Podcasts about cissp issap

As energy systems become more decentralized, the complexity of managing trusted devices and other components connected to the grid continues to grow. According to the U.S. Department of Energy's Distributed Energy Resource Interconnection Roadmap (January 2025), utilities across the country are experiencing increased interconnection requests for distributed energy resources (DERs), such as solar, battery storage, and EV charging systems. This shift brings a mounting challenge: securing and authenticating an expanding web of edge devices without compromising system integrity.How do we ensure trust across a sprawling, multi-vendor energy infrastructure that is increasingly targeted by cyber threats?In this episode of Pro AV Today, host Ben Thomas welcomes Julian Durand, the Chief Security Officer & SVP of Product Management, and Ali Hodjat, the VP of Product Marketing at Intertrust. They discuss how energy providers can manage and secure trusted devices across complex grid networks. The conversation focuses on the intersection of cybersecurity, device authentication, and the evolving expectations of both energy providers and consumers.Key Takeaways from the Episode:Zero trust architecture is essential to securing distributed energy networks, which are increasingly vulnerable due to the proliferation of unvetted, third-party hardware.Endpoint protection is lagging in many operational technology (OT) environments, with legacy protocols and air-gapped systems often failing to meet modern cybersecurity expectations.A universal trust model, such as the Trusted Energy Interoperability Alliance (TEIA), is being developed to help align OEMs, utilities, and consumers around a common framework for device certification and data governance.Julian Durand is a cybersecurity and product management executive with over two decades of experience launching and scaling technologies across mobile, IoT, SaaS, and PaaS platforms. He has led global teams at Nokia, Qualcomm, and Intertrust, where he spearheaded innovations in eSIM, embedded security, telematics, and decentralized trust systems—holding ten patents with several more pending. Durand is CISSP-ISSAP certified, has held multiple P&L leadership roles, and is a recognized thought leader and frequent speaker on cybersecurity and product strategy.Ali Hodjat is a senior product marketing leader with over 17 years of experience driving go-to-market strategies, product positioning, and sales enablement across broadcast, streaming, and media technology sectors. In addition to leading initiatives at companies like Intertrust, Telestream, and Verimatrix, he has deep expertise in content protection, DRM, and video security technologies, including forensic watermarking and authentication systems. Hodjat combines strong technical knowledge in media cybersecurity with proven leadership in cross-functional collaboration, competitive analysis, and strategic content development to deliver measurable business impact.

InfosecTrain hosts a live event entitled “Preparation Strategy for CISSP - ISSAP” with certified expert ‘Prashant'. Thank you for watching this video, For more details or free demo with our expert write into us at sales@infosectrain.com ➡️ Agenda for the Boot Camp

Erich Kron is Security Awareness Advocate at KnowBe4 and veteran information security professional with over 20 years' experience in the medical, aerospace manufacturing and defense fields. Erich is the former security manager for the US Army's 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in Information Security. Scott Schober is a #cybersecurity​ and wireless technology expert, author of Hacked Again and Cybersecurity is Everybody's Business, host of 2 Minute CyberSecurity Briefing video podcast and CEO of Berkeley Varitronics Systems who appears regularly on Bloomberg TV, Fox Business & Fox News, CGTN America, Canadian TV News, as well as CNN, CBS Morning Show, MSNBC, CNBC, The Blaze, WPIX as well as local and syndicated Radio including Sirius/XM & Bloomberg Radio and NPR.

Erich Kron is Security Awareness Advocate at KnowBe4 and veteran information security professional with over 20 years' experience in the medical, aerospace manufacturing and defense fields. Erich is the former security manager for the US Army's 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in Information Security. Scott Schober is a #cybersecurity​ and wireless technology expert, author of Hacked Again and Cybersecurity is Everybody's Business, host of 2 Minute CyberSecurity Briefing video podcast and CEO of Berkeley Varitronics Systems who appears regularly on Bloomberg TV, Fox Business & Fox News, CGTN America, Canadian TV News, as well as CNN, CBS Morning Show, MSNBC, CNBC, The Blaze, WPIX as well as local and syndicated Radio including Sirius/XM & Bloomberg Radio and NPR.

Topic: Deep Fakes   Erich Kron joins James Azar to discuss deep fakes, in the show we review how the technology is evolving and is being used in today's environment, we also look at civilian use of deep fakes and how social media tries to combat deep fakes. A very deep look into deep fakes and how they might change the landscape of cybersecurity, media and life! Guest Bio: I am a self-proclaimed geek and experienced information security leader who is passionate about cyber security, but is still able to effectively communicate with the highest levels of leadership. My proven track record of advancement in the industry spans a broad spectrum of experience including security roles, large scale technical project management, hands-on technical work and senior leadership roles. This wide range of experience allows me to have a unique, holistic view of information systems which results in the implementation of secure technical and policy-based solutions that work well, and are easily maintained. Through the achievement of many certifications such as CISSP, CISSP-ISSAP as well as Microsoft and ITIL certifications, I have demonstrated my understanding of many aspects of Information Systems. My continually advancing professional and leadership experience has demonstrated my ability to employ this knowledge in the real-world.   Linkedin: https://www.linkedin.com/in/erichkron/   James Azar Host of CyberHub Podcast James on Twitter: https://twitter.com/james_azar1 James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/   ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter   ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast

Artificial intelligence (AI) has been making headlines for several years now, but what's the story behind the hype? And what opportunities and risks does AI present for the security industry in particular? In this episode we're demystifying AI in cybersecurity with the help of three IBM experts: Carma Austin, Worldwide Sales Leader, Security Intelligence SaaS; Doug Lhotka, Executive CyberSecurity Architect, CISSP-ISSAP; and Jeff Crume, IT Security Architect, Distinguished Engineer and IBM Master Inventor. Listen now, and visit http://ibm.co/2kGtZyx to learn more about QRadar Advisor with Watson.

Presentation available here: https://defcon.org/images/defcon-22/dc-22-presentations/Pinto-Maxwell/DEFCON-22-Pinto-and-Maxwell-Measuring-the-IQ-of-your-threat-feeds-TIQtest-Updated.pdf Measuring the IQ of your Threat Intelligence feeds Alex Pinto CHIEF DATA SCIENTIST, MLSEC PROJECT Kyle Maxwell RESEARCHER Threat Intelligence feeds are now being touted as the saving grace for SIEM and log management deployments, and as a way to supercharge incident detection and even response practices. We have heard similar promises before as an industry, so it is only fair to try to investigate. Since the actual number of breaches and attacks worldwide is unknown, it is impossible to measure how good threat intelligence feeds really are, right? Enter a new scientific breakthrough developed over the last 300 years: statistics! This presentation will consist of a data-driven analysis of a cross-section of threat intelligence feeds (both open-source and commercial) to measure their statistical bias, overlap, and representability of the unknown population of breaches worldwide. Are they a statistical good measure of the population of "bad stuff" happening out there? Is there even such a thing? How tuned to your specific threat surface are those feeds anyway? Regardless, can we actually make good use of them even if the threats they describe have no overlap with the actual incidents you have been seeing in your environment? We will provide an open-source tool for attendees to extract, normalize and export data from threat intelligence feeds to use in their internal projects and systems. It will be pre-configured with current OSINT network feed and easily extensible for private or commercial feeds. All the statistical code written and research data used (from the open-source feeds) will be made available in the spirit of reproducible research. The tool itself will be able to be used by attendees to perform the same type of tests on their own data. Join Alex and Kyle on a journey through the actual real-world usability of threat intelligence to find out which mix of open source and private feeds are right for your organization. Alex Pinto is the Chief Data Scientist of MLSec Project. The goal of the project is to provide a platform for hypothesis testing for people interested in the development of machine learning algorithms to support the information security monitoring practice. He has over 14 years dedicated to information security solutions architecture, strategic advisory and monitoring. He has experience with a great range of security products, and has managed SOCs and SIEM implementations for way too long. Alex currently currently holds the CISSP-ISSAP, CISA, CISM and PMP certifications, not that anyone cares. He was also a PCI QSA for almost 7 years, but is almost fully recovered. Twitter: @alexcpsec Kyle Maxwell is a private-sector threat intelligence analyst and malware researcher working with incident response and security operations. He is a GPL zealot, believes in UNIX uber alles, and supports his local CryptoParty. Kyle holds a degree in Mathematics from the University of Texas at Dallas. Twitter: @kylemaxwell

Presentation Available here: https://defcon.org/images/defcon-22/dc-22-presentations/Pinto-Maxwell/DEFCON-22-Pinto-Maxwell-Secure-Because-Math-Updated.pdf Secure Because Math: A Deep Dive On Machine Learning-Based Monitoring Alex Pinto CHIEF DATA SCIENTIST, MLSEC PROJECT We could all have predicted this with our magical Big Data analytics platforms, but it seems that Machine Learning is the new hotness in Information Security. A great number of startups with ‘cy’ and ‘threat’ in their names that claim that their product will defend or detect more effectively than their neighbour's product "because math". And it should be easy to fool people without a PhD or two that math just works. Indeed, math is powerful and large scale machine learning is an important cornerstone of much of the systems that we use today. However, not all algorithms and techniques are born equal. Machine Learning is a most powerful tool box, but not every tool can be applied to every problem and that’s where the pitfalls lie. This presentation will describe the different techniques available for data analysis and machine learning for information security, and discuss their strengths and caveats. The Ghost of Marketing Past will also show how similar the unfulfilled promises of deterministic and exploratory analysis were, and how to avoid making the same mistakes again. Finally, the presentation will describe the techniques and feature sets that were developed by the presenter on the past year as a part of his ongoing research project on the subject, in particular present some interesting results obtained since the last presentation on DefCon 21, and some ideas that could improve the application of machine learning for use in information security, especially in its use as a helper for security analysts in incident detection and response. Alex Pinto is the Chief Data Scientist of MLSec Project. The goal of the project is to provide a platform for hypothesis testing for people interested in the development of machine learning algorithms to support the information security monitoring practice. He has over 14 years dedicated to information security solutions architecture, strategic advisory and monitoring. He has experience with a great range of security products, and has managed SOCs and SIEM implementations for way too long. Alex currently currently holds the CISSP-ISSAP, CISA, CISM and PMP certifications, not that anyone cares. He was also a PCI QSA for almost 7 years, but is almost fully recovered. Twitter: @alexcpsec

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Research shows how MacBook Webcams can spy on their users without warning by Ashkan Soltani and Timothy B.Lee (The Washington Post), FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance by Craig Timberg and Ellen Nakashima (The Washington Post), iSeeYou: Disabling the MacBook Webcam Indicator LED by Matthew Brocker and Stephen Checkoway (Technical Report 13-02, Department of Computer Science, Johns Hopkins University) Liberty and Security in a Changing World by The President’s Review Group on Intelligence and Communications Technologies, White House panel recommends new limits on NSA surveillance by Ken Dilanian and Christi Parsons (Los Angeles Times), Obama Is Urged to Sharply Curb N.S.A. Data Mining by David E. Sanger and Charlie Savage (The New York Times), Obama review panel: strip NSA of power to collect phone data records by Dan Roberts and Spencer Ackerman (The Guardian), EFF Statement on President’s Review Group’s NSA Report by Rebecca Jeschke (The Electronic Frontier Foundation)

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles For Nearly Two Decades the Nuclear Launch Code at All Minuteman Silos in the United States was 00000000 by Karl Smallwood (Today I Found Out), ‘Secret’ Nuclear Missile Launch Code During Cold War Was ‘00000000’ by Ryan Grenoble (The Huffington Post), Zero protection from nuclear code by Oliver Burkeman (The Guardian), Keeping Presidents in the Nuclear Dark by Bruce Blair (Bruce Blair’s Nuclear Column), For nearly 20 years, the launch code for US nuclear missiles was 00000000 by Lisa Vaas (nakedsecurity blog), Permissive Action Links by Steven M. Bellovin Further improving digital certificate security by Adam Langley (Google Online Security Blog), Serious Security: Google finds fake but trusted SSL certificates for its domains, made in France by Paul Ducklin (nakedsecurity blog), Google catches French finance ministry pretending to be Google by David Meyer (GigaOM)

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Forward Secrecy (Wikipedia), Twitter Enables Perfect Forward Secrecy Across Sites To Protect User Data Against Future Decryption by Matthew Panzarino (TechCrunch), Forward Secrecy at Twitter by Jacob Hoffman-Andrews (Twitter Engineering Blog), Pushing for Perfect Forward Secrecy, an Important Web Privacy Protection by Parker Higgins (EFF Deeplinks Blog) Google, Facebook, payroll accounts targeted in major password theft, security experts say by Hayley Tsukayama (The Washington Post), 2 Million Stolen Facebook, Yahoo And Google Passwords Posted Online by Alexis Kleinman (The Huffington Post), Look What I Found: Moar Pony! by Trustwave SpiderLabs

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Our Commitment to Protecting Your Information by Marissa Mayer (Yahoo!), After N.S.A. Disclosures, Yahoo Moves to Encrypt Internal Traffic by Nicole Perlroth (NY Times Bits Blog), Yahoo Will Follow Google In Encrypting Data Center Traffic, Customer Data Flow By Q1 ’14 by Matthew Panzarino (TechCrunch), Google encrypts data amid backlash against NSA spying by Craig Timberg (The Washington Post) Expert to warn Congress of HealthCare.gov security bugs by Reuters, Hackers throw 16 attacks at HealthCare.gov plus a DoS for good measure by Lisa Vaas (nakedsecurity blog), Healthcare.gov ‘may already have been compromised,’ security expert says by FoxNews.com

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Facebook Warns Users After Adobe Breach by Brian Krebs (Krebs on Security), Facebook mines Adobe breach data for reused passwords, warns users to change them or disappear by Liam Tung (ZDNet), Anatomy of a password disaster - Adobe’s giant-sized cryptographic blunder by Paul Ducklin (naked security blog) IE zero-day exploit disappears on reboot by Shona Ghosh (PC Pro), IE Zero Day Watering Hole Attack Injects Malicious Payload into Memory by Michael Mimoso (threat post)

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Keith Watson, CISSP-ISSAP, CISA Articles Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps by Dan Goodin (Ars Technica), badBIOS by Bruce Schneier (Schneier on Security), Security researcher says new malware can affect your BIOS; communicate over the air by Ian Paul (PCWorld), ‘BadBIOS’ System-Hopping Malware Appears Unstoppable by Marshall Honorof (Tom’s Guide), The badBIOS Analysis Is Wrong. by Phillip Jaenke NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say by Barton Gellman and Askan Soltani (Washington Post), How the NSA’s MUSCULAR tapped Google’s and Yahoo’s private networks by Sean Gallagher (Ars Technica), How we know the NSA had access to internal Google and Yahoo cloud data by Barton Gellman, Askkan, and Andrea Peterson (Washington Post)

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Ten Steps You Can Take Right Now Against Internet Surveillance by Danny O’Brien (EFF) Major Corporations Fail to Defend Against Social Engineering by Michael Mimoso ()

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Apple’s iCloud iConundrum - does convenience mean insecurity? by Chester Wisniewski (nakedsecurity), Cracking and Analyzing Apple’s iCloud Protocols by Vladimir Katalov (Hack in the Box Malaysia) Call yourself a ‘hacker’, lose your 4th Amendment right against seizures by John Leyden (The Register), Call Yourself A Hacker, Lose Your 4th Amendment Rights by Dale Peterson (Digital Bond), Battelle Energy Alliance, LLC v. Southfork Security, Inc. et al

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Keith Watson, CISSP-ISSAP, CISA Articles Is Truecrypt Audited Yet?, The TrueCrypt Audit Project, New effort to fully audit TrueCrypt raises $16,000+ in a few short weeks by Cyrus Farivar (Ars Technica), Let’s audit Truecrypt! by Matthew Green (A Few Thoughts on Cryptographic Engineering) Destructive malware “CryptoLocker” on the loose - here’s what to do by Paul Ducklin (nakedsecurity), CryptoLocker Ransomware Information Guide and FAQ by Lawrence Abrams (bleepingcimputer.com)

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Attacking Tor: how the NSA targets users’ online anonymity by Bruce Schneier (The Guardian), NSA and GCHQ target Tor network that protects anonymity of web users by James Ball, Bruce Schneier and Glenn Greenwald (The Guardian), ‘Tor Stinks’ presentation – read the full document on The Guardian Is Microsoft recycling old Outlook.com and Windows Live email accounts? by Lee Munson (nakedsecurity blog), Microsoft is quietly recycling Outlook email accounts by Andreas Udo de Haes (PC World)

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Students Find Ways To Hack School-Issued iPads Within A Week by Sam H. Sanders (NPR), LAUSD halts home use of iPads for students after devices hacked by Howard Blume (LA Times) Silent Circle Moving Away from NIST Ciphers In Wake of NSA Revelations by Dennis Fisher (threatpost)

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Oracle Java fails at security in new and creative ways by Chester Wisniewski (nakedsecurity blog) Recycled Yahoo email addresses still receiving messages for previous owners - passwords included by Lee Munson (nakedsecurity blog) Chaos Computer Club claims to have “cracked” the iPhone 5s fingerprint sensor by Paul Ducklin (nakedsecurity blog), Is Touch ID Hacked Yet?

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles iPhone fingerprint scanner sparks privacy worries by Charlie Osborne (CNet), Fingerprint-Reading IPhone Seen as Protection Against NSA by Todd Shields & Allan Holmes (Bloomberg), How secure is your iPhone 5S fingerprint? by Brandon Griggs (CNN), Is Touch ID Hacked Yet?

Youtube Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security by Jeff Larson (ProPublica), Nicole Perlroth and Scott Shane (The New York Times), Revealed: how US and UK spy agencies defeat internet privacy and security by James Ball, Jullian Borger and Glenn Greenwald (The Guardian), N.S.A. Able to Foil Basic Safeguards of Privacy on Web by Nicole Perlroth, Jeff Larson and Scott Shane (The New York Times), How The NSA Revelations Are Hurting Businesses by Kashmir Hill (Forbes), NSA shares raw intelligence including Americans’ data with Israel by Glenn Greenwald, Laura Poitras and Ewen MacAskill (The Guardian)

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Anatomy of a brute force attack - how important is password complexity? by Paul Ducklin (nakedsecurity blog), How Important is Password Complexity by Brien Posey (Redmond Magazine) Apple apps turned upside down writing right to left - you’re only 6 characters from a crash! by Paul Ducklin (nakedsecurity blog), Rendering bug crashes OS X, iOS apps with string of Arabic characters (Updated) by Andrew Cunningham and Dan Goodin (Ars Technica)

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles To Our Customers by Silent Circle, Silent Circle follows Lavabit in shuttering encrypted e-mail by Steven Musil (CNet), Important Announcement by Ladar Levison (Lavabit LLC), Edward Snowden has applied for asylum in Russia Live Blog from Global Post, Forced Exposure ~pj by Pamela Jones (Groklaw) Security Researcher Hacks Mark Zuckerberg’s Wall To Prove His Exploit Works by Greg Kumparak (TechCrunch), Mark Zuckerberg’s own Facebook timeline hacked by Palestinian researcher by Lee Munson (nakedsecurity blog)

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles iPhone Hacked in Under 60 Seconds Using Malicious Charger by David Gilbert (International Business Times), Apple Fixes Threat from Fake iPhone Chargers in iOS 7 by Bryan Chaffin (the Mac Observer), Apple fixes Malicious Charger Hack in iOS 7 (iPhone Hacks) Black Hat: Ad networks lay path to million-strong browser botnet by Paul F. Roberts (IT World) Samsung Smart TV: Like A Web App Riddled With Vulnerabilities by Paul (the security ledger)

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Personal data on 72,000 staff taken in University of Delaware hack by John Hawes (nakedsecurity blog), Stanford University hacked, becomes latest data breach victim by John Hawes (nakedsecurity blog), Stanford University Is Investigating An Apparent Security Breach, Urges Community To Reset Passwords by Billy Gallagher (Tech Crunch), University of Massachusetts Announces Data Breach by Gabriel Perna (Healthcare Informatics), University of Virginia Admits Data Breach by Jeff Goldman (eSecurity Planet)

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Apple Developer Site Breached InfoSecurity Magazine, Apple takes Dev Center down for days, finally admits, “We got owned!” by Paul Ducklin (nakedsecurity blog), Researcher claims responsibility for security breach at Apple Developer website by Lucian Constantin (PCWorld) D’OH! Use Tumblr on iPhone or iPad, give your password to the WORLD by John Leyden (The Register), Tumblr’s iOS fix for clear-text password login howler was WEEKS LATE by John Leyden (The Register), Tumblr security lapse - iPhone and iPad users update your passwords now! by Lee Munson (nakedsecurity blog)

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Anatomy of a security hole - Google’s “Android Master Key” debacle explained by Paul Ducklin (nakedsecurity blog), Relax: Google, Carriers Patching Android “Master Key” Exploit by Kevin Parrish (Tom’s Hardware), Uncovering Android Master Key that Makes 99% of Devices Vulnerable by Jeff Forristal, Bluebox CTO (Bluebox blog) Nations Buying as Hackers Sell Flaws in Computer Code by Nicole Perlroth and David E. Sanger (NY Times), VUPEN Services, Business Is Booming In the ‘Zero-Day’ Game on Slashdot

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Nintendo cracks after month-long, 15.5 million-strong hacker bombardment by Lisa Vaas (nakedsecurity blog), Nintendo’s fan site hit by illicit logins, 24,000 accounts accessed by Jay Alabaster (Network World) IOActive Security Advisory: DASDEC Vulnerabilities by IOActive and Mike Davis, Monroe Electronics DASDEC Compromised Root SSH Key by ICS-CERT, Did brainless flaw in US Emergency Alert System lead to epic zombie attack warning? by Lisa Vaas (nakedsecurity blog), Root SSH Key Compromised in Emergency Alerting Systems by Steve Ragan (Security Week)

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Keith Watson, CISSP-ISSAP, CISA Tools Tor Using Tor and other means to hide your location piques NSA’s interest in you VPN Services That Take Your Anonymity Seriously, 2013 Edition Private Internet Access, VPN Service (used by Preston) BoxCryptor Classic TrueCrypt BotTorrent Sync Gibberbot Cryptocat Pidgin and the Off-the-Record Messaging Plugin

Google+ Hangout Show Notes Hosts Preston Wiley, CISSP, CCNA Mike Hill, CISSP Keith Watson, CISSP-ISSAP, CISA Articles Important Message from Facebook’s White Hat Program by Facebook Security (Facebook), Facebook issues data breach notification - may have leaked your email and phone number by Paul Ducklin (nakedsecurity blog), Facebook squashes bug that exposed e-mail addresses for 6 million users by Dan Goodin (Ars Technica) New Bounty Program Details by swiat (Microsoft Security Research & Defense blog), Microsoft Launches $100K Bug Bounty Program by Kim Zetter (Wired), Microsoft ready to cough up (potentially big!) bounty bucks for bugs by Lisa Vaas (nakedsecurity blog)

The correlation of information from disparate sources has long been an issue in data fusion research. Traditional data fusion addresses the correlation of information from sources as diverse as single-purpose sensors to all-source multi-media information. Information system vulnerability information is similar in its diversity of sources and content, and in the desire to draw a meaningful conclusion, namely, the security posture of the system under inspection. FuzzyFusion™, a data fusion model that is being applied to the computer network operations domain is presented. This model has been successfully prototyped in an applied research environment and represents a next generation assurance tool for system and network security. About the speaker: Ronda Henning, CISSP-ISSAP, CISSP-ISSMP, CSSLP, CISM, is the Senior Scientist for Security and Privacy at Harris Corporation; a Melbourne, Florida based international communications company. Ms. Henning is responsible for the advanced information assurance research and technology direction for Harris' information assurance offerings. She is the Program Manager of the Harris Institute for Assured Information, a collaborative research venture with the Florida Institute of Technology. Previously, she was the Network Security Manager for the FAA Telecommunication Infrastructure (FTI) Program, responsible for securing the FAA's Wide Area Network, a national critical infrastructure. Prior to her employment at Harris, Ms. Henning worked in information security research and development at the National Security Agency. Ms. Henning holds an M.B.A. from the Florida Institute of Technology, an M.S. in Computer Science from Johns Hopkins University, and a B.A. from the University of Pittsburgh. She is a doctoral candidate in information assurance at Nova Southeastern University. A frequent speaker on enterprise information security processes and assurance, Ms. Henning has over 50 refereed publications on various security topics.