Paul's Security Weekly (Audio)

This week, we kick off the show with an interview featuring Sinan Eren, VP of Zero Trust Access at Barracuda Networks, to discuss The State of Network Security in 2021! Then, we welcome Justin Collins from the People Empowerer for Product Security Team at Gusto, for a segment focusing on Brakeman! In the Security News: Anonymous hacks Epik (with a K), Fuzzing Close-Source Javascript Engines,ForcedEntry, 8 Websites that can replace computer software,REvil decryptor key released, Microsoft fixes Critical vulnerability in Linux App, Drone accidentally delivers drug paraphernalia to high schoolers, & more!   Show Notes: https://securityweekly.com/psw710 https://github.com/presidentbeef/brakeman Visit https://securityweekly.com/barracuda to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with a technical segment, all about working with NMAP Vuln Scanning & Flan! In the Security News: Lightning cables that steal passwords, Malicious Code in your VRAM, creating a “TJ Hooper” for infosec, Linux 5.14, “Unhackable Wii” has been hacked, Hackers vs. Dictators & more!!! Finally, we have a pre-recorded interview featuring Benjamin Mussle, Senior Security Researcher at Acunetix, who joined to discuss I-Frame security!   Show Notes: https://securityweekly.com/psw709 Visit https://securityweekly.com/acunetixto learn more about them!   Visit https://www.securityweekly.com/pswfor all the latest episodes! Visit https://securityweekly.com/acmto sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with a technical segment, all about working with OpenVAS! Next up, we welcome Patrick Wardle, founder of Objective-See, to talk Trends in Mac Malware and Apple Security!! In the Security News: Some describe T-Mobile security as not good, if kids steal bitcoin just sue the parents, newsflash: unpatched vulnerabilities are exploited, insiders planting malware, LEDs can spy on you, hacking infusion pumps, PRISM variants, 1Password vulnerabilities, plugging in a mouse gives you admin,& more!   Show Notes: https://securityweekly.com/psw708 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we jump straight Into the Security News for this week: Buffer overflows galore, how not to do Kerberos, no patches, no problem, all your IoTs belong to Kalay, the old pen test vs. vulnerability scan, application security and why you shouldn't do it on a shoe string budget, vulnerability disclosure miscommunication, tractor loads of vulnerabilities, The HolesWarm..malware, T-Mobile breach, and All you need is....Love? No, next-generation identity and access management with zero-trust architecture is what you need!!!! Next up, we have a pre-recorded interview featuring Qualys Researcher “Wheel”, who joined Lee and I to discuss Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer!!! Lastly, a segment from Black Hat 2021 featuring Sonali Shah, Chief Product Officer at Invicti Security, all about Shifting Left, and how YOU can make it right!   Show Notes: https://securityweekly.com/psw707 Segment Resources: https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/sequoia-a-local-privilege-escalation-vulnerability-in-linuxs-filesystem-layer-cve-2021-33909 Visit https://securityweekly.com/qualysto learn more about them! Visit https://securityweekly.com/netsparkerto learn more about them!   Visit https://www.securityweekly.com/pswfor all the latest episodes! Visit https://securityweekly.com/acmto sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with an interview featuring Joe Gray, Senior OSINT Specialist at Qomplx, where we talk OSINT & Social Engineering ! Next up, we welcome Kyle Avery, a Penetration Tester for Black Hills Information Security, to delve into Offensive Operations with Mythic! In the Security News for this week: Accenture gets Lockbit, $600 million in cryptocurrency is stolen, and they've started returning it, Lee and Jeff's data is leaked (among other senior citizens), authentication bypass via path traversal, downgrade attacks, Apple's backdoor, super duper secure mode, re-defining end-to-end encryption and how that doesn't work out, pen testers file suit against Dallas County Sherrif's department, Fingerprinting Windows, & double secret quadrupal extortion!   Show Notes: https://securityweekly.com/psw706 Visit https://www.securityweekly.com/psw for all the latest episodes!   Follow us on Twitter: https://twitter.com/securityweekly Follow us on Facebook: https://facebook.com/secweekly

This week, we kick off the show with an interview featuring Rick Farina, & Rick Mellendick Board Members at RF Hackers Sanctuary, to talk about RF Village at DefCon! Next up, we.0 welcome Scott Scheferman, Principal Strategist, & Yuriy Bulygin, CEO of Eclypsium, to discuss how The Stakes are Raised when Protecting the Foundation of Computing!! In the Security News: PwnedPiper and vulnerabilities that suck, assless chaps, how non-techy people use ARP, how to and how not to explain the history of crypto, they are still calling about your car warranty, master faces, things that will always be true with IoT vulnerabilities, DNS loopholes, and a toilet that turns human feces into cryptocurrency! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw705

This week, we kick off the show with an interview featuring Alyssa Miller, BISO at S&P Global, to talk about the how the “B” in BISO is for Business! Next up, we welcome Michael Welch, Managing Director at Morgan Franklin, to discuss Cyber-Physical Attacks!! In the Security News, From a stolen laptop to inside the company network, the essential tool for hackers called "Discord", fixin' your highs, hacking DEF CON, an 11-year-old can show you how to get an RTX 30 series, broadcasting your password, to fuzz or not to fuzz, a real shooting war, evil aerobics instructors, the return of the PunkSpider, No Root for you!   Show Notes: https://securityweekly.com/psw704 Visit https://www.securityweekly.com/pswfor all the latest episodes!   Follow us on Twitter: https://twitter.com/securityweekly Follow us on Facebook: https://facebook.com/secweekly

This week, we kick off the show with an interview featuring Jeff Tinsley, CEO of RealMe, to talk about The Online Safety and Security as it Pertains to Dating Apps and Online Marketplaces! Next up, we welcome Gordon Draper, Founder and CEO of CyberMarket.com, to talk about the Democratisation and Globalisation of CyberSecurity Consulting! In the Security News, Trust no one, its all about the information, so many Windows vulnerabilities and exploits, so. many., Saudi Aramco data for sale, Sequoia, a perfectly named Linux vulnerability, is Microsoft a national security threat?, Pegasus and clickless exploits for iOS, homoglyph domain takedowns, when DNS configuration goes wrong and a backdoor in your backdoor!   Show Notes: https://securityweekly.com/psw703 Segment Resources: https://www.cybermarket.com There is a blog at https://www.cybermarket.com/homes/blog where an article to help people to start up their own cybersecurity consultancy can be found.   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with an interview featuring Scott Scheferman, Principal Strategist at Eclypsium, to talk about The BIOS Disconnect and vulnerabilities affecting the BIOSConnect feature within the Dell Client BIOS! Next up, we welcome Jack Rhysider, Podcaster and Host of the Darknet Diaries Podcast, to discuss the The Journey from a Network Security Engineer to a Podcast Host! In the Security News, the White House Announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware Returns with a new VNC Module to Spy on its Victims, and some of the absolute funniest quotes about cyber security & tech in 2021!   Show Notes: https://securityweekly.com/psw702 Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/ Visit https://securityweekly.com/eclypsium to learn more about them! https://darknetdiaries.com/   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we kick off the show with an interview featuring Rob Shavelle, Co-Founder and CEO of Abine & DeleteMe, to talk about New Security Threats Stemming from PII Online! Then, Haseeb Awan, CEO of EFANI Inc, joins to discuss the The Rise of Sim Swapping! In the Security News, LinkedIn breach exposes user data, Why MTTR is Bad for SecOps, 3 Things Every CISO Wishes You Understood, USA as a Cyber Power, is ignorance bliss for hackers?, flaws let you hack an ATM by waving your phone, and more!   Show Notes: https://securityweekly.com/psw701 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly