Paul's Security Weekly (podcast-only)

This week, we welcome Peter Liebert, CEO at Liebert Security, to discuss The Next Generation of SOCs: DevSecOps, Automation and breaking the model! In our second segment, we welcome back our friend Dave Kennedy, Founder and CEO of TrustedSec & Binary Defense, to discuss the Coalfire Incident and DerbyCon Communities! In the Security News, Disney Plus Blames Past Hacks for User Accounts Sold Online, Why Multifactor Authentication Is Now a Hacker Target, How the Linux kernel balances the risks of public bug disclosure, a critical flaw in Jetpack exposes millions of WordPress sites, and Amazon tells senators it isn't to blame for Capital One breach!   Show Notes: https://wiki.securityweekly.com/PSWEpisode628 To learn more about TrustedSec, visit: https://trustedsec.com/securityweekly Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Fac

This week, we welcome Dr. Kevin Harris, Program Director for Information Systems Security and Information Technology Management at the American Public University System, to talk about The Ethics of Surveillance! In our second segment, we welcome back Bryson Bort, Founder, and CEO of SCYTHE, to demonstrate how to safely simulate ransomware and a multi-staged APT with lateral movement in your production environment! In the Security News, US-CERT Warns of Remotely Exploitable Bugs in Medical Devices, McDonalds Hamburgler Account Attack, No, YouTube isn't planning to jettison your unprofitable channel, McDonalds Hamburgler Account Attack, and how Memes could be our secret weapon against pesky bots!   Show Notes: https://wiki.securityweekly.com/PSWEpisode627 To learn more about SCYTHE, visit: https://scythe.io/securityweekly Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitt

This week, we welcome back Peter Smith, Founder and CEO of Edgewise for an interview! In our second segment, we welcome back Kevin Finisterre & Josh Valentine, to talk about their project Arcade Hustle, and the things they ve learned during their into to the arcade scene!! In the Security News, Who is responsible for Active Directory security within your organization?, Apple publishes new technical details on privacy features, How to ensure online safety with DNS over HTTPS, and Amazons Ring Video Doorbell could open the door of your home to hackers!   Show Notes: https://wiki.securityweekly.com/PSWEpisode626 To learn more about Edgewise, visit: https://securityweekly.com/edgewise To learn more about Arcade Hustle, visit: https://github.com/ArcadeHustle   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.

This week, we welcome Philippe Courtot, Chairman and CEO of Qualys, and Sumedh Thakar, Chief Product Officer at Qualys, to talk about a new prescription for security, and Security in the Cloud Era! In our second segment, we air a pre-recorded Technical Segment with Sven Morgenroth of Netsparker! In our final segment, we air another pre-recorded interview with Dave Bitner, producer and host from the CyberWire podcast!   Show Notes: https://wiki.securityweekly.com/PSWEpisode625 To learn more about Qualys, visit: https://securityweekly.com/qualys To learn more about Netsparker, visit: https://securityweekly.com/netsparker   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Tom Williams, Director of Veterans Operations for the Veterans Mental Health Hackers, to talk about How Mental Health Hackers is going to help Veterans in Infosec in 2020 and beyond! In our second segment, we talk Security News, discussing how Amazon Echo and Kindle devices were affected by a WiFi bug, Ransomware and data breaches linked to uptick in fatal heart attacks, a woman was ordered to type in her iPhone password so police could search the device, and how the military found Marijuana at a North Dakota nuclear launch facility! In our final segment, we air a pre-recorded interview with Mark Dufresne!   Show Notes: https://wiki.securityweekly.com/PSWEpisode624 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Daniel DeCloss, President and CEO of PlexTrac, to talk about what makes an excellent pentest report! In our second segment, we talk Security News, how hackers can hijack your local airport, Baltimore to buy $20M in cyber insurance months after the attack, a dangerous Kubernetes bug that allows authentication bypass-DoS, and using machine learning to detect IP hijacking! In our final segment, we air a pre-recorded interview with Peter Kruse, Co-Founder of the CSIS Security Group, discussing Cybercrime, Threat Hunting, and spear-phishing attacks!   Show Notes: https://wiki.securityweekly.com/PSWEpisode623 To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we talk Security News, how Turkey fines Facebook $282,000 over privacy breach, why the FBI is encouraging not to pay ransomware demands, the top 10 cybersecurity myths that criminals love, Doordash third-party breach hits 4.9 Million users, and how a "Bulletproof" Dark Web data center was seized by German police! In our second segment, we air a pre-recorded interview with Stewart Room, Partner at PwC, to talk about Data Privacy and The Journey to Code! In our final segment, we air a show trailer of our brand new podcast, Security & Compliance Weekly w/ Jeff Man, Matt Alderman, Scott Lyons, and Josh Marpet!   Show Notes: https://wiki.securityweekly.com/Episode622 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we talk Security News, discussing how a hacker took over a smart home with vulgar music and rising temperatures, a security warning for 23 million YouTube creators following a crazy hack attack, Vimeo sued for storing faceprints of people without their say-so, Selfie Android apps push ads and can record audio, and how adopting DevOps leads to an improved security posture! In our second segment, we air three pre-recorded interviews from the SE village at DEFCON 27 with Billy Boatright, Edward Miro, and Jayson Street! In our final segment, we air two more pre-recorded interviews from the SE Village at DEFCON 27, featuring Perry Carpenter and Chris Edwards!   Full Show Notes: https://wiki.securityweekly.com/Episode621 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com

This week, we welcome Jason Lang, Sr. Security Consultant at TrustedSec, to talk about modern-day Red Teaming against some of the largest companies in the U.S.! In our second segment, we welcome Wes Widner, Cloud Engineering Manager at CrowdStrike, to talk about Audio Security, and why personal voice assistants are the wave of the future! In the Security News, how an iOS 13 flaw could provide access to contacts with a passcode, Equifax demands more information before making payouts, confidential data of 24.3 million patients were discovered online, and a SIM Flaw that lets hackers hijack any phone by sending SMS!   To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode620 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secw

This week, we present the Security News, to discuss new ransomware growing 118% as cybercriminals adopt fresh tactics and code innovations, Period Tracker Apps share data with Facebook, U.S. Cyber Command trolls North Korea with Malware Release, and a lot more! In our second segment, we welcome back Peter Smith, the Founder & CEO of Edgewise, to talk about Edgewise's 1-Click Microsegmentation! In our final segment, we air a pre-recorded interviews from SE Village with Chris Kirsch and Micah!   To learn more about Edgewise, visit: https://securityweekly.com/edgewise Full Show Notes: https://wiki.securityweekly.com/Episode619 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we present the Security News, to discuss how AT&T employees took bribes to plant malware on the company’s network, how hackers could decrypt your GSM calls, 80 suspects charged with massive BEC scam, and how the passports and licenses of 300 people were leaked in New Zealand! In our second segment, we welcome back Corey Thuen, Co-Founder at Gravwell, to talk about analyzing custom log sources! In our final segment, we air a pre-recorded interview with Chris Hadnagy, Founder, CEO, and Chief Human Hacker at Social Engineer, LLC., to talk about the SEVillage Orlando 2020, and the mission and some info on the Innocent Lives Foundation!   To learn more about Gravwell, visit: https://securityweekly.com/gravwell Full Show Notes: https://wiki.securityweekly.com/Episode618 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook:

This week, we present a Technical Segment sponsored by our partner DomainTools, on Deobfuscating JavaScript to investigate Phishing Domains! In our second segment, we welcome Richard Melick, Senior Technology Product Marketing Manager at Automox, to talk about why waiting to deploy critical patches makes you a bigger target! In our final segment, we air two pre recorded interviews from BlackHat USA 2019, with Roman Sannikov from Recorded Future and Ray Dimeo of Virsec!   To learn more about Automox, visit: https://securityweekly.com/automox To learn more about DomainTools, visit: https://securityweekly.com/domaintools Full Show Notes: https://wiki.securityweekly.com/Episode617   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Tony Punturiero, Community Manager at Offensive Security, to talk about the journey of turning from a Blue Teamer to a Red Teamer, and kick starting an InfoSec community! In the Security News, BlackHat USA 2019 breaks records once again, new flaws in Qualcomm Chips expose Android devices to hacking, DEFCON 27 badge hacking for beginners, the CapitalOne hacker may have stolen from more than 30 companies, and a new data breach that exposed millions of fingerprint and facial recognition records! In our final segment, we air three Pre-Recorded interviews from the SE Village and BT Village from DEFCON 27, with O'Shea Bowens, Tyler Robinson, and Aaran Leyland!   Full Show Notes: https://wiki.securityweekly.com/Episode616 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, from BlackHat 2019, we welcome back Gabriel Gumbs, Chief Innovation Officer at Spirion! Gabe talks about his role at the company, and shares some stories of his endeavors in the world of security! In the second segment, Paul, Larry, Doug, and Gabe, talk Software Development: Security Do's and Don'ts! In the final segment, we welcome Josh Douglas, VP of Threat Intelligence at Mimecast, to discuss the threats facing organizations today, and how IT and security teams need to understand the threats their organizations face!   Full Show Notes: https://wiki.securityweekly.com/Episode615 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Sam Straka, Technical Product Manager at LogRhythm, to talk about LogRhythm's Next Gen SIEM Platform orchestration! In our second segment, we welcome Doug Coburn, Director of Professional Services at Signal Sciences, to talk about how Signal Sciences is Implemented, and we'll take a look at installing Signal Sciences in a Kubernetes environment and the Signal Sciences dashboard! In the Security News, the U.S. Government issues a light aircraft cyber alert, thieves steal a laptop with 30 years of Data from University of Western Australia, RCE is possible by exploiting flaws in Vxworks, and the alleged Capital One hacker is barely bothered to hide!   To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm To learn more about Signal Sciences, visit: https://signalsciences.com/psw Full Show Notes: https://wiki.securityweekly.com/Episode614   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or b

This week, we welcome Troels Oerting, Head of the Global Centre for Cybersecurity at the World Economic Forum, to discuss Integrity through Prevention, and protection and prosecution via people, technology, and processes! In the Security News, a phishing scheme that targets AMEX cardholders, the list of labs affected by the American Medical Collection Agency data breach continues to grow, a Silk Road drug dealer gets caught converting Bitcoin to cash, how GDPR is forcing the tech industry to rethink Identity Management and Authentication, and a Mirai-like botnet wages massive application layer DDoS attack! In our final segment, we air a pre recorded interview with Murray Goldschmidt, to talk about DDoS and Container Security!   Full Show Notes: https://wiki.securityweekly.com/Episode613 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on F

This week, we welcome Katie Nickels, ATT&CK Threat Intelligence Lead at the MITRE Corporation, to talk about the MITRE ATT&CK Framework! In our second segment, a security roundtable discussion on Vulnerability Management, Patching, Hunt Teaming, Asset Management, and System Hardening! In the Security News, Lenovo confirms 36TB Data Leak security vulnerability, Slack resets passwords after 2015 data breach, why BlueKeep hasn't reeked havoc yet, and why you don't need a burner at a hacking conference!   To learn more about MITRE ATT&CK, visit: https://attack.mitre.org Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Ben Ten, Team Lead of Defense and Countermeasures at TrustedSec, to talk about Purple Teaming and avoiding detection! In the Security News, Zoom's RCE Vulnerability is affecting over 700,000 companies, how YouTube is trying to ban hacking videos, 1TB of police body cam footage is available online, and how the U.S. Cyber Command warns of Outlook flaw exploited by Iranian Hackers! In our final segment, we air a pre recorded interview with Reinhard Hochrieser, CMO at Jumio, to discuss today's state of security demands and the need for Biometric Authentication!   To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode611 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Don Pezet, Co-Founder and Edutainer at our sponsor ITProTV, to discuss the new CySA+ and PenTest+ certifications! In the second segment, we welcome Kathleen Smith, CMO at CyberSecJobs.com and ClearedJobs.net, to talk about tools to hack your career and tips to help your career search! In the Security News, a massive DHS data breach raises questions about Oregon's cybersecurity protocols, The fake French minister in a silicone mask who stole millions, a police officer rewarded 585 thousand dollars after colleagues snooped her DMV data, and nearly 100 drivers following Google Maps detour got stuck in a muddy field!   To learn more about ITProTV, visit: https://securityweekly.com/itprotv Slides: https://www.slideshare.net/CyberSecJobs/cyber-security-community-volunteering-survey-results-2018 Links to more slides here: https://wiki.securityweekly.com/Episode610 Full Show Notes: https://wiki.securityweekly.com/Episode610   Visit https://securityweekly.com/acm to sign up for a demo or buy our

This week, we welcome Vivek Ramachandran, Founder and CEO of the Pentester Academy, to talk about their AttackDefense Labs platform, and how the Pentester Academy is helping thousands of customers from government agencies to Fortune 500 companies! In the second segment, we welcome back Bryson Bort, Founder and CEO of Scythe, to talk about purple teaming, top attack simulation scenarios, and testing command and control channels! In the Security News, how not to prevent a cyberwar with Russia, the case against knee-jerk installation of Windows patches, U.S. Customs and Border Protection data breach is the result of a supply chain attack, and a phishing scam that hacks two factor authentication!   To learn more about SCYTHE, visit: https://securityweekly.com/scythe Full Show Notes: https://wiki.securityweekly.com/Episode609 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twit