The Security Ledger Podcasts-logo

The Security Ledger Podcasts

Technology Podcasts >

More Information

Location:

United States

Language:

English

Contact:

6178170198


Episodes

Podcast Episode 120: They Email Ballots, Don’t They?

11/12/2018
More
In this week’s episode (#120): more than 100,000 U.S. voters submitted their ballots in the last presidential election via email in 2016. Despite that: hardly any attention has been paid to the security of email and online voting systems used by 32 states. The post Podcast Episode 120: They Email Ballots, Don’t They? appeared first on The Security Ledger. Related Stories Podcast Episode 118: White Hat Eye on the Gaming GuyPodcast Episode 119: EFF on Expanding Researchers Rights and...

Duration:00:47:03

Podcast Episode 119: EFF on Expanding Researchers Rights and AT&T talks IoT Security Fails

11/6/2018
More
In this episode of the podcast, #119: Electronic Frontier Foundation General Counsel Kurt Opsahl joins us to talk about the Coders’ Rights Project. Also: we speak with Senthil Ramakrishnan, a lead member of AT&T’s IoT Security group about that company’s plans to work with Ericsson to certify the security of IoT devices. Vulnerability Research is Not a Crime! The Electronic Frontier Foundation earned its stripes in the 1990s at the vanguard of groups opposing the US government’s efforts to...

Duration:00:36:29

Podcast Episode 118: White Hat Eye on the Gaming Guy

10/29/2018
More
In this week’s episode, #118: modern computer games are like mini economies and that makes them a big target for hackers. We talk with four leading researchers from Bug Crowd about how even popular games fall down on security. Also: Srinivas Mukkamala, the CEO of RiskSense about how artificial intelligence and risk based approaches to securing elections systems could pay off. Bug Hunter Eye on the Gaming Guy But first: the massively multiplayer online game FortNite isn’t just the most...

Duration:00:51:57

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

10/23/2018
More
In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In the first segment, we talk with Thomas Harvey of the firm RMS about the problem of “silent cyber” risk to insurers and how better modeling of cyber incidents is helping to address that threat. In part II, we invite Chip Block of the firm Evolver back into the studio to talk about the challenge that “converged” cyber physical systems pose to insurance carriers as they try to wrap...

Duration:00:32:26

Spotlight Podcast: At 15 Cybersecurity Awareness Month Grows with Cyber Risk

10/18/2018
More
In this Spotlight Podcast, sponsored by RSA: October is Cybersecurity Awareness Month. But what does that mean in an era when concerns about cybersecurity permeate every facet of our personal and professional lives? Russ Schrader of the National Cybersecurity Alliance (NCSA) and Angel Grant of RSA join us to discuss the history of Cybersecurity Awareness Month and how the event is changing to meet growing demand. The post Spotlight Podcast: At 15 Cybersecurity Awareness Month Grows with...

Duration:00:33:54

Podcast Episode 116: Cryptojacking and MikroTik’s Bad-Feeling Feel Good Patch Story

10/15/2018
More
MikroTik is part of a bigger problem: the failure of infrastructure owners to take appropriate action to address serious security holes in products. The post Podcast Episode 116: Cryptojacking and MikroTik’s Bad-Feeling Feel Good Patch Story appeared first on The Security Ledger. Related Stories Podcast Episode 115: Joe Grand on Unicorn Spotting and Bloomberg’s Supply Chain StoryPodcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting Machines Required!Podcast...

Duration:00:22:34

Podcast Episode 115: Joe Grand on Unicorn Spotting and Bloomberg’s Supply Chain Story

10/9/2018
More
In this week’s episode (#115), noted hardware enthusiast and hacker Joe Grand (aka “Kingpin”) told reporters from Bloomberg that finding an in-the-wild supply chain hack implanting malicious hardware on motherboards was akin to witnessing “a unicorn jumping over a rainbow.” They went with their story about just such an attack anyway. Joe joins us in the Security Ledger studios to talk about whether Bloomberg got it right. Also, Adam Meyers of Crowdstrike comes into the studio to talk about...

Duration:00:35:36

Episode 114: Complexity at Root of Facebook Breach and LoJax is a RAT You Can’t Kill

10/2/2018
More
In this week’s podcast: Facebook revealed that a breach affected 50 million accounts and as many as 90 million users. Is complexity at the root of the social media giant’s troubles? We speak with Gary McGraw of the firm Synopsys about it. Also: BIOS-based malware has been demonstrated at security conferences for years. Last week, the security firm ESET warned that it identified a sample in the wild. Even worse: the Russian Hacking Group Fancy Bear was believed to be responsible. We’ll talk...

Duration:00:29:32

Podcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting Machines Required!

9/25/2018
More
Everybody worries about hacked voting machines. But an exercise in Boston last week showed how hackers can compromise the vote without ever touching an election system. Also: October is just around the corner and that means Cyber Security Awareness Month is upon us. So what are top cyber security professionals “aware of” these days? We talk with Justin Somaini the Chief Security Officer at SAP to find out. The post Podcast Episode 113: SAP CSO Justin Somaini and Election Hacks – No Voting...

Duration:00:43:29

Podcast Episode 112: what it takes to be a top bug hunter

9/17/2018
More
In this week’s episode (#112): top bug hunters can earn more than $1 million a year from “bounties” paid for information on exploitable software holes in common platforms and applications. What does it take to be among the best? We talk with Jason Haddix of the firm Bug Crowd to find out. Also: The Internet Society’s Jeff Wilbur talks about the new #GetIoTSmart campaign to educate device makers and the public about Internet of Things security. Will Hunt Bugs for Cash As recently as 15 or...

Duration:00:39:54

Spotlight Podcast: Flashpoint’s Allison Nixon on SIM Swapping and the Looming Online Identity Crisis

9/12/2018
More
Your smart phone does double and triple duty: letting you do banking, buy a cup of coffee, board a plane or access a sensitive online account. But that doesn’t mean that your phone number is equally as trustworthy. In this Spotlight Podcast, we speak with Flashpoint* head of research Allison Nixon about how a recent rash of SIM swapping attacks highlights a looming crisis in online identity. The risks of using phone numbers as a form of identity are on vivid display, amid reports of...

Duration:00:19:08

Podcast Episode 111: Click Here to Kill Everybody and CyberSN on Why Security Talent Walks

9/10/2018
More
In this week’s podcast (episode #111), sponsored by CyberSN: what happens when the Internet gets physical? Noted author and IBM security guru Bruce Schneier joins us to talk about his new book on Internet of Things risk: Click Here to Kill Everybody. Also: everyone knows that cyber security talent is hard to come by, and even harder to keep. But why does precious cyber talent walk? In our second segment, we’re joined by Deidre Diamond of cyber security placement firm CyberSN, who has all...

Duration:00:59:09

Podcast Episode 110: Why Patching Struts isn’t Enough and Hacking Electricity Demand with IoT?

8/27/2018
More
In this week’s episode (#110): the second major flaw in Apache Struts 2 in as many years and has put the information security community on alert. But is this vulnerability as serious as the last, which resulted in the hack of the firm Equifax? We talk with an expert from the firm Synopsys. And: we’ve heard a lot about the risk of cyber attacks on the critical infrastructure used to generate and distribute electricity. But what would happen if someone figured out to how to hack electricity...

Duration:00:33:38

Spotlight Podcast: Arctic Wolf on Nurturing Talent for the Evolved SOC

8/22/2018
More
In this Spotlight Podcast, sponsored by Arctic Wolf Networks: sessions at this month’s Black Hat Briefings on PTSD and substance abuse among security workers are proof that the high pressure, high stakes world of information security can take its toll. So what does it take to find, train and nurture information security pros? Sam McLane, the Chief Technology Services Officer at the firm Arctic Wolf Networks joins us to talk about how his company holds on to top security talent. It wasn’t...

Duration:00:25:16

Podcast Episode 109: What’s The US Freedom Army? Ask Russia.

8/20/2018
More
In this week’s episode of the Security Ledger Podcast (#109): what lurks in the dark recesses of online information operations? How about a secret “US Freedom Army” linked to Russia? Dave Aitel of Cyxtera joins us to talk about it. Also: hacking critical infrastructure isn’t just for nation states anymore. Cybereason joins us to talk about its recent report on cyber criminals hacking into industrial control systems. Psst! Want to join the Freedom Army? In the wake of the 2016 Presidential...

Duration:00:37:07

Spotlight Podcast: Synopsys’ Dan Lyon on the Challenge of Securing Connected Medical Devices

8/17/2018
More
In this Spotlight Podcast, sponsored by Synopsys: In the wake of a presentation at Black Hat about security flaws in implantable pace maker devices, Synopsys Principal Consultant Dan Lyon joins us to talk about why medical device makers struggle to make their connected medical devices more secure. Dan and I discuss some of the flaws in the approach that medical device makers take to security, and how manufacturers can take a page out of their own book: applying the same standards to cyber...

Duration:00:27:06

Episode 108: DEF CON’s Car Hacking Village and is the Open Source Model Failing on Security

8/14/2018
More
In this week’s podcast (#108), sponsored by CA Veracode: hacker summer camp wrapped up on Sunday, as the 26th annual DEF CON conference concluded at Caesar’s Palace in Las Vegas. Hacks of connected and smart vehicles were a big theme again this year. We sat down with the organizers of DEF CON’s Car Hacking Village to see what was news at this year’s show. Also: open source software has revolutionized the way software gets made, and turbo charged the growth of companies like Facebook and...

Duration:00:33:39

Special Black Hat Coverage: Google’s Parisa Tabriz Says Don’t Be A Jerk

8/10/2018
More
In this special Black Hat edition of the Podcast, sponsored by UL: Parisa Tabriz, Google’s Director of Engineering for the Chrome Web browser, brought some strong medicine to Las Vegas for her Black Hat keynote speech. We talk about why her simple message was so groundbreaking. Also: Ken Modeste of UL joins us from the Black Hat briefings to talk about UL’s efforts to make cyber security as important to consumers in the 21st century as product safety was in the 20th. Don’t be a Jerk:...

Duration:00:29:46

Episode 107: What’s Hot at Black Hat & does DHS need its new Risk Management Center?

8/6/2018
More
In this episode of The Security Ledger Podcast (#107): Hacker Summer Camp takes place in Las Vegas this week as the Black Hat, DEFCON and B-Sides conferences take place. We’re joined by DigiCert Chief Technology Officer Dan Timpson to talk about the presentations that are worth seeing. And, in our second segment, The Department of Homeland Security launched a new Risk Analysis Center that sounds a whole lot like some programs it already runs. Is this bureaucratic overkill or is DHS on to...

Duration:00:46:43

Spotlight Podcast: CSS on why Crypto Agility is the Key to Securing Internet of Things Identities

8/1/2018
More
In this Spotlight Edition of the Security Ledger Podcast: identity is at the root of many of the security problems facing the Internet of Things, from vulnerable and “chatty” endpoints to a lack of robust update and lifecycle management features. To figure out how we might start to build a more secure IoT ecosystem, we invited Judah Aspler, the Vice President of IoT Strategy at Certified Security Solutions, or CSS Security in to talk about how more agile PKI infrastructure is one element...

Duration:00:34:11