Paul's Security Weekly (Video)

Tales From The Crypt...Analyst - Part 2 - Jeff Man - PSW #646

11 Apr 2020

Contributed by Lukas

In the second part of our interview series with the legend Jeff Man, he continues his discussion with Paul, Matt, and Lee, about the many myths, legen...

To Hunt or Not To Hunt; This is Never a !=? - Tyler Robinson - PSW #646

10 Apr 2020

Contributed by Lukas

We welcome Security Weekly's own Tyler Robinson for a Technical Segment, to talk about how individuals are tracked and then demonstrates different TTP...

Security News - To Zoom or Not to Zoom - PSW #645

04 Apr 2020

Contributed by Lukas

This segment will largely focus on the recent Zoom vulnerabilities and the responses from security researchers, the security community and enterprises...

IoT Devices: Security and Privacy Labels Research - Lorrie Cranor - PSW #645

04 Apr 2020

Contributed by Lukas

At Carnegie Mellon University we are designing a usable security and privacy label for smart devices to help consumers make informed choices about Int...

Collaboration Between NetOps and SecOps in Today's World - Matt Allen - PSW #645

03 Apr 2020

Contributed by Lukas

Matt and the Security Weekly crew will discuss how the interaction between network engineers and security operations has changed over the years, as we...

Drobo Exploit, Docker Escape, SMBv3.11 - PSW #644

21 Mar 2020

Contributed by Lukas

SANS Penetration Testing | Microsoft SMBv3.11 Vulnerability and Patch CVE-20200796 Explained, Drobo 5N2 4.1.1 - Remote Command Injection, $100K Paid O...

Zen And The Art Of Logs In The Cloud - Corey Thuen - PSW #644

20 Mar 2020

Contributed by Lukas

Struggling with how to get your logs from the cloud? Have no fear, Corey and the Security Weekly crew talk about how to configure your logs in the clo...

Work from home securely - PSW #644

20 Mar 2020

Contributed by Lukas

The challenges and differentiated values of desktop and laptop protection and administrative tool control (e.g., Powershell, SSH) for remote users and...

Protecting Data on Employee 0wned PCs - Gabe Gumbs - PSW #643

15 Mar 2020

Contributed by Lukas

COVID-19, among other things, has deemed it necessary for many to work from home. There are several security concerns that need to be raised, such as ...

Connected devices security - Dorit Naparstek - PSW #643

15 Mar 2020

Contributed by Lukas

Hacks performed on connected & IoT devices, such as routers, security cameras, smart meters, etc. are increasingly common, and revealing major vulnera...

Girls Who Hack and Secure Open Vote - Bianca Lewis - PSW #643

14 Mar 2020

Contributed by Lukas

Girls Who Hack teaches classes primarily to middle school girls on hacking and making. Secure Open Vote is an end to end, open source election system ...

Tomcat, AWS Malware, Hacker Movies - PSW #642

09 Mar 2020

Contributed by Lukas

Apache Tomcat AJP exploit, malware in AWS, hacker movies and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: h...

Mark Cooper, PKI Solutions - Mark Cooper - PSW #642

08 Mar 2020

Contributed by Lukas

How SHAKEN/STIR and PKI will end the global robocall problem Link to an article Mark wrote for Dark Reading: https://www.darkreading.com/endpoint/shak...

Active Directory, Azure and Windows Security - Sean Metcalf - PSW #642

08 Mar 2020

Contributed by Lukas

Active Directory & Microsoft Cloud (Azure AD & Office 365) Security, including a breakdown of Microsoft's security offerings and recommendations for c...

Cool Things We Found At RSAC 2020 - PSW #641

02 Mar 2020

Contributed by Lukas

We found some cool stuff at RSAC 2020! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly....

Protect Ya Data - Gabe Gumbs - PSW #641

01 Mar 2020

Contributed by Lukas

Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage acce...

Tales From The Crypt...Analyst - Jeff Man - PSW #641

01 Mar 2020

Contributed by Lukas

There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working fo...

Tesla Sensors, Israeli Soldiers Phished, Machine Learning - PSW #640

24 Feb 2020

Contributed by Lukas

Nedbank Says 1.7 Million Customers Impacted by Breach at Third-Party Provider, 500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users...

Kubernetes/Container Security - Ian Coldwater - PSW #640

23 Feb 2020

Contributed by Lukas

Ian Coldwater is the Lead Platform Security Engineer at Heroku. Ian will discuss Kubernetes and container security! Visit https://www.securityweekly.c...

Unifying SIEM And Endpoint Security - PSW #640

22 Feb 2020

Contributed by Lukas

Elastic recently released Elastic Security 7.6 - the culmination of months of work by the security team and a monumental leap forward toward deliverin...

Docker, 42 Vulnerabilities, Backdoors, Spying on 100+ Foreign Govs. - PSW #639

16 Feb 2020

Contributed by Lukas

In the Security News, Misconfigured Docker Registries Expose Thousands of Repositories, a Forgotten motherboard driver turns out to be perfect for sli...

The Unprotected Attack Surface of the Enterprise - John Loucaides - PSW #639

15 Feb 2020

Contributed by Lukas

Hackers are using firmware implants and backdoors to compromise enterprise security with attacks that are stealthy and persistent. It's time for infor...

Living in Blue Team Land and Skicon - O'Shea Bowens - PSW #639

14 Feb 2020

Contributed by Lukas

O'Shea Bowens is the CEO of Null Hat Security. O'Shea will discuss why I think blue teaming is as essential now as our red brothers. Mistakenly callin...

Security News - PSW #638

09 Feb 2020

Contributed by Lukas

In the Security News, Twitter fixes API bug that can reveal users, Microsoft patches flaws in Azure stack, 8 cities that have been crippled by cyber a...

Adventures In AWS Computing - PSW #638

08 Feb 2020

Contributed by Lukas

Paul shows you how to create secure Docker containers and begin to deploy them to Amazon ECS. This segment focuses on the security aspects of taking a...

BADASS Army - The Fight Against Revenge Porn - Katelyn Bowden - PSW #638

07 Feb 2020

Contributed by Lukas

After finding her own intimate photos online without her consent, Katelyn Bowden discovered that there weren't many resources for those who find thems...

Wawa Breach, Citrix ADC, Magecart Hackers, Ragnarok Ransomware - PSW #637

03 Feb 2020

Contributed by Lukas

In the Security News, NHS alerted to severe bulbs in GE health equipment, Ragnarok Ransomware targets Citrix ADC & disables Windows Defender, suspecte...

Stopping Python Backdoor Attacks - Peter Smith - PSW #637

02 Feb 2020

Contributed by Lukas

The recent MechaFlounder was a backdoor attack linked to Iranian threat actors who targeted Turkish entities. Similar Python-based backdoor attacks ha...

The Unicorn Project and The Five Ideals - Gene Kim - PSW #637

01 Feb 2020

Contributed by Lukas

In this week's episode of Paul's Security Weekly, Paul and the guys welcome back Gene Kim to interview him about his newest book "The Unicorn Project"...

Tomatoes, Jeff Bezo, Vuln. In AMD ATI Radeon, 'The Rise of Skywalker' - PSW #636

26 Jan 2020

Contributed by Lukas

In the Security News, Microsoft Security Shocker As 250 Million Customer Records Exposed Online, the NSA Offers Guidance on Mitigating Cloud Flaws, Mu...

Electronic Frontier Foundation (EFF), Godwin's Law, Freedom of Speech - Mike Godwin - PSW #636

25 Jan 2020

Contributed by Lukas

Paul, Doug and Tyler interview Mike Godwin about the creation of the EFF, why it was created and how he became involved, some of the first cases taken...

Dug Song - Engineer to Entrepreneur - Dug Song - PSW #636

24 Jan 2020

Contributed by Lukas

Paul, Doug and Tyler interview Dug Song about how he got his start in Information Security, what prompted him to begin work for dsniff, his transition...

CVE-2020-0601, Netscaler RCE, npm - PSW #635

19 Jan 2020

Contributed by Lukas

We discuss the details and impact of the latest flaw, disclosed by NSA, in Windows 10 that allows attackers to pass off malware as signed applications...

Hacking IoT Devices - Jeff Spielberg, Ryan Speers - PSW #635

18 Jan 2020

Contributed by Lukas

The world continues to see a proliferation of highly insecure IoT/embedded products. How can companies making embedded products design security in fro...

What Does It Mean To Be A Hacker? - PSW #635

17 Jan 2020

Contributed by Lukas

This is the Hacker Culture Roundtable discussion from the Security Weekly Christmas podcast marathon and features almost all of our hosts and special ...

Security News: January 9, 2020 - PSW #634

13 Jan 2020

Contributed by Lukas

In the security news, Car hacking hits the streets, 4 Ring employees fired for spying on customers, MITRE presents ATT&CK for ICS, and Las Vegas suffe...

The Keys to Your Kingdom: Protecting Data in Hybrid and Multiple Public Clouds - Ambuj Kumar - PSW #634

12 Jan 2020

Contributed by Lukas

According to Gartner, 70% of businesses are adopting a hybrid cloud and multi-cloud strategy to augment their internal data centers. The challenges of...

Improve Pen Testing Outcomes With Purple Teaming - PSW #634

11 Jan 2020

Contributed by Lukas

Purple teaming reduces the lifespan of vulnerabilities found from pentests by facilitating knowledge transfer between red and blue teams in the remedi...

Security News: January 2, 2020 - PSW #633

05 Jan 2020

Contributed by Lukas

In the security news, mysterious Drones are Flying over Colorado (watchout Mr. Alderman), 7 Tips for Maximizing Your SOC, The Most Dangerous People on...

Diplomacy, Norms and Deterrence in Cyberspace - Chris Painter - PSW #633

04 Jan 2020

Contributed by Lukas

Global conversations around acceptable norms of behavior in cyberspace (particularly for states), attribution, accountability, and deterrence (though ...

Security History - Lessons from the past - PSW #632

03 Jan 2020

Contributed by Lukas

The history of security can be traced back to a variety of different sources. The amount of articles on the topic is dizzying. Most will cite names of...

Who is Going to Protect the Brave New Virtual Worlds and HOW? - Kavya Pearlman - PSW #633

03 Jan 2020

Contributed by Lukas

Emerging technologies such as Virtual, Augmented and Mixed Reality are inevitably gaining momentum and helping businesses gain competitive advantage. ...

Security vs. Compliance - PSW #632

28 Dec 2019

Contributed by Lukas

It was once said that if Security and Compliance were in a relationship the status would be "It's Complicated". This discussion will aim to help you u...

Holiday Hack Challenge - PSW #631

25 Dec 2019

Contributed by Lukas

Each year the team at Counterhack Challenges makes available the Holiday Hack Challenge. Led by Ed Skoudis, and created by some of the most talented s...

The State of Penetration Testing - PSW #631

24 Dec 2019

Contributed by Lukas

Penetration testing has evolved quite a bit in the past year. As defenses shift, and in some cases get much better, attack techniques and landscapes h...

DevOps and Securing Applications - PSW #632

23 Dec 2019

Contributed by Lukas

- Given that DevOps is a process and its execution requires many different tools, how do we get started "doing DevOps"? - What about DevOps allows us ...

Blue Team Tactics and Techniques - PSW #631

23 Dec 2019

Contributed by Lukas

It's often said that attackers need only to get it right once, where defenders have to be right all of the time. Those of us who have worked in a secu...

Risks, Ransomware, Data Leaks, Oh My! - PSW #630

15 Dec 2019

Contributed by Lukas

In the Security News, Reveton ransomware schemer stripped of six years of freedom, £270,000, and Rolex, Web-hosting firm 1&1 hit by almost €10 mill...

Backdoors & Breaches - The Card Game - PSW #630

14 Dec 2019

Contributed by Lukas

John Strand is a Security Analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures. John will be talking about Backd...

Runtime Protection for Containers - Jorge Salamero - PSW #630

13 Dec 2019

Contributed by Lukas

Jorge Salamero is the Director of Technical Marketing at Sysdig. Jorge enjoys playing with containers and Kubernetes, home automation and DIY projects...

Defecting Chinese, IoT Smartwatch, and Malicious SDKs - PSW #629

09 Dec 2019

Contributed by Lukas

Netflix: BPF is a new type of software we use to run Linux apps securely in the kernel, Automated security tests with OWASP ZAP, HackerOne Breach Lead...

Open Source Intelligence (OSINT) in Cyber - PSW #629

08 Dec 2019

Contributed by Lukas

Micah Hoffman is the Principle Investigator at Spotlight Infosec. Looking to increase the publicity of using Open Source Intelligence (OSINT) in tradi...

Outlook on Phishing in 2020 - Eric Brown - PSW #629

07 Dec 2019

Contributed by Lukas

Eric Brown is the Sr. Security Analyst at LogRhythm. Eric will cover topics including: Phishing Trends, 2020 Outlook, Top 4 Types Eric is seeing: Exec...

The Marvel Universe - PSW #628

28 Nov 2019

Contributed by Lukas

In the Security News, Disney Plus Blames Past Hacks for User Accounts Sold Online, Why Multifactor Authentication Is Now a Hacker Target, How the Linu...

Coalfire Incident & DerbyCon Communities - PSW #628

27 Nov 2019

Contributed by Lukas

Dave Kennedy is the Founder & CEO of TrustedSec. Dave comes on the show to talk about the Coalfire incident and DerbyCon communities. Visit https://ww...

The Next Generation of SOCs - Peter Liebert - PSW #628

26 Nov 2019

Contributed by Lukas

Peter Liebert is the CEO at Liebert Security. After working in and with SOCs for the majority of my career, as well as building one from the ground up...

Humans vs. Machines - PSW #627

18 Nov 2019

Contributed by Lukas

Two security researchers earned $60,000 for hacking an Amazon Echo, Amazon Kindle, Embedded devices Open to Code-Execution, This App Will Tell You if ...

Simulating Ransomware Attacks with SCYTHE - PSW #627

17 Nov 2019

Contributed by Lukas

Bryson Bort (Founder and CEO of SCYTHE) will demonstrate how to safely simulate ransomware and a multi-staged APT with lateral movement in your produc...

The Ethics of Surveillance - Dr. Kevin Harris - PSW #627

16 Nov 2019

Contributed by Lukas

As advancements have been made in technologies new surveillance tools have been designed giving those charged with protecting citizen's additional opp...

Security News: November 7, 2019 - PSW #626

11 Nov 2019

Contributed by Lukas

In the Security News, Who is responsible for Active Directory security within your organization?, Apple publishes new technical details on privacy fea...

Arcade Hustle - PSW #626

10 Nov 2019

Contributed by Lukas

Kevin Finisterre is a Co-founder of Arcade Hustle. Josh Valentine is a Co-founder of Arcade Hustle. Josh and Kevin have spent the last year immersing ...

Peter Smith, Edgewise - Peter Smith - PSW #626

09 Nov 2019

Contributed by Lukas

Peter Smith is the Founder & CEO of Edgewise. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityw...

Security Weekly RoundTable, Cyberwire - PSW #625

03 Nov 2019

Contributed by Lukas

Paul and Matt sit down with Dave Bittner from Cyberwire to discuss the state of security podcasts, the latest security trends, and the security commun...

Format String Vulnerabilities - PSW #625

02 Nov 2019

Contributed by Lukas

Sven Morgenroth is the Security Researcher at Netsparker. Sven joins us again to talk about Formatting string vulnerabilities. To learn more about Net...

A New Prescription for Security - Philippe Courtot, Sumedh Thakar - PSW #625

01 Nov 2019

Contributed by Lukas

Philippe Courtot is the Chairman and CEO of Qualys. Sumedh Thakar is the Chief Product Officer Qualys. Philippe Courtot, chairman and CEO of Qualys wi...

Endgame To Elastic Endpoint Security - Mark Dufresne - PSW #624

27 Oct 2019

Contributed by Lukas

Last week, Elastic and Endgame announced that they have formally joined forces to introduce Elastic Endpoint Security. Together, they combine Elastic'...

Security News: October 24, 2019 - PSW #624

26 Oct 2019

Contributed by Lukas

In the news, we talk Security News, discussing how Amazon Echo and Kindle devices were affected by a WiFi bug, Ransomware and data breaches linked to ...

Mental Health Hackers & Veterans - Tom Williams - PSW #624

25 Oct 2019

Contributed by Lukas

Tom Williams is the Director of Veterans Operations of Veterans MHH. Speaking about the challenges that veterans face and how MHH is looking to addres...

Cybercrime, Threat Hunting, & APT - PSW #623

21 Oct 2019

Contributed by Lukas

Peter Kruse is the Founder of CSIS Security Group. "Nothing specific but a Google search will provide numerous research I have been involved with and ...

Security News: October 17, 2019 - PSW #623

20 Oct 2019

Contributed by Lukas

Cybercrime Tool Prices Bump Up in Dark Web Markets, Pen testers find mystery black box connected to ships engines, Using Machine Learning to Detect IP...

What Makes A Good Pentest Report? - Daniel DeCloss - PSW #623

19 Oct 2019

Contributed by Lukas

DeCloss is the President and CEO of PlexTrac. The segment will focus on the importance of a high-quality report and what red and blue teamers should r...

Security News: October 3, 2019 - PSW #622

07 Oct 2019

Contributed by Lukas

This week, we talk Security News, how Turkey fines Facebook $282,000 over privacy breach, why the FBI is encouraging not to pay ransomware demands, th...

Security & Compliance Introduction - PSW #622

06 Oct 2019

Contributed by Lukas

It's the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with va...

Data Privacy and The Journey to Code - Stewart Room - PSW #622

05 Oct 2019

Contributed by Lukas

Stewart Room is a Partner of PwC. Security Professionals have long understood the need to deliver security outcomes in technology and data, but is the...

Security News: September 26, 2019 - PSW #621

30 Sep 2019

Contributed by Lukas

How a hacker took over a smart home with vulgar music and rising temperatures, a security warning for 23 million YouTube creators following a crazy ha...

Perry Carpenter and Chris Edwards - PSW #621

29 Sep 2019

Contributed by Lukas

We interview Perry Carpenter and Chris Pritchard at DEF CON SE Village. Perry Carpenter talks about how (as someone on the autism spectrum) has used v...

Billy Boatright, Edward Miro, & Jayson Street - PSW #621

28 Sep 2019

Contributed by Lukas

We interview Billy Boatright, Edward Miro, and Jayson Street at DEF CON SE Village. Billy talks about Impostor Syndrome. Edward Miro talks about Rides...

iOS, Equifax Is Back, & phpMyAdmin CSRF Zero-Day - PSW #620

23 Sep 2019

Contributed by Lukas

In the Security News, how an iOS 13 flaw could provide access to contacts with passcode, Equifax demands more information before making payouts, confi...

Audio Security - PSW #620

22 Sep 2019

Contributed by Lukas

Wes Widner is the Cloud Engineering Manager at CrowdStrike. Wes will be talking about personal voice assistants are the wave of the future. So natural...

Anything Red/Purple Teaming - Jason Lang - PSW #620

20 Sep 2019

Contributed by Lukas

Jason Lang is the Sr. Security Consultant of TrustedSec. Modern day red teaming against some of the largest company's in the US. Current passion is An...

SE Village Interviews: Chris Kirsch & Micah Zenko - PSW #619

16 Sep 2019

Contributed by Lukas

At DEF CON 2019, we interview Chris Kirsch on Getting Psychic: Cold Reading Techniques for Fortune Tellers and Social Engineers Cold reading is a tech...

Capital One Breach, Edgewise - Peter Smith - PSW #619

15 Sep 2019

Contributed by Lukas

Peter Smith is the Founder & CEO of Edgewise. Peter will be covering the Capital One breach and the AWS metadata service with request forgery. He will...

Security News: September 12, 2019 - PSW #619

14 Sep 2019

Contributed by Lukas

This week, we present the Security News, to discuss New ransomware grows 118% as cybercriminals adopt fresh tactics and code innovations, Period Track...

SE Village 2020 and Innocent Lives Foundation - Christopher Hadnagy - PSW #618

01 Sep 2019

Contributed by Lukas

Christopher Hadnagy is the Chief Human Hacker of Social-Engineer, LLC. Chris will be giving an overview of inaugural SEVillage Orlando 2020. Brief des...

Analyzing Custom Log Sources - Corey Thuen - PSW #618

31 Aug 2019

Contributed by Lukas

Corey Thuen is the Co-Founder at Gravwell. Security analytics using the new Sysmon DNS logging and Sysmon DNS logging dropped this week. Full Show Not...

Security News: August 28, 2019 - PSW #618

30 Aug 2019

Contributed by Lukas

In the news, we discuss how AT&T employees took bribes to plant malware on the company's network, how hackers could decrypt your GSM calls, 80 suspect...

Critical Patches, Automox - Richard Melick - PSW #617

25 Aug 2019

Contributed by Lukas

Waiting to deploy critical patches makes you a bigger target - Cybercriminals Have Seven-Day Advantage to Weaponize Vulnerabilities, According to New ...

Deobfuscating JavaScript to Investigate Phishing Domains - PSW #617

24 Aug 2019

Contributed by Lukas

Paul gives a technical segment on deobfuscating JavaScript to investigate phishing domains. To learn more about DomainTools, visit: https://securitywe...

Recorded Future and Virsec - PSW #617

24 Aug 2019

Contributed by Lukas

We interview Roman Sannikov, the Director and Analyst on Demand at Recorded Future. We also interview Ray DeMeo, the Chief Operating Officer at Virsec...

DEF CON 27 Interviews - PSW #616

19 Aug 2019

Contributed by Lukas

In this segment, we interview O'Shea Bowens from Null Hat Security and Tyler Robinson from Nisos, Inc., from the Blue Team Village. Then we interview ...

Security News: August 15, 2019 - PSW #616

18 Aug 2019

Contributed by Lukas

The Huawei shenanigans get deeper and more broad. - This is why I have issues with supply chain, CapitalOne hacker may have stolen from 30 more compan...

Blue Team To Red Team, Offensive Security - Tony Punturiero - PSW #616

17 Aug 2019

Contributed by Lukas

Tony Punturiero is the Community Manager at Offensive Security. Discussing about my adventure transferring from being on the blue side to becoming a p...

Joshua Douglas, Mimecast - PSW #615

15 Aug 2019

Contributed by Lukas

During this discussion, Joshua and Paul will speak about the threats facing organizations today and how they are evolving. Josh will also discuss how ...

Security Do's and Don'ts - PSW #615

14 Aug 2019

Contributed by Lukas

Paul, Larry, Doug, and Gabe talk about Software Development: Security Do's & Don'ts. →Visit our website: https://www.securityweekly.com →Follow u...

Gabriel Gumbs, Spirion - PSW #615

13 Aug 2019

Contributed by Lukas

Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirion's rapidly-growing securi...

Security News - PSW - News #614

05 Aug 2019

Contributed by Lukas

In the Security News, the US government issues a light aircraft cyber alert, thieves steal a laptop with 30 years of Data from University of Western A...

Signal Sciences Kubernetes, Doug Coburn - PSW #614

04 Aug 2019

Contributed by Lukas

Talk about the way Signal Sciences is implemented, especially in the container world. Where we sit in the stack for protection of the web apps in thos...

LogRhythm To The Cloud - Sam Straka - PSW - Interview #614

03 Aug 2019

Contributed by Lukas

Sam Straka is the Technical Product Manager at LogRhythm, and he will be talking about the movement of their market to the Cloud, how LogRhythm is inn...

Security News - Paul's Security Weekly #613

26 Jul 2019

Contributed by Lukas

In the Security News, a phishing scheme that targets AMEX cardholders, the list of labs affected by the American Medical Collection Agency data breach...

Integrity Through Prevention, WEforum - Paul's Security Weekly #613

26 Jul 2019

Contributed by Lukas

Troels Oerting is the Head of the Global Centre for Cybersecurity established by World Economic Forum in 2018. Troels talks about Security, Privacy, I...