Paul's Security Weekly-logo

Paul's Security Weekly

Technology Podcasts

For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security.

For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security.

Location:

United States

Description:

For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security.

Language:

English

Contact:

4018299552


Episodes

A Good Mission - SCW #96

11/24/2021
In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Tools and Tirade about Retail Technology and E-Commerce. The founder of the column, Evan Schuman, is a veteran journalist who has covered a wide...

Duration:01:18:13

SquirrelWaffel, Scams, Exchange Flaws, Honeypots, & Hoodies - Wrap Up - SWN #170

11/24/2021
This week in the Security Weekly News Wrap Up: Dr. Doug rants in preparation for the Holidays, Scams, Exchange Flaws, SquirrelWaffel, honeypots, hoodies, & more! Show Notes: https://securityweekly.com/swn170 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Duration:00:29:02

Invest Properly - BSW #241

11/24/2021
As a CISO tasked to present to the Board or other executives, communicating cybersecurity in business context is critical to success. Hear from Kevin Powers, who has taught hundreds of CISOs in his executive education courses how to level-up their presentation skills, metrics, and executive approach. Learn also from Padriac O'Rielly, CPO & Co-Founder of CyberSaint, about how some of the most cutting-edge security leaders are providing actionable, risk-based insights in Boardrooms and beyond...

Duration:00:50:23

GoDaddy Breached, Imunify360, Holiday Scams, Bug Bounties Surge, & Bryon Hundley - SWN #169

11/23/2021
This week in the Security Weekly News, Dr. Doug talks: Grandma's recipe, Imunify360, GoDaddy, Nigeria, holiday scams, bug bounties, & Bryon Hundley from ISAC joins for Special Guest Commentary! Bryon will discuss the sector-wide exercise that was conducted over the summer in which top trade associations in retail, hospitality, and travel partnered with RH-ISAC and CISA to support the first industry-wide exercise focused on communication, coordination, and decision making. Show Notes:...

Duration:00:26:51

Max Headroom - ASW #175

11/23/2021
This week, we welcome Liam Randall, CEO at Cosmonic, to talk about wasmCloud - Distributed Computing With WebAssembly! CNCF wasmCloud helps developers to build distributed microservices in WebAssembly that they can run across clouds, browsers, and everywhere securely! In the AppSec News: What would CVEs for CSPs look like, clever C2 in malicious Python packages, diversity in bounty programs, shared responsibility and secure defaults, breach costs to influence AppSec programs! Show Notes:...

Duration:01:09:31

Kinky VR, FatPipe, Win11, Glitch, Perswaysion, & Satoshi Nakamoto - Wrap Up - SWN #168

11/19/2021
This Week Dr. Doug talks: Satoshi Nakamoto, Weird Sex Objects, teaching hackers, Fatpipe, Banks, Win 11, Glitch, and Perswaysion [sic], and Show Wrap-Ups, on the Security Weekly News! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn168

Duration:00:30:11

Crystal Ball Gazing - ESW #251

11/19/2021
ExtraHop VP, GM of International and Global Security Programs Mike Campfield joins Security Weekly for a retrospective on ransomware in 2021, shares his predictions on how it will evolve in 2022 and beyond, and what controls enterprises can put into place to build their resilience to the growing threat. Jeffrey then joins us today to guide us through the rapidly changing world of Cyber Insurance! We solicited some questions from our audience and look forward to picking his brain in this...

Duration:01:49:22

Hackers Be Hackin' - PSW #719

11/18/2021
This week, we kick off the show with a technical segment where we walk through creating vulnerable Docker Containers – On Purpose! Then, Derek Rook from Senior Director Purple Team atTeradata, & SANS Certified Instructor joins to discuss technologies to build CTFs as well as what types of things to consider while doing so!! In the Security News: The FBI is spamming you, hacking exists in the mind, Beg Bounties, nasty top-level domains, MosesStaff, why own one npm package when you can own...

Duration:03:13:34

Massive Damage - SCW #95

11/18/2021
CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and data. By exploiting trust relationships in MSP networks, cyber threat actors can gain access to a large number of the victim MSP customers. The...

Duration:01:13:58

Cyber Money Ball - BSW #240

11/17/2021
This week, we welcome Tony Cole, CTO at Attivo Networks, to discuss Protecting Identity Services! Identity Services such as Active Directory is an area that is almost always utilized by the attacker after the initial endpoint is compromised. This is an area lacking critical focus by defenders for a myriad of reasons. Discussion will entail how this attitude can and should change. In the Leadership and Communications section, The Gardener: Four Attributes Of A Great Leader, Unpacking 5 Myths...

Duration:00:55:01

FBI, Eyeball Lies, Intel, Microsoft, & Smishing - SWN #167

11/16/2021
This week on the Security Weekly News, Dr. Doug talks: The Eyes don't lie, the FBI, Intel, Microsoft, pompompurin, smishing, and ransom consulting! All this and Aaran Leyland's Expert Commentary on the Security Weekly News! Show Notes: https://securityweekly.com/swn167 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Duration:00:36:55

Eyes Open - ASW #174

11/16/2021
This week, we welcome Ryan Lloyd, Chief Product Officer at Guardsquare, to discuss Mobile Application Security! Mobile applications have a unique attack surface. The tools and techniques being used to compromise these environments are constantly evolving. We'll talk about how to harden mobile apps against modern threats. In the AppSec news: Disclosure decisions and CVE-2021-3064, technical details behind ChaosDB in Azure, fuzzing BusyBox, Prossimo and Rust, vulns in Nucleus RTOS, & HTML...

Duration:01:10:41

Attack & Defense - ESW #250

11/12/2021
This week, we welcome Angela Marafino, PM at Microsoft, to talk about MegatronAL on Kicking in the Door to Cybersecurity! In the second segment, we welcome Nick Leghorn, Director of Application Security at The New York Times, to discuss Building a Risk Based Security Program That Actually Works! In the Enterprise Security News: Drata reaches unicorn status in record time with a $100m Series B, SCYTHE announces a $10m Series A, McAfee Consumer business acquired for $14b, WPScan acquired by...

Duration:01:45:49

Lyceum, Elon, Buzz Words, PS5, PunyCode, Palo Alto, & Small Business - Wrap Up - SWN #166

11/12/2021
This week, Dr. Doug talks: Elon buys my motorcycle, Lyceum, Buzz word security, PS5, Puny Code, Palo Alto, and Small biz, and the show wrap ups on the Security Weekly News Wrap Up show! Show Notes: https://securityweekly.com/swn166 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Duration:00:25:23

Snowed In - PSW #718

11/11/2021
This week, we kick off the show with an interview featuring Lodrina Cherne, and Martijn Grooten join to discuss the Realworld capabilities of Stalkerware! Then, Sachin Mahajan from Inguardians joins to delve MAVSH!! In the Security News: NPM hijacked again, hardcoding your keys, PAN-ODay, more Nmap in your python or python in your nmap, put your Docker API to rest, Busybox will own your box, Microsoft says its a feature not a vulnerability, SBDCs, TIPC Linux kernel vulnerability, patches...

Duration:03:36:48

A Good Crisis - SCW #94

11/11/2021
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don't handle the people/process part very well. Show Notes:...

Duration:01:03:30

Getting Involved - BSW #239

11/10/2021
The rise in cyberattacks and the switch to remote work has kept security teams busy, but it has also left them isolated by halting their ability to meet with peers and network with industry friends. Suresh Balasubramanian Qualys CMO and Sara Griffith CISO at Euronet Worldwide will discuss the value of in-person cybersecurity events, how attending can reinvigorate teams, the benefits to sharing best practices with peers, and getting up to speed on the latest innovations in cybersecurity...

Duration:00:52:43

You Browser, MediaMarkt Hack, RobinHood Breach, Zoho, & Elon's Twitter Poll - SWN #165

11/9/2021
This week Dr. Doug talks: ThisElon, UL, You, Robin Hood, Zoho, lots of ransomware, and the return of Jason Wood for Expert Commentary on the Security Weekly News! Show Notes: https://securityweekly.com/swn165 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Duration:00:29:04

Schools of Magic - ASW #173

11/9/2021
This week, Mike, John and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply chain, the history of provenance, GPG Keys & signing commits, package consumption, understanding threat modeling, and knowing the roles and responsibilities when it comes to security of your assets. In the AppSec News, Mike and John talk: Excel gains support for JavaScript data types and...

Duration:01:13:57

Linux CVE, War Driving, Pegasus Blacklisted, Darkside Bounty, & Braktooth - Wrap Up - SWN #164

11/5/2021
This Week in the Security News Dr. Doug talks: War driving, Linux kernels, Pegasus, Darkside, Braktooth, Clippy, and more, on the Security Weekly News Wrap Up! Show Notes: https://securityweekly.com/swn164 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Duration:00:27:57