XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282

FromSecurity Weekly Podcast Network (Video)

Start listening View podcast show

XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282

FromSecurity Weekly Podcast Network (Video)

ratings:

Length:

38 minutes

Released:

Apr 23, 2024

Format:

Podcast episode

Description

CISA chimes in on the XZ Utils backdoor, PuTTY's private keys and maintaining a secure design, LeakyCLI and maintaining secure secrets in CSPs, LLMs and exploit generation, and more! Show Notes: https://securityweekly.com/asw-282

Released:

Apr 23, 2024

Format:

Podcast episode

Titles in the series (100)

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.

Skip carousel

Interview with Schuyler Towne - Episode 338: Schuyler Towne is on a mission to recover as much information as possible about the lock-related patents that were lost to the patent office fire of 1836. His primary interest is in the history and the story of the creators of the lost locks, but his... by Security Weekly Podcast Network (Video)
21 min listen
Interview with Troy Hunt - Episode 339: Troy is a Software architect and Microsoft MVP, you'll usually find him writing about security concepts and process improvement in software delivery on his blog. He also has a free e-book out "OWASP Top 10 for .NET developers" by Security Weekly Podcast Network (Video)
38 min listen
Interview with Phil Young - Episode 342: Philip Young, aka Soldier of Fortran, is a mainframe phreak! His love of mainframes goes back to when he watched Tron, wide eyed, for the first time. Though it would be decades until he actually got his hands on one he was always interested in their... by Security Weekly Podcast Network (Video)
37 min listen
Drunken Security News - Episode 340: All things Black Hat, DefCon. Making $15,000 to $20,000 per hour. Hijacking a Prius. Vulnerable printers. More SCADA hacking. Hacking toilets. by Security Weekly Podcast Network (Video)
66 min listen
Drunken Security News - Episode 341: Trying to wake up sleeping babies through hacking the baby monitor. Fire in the studio. Male to male plugs. Updating your pooty...and firefox. Fun ways to log in to your Leap Motion controlled Windows box and the iLO authentication bypass. Plus more... by Security Weekly Podcast Network (Video)
40 min listen
Hack Naked TV Episode 57: In this episode we talk about Prism, M$, HIPAA and Panic!!! In the financial sector!! Links for this episode: http://tinyurl.com/HNTV-HIPAA-Costs http://tinyurl.com/HNTV-Financial-collapse http://tinyurl.com/HNTV-MS-NSA by Security Weekly Podcast Network (Video)
9 min listen
Interview with Bruce Potter and JP Bourget - Episode 335: We have JP Bourget and Bruce Potter on the show to announce their ball busting ride across the USA, CycleOverride . CycleOverride is planning a series of rides over the coming years that revolve around information security and fundraising for... by Security Weekly Podcast Network (Video)
15 min listen
Interview with Matt Bergin - Episode 337: Matt "Level" Bergin, age twenty four, works for CORE Security as a Senior Security Consultant where his day job consists of discovering, exploiting, and mitigating vulnerabilities in their client’s network environments. Before joining... by Security Weekly Podcast Network (Video)
29 min listen
Tech Segment: Threat Analytics with Ty Miller - Episode 340: Ty Miller is CEO and Founder of Threat Intelligence , has had many TV appearances, radio interviews, print newspaper and magazine articles, and regular online commentary & BlackHat Trainings. Ty Miller's experience not only covers penetration... by Security Weekly Podcast Network (Video)
23 min listen
Tech Segment with Zach Cutlip - Episode 342: Zach will be going over how he does research on exploiting embedded systems and his exploit development framework bowcaster. Zachary Cutlip is a security researcher with Tactical Network Solutions, in Columbia, MD. At TNS, Zach develops exploitation... by Security Weekly Podcast Network (Video)
32 min listen
Hack naked TV 56ish: In this episode we talk about the importance of being able to detect insider threats. by Security Weekly Podcast Network (Video)
8 min listen
OWASP Top 10 (2013) with Dave Wichers: The OWASP Top Ten is an awareness document for web application security, representing broad consensus about the most critical web application security risks as determined by the OWASP community. The OWASP Top 10 is one of the earliest and longest... by Security Weekly Podcast Network (Video)
24 min listen
Interview with Onapsis - Episode 338: Selena Proctor, Alex Horan and Mariano Nunez join us from Onapsis. by Security Weekly Podcast Network (Video)
52 min listen
Hack Naked TV Episode 59: In this episode we talk about pwnedlist and how many companies are compromised and don't even know it. We also talk about how one should not throw stones in glass houses. by Security Weekly Podcast Network (Video)
11 min listen
Interview with Thierry Zoller - Episode 348: Thierry has 14 years experience in information security, designing resistant architectures and systems, managing development and information security teams, ISM policies and high profile penetration tests. Thierry has a security blog over at... by Security Weekly Podcast Network (Video)
47 min listen
Tech Segment: Bro IDS: Bro is a passive, open-source network traffic analyzer and was originally developed by Vern Paxson, who continues to lead the project now jointly with a core team of researchers and developers at the International Computer Science Institute in... by Security Weekly Podcast Network (Video)
37 min listen
Tech Segment: Honeyports - Episode 340: If you've seen one of mine, or John Strand's, presentations on offensive countermeasures, you know about Honeyports. If you've taken our class or read our book, you've seen this too! Just to recap: If you tell your host to listen... by Security Weekly Podcast Network (Video)
13 min listen
Drunken Security News - Episode 342: From the Bradley Manning sentencing to DDOSing your former employer, the guys at PSW cover all the interesting stories of the week. by Security Weekly Podcast Network (Video)
32 min listen
Episode 350: Interview with Jayson Street: Jayson E. Street is an author of “Dissecting the hack: The F0rb1dd3n Network” from Syngress. Also creator of dissectingthehack.com He has also spoken at DEFCON, DerbyCon, UCON and at several other ‘CONs and colleges on a variety of... by Security Weekly Podcast Network (Video)
27 min listen
Interview with Kati Rodzon and Mike Murray: Kati Rodzon is the manager of Security Behavior Deisgn for MAD Security. Her last nine years have been spent studying psychology and ways to modify human behavior. From learning about the power of social pressure on groups, to how subtle changes in... by Security Weekly Podcast Network (Video)
36 min listen
Interview with Whitfield Diffie - Episode 341: Dr. Diffie is a pioneer of public-key cryptography and was VP of Information Security and Cryptography at ICANN. He is author of Privacy on the Line: The Politics of Wiretapping and Encryption by Security Weekly Podcast Network (Video)
50 min listen
Interview with Richard Stiennon: Richard Stiennon, security expert and industry analyst, is known for shaking up the industry and providing actionable guidance to vendors and end users. He relaunched the security blog ThreatChaos.com and is the founder of IT-Harvest. by Security Weekly Podcast Network (Video)
49 min listen
Drunken Security News - Episode 344: Want to try to scam John Strand? That might not be the best of ideas. Burp got updated, Rsnake's "joke", opting out to watch porn, 5 Guys Burgers on security and maybe a new way to prevent CSRF. by Security Weekly Podcast Network (Video)
40 min listen
BruCon Matt - Episode 343: Matt is a long time volunteer of BruCon and is going to let us know all the great things in store for 2013. by Security Weekly Podcast Network (Video)
15 min listen
Interview with Jaime Filson - Episode 347: Jaime enjoys long walks on the beach while his computer equipment is busy fuzzing software, cracking passwords, or spidering the internet. He's also the creator of the gitDigger project as well as staff of DEFCON's wireless village. by Security Weekly Podcast Network (Video)
18 min listen
Episode 350: SCADA Panel: SCADA systems are being attacked and making headlines. However, this is not news, or is it? There is a lot of new found "buzz" around attacking SCADA and defending SCADA. Technology has evolved and many systems are Internet connected and... by Security Weekly Podcast Network (Video)
53 min listen
Stories of the Week - Episode 346: Before the gang heads off for Derby Con, we still have the stories of the week. Paul, Greg and Patrick are here to talk about Shodan searches, Dropbox opening your docs, 10 things to never say during a presentation and a whole lot more! by Security Weekly Podcast Network (Video)
40 min listen
Enumerating a Domain using ADSI in PowerShell: Carlos Perez is also known as @DarkOperator, He spends his time reverse engineering, and practicing PowerShell Kung-Fu. Known by his motto "Shell is only the Beginning". by Security Weekly Podcast Network (Video)
21 min listen
Interview with Ira Winkler - Episode 343: Ira Winkler, CISSP is President of Secure Mentem. Ira is one of the foremost experts in the human elements of cyber security and is known for the extensive espionage and social engineering simulations that he has conducted for Fortune 500 companies... by Security Weekly Podcast Network (Video)
33 min listen
Episode 351: Rob Kornmeyer on Mona.py: Mona can be used by pentesters and exploit developers to take a proof of concept crash and turn it into a working exploit in a quick and organized fashion, eliminating downtime. by Security Weekly Podcast Network (Video)
17 min listen

More Episodes from Security Weekly Podcast Network (Video)

Skip carousel

Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383: Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: by Security Weekly Podcast Network (Video)
35 min listen
Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360: It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the... by Security Weekly Podcast Network (Video)
51 min listen
RSA Conference, Verizon DBIR, funding, reports, partnerships and more - ESW #360: It's the week before RSA and the news is PACKED. Everyone is trying to get their RSA announcements out all at once. We've got announcements about funding, acquisitions, partnerships, new companies, new products, new features... To make things MORE... by Security Weekly Podcast Network (Video)
67 min listen
Kicking Off With Crypto - PSW #827: The Security Weekly crew discusses some of the latest articles and research in cryptography and some background relevant subtopics including the race against quantum computing, key management, creating your own crypto, selecting the right crypto and... by Security Weekly Podcast Network (Video)
65 min listen
ChatGPT Writes Exploits - PSW #827: ChatGPT writes exploits, banning default and weak passwords, forget vulnerabilities just get rid of malware, IR blasting for fun and not profit, creating fake people, shattered dreams and passkey, and removing chips. Show Notes: by Security Weekly Podcast Network (Video)
119 min listen
Board's Pivotal Role in Cybersecurity as CISO-CEO Communication Gaps Continue - BSW #348: In the leadership and communications section, The Board's Pivotal Role in Steering Cybersecurity, CISO-CEO communication gaps continue to undermine cybersecurity, The Essence of Integrity in Leadership: A Pillar of Trust and Excellence, and more! Show... by Security Weekly Podcast Network (Video)
32 min listen
Why Companies Continue to Struggle with Supply Chain Security - Melinda Marks - ASW #283: Companies deploy tools (usually lots of tools) to address different threats to supply chain security. Melinda Marks shares some of the chaos those companies still face when trying to prioritize investments, measure risk, and scale their solutions to... by Security Weekly Podcast Network (Video)
41 min listen
Random Problems, Protecting Packages, and Vulns in Designs, Defaults & Data Leaks - ASW #283: Misusing random numbers, protecting platforms for code repos and package repos, vulns that teach us about designs and defaults, and more! Show Notes: by Security Weekly Podcast Network (Video)
39 min listen
AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more. - SWN #382: AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more, are on this edition of the Security Weekly News. Show Notes: by Security Weekly Podcast Network (Video)
37 min listen
Meet Silver SAML: Golden SAML in the Cloud - Eric Woodruff - BSW #348: A hybrid workforce requires hybrid identity protection. But what are the threats facing a hybrid workforce? As identity becomes the new perimeter, we need to understand the attacks that can allow attackers access to our applications. Eric Woodruff,... by Security Weekly Podcast Network (Video)
28 min listen
Your TV Is Scanning You - PSW #826: This week the crew discusses: When TVs scan your network, bad things can happen, PuTTY is vulnerable, Crush FTP, vulnerabilities that will never be fixed, CVEs are for vulnerabilities silly, you can test for easily guessable passwords too, FlipperZero... by Security Weekly Podcast Network (Video)
110 min listen
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381: TikTok, Flowmon, Arcane Door, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: by Security Weekly Podcast Network (Video)
38 min listen
How GenAI Can Improve SecOps - Ely Kahn - ESW #359: We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some... by Security Weekly Podcast Network (Video)
30 min listen
Threat Modeling and Understanding Inherent Threats - Adam Shostack - ESW #359: This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the... by Security Weekly Podcast Network (Video)
45 min listen
Autonomous - I don't think that word means what you think it means - ESW #359: A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues... by Security Weekly Podcast Network (Video)
44 min listen
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826: On February 27, 2024, PCAST (President’s Council of Advisors on Science and Technology) sent a report to the President with recommendations to bolster the resilience and adaptability of the nation’s cyber-physical infrastructure resources. Phil... by Security Weekly Podcast Network (Video)
61 min listen
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380: Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Show Notes: by Security Weekly Podcast Network (Video)
37 min listen
Unraveling the "Materiality" Mystery: A CISO's Guide to SEC Compliance - Mike Lyborg - BSW #347: The new SEC Cyber Security Rules require organizations to be ready to report cyber incidents. But what do you actually need to do? Mike Lyborg, Chief Information Security Officer at Swimlane, joins Business Security Weekly to discuss how to prepare.... by Security Weekly Podcast Network (Video)
30 min listen
Sustainable Funding of Open Source Tools - Simon Bennetts, Mark Curphey - ASW #282: How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source... by Security Weekly Podcast Network (Video)
39 min listen
What does DoD’s CMMC Requirement Mean for American Businesses - Edward Tuorinsky - BSW #347: Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC... by Security Weekly Podcast Network (Video)
35 min listen
Crazy money and crazy outcomes - cybersecurity acquisitions in all shapes and sizes - ESW #358: This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million??? Some healthy funding for Cyera and Cohesity ($300m and $150m,... by Security Weekly Podcast Network (Video)
66 min listen
Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland... - SWN #379: Win 95, Cheat Lab, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: by Security Weekly Podcast Network (Video)
35 min listen
Hacker Heroes - Winn Schwartau - PSW #825: Pioneering the Cyber Battlefield: A Deep Dive with Winn Schwartau, Cybersecurity Luminary Get ready for an extraordinary episode as we sit down with Winn Schwartau, a true pioneer and luminary in the world of cybersecurity. Winn's impact on the field... by Security Weekly Podcast Network (Video)
66 min listen
From Hackers to Streakers - How Counterintelligence Teams are Protecting the NFL - Joe McMann - ESW #358: Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is... by Security Weekly Podcast Network (Video)
41 min listen
PCI 4.0 - PSW #825: Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other... by Security Weekly Podcast Network (Video)
60 min listen
Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, & Josh Marpet - SWN #378: Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: by Security Weekly Podcast Network (Video)
34 min listen
Arg Parsing in Rust, End of Life Hardware, CSRB & MS, Chrome’s V8 Sandbox - ASW #281: A Rust advisory highlights the perils of parsing and problems of inconsistent approaches, D-Link (sort of) deals with end of life hardware, CSRB recommends practices and processes for Microsoft, Chrome’s V8 Sandbox increases defense, and more! Show... by Security Weekly Podcast Network (Video)
28 min listen
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281: There are as many paths into infosec as there are disciplines within infosec to specialize in. Karan Dwivedi talks about the recent book he and co-author Raaghav Srinivasan wrote about security engineering. There's an appealing future to security... by Security Weekly Podcast Network (Video)
35 min listen
Generative AI Legal Challenges as SEC Charges Disrupt Journey to CISO Role - BSW #346: In the leadership and communications section, Navigating Legal Challenges of Generative AI for the Board, Winds of Warning? SEC Charges Threaten to Disrupt Role of CISO, 6 Common Leadership Styles — and How to Decide Which to Use When, and more!... by Security Weekly Podcast Network (Video)
26 min listen
From Idea to Success: How to Operationalize a Startup from Zero to Exit - Seth Spergel - BSW #346: Startup founders dream of success, but it's much harder than it looks. As a former founder, I know the challenges of cultivating an idea, establishing product market fit, growing revenue, and finding the right exit. Trust me, it doesn't always end... by Security Weekly Podcast Network (Video)
30 min listen

Related podcast episodes

Skip carousel

Russian regex, John McAfee, Verkada Hack, & Microsoft Exchange - PSW #686: Microsoft Exchange had some vulnerabilities, how could you not hear about them?, Russians try to throttle Twitter, silicon valley security camera company has been breached and we get to see what it looks like as they make Teslas in China, Did I... by Security Weekly Podcast Network (Video)
92 min listen
Extracting Data from ChatGPT, Vulns Around AI, Secure AI Guidance, LogoFAIL, BLUFFS - ASW #265: Repetition extracts data from ChatGPT, more vulns in the software that surrounds AI, guidelines for secure AI, LogoFAIL trips a boot, BLUFFS attack on Bluetooth, CISA's first secure by design alert, Okta's updated breach disclosure, and more! Show Notes: by Security Weekly Podcast Network (Video)
35 min listen
Extracting Data from ChatGPT, Vulns Around AI, Secure AI Guidance, LogoFAIL, BLUFFS - ASW #265: Repetition extracts data from ChatGPT, more vulns in the software that surrounds AI, guidelines for secure AI, LogoFAIL trips a boot, BLUFFS attack on Bluetooth, CISA's first secure by design alert, Okta's updated breach disclosure, and more! Show Notes: by Application Security Weekly (Video)
35 min listen
The Human Element - ESW #252: In this interview, we discuss defenders sharing information, how Edna deals with Azure's supply chain challenges, ransomware trends, and some future predictions. Edna has been in security as long as most other folks we interview, but was a lawyer for... by Security Weekly Podcast Network (Audio)
113 min listen
Go Vuln Project, OSS-Fuzz Successes, No More Basic Auth, NSA Supply Chain Hardening - ASW #211: Go releases their own curated vuln management resources, OSS-Fuzz finds command injection, Microsoft gets rid of Basic Auth in Exchange, NSA provides guidance on securing SDLC practices, reflections on pentesting, comments on e2e Visit for all... by Security Weekly Podcast Network (Video)
40 min listen
Go Vuln Project, OSS-Fuzz Successes, No More Basic Auth, NSA Supply Chain Hardening - ASW #211: Go releases their own curated vuln management resources, OSS-Fuzz finds command injection, Microsoft gets rid of Basic Auth in Exchange, NSA provides guidance on securing SDLC practices, reflections on pentesting, comments on e2e Visit for all... by Application Security Weekly (Video)
40 min listen
Taking Selfies - ESW #216: This week, in the Enterprise Security News, A new Open-source tool helps discover public Azure blobs, A New Eclypsium Integration with Kenna.VM, Armis Raises $125 Million, Okta launches its new open-source design system, Enterprise selfie biometrics... by Security Weekly Podcast Network (Audio)
82 min listen
Episode 383: The Power of Shame: TechSNAP progenitor and special guest Allan Jude joins us to talk mobile security, hand out some SSH tips and tricks, and discuss why security shaming works so well. by TechSNAP
52 min listen
CosMiss, Pixel Lock Screen Bypass, IIoT Path Traversal, NSA on C & C++, Code Reviews - ASW #220: CosMiss in Azure, $70k bounty for a Pixel Lock Screen bypass, finding path traversal with Raspberry Pi-based emulators, NSA guidance on moving to memory safe languages, implementing phishing-resistant MFA, egress filtering, and how to approach code... by Application Security Weekly (Video)
45 min listen
CosMiss, Pixel Lock Screen Bypass, IIoT Path Traversal, NSA on C & C++, Code Reviews - ASW #220: CosMiss in Azure, $70k bounty for a Pixel Lock Screen bypass, finding path traversal with Raspberry Pi-based emulators, NSA guidance on moving to memory safe languages, implementing phishing-resistant MFA, egress filtering, and how to approach code... by Security Weekly Podcast Network (Video)
45 min listen
Vulns & Secure Design, MiraclePtr Success, Abandoned Projects & Maven, Old "AI Chip" - ASW #271: Vulns in Jenkins code and Cisco devices that make us think about secure designs, MiraclePtr pulls off a relatively quick miracle, code lasts while domains expire, an "Artificial Intelligence chip" from the 90s, and more! Show Notes: by Security Weekly Podcast Network (Video)
41 min listen
Vulns & Secure Design, MiraclePtr Success, Abandoned Projects & Maven, Old "AI Chip" - ASW #271: Vulns in Jenkins code and Cisco devices that make us think about secure designs, MiraclePtr pulls off a relatively quick miracle, code lasts while domains expire, an "Artificial Intelligence chip" from the 90s, and more! Show Notes: by Application Security Weekly (Video)
41 min listen
BeyondTrust, MITRE ATT&CK for ICS, & ThreatConnect - ESW #185: This week, MITRE ATT&CK for ICS: A Technical Deep Dive, Tufin Expands Security Automation Capabilities, Strengthen Business and Security Alignment with ThreatConnect, BeyondTrust Privilege Management for Windows and Mac SaaS Accelerates and... by Security Weekly Podcast Network (Video)
32 min listen
BeyondTrust, MITRE ATT&CK for ICS, & ThreatConnect - ESW #185: This week, MITRE ATT&CK for ICS: A Technical Deep Dive, Tufin Expands Security Automation Capabilities, Strengthen Business and Security Alignment with ThreatConnect, BeyondTrust Privilege Management for Windows and Mac SaaS Accelerates and... by Enterprise Security Weekly (Video)
32 min listen
Killing the SOC, Burger King Runes, ReliaQuest Valuation, & StrongDM - ESW #252: This week in the enterprise security news: ReliaQuest crests a $1bn valuation, CyCognito raises a $100m Series C, AWS enhances cloud vulnerability management, StrongDM automates access to infrastructure, Can we trust AI written code?, Killing the SOC... by Security Weekly Podcast Network (Video)
44 min listen
Killing the SOC, Burger King Runes, ReliaQuest Valuation, & StrongDM - ESW #252: This week in the enterprise security news: ReliaQuest crests a $1bn valuation, CyCognito raises a $100m Series C, AWS enhances cloud vulnerability management, StrongDM automates access to infrastructure, Can we trust AI written code?, Killing the SOC... by Enterprise Security Weekly (Video)
44 min listen
Printers Are "Not Nice" - PSW #820: In the security News end of life routers and exploits, SCCM mis-configurations lead to compromise, apparently you can hack anything with a Flipper Zero, do source code leaks matter?, visibility is important, printer vulnerabilities that no one cares... by Security Weekly Podcast Network (Video)
116 min listen
Making Service Meshes Work for People - Idit Levine - ASW #267: Service meshes create the opportunity to make security a team sport. They can improve observability and service identity. Turning monoliths into micro services sounds appealing, but maybe not every monolith needs to be broken up. We'll also talk about... by Security Weekly Podcast Network (Audio)
78 min listen
NO. 355 | NEWS & ANALYSIS SERIES by Unsupervised Learning
14 min listen
Eliminate Attack Surface from Inside Out - Shamim Naqvi - ESW #310: SafeLiShare delivers tamperproof security from inside out across clouds and eliminate algorithmic complexity attacks and reverse never-ending cycles of defense using policy controlled Confidential Computing with secure enclave technology. ... by Security Weekly Podcast Network (Video)
43 min listen
Eliminate Attack Surface from Inside Out - Shamim Naqvi - ESW #310: SafeLiShare delivers tamperproof security from inside out across clouds and eliminate algorithmic complexity attacks and reverse never-ending cycles of defense using policy controlled Confidential Computing with secure enclave technology. ... by Enterprise Security Weekly (Video)
43 min listen
DLL Hijacking, Trust Through Privacy, & Adobe EOL Data - ASW #112: DLL Hijacking at the Trend Micro Password Manager, Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms, The State of Open Source Security 2020, Microservices vs. Monoliths: Which is Right for Your Enterprise?, What Modern CI/CD Should Look... by Application Security Weekly (Video)
33 min listen
DLL Hijacking, Trust Through Privacy, & Adobe EOL Data - ASW #112: DLL Hijacking at the Trend Micro Password Manager, Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms, The State of Open Source Security 2020, Microservices vs. Monoliths: Which is Right for Your Enterprise?, What Modern CI/CD Should Look... by Security Weekly Podcast Network (Video)
33 min listen
PSW #750 - Guy Bruneau: Guy will go through some of his career choices that eventually led to 25 years in a long and fun career in information and cybersecurity. Infosec has been a fascinating and challenging field which anyone can learn through training and some of the... by Security Weekly Podcast Network (Audio)
172 min listen
The Role of Human Behavior in Security & the Future - Ev Kontsevoy - PSW #757: Hackers rarely break through crypto or exploit fancy zero days. Most of the time they simply login using stolen credentials. Managing passwords, keys and other forms of secrets does not work at scale. In this segment we’ll look into a more radical... by Security Weekly Podcast Network (Video)
62 min listen
We're A Lot Happier - PSW #686: This week, we welcome David Hétu, Chief Research Officer at Flare Systems, to discuss How Illicit Markets Really Operate! In the second segment, we jump right into the Security News Microsoft Exchange had some vulnerabilities, how could you not hear... by Security Weekly Podcast Network (Audio)
195 min listen
Which Multifactor Authentication is the Right One? - Matt Barnett - ESW #208: It's widely-accepted that multifactor is a best practice for authentication, but there are a variety of implementations (e.g., smart cards, push notifications, OTPs). We'll talk through the benefits and drawbacks of each and explore why Microsoft's... by Security Weekly Podcast Network (Video)
24 min listen
Which Multifactor Authentication is the Right One? - Matt Barnett - ESW #208: It's widely-accepted that multifactor is a best practice for authentication, but there are a variety of implementations (e.g., smart cards, push notifications, OTPs). We'll talk through the benefits and drawbacks of each and explore why Microsoft's... by Enterprise Security Weekly (Video)
24 min listen
Attivo Networks, CloudZero, and Akami - Startup Security Weekly #59: Defining traits of leaders, the realities of stealth mode, and updates from Attivo Networks, CloudZero, Akami, and more on this episode of Startup Security Weekly! Full Show Notes: https://wiki.securityweekly.com/SSWEpisode59 Visit... by Security Weekly Podcast Network (Video)
58 min listen
OpenAI Info Leak, BitCoin ATM Hack, GitHub RSA SSH Key, Measuring AI Security - ASW #234: Ferrari refuses ransomware, OpenAI deals with security issues from cacheing, video killed a crypto ATM, GitHub rotates their RSA SSH key, bypassing CloudTrail, terms and techniques for measuring AI security and safety Visit for all the... by Application Security Weekly (Video)
37 min listen

Discover this podcast and so much more

XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282

XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282

Description

Titles in the series (100)

More Episodes from Security Weekly Podcast Network (Video)

Related podcast episodes