))
Explore true stories of the dark side of the Internet with host Jack Rhysider as he takes you on a journey through the chilling world of hacking, data breaches, and cyber crime. ¿Hablas español? Escucha en español aquí ➔ https://darknetdiaries.com/es/
…
continue reading
Deception, influence, and social engineering in the world of cyber crime.
…
continue reading
Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
The podcast that tells true stories about the people making and breaking our digital world. We take listeners into the world of cyber and intelligence without all the techie jargon. Every Tuesday and Friday, former NPR investigations correspondent Dina Temple-Raston and the team draw back the curtain on ransomware attacks, mysterious hackers, and the people who are trying to stop them.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Strange tales of hacking, tech, internet grifters, AI, and security with Jordan & Scott. Are internet hitmen really a thing? What does someone do with a crypto wallet full of millions and a lost password? Did a Minecraft scammer really hack the president? Hacked is a technology show about people hacking things together and apart, with your old pals Jordan Bloemen and Scott Francis Winder. Get at us via [email protected].
…
continue reading
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Unsupervised Learning is about ideas and trends in Cybersecurity, National Security, AI, Technology, and Culture—and how best to upgrade ourselves to be ready for what's coming.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
A twice-monthly podcast dedicated to all things relating to Security, Privacy, Compliance and Reliability on the Microsoft Cloud Platform. Hosted by Microsoft security experts, Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos. https://aka.ms/azsecpod ©2020-2025 Michael Howard, Sarah Young, Gladys Rodriquez, and Mark Simos.
…
continue reading
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
…
continue reading
Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Securing the future of DevOps and AI: real talk with industry leaders.
…
continue reading
Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.
…
continue reading
The State and Popular Culture
…
continue reading
Join us for thought provoking conversations on surveillance, digital privacy, and cybersecurity law and policy in the information age. Each week, hosts Dave Bittner and Ben Yelin break down the headlines, legal cases, and policy battles that matter most.
…
continue reading
Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.
…
continue reading
Off The Wall is a weekly show on WUSB radio, Stony Brook - Long Island, produced by 2600 Magazine. This feed offers a high-bitrate (128k) MP3 version of the show.
…
continue reading
News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire.
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
Security Management Highlights brings the security professional expert interviews and information on the most critical industry topics. Join host Brendan Howard as he interviews thought leaders and industry professionals, as well as editors from the magazine.
…
continue reading
About bridging the gap between security initiatives and business objectives. Hosted by Matt Alderman, co-hosted by Jason Albuquerque, Ben Carr.
…
continue reading
Concise, bi-weekly reviews of the most significant security stories, including malware, threats, government actions, and other cybersecurity topics. Hosted by Dr. Doug White. Co hosts: Josh Marpet, Aaran Leyland.
…
continue reading
Without trust, society stagnates, economies decline, and businesses fail. This podcast series keeps abreast of the latest trends and challenges in cyber and physical security with interviews, event updates, industry suppliers & government initiatives.
…
continue reading
In the security industry, it's easy to get overwhelmed by the constant barrage of information and buzzy trends. On Security Noise, we help you sort through the noise and identify the information that truly matters. Listen to hear from practitioners in the field who are using the latest tools and methodologies to stay ahead. Whether you're a seasoned security pro or an industry newcomer, our podcast has something for anyone in the business of making the world secure. Presented by TrustedSec, ...
…
continue reading
Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.
…
continue reading
A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
…
continue reading
Hosted by former covert CIA intelligence officers Andrew Bustamante and Jihi Bustamante, the EverydaySpy Podcast gives you practical, powerful spy skills and insights you can use everyday. From parenthood fixes to career shortcuts, business hacks to geopolitical insights, this pod is for you if you are looking for frank, honest, and hilariously relatable truth from two real-world field operatives who have done and seen things they can't talk about (and will never forget).
…
continue reading
For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security. Note: This is only Paul's Security Weekly, a 2-hour show recorded once per week.
…
continue reading
Expert analysis, insights and opinion on the national security challenges facing Australia and the Indo-Pacific. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Carbon Black, IBM, CompTIA and others to discuss the latest cybersecurity workforce trends.
…
continue reading
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
…
continue reading
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporat ...
…
continue reading
Shared Security is your premier cybersecurity and privacy podcast where we explore the bonds shared between people and technology. Join industry experts Tom Eston, Scott Wright, and Kevin Johnson as they deliver the latest news, actionable tips, expert guidance, and insightful interviews with top cybersecurity and privacy specialists. Stay informed and take control of your online security and privacy in today’s interconnected world. Tune in every week to discover invaluable insights, strateg ...
…
continue reading
1
Talkin' About [Infosec] News, Powered by Black Hills Information Security
Black Hills Information Security
3220
Download and listen to our weekly infosec podcast where we discuss the latest attacks, breaches, and how they happened and why. We’re a team of penetration testers (ethical hackers) and friends that love how new technology can be broken and made to do things it was never intended to do.
…
continue reading
Off The Hook a podcast from 2600: The Hacker Quarterly. It discusses the hacker's view of the emerging technology, and the threats posed by an increasingly Orwellian society. Hear updates on security flaws from the hacker perspective, as well as the latest news from within the hacker community. Follow us on Twitter @HackerRadioShow and Mastodon @[email protected]
…
continue reading
Weekly information security podcast airing Monday mornings hosted by Oscar Minks and Brad Nigh. In a unique focus on protecting personal information, Oscar and Brad discuss information security as an issue that includes cyber security, physical security, as well as administrative controls. Oscar is the CTO of FRSecure and heads technical services and operations at the company. Brad is the Principal Security Consultant and a 20+ year veteran of the industry.
…
continue reading
Security Unlocked explores the technology and people powering Microsoft's Security solutions. In each episode, Microsoft Security evangelists Nic Fillingham and Natalia Godyla take a closer look at the latest innovations in threat intelligence, security research, and data science, with a special focus on demystifying artificial intelligence and machine learning. Be sure to listen in and follow us! Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
1
The Case For Steward Ownership And Open Source With Melanie Rieback
44:11
44:11
Play later
Play later
Lists
Like
Liked
44:11
Episode Summary Is the traditional Silicon Valley startup model harming the security industry? In this episode of The Secure Developer, Danny Allan talks with Melanie Rieback, founder of Radically Open Security, about shaking up the industry with nonprofit business models. Tuning in, you’ll learn about the inner workings of Radically Open Security …
…
continue reading
1
UK’s Co-op cyberattack, LabHost domains released, NSO WhatsApp damages
7:55
7:55
Play later
Play later
Lists
Like
Liked
7:55
UK retailer Co-Op suffers cyberattack FBI shares list of 42,000 LabHost phishing domains NSO group looking at hefty damages in WhatsApp case Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. Thr…
…
continue reading
We discuss a schism years in the making — the infamous imageboard 4chan gets hacked by its own offshoot, Soyjak.party, in a breach that exposed moderator identities, source code, and shattered the myth of online anonymity. Then, we look at Cluely — an AI tool built by a suspended student to help users “cheat” on job interviews — and the viral campa…
…
continue reading
1
Cybersecurity News Roundup: Book Deals, Retail Attacks, Apple Spyware Alerts, and More
11:32
11:32
Play later
Play later
Lists
Like
Liked
11:32
In this episode, host Jim Love discusses various cybersecurity topics including a book deal from CRC Press for those interested in cybersecurity, auditing, and leadership. Major cyber incidents involving two UK retailers, Co-op and Marks & Spencer's, are detailed, highlighting the challenges they face. Apple's notifications to users in 100 countrie…
…
continue reading
1
Mic Drop: Gen. Charlie "Tuna" Moore: Cyber Wars Don’t Wait for Consensus
16:21
16:21
Play later
Play later
Lists
Like
Liked
16:21
Military decisions used to take months — maybe even years. Cyber warfare decisions can happen in milliseconds. Lt. General Charlie “Tuna” Moore, former Deputy Commander of U.S. Cyber Command, explains soldiers without cyber skills are already a step behind. Learn about your ad choices: dovetail.prx.org/ad-choices…
…
continue reading
1
SANS Stormcast Friday, May 2nd: More Steganography; Malicious Python Packages GMail C2; BEC to Steal Rent Payments
7:16
7:16
Play later
Play later
Lists
Like
Liked
7:16
Steganography Analysis With pngdump.py: Bitstreams More details from Didiear as to how to extract binary content hidden inside images https://isc.sans.edu/diary/Steganography%20Analysis%20With%20pngdump.py%3A%20Bitstreams/31904 Using Trusted Protocols Against You: Gmail as a C2 Mechanism Attackers are using typosquatting to trick developers into in…
…
continue reading
1
AI Tips, Tricks, and Traps! - PSW #872
1:37:21
1:37:21
Play later
Play later
Lists
Like
Liked
1:37:21
The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …
…
continue reading
1
AI Tips, Tricks, and Traps! - PSW #872
1:37:21
1:37:21
Play later
Play later
Lists
Like
Liked
1:37:21
The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …
…
continue reading
Updates from RSAC 2025. Former NSA cyber chief Rob Joyce warns that AI is rapidly approaching the ability to develop high-level software exploits. An FBI official warns that China is the top threat to U.S. critical infrastructure. Mandiant and Google raise alarms over widespread infiltration of global companies by North Korean IT workers. France ac…
…
continue reading
1
Mission-Critical Partnerships in Protest Preparedness and Schools
35:03
35:03
Play later
Play later
Lists
Like
Liked
35:03
Security benefits can come from unexpected sources, especially in community-centric organizations like schools and colleges. Melinda Heikkinen from Saint Louis University (SLU) explains how the college’s history of open dialogue and philosophy of meeting peace with peace helped it weather a wave of mass protests on campus. Then, Jason Stoddard with…
…
continue reading
1
How Much Should Salespeople Know About Their Product?
27:18
27:18
Play later
Play later
Lists
Like
Liked
27:18
All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is Jay Jay Davey, vp of cyber security operations, Planet. In this episode: Aligning incentives T…
…
continue reading
1
Scattered Spider extradition, Telecom hack warnings, Impersonation scammer takedown
9:10
9:10
Play later
Play later
Lists
Like
Liked
9:10
Alleged ‘Scattered Spider’ member extradited to U.S. Experts see little progress after major Chinese telecom hack Polish police take down impersonation scammers Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks…
…
continue reading
1
How do you gain “experience” in cyber without a job in cyber? [CISO Persepctives]
41:47
41:47
Play later
Play later
Lists
Like
Liked
41:47
We're sharing a episode from another N2K show we thought you might like. It's the third episode of the new season of the show CISO Perspectives with Kim Jones. Enjoy! Show Notes: While the cybersecurity industry has expanded and grown in recent years, newcomers still struggle to gain relevant "experience" before officially beginning their cyber car…
…
continue reading
As Maria is on vacation this week, our hosts Dave Bittner and Joe Carrigan, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Joe and Dave are joined by guest Rob Allen from ThreatLocker who shares a story on how a spoofed call to the help desk unraveled into a full-blown cybe…
…
continue reading
Please enjoy this encore episode of Caveat. This week on Caveat, Dave and Ben are thrilled to welcome back N2K’s own Ethan Cook for the second installment of our newest policy deep dive segment. As a trusted expert in law, privacy, and surveillance, Ethan is joining the show regularly to provide in-depth analysis on the latest policy developments…
…
continue reading
1
China's evolving relationship with the United States
36:09
36:09
Play later
Play later
Lists
Like
Liked
36:09
How does China’s leadership view the relationship with the US, and how has that perspective evolved over the years? How might China seek to take advantage of recent actions by the Trump Administration that have destabilised the international order? How should Australia respond to shifting US-China dynamics in the Indo-Pacific? In this episode, Chri…
…
continue reading
1
SANS Stormcast Thursday, May 1st: Sonicwall Attacks; Cached Windows RDP Credentials
6:28
6:28
Play later
Play later
Lists
Like
Liked
6:28
Web Scanning for Sonicwall Vulnerabilities CVE-2021-20016 For the last week, scans for Sonicwall API login and domain endpoints have skyrocketed. These attacks may be exploiting an older vulnerability or just attempting to brute force credentials. https://isc.sans.edu/diary/Web%20Scanning%20Sonicwall%20for%20CVE-2021-20016/31906 The Wizards APT Gro…
…
continue reading
1
Off The Hook - Wed, 30 Apr 2025 19:00:00 EST
54:53
54:53
Play later
Play later
Lists
Like
Liked
54:53
An evacuation at Rob's workplace, Emmanuel is angry with Google again, strange new government domains, Milwaukee judge arrested, Stony Brook grant cancelled, USAID devices will no longer be collected.By [email protected] (Emmanuel Goldstein et.al.)
…
continue reading
1
Unsecurity Episode 238: Air Gapping w/ Sean Behan
33:11
33:11
Play later
Play later
Lists
Like
Liked
33:11
This week on Unsecurity, Senior Offensive Security Engineer Sean Behan sits with Brad and Megan to dissect Air Gapping. Starting with the development of the Air Gap method, they discuss its evolution and the pros and cons of each type. Tune in for an engaging discussion on understanding systems operations, strengths, and weaknesses of air gapped ne…
…
continue reading
1
InfoSec CEO Charged with Installing Malware! – 2025-04-28
1:00:58
1:00:58
Play later
Play later
Lists
Like
Liked
1:00:58
Register for upcoming webcasts & summits - https://poweredbybhis.com 00:00 - PreShow Banter™ — Talking Bout Red Green 02:24 - InfoSec CEO Charged with Installing Malware! – BHIS - Talkin’ Bout [infosec] News 2025-04-28 03:01 - Story # 1: CEO of cybersecurity firm charged with installing malware on hospital systems 11:22 - Story # 2: 2025 Data Breac…
…
continue reading
DHS Secretary Kristi Noem justifies budget cuts in her RSAC keynote. The EFF pens an open letter to Trump backing Chris Krebs. Scattered Spider is credited with the Marks & Spencer cyberattack. Researchers discover a critical flaw in Apple’s AirPlay protocol. The latest CISA advisories. On our Industry Voices segment, we are joined by Neil Gad, Chi…
…
continue reading
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Marco Ivaldi, co-founder and technical director of HN Security, a boutique company specializing in offensive security services, shares his journey from hacking as a teenager in the '80s to becoming a key figure in the security research community. With nearly …
…
continue reading
1
Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393
49:58
49:58
Play later
Play later
Lists
Like
Liked
49:58
In today’s ever-evolving business landscape, organizations face diverse risks, including cyber risks, that can significantly affect their operations and overall prosperity. Aligning risk management strategies with organizational objectives is crucial for effectively mitigating these potential threats and fostering sustainable growth. Easier said th…
…
continue reading
1
Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393
49:58
49:58
Play later
Play later
Lists
Like
Liked
49:58
In today’s ever-evolving business landscape, organizations face diverse risks, including cyber risks, that can significantly affect their operations and overall prosperity. Aligning risk management strategies with organizational objectives is crucial for effectively mitigating these potential threats and fostering sustainable growth. Easier said th…
…
continue reading
1
Apple Airplay-Enabled Devices Can Be Hacked, Google tracked 75 zero days, France ties Russian APT28 hackers to 12 cyberattacks
8:06
8:06
Play later
Play later
Lists
Like
Liked
8:06
Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi Google tracked 75 zero days exploited in the wild in 2024 France ties Russian APT28 hackers to 12 cyberattacks on French orgs Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect b…
…
continue reading
1
Cybersecurity Incidents: Musk's Staffers, Canadian Power Utility Attack, and Massive Password Leak
8:43
8:43
Play later
Play later
Lists
Like
Liked
8:43
In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity events. Two members of Elon Musk's 'Department of Government Efficiency' reportedly gained access to classified US nuclear networks, though accounts were never activated. Nova Scotia Power faces a cyber attack affecting customer services but not critical inf…
…
continue reading
1
Risky Business #789 -- Apple's AirPlay vulns are surprisingly awful
1:02:31
1:02:31
Play later
Play later
Lists
Like
Liked
1:02:31
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news: British retail stalwart Marks & Spencer gets cybered South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups Juice jack…
…
continue reading
1
SANS Stormcast Wednesday, April 30th: SMS Attacks; Apple Airplay Vulnerabilities
8:51
8:51
Play later
Play later
Lists
Like
Liked
8:51
More Scans for SMS Gateways and APIs Attackers are not just looking for SMS Gateways like the scans we reported on last week, but they are also actively scanning for other ways to use APIs and add on tools to send messages using other people s credentials. https://isc.sans.edu/diary/More%20Scans%20for%20SMS%20Gateways%20and%20APIs/31902 AirBorne: A…
…
continue reading
By Emmanuel Goldstein
…
continue reading
1
Security Weekly News Interviews Participants and Coaches at NECCDC - SWN #472
33:34
33:34
Play later
Play later
Lists
Like
Liked
33:34
Join us for a special in-person edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-472
…
continue reading
1
Security Weekly News Interviews Participants and Coaches at NECCDC - SWN #472
33:34
33:34
Play later
Play later
Lists
Like
Liked
33:34
Join us for a special in-person edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-472
…
continue reading
RSAC 2025 is well under way, and Kevin the Intern files his first report. Authorities say Spain and Portugal’s massive power outage was not a cyberattack. Concerns are raised over DOGE access to classified nuclear networks. The FS-ISAC launches the Cyberfraud Prevention Framework. Real-time deepfake fraud is here to stay. On today’s Threat Vector, …
…
continue reading
This week, I’m talking about nested groups in Windows Active Directory and the security risks they pose. Active Directory allows administrators to attach one group to another—often called nesting. While nesting can simplify account administration and permission management, it can also create real opportunities for attackers if...…
…
continue reading
1
Get ALL the Challenges of Cybersecurity AND Fewer Resources
40:22
40:22
Play later
Play later
Lists
Like
Liked
40:22
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark, producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Charles Blauner, formerly of Team8 (at time of recording) and now operating partner, Crosspoint Capital. In this episode: Expanding collective defense Getting tal…
…
continue reading
1
Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328
44:08
44:08
Play later
Play later
Lists
Like
Liked
44:08
In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…
…
continue reading
1
Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328
44:08
44:08
Play later
Play later
Lists
Like
Liked
44:08
In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…
…
continue reading
In late 2023, Nick Lawler got a call from someone claiming to be an FBI agent. The man said that the utility Nick ran in Littleton, Massachusetts, was the target of an elaborate, international hacking operation. It set off an unlikely series of events that involved a small community, Chinese state hackers and the quiet threat hiding in our most bas…
…
continue reading
1
Uyghur software malware, DDoS jumps, 4chan back
7:37
7:37
Play later
Play later
Lists
Like
Liked
7:37
Uyghur Language Software Hijacked to Deliver Malware Cloudflare sees a big jump in DDoS attacks 4chan back online Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a d…
…
continue reading
1
OWASP security misconfiguration (noun) [Word Notes]
7:03
7:03
Play later
Play later
Lists
Like
Liked
7:03
Please enjoy this encore of Word Notes. The state of a web application when it's vulnerable to attack due to an insecure configuration. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-security-misconfiguration Audio reference link: “What Is the Elvish Word for Friend?” Quora, 2021.…
…
continue reading
