Info

Security Weekly Podcast Network (Video)

Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
RSS Feed Subscribe in Apple Podcasts
Security Weekly Podcast Network (Video)
2025
February
January


2024
December
November
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: podcast
Aug 15, 2024

This week: Option ROMS are a novel way to compromise a system at the lowest level, Sinkclose opens AMD processors up to attacks, at home in your firmware exploiting SMM complete with examples, Sonos speakers get hacked and enable attackers to listen in on your conversations, DEF CON badges use new chips and are not without controversy, lasers that can steal your passwords, it was a regex, Larry updates us on some IoT research, attackers have your SSN, and more updates from last week's hacker summer camp!

Show Notes: https://securityweekly.com/psw-839

Aug 15, 2024

Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are users really the weakest link? Are cybersecurity vendors truly incentivized to provide better security? Do we agree on what cybersecurity really means? - Do not miss this segment!

Show Notes: https://securityweekly.com/psw-839

Aug 13, 2024

In complex software ecosystems, individual application risks are compounded. When it comes to mitigating supply chain risk, identifying backdoors or unintended vulnerabilities that can be exploited in your environment is just as critical as staying current with the latest hacking intel. Understand how to spot and reduce the risk to your environment and prevent disruption to your operation.

Every mobile device connecting to enterprise assets hosts a unique blend of work and personal apps, creating a complex landscape of innumerable vulnerabilities. Thankfully, methods exist to provide security teams with the real-world insights necessary to proactively address threats and shield against attacks targeting mobile apps and device endpoints. Nikos Kiourtis, CTO at Quokka, shares the latest findings in mobile security, outlining emerging threats and effective measures to reduce your mobile app attack surface – and safeguarding against potential attacks and data breaches.

Segment Resources: - Panelcast with SC Magazine: 8 ways attackers target mobile apps to steal your data (and how to stop them) https://www.scmagazine.com/cybercast/8-ways-attackers-target-mobile-apps-to-steal-your-data-and-how-to-stop-them - Ryan Johnson’s talk at DEF CON 32, “Android App Usage and Cell Tower Location: Private. Sensitive. Available to Anyone?” https://defcon.org/html/defcon-32/dc-32-speakers.html

This segment is sponsored by Threatlocker. Visit https://securityweekly.com/threatlockerbh for a free trial!

This segment is sponsored by Quokka. Visit https://securityweekly.com/quokkabh to learn more about their intelligence app solutions!

Show Notes: https://securityweekly.com/asw-295

Aug 13, 2024

DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet, and more, on this Edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-406

Aug 13, 2024

Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum.

Show Notes: https://securityweekly.com/asw-295

Aug 13, 2024

In the leadership and communications segment, The Cybersecurity Leadership Crisis Dooming America’s Companies, Judge Rejects SEC’s Aggressive Approach to Cybersecurity Enforcement, Is It Time to Pivot Your Strategy?, and more!

Show Notes: https://securityweekly.com/bsw-360

Aug 12, 2024

This week, it’s time for security money, our quarterly review of the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. This quarter, Crowdstrike crashes the index, as Thoma Bravo acquires another index company. The index is currently made up of the following 25 pure play cybersecurity public companies:

  • Secureworks Corp
  • Palo Alto Networks Inc
  • Check Point Software Technologies Ltd.
  • Rubrik Inc
  • Gen Digital Inc
  • Fortinet Inc
  • Akamai Technologies, Inc.
  • F5 Inc
  • Zscaler Inc
  • Onespan Inc
  • Leidos Holdings Inc
  • Qualys Inc
  • Verint Systems Inc.
  • Cyberark Software Ltd
  • Tenable Holdings Inc
  • Darktrace PLC
  • SentinelOne Inc
  • Cloudflare Inc
  • Crowdstrike Holdings Inc
  • NetScout Systems, Inc.
  • Varonis Systems Inc
  • Rapid7 Inc
  • Fastly Inc
  • Radware Ltd
  • A10 Networks Inc

Show Notes: https://securityweekly.com/bsw-360

Aug 10, 2024

, in the enterprise security news,

  1. AI is still getting a ton of funding!
  2. Netwrix acquires PingCastle
  3. Tenable looks for a buyer
  4. SentinelOne hires Alex Stamos as their new CISO
  5. Crowdstrike doesn’t appreciate satire when it’s at their expense
  6. Intel begins one of the biggest layoffs we’ve ever seen in tech
  7. Windows Downdate
  8. RAG poisoning
  9. GPT yourself
  10. The Xerox Hypothesis

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-371

Aug 9, 2024

We chat with Sounil Yu, co-founder of LLM access control startup, Knostic. We discuss both the experience of participating in Black Hat's startup competition, and what his company, Knostic, is all about. Knostic was one of four finalists for Black Hat's Startup Spotlight competition and was announced as the winner on August 6th.

References

Show Notes: https://securityweekly.com/esw-371

Aug 9, 2024

0.0.0.0, Blacksuit, OpenAI, AWS, Cisco Phones, Win 10, Aaran Leyland, and More on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-405

Aug 9, 2024

In this interview we explore the new and sometimes strange world of redteaming AI. I have SO many questions, like what is AI safety?

We'll discuss her presence at Black Hat, where she delivered two days of training and participated on an AI safety panel.

We'll also discuss the process of pentesting an AI. Will pentesters just have giant cheatsheets or text files full of adversarial prompts? How can we automate this? Will an AI generate adversarial prompts you can use against another AI? And finally, what do we do with the results?

Resources:

Show Notes: https://securityweekly.com/esw-371

Aug 8, 2024

Learn what is most interesting at hacker summer camp this year!

Show Notes: https://securityweekly.com/psw-838

Aug 8, 2024

This week, Downgrade attacks, bootloader fun, check your firmware before you wreck your firmware, you've got mail server issues, Ivanti is the new Rhianna, you should update your BIOS, Openwrt dominates, and attacking the security tools for fun and profit!

Show Notes: https://securityweekly.com/psw-838

Aug 6, 2024

The code curation considerations of removing abandoned protocols in OpenSSL, kernel driver lessons from CrowdStrike's crash, choosing isolation primitives, cross-cache attacks made possible by SLUBStick, and more!

Show Notes: https://securityweekly.com/asw-294

Aug 6, 2024

Fake IDS, Storm Bamboo, uBlock, Rhysida, Snake, Delta, TikTok, Josh Marpet, and more, on this Edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-404

Aug 6, 2024

Even though Security Champions programs look very different across organizations and maturity levels, they share core principles for becoming successful. Marisa shares her experience in building these programs to foster a positive security culture within companies. She explains the incentives and rewards that lead to more engagement from champions and the benefits that come from so many people being engaged with security.

Segment Resources:

Show Notes: https://securityweekly.com/asw-294

Aug 6, 2024

Inspired by my co-host Jason Albuquerque, this quarter's Say Easy, Do Hard segment is Job Search Strategies for CISOs. In part 2, Jason proposes we blow it all up, while Ben recommends a certification board for CISOs. We have no shortage of suggestions for how to fix the CISO hiring problem.

Show Notes: https://securityweekly.com/bsw-359

Aug 5, 2024

Inspired by my co-host Jason Albuquerque, this quarter's Say Easy, Do Hard segment is Job Search Strategies for CISOs. In part 1, we discuss the challenges facing the CISO role and it's hiring. As CISOs leave the role, the position is not necessarily being refilled. How will this impact future CISO hiring?

Show Notes: https://securityweekly.com/bsw-359

Aug 3, 2024

This week, in the enterprise security news,

  1. over half a billion in funding, as everyone gets their pre-Blackhat announcements out!
  2. Mimecast picks up Code42
  3. Will Cato Networks IPO?
  4. Canarytokens update
  5. We still have some crowdstrike fallout to discuss
  6. CISO responses to SEC rules
  7. Making things secure without security tools
  8. tips for going SOCLess
  9. denial of service robots

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-370

Aug 2, 2024

There's plenty of content out there detailing how vendors fall short:

  • scummy, aggressive sales tactics
  • overuse of jargon and buzzwords
  • sneaky sales tactics
  • dumping on competitors
  • products that fall far short of claims
  • ambulance chasing

So what should they doing? In this episode, we chat with Dani Wolff, about how marketers can adopt the skills and mindsets of security researchers to improve GTM strategies, without resorting to awful tactics. Drawing from extensive experience in qualitative interviews and collaborations with enterprise security executives and researchers, Dani will uncover how the innate curiosity and analytical prowess of researchers can dismantle unhealthy habits within vendor organizations.

We'll also discuss Dani's various projects, including the WTF Did I Just Read podcast, CyberNest, and CyberSynapse. Dani will explain how these are all designed to address the gap between vendors and buyers in the cybersecurity industry.

Show Notes: https://securityweekly.com/esw-370

Aug 2, 2024

Taco Bell AI, Azure, Scams, AI Emails, IBM, Crowdstrike, I try to be more succinct, Aaran Leyland, and More on the Security Weekly News.

Show Notes: https://securityweekly.com/swn-403

Aug 2, 2024

Remember 20 years ago? When we were certain SIEMs would grant our cybersecurity teams superpowers? Or 10 years ago, when we were sure that NGAV would put an end to malware as we knew it? Or 15 years ago, when we were sure that application control would put an end to malware as we knew it? Or 18 years ago, when NAC would put an end to unauthorized network access?

Why do we keep thinking that the next vendor offering is going to solve all our problems? In this interview, we talk with Fred Wilmot about the hard work of building effective processes and resilient architectures that will actually yield reductions in risk and detection/response capabilities that actually work.

We'll discuss shifts in thinking that can move us past the latest distractions, and keep security teams focused on work that moves the needle. Fred may also mention his past transgressions against the industry and what he's doing to "wipe out the red from his ledger".

Show Notes: https://securityweekly.com/esw-370

Aug 1, 2024

Hacking traffic lights (for real this time), the Docker API strikes again, access Github deleted data, using EDR to elevate privileges on Windows, computers I need in my life, failed experiments and Raspberry PI access points, sitting ducks and TuDoor - its always DNS times 2, null sessions and a blast from the past, chaining UEFI vulnerabilities, pirates exposed, revoking SSL certificates, and using AI to analyze your brain: Multimodal Automated Interpretability Agent!

Show Notes: https://securityweekly.com/psw-837

Aug 1, 2024

John is one of the foremost experts in UEFI and joins us to talk about PK Fail! What happens when a vendor in the supply chain accidentally loses a key? It's one of the things that keeps me up at night. Well, now my nightmare scenario has come true as a key has been leaked. Learn how and why and what you can do about it in this segment!

Show Notes: https://securityweekly.com/psw-837

Jul 30, 2024

Forever Mouse, RPC, WhatsApp, NIST, PKFail, 0Auth, Josh Marpet, and More, on this Edition of the Security Weekly News.

Show Notes: https://securityweekly.com/swn-402

1 « Previous 8 9 10 11 12 13 14 Next » 70