))
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
…
continue reading
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics. [email protected]
…
continue reading
Explore the life of a security leader with NetSPI Field Chief Information Security Officer (CISO) Nabil Hannan. Hear how CISOs with diverse expertise tackle the challenges and opportunities that come with life on the frontlines of cybersecurity.
…
continue reading
Felix takes a weekly look at Internet of Things (IoT) cyber security. Perfect for IoT project managers, developers, and those learning about penetration testing in this niche area. Email Felix using [email protected] Find You Gotta Hack That on Twitter @gotta_hack yougottahackthat.com
…
continue reading
Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers; to debate, discuss, share, challenge, celebrate and learn. On The BlueHat Podcast, Microsoft and MSRC’s Nic Fillingham and Wendy Zenone will host conversations with researchers and industry leaders, both inside and outside of Microsoft, working to secure the planet’s technology and create a safer world for all.
…
continue reading
As cars become smarter and more connected, the demand for top-tier automotive cyber security has never been higher. With expert insights from PlaxidityX, a leading automotive cyber security company, we’ll guide you through the challenges and solutions protecting millions of vehicles worldwide. Whether you’re an industry expert or just curious about how cars are secured in the digital age, this podcast comprehensively looks at how cyber defenses are developed, tested, and deployed. We don’t j ...
…
continue reading
The Build+Revitalize podcast is an outgrowth of SME’s passion and commitment to solving problems and building better communities. We are proud to be your go-to source for insights on challenges and emerging trends in the AEC industry. In each episode, we will be joined by our partners and friends for in-depth conversations on overcoming obstacles in the AEC industry, opportunities we offer professional engineering consultants and students, and emerging technologies that optimize how we work. ...
…
continue reading
This podcast contains security topics discussed by the Secure Ideas LLC. team.
…
continue reading
With such countless organizations succumbing to cybercriminals attacks, organizations should go the additional mile to get internal and external web applications. Numerous organizations feel that vulnerability examines are sufficient for finding security failings in a web application. While vulnerability scans can feature known shortcomings, web application penetration testing shows you how well they would hold up in a true attack by unapproved or unauthorized clients.
…
continue reading
Engineers consistently exclude non-technical people from understanding enough about technology to better utilise it. This is wrong! Engineers should be equipping non-technical people with enough of an understanding to make the right business decisions, without trying to drag them all the way down into the detail.
…
continue reading
Hacked Off demystifies the world of cybersecurity. Hosted by Secarma's Managing Director, Holly Grace Williams, it features weekly interviews delving beneath the headlines of the latest hacks, breaches and vulnerabilities, providing expert advice on how to stay safe online. This podcast is brought to you by global cybersecurity and penetration testing company, Secarma.
…
continue reading
a 360 aerial penetration entrance at the beginning of every episode (an inhuman erection)
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
Hack for Fun and Profit is a weekly podcast for anyone who is interested in ethical hacking. The topics include bug bounty hunting, penetration testing, red teaming and many more. Sit back and enjoy stories, tips and tricks that will inspire you. For subscription-only episodes, enroll using this link: https://anchor.fm/thehackerish/subscribe
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
My name is Alex Fergus, and I'm a health and technology geek providing in-depth, independent product reviews on the latest red light therapy devices. With over seven years of experience studying light therapy and having used and tested dozens of hundreds of light therapy products, you can be sure that I'll have a video to help you with your educational or product-buying needs. Test, review, compare, and study all things Red Light Therapy. Whether you're seeking out the best Red Light Body Pa ...
…
continue reading
The SecurityMetrics Podcast, hosted by Jen Stone (Principal Security Analyst, QSA, CISSP, CISA), will help you understand current data security and compliance trends. Each episode will feature a different security professional offering tips and security best practices.
…
continue reading
We think we know how computer systems work, but how come they keep surprising us? We also think we know how humans behave, but we keep finding out we don’t. This podcast is for ethical hackers who are thirsty for challenges and who never settle for easy answers. We challenge some of the best offensive security pros in the world to reveal the unique traits, skills, and real-world experiences that got them where they are today. Get ready to be caught off guard as we debunk misconceptions, diss ...
…
continue reading
News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire.
…
continue reading
Titan Private Investigator TV Podcast is for anyone who wants to learn more about becoming a private investigator or operatives that want to strengthen their current industry knowledge. With weekly episodes featuring surveillance training, trade craft skills, kit and equipment, law and ethics and industry tips and tricks.
…
continue reading
Taking the Fandoms you love and building worlds to play Dungeons and Dragons in. Homebrew Avengers, Percy Jackson & the Olympians, and Star Wars so far - what will we do next?
…
continue reading
Podcast by CyberTalk
…
continue reading
Inspirational stories of black women in tech. Support this podcast: https://podcasters.spotify.com/pod/show/frauvis/support
…
continue reading
Ages ago, elves and dwarves unknowingly migrated between Universes via a Junction. Jenneva and Egam believe they have found a Junction and plan a trip with Alexander to test the theory and investigate the origins of the elves and dwarves. Because they believe that the perennial animosity between the two races is due to misunderstandings about their histories, the mages include the prince of elves and the prince of dwarves in the group. Trouble begins at the very start of the journey as Egam ...
…
continue reading
What type of rest do we yearn for on Shabbat? How do we frame our mindset during the week to prepare for Shabbat and how can we transform our Shabbat experience? Using the teachings of Rabbi Yaakov Meir Shechter, a leading Breslov Rabbi, in his sefer Yom Machmadim, we build tools towards enhancing our ability to connect to the day of rest.
…
continue reading
Blue Fox Group, a technology company that specializes in supporting customers with the best infrastructure, live support, and communications technology available. Supporting your business objectives and improving your bottom line.
…
continue reading
Felicia King is an internationally recognized CISO and considered to be one of the top network layer security strategists in the U.S. Since launching in 2004 on the WGTD network, her Breakfast Bytes podcast has focused on information security risk management and the issues business leaders need to be aware of to benefit from the challenges others have faced. Learn about the most effective approaches, what you can do to mitigate risk, and how to protect your most valuable assets, your data, a ...
…
continue reading
The one and only official podcast from OffSec, Inc. -- creators of the Kali OS, the OSCP certification, and the world's leading cybersecurity training
…
continue reading
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot ...
…
continue reading
The CyberCast is purpose built for MSPs, MSSPs and IT Practitioners.In each episode you will learn about a new security control, how it maps to the different frameworks, the impact it has, building a policy around it, how the threat actors exploit it - via MITRE ATT&CK - what you can do to defend against it - MITRE Shield, common mistakes or oversights made when implementing into their tech stack and trends.Sponsors:Datto - CIS Control 3 - Data ProtectionNetwrix - CIS Control 3 - Data Protec ...
…
continue reading
1
HACKED: Into the minds of Cybersecurity leaders
Talking cybersecurity with nexus IT Security group
153
21
We are giving an inside look into the minds of today's cybersecurity leaders and defining trends for the upcoming threat landscape, what’s top of mind for security leaders, and advise for security leaders and practitioners.
…
continue reading
1
Physical Penetration Testing How Safe Is Your Business?
7:32
7:32
Play later
Play later
Lists
Like
Liked
7:32
In the latest episode of Titan PI TV, Simon Henson, Managing Director of Titan Private Investigation Limited, delves into the fascinating and often misunderstood world of physical penetration testing. This episode, titled "Physical Penetration Testing: How Safe Is Your Business?", offers a behind-the-scenes look at how businesses can assess and imp…
…
continue reading
1
7MS #672: Tales of Pentest Pwnage – Part 70
55:07
55:07
Play later
Play later
Lists
Like
Liked
55:07
Today’s a fun tale of pentest pwnage where we leveraged a WinRM service ticket in combination with the shadow credentials attack, then connected to an important system using evil-winrm and make our getaway with some privileged Kerberos TGTs! I also share an (intentionally) vague story about a personal struggle I could use your thoughts/prayers/vibe…
…
continue reading
1
(Replay) How To Defend Against Lateral Movement
37:48
37:48
Play later
Play later
Lists
Like
Liked
37:48
In this replay, Spencer and Brad dive into lateral movement, discussing various techniques like RDP, RATs, Impacket tools, PsExec, PTH, PTT, and PowerShell Remoting. They explain how attackers use these methods to gain unauthorized access, evade detection, and enable malicious activities. They also discuss precursors to lateral movement and strateg…
…
continue reading
1
Hacking Crosswalks and Attacking Boilers - PSW #871
2:04:15
2:04:15
Play later
Play later
Lists
Like
Liked
2:04:15
The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…
…
continue reading
1
Ep. 8 – OTP Flaw & Remote Code Execution: When Small Flaws Go Critical
15:45
15:45
Play later
Play later
Lists
Like
Liked
15:45
A broken logout flow let attackers hijack accounts using just a user ID. A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code Execution. This episode is all about how small bugs, missed checks, and overlooked services can lead to serious consequences. Chapters: 00:00 - INTRO 0…
…
continue reading
1
Super Recognisers - Interview with Kelly Desborough of Face Detect
14:30
14:30
Play later
Play later
Lists
Like
Liked
14:30
In the latest episode of Titan PI TV, host and managing director of Titan Private Investigation, Simon Henson, delves into the fascinating world of super recognisers. Joined by Kelly Desborough, founder of Face Detect and one of the world’s leading super recognisers, the episode sheds light on this extraordinary skill and its applications in securi…
…
continue reading
1
Graphology and Handwriting Analysis: Interview with Adam Brand - Part 1
12:19
12:19
Play later
Play later
Lists
Like
Liked
12:19
In the latest episode of Titan PI TV, viewers are treated to a fascinating exploration of the world of graphology and handwriting analysis. Hosted by Simon Henson, Managing Director of Titan Private Investigation Limited, this episode marks the first part of an in-depth interview with Adam Brand, Titan’s resident graphologist and handwriting analys…
…
continue reading
1
ISO 42001 Certification, CIOs Struggle to Align Strategies, and CISOs Rethink Hiring - Martin Tschammer - BSW #392
1:03:55
1:03:55
Play later
Play later
Lists
Like
Liked
1:03:55
AI Governance, the next frontier for AI Security. But what framework should you use? ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizin…
…
continue reading
1
Brains, Elusive Comet, AI Scams, Microsoft Dog Food, Deleting Yourself, Josh Marpet - SWN #470
31:59
31:59
Play later
Play later
Lists
Like
Liked
31:59
Brains, Scams, Elusive Comet, AI Scams, Microsoft Dog Food, Deleting Yourself, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-470
…
continue reading
1
Managing Secrets - Vlad Matsiiako - ASW #327
1:03:03
1:03:03
Play later
Play later
Lists
Like
Liked
1:03:03
Secrets end up everywhere, from dev systems to CI/CD pipelines to services, certificates, and cloud environments. Vlad Matsiiako shares some of the tactics that make managing secrets more secure as we discuss the distinctions between secure architectures, good policies, and developer friendly tools. We've thankfully moved on from forced 90-day user…
…
continue reading
1
The past, present, and future of enterprise AI - Matthew Toussain, Pravi Devineni - ESW #403
2:11:51
2:11:51
Play later
Play later
Lists
Like
Liked
2:11:51
In this interview, we're excited to speak with Pravi Devineni, who was into AI before it was insane. Pravi has a PhD in AI and remembers the days when machine learning (ML) and AI were synonymous. This is where we'll start our conversation: trying to get some perspective around how generative AI has changed the overall landscape of AI in the enterp…
…
continue reading
1
The past, present, and future of enterprise AI - Matthew Toussain, Pravi Devineni - ESW #403
2:11:51
2:11:51
Play later
Play later
Lists
Like
Liked
2:11:51
In this interview, we're excited to speak with Pravi Devineni, who was into AI before it was insane. Pravi has a PhD in AI and remembers the days when machine learning (ML) and AI were synonymous. This is where we'll start our conversation: trying to get some perspective around how generative AI has changed the overall landscape of AI in the enterp…
…
continue reading
1
Inside the Truck Cyber Threat – PlaxidityX Ep 21
9:45
9:45
Play later
Play later
Lists
Like
Liked
9:45
With cyber attacks on trucks becoming more common and costly, fleet operators and OEMs must rethink how they protect their vehicle security and data privacy. Trucks are no longer isolated units, they're part of a larger, interconnected automotive ecosystem vulnerable to disruption. In this episode, we unpack the threats, explore real-world hacking …
…
continue reading
Hello! This week Joe “The Machine” Skeen and I kicked off a series all about pentesting GOAD (Game of Active Directory). In part one we covered: Checking for null session enumeration on domain controllers Enumerating systems with and without SMB signing Scraping AD user account descriptions Capturing hashes using Responder Cracking hashes with Hash…
…
continue reading
1
HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet... - SWN #469
36:06
36:06
Play later
Play later
Lists
Like
Liked
36:06
HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-469
…
continue reading
1
Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA... - PSW #870
2:06:35
2:06:35
Play later
Play later
Lists
Like
Liked
2:06:35
Govt Unravelling, AI Hijinx, Bot Chaos, Recall, Oracle, Slopesquatting, Tycoon 2FA, College, who knows, a lot more... On Paul's Security Weekly. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-870
…
continue reading
1
[Webinar] What You Can Expect from a HITRUST Assessment
40:14
40:14
Play later
Play later
Lists
Like
Liked
40:14
In this webinar, Matt Halbleib (Director of Assessments) and Lee Pierce (Director of HITRUST Sales) will discuss: How to determine which HITRUST Assessment type to choose How to prepare for a HITRUST Validation Assessment What to expect from a SecurityMetrics HITRUST Assessment Ready to discuss your HITRUST needs? Request a quote here. Read our new…
…
continue reading
1
Autonomous ships, cyber security and the workboat code
19:06
19:06
Play later
Play later
Lists
Like
Liked
19:06
In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and s…
…
continue reading
1
Deny By Default as CISOs Battle Platform Fatigue and Show Value to the Board - Danny Jenkins - BSW #391
1:05:34
1:05:34
Play later
Play later
Lists
Like
Liked
1:05:34
Zero Trust isn't a new concept, but not one easily implemented. How do organizations transform cybersecurity from a "default allow" model, where everything is permitted unless blocked, to a "default deny" model? Danny Jenkins, Co-founder and CEO at ThreatLocker, joins Business Security Weekly to discuss this approach. Deny by default means all acti…
…
continue reading
1
From Facebook-phished to MVR Top 5 with Dhiral Patel
40:15
40:15
Play later
Play later
Lists
Like
Liked
40:15
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Dhiral Patel, Senior Security Engineer at ZoomInfo and one of MSRC’s Most Valuable Researchers (MVR). Dhiral shares how a hacked Facebook account sparked his passion for ethical hacking. From web development to penetration testing, Dhiral has become a top bug…
…
continue reading
1
QUBIT AI, Recall This, Defender, Tycoon, Slopsquatting, Feng Mengleng, Aaran Leyland - SWN #468
35:45
35:45
Play later
Play later
Lists
Like
Liked
35:45
QUBIT AI, Recall This, Defender, Tycoon, Slopsquatting, Feng Mengleng, Aaran Leyland, and more, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-468
…
continue reading
1
More WAFs in Blocking Mode and More Security Headaches from LLMs - Sandy Carielli, Janet Worthington - ASW #326
1:14:45
1:14:45
Play later
Play later
Lists
Like
Liked
1:14:45
The breaches will continue until appsec improves. Janet Worthington and Sandy Carielli share their latest research on breaches from 2024, WAFs in 2025, and where secure by design fits into all this. WAFs are delivering value in a way that orgs are relying on them more for bot management and fraud detection. But adopting phishing-resistant authentic…
…
continue reading
1
What is old is new again: default deny on the endpoint - Colby DeRodeff, Danny Jenkins - ESW #402
2:03:21
2:03:21
Play later
Play later
Lists
Like
Liked
2:03:21
Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred fir…
…
continue reading
1
What is old is new again: default deny on the endpoint - Colby DeRodeff, Danny Jenkins - ESW #402
2:03:21
2:03:21
Play later
Play later
Lists
Like
Liked
2:03:21
Default deny is an old, and very recognizable term in security. Most folks that have been in the industry for a long time will associate the concept with firewall rules. The old network firewalls, positioned between the public Internet and private data centers, however, were relatively uncomplicated and static. Most businesses had a few hundred fir…
…
continue reading
1
Win95, Shuckworm, Ottokit, DCs, EC2, IAB, OSS, Recall, Josh Marpet, and More... - SWN #467
35:45
35:45
Play later
Play later
Lists
Like
Liked
35:45
Win95, Shuckworm, Ottokit, DCs, EC2, IAB, OSS, Recall, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-467
…
continue reading
1
7MS #670: Adventures in Self-Hosting Security Services
36:48
36:48
Play later
Play later
Lists
Like
Liked
36:48
Hi friends, today I’m kicking off a series talking about the good/bad/ugly of hosting security services. Today I talk specifically about transfer.zip. By self-hosting your own instance of transfer.zip, you can send and receive HUGE files that are end-to-end encrypted using WebRTC. Sweet! I also supplemented today’s episode with a short live video o…
…
continue reading
1
Episode 131: DMARC & PCI 4.0 Compliance - Is your Organization Compliant?
28:19
28:19
Play later
Play later
Lists
Like
Liked
28:19
In this episode, Tyler and Brad discuss DMARC and how the latest version of the PCI framework requires phishing protection. You'll also learn about DMARC, DKIM, and SPF and how to elevate them to help protect your organization from attacks like Business Email Compromise (BEC). Blog: https://offsec.blog/ Youtube: https://www.youtube.com/@cyberthreat…
…
continue reading
In the security news this week: You should really just patch things, the NVD backlog, Android phones with malware pre-installed, so convenient, keyloggers and a creepy pharmacist, snooping on federal workers, someone stole your browser history, NSA director fired, deputy director of NSA also fired, CrushFTP the saga continues, only steal the valid …
…
continue reading
1
Ep. 7 – IDOR & SSTI: From File Theft to Server-Side Secrets
19:35
19:35
Play later
Play later
Lists
Like
Liked
19:35
A predictable ID exposed private documents. A crafted name leaked backend files. In this episode, we break down two high-impact flaws—an IDOR that let attackers clone confidential attachments, and an SSTI hidden in an email template that revealed server-side files. Simple inputs, big consequences. Learn how they worked, why they were missed, and ho…
…
continue reading
1
26. Leveraging Real-Time Data: Approaching Multiservice Solutions with GIS
30:37
30:37
Play later
Play later
Lists
Like
Liked
30:37
Welcome back to the Build+Revitalize Podcast. AEC professionals are swimming in data on projects like never before: soil profile information, subsurface test results, existing and proposed grade elevations, civil layouts, foundation designs, drone imagery, infrared scans, laser scans, LiDAR scans, remote vibration monitoring, pavement conditions, r…
…
continue reading
1
Balancing AI Opportunities vs. Risks to Drive Better Business Outcomes - Matt Muller, Summer Fowler - BSW #390
1:02:39
1:02:39
Play later
Play later
Lists
Like
Liked
1:02:39
This week, it's double AI interview Monday! In our first interview, we discuss how to balance AI opportunities vs. risk. Artificial Intelligence (AI) has the potential to revolutionize how businesses operate. But with this exciting advancement comes new challenges that cannot be ignored. For proactive security and IT leaders, how do you balance the…
…
continue reading
1
DOS, Web Cams, VSCODE, Coinblack, Oracle, P&G, Satan, Sec Gemini, Josh Marpet... - SWN #466
33:48
33:48
Play later
Play later
Lists
Like
Liked
33:48
DOS Lives, Web Cams Gone Wild, VSCODE, Coinblack, Oracle, P&G, Satan, Sec Gemini, Shopify, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-466
…
continue reading
1
How to locate a GPS Tracking Device on your vehicle?
9:06
9:06
Play later
Play later
Lists
Like
Liked
9:06
Welcome to Titan PI TV, where we delve into the intriguing world of private investigations. In this latest episode, we’ll explore a topic that has piqued the curiosity of many: how to locate a GPS tracking device on your vehicle. Whether you suspect your car is being tracked or are simply curious about the process, this guide will provide you with …
…
continue reading
1
How a Surveillance Operative Makes Ground in Traffic
7:30
7:30
Play later
Play later
Lists
Like
Liked
7:30
In the latest episode of Titan PI TV, Simon Henson, Managing Director of Titan Private Investigation Limited, delves into the fascinating and often misunderstood world of surveillance operatives. Titled "How a Surveillance Operative Makes Ground in Traffic", the episode offers a behind-the-scenes look at the tactics and decision-making processes th…
…
continue reading
1
Digital Car Theft: How Hackers Steal in Seconds – PlaxidityX Ep 20
9:56
9:56
Play later
Play later
Lists
Like
Liked
9:56
In this episode, we explore the shift from traditional theft to a new era of digital car theft. Instead of smashing windows, today’s criminals launch automotive cyber-attacks that bypass immobilizers, unlock doors, and hijack control systems, all without leaving a trace. From CAN bus vulnerabilities to cloned key fobs, cybercriminals are finding ne…
…
continue reading
1
In Search of Secure Design - ASW #325
1:07:36
1:07:36
Play later
Play later
Lists
Like
Liked
1:07:36
We have a top ten list entry for Insecure Design, pledges to CISA's Secure by Design principles, and tons of CVEs that fall into familiar categories of flaws. But what does it mean to have a secure design and how do we get there? There are plenty of secure practices that orgs should implement are supply chains, authentication, and the SDLC. Those p…
…
continue reading
1
Soft skills for engineers - Evgeniy Kharam, Paul Nguyen - ESW #401
2:03:22
2:03:22
Play later
Play later
Lists
Like
Liked
2:03:22
When we use the phrase "talent gap" in cybersecurity, we're usually talking about adding headcount. For this interview, however, we're focusing on a gap that is evident within existing teams and practitioners - the often misunderstood soft skills gap. Side note: I really hate the term "soft skills". How about we call them "fundamental business skil…
…
continue reading
1
Soft skills for engineers - Evgeniy Kharam, Paul Nguyen - ESW #401
2:03:22
2:03:22
Play later
Play later
Lists
Like
Liked
2:03:22
When we use the phrase "talent gap" in cybersecurity, we're usually talking about adding headcount. For this interview, however, we're focusing on a gap that is evident within existing teams and practitioners - the often misunderstood soft skills gap. Side note: I really hate the term "soft skills". How about we call them "fundamental business skil…
…
continue reading
1
AI Doomsday, Hot Robots, Google, palo Alto, Ivanti, CrushFTP, AI, Aaran Leyland... - SWN #465
30:51
30:51
Play later
Play later
Lists
Like
Liked
30:51
AI Doomsday, Hot Robots, Google, palo Alto, Ivanti, CrushFTP, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-465
…
continue reading
1
Episode 130: Using Deception Technology to Detect Cyber Attacks
46:31
46:31
Play later
Play later
Lists
Like
Liked
46:31
In this episode of The Cyber Threat Perspective, we explore the strategic integration of deception technology like canaries and honeypots into your cybersecurity defenses. Discover how these tools allow you to detect threat actors earlier in their attack sequence, disrupt malicious activities, and mitigate potential damage to your organization. Joi…
…
continue reading
1
7MS #669: What I’m Working on This Week – Part 3
42:37
42:37
Play later
Play later
Lists
Like
Liked
42:37
Hi friends, in this edition of what I’m working on this week: 3 pulse-pounding pentests that had…problems Something I’m calling the unshadow/reshadow credentials attack Heads-up on a new video experiment I’m going to try next week
…
continue reading
