Paul's Security Weekly

Don't Touch My XP Dongle - PSW #657

Paul's Security Weekly - Fri, 07/10/2020 - 6:00pm

This week, we welcome our very own Joff Thyer, Security Analyst at Black Hills Information Security, to deliver a Technical Segment on IPv6 Tunneling! In our second segment, we welcome Terry Dunlap, Co-Founder at ReFirm Labs, to talk about IoT Security! In the Security News, Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment, Cisco Talos discloses technicals details of Chrome and Firefox flaws, Palo Alto Networks Patches Command Injection Vulnerabilities in PAN-OS, Zoom zero-day flaw allows code execution on victim's Windows machine, and how the Trump administration is looking into ban on TikTok and other Chinese apps!

 

Show Notes: https://wiki.securityweekly.com/PSWEpisode657

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Zoom 0-Day, F5-BIGIP RCE, & Apache Guacamole RCE - Wrap Up - SWN #48

Paul's Security Weekly - Fri, 07/10/2020 - 4:48pm

Look, this week, it's all about the RCE. Seriously, there were so many RCE stories, wow. Oh and a creepy guy story. All this and more on the Security Weekly News Wrap Up!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode48

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Take the Power Back - ESW #190

Paul's Security Weekly - Thu, 07/09/2020 - 4:00pm

This week, we talk Enterprise News, to talk about Why You Need Recorded Futures Ultimate Security Intelligence Kit, Securing the Multi-Cloud Environment through CSPM and SSPM, CyberKnight joins forces with Armis to bring agentless EDR to OT, IoT and ICS environments, Attivo Networks' enhanced EDN solution prevents attackers from seeing or exploiting production data, Check Point Infinity SOC is launched, and more! In our second segment, we welcome Scott DeLong, Chief Information Officer and Sr. Technology & Security Officer at Scott DeLong & Associates, to talk about Living Through a Ransomware Attack! In our final segment, we welcome Robb Reck, Chief Information Security Officer at Ping Identity, to discuss Trends in Enterprise Identity!

 

Show Notes: https://wiki.securityweekly.com/ESWEpisode190

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Knock-Knock Jokes - SCW #34

Paul's Security Weekly - Wed, 07/08/2020 - 5:00pm

This week, we welcome Kimber Dowsett (@mzbat) for a two part interview! @mzbat is a frequent speaker at hacker conferences, and likes to help folks prepare for job searches by performing mock interviews and resume reviews!

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode34

Visit https://www.securityweekly.com/scw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

So Precious - BSW #179

Paul's Security Weekly - Tue, 07/07/2020 - 6:00pm

This week, we welcome Juan Canales, an ExtraHop customer, and Matt Cauthorn, VP Sales Engineering at ExtraHop, to discuss An Honest Conversation About "Response"! In the Leadership and Communications section, Profile of the Post-Pandemic CISO, Time to rethink business continuity and cyber security, Protecting Remote Workers Productivity and Performance, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode179

To request a demo with ExtraHop, visit: https://securityweekly.com/extrahop

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

TikTok Bans Pt. 2, Try2Cry, & Facebook Under Fire - SWN #47

Paul's Security Weekly - Tue, 07/07/2020 - 5:20pm

This week, TikTok bans part 2, Try2Cry, Lazarus rises from the dead, Chinese Data blocking, and the Bubonic Plague! Jason Wood returns for Expert Commentary on how a flashy Nigerian Instagram star was extradited to the U.S. to face BEC charges!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode47

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Crunchy Crunchy! - ASW #113

Paul's Security Weekly - Mon, 07/06/2020 - 6:30pm

This week, we welcome Catherine Chambers and Will Hickie from Irdeto, to discuss Protecting Mobile Applications! In the Application Security News, Would you like some RCE with your Guacamole?, Attackers Will Target Critical PAN-OS Flaw, Security Experts Warn, Microsoft releases emergency security update to fix two bugs in Windows codecs, The Current State of Kubernetes Threat Modelling, and How To Build a Culture of Resilience Through Good Habits!

 

Show Notes: https://wiki.securityweekly.com/ASWEpisode113

To download the white paper, visit: https://securityweekly.com/irdeto

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Dangerous Realm - PSW #656

Paul's Security Weekly - Fri, 07/03/2020 - 5:00am

This week, we welcome Jerry Chen, Co-Founder of Firewalla, to discuss Work From Home Cyber Security! In our second segment, we welcome Ryan Hays, Offensive Security Manager at RSA Security, to talk about OSINT Scraping with Python! In the Security News, Cisco Releases Security Advisory for Telnet Vulnerability in IOS XE Software, Firefox 78 is out with a mysteriously empty list of security fixes, Python Arbitrary File Write Prevention: The Tarbomb, New Lucifer DDoS Botnet Targets Windows Systems with Multiple Exploits, Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking, and how the Internet is too unsafe, and why we need more hackers!

 

Show Notes: https://wiki.securityweekly.com/PSWEpisode656

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Netgear Soho Vulns, Lucifer Botnet, & Failed Facial Recognition - Wrap Up - SWN #46

Paul's Security Weekly - Thu, 07/02/2020 - 6:50pm

This week, Dr. Doug wraps up the hot topics across all the shows for this week, talking about Bad laws, bad hackers, India bans 59 Chinese Apps including TikTok, Lucifer botnet threatens Windows Systems, Schuchman sentenced to 13 months for botnet development, and more!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode46

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Good Side - ESW #189

Paul's Security Weekly - Thu, 07/02/2020 - 5:00am

This week, we talk Enterprise News, to talk about how Semperis adds vulnerability assessment, security reporting, and auto-remediation to its DSP, AWS launches Amazon Honeycode to help quickly build mobile and web apps without programming, Attivo Networks Advanced Protection Disrupts Ransomware 2.0, Improved threat visibility, defense and protection across social platforms with SafeGuard 7.6, and more! In our second segment, we welcome Greg Thomas, Lead Security Engineer at Jvion, to talk about HITRUST Compliance vs. Security and Diversity in InfoSec! In our final segment, we welcome Franz Payer, CEO at Cyber Skyline, to discuss Cybersecurity Hiring!

 

Show Notes: https://wiki.securityweekly.com/ESWEpisode189

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Major One - SCW #33

Paul's Security Weekly - Tue, 06/30/2020 - 7:00pm

This week, we welcome Matt Springfield, Founder of 12Feet, Inc., to talk about PCI Workloads in the Cloud! In the Security and Compliance News, Cloud Security for a Dynamic Environment, Why identity-based, distributed controls are better suited to address cloud-era threats, Top Cloud Security Challenges in 2020, Exposed Cloud Databases Attacked 18 Times Per Day, and more!

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode33

Visit https://www.securityweekly.com/scw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

The Greatest Challenges - BSW #178

Paul's Security Weekly - Tue, 06/30/2020 - 6:00pm

This week, we welcome Graeme Park, CISO at Matillion, to discuss Cybersecurity Challenges in Growth Organizations! In the Leadership and Communications section, Why Cybersecurity Is Really A Business Problem, 6 Reasons Your Strategy Isn t Working, 5 cities with the highest tech salaries, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode178

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

TikTok Bans, BlueLeaks, & Top 10 Bug Bounties - SWN #45

Paul's Security Weekly - Tue, 06/30/2020 - 4:54pm

This week, TikTok bans, OZ increases Cyber budgets, The US Senate wants the justice department to read your mail, the Top Ten Bug Bounties, and BlueLeaks! Jason Wood returns for Expert Commentary on how the REvil Ransomware Gang Adds Auction Feature for Stolen Data!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode45

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Completely Forgotten - ASW #112

Paul's Security Weekly - Mon, 06/29/2020 - 6:00pm

This week, we welcome Cesar Rodriguez, Head of Developer Advocacy at Accurics, to talk about Using IaC to Establish And Analyze Secure Environments! In the Application Security News, DLL Hijacking at the Trend Micro Password Manager, Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms, The State of Open Source Security 2020, Microservices vs. Monoliths: Which is Right for Your Enterprise?, What Modern CI/CD Should Look Like, and Build trust through better privacy!

 

Show Notes: https://wiki.securityweekly.com/ASWEpisode112

To learn more about Accurics, visit: https://securityweekly.com/accurics

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Akamai DDoS, Ripple 20, & CallStranger - Wrap Up - SWN #44

Paul's Security Weekly - Thu, 06/18/2020 - 4:46pm

This week, Show News, Ebay thugs, Ripple 20, T-Mobile, Zoom, and the call may be coming from inside the house! All this and more on the Security Weekly News Wrap Up!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode44

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Raiding the Humidor - ESW #188

Paul's Security Weekly - Thu, 06/18/2020 - 5:00am

This week, we talk Enterprise News, to talk about how BeyondTrust Announces Integration with the SailPoint Predictive Identity Platform, Check Point Launches CloudGuard Cloud Native Security, CyberArk Alero enhancements provide secure privileged access for remote users, Digital Shadows announces new capabilities to identify and remediate unwanted code exposure, and more! In our second segment, we welcome back Ferruh Mavituna, CEO of Netsparker, to talk about Debunking DAST Myths and Short-Term Strategies To Fixing Vulnerabilities! In our final segment, we welcome Jason Fruge, Vice President, Business Application Cybersecurity at Onapsis, to talk about Emerging Security Threats to Your Digital Supply Chain!

 

Show Notes: https://wiki.securityweekly.com/ESWEpisode188

To learn more about Netsparker, visit: https://securityweekly.com/netsparker

To request a complimentary assessment, visit https://securityweekly.com/onapsis

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Break On Through - SCW #32

Paul's Security Weekly - Wed, 06/17/2020 - 5:00pm

This week, Jeff, Matt, Scott, and Josh continue the conversation and talk "How to Become an InfoSec Professional With Limited Resources", and talk about "What Is An InfoSec Professional?"!

 

Show Notes: https://wiki.securityweekly.com/SCWEpisode32

Visit https://www.securityweekly.com/scw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

DARPA Bug Bounties, T-Mobile Outage, & Bob Erdman - SWN #43

Paul's Security Weekly - Wed, 06/17/2020 - 5:00am

This week, Cute robot dogs available for sale, T-Mobile was down all day, lightbulbs can be bugged, DARPA bug bounties, Ebay is going to get ya, and Bob Erdman from Core Security talks about Ransomware!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode43

To learn more about Core Security, visit: https://securityweekly.com/coresecurity

 

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Bug Bounties, Show News, & REvil - Wrap Up - SWN #42

Paul's Security Weekly - Tue, 06/16/2020 - 5:23pm

Show news, Facebook and the FBI try to catch a child predator, REvil, State Sponsored hacking, Darpa bug bounties, and the F Word!

 

Show Notes: https://wiki.securityweekly.com/SWNEpisode42

Visit https://www.securityweekly.com/swn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Happy Hour - BSW #177

Paul's Security Weekly - Tue, 06/16/2020 - 5:00pm

This week, we welcome Lewie Dunsworth, CEO of Nuspire, to talk about How CISOs Can Best Prioritize Security With a Decreased Budget! In the Leadership and Communications section, Five signs a virtual CISO makes sense for your organization, How to Negotiate Virtually, Why Securing Endpoints Is The Future Of Cybersecurity, and more!

 

Show Notes: https://wiki.securityweekly.com/BSWEpisode177

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Pages