Professionally Evil Perspective

Today on The Professionally Evil Perspective, Nathan and Aaron discuss the UK's move to prohibit easily guessable default passwords. UK becomes first country to outlaw easily guessable default passwords Executive order on improving the nations cybersecurity Cute Cybersecurity Logos UK's device security law kicks in EnergyStar Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@hotdogggitty @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Nathan and Aaron discuss the Apex Legends hack that occured during a global esports tournament with a 5 million dollar prize pool. Esports League Postponed After Players Hacked Midgame BSides Oklahoma Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@hotdogggitty @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Nathan and Aaron discuss the risk of vending machines using facial recognition software for targeted marketing. Facial Recognition Software Discovered in College Campus Vending Machines Ode to Reeses Peanut Butter Cups Flowers By Irene Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@hotdogggitty @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan assess the risk of Tik Tok and how they themselves use it. Majority of Americans Say TikTok is a Threat the US National Security US senators unveil bipartisan bill empowering Biden to ban TikTok and other services Jack the Whipper RESTRICT Act Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the challenging and vital role of CISO's and how the successes or failures of an organization's security program falls on them. The Reformed Analyst Joe Sullivan Uber CISO Sentenced SEC Sends Wells Notice to SolarWinds Executives Lawyers Behaving Badly Podcast Serious Trouble Podcast Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss a whistleblower's claims that information about covert programs possessing intact crafts of non-human origin has been illegally withheld from Congress. INTELLIGENCE OFFICIALS SAY U.S. HAS RETRIEVED CRAFT OF NON-HUMAN ORIGIN The X-Files Close Encounters of the Third Kind Trailer Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the SEC's proposed rules on public company cybersecurity, including the expertise of its board. Cybersecurity Risks and Privacy Rules Add Pressure on Boards NYDFS Proposes Amendments to Cybersecurity Regulation Public Company Cybersecurity; Proposed Rules Fact Sheet Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss SSL vulnerabilities and their challenges. The Silent Gaze of Braco The Art of Manliness Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the regulation of AI growth and development. OpenAI's Sam Altman Urges A.I. Regulation in Senate Hearing We Have No Moat, and Neither Does OpenAI Dark Web ChatGPT Unleashed: Meet DarkBERT Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan throw it back to Slashdot. Get ready to be entertained by some rants about security stories plucked from the OG user-generated content and community-driven news website. Slashdot.org: News For Nerds, Stuff That Matters Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss AI and some of its caveats. Pause Giant AI Experiments: An Open Letter ChatGPT cooks up fake sexual harassment scandal Life of Dolly Professionally Evil Perspective: The Evolution of OWASP Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the collapse of Silicon Valley Bank, the poor communication and decision-making that led to it, and Secure Ideas recent brush with banking mishaps.. Twitter Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the open letter to OWASP, the organization's future aspirations, and sustainability. OWASP needs to evolve OWASP Budget Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss sensitive photos taken by a robot vacuum and then leaked online . Roomba photos recorded bathroom photos leaked from test units. Click here to see if you are old.   Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss donotpay.com and AI lawyers. DoNotPay.com The Robot Lawyer Was a Super Dumb Idea Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the removal of an attorney attending a show with her daughter at Radio City Music Hall in December. The attorney was employed by a law firm involved in a persoanl injury claim against the operator of Radio City Music Hall. The attorney was recognized through a facial recognition system. facial-recognition-bars-lawyer-rockettes-show Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the FTC actions on the Drizly breach and the responsibility of CEO's when security fails. Press Release: https://www.ftc.gov/news-events/news/press-releases/2022/10/ftc-takes-action-against-drizly-its-ceo-james-cory-rellas-security-failures-exposed-data-25-million Actual Ruling: https://www.ftc.gov/system/files/ftc_gov/pdf/202-3185-Drizly-Decision-and-Order.pdf Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, join Kevin and Nathan for discussion and questions surrounding identity and it's validation. Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the term "Ethical Hacker" and what it implies. Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the risk of reputational damage and the long-term impact of a security breach. Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan talk about different paths into Infosec. Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Today on The Professionally Evil Perspective, Kevin and Nathan discuss the concept of "right to repair", or once you purchase something, should you be allowed to do whatever you want with it, and to it? And a controversy in Denver over a program that caused over 22,000 Xcel Energy customers to lose control of thier thermostats during an "energy emergency". Thousands of Xcel customers locked out of thermostats during energy emergency Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

This month we are joined by OpsHelm, Inc. Founding Security Engineer Lee Brotherston and Black Hills Information Security Content and Community Director Jason Blanchard to discuss current security news. From hacking John Deere combines to play Doom to Janet Jackson crashing laptops, this month was especially entertaining. Join us the last Friday of every month to discuss current events with a rotating list of security pros. Today's Guests: Lee Brotherston can be found on LinkedIn Jason Blanchard can be found on Twitter @BanjoCrashland Links: LastPass source code stolen in data breach Ex Twitter Exec Mudge blows the whistle on cybersecurity practices Janet Jackson can crash a laptop Tacoma Narrows Bridge Collapses Hacker jailbreaks John Deere combine and runs Doom Criminals mailing fake usbs and people are plugging them in Researcher find pro US campaigns on Twitter and Facebook Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

This month we are joined by Cybersecurity Strategist Heather Linn and Information Security Pro Giovanni Cofre to discuss current security news. From police being allowed to view private Ring camera footage to the distribution of an abortion-laced business card at a hacker conference, we covered a lot in one hour. Join us the last Friday of every month to discuss current events with a rotating list of security pros. Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you! Today's Guests: Heather Linn can be found here on LinkedIn Giovanni Cofre can be found on Twitter @GiovanniPatch Links: House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing Russia Released a Ukrainian App for Hacking Russia That Was Actually Malware Race against time: Hackers start hunting for victims just 15 minutes after a bug is disclosed DIY Collective Embeds Abortion Pill Onto Business Cards, Distributes Them At Hacker Conference Bitcoin Dumpster Guy Has a Wild Plan To Rescue Millions In Crypto From a Landfill Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants Amazon Handed Ring Videos to Cops Without Warrants Cops Turn To Google Location Data To Pursue A Death Penalty For 2015 Murder The FBI Forced A Suspect To Unlock Amazon's Encrypted App Wickr With Their Face A Hacker Is Trying to Sell Data on 69 Million Neopets Users

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        @sweaney       @darth_kevin      @secureideas   Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!   Links: dhs-announces-new-cybersecurity-requirements-critical-pipeline-owners-and-operators

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        @sweaney       @84d93r Our June guest @HackerHurricane @secureideas   Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!   Links: iOS 16 and macOS Ventura will let users bypass CAPTCHAs on supported apps and websites Cops Will Be Able to Scan Your Fingerprints With a Phone Hot Tub Crime Machine: Jacuzzi Smart Tubs Left Personal Info Exposed After hacking millions of devices, DoJ operation shuts down RSocks botnet This Hacker Group Forces People to Do Good to Get Their Data Back Canadian internet outage attributed to beaver Leaked Audio From 80 Internal TikTok Meetings Shows Leaked Audio From 80 Internal TikTok Meetings Shows That US User Data Has Been Repeatedly Accessed From China Keeping PowerShell: Security Measures to Use and Embrace https://cybersquirrel1.com/                  

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        @sweaney       @darth_kevin      @secureideas   Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!   Links: is-lamda-sentient-an-interview stop-calling-everything-ai-machinelearning-pioneer-says microsoft-shuts-down-ai-chatbot-after-it-turned-into-racist-nazi https://replika.com/

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        @sweaney       @darth_kevin      @secureideas   Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!   Links: Alex Martin Tweet us-military-hackers-conducting-offensive-operations-in-support-of-ukraine-says-head-of-cyber-command cyberattack-ransomware-nuclear-war general-paul-m-nakasone

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        https://twitter.com/sweaney       https://twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you! This months guests: Ray Davidson Luke Crouch Episode Links: Clearview AI's Facial Recognition Tool Coming To Apps, Schools 2022 Data Breach Investigation Report (DBIR) Twitter will pay a $150 million fine over accusations it improperly sold user data DuckDuckGo Isn't as Private as You Thought “Tough to forge” digital driver's license is… easy to forge

US Prosecutors Won't Charge White Hat Hackers Under New Policy @JeffStone500 Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com Or reach out on Twitter:    Nathan Sweaney Kevin Johnson Secure Ideas Join our Professionally Evil Slack Team: Professionally Evil Slack Team   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!  

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        https://twitter.com/sweaney       Cory Sabol Twitter https://twitter.com/kneppjon Aaron Moss Twitter https://twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!   Episode Links: https://www.zdnet.com/article/bored-ape-yacht-club-instagram-takeover-sees-around-3-million-in-nfts-sail-away/ https://www.zdnet.com/article/hack-dhs-homeland-securitys-first-bug-bounty-turns-up-122-vulnerabilities/ https://infotechlead.com/security/zoom-paid-1-8-mn-under-bug-bounty-program-on-hackerones-platform-72007 https://www.forbes.com/sites/bobzukis/2022/04/18/the-sec-is-about-to-force-cisos-into-americas-boardrooms/?sh=4a318b868a90 https://www.darkreading.com/careers-and-people/-isc-launches-entry-level-cybersecurity-course https://www.vice.com/en/article/k7w9mv/tmobile-hacked-bought-data-mandiant https://krebsonsecurity.com/2022/04/raidforums-get-raided-alleged-admin-arrested/ https://www.techspot.com/news/94346-magnetic-media-storage-sees-record-breaking-sales-ransomware.html

A group claims to be fighting Russia in the name of Ukraine using a botnet.  And wants you to join them.  Kevin and Nathan discuss what could possibly go wrong. 

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        twitter.com/sweaney       twitter.com/RonJonArod twitter.com/hotdogggitty twitter.com/secureideas Episode Links: FBI Warns Of Preliminary Russian Cyber Activity Against American Companies White House Says Reports of an American Cyberwar With Russia Are Greatly Exaggerated DIY Volunteers Are Repairing Ukraine's Destroyed Internet Infrastructure War Is Calling Crypto's ‘Neutrality' Into Question Ransomware Payments, Demands Rose Dramatically in 2021 This is how much the average Conti hacking group member earns a month Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22 Pandemic Leaves Firms Scrambling for Cybersecurity Specialists Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        twitter.com/sweaney       twitter.com/darth_kevin      twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        twitter.com/sweaney       twitter.com/darth_kevin      twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        twitter.com/sweaney       twitter.com/darth_kevin      twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Where can I find Carrie Randolph? twitter.com/karn3ia Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!   Episode Links: wordle-ad-trackers-privacy-new-york-times ukrainian-government-and-banks-hit-by-new-wave-of-cyberattacks /ukraine-defense-ministry-ddos-russia-conflict-de-escalation the-fog-of-information-war-looms-large-over-the-ukraine threat-intelligence/new-york-opens-joint-security-operations-center-in-nyc dhs-creates-cyber-safety-review-board-log4j-fbi-nsa google-account-hacks-dropped-half-two-step-authentication Vishing Makes Phishing Campaigns Three-Times More Successful pentagon-says-nintendo-generation-has-weak-skeletons

Modders are selling "Silent AirTags" on Etsy and eBay Carjackers are using Apple AirTags to track high-end vehicles to steal them later BBC: Apple AirTags - 'A perfect tool for stalking' Most asked questions about AirTags   Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        https://twitter.com/sweaney       https://twitter.com/darth_kevin      https://twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

The IRS Drops Facial Recognition Verification After Uproar https://www.wired.com/story/irs-drops-facial-recognition-verification/ https://www.bloomberg.com/news/articles/2022-01-28/treasury-weighing-id-me-alternatives-over-privacy-concerns ODIN - Homeless Management Information System https://www.vice.com/en/article/wxdp7x/tech-firm-facial-recognition-homeless-people-odin (This is vice, so take that into consideration...) Amazon Recognition moratorium to law enforcement https://www.reuters.com/technology/exclusive-amazon-extends-moratorium-police-use-facial-recognition-software-2021-05-18/ Good outline of privacy concerns with facial recognition technology (FRT) https://www.asisonline.org/security-management-magazine/monthly-issues/security-technology/archive/2021/december/facial-recognition-in-the-us-privacy-concerns-and-legal-developments/ Atlanta - Operation Shield – Public and Private cameras accessible to police https://atlantapolicefoundation.org/programs/operation-shield/ Cities with the most cameras https://www.comparitech.com/studies/surveillance-studies/the-worlds-most-surveilled-cities/   Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        twitter.com/sweaney       twitter.com/darth_kevin      twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Links to today's topics: Liquor stores stuck with limited stock since Christmas cyber attack against Sask. liquor authority | CBC News microsoft-warns-disk-wiping-malware-targeting-ukraine white-house-instructs-agencies-cybersecurity-strategy-memo-cisa Moving the U.S. Government Toward Zero Trust Cybersecurity Principles mexican-cartels-recruit-drug-mules-on-grand-theft-auto-online senate-weighs-bill-to-protect-satellites-from-getting-hacked florida-considers-deepfake-ban sweden-launches-psychological-defense-agency-to-counter-disinformation apple-scrubs-support-pages-all-mentions-controversial-csam image scanning feature Bored Ape Yacht Club Artist Says Compensation 'Definitely Not Ideal' Where can you find Tim Medin? twitter.com/TimMedin linkedin.com/in/timmedin/ tim@redsiege.com redsiege.com/discord Where can you find Jason Wood? twitter.com/Jason_Wood linkedin.com/in/tadaka/ tadaka@gmail.com Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter:        twitter.com/sweaney       twitter.com/darth_kevin      twitter.com/secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com   Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Episode notes and links: FTC Log4j Warning https://www.ftc.gov/news-events/blogs/techftc/2022/01/ftc-warns-companies-remediate-log4j-security-vulnerability Federal Trade Commission Act https://www.ftc.gov/enforcement/statutes/federal-trade-commission-act FTC Equifax Fines https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement Principle of Subsidiarity https://en.wikipedia.org/wiki/Subsidiarity Got suggestions, complaints or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: https://twitter.com/sweaney https://twitter.com/darth_kevin https://twitter.com/secureideas our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Open source developer corrupts widely-used libraries, affecting tons of projects https://www.theverge.com/2022/1/9/22874949/developer-corrupts-open-source-libraries-projects-affected NPM libraries in question: https://github.com/Marak/colors.js https://github.com/marak/Faker.js/ Marek's post about no more free work: http://web.archive.org/web/20210704022108/https://github.com/Marak/faker.js/issues/1046 Leftpad issue from 2016 https://qz.com/646467/how-one-programmer-broke-the-internet-by-deleting-a-tiny-piece-of-code/ Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: https://twitter.com/sweaney https://twitter.com/darth_kevin https://twitter.com/secureideas Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!

Jump back into a discussion of current events with Kevin and Nathan after a long break.  Packed with professional perspectives and opinions.  This week we dive a little deeper into Log4j.

In this episode, we discuss ethics, TLS 1.3, autonomous cars and replacements for multifactor authentication. We also interview Amanda Berlin and her experience writing the book Defensive Security Handbook: Best Practices for Securing Infrastructure.

This episode of the Professionally Evil Perspective podcast is an interview-style discussing the project RTLAMR. We discuss the purpose of the code, how SDR is used and the information you can expect to find from your ERT devices floating in the airwaves.

In this Professionally Evil Podcast PEPisode, we re-launch the podcast.  12 of us hang out and talk about what we are doing and whats coming up.    

James and Kevin discuss a few of the events this year (breaches and otherwise), the release of Samuari 3.0 and some up-coming events.   

Is the idea of penetration testing evolving or is it staying the same?   What is the goal of a penetration test?  Does it differ by client?   James and Kevin discuss penetration testing and how it is changing.  When it comes to reporting, what data do you include, how do you represent it, and who is your audience?  These questions and more are discussed.

We are not lawyers but want to make you aware of some of the laws that exist around data breaches.  Sometimes these laws pop up with very little media coverage and you have no idea.  

James and Kevin talk about the new office in Jacksonville, FL.  Some rambling about setting it up and how we like it.   Not so technical.. but exciting for us.

James and Kevin discuss the idea of Exploitation and its importance in the testing methodology.  Join them for a witty conversation about one of the favorite phases of the process.

Kevin and James discuss not only the issues for Healthcare.gov regarding vulnerabilities, but the real issue of the lack of security being part of the process.  This podcast covers a few different ways to build security in and reduce the risk exposure of your applications.