left and assume that will be successful. So, how can an appsec team bring tools and security knowledge to developers?
This segment is sponsored by ShiftLeft. Visit https://securityweekly.com/shiftleft to learn more about them!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw152
Join Qualys researcher Wheel for a discussion on the team's recent discovery and disclosure of multiple critical vulnerabilities in the Exim mail server. This includes discussion of the vulnerabilities that can be chained together to obtain full remote unauthenticated code execution and gain root privileges.
Segment Resources:
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw695
Five years after Sounil Yu originally introduced the Cyber Defense Matrix at the 2016 RSA conference, he just wrapped up the third workshop based on the framework. CDM has its own website, is an official OWASP project and has a forthcoming book. We talk to Sounil today to learn more about where the CDM came from, why people find it so useful and where it might be headed in the future.
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw695
This week in the Security News: Is the cyber NTSB a good thing?, Russian virtual keyboard for the win, information should be free, hang on while I unplug the Internet, security MUST be taken seriously, poison the water hole to poison the water, bombing hackers, how industry best practices have failed us?, publishing exploits is still a good thing regardless of what the studies say, and more!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw695
SolarWinds SUNBURST was a rude awakening for many security teams, and it won't be the last time security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With advanced threats persisting inside the network for months, security teams need a new plan. In this session, ExtraHop VP, Security Response Services Mark Bowling discusses strategies to detect, investigate, and respond to post-compromise attack activities.
This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop-rsac to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw228
The Enterprise Security Weekly crew summarizes all the news from RSA Conference 2021, including product announcement, acquisitions, funding, and more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw228
The perimeter is dissolving. Employees are using any device from any location for work. With limited visibility from our traditional networking and endpoint security controls, how do we protect our data? John Masserini, Global Chief Information Security Officer at Millicom (Tigo) Telecommunications, joins us to discuss the fundamentals of an identity strategy, including identity and access management, single sign-on, multi-factor authentication, and privileged access.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw228
What is top of mind for CISOs in a year where cyber threats are getting sophisticated? Cross platform and cross domain visibility across LAN, WAN, Cloud, and Edge. Jonathan Nguyen-Duy, Vice President, Field CISO Team at Fortinet, shares his insights from other CISOs and the need for a unified security fabric.
This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw217
Data is the lifeblood of business, but now lives in more places than ever before (data centers, endpoints of remote workers, in multiple clouds, and SaaS applications), is time-consuming to manage, and is under daily attack from cybercriminals and clumsy employees. To address these challenges, IT pros need a solution that can address all workloads, provides end-to-end protection against cybercrime and human error, injects automation and artificial intelligence to simplify complex system, and empowers teams to work on more important projects that move their organization forward. This segment is sponsored by Unitrends.
Visit https://securityweekly.com/unitrends to learn more about them!
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw217
CNCF releases a whitepaper on supply chain security, Frag attacks against WiFi devices, security webhooks, trusting terraform plans, shared credentials and app access, complexity vs. security vs. design.
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw151
Web applications are highly dependent on third party content and JavaScript. This creates a significant set of vulnerabilities that attackers are exploiting. How do you prevent a Solarwinds type hack on your website?
Segment Resources:
https://go.talasecurity.io/blog/data-in-the-browser-is-data-at-risk
https://www.talasecurity.io/protect/#how
https://go.talasecurity.io/blog/how-i-hacked-your-website
This segment is sponsored by Tala Security. Visit https://securityweekly.com/talasecurity to learn more about them!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw151
This week in the Security News: President Biden issues a 34-page executive order on Cybersecurity, Did you hear about the pipeline hack?, New/Old Wifi vulnerabilities, get this Apple didn't want to talk about a malware attack that exposed users, fake Amazon review database, why ad-hoc scanning is not enough, distroless linux, wormable windows bug, codered 2.0 perhaps?, and the cryptowars continue!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw694
Learn how to use Amass to collect information about your Internet exposed assets. We'll cover usage of the configuration file (heavily), then put it altogether by integrating Nmap and a screenshot tool called Eyewitness.
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw694
"I hack naked" - Not my best choice of a phrase to use with a prospective client though, now that it is done, might as well go through with this terrible idea... This is the story of a kick-off call I had early in my career that revealed a truth that changed the way I present myself in professional settings.
Segment Resources:
https://youtube.com/alexchaveriat
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw694