Podcasts about attack surface

Episode 120: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner welcomes Eugene to talk (aka fanboy) about his new book, 'From Day Zero to Zero Day.' We walk through what to expect in each chapter, including Binary Analysis, Source and Sink Discovery, and Fuzzing everything.Then we give listeners a special deal on the book.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter:https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor - ThreatLocker User Storehttps://www.criticalthinkingpodcast.io/tl-userstoreToday's guest: https://x.com/spaceraccoonsec====== Resources ======Buy SpaceRaccoon's Book: From Day Zero to Zero Dayhttps://nostarch.com/zero-dayUSE CODE 'ZERODAYDEAL' for 30% OFFPwning Millions of Smart Weighing Machines with API and Hardware Hackinghttps://spaceraccoon.dev/pwning-millions-smart-weighing-machines-api-hardware-hacking/====== Timestamps ======(00:00:00) Introduction(00:04:58) From Day Zero to Zero Day(00:12:06) Mapping Code to Attack Surface(00:17:59) Day Zero and Taint Analysis(00:22:43) Automated Variant Analysis & Binary Taxonomy(00:31:35) Source and Sink Discovery(00:40:22) Hybrid Binary Analysis & Quick and Dirty Fuzzing(00:56:00) Coverage-Guided Fuzzing, Fuzzing Everything, & Beyond Day Zero(01:02:16) Bug bounty, Vuln research, & Governmental work(01:10:23) Source Code Review & Pwning Millions of Smart Weighing Machines

In this OODAcast, Chris Wysopal shares his insights from decades in cybersecurity, detailing his journey from the early hacking collective "The L0pht" to co-founding Veracode. Wysopal reflects on the evolution of cybersecurity, highlighting his early contributions to vulnerability research and advocating the importance of adversarial thinking in security practices. He emphasizes the transition from traditional vulnerability testing to comprehensive application risk management, recognizing the increased reliance on third-party software and the escalating complexity of securing modern applications. Wysopal also discusses how generative AI technologies are significantly accelerating application development but simultaneously creating substantial security challenges. He stresses that while AI-generated applications multiply rapidly, their vulnerability density remains comparable to human-written code. To manage this growing risk, Wysopal underlines the necessity of integrating automated, AI-driven vulnerability remediation into the software development lifecycle. Looking forward, Wysopal advocates for embedding security deeply within the application creation process, anticipating that AI will eventually assist in producing inherently secure software. However, he also underscores the enduring threat of social engineering attacks, urging enterprises to prioritize comprehensive security awareness programs to bolster their overall cybersecurity posture and resilience. The conversation examines some very interesting correlations between the mindset of the great hackers and the success of great entrepreneurs. Both take a good bit of grit, an ability to focus and be creative and perhaps most importantly: Persistence. Learn more about Chris Wysopal's approaches and the company he founded at Veracode. For insights into reducing your organization's attack surface see: State of Software Security 2025

It's no surprise that our systems are under attack by all sorts of criminals. Some organized, some opportunistic, some just aiming for vandalism. We need to protect our digital systems to prevent issues, and a part of better protection is reducing the number of places that are vulnerable. Those places include databases. This article discusses the rising costs of data breaches and the increased frequency of attacks. It also examines the increasing number of regulations that are demanding proof of stricter security measures. It can be hard enough to defend production systems, let alone protecting dev/test environments. I see an increasing number of organizations that limit access to production systems, even to the point that this impedes some of the daily work habits of technology professionals, but that is probably a good thing. Too many of us are too lax when it comes to security. Read the rest of Lower Your Attack Surface Area

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Matt Lembright, Global Lead of Censys Search, discusses the company's role in scanning the entire internet for threats, focusing on frequency, accuracy, and data richness. Censys helps government agencies and private organizations manage their attack surfaces by identifying exposed devices and vulnerabilities. The conversation highlights the challenges of securing operational technology (OT) and Internet of Things (IoT) devices, emphasizing the importance of understanding device protocols and maintaining up-to-date software. Lembright stresses the need for community engagement, local government involvement, and effective communication to protect critical infrastructure. He also mentions Censys' cybersecurity glossary as a resource for understanding key terms and concepts.

Unlock the secrets of effective attack surface monitoring in this replay of The Cyber Threat Perspective. Brad and Spencer dive into essential practices, tools, and methodologies to keep your systems secure.Define and understand attack surface and attack vectorsDistinguish between physical and digital attack surfacesExplore DIY vs. commercial tools for attack surface monitoringLearn from bug bounty industry methodologies and resourcesEmphasize the importance of continuous monitoring and asset managementCheck out our show notes for additional resources, and don't forget to like, share, and subscribe!Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

Did you know nearly half of your enterprise devices are agentless—leaving your attack surface wide open? In this episode, Ron is joined by Pandian Gnanaprakasam, Co-Founder and Chief Product Officer at Ordr, to discuss the critical risks posed by agentless devices and how orchestration can strengthen your defenses. Pandian shares key findings from Ordr's 2024 "Rise of the Machines" report, highlighting the risks of overlooked agentless devices. He covers the rapid growth of these devices, strategies to manage vulnerabilities, and how automation can strengthen your defenses.   Impactful Moments: 00:00 - Introduction 04:15 - Why agentless devices dominate the next decade 06:30 - Insights from Ordr's “Rise of the Machines” report 08:50 - Hidden risks: 42% of devices are agentless 11:15 - Solving the "Swiss cheese" problem of security gaps 14:30 - Prioritizing vulnerabilities with business context 18:10 - Orchestration vs. automation: The harmony difference 22:00 - Why visibility is the foundation of security 27:30 - Ordr's unique approach to securing the attack surface Links: Connect with our guest, Pandian Gnanaprakasam: https://www.linkedin.com/in/gpandian/ Check out Ordr's Rise of the Machines report here: https://ordr.net/resources/rise-of-the-machines-report-2024 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

In this Risky Business News sponsor interview, Catalin Cimpanu talks with runZero founder and CEO HD Moore about the company's latest capability, a feature called Inside-Out Attack Surface Management that takes internal fingerprints and scans the internet to discover possible exposures. Show notes Inside-Out Attack Surface Management: Identify the risk before hackers bridge the gap

Odysseas is co-founder and CEO of Phylax, a web3 security company building a security layer for blockchain-based protocols. Before Phylax, Odysseas worked at Nomad, a crypto exchange which suffered a $190M breach in August 2022. In the episode, we talk about his unique background as a developer relations manager, the approach law enforcement takes to recover funds in the wake of a crypto breach, the different attack surfaces for the web3 ecosystem, and more. If you are not a blockchain expert, do not worry, me neither. There are still plenty of interesting high level conversation points throughout!

SaaS (Software as a Service) applications, due to their ease of launch and proliferation, have created a “perfect storm” for attackers, and a significant challenge for cybersecurity professionals. Organizations with over 1,000 employees typically use 150+ SaaS applications, often unmanaged, which expands the attack surface and poses a unique threat to entities like the federal government.    This week on Feds At the Edge, we discuss where the threats may lie and give practical information on attempting to control this new threat vector.      Mark Canter, CISO at US GAO, highlights the widespread lack of understanding about where data is used, emphasizing the importance of good data management practices. AI can play a pivotal role in systematically addressing this issue.    Tune in on your favorite podcasting platform as we explore why organizations should maintain accurate inventories of SaaS applications, identifying and managing shadow SaaS apps, and implementing robust governance practices to secure and optimize their SaaS ecosystems.       

According to Fortinet's 2024 State of Operational Technology and Cybersecurity Report, 43 percent of those surveyed reported a loss of business critical data or intellectual property so far in 2024– a number this is up nearly 10 percent from last year. And we all know what happens with this hijacked data. Per the World Economic Forum's May 2024 white paper, the number of ransomware attacks on industrial infrastructure doubled in 2023, boosting ransomware to the leading concern for manufacturers, with 40 percent citing it as their top issue. While that may not surprise you, this might - due to the many challenges we've discussed here on Security Breach, the industrial sector now accounts for 71 percent of all ransomware attacks. Our data is valuable and the hackers know it.To offer some perspective on protecting this data, we sat down with Karthik Krishnan, CEO of Concentric.ai – a leading provider of data security posture management solutions. Watch/listen as he provides insight on:Prioritizing and limiting data access to lessen the blast radius.How data, especially customer data, is essentially the "new oil."Reversing your mindset to think about "data out" instead of "user in".The generative AI advancements that continue to be made, and how they're producing more complex phishing and ransomware attacks.  Why it has become easier for hackers to get a foothold on your network.The best ways to shore up your weakest security link - employees.How it all starts with data discovery and visualization, then prioritization.A look at the money involved with remediation and response costs versus proper planning and defense prep.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.Everyday AI: Your daily guide to grown with Generative AICan't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead.Listen on: Apple Podcasts SpotifyTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com. To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

October 23, 2024: Founder and CTO at Tausight, David Ting, joins Bill for a deep dive into one of healthcare's most significant vulnerabilities—attack surfaces. With up to 75% of staff holding dangerous admin privileges, health systems may be more exposed than they realize. Ting reveals eye-opening strategies to secure systems by limiting access, but at what cost? Can healthcare strike the right balance between security and efficiency? Tune in to uncover the trade-offs that could make or break an organization's defenses.Key Points:04:15 Current Threats and Strategies07:09 Attack Surface Reduction11:16 Statistics on Employee Access13:42 Windows vs. Linux16:49 Data HoardingNews articles:Texas hospital keeps diverting patients after cyberattack: 5 updatesThis Week Health SubscribeThis Week Health TwitterThis Week Health LinkedinAlex's Lemonade Stand: Foundation for Childhood Cancer Donate

Have you ever opened up to someone, only to have your vulnerability used against you? In this episode of Waking Up to Narcissism, we introduce the concept of the “attack surface”—that uncomfortable dynamic where emotionally immature or narcissistic partners turn your honesty into their weapon of control. We'll also explore how this need for control originates from emotional immaturity, dive into the origin story of our deep-seated fear of abandonment, and discuss practical ways to develop your emotional maturity. From separating observations from judgments to the 4 Points of Balance in differentiation, this episode offers tools to help you confront unresolved personal issues in relationships with integrity and create healthier, more connected interactions. Are you in the mental health profession and are curious about using AI (artificial intelligence) notes? Check out Berries, the notes Tony described in today's episode. Click here https://berries.icu/?code=4952 Or use code Tony50 when you sign up to get $50 off your first month of Berries revolutionary AI, HIPPA-compliant mental health notes. If you are interested in seeing an example of a note, email tony at contact@tonyoverbay.com. 00:00 Introduction and Welcome 00:18 Speaking Engagements and Personal Anecdotes 03:13 The Concept of Attack Surface 11:36 Real-Life Example: Alex and Taylor 15:03 Understanding Emotional Immaturity 22:39 Control as a Defense Mechanism 26:57 Origins of Fear and Emotional Abandonment 28:02 Example Scenario: Jamie and Sam 29:09 Sam's Fear and Defensive Reactions 31:00 The Impact of Emotional Immaturity 38:21 Observations vs. Judgments 42:08 Developing Emotional Maturity 45:22 The Four Points of Balance 49:55 Confronting Personal Issues with Integrity If you are interested in joining Tony's private Facebook group for women in narcissistic or emotionally immature relationships of any type, please reach out to him at contact@tonyoverbay.com or through the form on the website, HTTP://www.tonyoverbay.com If you are a man interested in joining Tony's "Emotional Architects" group to learn how to better navigate your relationship with a narcissistic or emotionally immature partner or learn how to become more emotionally mature yourself, please reach out to Tony at contact@tonyoverbay.com or through the form on the website, HTTP:www.tonyoverbay.com

Ever wondered how the best defenders become unstoppable? They think like the attackers. In this episode with Jason Haddix, we reveal the strategies hackers don't want you to know about and show you how to use them to your advantage. Jason, CEO of Arcanum Information Security and Field CISO at Flare, helps us step into the mind of a hacker. With stories and insights that will change how you think about cybersecurity, he talks about the tactics that can turn any security program into a fortress. From exploiting the overlooked to using AI for unbeatable defense, this conversation will revolutionize your approach to cybersecurity.   00:00 Introduction 01:29 Jason Haddix, CEO at Arcanum and Field CISO for Flare 04:48 Origins of Arcanum 07:04 Recon in Cybersecurity 12:22 Recon Discoveries 27:41 Flare's Role in Credential Management 33:47 Tooling for Small Businesses 35:47 Using AI for Cybersecurity 41:23 Flare Platform Deep Dive 43:20 Conclusion   Links: Connect with our guest, Jason Haddix: https://www.linkedin.com/in/jhaddix/ Check out Flare here: https://flare.io Check out Arcanum here: https://www.arcanum-sec.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Text us feedback!In this episode Brad and Spencer discuss Attack Surface Monitoring, what it is, and why it's important for defending against cyber-attacks. They give into the difference between attack vectors and attack surface and share a high-level overview on how to go about monitoring your own attack surface. Finally, they share tools and techniques for attack surface monitoring, many of which are key concepts taken from the world of bug bounty.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

Jeremy Snyder, founder and CEO of FireTail, joins the show to discuss the rising importance of API security in a world where over 80% of internet requests are API calls. Jeremy shares his journey from launching FireTail to becoming a leading voice in cybersecurity, providing insights into how organizations can protect their APIs from increasingly common cyber threats. Learn the strategies to secure your APIs against breaches, understand the critical role of APIs in modern infrastructure, and discover how to mitigate risks that could expose sensitive data. Jeremy also offers advice for tech professionals on how to leverage AI to stay competitive and advance in the evolving job market.

Over its 11 years in publication, the BeyondTrust Microsoft Vulnerabilities Report has been downloaded over 16,000 times, aiding thousands in enhancing their cyber defenses with detailed data analysis and expert insights. This year's report not only examines 2023 Microsoft vulnerabilities but also evaluates their use in identity-based attacks, highlights significant CVEs (9.0+ CVSS scores), and discusses mitigation strategies. In this special Alice & Bob episode, James is joined by top cybersecurity experts and report commentators Paula Januszkiewicz, Terry Cutler, Eliza-May Austin, and Sami Laiho. They discuss the report's findings, share their experiences with vulnerabilities, and explore the future of Microsoft security and AI.

In the latest episode of the Redefining CyberSecurity Podcast, host Sean Martin engages with Rogier Fischer, co-founder and CEO of Hadrian, to delve into the evolving landscape of cybersecurity. The discussion navigates through the intricacies of modern cybersecurity challenges and how Hadrian is providing innovative solutions to tackle these issues. Sean Martin sets the stage by emphasizing the importance of operationalizing cybersecurity strategies to manage risk and protect revenue. Rogier Fischer shares his journey from an ethical hacker working with Dutch banks and tech companies to co-founding Hadrian, a company that leverages advanced AI to automate penetration testing.Fischer highlights the limitations of traditional cybersecurity tools, noting they are often too passive and fail to provide adequate visibility. Hadrian, on the other hand, offers a proactive approach by simulating hacker behavior to identify vulnerabilities and exposures. The platform provides a more comprehensive view by combining various aspects of offensive security, enabling organizations to prioritize their most critical vulnerabilities.One of the key points Fischer discusses is Hadrian's event-driven architecture, which allows the system to detect changes in real-time and reassess vulnerabilities accordingly. This ensures continuous monitoring and timely responses to new threats, adapting to the ever-changing IT environments. Another significant aspect covered is Hadrian's use of AI and machine learning to enhance the context and flexibility of security testing. Fischer explains that AI is selectively applied to maximize efficiency and minimize false positives, thus allowing for smarter, more effective security assessments.Fischer also shares insights on how Hadrian assists in automated risk remediation. The platform not only identifies vulnerabilities but also provides clear guidance and tools to address them. This is particularly beneficial for smaller security teams that may lack the resources to handle vast amounts of raw data generated by traditional vulnerability scanners. Additionally, Hadrian's ability to integrate with existing security controls and workflows is highlighted. Fischer notes the company's focus on user experience and the need for features that facilitate easy interaction with different stakeholders, such as IT teams and security engineers, for efficient risk management and remediation.In conclusion, Rogier Fischer articulates that the true strength of Hadrian lies in its ability to offer a hacker's perspective through advanced AI-driven tools, ensuring that organizations not only identify but also effectively mitigate risks. By doing so, Hadrian empowers businesses to stay ahead in the ever-evolving cybersecurity landscape.Top Questions AddressedWhat drove the creation of Hadrian, and what gaps in the cybersecurity market does it fill?How does Hadrian's event-driven architecture ensure continuous risk assessment and adaptation to changing environments?How does Hadrian leverage AI and machine learning to improve the effectiveness of penetration testing and risk remediation?Learn more about Hadrian: https://itspm.ag/hadrian-5eiNote: This story contains promotional content. Learn more.Guest: Rogier Fischer, Co-Founder and CEO, Hadrian [@hadriansecurity]On LinkedIn | https://www.linkedin.com/in/rogierfischer/ResourcesView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In the latest episode of the Redefining CyberSecurity Podcast, host Sean Martin engages with Rogier Fischer, co-founder and CEO of Hadrian, to delve into the evolving landscape of cybersecurity. The discussion navigates through the intricacies of modern cybersecurity challenges and how Hadrian is providing innovative solutions to tackle these issues. Sean Martin sets the stage by emphasizing the importance of operationalizing cybersecurity strategies to manage risk and protect revenue. Rogier Fischer shares his journey from an ethical hacker working with Dutch banks and tech companies to co-founding Hadrian, a company that leverages advanced AI to automate penetration testing.Fischer highlights the limitations of traditional cybersecurity tools, noting they are often too passive and fail to provide adequate visibility. Hadrian, on the other hand, offers a proactive approach by simulating hacker behavior to identify vulnerabilities and exposures. The platform provides a more comprehensive view by combining various aspects of offensive security, enabling organizations to prioritize their most critical vulnerabilities.One of the key points Fischer discusses is Hadrian's event-driven architecture, which allows the system to detect changes in real-time and reassess vulnerabilities accordingly. This ensures continuous monitoring and timely responses to new threats, adapting to the ever-changing IT environments. Another significant aspect covered is Hadrian's use of AI and machine learning to enhance the context and flexibility of security testing. Fischer explains that AI is selectively applied to maximize efficiency and minimize false positives, thus allowing for smarter, more effective security assessments.Fischer also shares insights on how Hadrian assists in automated risk remediation. The platform not only identifies vulnerabilities but also provides clear guidance and tools to address them. This is particularly beneficial for smaller security teams that may lack the resources to handle vast amounts of raw data generated by traditional vulnerability scanners. Additionally, Hadrian's ability to integrate with existing security controls and workflows is highlighted. Fischer notes the company's focus on user experience and the need for features that facilitate easy interaction with different stakeholders, such as IT teams and security engineers, for efficient risk management and remediation.In conclusion, Rogier Fischer articulates that the true strength of Hadrian lies in its ability to offer a hacker's perspective through advanced AI-driven tools, ensuring that organizations not only identify but also effectively mitigate risks. By doing so, Hadrian empowers businesses to stay ahead in the ever-evolving cybersecurity landscape.Top Questions AddressedWhat drove the creation of Hadrian, and what gaps in the cybersecurity market does it fill?How does Hadrian's event-driven architecture ensure continuous risk assessment and adaptation to changing environments?How does Hadrian leverage AI and machine learning to improve the effectiveness of penetration testing and risk remediation?Learn more about Hadrian: https://itspm.ag/hadrian-5eiNote: This story contains promotional content. Learn more.Guest: Rogier Fischer, Co-Founder and CEO, Hadrian [@hadriansecurity]On LinkedIn | https://www.linkedin.com/in/rogierfischer/ResourcesView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In the latest episode of the Trust Issues podcast, the focus is on the criticality of time in organizational security. The conversation with host David Puner and guest Katherine Mowen, SVP of Information Security at Rate (formerly Guaranteed Rate), highlights the importance of swift decision-making and prompt threat response. They discuss the role of just-in-time (JIT) access and AI in accelerating response times, as well as the ever-evolving threat landscape that requires constant vigilance. The episode emphasizes the strategies and technologies shaping the future of cybersecurity, particularly at the intersection of time management and identity protection. Join us for a timely discussion that underscores the intersection of time management and identity protection.

In this episode of Unspoken Security, host AJ Nash welcomes Jeff Foley, founder and leader of the OWASP AMASS flagship project and Vice President and Distinguished Fellow of Research at ZeroFox. They dive into the critical importance of attack surface management (ASM) in cybersecurity, emphasizing the need for visibility from an adversarial perspective. Jeff explains how attackers spend most of their time on surveillance to deeply understand their targets; a vital component to improving the likelihood of being successful during any attack.AJ and Jeff discuss the transition from government to commercial cybersecurity - including the challenges and opportunities - and Jeff shares his insights on how the commercial sector can benefit from the disciplined and thorough approaches used in government cybersecurity. He stresses the importance of ASM as a form of intelligence, advocating for organizations to identify and manage their attack surfaces as attackers do proactively.The episode also covers the terminology and misconceptions surrounding ASM, with both AJ and Jeff agreeing that "attack surface management" may not fully capture the essence of the practice, suggesting "attack surface intelligence" as a more accurate term. They underscore the necessity for continuous monitoring and adaptation in a constantly evolving cyber threat landscape.Finally, as with all episodes of Unspoken Security, our guest (Jeff, in this case), reveals a secret...something that - to this point - has remained unspoken. Like every episode, Jeff doesn't disappoint!

Ramin Lamei is a cybersecurity expert with over 20 years of experience. He has held significant roles at Fortune 500 companies, contributing to multi-billion dollar revenues and managing extensive secured financial transactions. He now leads TechCompass, where he helps businesses of all sizes secure their digital operations and achieve strategic growth. In this podcast you will learn: - Understand the major cybersecurity challenges that small to medium-sized businesses face today - Learn how cybersecurity needs vary between small to medium-sized businesses and larger enterprises. - Find out the initial steps a business should take to assess its current cybersecurity risk level. -Explore how businesses can develop a roadmap to enhance their security posture after assessing their risks. -Learn how TechCompass assists businesses in implementing their cybersecurity strategies. -Discover the key steps a business should take to prepare for and respond to a ransomware attack. - Understand the importance of cybersecurity insurance and what to consider when selecting a policy. - Learn about the process and importance of Attack Surface & Application Penetration testing for businesses. - Explore the advantages of virtual or fractional Chief Information Security Officer (CISO) leadership for businesses. Connect with Ramin here: https://www.TechCompass.US

Coming up in this episode * Themes Are More Global Than You Think * Kdenlive Does Some Layering * The History of LXDE * To Qt, or not to Qt? * Then, we call an audible 0:00 Cold Open 2:17 Theme of the Crop 16:22 The Lost Edit 28:11 The History of LXDE 55:51 How'd LXQt and LXDE Go? 1:24:28 Next Time 1:31:13 Stinger The Video Version https://youtu.be/Y8_rMTmnIXc

In today's podcast, Christin Cifaldi, Director of Product Development & Analytics, defines the surface area of attack. We discuss digital and physical attack surfaces within organizations, as well as options for minimizing exposure. Listen in to learn more. Get your Payment Security Snapshot: https://strategictreasurer.com/secure/ 

Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also touch on the importance of collaboration and knowledge sharing, JavaScript Deobfuscation, the value of impactful POCs, hiding XSS payloads with URL path updates.Follow us on twitter at: @ctbbpodcastsend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Check out Project Discovery's nuclei 3.2 release blog at nux.gg/podcastResources:.NET Remotinghttps://code-white.com/blog/leaking-objrefs-to-exploit-http-dotnet-remoting/https://github.com/codewhitesec/HttpRemotingObjRefLeakDOM Purify BugCloudflare /cdn-cgi/https://developers.cloudflare.com/fundamentals/reference/cdn-cgi-endpoint/https://portswigger.net/research/when-security-features-collidehttps://twitter.com/kinugawamasato/status/893404078365069312https://twitter.com/m4ll0k/status/1770153059496108231XSSDoctor's writeup on Javascript deobfuscationrenniepak's tweetNaffy's tweetTimestamps:(00:00:00) Introduction(00:07:15) .Net Remoting(00:17:29) DOM Purify Bug(00:25:56) Cloudflare /cdn-cgi/(00:37:11) Javascript deobfuscation(00:47:26) renniepak's tweet(00:55:20) Naffy's tweet

Host Gregg N. Sofer welcomes Husch Blackwell's Erik Dullea to the podcast to explore how human error factors into cybersecurity efforts. Most data breaches trace back to some form of human error, and an approach to cybersecurity that doesn't address the ‘social attack surface' is likely to be a failing—and expensive—proposition.Gregg and Erik note the recent cyber incident involving the Securities and Exchange Commission, which occurred mere months after the agency imposed wide-reaching cybersecurity disclosure rules on the public companies it regulates. Aside from being a major embarrassment for the U.S. government, the incident highlights how difficult it is to account for the vulnerabilities in digital networks created by humans, and Gregg and Erik provide some practical considerations for risk professionals, in-house counsel, human resource professionals, and others in their efforts to improve cybersecurity outcomes.Gregg N. Sofer BiographyFull BiographyGregg counsels businesses and individuals in connection with a range of criminal, civil and regulatory matters, including government investigations, internal investigations, litigation, export control, sanctions, and regulatory compliance. Prior to entering private practice, Gregg served as the United States Attorney for the Western District of Texas—one of the largest and busiest United States Attorney's Offices in the country—where he supervised more than 300 employees handling a diverse caseload, including matters involving complex white-collar crime, government contract fraud, national security, cyber-crimes, public corruption, money laundering, export violations, trade secrets, tax, large-scale drug and human trafficking, immigration, child exploitation and violent crime.Erik Dullea BiographyFull BiographyErik is a Denver-based partner at Husch Blackwell and heads up the firm's cybersecurity practice. A retired U.S. Navy Captain, Erik focuses on compliance requirements related to cybersecurity and data privacy, including statutory, regulatory, and consensus-based standards, with an emphasis on critical infrastructure sectors such as aviation, energy, mining, and the Defense Industrial Base (DIB). He represents defense contractors and subcontractors; companies underpinning electrical, healthcare, transportation, and water systems; and other major organizations facing extortion threats from malicious foreign cyber actors. In 2022 and 2023, Erik bolstered his knowledge of cyber threats by returning to public service in a civilian capacity, working in the National Security Agency's Office of General Counsel as the acting deputy chief of the cybersecurity practice group. Additional ResourcesThe Justice Insiders, Episode 17, “Incidents in the Material World: SEC Adopts New Cybersecurity Rules.” September 11, 2023Steven R. Barrett, Robert J. Joseph, Andrew Spector, Robert Fritsche and Brian Wetzstein. “SEC Heightens Issuers' Cybersecurity Disclosure Requirements,” August 15, 2023Erik Dullea and Andrew Spector. “Twelve Planning Tips to Avoid Complications with the SEC's Cybersecurity Disclosure Rules,” August 2023 Part 1 | Part 2 | Part 3U.S. Securities and Exchange Commission. “Statement on Unauthorized Access to the SEC's @SECGov X.com Account.” January 12, 2024Shapero, Julia. “SEC, Gensler face bipartisan backlash over X account hack.” The Hill, January 18, 2024.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Josh Kamdjou, co-founder and CEO of Sublime Security. Josh describes how Sublime implemented the concept of attack surface reduction to email security last year, how it works, and what customers are saying about it. Show notes ASR rules for Sublime We're excited to launch Attack Surface Reduction for email.

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Josh Kamdjou, co-founder and CEO of Sublime Security. Josh describes how Sublime implemented the concept of attack surface reduction to email security last year, how it works, and what customers are saying about it. Show notes ASR rules for Sublime We're excited to launch Attack Surface Reduction for email.

Seemant Sehgal is the founder and CEO at BreachLock, a global leader in continuous attack surface discovery and penetration testing. In this episode, he joins host Steve Morgan to discuss BreachLock's growth and the expansion of its product solutions, which strategically put an end to the four fundamental security challenges faced by customers – accuracy, agility, cost-effectiveness, and most of all, scalability of Offensive Security practices. Learn more about our sponsor at https://breachlock.com

Josh and Kurt talk about a blog post explaining how to create a very very small container image. Generally in the world of security less is more, but it's possible to remove too much. A lot of today's security tooling relies on certain things to exist in a container image, if we remove them we could actually result in worse security than leaving it in. It's a weird topic, but probably pretty important. Show Notes How I reduced the size of my very first published docker image by 40% - A lesson in dockerizing shell scripts Hacker News Discussion Episode 293 – Scoring OpenSSF Security Scoring

Organizations can no longer rely on legacy vulnerability management solutions to protect against even basic attacks. Instead, vulnerability management is just one small component in a unified continuous threat exposure management (CTEM) approach to securing an enterprise from malicious intruders and ransomware. In addition to vulnerability management, security around misconfigurations, patching, identity, software, external attack surfaces, and more must be included. In this ISACA Podcast, Nanitor Chief Strategist Derek Melber explains that an organization can prevent breaches and ransomware by taking an asset-centric prioritized-security approach that includes all of these security areas. For more ISACA Podcasts, visit www.isaca.org/podcasts To learn more about Nanitor, please visit https://nanitor.com/ To view the Nanitor article, please click https://nanitor.com/resources/blog/cybersecurity/exploring-continuous-threat-exposure-management-ctem/

Radhika Dutt is a renowned author, entrepreneur, and product leader who advises high-tech startups and government agencies on building radical products that drive fundamental change. Join us in our conversation with Radhika as we discuss vision-based goal-setting in the Product field. This episode dives into key topics: (00:17) OKRs in Radical Product Thinking (16:01) Aligning Vision, Strategy, and Measurement (25:51) Clarity in Vision and Motivation Factors (37:32) Radical Product Thinking and Online Resources Highlighted books: *""Atomic Habits"", James Clear: https://jamesclear.com/atomic-habits *""The Tyranny of Merit"", Michael J. Sandel: https://www.amazon.com/Tyranny-Merit-Whats-Become-Common/dp/0374289980 *""Attack Surface"", Cory Doctorow: https://www.amazon.com/Attack-Surface-Cory-Doctorow/dp/1250757533 *""Invisible Women"", Caroline Criado Perez: https://www.amazon.com/Invisible-Women-Data-World-Designed/dp/1419729071 *""Do Androids Dream of Electric Sheep?"", Philip K. Dick: https://www.amazon.com/Androids-Dream-Electric-Sheep-inspiration/dp/0345404475 Where to find Radhika Dutt: LinkedIn: https://www.linkedin.com/in/radhika-dutt/ Get the free radical Product Thinking Toolkit: https://www.radicalproduct.com/. Where to find us: Website: https://productized.co/ Newsletter: http://bit.ly/3aMvWn2 LinkedIn: https://www.linkedin.com/school/produ Instagram: https://www.instagram.com/productized.co/ Where to find Margarida: LinkedIn: https://www.linkedin.com/in/margarida-cosme-pereira/

In this episode, Host Ron Eddings talks with guest Isaac Clayton, Senior Research Engineer at NetSPI. Ron and Isaac discuss the importance of ASM for organizations of all sizes, the challenges of asset identification, and framing a practical strategy to handle ASM.   Impactful Moments: 00:00 - Welcome 03:00 - Introducing guest, Isaac Clayton 04:25 - Understanding ASM 07:57 - Factoring in Attackers 10:47 - “Admit it's a hard problem” 12:35 - Challenges & Surprises 15:03 - From our Sponsor, NetSPI 15:41 - The Right Medicine, The Right Dosage 19:04 - Zero Trust is Not Enough 20:37 - Prioritization— Baked In! 21:33 - The ASM Learning Curve 26:12 - “Not all ASM is Created Equal”   Links: Connect with our guest, Isaac Clayton : https://www.linkedin.com/in/isaac-clayton-24088696/ Check out NetSPI: asm.netspi.com Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

Guest: Sandy Dunn, Consultant Artificial Intelligence & Cybersecurity, Adjunct Professor Institute for Pervasive Security Boise State university [@BoiseState]On Linkedin | https://www.linkedin.com/in/sandydunnciso/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining CyberSecurity, host Sean Martin and cybersecurity expert, Sandy Dunn, navigate the intricate landscape of AI applications and large language models (LLMs). They explore the potential benefits and pitfalls, emphasizing the need for strategic balance and caution in implementation.Sandy shares insights from her extensive experience, including her role in creating a comprehensive checklist to help organizations effectively integrate AI without expanding their attack surface. This checklist, a product of her involvement with the OWASP TOP 10 LLM project, serves as a valuable resource for cybersecurity teams and developers alike.The conversation also explores the legal implications of AI, underscoring the recent surge in privacy laws across several states and countries. Sandy and Sean highlight the importance of understanding these laws and the potential repercussions of non-compliance.Ethics also play a central role in their discussion, with both agreeing on the necessity of ethical considerations when implementing AI. They caution against the hasty integration of large language models without adequate preparation and understanding of the business case.The duo also examine the potential for AI to be manipulated and the importance of maintaining good cybersecurity hygiene. They encourage listeners to use AI as an opportunity to improve their entire environment, while also being mindful of the potential risks.While the use of AI and large language models presents a host of benefits to organizations, it is crucial to consider the potential security risks. By understanding the business case, recognizing legal implications, considering ethical aspects, utilizing comprehensive checklists, and maintaining robust cybersecurity, organizations can safely navigate the complex landscape of AI.___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Podcast: Unsolicited Response (LS 34 · TOP 5% what is this?)Episode: CISA Attack Surface Scanning ServicePub date: 2023-12-06Dale is joined by Steve Pozza, CISA Section Chief of Operational Resilience, and Tom Millar, CISA Branch Chief of Resilience, to discuss some of CISA's security services for asset owners. They discuss: The Internet accessible attack surface enumeration and vulnerability scanning surface. Asset owners can buy products or services to do this. Why is the government doing this? What CISA is doing with this attack surface data? How is CISA measuring the success of this service offering? Other broadly available services and tools, the cybersecurity performance goals (CPG assessment) ~500 done in 2023 (and their thinking about self-assessments), Malcom traffic analysis tool, and a couple of other tools. Links CISA Vulnerability Scanning Services Malcolm Tool The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Unsolicited Response (LS 33 · TOP 5% what is this?)Episode: CISA Attack Surface Scanning ServicePub date: 2023-12-06Dale is joined by Steve Pozza, CISA Section Chief of Operational Resilience, and Tom Millar, CISA Branch Chief of Resilience, to discuss some of CISA's security services for asset owners. They discuss: The Internet accessible attack surface enumeration and vulnerability scanning surface. Asset owners can buy products or services to do this. Why is the government doing this? What CISA is doing with this attack surface data? How is CISA measuring the success of this service offering? Other broadly available services and tools, the cybersecurity performance goals (CPG assessment) ~500 done in 2023 (and their thinking about self-assessments), Malcom traffic analysis tool, and a couple of other tools. Links CISA Vulnerability Scanning Services Malcolm Tool The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Dale is joined by Steve Pozza, CISA Section Chief of Operational Resilience, and Tom Millar, CISA Branch Chief of Resilience, to discuss some of CISA's security services for asset owners. They discuss: The Internet accessible attack surface enumeration and vulnerability scanning surface. Asset owners can buy products or services to do this. Why is the government doing this? What CISA is doing with this attack surface data? How is CISA measuring the success of this service offering? Other broadly available services and tools, the cybersecurity performance goals (CPG assessment) ~500 done in 2023 (and their thinking about self-assessments), Malcom traffic analysis tool, and a couple of other tools. Links CISA Vulnerability Scanning Services Malcolm Tool

Kapil Assudani, CISO at Edwards Lifesciences, shares how he was one payment away from getting kicked out of his Masters program, being resilient and resourceful, building credibility, and finding ways to reduce the attack surface.About Kapil: Kapil Assudani, with over 20 years of experience in information security, currently holds the position of Senior Vice President and Chief Information Security Officer at Edwards Lifesciences. His tenure at Edwards, spanning over six years, has responsibilities beyond the typical enterprise security scope of a CISO, as it includes IoT Medical Device Security and Manufacturing Plant security on a global scale.Kapil's leadership philosophy is built on three key principles. Firstly, he believes in building a team of passionate and good-hearted individuals, providing them with innovative tools, and then allowing them to operate independently. Secondly, he emphasizes presenting security problem statements backed by facts and data, simplifying them to a level where a business leader can independently make risk decisions. Lastly, he focuses on building trusted relationships across the entire employee base, fostering candid conversations and driving an execution-focused culture.His extensive experience covers all facets of information security, including leading security incident detection and response, ethical hacking teams, and security architecture and strategy programs. He has also been instrumental in building a global cybersecurity program at Edwards from the ground up. Kapil's diverse industry experience spans consulting and corporate roles across Fortune 100 companies in accounting, finance, healthcare, and technology. Over the last decade, he has intentionally focused his career on healthcare companies, finding the work purposeful and passionately aligned with a noble mission. Kapil holds a Masters in Computer Science and has been a speaker at multiple conferences, further solidifying his expertise in the fieldSPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today. Show Notes: https://securityweekly.com/esw-339

Episode 244. I'm joined by K from Combat Studies Group to talk about how to harden yourself from surveillance, whether government, non-state actor or foreign nation, with privacy-oriented messaging apps. We discuss what several of the current best ones are, how they work, and why you need them. Get the Merch: Brushbeater Store The Guerilla's Guide to the Baofeng Radio is a #1 Bestseller!  Nehemiah Strong discount code: SCOUT1 Radio Contra Sponsors: Civil Defense Manual Tactical Wisdom Blacksmith Publishing Radio Contra Patron Program Brushbeater Training Calendar Brushbeater Forum Palmetto State Armory Primary Arms

In this episode of The Future of Security Operations podcast, Thomas speaks to Jeff Moss, Senior Director, Information Security, at Incode Technologies. Incode is the leading provider of world-class identity solutions for the world's largest financial institutions, governments, retailers, hospitality organizations, and gaming establishments.    Jeff has over 10 years of experience in tech and IT, moving from project and program management in areas such as construction and IT into cybersecurity, where he quickly worked his way up to becoming CISO and Senior Director of Information Security. He has countless licenses and certifications, including Certified Information Systems Auditor with ISACA, and he also has an MBA.    Topics include:  How Jeff decided to make the move from engineering to product security.  His less traditional path into cybersecurity leadership and how he worked his way up to CISO in such a short space of time.  The evolution of product security over the last five years.  The increased attack surface within the industry and how to reduce the risks.  What Jeff has learned from scaling security for numerous startups. Tips for the prioritization of initiatives that Jeff has learned as part of his MBA and his years as a project and program manager.  Jeff's approach to combining the technical and the business in his management.   The shift in organizational structure with CISOs needing to report to the board and CEO.  The proposed Securities and Exchange Commission (SEC) rulemaking in the US and what it means for the industry. What Jeff expects to see in security operations over the next five years.    Resources: LinkedIn

Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesSean Martin and Marco Ciappelli are live from London, England for Infosecurity Europe 2023, connecting with you from an undisclosed location to give you their thoughts and insights from day 2 of the event.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch the video for this conversation: https://youtu.be/RovrUo2CeowBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:

Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinFrankie Thomas, Host of the Hacking Your Potential Podcast On ITSPmagazine

Live on-location from Infosecurity Europe 2023, Sean Martin connects with Nabil Hannan, the field CISO at NetSPI, to discuss Attack Surface Management (ASM) and how it has evolved in recent years to become the minimum cybersecurity benchmark that organizations need. ASM provides a more targeted approach to vulnerability  management, allowing testers to focus on building a platform with automation that identifies areas that need attention and validates them.Sean and Nabil also cover API security, the challenges of authentication and authorization, and the need for organizations to prioritize building secure-by-design frameworks. Nabil stresses the importance of understanding an organization's external perimeter and what exposures might exist, as well as the need for good cybersecurity hygiene that starts with good cybersecurity basics before bringing others in to help with the problem.ASM is an important element in modern cybersecurity with its role as the first line of defense reinforces the critical need to have a continuous view of an organization's external-facing perimeter.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Nabil Hannan, Field Chief Information Security Officer (CISO) at NetSPI [@NetSPI]On Linkedin | https://www.linkedin.com/in/nhannan/ResourcesLearn more about NetSPI: https://itspm.ag/netspi-hcjvBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:

Welcome to “The Chopping Block” – where crypto insiders Haseeb Qureshi, Tom Schmidt, Tarun Chitra, and Robert Leshner, chop it up about the latest news. In this episode, Robert stirs the debate over Hinman's 2018 speech and what it means for the debate at the SEC over whether BTC and ETH should be considered securities, the similarities between Ethereum and Solana, and how Binance.US is dealing with a move to freeze its assets. Moreover, the group kicks off with a brief history lesson on the infamous PEPE meme! Listen to the episode on Apple Podcasts, Spotify, Overcast, Podcast Addict, Pocket Casts, Stitcher, Castbox, Google Podcasts, TuneIn, Amazon Music, or on your favorite podcast platform. Show highlights:  where the PEPE meme comes from whether Mark Zuckerberg and the project Libra played a role in the animosity toward crypto why Robert says that Hinman's speech in 2018 was crafted with broad inter-agency work, in contrast to what the SEC has been saying how the documents show that the SEC didn't believe there was enough clarity to classify ETH as a security whether these documents diminish Gary Gensler's claims that almost everything in crypto is a security the similarities between Ethereum in 2017 and Solana at the moment what the drama is in Solana around forking Alameda coins what the new features of the Uniswap V4 draft code are whether the 'hooks' in the new code facilitate rug pulls and introduce much more complexities how Binance.US has dealt with the SEC lawsuit and request to freeze its assets Robert's crazy idea to use Uniswap V4 and why Tarun killed it what extreme sports represent crypto more accurately Hosts Haseeb Qureshi, managing partner at Dragonfly  Robert Leshner, founder of Compound Tom Schmidt, general partner at Dragonfly  Tarun Chitra, managing partner at Robot Ventures Disclosures Links Unchained: SEC Anticipates Responding to Coinbase Petition in 120 Days Binance.US and SEC Work On Deal to Avoid Total Asset Freeze: Report Binance.US Says SEC's Request to Freeze Assets Would End Crypto Exchange Binance, Coinbase and Binance.US Record $4 Billion in Weekly Outflows Uniswap Releases Draft Code for V4 The Block:  Ripple calls for investigation into former SEC official after document release Former SEC director Hinman's plan to call Vitalik Buterin revealed in Ripple lawsuit SEC comments on Hinman speech released in Ripple Labs filing Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode: