The recent MechaFlounder was a backdoor attack linked to Iranian threat actors who targeted Turkish entities. Similar Python-based backdoor attacks have managed to evade traditional network security defenses and propagate inside their target environments. To learn more about Edgewise, visit: https://securityweekly.com/edgewise Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode637

In this week's episode of Paul's Security Weekly, Paul and the guys welcome back Gene Kim to interview him about his newest book "The Unicorn Project". Gene shares with us his goals and aspirations for The Unicorn Project, describes in detail the Five Ideals, along with his favorite case studies of both ideal and non-ideal, and why he believes more than ever that DevOps will be one of the most potent economic forces for decades to come. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

In the Security News, Microsoft Security Shocker As 250 Million Customer Records Exposed Online, the NSA Offers Guidance on Mitigating Cloud Flaws, Multiple Vulnerabilities Found in AMD ATI Radeon Graphics Cards, Brazil prosecutes Glenn Greenwald in attack on press freedom, and Cybersecurity Lessons Learned from 'The Rise of Skywalker'! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode636

Paul, Doug and Tyler interview Mike Godwin about the creation of the EFF, why it was created and how he became involved, some of the first cases taken on by the EFF, Godwin's Law, the right to repair, freedom of speech, and much more!  Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode636

Paul, Doug and Tyler interview Dug Song about how he got his start in Information Security, what prompted him to begin work for dsniff, his transition from engineer to entrepreneur, what he learned from his experiences at Arbor Networks, why he decided to found a company in the authentication space, how to grow a company while maintaining your vision and culture, CISCO's acquisition of DUO Security, what it's like to be integrated into such a large company, what makes company's great, advice for talented tech people who want to become entrepreneurs, Dug's book recommendation for inspiring entrepreneurs, and much, much more Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode636

We discuss the details and impact of the latest flaw, disclosed by NSA, in Windows 10 that allows attackers to pass off malware as signed applications and so much more. The Citric Netscaler vulnerability is a rare remote-easy-to-exploit opportunity for attackers. The crew also talks about book recommendations, backdoors in crypto (and why its bad), conspiracy theories and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

The world continues to see a proliferation of highly insecure IoT/embedded products. How can companies making embedded products design security in from the start, and why don t they do it today? Importantly, security needs to be baked in while remaining lean and moving quickly towards an MVP product. Discussions will range from hardware chip selection, cryptographic protocol design, and firmware security -- both at the design and security pen test phases. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

This is the Hacker Culture Roundtable discussion from the Security Weekly Christmas podcast marathon and features almost all of our hosts and special guests. Hacking is a term used to describe the activity of modifying a product or procedure to alter its normal function, or to fix a problem. The term purportedly originated in the 1960s, when it was used to describe the activities of certain MIT model train enthusiasts who modified the operation of their model trains. They discovered ways to change certain functions without re-engineering the entire device. These curious individuals went on to work with early computer systems where they applied their curiosity and resourcefulness to learning and changing the computer code that was used in early programs. To the general public, a "hack" became known as a clever way to fix a problem with a product, or an easy way to improve its function. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode635

In the security news, Car hacking hits the streets, 4 Ring employees fired for spying on customers, MITRE presents ATT&CK for ICS, and Las Vegas suffers cyberattack on the first day of CES! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634

According to Gartner, 70% of businesses are adopting a hybrid cloud and multi-cloud strategy to augment their internal data centers. The challenges of protecting data and using encryption for multiple hybrid, public cloud, and on-premises environments increases complexity, cost, and security risk. As workloads and sensitive data move to the cloud, keeping cryptographic keys, shared secrets and tokens secure is critical to secure public cloud deployments and successful digital transformation. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634

Purple teaming reduces the lifespan of vulnerabilities found from pentests by facilitating knowledge transfer between red and blue teams in the remediation phase. PlexTrac provides a single interface through which red teams may report vulnerabilities and blue teams may remediate them. Visit https://www.securityweekly.com/plextrac to claim your free month of PlexTrac. Also, be sure to stop by their booth in the Early Stage Exhibit at RSA next month. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode634

In the security news, mysterious Drones are Flying over Colorado (watchout Mr. Alderman), 7 Tips for Maximizing Your SOC, The Most Dangerous People on the Internet This Decade, North Korean Hackers Stole 'Highly Sensitive Information' from Microsoft Users, Critical Vulnerabilities Impact Ruckus Wi-Fi Routers, & The Coolest Hacks of 2019! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode633

Global conversations around acceptable norms of behavior in cyberspace (particularly for states), attribution, accountability, and deterrence (though we have not done well on the last one), recent attacks, and the processes that are dealing with setting rules of the road in cyberspace. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode633

The history of security can be traced back to a variety of different sources. The amount of articles on the topic is dizzying. Most will cite names of early phone phreaks, Kevin Mitnick, Kevin Poulsen, Steve Jobs, Steve Wozniak and quickly transition to many other more recent "hacks" or breaches. Our goal is to not review the history of hacking. This is the history of security. We've carefully chosen key events and research to discuss the very beginnings of security, and their impact and lessons for today's ever-evolving security landscape. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode632

Emerging technologies such as Virtual, Augmented and Mixed Reality are inevitably gaining momentum and helping businesses gain competitive advantage. These technological advancements are giving rise to digital transformation as well as digital risks. The bigger question is who will protect these technologies. While the world is catching up on the business aspects and the real use cases, Silicon Valley startups are already gearing up to combat the risks born alongside emerging tech's benefits. The Valley companies are utilizing the same technologies to combat the associated risks. My Quest to protect these Brave New Virtual Worlds has taken me around the world and connected me to the geniuses at Wallarm. In this segment, I will talk about WHY I believe Wallarm, XRSI and companies alike are the ones moving fast to protect the Immersive Technologies. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode633

It was once said that if Security and Compliance were in a relationship the status would be "It's Complicated". This discussion will aim to help you understand this relationship and how it can be beneficial or a mere distraction to an organization's overall security posture. - Define "Secure" and "Compliant". - Does compliance merely raise awareness about security shortcomings? - What is the relationship between Security and Compliance? - Being Secure and being Compliant are mere points in time, how can we best develop a process to ensure we are always striving to a secure and compliant state? - How does Security impact and/or influence Compliance? - How does Compliance impact and/or influence Security? - How do you balance these extremes: "We will be Secure and ignore compliance" vs. "We will be compliant but ignore security" Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode632

Each year the team at Counterhack Challenges makes available the Holiday Hack Challenge. Led by Ed Skoudis, and created by some of the most talented security professionals in the industry, it is not to be missed. Tune in to hear the details, or at least some information, about this year's Holiday Hack Challenge! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode631

Penetration testing has evolved quite a bit in the past year. As defenses shift, and in some cases get much better, attack techniques and landscapes have changed as well. - What has changed in the past year with regards to penetration testing? - What is adversary simulation? What are the benefits? Is the offering and consumption of this service an indication that organizations are getting better at building effective security programs? - How has the increased popularity of breach and attack simulation tools impacted penetration testing? - Has the MITRE attack framework impacted penetration testing? If so, how? - Many advanced penetration testers seem to be keeping their tools private as to avoid detection by endpoint security products. Is this happening, and if so what is the impact? Should we share more? Less? - With so many tools available today for penetration testing, what can blue teams and internal red teams do to prep for an external penetration test? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode631

- Given that DevOps is a process and its execution requires many different tools, how do we get started "doing DevOps"? - What about DevOps allows us to produce more secure applications? - What concepts inside of DevOps do most people lose site of? - What are the major challenges involved in taking an application from traditional development to DevOps? - What are some of the best approaches to making an application more resilient to threats - To ORM or not to ORM? - Which services do you implement yourself vs. using a cloud service? - How do I choose the best secrets vault? - What should I use an orchestrator for and what should I not use an orchestrator for? - How do I build a secure API for my app? - Thoughts on GraphQL vs. REST security implications? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode632

It's often said that attackers need only to get it right once, where defenders have to be right all of the time. Those of us who have worked in a security role as a defender know we don't always get it right, in fact, there are often many exposures in our defenses. This segment will aim to help defenders learn tactics and techniques that are effective and try to answer some of the following questions: - How do you prioritize your defensive efforts? - How do you best detect attacks? - How do you best protect against attacks? - We always say "patch your stuff" but how often should you patch? Which systems should you patch? - What techniques work best to defend against email phishing? - How do you provide a "good enough" level of security for your Active Directory? - What are the fundamentals of defense? How do they differ per environment and organization? - How do you get management to buy-in to your security plans and spending? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode631

In the Security News, Reveton ransomware schemer stripped of six years of freedom, £270,000, and Rolex, Web-hosting firm 1&1 hit by almost €10 million GDPR fine over poor security at call centre, iPR Software Exposed Thousands via a Humongous Corporate Data Leak, and how the FBI assesses Russian apps may be counterintelligence threat! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode630

John Strand is a Security Analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures. John will be talking about Backdoors & Breaches, the Incident Response card game. To learn more about BHIS, visit: https://securityweekly.com/bhis Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode630

Jorge Salamero is the Director of Technical Marketing at Sysdig. Jorge enjoys playing with containers and Kubernetes, home automation and DIY projects. Currently, he is part of the Sysdig team, and in the past was a Debian developer. When he is away from computers, you will find him walking with his 2 dogs in the mountains or driving his car through a twisted road. To learn more about Sysdig, visit: https://securityweekly.com/sysdig Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode630

Netflix: BPF is a new type of software we use to run Linux apps securely in the kernel, Automated security tests with OWASP ZAP, HackerOne Breach Leads to $20,000 Bounty Reward, US-CERT AA19-339A: Dridex Malware , and much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode629

Micah Hoffman is the Principle Investigator at Spotlight Infosec. Looking to increase the publicity of using Open Source Intelligence (OSINT) in traditional cyber fields like pentest, DFIR, and cyber defense. Just created a new non-profit called The OSINT Curious Project (https://osintcurio.us) that is a clearinghouse for excellent OSINT information and resources. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode629

Eric Brown is the Sr. Security Analyst at LogRhythm. Eric will cover topics including: Phishing Trends, 2020 Outlook, Top 4 Types Eric is seeing: Exec Phish / Legit websites (Box/sites.google/OneDrive) / Fake O365 / HTML attachment, Use of/upload to VirusTotal, Value of Incident Response and Playbooks, Value of Training baseStriker, Has it been patched? Or just now detectable?, and Hunting Phish Kits. To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode629

In the Security News, Disney Plus Blames Past Hacks for User Accounts Sold Online, Why Multifactor Authentication Is Now a Hacker Target, How the Linux kernel balances the risks of public bug disclosure, A critical flaw in Jetpack exposes millions of WordPress sites, and Amazon tells senators it isn't to blame for Capital One breach! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode628

Dave Kennedy is the Founder & CEO of TrustedSec. Dave comes on the show to talk about the Coalfire incident and DerbyCon communities. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode628

Peter Liebert is the CEO at Liebert Security. After working in and with SOCs for the majority of my career, as well as building one from the ground up for the State of California, there are some lessons learned that can be shared with the wider community. The first is how to leverage automation and devsecops methodologies in your SOC and the second is how to break out of the traditional Tier 1-3 model. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode628

Two security researchers earned $60,000 for hacking an Amazon Echo, Amazon Kindle, Embedded devices Open to Code-Execution, This App Will Tell You if Your iPhone Gets Hacked, Two New Carding Bots Threaten E-Commerce Sites, and much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode627

Bryson Bort (Founder and CEO of SCYTHE) will demonstrate how to safely simulate ransomware and a multi-staged APT with lateral movement in your production environment! How would your organization protect, detect and respond to a ransomware attack? Bryson is also announcing the availability of the SCYTHE marketplace where red teams can collaboratively build and share threats and modules to extend the SCYTHE platform while also sharing market intelligence on what enterprises are looking for in their assessments. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode627

As advancements have been made in technologies new surveillance tools have been designed giving those charged with protecting citizen’s additional opportunities to prevent crimes or identify those who have violated laws or policies. While innovation has introduced a variety of new platforms there remains a concern of if the implementation of them is ethical. Additionally, there are concerns that surveillance has been and continues to be unequally applied. Our guest for this segment is Dr. Kevin Harris, the Program Director for Information Systems Security and Information Technology Management at American Public University. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode627

In the Security News, Who is responsible for Active Directory security within your organization?, Apple publishes new technical details on privacy features, How to ensure online safety with DNS over HTTPS, Amazons Ring Video Doorbell could open the door of your home to hackers, and much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode626

Kevin Finisterre is a Co-founder of Arcade Hustle. Josh Valentine is a Co-founder of Arcade Hustle. Josh and Kevin have spent the last year immersing ourselves in arcade platforms, games, and cabinets. There is quite a bit of cross over into the traditional security scene. There is even more to learn in the subtle differences of how each scene handles. We'd like to talk about our project Arcade Hustle, and the things we've learned during our into to the arcade scene. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode626

Peter Smith is the Founder & CEO of Edgewise. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode626

Paul and Matt sit down with Dave Bittner from Cyberwire to discuss the state of security podcasts, the latest security trends, and the security community. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode625

Sven Morgenroth is the Security Researcher at Netsparker. Sven joins us again to talk about Formatting string vulnerabilities. To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode625

Philippe Courtot is the Chairman and CEO of Qualys. Sumedh Thakar is the Chief Product Officer Qualys. Philippe Courtot, chairman and CEO of Qualys will examine the impact of today's complex and hyper-connected IT environments have on security and compliance. He will discuss why, in a world where everything connects, we need to regain the visibility we have lost, and why visibility is now the cornerstone of security. Simply put, it is difficult, if not impossible, to secure what we do not know or cannot see. To learn more about Qualys, visit: https://securityweekly.com/qualys Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode625

Last week, Elastic and Endgame announced that they have formally joined forces to introduce Elastic Endpoint Security. Together, they combine Elastic’s free and open SIEM with Endgame's endpoint security product to give users an integrated solution that offers greater visibility across their environment. This is a step toward realizing Elastic’s vision for applying search to multiple use cases, like threat hunting, fraud detection, and security monitoring. Now, when users deploy a data collection agent for Elastic SIEM, they can protect the endpoint simultaneously and remove the inefficiency of multiple solutions that can’t respond in time to prevent damage and loss. And, to make Elastic Endpoint available to everyone, the company announced that they are eliminating per-endpoint pricing. No more counting endpoints or days of threat intelligence data retained. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode624

In the news, we talk Security News, discussing how Amazon Echo and Kindle devices were affected by a WiFi bug, Ransomware and data breaches linked to uptick in fatal heart attacks, a woman was ordered to type in her iPhone password so police could search the device, and how the military found Marijuana at a North Dakota nuclear launch facility! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode624

Tom Williams is the Director of Veterans Operations of Veterans MHH. Speaking about the challenges that veterans face and how MHH is looking to address those. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode624

Peter Kruse is the Founder of CSIS Security Group. "Nothing specific but a Google search will provide numerous research I have been involved with and conferences I have spoken at including Kaspersky SAS, NCSC, Underground Economy, Virusbulletin, CARO, APWG, Hackdays, Confidence, Cyberhagen and many more." Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode623

Cybercrime Tool Prices Bump Up in Dark Web Markets, Pen testers find mystery black box connected to ships engines, Using Machine Learning to Detect IP Hijacking - Schneier on Security, and much more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode623

DeCloss is the President and CEO of PlexTrac. The segment will focus on the importance of a high-quality report and what red and blue teamers should recognize goes into a good report. Often times, there’s no feedback loop after report delivery and collaboration can be limited post-engagement. That will lead into a demo of PlexTrac to highlight the efficiencies we provide when creating and receiving a report. To learn more about PlexTrac, visit: https://securityweekly.com/plextrac Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode623

This week, we talk Security News, how Turkey fines Facebook $282,000 over privacy breach, why the FBI is encouraging not to pay ransomware demands, the top 10 cybersecurity myths that criminals love, Doordash third-party breach hits 4.9 Million users, and how a "Bulletproof" Dark Web data center was seized by German police! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622

It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly. This show is hosted by: Jeff Man, Josh Marpet, and Scott Lyons. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622

Stewart Room is a Partner of PwC. Security Professionals have long understood the need to deliver security outcomes in technology and data, but is the privacy community on the same page? Data Privacy requires outcomes for matters such as data accuracy, data minimization and fair processing, as well as risks, such as portability and access. These outcomes need tech and data solutions. In this session we will examine The Journey to Code, the next evolutionary step for Data Privacy. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode622

How a hacker took over a smart home with vulgar music and rising temperatures, a security warning for 23 million YouTube creators following a crazy hack attack, Vimeo sued for storing faceprints of people without their say-so, Selfie Android Apps push ads and can record audio, and how adopting DevOps leads to an improved security posture! Full Show Notes: https://wiki.securityweekly.com/Episode621 Visit https://www.securityweekly.com/psw for all the latest episodes!