Continue Reading... Using Rate Limiting to Protect Web Apps and APIs – Jack Zarris – ASW #108
Posted in Cyber Security

Using Rate Limiting to Protect Web Apps and APIs – Jack Zarris – ASW #108

Rate limiting can be used to protect against a number of modern web application and API attacks. We’ll discuss some…

Continue Reading... Ramsay Malware, Top 10 CVE’s, & Reverse RDP Attacks – PSW #651
Posted in Cyber Security

Ramsay Malware, Top 10 CVE’s, & Reverse RDP Attacks – PSW #651

In the Security News, Palo Alto Networks Patches Many Vulnerabilities in PAN-OS, Zerodium will no longer acquire certain types of…

Continue Reading... STAMINA, RAMSAY, and US-Cert Vulnerabilities – Wrap Up – SWN #34
Posted in Cyber Security

STAMINA, RAMSAY, and US-Cert Vulnerabilities – Wrap Up – SWN #34

This week, Doug wraps up all the shows across our network, including the Show News, Bunny Lebowski’s toes, STAMINA, RAMSAY,…

Continue Reading... Securing Remote Access: Quarantines & Security – PSW #651
Posted in Cyber Security

Securing Remote Access: Quarantines & Security – PSW #651

We use terms such as Social Distancing, Quarantine, and Contact Tracing on a regular basis amid the current crisis. How…

Continue Reading... MITRE ATT&CK & Security Visibility: Looking Beyond Endpoint Data – Mike Nichols – PSW #651
Posted in Cyber Security

MITRE ATT&CK & Security Visibility: Looking Beyond Endpoint Data – Mike Nichols – PSW #651

In this episode of Paul’s Security Weekly, we will dive into the recently published MITRE ATT&CK second-round evaluation based on…

Continue Reading... ThunderSpy – Security Now 766
Posted in Cyber Security

ThunderSpy – Security Now 766

Thunderbolt security flaw, Zoom buys Keybase. • Why the ThunderSpy Thunderbolt security flaw is such a big deal • Zoom…

Continue Reading... Qualys VMDR: A Customer Perspective – Georges Bellefontaine – ESW #183
Posted in Cyber Security

Qualys VMDR: A Customer Perspective – Georges Bellefontaine – ESW #183

Discuss approach to vulnerability management at Toyota Financials and benefits of a full life-cycle approach to vulnerability management. To learn…

Continue Reading... Cortex XSOAR, Fortinet, & YubiEnterprise – ESW #183
Posted in Cyber Security

Cortex XSOAR, Fortinet, & YubiEnterprise – ESW #183

In the Enterprise Security News, how GitHub Code Scanning aims to prevent vulnerabilities in open source software, SlashNext Integrates with…

Continue Reading... Using the Network to Reduce Remediation Costs – Sid Nanda – ESW #183
Posted in Cyber Security

Using the Network to Reduce Remediation Costs – Sid Nanda – ESW #183

Many companies hire external consultants to conduct incident response and remediation, which can add up quickly in cost. By providing…

Continue Reading... What Does “Security” Really Mean? – Part 2 – Jake Williams – SCW #28
Posted in Cyber Security

What Does “Security” Really Mean? – Part 2 – Jake Williams – SCW #28

Security vs. Compliance: Where are the overlaps? Where are the differences? Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes:…

Continue Reading... What Does “Security” Really Mean? – Part 1 – Jake Williams – SCW #28
Posted in Cyber Security

What Does “Security” Really Mean? – Part 1 – Jake Williams – SCW #28

Security vs. Compliance: Where are the overlaps? Where are the differences? Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes:…

Continue Reading... ThunderSpy, Hacking COVID Research, & GDPR Fines – SWN #33
Posted in Cyber Security

ThunderSpy, Hacking COVID Research, & GDPR Fines – SWN #33

This week in the Security Weekly News, DEFCON 28 is indeed cancelled, Paying Ransomware may double the recovery cost, Thunderspy…

Continue Reading... Samsung RCE 0-Click, Whispers, & Compromising Pluton – ASW #107
Posted in Cyber Security

Samsung RCE 0-Click, Whispers, & Compromising Pluton – ASW #107

In the Application Security News, Cloud servers hacked via critical SaltStack vulnerabilities, Samsung Confirms Critical Security Issue For Millions: Every…

Continue Reading... Lessons for Cybersecurity From a Pandemic – Mike Lloyd – BSW #173
Posted in Cyber Security

Lessons for Cybersecurity From a Pandemic – Mike Lloyd – BSW #173

The coronavirus has focused the world’s attention on disease spread like never before. This discussion will draw out some of…

Continue Reading... 5 Tactical Steps, 5 CISO Priorities, and Communicating “Why” – BSW #173
Posted in Cyber Security

5 Tactical Steps, 5 CISO Priorities, and Communicating “Why” – BSW #173

In the leadership and communications section, Top 5 Tactical Steps for a New CISO, Good Leadership Is About Communicating “Why”,…

Continue Reading... Vulnerability Madness, IoT Botnets, & Breach Chaos – PSW #650
Posted in Cyber Security

Vulnerability Madness, IoT Botnets, & Breach Chaos – PSW #650

In the Security News, Naikon APT Hid Five-Year Espionage Attack Under Radar, PoC Exploit Released for DoS Vulnerability in OpenSSL,…

Continue Reading... How Can Security Work TOGETHER, Not Against, Developers – Joe Garcia – ASW #107
Posted in Cyber Security

How Can Security Work TOGETHER, Not Against, Developers – Joe Garcia – ASW #107

DevOps and Agile IT practices have been around for a while. However, security teams are just now catching up. We…

Continue Reading... Project Fantastic – Bringing The CLI to GUI Users – PSW #650
Posted in Cyber Security

Project Fantastic – Bringing The CLI to GUI Users – PSW #650

Lots of IT and security professionals do not want to use the CLI, which has set them back. Fantastic exposes…

Continue Reading... Public Utility Security and National Guard Support – Chris Elgee, Jim McPherson – PSW #650
Posted in Cyber Security

Public Utility Security and National Guard Support – Chris Elgee, Jim McPherson – PSW #650

Public utilities are under fire from malicious actors now, more than ever. At the same time, authorities for National Guard…

Continue Reading... PerSwaysion, ILoveYou, & POWER-SUPPLaY – Wrap Up – SWN #32
Posted in Cyber Security

PerSwaysion, ILoveYou, & POWER-SUPPLaY – Wrap Up – SWN #32

This week, Doug White wraps up the hot topics and interviews across all of our shows on the network! Then…

Continue Reading... WordPress Attacks, IoT Device Shifts, & Splunk Cloud – ESW #182
Posted in Cyber Security

WordPress Attacks, IoT Device Shifts, & Splunk Cloud – ESW #182

Microsoft is to buy Israeli cybersecurity startup CyberX, ExtraHop Data Shows Shifts in IoT Device Usage During COVID-19 Have Broad…