Podcasts about principal security researcher

This week, we are joined by John Hammond, Principal Security Researcher at Huntress, who is sharing his PoC and research on "CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild." A critical 9.0 severity vulnerability (CVE-2025-30406) in Gladinet CentreStack and Triofox is being actively exploited in the wild, allowing remote code execution via hardcoded cryptographic keys in default configuration files. Huntress researchers observed compromises at multiple organizations and confirmed hundreds of vulnerable internet-exposed servers, urging immediate patching or manual machineKey updates. Mitigation guidance, detection, and remediation scripts have been released to help users identify and secure affected installations. The research can be found here: ⁠CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by John Hammond, Principal Security Researcher at Huntress, who is sharing his PoC and research on "CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild." A critical 9.0 severity vulnerability (CVE-2025-30406) in Gladinet CentreStack and Triofox is being actively exploited in the wild, allowing remote code execution via hardcoded cryptographic keys in default configuration files. Huntress researchers observed compromises at multiple organizations and confirmed hundreds of vulnerable internet-exposed servers, urging immediate patching or manual machineKey updates. Mitigation guidance, detection, and remediation scripts have been released to help users identify and secure affected installations. The research can be found here: ⁠CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild Learn more about your ad choices. Visit megaphone.fm/adchoices

As technology evolves, it's hard to imagine what the cybersecurity workforce of the future will look like. What skills will they need, what new roles will emerge? Regardless of 'what,' the industry will need, they will need a human workforce. So how can the practitioners, parents, and educators inspire curiosity in young people so that they see cybersecurity as a career path of interest where they belong? Listen in as RSAC explores this topic with industry influencers. Speakers: Jason Blanchard, Content & Community Director, Black Hills Information Security David Brumley, CEO, Mayhem Security John Hammond, Principal Security Researcher, Huntress Kacy Zurkus, Director, Content, RSAC

Podcast: Open Source Security (LS 38 · TOP 2% what is this?)Episode: Embedded Security with Paul AsadoorianPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRecently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/The podcast and artwork embedded on this page are from Josh Bressers, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Recently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/

Cyber insurers can't just assess risk—they need to actively protect businesses from evolving threats.In this episode, host Anthony Hess welcomes Daniel Woods, Principal Security Researcher at Coalition, to explore how cyber insurers can move beyond risk transfer and take an active role in cybersecurity. Daniel explains how Coalition's mission-driven approach sets it apart, and why active insurance has an edge in an era of escalating threats.You'll learn:1. Why cyber insurers must go beyond risk assessment and actively protect policyholders2. How web privacy litigation from the plaintiffs' bar mirrors cybercriminal tactics3. The biggest blind spots in systemic cyber risk, and why a privacy casualty catastrophe is worth thinking about4. How insurers can build real-time risk mitigation into their coverage models5. The future of cyber insurance: Where the industry is headed and how insurers can stay ahead___________Get in touch with Daniel Woods on LinkedIn: https://www.linkedin.com/in/daniel-woods-82555199/___________About the host Anthony Hess:Anthony is passionate about cyber insurance. He is the CEO of Asceris, which supports clients to respond to cyber incidents quickly and effectively. Originally from the US, Anthony now lives in Europe with his wife and two children.Get in touch with Anthony on LinkedIn: https://www.linkedin.com/in/anthonyhess/ or email: ahess@asceris.com.___________Thanks to our friends at SAWOO for producing this episode with us! 

This week we are joined by Silas Cutler, Principal Security Researcher at Censys, asking the important question of "Will the Real Volt Typhoon Please Stand Up?" The FBI's disruption of the KV Botnet in December 2023, attributed to the Chinese threat group Volt Typhoon, targeted infected systems but did not affect the botnet's control infrastructure. Despite law enforcement efforts and technical exposure, the botnet's infrastructure has remained largely stable, with only changes in hosting providers, raising questions about whether another party operates the botnet. Censys scanning data from 2024 shows a shift in the botnet's control servers, indicating a response to disruption attempts, while the botnet's operators have shown limited efforts to obscure their infrastructure. The research can be found here: Will the Real Volt Typhoon Please Stand Up? Learn more about your ad choices. Visit megaphone.fm/adchoices

This week we are joined by Silas Cutler, Principal Security Researcher at Censys, asking the important question of "Will the Real Volt Typhoon Please Stand Up?" The FBI's disruption of the KV Botnet in December 2023, attributed to the Chinese threat group Volt Typhoon, targeted infected systems but did not affect the botnet's control infrastructure. Despite law enforcement efforts and technical exposure, the botnet's infrastructure has remained largely stable, with only changes in hosting providers, raising questions about whether another party operates the botnet. Censys scanning data from 2024 shows a shift in the botnet's control servers, indicating a response to disruption attempts, while the botnet's operators have shown limited efforts to obscure their infrastructure. The research can be found here: Will the Real Volt Typhoon Please Stand Up? Learn more about your ad choices. Visit megaphone.fm/adchoices

Entra ID is the current inheritor of the mantle of Active Directory. No, don't be afraid, we're not going to do any binding on this show. We're going to give you the brass tacks for what Microsoft is using Entra for, how Mac Admins should think about it, and how it fits into the modern world for Mac Admins. Hosts: Tom Bridge - @tbridge@theinternet.social Marcus Ransom - @marcusransom Guests: Michael Epping, Senior Program Manager, Microsoft – LinkedIn Mark Morowczynski, Principal Security Researcher, Microsoft – LinkedIn Links: Extending the AD schema (pay attention to the date) https://lists.samba.org/archive/samba-technical/attachments/20101123/6d648bd4/attachment.pdf Password Guide: https://aka.ms/PasswordlessGuide Sponsors: Kandji 1Password Watchman Monitoring If you're interested in sponsoring the Mac Admins Podcast, please email podcast@macadmins.org for more information. Get the latest about the Mac Admins Podcast, follow us on Twitter! We're @MacAdmPodcast! The Mac Admins Podcast has launched a Patreon Campaign! Our named patrons this month include Weldon Dodd, Damien Barrett, Justin Holt, Chad Swarthout, William Smith, Stephen Weinstein, Seb Nash, Dan McLaughlin, Joe Sfarra, Nate Cinal, Jon Brown, Dan Barker, Tim Perfitt, Ashley MacKinlay, Tobias Linder Philippe Daoust, AJ Potrebka, Adam Burg, & Hamlin Krewson  

Nosipho Radebe speaks to David Emm, Principal Security Researcher at KasperskySee omnystudio.com/listener for privacy information.

Episode 76. Join us on this episode of All Quiet on the Second Front as guest host Enrique Oti welcomes Paul Asadoorian, Principal Security Researcher at Eclypsium. During this episode, they dive into the often overlooked world of firmware security, exploring how vulnerabilities at this foundational level pose significant risks not just to our military and national security, but also to healthcare, food supply chains, and more. Discover how Paul's work seeks to transform the precarious nature of trust in our digital components into a more secure reality, ensuring the integrity of the devices we depend on every day.What's happening on the Second Front: Firmware security risks and vulnerabilitiesTransforming false trust into true securityBalancing and operationalizing security & complianceConnect with Paul:LinkedIn: Paul AsadoorianConnect with Enrique: LinkedIn: Enrique Oti

Listener Question Topic: Protecting your banking apps and information Guest: David Emm, Principal Security Researcher at Kaspersky

Noluthando Mthonti-Mlambo speaks to David Emm, Principal Security Researcher at KasperskySee omnystudio.com/listener for privacy information.

Rich recapped the major IT meltdown.Cameron in Huntington Beach, CA is having issues with YouTube App on his iPhone.Amazon Prime Day 2024 was a success.John Hammond, Principal Security Researcher at Huntress, joins to talk about the major IT outage.Dawn in Tuscon, AZ has a question about connecting to the USB on her computer. Rich says she needs a USB C to A adapter.Chris in Rancho Cucamonga can't connect to WiFi Calling on his work's WiFi network.Redbox is shutting down its DVD kiosks and streaming service.Target is the latest retailer to stop accepting checks. Do you still write them?Leslie in Laguna Beach is having trouble accessing her banking app on her mobile phone.Zac Hall, 9to5Mac Editor-at-Large, joins to talk about iOS 18 Public Beta.Tim in Moorpark is running for President but has an issue with his honey jar labels.Apple has a new HomePod Mini in Midnight color.TinyPod is a way to transform an Apple Watch into a minimalist communication device.Samsung is pausing Galaxy Buds 3 Pro shipments due to a quality control issue.James in Los Angeles is looking for a way to protect his copyrighted photos that he posts online. Rich recommends watermarking with Canva or an app, or uploading to a service like SmugMug that will do it automatically. Also, follow Jefferson Graham at PhotoWalks.Microsoft Designer is a Canva alternative now available for iOS and Android.Debra wonders if she can replace her cable company “landline” with Ooma.Jared Newman of Advisorator joins to talk about his latest cord-cutting guide.College students can get 50% off an HBO Max streaming subscription.Handy website: https://www.siriuserguide.com/Google shows off new Pixel 9 devices a bit early. Get full access to Rich on Tech at richontech.tv/subscribe

In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of John Hammond, Principal Security Researcher at Huntress, tell the story of the MOVEit cyberattack: the biggest data theft of 2023.The MOVEit cyberbreach, was a far-reaching cyber attack that unfolded with significant implications worldwide. The breach initially came to light on June 3, when the Government of Nova Scotia disclosed that approximately 100,000 of its current and former employees had been affected, signaling the severity of the breach's impact.The scope of the breach widened on June 5, as it became apparent that numerous organizations in the United Kingdom had also fallen victim. Among those affected were prominent entities such as the BBC, British Airways, Boots, Aer Lingus, and the payroll service provider Zellis. This phase of the breach underscored its indiscriminate nature, with targets spanning across various sectors.Further developments were reported on June 12, with major organizations like Ernst & Young, Transport for London, and Ofcom announcing their entanglement in the breach. Of particular concern was Ofcom's revelation that personal and confidential information had been compromised, highlighting the breach's capacity to infiltrate and extract sensitive data.The United States felt the breach's ramifications by June 15, with reports confirming that the Department of Energy, among other federal entities, was impacted by the MOVEit vulnerability. The breach's reach extended further on June 16, affecting state-level organizations such as the Louisiana Office of Motor Vehicles and Oregon Driver and Motor Vehicle Services, thereby impacting millions of American residents.By October 25, 2023, a report from the cybersecurity firm Emsisoft indicated that the MOVEit cyberbreach had affected over 2,500 organizations globally, with a significant 80% of these being based in the United States. This breach highlights the critical vulnerabilities within digital infrastructures and underscores the urgent need for enhanced security measures to protect against such widespread cyber threats.This story was written by the talented Nathaniel Nelson and produced by the team at LimaCharlie.And a special thank you to John Hammond, Principal Security researcher at Huntress, for sharing his expertise and experienceIf you have any feedback or ideas for future topics or guests, please send an email to defenders@limacharlie.io.

In this year-end Trust Issues podcast episode, host David Puner takes listeners on a retrospective jaunt through some of the show's 2023 highlights. The episode features insightful snippets from various cybersecurity experts and thought leaders, each discussing crucial aspects of the ever-evolving cyber landscape. From discussions on the dynamic nature of threat actors and the need for agile security approaches to insights on identity security challenges in the cloud and the intricacies of safeguarding data, the episode encapsulates a wealth of knowledge shared by industry professionals. With diverse perspectives on generative AI, risk management, cloud security, DevSecOps – and even a personal bear wrestling story – Trust Issues' 2023 cannon delivers an engaging compilation for both cybersecurity enthusiasts and industry practitioners. As the podcast looks back on the year's diverse lineup of guests, it serves as a valuable resource for anyone seeking to stay informed about the latest cybersecurity trends, strategies and challenges. The episode emphasizes the importance of adapting to the rapidly changing threat landscape, adopting innovative security practices and fostering collaboration to address the multifaceted nature of cyber risks in the modern digital era. Clips featured in this episode from the following guests:Eran Shimony, Principal Security Researcher, CyberArk LabsAndy Thompson, Offensive Security Research Evangelist, CyberArk LabsEric O'Neill, Former FBI Counterintelligence Operative & Current National Security Strategist Shay Nahari, VP of Red Team Services, CyberArkDiana Kelley, CISO, Protect AI Len Noe, Technical Evangelist, White Hat Hacker & Biohacker, CyberArkTheresa Payton, Former White House CIO, Founder & CEO of Fortalice SolutionsLarry Lidz, VP & CISO, Cisco CX CloudMatt Cohen, CEO, CyberArkCharles Chu, GM of Cloud Security, CyberArkBrad Jones, CISO & VP of Information Security, Seagate TechnologyDusty Anderson, Managing Director, Global Digital Identity, ProtivitiPhilip Wylie, Offensive Security Professional, Evangelist & Ethical Hacker

 Here are some relevant links from the conversation:     JBO on LinkedIn JBO on X DEFCON talk by JBO

On this episode of The Cybersecurity Defenders Podcast, we chat with John Hammond, Principal Security Researcher at Huntress, about security research.John Hammond is a cybersecurity researcher, educator and content creator. As part of the Threat Operations team at Huntress, John spends his days making hackers earn their access and helping tell the story. Previously, as a Department of Defense Cyber Training Academy instructor, he taught the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He has developed training material and information security challenges for events such as PicoCTF and competitions at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the US Naval Academy, and other online events including the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality showcasing programming tutorials, CTF video walkthroughs and other cyber security content. John currently holds the following certifications: Security+, CEH, LFS, eJPT, eCPPT, PNPT, PCAP, OSWP, OSCP, OSCE, OSWE, OSEP, and OSED (OSCE(3)).The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

Even if you've been living under a super-sized rock for the last few months, you've probably heard of ChatGPT. It's an AI-powered chatbot and it's impressive. It's performing better on exams than MBA students. It can debug code and write software. It can write social media posts and emails. Users around the globe are clearly finding it compelling. And the repercussions – good and bad – have the potential to be monumental. That's where today's guest Eran Shimony, Principal Security Researcher for CyberArk Labs, comes into the picture. In fact, in an effort to stay ahead of the bad guys, Eran recently had ChatGPT create polymorphic malware. In conversation with host David Puner, he helps us understand if we are collectively prepared to deal with ChatGPT and the implications it may have for cyber threats.  How'd did he get ChatGPT to do this and what are the implications? Listen in to find out. If you find this episode interesting, be sure to check out Eran's recent blog post on the CyberArk Threat Research blog: https://www.cyberark.com/chatgpt-blog 

In this episode of Phishy Business, we take a look at bots. Listen in to learn more about what bots are, and what they do. Also, learn what can make them good…and what can make them bad. It would seem the answer lies within the intent of the person deploying them. Our special guests are Cyril Noel-Tagoe, Principal Security Researcher at Netacea, and our own Dr. Kiri Addison, Senior Product Manager at Mimecast. Cyril works to understand automated attacks to discover their aim and how to stop them; Kiri is a senior product manager and all-around cybersecurity expert who has a good amount of experience discovering and combatting malicious bots. In ‘Shining a Light on Bots: The Good and the Bad', we discuss: Some examples of good and bad bots, and how they can be used and misused. How bad bots are responsible for as much as 3% of revenue loss. That bots can be used in all kinds of cyberattacks, including phishing, and DDoS attacks. How bots can skew website metrics, which can falsify entire marketing campaigns. That bots are also used to automate tasks for cybercriminals such as validating credentials. The fact that Marketing and IT teams should work together to understand the problem of malicious bots and discover how to best combat them. The ways bots can also be used defensively, against cyberattacks. How the fact remains: If the promises of a product or service sound too good to be true, they probably are. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it's social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast's very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

Company security is not only the job of the network security engineers. Yes, they need training and certifications continually through Inforsec Skills, but Keatron Evans, Principal Security Researcher at Infosec Institute highlights to Don Witt of The Channel Daily News, a TR publication, that it is the job of every company employee. Company attacks are made at every level in a company. Whether it is email, the browser, the unauthorized application access, the endpoint, or the network itself, all the employees need to be knowledgeable security sentries for the company – check out Inforsec IQ. Keatron Evans The supply chain is a totally neglected asset of the company. Keatron goes into great detail about the supply chain and how the company is totally exposed unless certain steps are taken to protect the company. Knowing and securing your supply chain is mandatory to completely secure your company and its data. In order to understand some of the basic supply chain issues and why it is so important, listen in to Keatron providing some of the important facts and details. About: Infosec is a leading cybersecurity education company helping IT and security professionals advance their careers and empowering employees to be cyber safe at work and home. Its mission is to equip individuals and organizations with the knowledge and skills to confidently outsmart cybercrime. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent and teams, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness and phishing training. Follow Infosec on LinkedIn, Twitter, Facebook, Instagram and Infosec's Resources Blog for the latest news, or visit infosecinstitute.com for more information. For more information, go to: https://www.infosecinstitute.com/

On this episode we discuss encrypted DNS, DNS over https, Russia Cyber Warfare, Lapsus$ Group and more. Peter Lowe is the Principal Security Researcher at DNSFilter. Peter has worked in primarily Internet focused roles throughout his career, in positions that include technical support, system administration, web development, and as Technical Director of a small company. Security has always been a passion. This episode is also available on YouTube: https://www.youtube.com/watch?v=2S5msHMEmS4 Peter Lowe https://www.linkedin.com/in/peterlowe/ https://www.dnsfilter.com/ Brian J. Weiss https://www.linkedin.com/in/brianjweiss/ https://www.itech-solutions.com/ Shiva Maharaj https://www.linkedin.com/in/shivamaharaj https://twitter.com/kontinuummsp https://www.kontinuum.com/ --- Support this podcast: https://anchor.fm/amplifiedandintensified/support

Infosec's Principal Security Researcher, instructor and cybersecurity renaissance man Keatron Evans returns to the show for the first in a series of once-quarterly episodes breaking down big stories in the news and cybersecurity trends for the future! We talk Solarwinds, Colonial Access Pipeline, Oldsmar, Keatron's origin story and why, just like practicing your scales makes you a better musician, master pentesters and security pros got where they did by mastering the art of repetition in learning. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro 2:30 - How did you get into cybersecurity? 4:00 - What skills did you have early on? 6:10 - First interaction with Infosec10:34 - Work as a principal security researcher13:20 - Machine learning in cybersecurity 14:14 - Infosec classes17:28 - Equity in cybersecurity 20:25 - You don't need a technical background21:36 - Major security breaches of 202122:15 - SolarWinds breach24:56 - What job roles help stop these breaches?27:50 - Water treatment plant breach31:42 - Infrastructure security 34:30 - President Biden and cybersecurity39:22 - Supply chain security 43:20 - Security trends for 202249:00 - Projects to keep an eye on50:52 - Learn more about Evans51:44 - Outro

Microsoft works around the clock to protect their customers, no matter what product they're using, Microsoft or otherwise. In some instances Microsoft teams up with other companies, creating an all-star cybersecurity team, to handle newly discovered vulnerabilities. It helps everyone stay more secure, and of course, that's the ultimate goal, right?     In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are re-joined by Jonathan Bar Or, Principal Security Researcher at Microsoft. Jonathan discusses the recently discovered vulnerability that could let attackers bypass System Integrity Protection (SIP) in macOS, why he believes in investing in cross-platform protection, and the importance of collaboration between security researchers, software vendors, and the larger security community.     In This Episode You Will Learn:  What is System Integrity Protection (SIP)  How attackers can bypass SIP  How attackers can use the Shrootless vulnerability    Some Questions We Ask:  How did you find the Shrootless vulnerability?  How do you decide what products to assess?  How does the process of submitting a vulnerability to Apple work?     Resources:    Microsoft finds new macOS vulnerability - Shrootless  View Jonathan Bar Or on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn     Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson       Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

In this episode our guest, David Emm, Principal Security Researcher at Kaspersky, discusses supply chain cybersecurity. David takes us through some very high profile and damaging attacks and explains how the attackers have both the intent and the ability to exploit vulnerabilities in the supply chain. Key discussion points include: What it means when we talk about cybersecurity risks in supply chains What high profile attacks have taken place Why these attacks are committed  The impact COVID-19 has had on cybersecurity The actions individuals and business can take to prevent these attacks

ZDNet Security Update: Danny Palmer talks to Principal Security Researcher at Kaspersky about how employees returning to offices after a year of remote work means having to reassess cyber threats. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber security is proving to be a major challenge with remote working becoming a reality ever since the pandemic began.  Vulnerability to cyber attacks has increased since home workers no longer have access to firewalls and blacklisted IP addresses that office networks provided. In this episode, Nandgopal Rajan speaks to Paul Ducklin, Principal Security Researcher […]

This week, we welcome back Harry Sverdlove, Founder and CTO of Edgewise, and Dan Perkins, Principal Product Manager at ZScaler, to talk about Protecting Critical Infrastructure and Workloads In Hybrid Clouds! In our second segment, it's the Security News! We'll be talking about how New Microsoft Defender ATP Capability Blocks Malicious Behaviors, Voice Phishers Targeting Corporate VPNs, IBM finds vulnerability in IoT chips present in billions of devices, Marriott faces London lawsuit over vast data breach, US firm accused of secretly installing location tracking SDK in mobile apps, and Disrupting a power grid with cheap equipment hidden in a coffee cup! In our final segment, we air two pre recorded interviews from Security Weekly's Virtual Hacker Summer Camp, with Corey Thuen, Co-Founder of Gravwell, and Deral Heiland, Principal Security Researcher for IoT at Rapid7!   Show Notes: https://wiki.securityweekly.com/psw663 Visit https://securityweekly.com/edgewise to learn more about them! To learn more, visit: https://www.gravwell.io/summercamp2020 Visit https://securityweekly.com/rapid7 to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome back Harry Sverdlove, Founder and CTO of Edgewise, and Dan Perkins, Principal Product Manager at ZScaler, to talk about Protecting Critical Infrastructure and Workloads In Hybrid Clouds! In our second segment, it's the Security News! We'll be talking about how New Microsoft Defender ATP Capability Blocks Malicious Behaviors, Voice Phishers Targeting Corporate VPNs, IBM finds vulnerability in IoT chips present in billions of devices, Marriott faces London lawsuit over vast data breach, US firm accused of secretly installing location tracking SDK in mobile apps, and Disrupting a power grid with cheap equipment hidden in a coffee cup! In our final segment, we air two pre recorded interviews from Security Weekly's Virtual Hacker Summer Camp, with Corey Thuen, Co-Founder of Gravwell, and Deral Heiland, Principal Security Researcher for IoT at Rapid7!   Show Notes: https://wiki.securityweekly.com/psw663 Visit https://securityweekly.com/edgewise to learn more about them! To learn more, visit: https://www.gravwell.io/summercamp2020 Visit https://securityweekly.com/rapid7 to learn more about them!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Principal Security Researcher at Recorded Future’s Insikt Group, Juan Andrés Guerrero-Saade (juanandres_gs), explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don’t have to be “sophisticated” to launch successful attacks.   https://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3

It's the holidays and everyone's on vacation – but the Internet never rests and neither do the bad guys in cybersecurity. So, for this holiday special, we figured we'll air an interesting interview we did a few weeks back with Amit Serper, Principal Security Researcher at Cybereason, NotPetya vaccinator, and former cyber warrior for the […] The post Amit Serper Interview- Holiday Special Episode appeared first on Malicious Life.Advertising Inquiries: https://redcircle.com/brands

It’s the holidays and everyone’s on vacation – but the Internet never rests and neither do the bad guys in cybersecurity. So, for this holiday special, we figured we’ll air an interesting interview we did a few weeks back with Amit Serper, Principal Security Researcher at Cybereason, NotPetya vaccinator, and former cyber warrior for the […] The post Amit Serper Interview- Holiday Special Episode appeared first on Malicious Life.

This week Memoori spoke with prominent cyber security expert David Emm, Principal Security Researcher with Kaspersky Labs' Global Research & Analysis Team.

This week Memoori spoke with prominent cyber security expert David Emm, Principal Security Researcher with Kaspersky Labs' Global Research & Analysis Team.

This week Memoori spoke with prominent cyber security expert David Emm, Principal Security Researcher with Kaspersky Labs' Global Research & Analysis Team.

Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/Drapeau-Dukes/DEFCON-22-Drapeau-Dukes-Steganography-in-Commonly-Used-HF-Radio-Protocols-UPDATED.pdf Additional Extra Materials are available here: https://defcon.org/images/defcon-22/dc-22-presentations/Drapeau-Dukes/Paul%20Drapeau%20and%20Brent%20Dukes%20-%20Extras.zip Steganography in Commonly Used HF Radio Protocols Paul Drapeau PRINCIPAL SECURITY RESEARCHER, CONFER TECHNOLOGIES INC. Brent Dukes Imagine having the capability to covertly send messages to an individual or a larger audience, without the need for large centralized infrastructure where your message could be observed, intercepted, or tampered with by oppressive governments or other third parties. We will discuss the opportunities and challenges with steganography implementations in widely used amateur radio digital modes, and present a proof of concept implementation of hiding messages within innocuous transmissions using the JT65 protocol. This technique could theoretically be used to implement a low cost, low infrastructure, covert, world wide short message broadcasting or point to point protocol. No messages in codes or ciphers intended to obscure the meaning thereof were actually transmitted over the amateur bands during the creation of this talk. Paul Drapeau is currently the Principal Security Researcher for Confer Technologies Inc. He has held senior level IT security roles and consulted on information security topics for various organizations for over 15 years. Paul has a bachelor's degree in computer science from the University of Rhode Island and has been licensed as an amateur radio operator since 1986. Brent Dukes has a decade of experience working in software and systems engineering roles. He spends his nights tied to various hardware hacking projects sitting in pieces all over his lab, and participating in CTFs. His idea of fun is reverse engineering and modifying toys and consumer electronics for the purposes of good. Brent has been a licensed amateur radio operator since 2006. Paul Drapeau - Twitter: @pdogg77 Brent Dukes - Twitter: @TheDukeZip

Masquerade: How a Helpful Man-in-the-Middle Can Help You Evade Monitoring. Ryan Lackey Founder, CryptoSeal, Inc. Marc Rogers Principal Security Researcher, Lookout The Grugq Information Security Researcher Sometimes, hiding the existence of a communication is as important as hiding the contents of that communication. While simple network tunneling such as Tor or a VPN can keep the contents of communications confidential, under active network monitoring or a restrictive IDS such tunnels are red flags which can subject the user to extreme scrutiny.Format-Transforming Encryption (FTE) can be used to tunnel traffic within otherwise innocuous protocols, keeping both the contents and existence of the sensitive traffic hidden. However, more advanced automated intrusion detection, or moderately sophisticated manual inspection, raise other red flags when a host reporting to be a laser printer starts browsing the web or opening IM sessions, or when a machine which appears to be a Mac laptop sends network traffic using Windows-specific network settings. We present Masquerade: a system which combines FTE and host OS profile selection to allow the user to emulate a user-selected operating system and application-set in network traffic and settings, evading both automated detection and frustrating after-the-fact analysis. Ryan Lackey, Founder of CryptoSeal, founded HavenCo, the world’s first offshore datahaven, and has worked as a defense contractor in Iraq and Afghanistan, at various technology startups, and is currently working on a secure hardware-based router for business travelers. Marc Rogers is an English hacker, Director of SecOps for DEF CON, and works as Principal Security Researcher for Lookout. The Grugq is a pioneering information security researcher with over a decade of professional experience. He has worked extensively with digital forensic analysis, binary reverse engineering, rootkits, Voice over IP, telecommunications and financial security. The Grugq's professional career has included Fortune 100 companies, leading information security firms and innovative start-ups. Claims to fame: - pioneered anti-forensics - developed "userland exec" - released voip attack software - decade of experience in infosec - long term liaison w/ digital underground - described as "extremely handsome" [by his mom] - 1992 sussex County 3-legged race, 2nd place The Grugq has spoken at dozens of conferences over the last 7 years; provided expert training courses to .gov, .mil, police and businesses; domain expertise on forensics, voip, telecommunications and financial systems.