Podcasts about PKI

Identity, AI Agents, and the Session Token Time Bomb | Carey Frey (CSO, TELUS) on Cybersecurity Today In this Cybersecurity Today weekend edition, David Shipley interviews Carey Frey, Chief Security Officer at TELUS, about the evolution of identity security and why it's a growing risk in the age of generative and agentic AI. Frey recounts his career from Canada's Communications Security Establishment to leading TELUS's internal security and managed cybersecurity services, then explains how convenience-driven identity decisions led from PKI's unrealized promise to passwords, bearer/session tokens, and today's widespread session cookie theft. He describes lessons from TELUS's deployment of FIDO2 phishing-resistant tokens, the dangers of long-lived SSO tokens across SaaS ecosystems, and how agentic "auto-browse" could amplify harm via the "lethal trifecta" and ephemeral agents with poor auditability. Frey highlights the Syne/SignNet CISO Identity Handbook and calls for stronger cryptographic roots of trust, proof-based tokens, re-authentication across trust domains, and fine-grained delegation guardrails. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor Message 00:24 Weekend Edition Intro 00:32 Meet Carey Frey 02:07 Carey's Cyber Origin Story 03:47 Telus Security Two Hats 06:22 Identity's Broken Legacy 08:43 Why PKI Didn't Win 11:25 Passkeys Missed Moment 14:10 SSO Tokens Surprise 19:50 Session Theft Reality 23:18 Agentic AI Stakes 24:17 Building Identity Playbook 25:24 Identity Maturity Model 25:49 Fixing OAuth and SAML 27:00 Industry Call to Action 27:37 Where to Find the Handbook 28:06 Not a Vendor Pitch 30:13 Agentic AI Identity Gaps 31:30 Auto Browse Threat Scenario 33:12 Lethal Trifecta Explained 34:31 Ephemeral Agents and Forensics 37:08 Supply Chain Agent Malware 38:20 Crypto Roots of Trust 39:35 Proof Tokens and Reauth 40:17 Delegation Guardrails 42:34 Regulation or Market Forces 44:25 Practical Risk Decisions 46:20 Wrap Up and Next Resources 48:00 Sponsor and Closing Credits

PKI can be a real adventure, from dealing with minting certificates, to their whole lifecycle, all the way down to who trusts what and why. We're here this week with Smallstep's CEO Mike Malone to talk about device attestation, their latest projects, and everything about how we learn to better trust each other when we can, and what to do when we can't. Hosts: Tom Bridge - @tbridge@theinternet.social Marcus Ransom - @marcusransom Guests: Mike Malone - LinkedIn Links: https://smallstep.com/ https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment https://letsencrypt.org/docs/client-options/ https://www.globenewswire.com/news-release/2025/07/30/3124136/0/en/Smallstep-and-Jamf-Partner-to-Deliver-Hardware-Backed-Device-Identity-for-Enterprise-Managed-Apple-Fleets.html Apple JNUC 2025 Presentation on Apple Platform Security https://www.youtube.com/watch?v=5Wj2Oc-LUMQ https://smallstep.com/product/ai-and-mcp/ https://en.wikipedia.org/wiki/Zooko_Wilcox-O%27Hearn Sponsors: Iru Fleet Device Management Meter Primo Watchman Monitoring   If you're interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information. Get the latest about the Mac Admins Podcast, follow us on Twitter! We're @MacAdmPodcast! The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson  

In this episode of the Crazy Wisdom Podcast, host Stewart Alsop sits down with Jake Hamilton, founder of Groundwire and Nockbox, to explore zero-knowledge proofs, Bitcoin identity systems, and the intersection of privacy-preserving cryptography with AI and blockchain technology. They discuss how ZK proofs could offer an alternative to invasive identity verification systems being rolled out by governments worldwide, the potential for continual learning AI models to shift the balance between centralized and open-source development, and why building secure, auditable computing infrastructure on platforms like Urbit matters more than ever as we face an explosion of AI agents and automated systems. Jake also explains Nockchain's approach to creating a global repository of cryptographically verified facts that can power trustless programmable systems, and how these technologies might converge to solve problems around supply chain security, personal data sovereignty, and resistance to censorship.Timestamps00:00 Introduction to Groundwire and Knockbox02:48 Understanding Zero-Knowledge Proofs06:04 Government Adoption of ZK Proofs08:55 The Future of Identity Verification11:52 AI and ZK Proofs: A New Era14:54 The Role of Urbit in Technology18:03 The Impact of COVID on Trust20:51 The Evolution of AI and Data Privacy23:47 The Future of AI Models26:54 The Need for Local AI Solutions29:51 Interoperability of Knockchain and BitcoinKey Insights1. Zero-Knowledge Proofs Enable Privacy-Preserving Verification: Jake explains that ZK proofs allow you to prove computational outcomes without revealing the underlying data. For example, you could prove you're over 18 without exposing your full identity or driver's license information. The proof demonstrates that a specific program ran through certain steps and reached a particular conclusion, and validating this proof is fast and compact. This technology has profound implications for age verification, identity systems, and protecting privacy while maintaining necessary compliance, potentially offering a middle path between surveillance states and complete anonymity.2. Government Adoption of Privacy Technology Remains Uncertain: There are three competing motivations driving government identity verification systems: genuine surveillance desires, bureaucratic efficiency seeking, and legitimate child protection concerns. Jake believes these groups can be separated, with some officials potentially supporting ZK-based solutions if positioned correctly. He notes the EU is exploring ZK identity verification, and UK officials have shown interest. The key is framing privacy-preserving technology as protection against "the swamp" rather than just abstract privacy benefits, which could resonate with certain political constituencies.3. The COVID Era Destroyed Institutional Trust at Unprecedented Scale: The conversation identifies COVID as potentially the largest institutional trust-burning event in human history, with numerous institutions simultaneously losing credibility with large portions of the population. This represents a dramatic shift from the boomer generation's default trust in authority figures and mainstream media. This collapse is compounded by the incoming AI revolution, creating a perfect storm where established bureaucracies cannot adapt quickly enough to manage rapidly evolving technology, leaving society in fundamentally unmanageable territory.4. Centralized AI Models Create Dangerous Dependencies: Both speakers acknowledge growing dependence on centralized AI services like Claude, with some users spending thousands monthly on tokens. This dependency creates vulnerability to price increases and service disruptions. Jake advocates for local AI deployment using models like DeepSeek R1, running on personal hardware to maintain control and privacy. The shift toward continuous learning models will fundamentally change the AI landscape, making personal data harvesting even more valuable and raising urgent questions about compensation and consent for training data contribution.5. High-Quality Training Data Is Becoming the Primary AI Bottleneck: Stewart argues that AI development is now limited more by high-quality training data than by compute power. The industry has exhausted easily accessible internet data and body-shop-style data labeling. Companies are now using specialized boutique services with techniques like head-mounted cameras for live-streaming world model training. This scarcity is subtly driving price increases across AI services and will fundamentally reshape the economics of AI development, with implications for who controls these increasingly powerful systems.6. Urbit Offers a Foundation for Trustworthy Computing: Jake positions Urbit as essential infrastructure for the AI age because its 30,000-line codebase (versus Unix's three million lines) can be understood by individual humans. Its deterministic, purely functional, and strictly typed design aims for eventual ossification—software that doesn't require constant security patches. This "tiny and diamond perfect" approach addresses the fundamental insecurity of systems requiring monthly vulnerability patches. In an era of AI agents and potential prompt injection attacks, having verifiable, comprehensible computing infrastructure becomes existentially important rather than merely desirable.7. Nockchain Creates a Global Repository of Provable Truth: Jake's vision for Nockchain combines ZK proofs with blockchain technology to create a globally available "truth repository" where verified facts can be programmatically accessed together. This enables smart contracts or programs gated on combinations of proven facts—such as temperature readings from secure devices, supply chain events, and payment confirmations. By using Nock's abstract, simple design optimized for ZK proof generation, the system can validate complex real-world conditions without exposing underlying data, creating infrastructure for coordinating action based on verifiable private information at global scale.

One of the key highlights of the Defense Department's recent memo on multi-factor authentication for unclassified and secret networks is the clarification that DoD Public Key Infrastructure — not the common access card itself — is the department's primary authenticator. Previous policies would often go back and forth between describing the CAC or PKI as DoD's primary credential, creating confusion. Plus, the memo finally introduces passwordless authentication methods designed to give service members faster, more flexible access to systems. For more, Federal News Network's Anastasia Obis spoke with Alex Antrim and Adam Oliver, senior solutions engineers at Yubico..See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

You're using Active Directory Certificate Services - but is it configured securely? Richard talks to Ron Arestia about his work with organizations implementing their own Public Key Infrastructure (PKI) with ADCS. Ron explains how poorly configured ADCS enables lateral attacks within an organization once an initial breach occurs, allowing black hats to move throughout your network. A well-designed PKI system has tiers of protection, with the top level completely disconnected from the network. Or do you really need your own PKI system? The conversation digs into the various scenarios, including third-party options. Certificates are the top level of security for your organization - you need to get it right!LinksActive Directory Certificate ServicesWindows Hello for BusinessCertified Pre-OwnedMicrosoft Defender for IdentitySecure Privileged AccessPass the HashMicrosoft Cloud PKI for Microsoft IntuneMicrosoft Entra Conditional AccessMicrosoft AutopilotRon's BlogRecorded February 6, 2026

In der Bonusfolge zum fünfzigsten Jubiläum geht es zunächst um Certificate Transparency. Die ist mittlerweile ein wichtiger Bestandteil der weltweiten PKI und jede Änderung kann unerwartete Folgen haben. Christopher erzählt dann kurz, was Cyberkriminelle jetzt tun, um resilienter gegen Strafverfolger zu werden: Blockchain ist das Stichwort der Stunde für ALPHV und Co. Und Sylvester berichtet, wie KI-generierte Sicherheitsmeldungen das Ende der "Bug-Bounty"-Programme bei cURL und womöglich anderen Opensource-Projekten einläuten. Um die einstündige Zusatzfolge abzurunden, gibt es auch noch eine Meinung zur neuen Sicherheitslücke in einem uralten Protokoll.

Doug Green, Publisher of Technology Reseller News, sat down with Samantha Mabey, Director of Digital Solutions Marketing at Entrust, to discuss new research revealing that most organizations remain unprepared for the coming post-quantum era—despite mounting evidence that the clock is ticking. The podcast, supported by slides, walks through findings from Entrust's latest global study, 2026 Global State of Post-Quantum and Cryptographic Security Trends, and unpacks what they mean for MSPs, telecom providers, and enterprise security leaders. Mabey explained that Entrust focuses on identity-centric security, with cryptographic technologies—such as PKI, hardware security modules (HSMs), certificate management, and key lifecycle management—forming the backbone of modern digital infrastructure. These technologies underpin everything from secure web traffic and APIs to device identity, software updates, and machine-to-machine authentication. The challenge, she noted, is that today's widely used public-key cryptography, including RSA and elliptic curve cryptography, will eventually be breakable by cryptographically relevant quantum computers. According to the research cited in the discussion, more than half of organizations believe quantum systems capable of breaking current encryption could arrive within five years, yet only 38 percent say they are actively transitioning toward post-quantum readiness. Mabey emphasized that the transition will be far more complex than previous cryptographic migrations, such as the long-running move from SHA-1 to SHA-2, because cryptography is embedded across nearly every system and workflow. The risks of inaction are significant. Mabey outlined three major areas of exposure: loss of data confidentiality as encrypted information becomes vulnerable in the future; erosion of trust and integrity if digital signatures can be forged; and operational disruption, since many organizations lack full visibility into where cryptography is deployed. The report found that fewer than half of organizations have complete visibility into their certificates and keys, even before factoring in post-quantum requirements. To become post-quantum ready, Mabey described a phased journey that begins with discovery and inventory—understanding where cryptography is used, who owns it, and how it is managed. From there, organizations must build crypto agility, enabling them to change algorithms without disrupting operations. This includes people, processes, centralized policy, and automation, not just technology. Only then can organizations safely introduce post-quantum cryptography, often through hybrid approaches that combine existing algorithms with quantum-safe methods. The conversation also highlighted the urgency created by emerging standards. Guidance from NIST indicates that traditional public-key cryptography is expected to be deprecated by 2030 and fully disallowed by 2035, timelines that are likely to be followed globally. For telecom providers in particular, Mabey noted that long-lived infrastructure, embedded systems, and constrained devices increase exposure to “harvest now, decrypt later” attacks, making phased migration and vendor alignment critical. As the discussion concluded, Mabey stressed that organizations making progress treat post-quantum readiness as a program, not a one-time project. Those moving forward are aligning teams, investing in visibility and automation, and working closely with vendors that have clear post-quantum roadmaps. Those falling behind, she warned, are underestimating the operational burden and waiting for a “perfect moment” that has already arrived. View the report at https://www.entrust.com/resources/reports/ponemon-post-quantum-report-2026 Visit https://www.entrust.com/

Rundes Jubiläum beim Podcast! Anlässlich der fünfzigsten regulären Folge besprechen Sylvester und Christopher viel Hörerfeedback, über das sie sich besonders freuen. Sie haben auch viele Themen für die Newsfolge mitgebracht - so viele, dass Sylvester nach zwei Stunden die Reißleine zieht und eine Bonusfolge einläutet. Neben einer neuen RCE-Lücke in n8n gibt es eine Einschätzung zu Bitlocker-Wiederherstellschlüsseln in der Cloud, ungläubiges Kopfschütteln angesichts eines vibecoded PR-Stunts von Cloudflare, eine neue Bluetooth-Lücke und einen witzigen Weg, Anthropics LLMs aus dem Tritt zu bringen.

This week we dig into the hardware shortage caused by AI, answer your questions, and dig into managing ZFS via the web! -- During The Show -- 00:45 Intro Cheap managed POE switch Switch hops 05:35 Certificates - Randy Step CA (https://smallstep.com/docs/step-ca/) XCA (https://www.hohnstaedt.de/xca/) Certificate Authority (https://en.wikipedia.org/wiki/Certificate_authority) ACME (https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment) LDAP (https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) Kerberos (https://en.wikipedia.org/wiki/Kerberos_(protocol)) Steve's use of LDAP LDAP with PKI link (https://enterprise.arcgis.com/en/portal/11.4/administer/linux/use-ldap-and-pki-to-secure-access-to-your-portal.htm) ACME and Domain registrars dot tk (http://www.dot.tk/en/index.html?lang=en) Ansible collection (https://docs.ansible.com/projects/ansible/latest/collections/community/crypto/acme_certificate_module.html) 19:19 Ebook Management - Jeremy Steve went to audio books Calibre (https://docs.ansible.com/projects/ansible/latest/collections/community/crypto/acme_certificate_module.html) PDF manuals folder Audio bookshelf (https://www.audiobookshelf.org/) Paperless NGX (https://docs.paperless-ngx.com/) 23:50 Light Sync - Peter UltraStar Deluxe (https://usdx.eu/) Animux (https://usdb.animux.de/) USBD_Syncer (https://github.com/bohning/usdb_syncer/releases) Doing events Why Noah likes Karaoke Effect of "shared experiences" Steve's Christmas tree lights DMX lighting WLED Project (https://kno.wled.ge/) 33:03 News Wire Firefox 147 - firefox.com (https://www.firefox.com/en-US/firefox/147.0/releasenotes/) Thunderbird 147 - thunderbird.net (https://www.thunderbird.net/en-US/thunderbird/147.0/releasenotes/) Grub 2.14 - phoronix.com (https://www.phoronix.com/news/GRUB-2.14-Released) Gnome 49.3 - discourse.gnome.org (https://discourse.gnome.org/t/gnome-49-3-released/33609) Wine 11 - theregister.com (https://www.theregister.com/2026/01/15/wine_11_arrives_faster_and/) Q4OS 6.5 - q4os.org (https://www.q4os.org/forum/viewtopic.php?id=5903) Endeavour OS Genymede Neo - endeavouros.com (https://endeavouros.com/news/ganymede-neo-is-out-with-core-updates-and-upstream-nvidia-changes/) Tails 7.4 - torproject.org (https://blog.torproject.org/new-release-tails-7_4/) Linux Mint 22.3 - blog.linuxmint.com (https://blog.linuxmint.com/?p=4981) BeaglePlay PowerVR - phoronix.com (https://www.phoronix.com/news/BeaglePlay-PowerVR-Success) StackChan - cnx-software.com (https://www.cnx-software.com/2026/01/13/m5stack-stackchan-is-a-cute-open-source-ai-desktop-robot/) Mentra's Smart Glasses - engadget.com (https://www.engadget.com/wearables/mentras-first-smart-glasses-are-open-source-and-come-with-their-own-app-store-150021126.html) VoidLink - checkpoint.com (https://research.checkpoint.com/2026/voidlink-the-cloud-native-malware-framework/) darkreading.com (https://www.darkreading.com/cloud-security/voidlink-malware-advanced-threat-linux-systems) csoonline.com (https://www.csoonline.com/article/4117038/sophisticated-voidlink-malware-framework-targets-linux-cloud-servers.html) Boltz-1 - labmanager.com (https://www.labmanager.com/mit-researchers-release-boltz-1-an-open-source-alternative-to-alphafold-3-33385) Photoshop on Linux - videocardz.com (https://videocardz.com/newz/adobe-photoshop-can-now-install-on-linux-after-a-redditor-discovers-a-fix#disqus_thread) No Commits to MySQL Repo - devclass.com (https://devclass.com/2026/01/13/open-source-mysql-repository-has-no-commits-in-more-than-three-months/) Senate Inquiry - jdsupra.com (https://www.jdsupra.com/legalnews/recent-inquiry-from-senate-intelligence-2158429/) EU Tech Sovereignty - cybernews.com (https://cybernews.com/tech/europe-looks-for-ways-to-cut-cord-from-big-tech/) biometricupdate.com (https://www.biometricupdate.com/202601/eu-calls-for-input-on-open-source-as-it-looks-toward-tech-sovereignty) 35:03 SysAdmins & Smartphones Lowering friction Graphical vs CLI Webzfs (https://github.com/webzfs/webzfs) Exposing ZFS via Web UI Cockpit Putting Webzfs into Cockpit Write in! 43:43 New ESP32 ESP32-E22 Tri-band WiFi What is an ESP32 Steve's use of ESP32 Bandwidth Getting started with ESP32 linuxgizmos.com (https://linuxgizmos.com/esp32-e22-debuts-with-tri-band-wi-fi-6e-and-dual-mode-bluetooth/) 48:05 AI Hardware Run RAM spikes 300%-400% SSD price spikes Fab Capacity Bitcoin effect ARS Technica (https://arstechnica.com/gadgets/2026/01/ram-shortage-chaos-expands-to-gpus-high-capacity-ssds-and-even-hard-drives/) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/476) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Die erste Folge, die Christopher und Sylvester im neuen Jahr aufzeichnen. Seit der letzten regulären Podcast-Episode hat sich einiges an aktuellen Problemen und Lücken angesammelt. Befreit von den harten Zeitvorgaben eines externen Sendezentrums schlagen die Hosts etwas über die Stränge und reden gute 2,5 Stunden: Es geht um ein seltsam unbenutzbares Portal des BSI, schwierig abzuwehrende Angriffe auf Signal & Co, den wenig erbaulichen Zustand von PKIs zum Code- Signing, diverse Lücken und Probleme in GnuPG und dem PGP- Kryptografiesystem insgesamt, einen geschickten Angriff auf das Automatisierungstool n8n – sowie einige kleinere Themen, auf die Christopher und Sylvester spontan eingehen. Ziemlich viel auf einmal, aber immerhin in mundgerechte Häppchen unterteilt. - ACME-DNS: https://github.com/joohoi/acme-dns - WhatsApp-Scraping-Paper: https://arxiv.org/abs/2511.20252 - Messengernutzer-Tracking-Paperhttps://arxiv.org/abs/2411.11194) - Zum Ausprobieren: Whatsapp Device Activity Tracker: https://github.com/gommzystudio/device-activity-tracker - GnuPG-Artikel: https://www.heise.de/hintergrund/Kritik-an-GnuPG-und-seinem-Umgang-mit-gemeldeten-Luecken-11132888.html - GnuPG-Talk: https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i - LIEF - Library to Instrument Executable Formats: https://lief.re/ - PoC zum n8n-RCE: https://github.com/Chocapikk/CVE-2026-21858 - 39C3-Vortrag von Christopher und Sylvester: https://media.ccc.de/v/39c3-apt-down-and-the-mystery-of-the-burning-data-centers

Public Key Infrastructure (PKI) underpins nearly every secure interaction in modern IT, but it's also one of the most misunderstood and overlooked foundations of security.In this episode of Secure IT, host Jason Kikta is joined by Mark Cooper, CEO and founder of PKI Solutions, to unpack why PKI is so critical to identity, authentication, and trust, and what happens when it fails.They explore how certificates enable passwordless authentication, secure TLS connections, IoT devices, endpoints, and enterprise systems, while also examining why misconfigured or poorly monitored PKI environments often become an attacker's fastest path to privilege escalation. From certificate expirations and operational outages to real-world breach scenarios and pen test failures, this conversation maps the full PKI risk spectrum.Jason and Mark also challenge a common assumption in cybersecurity: that recovery equals resilience. Instead, they argue that true resilience means staying secure and operational, even during misconfiguration, failure, or attack.Whether you're new to PKI or responsible for running it, this episode will change how you think about identity infrastructure, resilience, and trust.Topics covered:- What PKI is and why most organizations already depend on it- Certificates, passwordless authentication, and digital identity- How PKI misconfigurations enable high-impact attacks- Why recovery is the weakest form of resilience- The hidden operational and security risks of foundational systems

Repeat guest Chris McGrath joins us to discuss how increasingly strict regulations are requiring increased rigor, visibility, and auditability for enterprise digital certificates and PKI.

We discuss the foundational importance of time in PKI and security in general. This includes when things happen, the order in which things happen, and attacks based on time-spoofing. We drill down on certificates, roots, timestamping, Certificate Transparency, patching, audits, and PQC.

We share our PKI predictions for 2026. Topics include PQC, eIDAS 2, CT logging, ACME, passkeys, CA distrust, AI model poisoning, and new attack vectors.

It's the 60th anniversary of the failed coup in Indonesia, the rise of the dictator Suharto and the removal of popular leader Sukarno. The events that followed the coup led to a period mass killings across the archipelago nation. It's estimated that anywhere between 500,000-3 million people, mostly members of the PKI (the Indonesian Communist Party), were killed. Besides the mass murder of PKI members and anyone else identified as an opponent to the regime, Suharto's forces carried out an erasure of the history and culture of the opposition. Since the fall of Suharto in 1998, declassified documents have shown us the significant role that the Indonesia military took in the genocide and the role western governments (the U.S., the U.K., Australia) played in Suharto's takeover.To discuss all of this, we're re-joined by Dr. Clinton Fernandes. We discuss the history of Indonesia's failed coup and the subsequent genocide, the role of western governments and politics in Indonesia today. Bio//Clinton Fernandes is an Australian historian and scholar who is professor of international and political studies at the University of New South Wales in Canberra, Australia.-----------------

Es näselt leicht im Podcast - die herbstliche Erkältungswelle macht auch vor "Passwort" nicht halt. Trotzdem haben sich Sylvester und Christopher einiges vorgenommen. Sie sprechen über den AWS- und Azure-Ausfall der letzten Wochen, denn auch Verfügbarkeit ist Teil der IT-Sicherheit. Die kritische Sicherheitslücke im Windows-Updateserver WSUS kommt ebenso zur Sprache wie eine trickreiche Malware, die eine wenig bekannte UTF8-Funktion zu ihrem Vorteil nutzt. Und endlich gibt es wieder ein PKI-Thema: Wie eine kroatische CA widerrechtlich Zertifikate für Cloudflare ausstellte, erzählt Christopher dem Publikum und seinem Co-Host. - Online Themenabend: https://aktionen.heise.de/heise-themenabend - AWS' Ausfallanalyse: https://aws.amazon.com/de/message/101925/ - Meredith Whittaker von Signal zur Notwendigkeit der Hyperscaler: https://mastodon.world/@Mer__edith/115445701583902092 - SAP spielt CVSS-Würfeln: https://services.nvd.nist.gov/rest/json/cvehistory/2.0?cveId=CVE-2025-30012 - Microsoft warnt Entwickler vor SoapFormatter: https://learn.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide - Koi über GlassWorm: https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace - QWAC mit Soße (+): https://www.heise.de/select/ct/2023/29/2332409110101310744 - Diskussion um FINA im Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1986968 - Folgt uns im Fediverse: * @christopherkunz@chaos.social * @syt@social.heise.de

In this episode of The Digital Executive, host Brian Thomas sits down with Tim Callan, Chief Experience Officer at Sectigo and one of the leading voices in SSL and PKI technology. With over 20 years shaping the standards of digital trust, Tim unpacks how the invisible infrastructure behind certificates and encryption keeps our digital world secure.Tim explores the coming shift toward shorter certificate lifespans, why automation is essential for enterprises, and how post-quantum cryptography (PQC) will reshape cybersecurity in the near future. He also dives into the evolution of digital identity—from enterprise systems to personal digital wallets—and how encryption can both empower privacy and resist misuse.Whether you're a tech leader, IT professional, or digital security enthusiast, this episode offers a rare look into the technologies protecting our connected future.If you liked what you heard today, please leave us a review - Apple or Spotify. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

In this episode of The Future of Identity Podcast, I'm joined by Chris Goh, former National Harmonisation Lead for Australia's mobile driver's licenses (mDLs) and the architect behind Queensland's digital driver's license. Chris played a pivotal role in driving national alignment across states and territories, culminating in the 2024 agreement to adopt ISO mDoc/mDL standards for mobile driver's licenses and photo IDs across Australia and New Zealand.Our conversation dives into Australia's path from early blockchain experiments to a unified, standards-based approach - one that balances innovation, security, and accessibility. Chris shares lessons from real-world deployments, cultural challenges like “flash passes,” and how both Australia and New Zealand are building digital ID ecosystems ready for global interoperability.In this episode we explore:Why mDoc became the foundation: Offline + online verification, PKI-based trust, and modular architecture enabling scalable, interoperable credentials.From Hyperledger to harmony: Lessons from early decentralized trials and how certification and conformance reduce fragmentation.Balancing innovation and standardization: Why agility and stability must coexist to keep identity ecosystems moving forward.The cultural realities of adoption: How flash passes, retail constraints, and public education shaped Australia's rollout strategy.The road ahead: How national trust lists, privacy “contracts,” and delegated authority could define the next phase of digital identity in the region.This episode is essential listening for anyone building or implementing digital credentials, whether you're a policymaker, issuer, verifier, or technology provider. Chris offers a clear, grounded perspective on what it really takes to move from pilots to national-scale digital identity infrastructure.Enjoy the episode, and don't forget to share it with others who are passionate about the future of identity!Learn more about Valid8.Reach out to Riley (@rileyphughes) and Trinsic (@trinsic_id) on Twitter. We'd love to hear from you.Listen to the full episode on Apple Podcasts or Spotify, or find all ways to listen at trinsic.id/podcast.

How solid is your digital trust—or are you just hoping your PKI is secure?Let's be honest: too many companies run on borrowed trust and forgotten certificates. In this episode of Threat Talks, ON2IT's Lieuwe Jan Koning and Rob Maas pull back the curtain on what really holds your digital world together—and what can tear it down overnight.They break down PKI in plain language: the root of trust that must stay locked away, the intermediates that keep your systems running, and the automation that stops your team from clicking “ignore” on yet another warning.You'll see why rolling your own keys beats trusting anyone else, how to keep your devices speaking the same language of trust, and why short-lived certificates might just save you from the next big breach.This isn't theory—it's how Zero Trust really starts: by proving that your organization can trust itself.Additional Resources• Threat Talks Episode on SSL Decryption – https://youtu.be/Xv_jVHVsD9w• ON2IT Zero Trust: https://on2it.net/zero-trust/• ACME protocol (RFC 8555): https://datatracker.ietf.org/doc/rfc8555/• Let's Encrypt / ACME protocol – https://letsencrypt.org• DigiNotar case study background – https://en.wikipedia.org/wiki/DigiNotar• Mozilla CA Program (trusted root store): https://wiki.mozilla.org/CA• infographic about encryption  https://on2it.s3.us-east-1.amazonaws.com/20250304_Infographic_Encryption.pdfGuest & Host Links:Rob Maas (Field CTO, ON2IT): https://www.linkedin.com/in/robmaas83/ Lieuwe Jan Koning (Founding Partner, ON2IT): https://www.linkedin.com/in/lieuwejan/Key Topics Covered•  Why root certificates must never be online—and how intermediates provide a safe fallback.•  Real-world PKI failure: DigiNotar compromise and lessons for CISOs.•  How ON2IT built a secure, low-cost PKI with offline key bearers and ACME automation.•  The hidden risks of training employees to ignore certificate warnings—and how Zero Trust demands the opposite.

Das Hackermagazin Phrack wird in diesem Jahr vierzig Jahre alt und hat seine 72. Ausgabe veröffentlicht, die wieder mit einer Vielfalt von Hacking- und Security-Artikeln glänzt. Sylvester und Christopher haben das Jubiläum zum Anlass genommen, die Geschichte von Phrack zu rekapitulieren und einige wegweisende Artikel aufzugreifen. Und dabei steht ihnen ein prominenter Gast zur Seite: Skyper aus dem Phrack-Team gibt Einblicke in die Redaktionsarbeit, thematisiert den Hackerethos und erzählt Anekdoten aus bewegten Zeiten. Er war auch maßgeblich an der Veröffentlichung der "APT Down"-Analyse beteiligt, der Auswertung einer Workstation eines mutmaßlich chinesischen oder nordkoreanischen IT-Kriminellen. Welche internationalen Auswirkungen der Artikel hatte und was Proton-Chef Andy Yen damit schaffen hat, erfahren die Hörer in der neuesten Ausgabe von "Passwort". Erratum: Christopher behauptet in der Folge, Nordkorea nutze die Zeitzone UTC+8:30, das ist allerdings seit 2018 nicht mehr der Fall. Seitdem verwendet das Land genau wie der Süden die Zeitzone UTC+9 - und unterscheidet sich somit um 60 Minuten von der chinesischen Normalzeit UTC+8. - Link to Phrack: https://www.phrack.org - Electronic Frontier Foundation: https://www.eff.org/ - GitHub-Repo mit kleinstmöglichen syntaktisch validen Dateien: https://github.com/mathiasbynens/small - i-Soon, das Leak aus der chinesischen Cybercrime-Industrie: https://www.heise.de/news/Passwort-Folge-30-i-Soon-das-Leak-aus-der-chinesischen-Cybercrime-Industrie-10354478.html - X-Thread zum Rz_Brand in Daejeon: https://x.com/koryodynasty/status/1971772813444035031 - Folgt uns im Fediverse: * @christopherkunz@chaos.social * @syt@social.heise.de Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort

We discuss how a static PKI structure can hurt corporate flexibility and resilience. Events like reorgs and M&A activity can cause intractable problems with the wrong PKI setup. Plus, Jason coins the term PKI archeology.

In this episode, Jason describes how we might use the principles of PKI in a purely offline scenario.

professorjrod@gmail.comHave you ever wondered what invisible force protects your private messages, banking details, and personal information as they travel across the internet? The answer lies in cryptology—the fascinating science of securing information through mathematical techniques.Cryptology forms the backbone of modern cybersecurity, addressing the critical needs for confidentiality and integrity in our digital communications. Throughout this episode, Professor J-Rod breaks down complex cryptographic concepts into digestible, practical explanations that reveal how our online world maintains security.We journey through the three fundamental pillars of cryptographic security. First, symmetric encryption—the fastest method using a single shared key—powers everything from full disk encryption on your laptop to secure messaging. Next, we explore asymmetric encryption (public-key cryptography), which brilliantly solves the key distribution problem through mathematically-linked key pairs. Finally, we demystify hashing—the one-way process that creates digital fingerprints to verify data integrity without revealing the original content.Each concept comes alive through real-world examples: how your laptop protects files even if stolen, how websites establish secure connections with your browser, and why changing just one letter in a document completely transforms its hash value. The episode offers both theoretical understanding and practical knowledge about the technologies we unconsciously trust every day.Whether you're a cybersecurity novice or simply curious about how digital security works, this episode provides valuable insights into the cryptographic foundations that keep our digital lives private and secure. Subscribe to Technology Tap for part two of our Cryptology Deep Dive, where we'll explore digital signatures, PKI, certificate authorities, and applications like VPNs, TLS, and blockchain. Your digital security knowledge journey is just beginning!Support the showIf you want to help me with my research please e-mail me.Professorjrod@gmail.comIf you want to join my question/answer zoom class e-mail me at Professorjrod@gmail.comArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Die Hosts wühlen sich weiter durch Feedback und mehr News, als eigentlich in eine Folge passen. Der Podcast nähert sich daher unermüdlich den Director's Cuts epischer Filme an – zumindest in seiner Länge. Ein Hauptgrund dafür ist die Zertifizierungsstelle Microsoft PKI Services, bei der sich tiefe Abgründe auftun. Christopher und Sylvester reden aber auch über diverse andere aktuelle Themen in- und außerhalb der PKI, etwa lehrreiche Sicherheitslücken in Coredump-Handlern und die interessante DoS-Schwachstelle MadeYouReset. - Merklemap-Kritik an Static CT: https://www.merklemap.com/documentation/static-ct - Bugreports zu Microsofts Zertifikatsnichtwiderrufen: https://bugzilla.mozilla.org/show_bug.cgi?id=1962829 und https://bugzilla.mozilla.org/show_bug.cgi?id=1965612 - Technische Details zu coredump-Lücken von Qualys: https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt - Erklärung von Oracle zur systemd-coredump-Lücke: https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598 - PoC zur systemd-coredump-Lücke von CIQ https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/ - "Made you Reset"-Blogposts: https://galbarnahum.com/posts/made-you-reset-intro und https://galbarnahum.com/posts/made-you-reset-technical-details - Folgt uns im Fediverse: - @christopherkunz@chaos.social - @syt@social.heise.de Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort

DigiCert is widely recognized for its expertise in PKI and as a TLS certificate authority. As you can imagine, they have a significant perspective on the quantum computing threat to encryption and the migration to post-quantum cryptography (PQC). We cover everything from the challenges of upgrading IoT devices to ML-DSA signature sizes, as well as the new DigiCert One platform the company offers to help manage the migration process. In the middle of this episode, you'll even get a clear summary of what a successful rollout to PQC looks like. Join host Konstantinos Karagiannis for a wide-ranging chat on actionable PQC steps you can take with Kevin Hilscher from DigiCert. There's even a Quantum Safe Playground to experiment with!For more information on DigiCert, visit www.digicert.com/.   Visit the Quantum Safe Playground at https://labs.digicert.com/quantum-safe.Visit Protiviti at www.protiviti.com/US-en/technology-consulting/quantum-computing-services to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti on LinkedIn and Twitter: @Protiviti.     Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.Visit Protiviti at www.protiviti.com/US-en/technology-consulting/quantum-computing-services  to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti Technology on LinkedIn and X: @ProtivitiTech.             Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.  The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries.  None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.  

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine compliance. We'll discuss what a modern, strategic access management approach looks like and how passwordless authentication solutions are closing the gap between security and usability. To learn more about passwordless authentication in healthcare and other critical industries, check out our whitepapers on the topic: https://security.imprivata.com/putting-complex-passwords-to-work-for-you-wp.html https://www.imprivata.com/resources/whitepapers/passwordless-journey-healthcare This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivataidv to learn more about them! As digital identities multiply and certificate lifespans shrink, enterprises face growing challenges in securing trust across users, devices, and systems. This session explores why unifying PKI and IAM is essential to closing identity-related trust gaps and how platforms like DigiCert ONE—integrating PKI, DNS, and automation—help eliminate outages, streamline security operations, and future-proof organizations. This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertidv to learn more about them! Identity-related attacks are now the dominant threat vector in cybersecurity, yet most organizations remain hindered by fragmented tools, siloed data, and disconnected teams. “Multiplayer AI” offers a new model for identity security, emphasizing interoperability between human experts and AI agents to create a unified, real-time system of systems. By fostering collaboration through open standards and shared intelligence, enterprises can close security gaps, reduce attacker dwell time, and respond faster—transforming identity security from isolated defense into coordinated resilience. https://www.radiantlogic.com/blog/the-dentity-security-paradox-when-more-tools-create-bigger-blind-spots/ This segment is sponsored by Radiant Logic. Visit https://securityweekly.com/radiantlogicidv to learn more about them! In this era of technological advancements where businesses are going digital and more cloud based while preferring remote work environment, cyber threats are surprising growing at the rate never seen before. This makes Identity and Access Management (IAM) and Privileged Access Management (PAM) no more an optional thing but a core crucial requirement. These are not just IT tools anymore- they are important for the security of people, data, and operations. More and more organizations from different industries are now turning to IAM and PAM as managed services to handle the growing complexity of access control and cybersecurity. Why? Because managing identity internally is becoming harder, more expensive, and riskier. With a trusted managed service partner, businesses gain expert support, 24/7 monitoring, scalability, and peace of mind—all while staying compliant and secure. This segment will explore how IAM and PAM managed services are helping companies reduce risk, simplify operations, and stay ahead of evolving security challenges. Whether you're an IT leader, security professional, or business decision-maker, you'll learn why outsourcing identity and access management is quickly becoming a smart, strategic move for the modern enterprise https://www.idmexpress.com/blogs https://www.idmexpress.com/post/cyberark-privileged-access-management-pam-implementation https://www.idmexpress.com/iam-products This segment is sponsored by IDMEXPRESS. Visit https://securityweekly.com/idmidv to implement and manage IAM and PAM solutions tailored to your business needs. Duo's biggest announcement since push-MFA. Duo is defining the future of Identity by unveiling a solution that attackers will hate and users will love. This segment is sponsored by Cisco Duo. Visit https://securityweekly.com/duoidv to learn more about them! In this interview, we will explore the power of data-driven identity leadership and how organizations can leverage analytics to enhance their identity security strategies. Hear insights on aligning data with business goals, improving decision-making, and proactively managing risk. Learn how analytics can transform your identity program from reactive to strategic, driving measurable success. This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviyntidv to learn more about them or get a free demo! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-412

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine compliance. We'll discuss what a modern, strategic access management approach looks like and how passwordless authentication solutions are closing the gap between security and usability. To learn more about passwordless authentication in healthcare and other critical industries, check out our whitepapers on the topic: https://security.imprivata.com/putting-complex-passwords-to-work-for-you-wp.html https://www.imprivata.com/resources/whitepapers/passwordless-journey-healthcare This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivataidv to learn more about them! As digital identities multiply and certificate lifespans shrink, enterprises face growing challenges in securing trust across users, devices, and systems. This session explores why unifying PKI and IAM is essential to closing identity-related trust gaps and how platforms like DigiCert ONE—integrating PKI, DNS, and automation—help eliminate outages, streamline security operations, and future-proof organizations. This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertidv to learn more about them! Identity-related attacks are now the dominant threat vector in cybersecurity, yet most organizations remain hindered by fragmented tools, siloed data, and disconnected teams. “Multiplayer AI” offers a new model for identity security, emphasizing interoperability between human experts and AI agents to create a unified, real-time system of systems. By fostering collaboration through open standards and shared intelligence, enterprises can close security gaps, reduce attacker dwell time, and respond faster—transforming identity security from isolated defense into coordinated resilience. https://www.radiantlogic.com/blog/the-dentity-security-paradox-when-more-tools-create-bigger-blind-spots/ This segment is sponsored by Radiant Logic. Visit https://securityweekly.com/radiantlogicidv to learn more about them! In this era of technological advancements where businesses are going digital and more cloud based while preferring remote work environment, cyber threats are surprising growing at the rate never seen before. This makes Identity and Access Management (IAM) and Privileged Access Management (PAM) no more an optional thing but a core crucial requirement. These are not just IT tools anymore- they are important for the security of people, data, and operations. More and more organizations from different industries are now turning to IAM and PAM as managed services to handle the growing complexity of access control and cybersecurity. Why? Because managing identity internally is becoming harder, more expensive, and riskier. With a trusted managed service partner, businesses gain expert support, 24/7 monitoring, scalability, and peace of mind—all while staying compliant and secure. This segment will explore how IAM and PAM managed services are helping companies reduce risk, simplify operations, and stay ahead of evolving security challenges. Whether you're an IT leader, security professional, or business decision-maker, you'll learn why outsourcing identity and access management is quickly becoming a smart, strategic move for the modern enterprise https://www.idmexpress.com/blogs https://www.idmexpress.com/post/cyberark-privileged-access-management-pam-implementation https://www.idmexpress.com/iam-products This segment is sponsored by IDMEXPRESS. Visit https://securityweekly.com/idmidv to implement and manage IAM and PAM solutions tailored to your business needs. Duo's biggest announcement since push-MFA. Duo is defining the future of Identity by unveiling a solution that attackers will hate and users will love. This segment is sponsored by Cisco Duo. Visit https://securityweekly.com/duoidv to learn more about them! In this interview, we will explore the power of data-driven identity leadership and how organizations can leverage analytics to enhance their identity security strategies. Hear insights on aligning data with business goals, improving decision-making, and proactively managing risk. Learn how analytics can transform your identity program from reactive to strategic, driving measurable success. This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviyntidv to learn more about them or get a free demo! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-412

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine compliance. We'll discuss what a modern, strategic access management approach looks like and how passwordless authentication solutions are closing the gap between security and usability. To learn more about passwordless authentication in healthcare and other critical industries, check out our whitepapers on the topic: https://security.imprivata.com/putting-complex-passwords-to-work-for-you-wp.html https://www.imprivata.com/resources/whitepapers/passwordless-journey-healthcare This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivataidv to learn more about them! As digital identities multiply and certificate lifespans shrink, enterprises face growing challenges in securing trust across users, devices, and systems. This session explores why unifying PKI and IAM is essential to closing identity-related trust gaps and how platforms like DigiCert ONE—integrating PKI, DNS, and automation—help eliminate outages, streamline security operations, and future-proof organizations. This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertidv to learn more about them! Identity-related attacks are now the dominant threat vector in cybersecurity, yet most organizations remain hindered by fragmented tools, siloed data, and disconnected teams. “Multiplayer AI” offers a new model for identity security, emphasizing interoperability between human experts and AI agents to create a unified, real-time system of systems. By fostering collaboration through open standards and shared intelligence, enterprises can close security gaps, reduce attacker dwell time, and respond faster—transforming identity security from isolated defense into coordinated resilience. https://www.radiantlogic.com/blog/the-dentity-security-paradox-when-more-tools-create-bigger-blind-spots/ This segment is sponsored by Radiant Logic. Visit https://securityweekly.com/radiantlogicidv to learn more about them! In this era of technological advancements where businesses are going digital and more cloud based while preferring remote work environment, cyber threats are surprising growing at the rate never seen before. This makes Identity and Access Management (IAM) and Privileged Access Management (PAM) no more an optional thing but a core crucial requirement. These are not just IT tools anymore- they are important for the security of people, data, and operations. More and more organizations from different industries are now turning to IAM and PAM as managed services to handle the growing complexity of access control and cybersecurity. Why? Because managing identity internally is becoming harder, more expensive, and riskier. With a trusted managed service partner, businesses gain expert support, 24/7 monitoring, scalability, and peace of mind—all while staying compliant and secure. This segment will explore how IAM and PAM managed services are helping companies reduce risk, simplify operations, and stay ahead of evolving security challenges. Whether you're an IT leader, security professional, or business decision-maker, you'll learn why outsourcing identity and access management is quickly becoming a smart, strategic move for the modern enterprise https://www.idmexpress.com/blogs https://www.idmexpress.com/post/cyberark-privileged-access-management-pam-implementation https://www.idmexpress.com/iam-products This segment is sponsored by IDMEXPRESS. Visit https://securityweekly.com/idmidv to implement and manage IAM and PAM solutions tailored to your business needs. Duo's biggest announcement since push-MFA. Duo is defining the future of Identity by unveiling a solution that attackers will hate and users will love. This segment is sponsored by Cisco Duo. Visit https://securityweekly.com/duoidv to learn more about them! In this interview, we will explore the power of data-driven identity leadership and how organizations can leverage analytics to enhance their identity security strategies. Hear insights on aligning data with business goals, improving decision-making, and proactively managing risk. Learn how analytics can transform your identity program from reactive to strategic, driving measurable success. This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviyntidv to learn more about them or get a free demo! Show Notes: https://securityweekly.com/esw-412

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine compliance. We'll discuss what a modern, strategic access management approach looks like and how passwordless authentication solutions are closing the gap between security and usability. To learn more about passwordless authentication in healthcare and other critical industries, check out our whitepapers on the topic: https://security.imprivata.com/putting-complex-passwords-to-work-for-you-wp.html https://www.imprivata.com/resources/whitepapers/passwordless-journey-healthcare This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivataidv to learn more about them! As digital identities multiply and certificate lifespans shrink, enterprises face growing challenges in securing trust across users, devices, and systems. This session explores why unifying PKI and IAM is essential to closing identity-related trust gaps and how platforms like DigiCert ONE—integrating PKI, DNS, and automation—help eliminate outages, streamline security operations, and future-proof organizations. This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertidv to learn more about them! Identity-related attacks are now the dominant threat vector in cybersecurity, yet most organizations remain hindered by fragmented tools, siloed data, and disconnected teams. “Multiplayer AI” offers a new model for identity security, emphasizing interoperability between human experts and AI agents to create a unified, real-time system of systems. By fostering collaboration through open standards and shared intelligence, enterprises can close security gaps, reduce attacker dwell time, and respond faster—transforming identity security from isolated defense into coordinated resilience. https://www.radiantlogic.com/blog/the-dentity-security-paradox-when-more-tools-create-bigger-blind-spots/ This segment is sponsored by Radiant Logic. Visit https://securityweekly.com/radiantlogicidv to learn more about them! In this era of technological advancements where businesses are going digital and more cloud based while preferring remote work environment, cyber threats are surprising growing at the rate never seen before. This makes Identity and Access Management (IAM) and Privileged Access Management (PAM) no more an optional thing but a core crucial requirement. These are not just IT tools anymore- they are important for the security of people, data, and operations. More and more organizations from different industries are now turning to IAM and PAM as managed services to handle the growing complexity of access control and cybersecurity. Why? Because managing identity internally is becoming harder, more expensive, and riskier. With a trusted managed service partner, businesses gain expert support, 24/7 monitoring, scalability, and peace of mind—all while staying compliant and secure. This segment will explore how IAM and PAM managed services are helping companies reduce risk, simplify operations, and stay ahead of evolving security challenges. Whether you're an IT leader, security professional, or business decision-maker, you'll learn why outsourcing identity and access management is quickly becoming a smart, strategic move for the modern enterprise https://www.idmexpress.com/blogs https://www.idmexpress.com/post/cyberark-privileged-access-management-pam-implementation https://www.idmexpress.com/iam-products This segment is sponsored by IDMEXPRESS. Visit https://securityweekly.com/idmidv to implement and manage IAM and PAM solutions tailored to your business needs. Duo's biggest announcement since push-MFA. Duo is defining the future of Identity by unveiling a solution that attackers will hate and users will love. This segment is sponsored by Cisco Duo. Visit https://securityweekly.com/duoidv to learn more about them! In this interview, we will explore the power of data-driven identity leadership and how organizations can leverage analytics to enhance their identity security strategies. Hear insights on aligning data with business goals, improving decision-making, and proactively managing risk. Learn how analytics can transform your identity program from reactive to strategic, driving measurable success. This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviyntidv to learn more about them or get a free demo! Show Notes: https://securityweekly.com/esw-412

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Years ago, the headline “Data Breach” was shocking; today, it is common. That may not be a problem for some, but the federal government maintains data stores that contain information about finances, health, and military matters. A recent report has shown that 50% of federal agencies have reported data breaches. It appears that it's time to find a solution. Today, we sat down with Blain Canavan from Thales Group to examine the usual suspects and the potential threats ahead. THE USUAL SUSPECTS:   MFA:  Protecting data can be accomplished with something as basic as phishing-resistant Multi-Factor Authentication. The first step in identity management can significantly reduce threats. Encryption: Deploying encryption can protect data at rest, in transit, and memory. Keys to the Kingdom: Little-known methods of managing the PKI system can help reduce risk in protecting data. THEAT DOWN THE ROAD: QUANTUM Now that you have checked the boxes for basic data protection, it is time to get a grasp on what lies ahead. We have read about quantum cryptography for twenty years. Today, we have pre-standardized quantum-resistant cryptographic algorithms available. One needs to take action a little sooner. During the interview, Blair Canavan highlights the proactive measures taken by the US federal government, including the implementation of PQC-safe digital signatures by 2025. The “down the road” also has a delimitation -- Blair emphasizes the urgency of replacing outdated cryptographic methods, such as RSA and ECC, by 2030 and 2035, respectively. Include the 2024 data threat report. = ==

In this episode of Tech Talks Daily, I sat down with Ashley Stevenson, VP of Product and Solution Marketing at DigiCert, to explore the shifting landscape of digital trust. We are living in a time where certificate-related outages still disrupt critical systems, identity management is becoming more complex, and the arrival of quantum computing is no longer a distant concern. Ashley brought clarity to these issues with a practical look at how DigiCert is helping organizations manage trust at scale. Our conversation began with the foundational role DNS and PKI play in digital infrastructure. While most users never think about them, every secure connection begins with DNS resolving a domain and PKI establishing trust. DigiCert has combined these layers in a single platform, DigiCert1, designed to automate and simplify how trust is managed across networks, users, and connected devices. We explored the increasing importance of certificate lifecycle management. With certificate lifespans moving from 398 days to just 47 by 2029, and domain validations required every 10 days, automation is no longer a convenience. It is a necessity. DigiCert1 addresses this through centralized inventory, policy enforcement, proactive notifications, and full automation from issuance to installation. Ashley also shared insights on the convergence of PKI and identity and access management. From IoT to human users, digital identities are multiplying and evolving. PKI is playing a larger role in enabling passwordless authentication and supporting verifiable credentials, especially as organizations move toward privacy-enhancing and standards-based models. Looking ahead, we discussed quantum readiness and crypto agility. DigiCert is already helping customers evaluate which systems are most vulnerable and preparing them to adopt quantum-safe algorithms when needed. Whether the concern is policy change, an unexpected breach, or emerging tech, the ability to adapt quickly is key. How do you build a strategy for trust that adapts to this pace of change? This episode offers an inside look at how DigiCert is answering that question.

We build on our Trust Models discussion to explore how organizations can structure their PKI for the transition to post quantum cryptography (PQC).

In this episode, we break down Parkland’s $9.1B proposed acquisition by Sunoco and why the timing is controversial. We also cover earnings from Loblaws, TMX Group, McDonald’s, Riocan, and Spin Master. From strong retail leasing spreads to e-commerce growth and tariff headwinds, we dig into how each company is navigating the current economic environment—and what investors should watch going forward. Tickers of stocks discussed: X.TO, MCD, L.TO, REI-UN.TO, TOY, PKI.TO Check out our portfolio by going to Jointci.com Our Website Canadian Investor Podcast Network Twitter: @cdn_investing Simon’s twitter: @Fiat_Iceberg Braden’s twitter: @BradoCapital Dan’s Twitter: @stocktrades_ca Want to learn more about Real Estate Investing? Check out the Canadian Real Estate Investor Podcast! Apple Podcast - The Canadian Real Estate Investor Spotify - The Canadian Real Estate Investor Web player - The Canadian Real Estate Investor Asset Allocation ETFs | BMO Global Asset Management Sign up for Finchat.io for free to get easy access to global stock coverage and powerful AI investing tools. Register for EQ Bank, the seamless digital banking experience with better rates and no nonsense.See omnystudio.com/listener for privacy information.

On todays episode Danny is joined by David Mahdi, Chief Identity Officer (CIO) for Transmit Security. David is a globally recognized leader in cybersecurity and digital identity, renowned for his pioneering work in establishing digital trust across complex enterprise ecosystems. With over two decades of experience, he has been instrumental in shaping the fields of identity-first security, cryptography, and machine identity management. As the CIO at Transmit Security and former Chief Strategy Officer and CISO Advisor at Sectigo, David has guided organizations through digital transformation initiatives, including the development of cryptography centers of excellence and the implementation of passwordless authentication systems. His tenure as a top-performing VP Analyst at Gartner solidified his reputation as a trusted advisor to Fortune 500 companies, where he provided insights on cybersecurity, blockchain, PKI, and IoT security. David's thought leadership extends to his contributions to the Forbes Technology Council and the Fast Company Executive Board, where he continues to influence the discourse on digital trust and cybersecurity. His holistic approach, encompassing IT, engineering, business development, and marketing, positions him uniquely to address the multifaceted challenges of today's digital landscape. In this podcast, David shares his insights on the evolving landscape of digital identity, the importance of establishing digital trust, and the future of cybersecurity in an increasingly interconnected world:The most surprising challenge David has faced in leading innovation at scaleSomething David struggles with as a leader in the tech spaceHow to maintain peak performance and keep your team motivatedThe role AI plays in the evolution of digital identity and fraud preventionHow to manage energy and focusWhat excites David most about the future of digital security and identity managementAnd more...Are you getting every episode of Digital Transformation & Leadership in your favourite podcast player? You can find us Apple Podcasts and Spotify to subscribe.

Passwort-Podcast ohne PKI: unvorstellbar! Daher sprechen Sylvester und Christopher in der aktuellen FOlge auch über Kritik an der automatischen Zertifikatsvergabe per ACME-Protokoll. Außerdem staunen sie ob eines Milliardendiebstahls bei der Kryptobörse Bybit, ärgern sich über verschiedene staatliche Versuche, Verschlüsselung zu schwächen und ermutigen ihre Hörer, bei der Auswahl der Testdomain umsichtig vorzugehen. - https://blog.thc.org/practical-https-interception - CertSpotter: https://github.com/SSLMate/certspotter - https://tuta.com/de/blog/france-surveillance-nacrotrafic-law - https://support.apple.com/en-us/122234 - https://www.cl.cam.ac.uk/~ah793/papers/2025police.pdf - https://www.bloomberg.com/opinion/articles/2025-03-03/citi-keeps-hitting-the-wrong-buttons - https://www.heise.de/news/BAMF-Skurrile-Testkonten-ermoeglichten-unautorisierten-Datenzugriff-10305691.html - https://github.com/jlopp/physical-bitcoin-attacks Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort

In this episode, Job Snijders discusses RPKIViews, his long term project to collect the "views" of RPKI state every day, and maintain an archive of BGP route validation states. The project is named to reflect route views, the long-standing archive of BGP state maintained by the University of Oregon, which has been discussed on PING. Job is based in the Netherlands, and has worked in BGP routing for large international ISPs and content distribution networks as well as being a board member of the RIPE NCC. He is known for his work producing the Open-Source rpki-client RPKI Validator, implemented in C and distributed widely through the OpenBSD project. RPKI is the Resource PKI, Resource meaning the Internet Number Resources, the IPv4, IPv6 and Autonomous System (AS) numbers which are used to implement routing in the global internet. The PKI provides cryptographic proofs of delegation of these resources and allows the delegates to sign over their intentions originating specific prefixes in BGP, and the relationships between the AS which speak BGP to each other. Why rpkiviews? Job explains that there's a necessary conversation between people involved in the operational deployment of secure BGP, and the standards development and research community: How many of the worlds BGP routes are being protected? How many places are producing Route Origin Attestations (ROA) which are the primary cryptographic object used to perform Route Origin Validation (ROV) and how many objects are made? Whats the error rate in production, the rate of growth, a myriad of introspective "meta" questions need to be asked in deploying this kind of system at scale, and one of the best tools to use, is an archive of state, updated frequently, and as for route views collected from a diverse range of places worldwide, to understand the dynamics of the system. Job is using the archive to produce his annual "RPKI Year in review" report, which was published this year on the APNIC blog (it's posted to operations, research and standards development mailing lists and presented at conferences and meetings normally) and products are being used by the BGPAlerter service developed by Massimo Candela

I'm always asked the same question when talking to customers about the threats of quantum computing and the move to post-quantum cryptography. What are similar companies doing about it? It's only been half a year since the NIST standards were published, but we're starting to see some traction. Join host Konstantinos Karagiannis for a chat with Samantha Mabey from Entrust about an interesting study on migration, along with some tactical advice for getting your PQC journey underway. For more information on Entrust, visit www.entrust.com/.  Read the PKI and PQ study here:  www.entrust.com/cybersecurity-institute/reports/2024-pki-and-post-quantum-trends-study.  Visit Protiviti at www.protiviti.com/US-en/technology-consulting/quantum-computing-services  to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti Technology on LinkedIn and Twitter: @ProtivitiTech.     Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.  The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries.  None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.

Christopher und Sylvester kämpfen sich mal wieder durch einige Ankündigungen für Zertifikate und Vorfälle mit denselben. Außerdem werfen sie einen Blick auf eine Malwaregruppe, die auf andere Cyberkriminelle und Sicherheitsforscher abzielt, und besprechen, warum diese Gruppen oft so viele komische Namen haben. Zuletzt geht es noch um neue Tricks, wie Nutzer über ihre Browserengine nachverfolgt werden können – und wie man sich dagegen wehrt. * [Let's Encrypt-Ankündigung](https://letsencrypt.org/2024/12/11/eoy-letter-2024/) * [Bericht zu MUT-1244](https://securitylabs.datadoghq.com/articles/mut-1244-targeting-offensive-actors/) * [Threat-Actor-Naming-RFC](https://www.misp-standard.org/rfc/threat-actor-naming.html) * [CSS-Fingerprinting](https://doi.org/10.60882/cispa.27194472.v3) * [c't-Mailclient-Übersicht](https://heise.de/-10241634) Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort

The old adage states that a monkey in front of a keyboard, given enough time, could randomly type the works of Shakespeare. Apparently, someone ran the numbers and said not so much. We break it down and explain why we're discussing this on a PKI podcast.

Can you pen test yourself? Paula Januszkiewicz says yes! Richard talks to Paula about taking an active role in understanding your organization's security vulnerabilities. Paula talks about the low-hanging fruit she often finds as a professional penetration tester - typically on poorly maintained infrastructure like PKI servers. The conversation digs into tooling you can use to find vulnerabilities - just make sure you trust the source of those tools. Not everyone is a good guy in open source! And, of course, there's always a time to bring in professionals to do a deeper level of testing. Don't wait until the breach happens to take some action!LinksCqurePenetration TestingGitHub Secrets ScanningHaveIBeenPwnedRecorded August 22, 2024

As most EV enthusiasts know, the Tesla-developed North American Charging System (NACS) is being standardized as SAE J3400 — unlocking the ability for any EV supplier or manufacturer to use, manufacture, or deploy the J3400 connector on EVs and at charging stations across North America. . Recently, the SAE J3400 NACS Task Force voted to establish the J3400 standard as a recommended practice, marking a significant step forward in the standardization process and demonstrating the importance of collaboration in moving the EV industry forward. . To learn more, we sat down with Christian Thiele, Director, Global Ground Vehicle Standards, SAE International, and Dr. Rodney McGee, Ph.D., P.E., Chairman, SAE J3400 NACS Task Force, and Chief Engineer at the University of Delaware, to discuss how the J3400 standard is bringing industry together to build a unified and reliable EV infrastructure that supports the widespread adoption of EVs. . Join the global EV ecosystem leader! The SAE EV Charging PKI Project designed and tested an inclusive, protocol-neutral, worldwide EV charging industry PKI platform that is secure, trusted, scalable, interoperable, and extensible. View and download the program overview now. . We'd love to hear from you. Share your comments, questions and ideas for future topics and guests to podcast@sae.org. Don't forget to take a moment to follow SAE Tomorrow Today—a podcast where we discuss emerging technology and trends in mobility with the leaders, innovators and strategists making it all happen—and give us a review on your preferred podcasting platform. . Follow SAE on LinkedIn, Instagram, Facebook, Twitter, and YouTube. Follow host Grayson Brulte on LinkedIn, Twitter, and Instagram.

Enjoy this special encore episode where we are joined by, Microsoft's Corporate Vice President of Cybersecurity Business Development Ann Johnson brings us on her career journey from aspiring lawyer to cybersecurity executive. After pivoting from studying law, Ann started working with computers and found she had a deep technical aptitude for technology and started earning certifications landing in cybersecurity because she found an interest in PKI. At Microsoft, Ann says she solves some of the hardest problems every day. She recommends getting a mentor and finding your area of expertise. She leaves us with three dimensions she hopes to be her legacy: 1. diversity in more than just gender, 2. bringing a human aspect to the industry, and 3. being empathetic to the user experience. We thank Ann for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Enjoy this special encore episode where we are joined by, Microsoft's Corporate Vice President of Cybersecurity Business Development Ann Johnson brings us on her career journey from aspiring lawyer to cybersecurity executive. After pivoting from studying law, Ann started working with computers and found she had a deep technical aptitude for technology and started earning certifications landing in cybersecurity because she found an interest in PKI. At Microsoft, Ann says she solves some of the hardest problems every day. She recommends getting a mentor and finding your area of expertise. She leaves us with three dimensions she hopes to be her legacy: 1. diversity in more than just gender, 2. bringing a human aspect to the industry, and 3. being empathetic to the user experience. We thank Ann for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

The migration to post-quantum cryptography (PQC) is about to begin and is necessary to protect against the threats of fault-tolerant quantum computing. However, critical assets like those in military, banking and government environments also require other layers of security and strategies, such as zero trust and increased encryption bit sizes. Join host Konstantinos Karagiannis as he discusses with his guest, Richard Blech from XSOC, a high-performance symmetric encryption solution that will provide defense in-depth today and after thousands of logical qubits arrive.  For more on XSOC, visit www.xsoccorp.com/ .  Visit Protiviti at www.protiviti.com/US-en/technology-consulting/quantum-computing-services  to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti Technology on LinkedIn and Twitter: @ProtivitiTech.  Questions and comments are welcome!   Theme song by David Schwartz, copyright 2021.   The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries.  None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.

Do you want to gain a deeper understanding of how PKI, AI, and cryptography are shaping software development? Our special guest is Loren KohnfelderLoren Kohnfelder's journey into the world of AI and cybersecurity began with an early exposure to mainframe programming at the age of twelve. His fascination with software development grew from experimenting with basic assembly language, COBOL, Basic, Fortran, and RPG. Over the years, he witnessed the evolution of programming languages and the crucial shift towards memory safety. As he delved deeper into the world of AI, Loren's perspective on the application of AI in cybersecurity evolved, emphasizing the importance of trust and clear policies. His insightful narrative highlights the significance of automation and the need for transparency within the security industry, offering a unique and relatable perspective on the ever-changing landscape of software development and cybersecurity.Discover how artificial intelligence is revolutionizing the cybersecurity landscape and its impact on software development.Understand the critical role of trust in AI cybersecurity and how it influences decision-making in software development.Learn about the triaging approach to automating cybersecurity and its significance for software developers and IT professionals.Explore effective methods for monitoring and evaluating the performance of AI in cybersecurity to enhance software development practices.Gain insights into the importance of transparency and knowledge sharing in cybersecurity for informed decision-making in software development.I believe in challenging all this stuff because I think we have plenty of room for improvement and we need to keep going at it. We can't give up and resign ourselves to business as usual. We have to keep pushing it and asking, why is that? Why can't we do it this way? Why isn't it better? Keep trying. - Loren KohnfelderIn this episode, you will be able to:Discover how artificial intelligence is revolutionizing cybersecurity and what it means for the future of software development.Explore the triaging approach to automating cybersecurity and its potential to streamline threat detection and response.Uncover the significance of transparency and knowledge sharing in cybersecurity for fostering a more secure digital environment.Connect with Loren KohnfelderLinkedIn: https://www.linkedin.com/in/kohnfelder/Designing Secure Software Book: https://a.co/d/07h5nQnaConnect with usWebsite: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comJames McQuiggan - https://www.linkedin.com/in/jmcquigganErich Kron: https://www.linkedin.com/in/erichkron/Music Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comShow Notes created with Capsho - www.capsho.comSound Engineering - Matthew Bliss, MB Podcasts.If you'd like to ask Matt what he can do for your podcast, visit https://www.mbpod.com and schedule a consultation today! 

Welcome to episode 265 of the Cloud Pod Podcast – where the forecast is always cloudy! Justin and Matthew are with you this week, and even though it's a light news week, you're definitely going to want to stick around. We're looking forward to FinOps, talking about updates to Consul, WIF coming to Vault 1.17, and giving an intro to Databricks LakeFlow. Because we needed another lake product. Be sure to stick around for this week's Cloud Journey series too.  Titles we almost went with this week: The CloudPod lets the DataLake flow Amazon attempts an international incident in Taiwan What's your Vector Mysql?  A big thanks to this week's sponsor: We're sponsorless! Want to reach a dedicated audience of cloud engineers? Send us an email, or hit us up on our Slack Channel and let's chat!  General News 01:40 Consul 1.19 improves Kubernetes workflows, snapshot support, and Nomad integration Consul 1.19 is now generally available, improving the user experience, providing flexibility and enhancing integration points.  Consul 1.19 introduces a new registration custom resource definition (CRD) that simplifies the process of registering external services into the mesh.   Consul service mesh already supports routing to services outside of the mesh through terminating gateways. However, there are advantages to using the new Registration CRD.  Consul snapshots can now be stored in multiple destinations, previously, you could only snapshot to a local path or to a remote object store destination but not both.   Now you can take a snapshot of NFS Mounts, San attached Storage, or Object storage.  Consul API gateways can now be deployed on Nomad, combined with transparent proxy and enterprise features like admin partitions  01:37 Matthew- “What I was surprised about, which I did not know, was that console API gateway can now be deployed on Nomad. Was it not able to be deployed before? Just feels weird… you know, consoles should be able to be deployed on nomad compared to that. You know, it’s all the same company, but sometimes team A doesn’t always talk to team B.” 03:21 Vault 1.17 brings WIF, EST support for PKI, and more   Vault 1.17 is now generally available with new secure workflows, better performance and improved secrets management scalability.  Key new features: Workload Identify Federation (WIF) allows you to eliminate concerns around providing security credentials to vault plugins.   Using the new support for WIF< a trust relationship can be established between an external system and va

FIDO security keys are not new in the authentication workflow. They have been around now for 10 years. What is new is the combination of the most secure multi-factor authentication method not only for logical but also for physical access control with the highest FIPS140-3 security certification in the market. Segment Resources: Video "Swissbit iShield Key Pro: Protecting Digital Identities" https://www.youtube.com/watch?v=kxtqOyZ6e80 This segment is sponsored by Swissbit. Visit https://securityweekly.com/swissbitidv to learn more about them! While AI artificial intelligence is up-and-coming, automating your organization's PKI infrastructure is very much a reality, and can help save your IT team on hardware costs and employee costs in the long term. Additionally, a powerful PKI-as-a-Service solution provides the cryptoagility your organization can rely on as artificial intelligence, post-quantum computing, and shortened certificate validity periods become reality. This segment is sponsored by HID. Visit https://securityweekly.com/hididv to learn more about them! Cyberattacks, fraud and breaches, we've all studied them, and we are all aware that identity is under attack. And if we thought it was bad up until now, we haven't fully seen the impact of GenAI based identity attacks. Going beyond just Deepfakes, GenAI-powered malicious services such as FraudGPT, lets novices craft targeted and sophisticated attacks that bypass common IAM and security controls. Identity and security leaders must brace themselves for an increase in the volume, velocity and variety of attacks ("the three V's:). In this talk, former Gartner analyst David Mahdi and CIO of Transmit Security cover what you need to know about GenAI these attacks, and what you can do about it. Specifically, the types of attacks fraudsters are conducting across the identity lifecycle, insight into their tactics and services, and finally recommendations for a path forward. This segment is sponsored by Transmit Security. Visit https://securityweekly.com/transmitidv to learn more about them! Show Notes: https://securityweekly.com/vault-esw-13

In this episode, we delve into the pressing economic indicators suggesting stagflation and a potential recession. We review key data from auto sales, construction spending, and factory orders, and discuss the upcoming jobs report and its implications. The discussion also covers important earnings reports from companies like Cloud Strike, Dollar Tree, and Lululemon, providing insights into consumer behavior and spending patterns. Tune in as we analyze the current economic landscape and what it means for the future. [00:00:04] Overview of upcoming economic data and earnings reports. [00:00:47] Live stream announcement: Discussing the 2025 housing market bloodbath predictions. [00:01:35] Insights into the job market with upcoming JOLTS report, factory orders, and auto sales. [00:02:34] Importance of the ADP report and initial jobless claims as economic indicators. [00:03:30] Expectations for the jobs number and unemployment rate. [00:04:01] Discussion on the earnings reports from Cloud Strike, PVH, Dollar Tree, and Lululemon. [00:05:56] Analysis of PKI data and its implications for inflation and stagflation. [00:07:03] Review of Chicago PMI numbers and historical accuracy in predicting recessions. [00:10:34] Trends in consumer behavior: Trading down from high-end to lower-end retailers. [00:11:02] Introduction to the One Rental at a Time school community and its benefits. One Rental at a Time One Rental at a Time School Cloud Strike PVH Corp Dollar Tree Lululemon DocuSign Chicago PMI Thank you for tuning into this episode as we navigate the complexities of the current economic landscape. If you enjoyed this discussion, please rate, follow, share, and leave a review. Your feedback helps us continue to bring you valuable content. For more detailed discussions and to connect with industry experts, join the One Rental at a Time school community. Stay informed, stay prepared, and see you next time!

In today's episode, we delve into the question: Is the consumer broke? We analyze recent earnings reports from key retailers like Best Buy, Foot Locker, and Kohl's to understand consumer behavior amidst economic changes. We also explore trends in enterprise software spending and the implications of recent reports from Salesforce and UiPath. Additionally, we discuss the potential impact of upcoming PKI core data on the market and share insights on GDP revisions and jobless claims. Tune in for a comprehensive look at the current state of the consumer economy and what it means for the future. [00:00:00] Introduction and overview of today's topics: consumer spending, enterprise software, and the upcoming PKI core data. [00:00:51] Discussion on changes in consumer behavior post-pandemic and its impact on discretionary spending. [00:02:15] Best Buy's earnings: Miss on revenue, beating earnings, and highlighting consumer pullback on discretionary items. [00:03:15] Foot Locker's earnings: Matched revenue, beat earnings, and the CEO's focus on margins and retail pricing. [00:04:20] Kohl's earnings: Miss on revenue and earnings, guidance cut, and same-store sales down 5.3%. [00:05:36] Analysis of consumer spending trends in grocery versus discretionary items based on Target and Walmart reports. [00:06:37] Salesforce's earnings: Miss on revenue and weak forecast due to a measured buying environment. [00:08:21] UiPath's challenges: CEO resignation and weak performance report. [00:08:50] Mixed results in tech earnings: New Topic's weak guidance versus HP Inc. and Pure Storage's strong performance. [00:09:14] Conclusion on consumer spending: Differentiating between asset owners and renters, and the impact on discretionary spending. Best Buy Foot Locker Kohl's Salesforce UiPath One Rental at a Time School Thank you for joining us in today's episode as we explored the state of the consumer economy. If you found this discussion insightful, please rate, follow, share, and leave a review. Your feedback helps us bring you more valuable content. For further insights and to connect with industry experts, join the One Rental at a Time School community. See you next time!

The DOJ indicts four Iranian nationals on hacking charges. Legislation to ban or force the sale of TikTok heads to the President's desk. A Russian hack group claims a cyberattack on an Indiana water treatment plant. A roundup of dark web data leaks. Mandiant monitors dropping dwell times. Bcrypt bogs down brute-forcing. North Korean hackers target defense secrets. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. On our Industry Voices segment, Tony Velleca, CEO of CyberProof, joins us to explore some of the pain points that CISOs & CIOs are experiencing today, and how they can improve their cyber readiness. Ransomware may leave the shelves in Sweden's liquor stores bare.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K's comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe discuss content and study strategies for CISSP Domain 3 Security Architecture and Engineering, and discuss encryption and non-repudiation. Specifically they cover sub-domain 3.6, "Select and determine cryptographic solutions," which includes: Cryptographic life cycle Cryptographic method Public key infrastructure (PKI). Industry Voices On our Industry Voices segment, Tony Velleca, CEO of CyberProof, joins us to explore some of the pain points that CISOs & CIOs are experiencing today, and how they can improve their cyber readiness.  Selected Reading Rewards Up to $10 Million for Information on Iranian Hackers (GB Hackers) Congress passes bill that could ban TikTok after years of false starts (Washington Post) Russian hackers claim cyberattack on Indiana water plant (The Record) Major Data Leaks from Honda Vietnam, US Airports, and Chinese Huawei/iPhone Users (SOCRadar® Cyber Intelligence Inc.) Global attacker median dwell time continues to fall (Help Net Security) New Password Cracking Analysis Targets Bcrypt (SecurityWeek) North Korean Hackers Target Dozens of Defense Companies (Infosecurity Magazine) ​​Hackers hijack antivirus updates to drop GuptiMiner malware (Bleeping Computer) Sweden's liquor shelves to run empty this week due to ransomware attack (The Record) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.