최고 Josh Loveless 팟캐스트 (2024)

1
Tourists, Fortis, apps, TLP, AWS, Google, Chatbots, Aaran Leyland, and More... - SWN #425 35:07

4h ago35:07

35:07

Tourist Abuse, Fortis, apps, TLP, AWS, Google, Chatbots, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-425

1
Transforming the Defender's Dilemma into the Defender's Advantage - Charlotte Wylie, Bhawna Singh, Lenny Zeltser - ESW #381 1:50:15

6h ago1:50:15

1:50:15

Ever heard someone say, "the attacker only has to be right once, but the defender has to get it right every time"? On this episode, we'll dispel that myth. There is some truth to the saying, but only with regards to initial access to the target's environment. Once on the inside, the attacker's advantage flips to the defender. Call it the 'Home Alon…

1
Secure By Default - How do we get there? - Andy Syrewicze - PSW #848 3:06:32

24h ago3:06:32

3:06:32

Andy drops some Microsoft Windows and 365 knowledge as we discuss the details on how we get to secure by default in our Windows and cloud environments. This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to be…

1
Secure By Default - How do we get there? - Andy Syrewicze - PSW #848 3:06:32

1d ago3:06:32

3:06:32

Andy drops some Microsoft Windows and 365 knowledge as we discuss the details on how we get to secure by default in our Windows and cloud environments. This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to be…

1
Doom Brain, E2EE, OT, Adload, Cisco, VMware, internet archive, Josh Marpet ... - SWN #424 29:57

1d ago29:57

29:57

Doom on a Human Brain, E2EE, OT, Adload, Cisco, VMware, Internet Archive, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-424

1
Aligning Tech Execs on Cyber Resilience - Theresa Lanowitz - BSW #369 1:01:21

1d ago1:01:21

1:01:21

Getting C-Suite execs aligned on cyber resilience and cybersecurity can be a challenge. LevelBlue's recent Futures™️ report sought to uncover the barriers that prevent companies from achieving cyber resilience in the enterprise today. The report not only surveyed C-Suite execs (CIOs, CTOs, and CISOs), but non-C-Suite leaders from engineering and ar…

1
TQC: Jonny talks with Jared Sullivan & Stephen Lowry of ShowBoy Bake Shop 44:18

5d ago44:18

44:18

Join the studio as Jonny talks with frequent Food Network competitors and the owners of the ShowBoy Bake Shop out of Vegas, Jared Sullivan and Stephen Lowry! We talk Food Network, Baking 101 tips, where the creative comes from and BROADWAY!! You don't want to miss this! www.thequeercentric.com @thequeercentric on IG and Facebook Show Boys Bakery Li…

1
The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304 1:17:25

2d ago1:17:25

1:17:25

Building cloud native apps doesn't mean you're immune to dealing with legacy systems. Cloud services have changed significantly over the last decade, both in the security controls available to them and the sheer volume of services that CSPs provide. Scott Piper shares some history of cloud security, the benefits of account separation, and how ratch…

1
Stealing, Kubernetes, Passkeys, SolarWinds, Intel, Sextortion, and... - SWN #423 33:22

2d ago33:22

33:22

Stealing Pencils, Kubernetes, Passkeys, SolarWinds, Intel, North Koreans, Sextortion, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-423

1
Cybersecurity Success is Business Success - Renuka Nadkarni, Theresa Lanowitz - ESW #380 1:46:37

5d ago1:46:37

1:46:37

Secure by design is more than just AppSec - it addresses how the whole business designs systems and processes to be effective and resilient. The latest report from LevelBlue on Cyber Resilience reveals security programs that are reactive, ill-equipped, and disconnected from IT and business leaders. Most security problems are out of security teams' …

1
Effective Operational Outcomes - Ken Dunham - PSW #847 2:58:09

9d ago2:58:09

2:58:09

New security and vulnerability research is published every day. How can security teams get ahead of the curve and build architecture to combat modern threats and threat actors? Tune-in to a lively discussion about the threat landscape and tips on how to stay ahead of the curve. Segment Resources: https://blog.qualys.com/vulnerabilities-threat-resea…

1
Effective Operational Outcomes - Ken Dunham - PSW #847 2:58:09

8d ago2:58:09

2:58:09

New security and vulnerability research is published every day. How can security teams get ahead of the curve and build architecture to combat modern threats and threat actors? Tune-in to a lively discussion about the threat landscape and tips on how to stay ahead of the curve. Segment Resources: https://blog.qualys.com/vulnerabilities-threat-resea…

1
Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303 41:59

1d ago41:59

41:59

Looking at vulnerable code in Ivanti (Perl) and Magento (PHP), fuzzing is perfect for parsers, handling tenant isolation when training LLMs, Microsoft's small steps towards secure design, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-303…

1
Stego, uBlock, PPTP, Log4J, Command Jacking, Windows 10, Feet, Josh Marpet, and More. - SWN #422 30:23

1d ago30:23

30:23

AI Stego, uBlock, PPTP, Log4J rises again, Command Jacking, Windows 10, Principal Skinner's Feet, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-422

1
Budget Planning Guide 2025: Security And Risk - Jeff Pollard - BSW #368 59:35

11d ago59:35

59:35

In today’s uncertain macroeconomic environment, security and risk leaders need practical guidance on managing existing spending and new budgetary requests. Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research, joins Business Security Weekly to review Forrester's Budget Planning Guide 2025: Security And…

1
Cybercab, Golden Jackal, Mamba 2FA, Microsoft, iPhone thieves, esims, Aaran Leyland.. - SWN #421 30:25

15d ago30:25

30:25

Cybercab, Golden Jackal, Mamba 2FA, Multi Microsoft, iPhone thieves, esims, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-421

1
Community Knowledge Sharing with CyberNest - Ben Siegel, Aaron Costello - ESW #379 1:53:03

15d ago1:53:03

1:53:03

For this interview, Ben from CyberNest joins us to talk about one of my favorite subjects: information sharing in infosec. There are so many amazing skills, tips, techniques, and intel that security professionals have to share. Sadly, a natural corporate reluctance to share information viewed as privileged and private has historically had a chillin…

1
The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846 2:14:57

16d ago2:14:57

2:14:57

"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. Th…

1
The Code of Honor: Embracing Ethics in Cybersecurity - Ed Skoudis - PSW #846 2:14:57

16d ago2:14:57

2:14:57

"Code of Honor: Embracing Ethics in Cybersecurity" by Ed Skoudis is a book that explores the ethical challenges faced by cybersecurity professionals in today's digital landscape. The book delves into the complex moral dilemmas that arise in the field of cybersecurity, offering guidance on how to navigate these issues while maintaining integrity. Th…

1
The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 1:12:35

18d ago1:12:35

1:12:35

Zed Attack Proxy has been a crucial web app testing tool for decades. It's also had a struggle throughout 2024 to obtain funding that would enable the tool to add more features while remaining true to its open source history. Simon Bennetts, founder of ZAP, and Ori Bendet from Checkmarx update us on that journey, share some exploration of LLM fuzzi…

1
AI, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet... - SWN #420 30:10

18d ago30:10

30:10

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-420

1
Run Your Security Program Like an Election Campaign - Kush Sharma - BSW #367 1:05:11

18d ago1:05:11

1:05:11

Does the CISO need to act like a politician? Negotiating budgets, communicating risks, and selling your strategy across the organization does sound a little like a politician. And if that's the case, are you hiring the right campaign staff? Kush Sharma, former CISO for CPR, City of Toronto, and Saputo, joins Business Security Weekly to discuss why …

1
Perfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419 32:36

22d ago32:36

32:36

Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-419

1
Cybersecurity Career Paths: from touring musician to purple teaming at Meta - Neko Papez, Brian Contos, Jayson Grace - ESW #378 2:14:25

23d ago2:14:25

2:14:25

Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup na…

1
Analyzing Malware at Scale - John Hammond - PSW #845 3:07:23

24d ago3:07:23

3:07:23

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attack…

1
Analyzing Malware at Scale - John Hammond - PSW #845 3:07:23

24d ago3:07:23

3:07:23

This episode of Paul Security Weekly features John Hammond, a senior security researcher from Huntress, discussing malware analysis. Hammond dives into the analysis of Ocean Lotus attacks, highlighting the use of stealthy techniques like alternate data streams and DLL side-loading. The conversation also touches on the challenges of combating attack…

1
More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301 45:57

24d ago45:57

45:57

More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301…

1
Death Stars, Recall, Microsoft, Brocade, AI, Josh Marpet, and more... - SWN #418 29:19

25d ago29:19

29:19

Death Stars are not real or are they?, Recall, Microsoft, Brocade, AI and More and More AI, Josh Marpet, and more on the Cyber Security News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-418

1
How to Attain Zero Trust - Rob Allen - BSW #366 57:58

25d ago57:58

57:58

The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticin…

1
Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker... - Rob Allen - SWN #417 33:04

29d ago33:04

33:04

Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker, and More on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/hackers-deploy-ai-written-malware-in-targeted-attacks/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more abou…

1
SIEM: Shakeup in Event Management - What's Happening in the SIEM market today? - Jason Shockey, Seth Goldhammer - ESW #377 1:59:45

29d ago1:59:45

1:59:45

The SIEM market has undergone some significant changes this summer. This is a great opportunity to talk about the current state of SIEM! In this conversation, we'll discuss: market changes and terminology: security analytics, data lakes, SIEM what is SOAR's role in the current SIEM market? machine learning and generative AI's role strategies for im…

1
AI in Cyber & Addressing Analyst Burnout - Kayla Williams - PSW #844 2:59:14

30d ago2:59:14

2:59:14

This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance of understanding internet speed needs, and the cybersecurity threats f…

1
AI in Cyber & Addressing Analyst Burnout - Kayla Williams - PSW #844 2:59:14

30d ago2:59:14

2:59:14

This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance of understanding internet speed needs, and the cybersecurity threats f…

1
C3pbot, Kaspersky, Octo2 , Honkai: Star Rail, ServiceNow, LinkedIn... - SWN #416 29:32

1M ago29:32

29:32

C3pbot, Kaspersky, Octo2 Electric Boogaloo, Honkai: Star Rail, ServiceNow, LinkedIn, IoT, Josh Marpet, and more on the Cyber Security News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-416

1
Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300 1:07:51

1M ago1:07:51

1:07:51

APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational…

1
Authentication and Authorization in the AI Era - Shiven Ramji - BSW #365 1:06:53

1M ago1:06:53

1:06:53

In the leadership and communications segment, CISA Releases Cyber Defense Alignment Plan for Federal Agencies, UnitedHealth Group CISO: We had to ‘start over’ after Change Healthcare attack, 20 Essential Strategies for Leadership Development Success, and more! AI is bringing productivity gains like we’ve never seen before -- with users, security te…

1
Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More... - SWN #415 34:59

1M ago34:59

34:59

Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-415

1
Do phishing tests do more harm than good? & Speed, Flexibility, and AI - Wolfgang Goerlich, Whitney Young - ESW #376 1:52:31

1M ago1:52:31

1:52:31

A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days. He posted, "our industry needs to kill the phish test",and I knew we needed to have a chat, ideally captured here on the podcast. I've been on the fence when it comes to phishing simulation, partly because I used to phish people as…

1
Exploding Pagers - Tod Beardsley - PSW #843 2:53:37

1M ago2:53:37

2:53:37

Apple drops a lawsuit to avoid exposing secrets, what does it mean for the security industry if MS locks down the kernel?, exploding pagers, more things from the past: Adobe Flash exploits, robots get rid of your data, PKFail is still a thing, Android TV malware is back: now with conspiracy theories, DMA attacks, gamers are not nation-state attacke…

1
Exploding Pagers - Tod Beardsley - PSW #843 2:53:37

1M ago2:53:37

2:53:37

Apple drops a lawsuit to avoid exposing secrets, what does it mean for the security industry if MS locks down the kernel?, exploding pagers, more things from the past: Adobe Flash exploits, robots get rid of your data, PKFail is still a thing, Android TV malware is back: now with conspiracy theories, DMA attacks, gamers are not nation-state attacke…

1
Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299 1:02:26

1M ago1:02:26

1:02:26

When a conference positioned as a day of security for developers has to be canceled due to lack of interest from developers, it's important to understand why there was so little interest and why appsec should reconsider its approach to awareness. Dustin Lehr discusses how appsec can better engage and better deliver security concepts in a way that m…

1
Back to the office, Void Banshee, ServiceNow, Taiwan, Dlink, C++, Aaran Leyland... - SWN #414 34:40

1M ago34:40

34:40

Back to the office serfs, Void Banshee, ServiceNow, Taiwan, Dlink, C++, Aaran Leyland, and more on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-414

1
Solving the Cybersecurity Data Problem - Padraic O'Reilly - BSW #364 1:00:54

1M ago1:00:54

1:00:54

Cybersecurity is complex. We have threats, vulnerabilities, incidents, controls, risks, etc. But how do they all connect together to drive a cyber risk program? As an industry, we've struggled for 20+ years trying to boil this ocean. Maybe we've been going about it the wrong way. Padraic O'Reilly, Founder and Chief Innovation Officer at CyberSaint,…

1
Li-On, Lazarus, Whatsup, Scattered Spider, Hadooken, Dead People, Aaran Leyland... - SWN #413 31:12

1M ago31:12

31:12

Through the Fire and Li-On Flames, Lazarus, Whatsup, Scattered Spider, Hadooken, Dead People, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-413

들어볼 가치가 있는 팟캐스트

Josh Loveless 팟 캐스트

들어볼 가치가 있는 팟캐스트

빠른 참조 가이드