Security Weekly Podcast Network (Audio)

Application, user, and data security are the three core components of every security program, but data is really what attackers want. In order to protect that data, we need to know where it is and what it's used for. Easier said than done. In this Say Easy, Do Hard segment, we tackle data inventory and classification. In part 1, we discuss the challenges of data inventory and classification, including: identifying all data sources within an organization, including databases, applications, cloud storage, physical files, etc., and documenting details like data type, location, and volume categorizing all data based on its sensitivity level, usually using classifications like "public," "internal," "confidential," or "restricted," which determines the necessary security measures to protect it prioritizing security measures and protecting critical information more effectively Application, user, and data security are the three core components of every security program, but data is really what attackers want. In order to protect that data, we need to know where it is and what it's used for. Easier said than done. In this Say Easy, Do Hard segment, we tackle data inventory and classification. In part 2, we discuss the steps involved in data inventory and classification, including: Data discovery: Identify all data sources across the organization using data mapping tools. Data profiling: Analyze data attributes to understand its content and characteristics. Data classification: Assign appropriate sensitivity levels to each data set based on predefined criteria. Data tagging: Label data assets with their classification level for easy identification. Data ownership assignment: Determine who is responsible for managing each data set. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-383

The hosts dive into AI's transformative role in cybersecurity and the legal field, uncovering its strengths and risks. They discuss the alarming Zhang Steeler malware targeting fintech and cryptocurrency sectors, stressing the need for security education. The conversation also highlights a wave of innovation in tech, linking scalability, security, and compliance as crucial elements of development. A potential data breach concerning the Doge website adds a layer of urgency to the discussion.

Dive into the captivating realm of web hacking as industry expert James Kettle reveals the top 10 techniques for 2024. Discover why enduring flaws like XSS and SQL injection remain prevalent, despite new technologies like HTTP/3 and WebAssembly emerging. Uncover innovative approaches, including advanced SQL injection and cookie manipulation. The conversation also highlights the exciting intersection of AI and web vulnerability research, showcasing how tools like Shadow Repeater transform manual testing. Engage with the thrill of hacking and the crucial role of ongoing research in cybersecurity.

We've got a few compelling topics to discuss within SecOps today. First, Tim insists it's possible to automate a large amount of SecOps work, without the use of generative AI. Not only that, but he intends to back it up by tracking the quality of this automated work with an ISO standard unknown to cybersecurity. I've often found useful lessons and wisdom outside security, so I get excited when someone borrows from another, more mature industry to help solve problems in cyber. In this case, we'll be talking about Acceptable Quality Limits (AQL), an ISO standard quality assurance framework that's never been used in cyber. Segment Resources: Introducing AQL for cyber. AQL - How we do it An AQL 'calculator' you can play around with We couldn't decide what to talk to Allie about, so we're going with a bit of everything. Don't worry - it's all related and ties together nicely. First, we'll discuss AI and automation in the SOC - Allie is covering this trend closely, and we want to know if she's seeing any results yet here. Next, we'll discover SecOps data management - the blood that delivers oxygen to the SOC muscles. Finally, we'll discuss MITRE's recent EDR evaluations - there was some contention around some vendors claiming to ace the test and we're going to get the tea on what's really going on here! For each of these three topics, these are the blog posts they correspond with if you want to learn more: Generative AI Will Not Fulfill Your Autonomous SOC Hopes (Or Even Your Demo Dreams) If You’re Not Using Data Pipeline Management For Security And IT, You Need To Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes In this week's enterprise security news, we've got 5 acquisitions Tines gets funding new tools and DFIR reports to check out A legal precedent that could hurt AI companies AI garbage is in your code repos the dark side of security leadership HIPAA fines are broken Salt Typhoon is having a great time Don't use ChatGPT for legal advice!!!!! All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-394

Tunnel of Love, Kimsuky, Red Mike, Ivanti, Nvidia, C code, Postgre, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-451

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-861

This week, we tackle a ton of leadership and communications articles: Why CISOs and Boards Must Speak the Same Language on Cybersecurity, The Hidden Costs of Not Having a Strong Cybersecurity Leader, Why Cybersecurity Is Everyone’s Responsibility, Leadership is an Action, not a Position, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-382

Josh Marpet, a voice actor known for his work in the AI series Jinryu Omino Goroshida, joins the conversation to tackle pressing security issues. They discuss vulnerabilities in KerioControl and the rise of SIM swapping affecting Bitcoin markets. The importance of multi-factor authentication takes center stage, along with concerns about AI's reliability in news reporting. Reflecting on AI's uses and early computing innovations, they humorously contrast past technologies while analyzing current ransomware trends and the necessity of proactive cybersecurity measures.

Scott Norberg, a web security specialist with nearly 20 years of experience using Microsoft technologies, shares his journey of developing a custom code scanner to tackle .NET vulnerabilities. He discusses the shortcomings of existing code scanning tools and the complexity of maintaining secure code. The conversation highlights the importance of accurate vulnerability detection, training developers, and fostering a positive security culture. Norberg also explores challenges in cloud security and the need for transparency in data privacy practices.

Spoiler: it's probably in your pocket or sitting on the table in front of you, right now! Modern smartphones are conveniently well-suited for identity verification. They have microphones, cameras, depth sensors, and fingerprint readers in some cases. With face scanning quickly becoming the de facto technology used for identity verification, it was a no-brainer for Nametag to build a solution around mobile devices to address employment scams. Segment Resources: Company website Aaron's book, Loyal Listeners of the show are probably aware (possibly painfully aware) that I spend a lot of time analyzing breaches to understand how failures occurred. Every breach story contains lessons organizations can learn from to avoid suffering the same fate. A few details make today's breach story particularly interesting: It was a Chinese APT Maybe the B or C team? They seemed to be having a hard time Their target was a blind spot for both the defender AND the attacker Segment Resources: https://www.binarydefense.com/resources/blog/shining-a-light-in-the-dark-how-binary-defense-uncovered-an-apt-lurking-in-shadows-of-it/ https://www.theregister.com/2024/09/18/chinesespiesfoundonushqfirm_network/ This week, in the enterprise security news, Semgrep raises a lotta money CYE acquires Solvo Sophos completes the Secureworks acquisition SailPoint prepares for IPO Summarizing the 2024 cybersecurity market Lawyers that specialize in keeping breach details secret Scientists torture AI Make sure to offboard your S3 buckets extinguish fires with bass All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-393