Paul's Security Weekly 3u6i2d

This week, we welcome Ryan Benson, Director of Service Offerings at deepwatch, to discuss the State of the Managed Detection & Response Market! In the Leadership and Communications section, 6 types of CISO and the companies they thrive in, What are the habits of highly effective CISOs, Cybersecurity is Not a Four-Letter Word, and more!   Show Notes: https://securityweekly.com/bsw189 Visit https://securityweekly.com/deepwatch to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Mike, Matt, and John talk about The Difference Between Finding Vulns & Securing Apps! In the Application Security News, 6 Things to Know About the Microsoft 'Zerologon' Flaw, You can by TikTok's MFA by logging in via a browser, Instagram RCE: Code Execution Vulnerability in Instagram App for Android and iOS, and more!   Show Notes: https://wiki.securityweekly.com/asw123 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, first we talk Enterprise News, ExaGrid releases version 6.0 with Time-Lock for Ransonware Recovery Feature, Microsoft overhauls 'Patch Tuesday', Palantir to begin New York trading on September 30th, Accenture acquires SALT Solutions to build cloud-based industrial IoT platforms, and Code42 Incydr: A cloud-native product that mitigates insider data exposure and exfiltration! In our second segment, we welcome Edward Wu, Principal Data Scientist of ExtraHop, and Ted Driggs, Head of Product at ExtraHop, to discuss Demystifying AI & ML for Cybersecurity! In our final segment, we welcome Jeff Capone, CEO & Co-Founder of SecureCircle, for an interview on ZeroTrust Data Security!   Show Notes: https://securityweekly.com/esw200 Visit https://securityweekly.com/securecircle to learn more about them! Visit https://securityweekly.com/extrahop to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Dr. Doug talks the Tesla outage, Microsoft Redux, Lokibot, Wicked Panda, Maze, Facebook gone forever, Magic Swords, and enchanted codpieces!   Show Notes: https://wiki.securityweekly.com/swn68 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Chas Ballew, Co-Founder and CEO at Aptible, to discuss Reducing the Headache of Audit Prep With Automation! In the second segment, we welcome back Priya Chaudhry, Jedi Warrior Princess and Criminal Defense Trial Lawyer at ChaudhryLaw PLLC, to discuss the Legal Review of CFAA Supreme Court Case!   Show Notes: https://wiki.securityweekly.com/scw44 Visit https://securityweekly.com/aptible to learn more about them!   Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Corey Thuen, Founder of Gravwell, to discuss The Power of Context & Collaboration in a Data Driven World! In the second segment, Michael Santarcangelo and Sam Estrella us to discuss the anatomy of an acquisition! A listener request, Michael will walk us through the Security Weekly acquisition by CyberRisk Alliance to understand the key criteria, processes, and challenges of an acquisition, especially during COVID-19!   Show Notes: https://wiki.securityweekly.com/bsw188 Visit https://securityweekly.com/gravwell to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Dr. Doug talks Zerologon, Wicked Panda, OSINT, Doom found to run on Xbox, and Dark Overlord! Jason Wood returns for Expert Commentary on why to Think Twice Before Using Facebook, Google, or Apple to Sign In Everywhere!   Show Notes: https://wiki.securityweekly.com/swn67 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Justin Massey, Product Manager, Security Monitoring at Datadog, to discuss Visualizing and Detecting Threats For Your Custom Application! In the Application Security News, Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale, Bluetooth Spoofing Bug Affects Billions of IoT Devices, Firefox bug lets you hijack nearby mobile browsers via WiFi, Safeguarding Secrets Within the Pipeline, and more!   Show Notes: https://wiki.securityweekly.com/asw122 Visit https://securityweekly.com/datadog to learn more about them!   Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome we welcome Mike Ware, Senior Director of Technology at Synopsys, to talk about the Key Findings From The Newly Released BSIMM11 Report! In our second segment, we welcome James Spiteri, Solutions Architect and Cyber Security Specialist Global Solutions Lead at Elastic, to discuss how Elastic Security Opens Public Detections Rules Repo! In the Security News, Three Cybersecurity Lessons from a 1970s KGB Key Logger, MFA By Bugs Opened Microsoft 365 to Attack, How Hackers Can Pick Your LocksJust By Listening, U.S. House es IoT Cybersecurity Bill, the Largest Hacking Campaign Since 2015 Targeted Magento Stores Via Unpatched Bug, and 5 Security Lessons Humans Can Learn From Their Dogs!   Show Notes: https://wiki.securityweekly.com/psw667 Visit https://securityweekly.com/elastic to learn more about them! Visit https://securityweekly.com/synopsys to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Dr. Doug discusses Microsoft OneFuzz, Tik Tok, QAnon, Mozi, and more news from the sunny shores of Venus!   Show Notes: https://wiki.securityweekly.com/swn66 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, first we talk Enterprise News, discussing Acunetix new data retention policies, 5 things you should ask your web app pen test provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils for distributed tracing for AWS Step Functions via AWS X-Ray, and Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines! In our second segment, we welcome Ferruh Mavituna, CEO of Netsparker, to discuss Current Security Needs Of Modern Enterprise Companies! In our final segment, we welcome Jimmy Mesta, Director of Security Research at Signal Sciences, to discuss Securing Enterprise Digital Transformations!   Show Notes: https://securityweekly.com/esw199 Visit https://securityweekly.com/netsparker to learn more about them! Visit https://securityweekly.com/signalsciences to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome David King, Founding Member and Owner at Cyber Alliance and Governing Goliath Media, to discuss How We Lost the Cybersecurity War (and What Happens Next), in this two part interview!   Show Notes: https://wiki.securityweekly.com/scw43 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Dr. Doug talks Candiru fish, Office Phishing attacks with a twist, Fancy Bear, Zhenhua data leaks, TikTok and Oracle, and Big Eyed Beans from Venus! Jason Wood returns for Expert Commentary on a Russian hacker selling a how-to video on exploiting uned Magento installations to skim credit card details for $5,000!   Show Notes: https://wiki.securityweekly.com/swn65 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome back John Loucaides, VP of Research & Development at Eclypsium, to discuss Cracks in the Foundation: Understanding the New Endpoint Challenge! In the Leadership and Communications section, we're playing 3 questions - Does Your Board Really Understand Your Cyber Risks?, How can the C-suite CISOs in improving cybersecurity?, Think You're Spending Enough on Security?, and more!   Show Notes: https://wiki.securityweekly.com/bsw187 Visit https://securityweekly.com/eclypsium to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Frank Catucci, Sr. Director GTP of Application Security at Gartner, to discuss The People & Process of DevOps! In the Application Security News, BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys, Microsoft Patch Tuesday, Sept. 2020 Edition, XSS->Fix->By: 10000$ bounty in Google Maps, Academics find crypto bugs in 306 popular Android apps, none get patched, using CRYLOGGER to detect crypto misuses dynamically, Remote Code Execution as SYSTEM/root via Backblaze, and more!   Show Notes: https://wiki.securityweekly.com/asw121 Visit https://www.securityweekly.com/asw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome we welcome David Asraf, C++ Developer at Vicarius, and Roi Cohen, Co-Founder & VP Sales at Vicarius, to discuss The Patchless Horseman! In our second segment, we welcome back Sumedh Thakar, President and Chief Product Officer at Qualys, to talk about Building Security Into the DevOps Lifecycle! In the Security News, Cisco Patches Critical Vulnerability in Jabber for Windows, Expert found multiple critical issues in MoFi routers, TeamTNT Gains Full Remote Takeover of Cloud Instances, Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks, Former NSA chief General Keith Alexander is now on Amazon’s board, and the Legality of Security Research is to be Decided in a US Supreme Court Case!   Show Notes: https://wiki.securityweekly.com/psw666 Visit https://securityweekly.com/qualys to learn more about them! Visit https://securityweekly.com/vicarius to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Dr. Doug talks Cisco patching Jabber Flaw, Insider Threats are huge, BLURtooth, Apple COVID-19 opt ins, and pretty much everyone is trying to interfere with the election!   Show Notes: https://wiki.securityweekly.com/swn64 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, first we talk Enterprise News, discussing how Yubico Delivers New Security Key the YubiKey 5C NFC, ManageEngine ADSelfService Plus now s MFA for VPNs to protect remote workforce, Sysdig partners with VulnDB to strengthen vulnerability intelligence reporting, 3 Signs it’s Time for a Penetration Test, and CrowdStrike Expands for AWS Workloads and Container Deployments! In our second segment, we welcome Corey Williams, VP Marketing/Idaptive by CyberArk at CyberArk, to talk about Exploring Identity Security and Its Role in the Modern Enterprise! In our final segment, we welcome Bradon Rogers, SVP of Global Pre-Sales Engineering at Mimecast, to discuss Cloud Based Cyber Resiliency!   Show Notes: https://securityweekly.com/esw198 Visit https://securityweekly.com/mimecast to learn more about them! Visit https://securityweekly.com/cyberark to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Dr. Doug talks Security Weekly sold to Cyber Risk Alliance, Argentina and Newcastle ransomwared, Cisco Jabber, the NSA wants to educate you, and Jason Wood returns for Expert Commentary on how Creepy ‘Geofence’ Finds Anyone Who Went Near a Crime Scene!   Show Notes: https://wiki.securityweekly.com/swn63 Visit https://www.securityweekly.com/swn for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Oleg Shomonko, Head of Business Development, Co-founder at Ekran System for an interview! Ekran System is a universal insider threat protection platform that combines three essential insider security controls: activity monitoring, access management, and identity management. Functionality is provided in a single universal software platform delivering light-weight agents for all types of endpoints. This segment is sponsored by Ekran System.   Show Notes: https://wiki.securityweekly.com/scw42 Visit https://securityweekly.com/ekran to learn more about them!   Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly