Paul's Security Weekly
Spela

You're Killing Me Smalls - Paul's Security Weekly #597

Paul's Security Weekly

00:00

You're Killing Me Smalls - Paul's Security Weekly #597

Paul's Security Weekly

For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security.

Paul's Security Weekly

This week, we welcome Peter Smith, Founder and CEO of Edgewise to talk about the evolution of Zero Trust! In the Security News, New WordPress flaw lets unauthenticated remote attackers hack sites, Tesla allegedly spied on and ran a smear campaign on a whistleblower, Facebook and Instagram suffer most severe outage ever, a man drives 3,300 miles to talk to YouTube about a deleted video, and what do sexy selfies, search warrants, and tax files have in common? In the final segment, we air a pre recorded interview with Carsten Willems, Co-Founder and CEO at VMRay, discussing malware sandboxing!   To learn more about Edgewise, visit: https://securityweekly.com/edgewise/ To learn more about VMRay, visit: https://securityweekly.com/vmray   Full Show Notes: https://wiki.securityweekly.com/Episode597 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Published

Play Episode

Related episodes Paul's Security Weekly

Paul's Security Weekly

The Evil Empire - Enterprise Security Weekly #129
This week, we interview Gururaj Pandurangi, Founder and CEO at Cloudneeti, to discuss Continuous Cloud Assurance! Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj has 20 years of professional experience, a good portion of it as an early adopter of cloud technologies and building global scale cloud products like Windows Live, Bing platform, Consumer Identity and Federations. Paul Asadoor...

un interviews paul conference ceo enterprise rsa 129 radware baffle securityweekly onapsis episode129 enterprisesecurityweekly mattalderman ericomsoftware lacework rsac rsaconference venafi rsa19 cloudneeti continuouscloudassurance gururajpandurangi

Paul's Security Weekly

Spot On - Application Security Weekly #53
This week, Keith and Paul discuss the structure and experiences of 2019's RSA Conference! In the Application Security News, WordPress accounted for 90 percent of all hacked CMS sites in 2018, Japanese police charge 13-year-old for sharing 'unclosable popup' prank online, Facebook exploit – Confirm website visitor identities, NSA's top policy advisor: It's time to start putting teeth in cyber deterrence, study shows programmers will take the easy way out and not implement proper password security, and the Co...

un podcast news security asw conversation 120 application cms nsa 53 2019 paulasadoorian applicationsecurityweekly keithhoodlet applicationsecuritynews rsac rsaconference commitstrip rsa19

Paul's Security Weekly

Hack Naked News #210 - March 12, 2019
This week, a Severe RCE vulnerability affected popular StackStorm Automation software, Crowdfense is willing to pay $3 Million for iOS and Android Zero-Days, Equifax neglected cyber security prior to breach, Google launches new Cloud Security services, and an unprotected MongoDB instance exposes 800 million emails! Jason Wood from Paladin Security joins us for expert commentary on how a researcher claims an Iranian APT is behind a 6TB Data Heist at Citrix!   Full Show Notes: https://wiki.securityweekly.com/...

un google mongodb equifax rce 0days zerodays googlecloud iranianapt crowdfense stackstorm dataheist

Paul's Security Weekly

Pick Your Brain - Business Security Weekly #120
This week, we welcome Ben Carr, Chief Information Security Officer at Aristocrat! Prior to Aristocrat, we was VP of Strategy for Cyberbit and North America's Technical Director for Tenable! In the Leadership and Communications segment, how to make sure your board sets a good example for your company, cybersecurity is putting customer trust at the center of competition, 6 reasons your home office is better than your company office, and more!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode120 Vi...

un podcast news interview business security 120 aristocrat articles cybersecurity homeoffice securityweekly paulasadoorian mattalderman cyberbit businesssecurityweekly bsw leadershiparticles bencarr vpofstrategy mattaldmerman

Paul's Security Weekly

We All Was In High School - Paul's Security Weekly #596
This week, we welcome Allan Liska, Senior Solutions Architect at our sponsor Recorded Future, to talk about Catching Up To The Hype w/ Threat Intelligence! In the second interview, we welcome David Marble, President and CEO at OSHEAN Incorporated, to talk about what to expect at at this years Rhode Island Cybersecurity Exchange Day! In the Security News, YouTube controversy on ALL fronts, Cisco SOHO wireless VPN firewalls and routers open to attack, Ring doorbell flaw opens door to spying, bot plagues, free...

un podcast news interview conference inbox hacking security ceo president infosec momo psw hackernews 596 securitynews securityweekly threatintelligence hacknaked oshean paulasadoorian paulssecurityweekly joffthyer mattalderman jeffman youtubecensorship

Paul's Security Weekly

Getting In & Getting Out - Enterprise Security Weekly #128
This week, Paul is joined by Matt Alderman to discuss some Funding and M&A, such as Elevate Security announces an $8 million series A to alter employee security behavior, Armorblox raises 16.5 million in series A, Bandura Cyber raises 10 million in venture funding, and much more! In the Enterprise Security News, Capsule8 expands threat detection platform for PCI DSS, BitSight unveils peer analytics for more effective security performance management, Imperva advances autonomous application protection capabil...

un podcast news security enterprise funding analytics pci 128 polaris esw imperva securityweekly seriesa synopsys capsule8 enterprisesecurityweekly paulasadoorian mattalderman bitsight seriesb elevatesecurity armorblox manews polarissoftware

Paul's Security Weekly

Getting In & Getting Out - Enterprise Security Weekly #128
This week, Paul is joined by Matt Alderman to discuss some Funding and M&A, such as Elevate Security announces an $8 million series A to alter employee security behavior, Armorblox raises 16.5 million in series A, Bandura Cyber raises 10 million in venture funding, and much more! In the Enterprise Security News, Capsule8 expands threat detection platform for PCI DSS, BitSight unveils peer analytics for more effective security performance management, Imperva advances autonomous application protection capabil...

un podcast news security enterprise funding analytics pci 128 polaris esw imperva securityweekly seriesa synopsys capsule8 enterprisesecurityweekly paulasadoorian mattalderman bitsight seriesb elevatesecurity armorblox manews polarissoftware

Paul's Security Weekly

Lose Weight - Application Security Weekly #52
This week, many websites threatened by highly critical code-execution bug in Drupal, UK parliament calls for antitrust, data abuse probe of Facebook, CommitStrip: Get rich quick, Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret', and more! In our second segment, we welcome Matt Springfield, is the Founder of 12Feet, Inc., an information security consulting firm based in the Dallas area! Matt has more than 23 years of information security experience spanni...

un podcast uk facebook security dallas more abuse asw inc application 52 drupal bug parliament antitrust devops breaches appsec securityweekly paulasadoorian applicationsecurityweekly keithhoodlet applicationnews infosecworld commitstrip mattspringfield

Paul's Security Weekly

Hack Naked News #209 - February 26, 2019
This week, millions of utility customers passwords stored in plain text, Google ditches passwords in latest android devices, online validation services vulnerable to digital signature spoofing attacks, flaws in 4G and 5G allow snooping on calls, and TurboTax hit with credential stuffing attack and tax returns were compromised! Nicholas Sciberras from Acunetix joins us for expert commentary on how hackers created social media work after a bug report was ignored!   To GET A FREE 14-DAY TRIAL of Acunetix, visi...

un news hacking security 4g 209 dns flaws icann 5g dnssec turbotax hacknaked hnn paulasadoorian hacknakednews acunetix turbotaxhit stuffingattack nicholassciberras

Paul's Security Weekly

Tea & Crumpets - Business Security Weekly #119
This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119 Visit https://www.securityweekly.com/bsw for all the latest episodes! SecureWorld Boston is hosting their 15th annual c...

un podcast interview boston business security director 119 2019 securityweekly paulasadoorian mattalderman businesssecurityweekly brucesussman secureworldboston secureworld bsw mediadevelopment djsampath armorblox securingthehumanlayer

Paul's Security Weekly

It Compiled & It Ran - Paul's Security Weekly #595
This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian custome...

un podcast google security keynote nest passwords winrar splunk 2019 stevebrown paulssecurityweekly techsegment blackhillsinformationsecurity bhis secureworldboston secureworld marcellosalvati silenttrinity silenttrinityupdates silentrinity strategicroadmap

Paul's Security Weekly

Up In The Sky - Enterprise Security Weekly #127
This week, we interview Cody Cornell, Founder and CEO at Swimlane to discuss Security Orchestration, Automation, and Response! In the Enterprise Security News, CylancePROTECT now available on AWS Marketplace, Attivo Networks enhances deception platform with forensic collection, cyber security market will reach $365.26 billion dollars by 2026, and Elevate Security raises 8 million dollars in Series A!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode127 Visit http://securityweekly.com/esw for all...

un podcast security automation enterprise response infosec soar 127 breaches esw orchestration securityweekly enterprisesecurityweekly joffthyer mattalderman swimlane elevatesecurity cylanceprotect codycornell productlaunchesandannouncements

Paul's Security Weekly

Level of Trust - Application Security Weekly #51
This week, Matt and Paul interview Gurpreet S. Sachdeva, the Assistant Vice President of Technology for Altran! Gurpreet will be discussing "Integrating Security into DevOps"! In the Application Security News, A PNG Android Vulnerability, 620 million stolen accounts for sale on the dark web, how shifting security left speeds development, and more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode51 Visit https://www.securityweekly.com/asw for all the latest episodes!   Visit our website: https:...

un podcast interview technology hacking security development asw 51 png android breach leftists devops darkweb devsecops paulasadoorian mattalderman applicationsecurityweekly altran gurpreetssachdeva integratingsecurityintodevops gurpreet stolenaccounts

Paul's Security Weekly

Hack Naked News #208 - February 19, 2019
This week, Google paid out $3.4 million for vulnerabilities reported in 2018, hackers target WordPress sites via WP cost estimation plugin, Facebook paid $25,000 for CSRF exploit that leads to Account Takeover, and PoC Exploit Code for recent container escape flaw in runc published online! Jason Wood from Paladin Security joins us for expert commentary on Apple being sued over their two factor authentication!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode208 Visit https://www.securityweekly.c...

un news google hacking hacker february breach vulnerability dns 2019 208 csrf jasonwood securitynews securityweekly hacknaked paulasadoorian hacknakednews mattalderman runc applesued lenovox macosvulnerability

Paul's Security Weekly

Perception Becomes Reality - Business Security Weekly #118
This week, we welcome Brendan Goodwin, the Regional Cyber Director for the Northeast & Mid-Atlantic at Alfred J. Gallagher Co. Brendan comes on the show to talk about "How Cyber Insurance can Augment Your Cyber Security Strategy." In the Leadership and Communications segment, Jason Albuquerque joins Matt to discuss if boards of directors responsible for cybersecurity, cybersecurity mental health warning, how to cope with a Mid-Career Crisis, and more!   Full Show Notes: https://wiki.securityweekly.com/BSWEp...

un podcast security 118 segment cybersecurity securityweekly cyberinsurance paulasadoorian mattalderman businesssecurityweekly jasonalberquerque brendangoodwin regionalcyberdirector northeastmidatlantic alfredjgallagherco

Paul's Security Weekly

Flat Earth - Paul's Security Weekly #594
This week, we welcome Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future of Firewalls! In the Technical Segment, we discuss some Enterprise-ish Network Security hardware and software that we've incorporated here in our Security Weekly Studio! In the Security News, why it's way too easy to sell counterfeit goods on Amazon, how to defend against the runC container vulnerability, creating a dream team for the new age of cyber security, how you can get a Windows 95 ...

un podcast news interview linux security mac cto firewalls infosec defcon rsa pfsense networksecurity 594 windows10 securitynews securityweekly computernews enterprisetools oshean paulasadoorian paulssecurityweekly joffthyer technicalsegment techsegment

Paul's Security Weekly

Resilient & Robust - Enterprise Security Weekly #126
This week, Paul is joined by Matt Alderman in the absence of John Strand, to discuss The Evolution of Vulnerability Management, and where we stand today in areas such as Applications, Infrastructure, and Mobile! In the Enterprise Security News, Cisco unlocks IoT potential with Intent-Based Networking, Qualys extends cloud platform with patch management, Tenable announces general availability of Predictive Prioritization, Lacework announces security support for Azure and Multicloud environments, and more!   ...

un podcast news security enterprise companies applications azure android breach saas ios topic 126 devops chromeos qualys esw enterprisesecurityweekly paulasadoorian technicalsegment enterprisenews mattalderman techseg lacework multicloud

Paul's Security Weekly

The World Traveler - Application Security Weekly #50
This week, Paul is joined by Joff Thyer to interview Tim Eades, CEO of vArmour, to talk about basic flow of problem, solution, and value! In the Application Security News, many popular iPhone apps secretly record your screen without asking, MongoDB databases still being held for ransom, most of the Fortune 100 still use flawed software that led to the Equifax breach, and a Chrome extension with millions of users is now serving popup ads!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode50 Visit...

un podcast tim interview stories iphone hacking security asw 50 application solution chrome vulnerability infosec mongodb devops breaches equifax securitynews securityweekly secops applicationsecurityweekly applicationnews varmour basicflowofproblem

Paul's Security Weekly

Hack Naked News #207 - February 12, 2019
This week, your Lenovo X is watching you & sharing information, a client-side DNS attack emerges from academic research, a macOS vulnerability leaks safari data, hackers hit VFEmail & wipe US servers and backups, and a check-in system flaw puts major airlines at risk! Jason Wood from Paladin Security joins us for expert commentary on how fraudsters are scamming teenage 'money mules' on Instagram and Snapchat!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode207 Visit https://www.securityweekly.c...

un us servers 207 backups dns macos jasonwood securityweekly fraudsters hnn paulasadoorian hacknakednews paladinsecurity watchx lenovowatch safaridata vfemail scammingteenage moneymules

Paul's Security Weekly

Golden Nuggets - Business Security Weekly #117
This week, we welcome Ed Moyle, General Manager and Chief Content Officer at Prelude Institute! Ed is on the Advisory Board for InfoSec World and joins us to talk about InfoSec World 2019 and its upcoming plans, where he'll be giving a talk titled "Cryptocurrency Lessons for Enterprise Blockchain"! In the Leadership and Communications segment, keep your employees and you’ll keep your customers, why leadership development is superficial and how to fix it, simple techniques to overcome negative emotions when ...

un podcast communication business security leadership articles 117 superficial 2019 paulasadoorian mattalderman edmoyle businesssecurityweekly infosecworld bsw leadershiparticles jasonalberquerque worldspeaker preludeinstitute

Paul's Security Weekly

Unraveled Networks - Paul's Security Weekly #593
This week, we welcome Chris Long, Security Engineer at Palantir for our Technical Segment to talk about DetectionLab, a collection of Vagrant and Packer scripts that allow you to automate the creation of networks! In the Security News, 5G networks must be secured from hackers and bad actors, Zero-Day vulnerability highlights the responsible disclosure dilemma, a flaw in multiple airline systems exposes passenger data, security bugs in video chat tools enable remote attackers, and an original World War II Ge...

un podcast and the paul packer doug web tools how to tech on chris hacking security world deep dark jeff weekly long 20 lee white yourself man vmware protect hackers pauls connie technical infosec neely virtualbox pci segment vagrant misti asadoorian psw

Paul's Security Weekly

Type of Insanity - Enterprise Security Weekly #125
This week, Paul and John interview Randall Trzeciak, the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute! Randall will also be speaking at InfoSec World 2019 about "An Effective Insider Threat Program" on Saturday, March 30th @ 9:00 am! In the Enterprise Security News, RSA Conference announces finalists for Innovation Sandbox Contest 2019, DigiCert announces all-in-one digital certificate management solution, Google's new Chrome extension warns you a...

un podcast security enterprise innovation director march cert speaker infosec sandbox rsa 125 2019 esw psw securityweekly johnstrand enterprisesecurityweekly paulasadoorian 35million signalsciences infosecworld digicert demisto randalltrzeciak

Paul's Security Weekly

Hack Naked News #206 - February 5, 2019
This week, roughly 500,000 Ubiquiti devices may be affected by a flaw already exploited in the wild, Outlaw Shellbot infects Linux servers to mine for Monero, Apple's Siri shortcuts feature vulnerable to abuse, Google's new Chrome extension warns you about stolen passwords, and Google patches critical .png image bug! David Pearson from Awake Security joins us for expert commentary on recent news around Japan performing an IoT pentest on their public IPs!   To learn more about Awake Security, visit: https://...

un office google hacking botnet crypto 206 bitcoin libreoffice pentest iot monero securityweekly ubiquiti mimikatz hnn hacknakednews awakesecurity rdpservers googlepatch davidpearson

Paul's Security Weekly

The Golden Generation - Application Security Weekly #49
This week, Keith and Paul discuss the current state of privacy and software development! They discuss how Facebook pays teens to install VPN that spies on them, how Apple blocks Facebook from running its internal iOS apps, and more! In the Application Security News, Three UK customer details exposed in homepage blunder, Microsoft cloud services see global authentication outage, the age of surveillance capitalism, the rise of DevXOps, and much more!   Full Show Notes: https://wiki.securityweekly.com/ASW_Epis...

un news uk facebook google hacking microsoft global apple asw capitalism 49 vpn surveillance ios appsec securitynews devsecops paulasadoorian microsoftcloud applicationsecurityweekly keithhoodlet applicationnews privacyandsoftwaredevelopment

Paul's Security Weekly

Always Interesting - Business Security Weekly #116
This week, we welcome David Kennedy, Founder and CEO at TrustedSec, to discuss why it's important to be investing in the right technology and resources! In our second segment, we welcome Sandra Toms, Vice President and Curator, and Britta Glade, Director of Content and Curation from RSA Conference, to preview what's new at RSA Conference 2019!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode116 To learn more about TrustedSec, visit: https://www.securityweekly.com/trustedsec Go to https://rsacon...

un interview founder conference business ceo 116 rsa trustedsec businesstips securityweekly paulasadoorian mattalderman davekennedy businesssecurityweekly rsaconference bsw investingintherighttechnologyandresources sandratoms brittaglade rsaconferencecom