Podcasts about secureworld

In this conversation, the host Chris Glanden engages withguests Charlie Northrup and Keenan Hale to discuss advancements in AI, particularly focusing on large language models and their limitations. They explore the concept of Delta K, which refers to the transformation of knowledge, and how it relates to the predictive capabilities of AI. Thediscussion also delves into thin calculus and the category theory of things, emphasizing the need for an external truth to build sound mathematical systems. In this conversation, the speakers delve into the concepts of agentic calculusand Delta K, exploring their implications for artificial general intelligence (AGI) and the future of the economy. They discuss the observer-dependent nature of reality and how different perspectives can lead to varied interpretations ofthe same phenomena. The conversation also touches on the potential of the agentic economy to revolutionize ownership and economic dynamics, as well as the philosophical implications of waveform collapse in quantum mechanics.Overall, the discussion highlights the need for a new understanding of cognitive processing and the role of agents in shaping future interactions and economies. TIMESTAMPS:00:00 - Introduction to the Guests and Their Expertise02:16 - Recent Developments in AI and Technology04:50 - Understanding Large Language Models10:53 - Delta K and Its Limitations16:24 - Thin Calculus and the Category Theory of Things19:19 - Understanding Agentic Calculus22:27 - Delta K and Its Implications for AGI28:59 - Cognitive Processing and States of Being36:09 - The Agentic Economy: A New Paradigm40:25 - Waveform Collapse and Delta K43:20 The Future of Agentic Interactions SYMLINKS:[LinkedIn - Charlie Northrup] - https://www.linkedin.com/in/charlie-northrup-1b73b051Charlie Northrup is a technology innovator at Neewer Sciences, contributing pioneering research in agentic AI systems, thing calculus, and distributed digital ecosystems. He shares updates and insights about his work on LinkedIn.[LinkedIn - Keenan Hale] - https://www.linkedin.com/in/keenandewayne/Keenan Hale is recognized for his interdisciplinary contributions bridging theoretical mathematics and cryptographic systems. He connects with others inthe AI and cryptography communities through LinkedIn and shares research updates and discussions.[LinkedIn - Mike Elkins] - https://www.linkedin.com/in/elkinsmike/Mike Elkins is the Chief Human and Information Security Officer at Banffist, actively involved in discussions about cybersecurity, digital transformation, and AI-driven enterprise operations. He also speaks at major conferences like BlackHat, RSA, and SecureWorld.

How can you get high levels of buy-in for a cybersecurity program at the state level? Let's find out with our guest Michael Gregg, the CISO of North Dakota. Your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. LinkedIn profile -- https://www.linkedin.com/in/michaelgregg01/ SecureWorld -- https://www.secureworld.io/events

Recorded LIVE: The Bare Knuckles and Brass Tacks closing keynote at SecureWorld Denver!Titled, "Radical Transparency," George K and George A took on the holy trinity in cyber: people, process, and technology. For each part they break down where we need radical transparency to build trust, on both the buying and selling sides of the industry.They also ask something new of the audience...

Cybersecurity and technology conferences come in all shapes and sizes. Some of them like RSA are massive and bring people together from all over the world and others are hyper-local and focused. Both are great ways to learn and grow in your career and network with others. Join us on February 27th as we chat with special guest, Drew Todd, Content & Business Strategist with SecureWorld. Drew pulls together industry experts for conferences all over the country to speak at his events. He understands what people are wanting to hear and how to connect those relationships. If you have been on the fence about attending events be sure to tune into this episode!

Have you heard of a regional cybersecurity conference in the US called SecureWorld? We really like it. So we invited Brad Graver, who's the president of SecureWorld, to tell us what makes them different from all the other conferences we could go to. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

This is a special episode. On September 19th Alex and Robb participated in the closing keynote at SecureWorld Denver. This panel was recorded and is being shared here, for you to enjoy, share and mock. Have fun! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com Upcoming Events: This Week and Next: ISA Automation and Leadership Conference - 10/4-6 ISACA Denver - ISACA CommunIty Day 2023 : Denver Parks: Preparing Wash Park for Fall/Winter - 10/7 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

SESSION TITLE: CISOs Riff on the Latest in CybersecurityRECORDED: 4/19/23LOCATION: Valley Forge Casino and Event CenterGUESTS: David Lingenfelter (VP, Information Security, PENN Entertainment), Krista Arndt (CISO, United Musculoskeletal Partners) and Bistra Lutz (Director of Global Information Security Operations, Crown Holdings)CONNECT WITH USBecome a SponsorSupport us on PatreonFollow us on LinkedInTweet us at @BarCodeSecurityEmail us at info@barcodesecurity.com

Blake Penn, CISO at Colgate University, speaks with the Cybercrime Magazine media crew at the 4th annual SecureWorld New York Conference, where he was highlighted as one of the featured presenters. For 20 years, SecureWorld has been tackling global cybersecurity issues and sharing critical knowledge and tools needed to protect against ever-evolving threats. To learn more, visit https://secureworld.io

Kristen Spaeth, Senior Investigator of Global Intelligence at Coinbase, spoke with the Cybercrime Magazine media crew at the 4th annual SecureWorld New York Conference, where she was highlighted as one of the featured presenters. For 20 years, SecureWorld has been tackling global cybersecurity issues and sharing critical knowledge and tools needed to protect against ever-evolving threats. To learn more, visit https://secureworld.io

Latest news, interviews, podcasts, reports, videos, and special productions from Cybercrime Magazine, published by Cybersecurity Ventures. For more on cybersecurity, visit us at https://cybersecurityventures.com

For 20 years, SecureWorld has been tackling global cybersecurity issues and sharing critical knowledge and tools needed to protect against ever-evolving threats. Through our network of industry experts, thought leaders, practitioners, and solution providers, we collaborate to produce leading-edge, relevant content. To learn more, visit https://secureworld.io

George Finney, CSO at Southern Methodist University; Author of Well Aware: Master The Nine Cybersecurity Habits to Protect Your Future George Finney is the Chief Security Officer (CSO) and Director of Digital Interests for Southern Methodist University. George works in a variety of areas at SMU including facilitating IT Security and Compliance, increasing Regulatory Awareness, streamlining the IT Contracts process, as well as advocacy for Open Source software and processes. George joined SMU in March of 2003 as a Network Engineer and worked on several major university IT initiatives, including evaluating Intrusion Detection Systems, implementing network-based packet capture devices and implementing and supporting Network Admission Control. He has developed and matured cybersecurity programs and is an expert in policy, awareness, compliance, operational management and the complex legal issues surrounding security with a talent for building partnerships. Prior to joining SMU, George worked in the telecommunications industry for several years on Voice Over IP projects, Data Security Consulting, and in Network Operations. In May of 2008, George completed his Juris Doctorate at Southern Methodist University's Dedman School of Law and is licensed to practice law in Texas. George was recognized by Security Magazine as one of their top cybersecurity leaders in 2018 and is part of the Texas CISO Council, is a member of the Board of Directors for the Palo Alto Networks FUEL User Group, and is an Advisory Board Member for SecureWorld. He holds a Juris Doctorate from Southern Methodist University and a Bachelor of Arts from St. John's College and as well as multiple cybersecurity certifications including the CISSP, CISM, and CIPP. George is a frequent speaker, and author of Well Aware: Master The Nine Cybersecurity Habits to Protect Your Future and No More Magic Wands: Transformative Cybersecurity Change for Everyone. George earned a bachelor of arts degree in liberal arts in 1999 from St. John's College in Santa Fe. He spends most of his spare time cycling, writing novels, and working on short film projects. Highlights: 0:00 - Introductions and Backgrounds George was a liberal arts major in college, studying philosophy and literature. He wanted to be a stockbroker in college. 3:00 – First Job at GTE in IT & Networking - Security Just Came as a Natural Part of it “I jumped to start up - switched gears from networking to system administration. Inherited an environment that was always locked down. I taught myself security by studying how the previous admin had hardened all of our servers. From there it just ballooned out of control. Then I went to Law School.” 4:00 – Putting Yourself out there While Managing Privacy Writing his book (Well Aware)! 5:10 - "Little ironic that I'm so focused on people, because when you write a book, you have to go into a cave and isolate yourself from other human beings for an excessive amount of time." ..."I was inspired to write the book... wanted to build a bridge with non-security folks, but who we rely on to be successful in our cybersecurity programs." "Security Should Start to Get Easy - People Should Want to Work with Us and Help Empower Our Projects because it's Going to Help Not Just their Company, but it Will Accelerate Everyone's Career" 11:45 - "To get the security jobs, if you can demonstrate that you have worked on security projects, supported those things, this will set people apart. It's a personal part of every person's career trajectory." 20:00 - The Pepsi Challenge "Back in the 80's Pepsi tried to compete with Coke and had free sample stations in store. It didn't work; Coke is still the leader - why? Because a 30 second commercial doesn't work - it doesn't change behaviors." ... "gamification works for some people - you have to meet people where they are." 33:00 - There are Many Barriers to be Broken Down "Understand an organization well

Business Email Compromise (BEC) remains rampant, with annual losses in the billions of dollars. Every type of organization is at risk. During this episode, we discuss key things your organization and people should know about this cybercrime, plus the most effective way to respond in hopes of recovering some of the losses. Our two guests are with the United States Secret Service: •  Stephen Dougherty, Financial Fraud Investigator, Global Investigative Operations Center •  Michael Johns, Assistant Special Agent in Charge Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Check out their cyber mercenary report (very in-depth) below. Resource Links: •  New Trend Micro report, "Void Balaur: Tracking a Cybermercenary's Activities": https://documents.trendmicro.com/assets/white_papers/wp-void-balaur-tracking-a-cybermercenarys-activities.pdf •  Stephen Dougherty on LinkedIn: https://www.linkedin.com/in/doughertysteve •  SecureWorld conferences: https://www.secureworld.io/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

What is a cyber mercenary group and who are they attacking through cyberspace? In this episode, Feike Hacquebord, Sr. Threat Researcher at Trend Micro, reveals extensive details of a cyber mercenary group he has been tracking for more than a year, which he calls Void Balaur. "They target a lot of doctors… they are sending phishing emails to target senior engineers working for phone companies, they are targeting banks, as well. And all of these targets have one thing in common: they have a lot of personal data on people," Hacquebord says. The group is also going after activists, political leaders, and journalists. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Also, check out the cyber mercenary report (very in-depth) below. Resource Links: •  New Trend Micro report, "Void Balaur: Tracking a Cybermercenary's Activities": https://documents.trendmicro.com/assets/white_papers/wp-void-balaur-tracking-a-cybermercenarys-activities.pdf •  Trend Micro Sr. Threat Researcher Feike Hacquebord: https://www.linkedin.com/in/feike-hacquebord-33902b5/ •  SecureWorld conferences: https://www.secureworld.io/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

This discussion on the cybersecurity talent pipeline problem is unlike any other you have heard before. And you and your organization could play a part in growing the future of the cybersecurity workforce. We're talking with the founders of the Last Mile Education Fund: •  Rian Walker, Information Security Analyst, Financial Sector •  Sarah Lee, Director, School of Computing Sciences and Computer Engineering, University of Southern Mississippi •  Ruthe Farmer, CEO & Founder, Last Mile Education Fund Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Resource Links: •  Last Mile Education Fund: https://www.lastmile-ed.org •  Trend Micro initiative, Cybersecurity Education for Universities: https://www.trendmicro.com/internet-safety/university •  Trend Micro's "Linux Threat Report 2021": https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations •  SecureWorld conferences: https://www.secureworld.io/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Can brain hacks and cybersecurity habits improve the security posture at your organization? CISO George Finney of Southern Methodist University believes the answer is yes and he makes his case in this episode. Also, here's a big idea: cybersecurity doesn't slow down digital transformation, it speeds it up. Gigamon CTO Shehzad Merchant explains how and looks at Big Data and its underpinning technologies. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Resource Links: •  Take George Finney's cybersecurity personality test: https://wellawaresecurity.com/cyber-personality-test •  Connect with Shehzad Merchant on LinkedIn: https://www.linkedin.com/in/shehzad-merchant-1674b8 •  Trend Micro "Linux Threat Report 2021": https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Andrew "AJ" Jarrett is Applied Cybersecurity Program Manager at the Cyber Readiness Center (CRC) and Texas A&M Engineering Extension Service (TEEX). He's been a wildland firefighter for more than a decade and believes Emergency Response frameworks that save lives can apply to cyber incident response and IT security to help protect organizations. He believes this can help make information security better. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Resource Links: •  Trend Micro's "Linux Threat Report 2021": https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations •  Connect with Andrew Jarrett on LinkedIn: https://www.linkedin.com/in/andrew-jarrett-tx •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Ed Cabrera is the former CISO of the United States Secret Service and current Chief Cybersecurity Officer at Trend Micro. He believes we are at an inflection point in cybersecurity and is cautiously optimistic. During this conversation with SecureWorld, Cabrera also discusses ransomware, cryptocurrency, threat intelligence, cyber insurance, and more. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Resource Links: •  Trend Micro "Vision One": https://www.trendmicro.com/en_us/business.html •  Follow Ed Cabrera on Twitter: https://twitter.com/ed_e_cabrera •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

In this SecureWorld Sessions podcast bonus episode, three Chief Information Security Officers play a game show around modern cyber resilience. What is cyber resiliency, how do you align it with business objectives, and is it possible a unicorn won this battle of the CISOs? Contestants include Ricardo Lafosse, CISO, The Kraft Heinz Company; Michael Boucher, Americas CISO, JLL; and Glenn Kapetansky, Interim CISO, University of Chicago Medical Center, and CSO, Trexin Group. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner and providing new research for this episode. Resource Links: •  Trend Micro report, "Attacks from All Angles: 2021 Midyear Cybersecurity Report": https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/attacks-from-all-angles-2021-midyear-security-roundup •  Ricardo Lafosse on LinkedIn: https://www.linkedin.com/in/ricardolafosse •  Michael Boucher on LinkedIn: https://www.linkedin.com/in/michael-boucher-55771a •  Glenn Kapetansky on LinkedIn: https://www.linkedin.com/in/kapetansky •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Our guest on this episode is Jeremy C. Sheridan, Assistant Director, Office of Investigations, at the United States Secret Service. We discuss the evolution of ransomware in cybercrime, including: advances in technology, cyber insurance, the cryptocurrency challenge, the sophistication of ransomware actors, and much more. Also, thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner and providing new research for this episode. Resource Links: •  Trend Micro report, "A Roadmap to Secure Connected Cars": https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/a-roadmap-to-secure-connected-cars •  Jeremey C. Sheridan, Assistant Director, Office of Investigations, U.S. Secret Service: https://www.linkedin.com/in/jeremysheridan •  United States Secret Service Cyber Investigations page: https://www.secretservice.gov/investigation/cyber •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Princeton University implemented a multi-year program to create a culture of cybersecurity throughout campus. It has already made an impact on the organizational security mindset, including risk reduction, implementing new technologies, broadening security knowledge, and strengthening campus partnerships. In this episode, listen to David Sherry, CISO of Princeton University, and Tara Schaufler, Information Security Awareness and Training Program Manager. They share ideas, inspiration, and lessons learned that can help your organization. Also, thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner and providing new research for this episode. Resource Links: •  Trend Micro report, "A Roadmap to Secure Connected Cars": https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/a-roadmap-to-secure-connected-cars • David Sherry on LinkedIn: https://www.linkedin.com/in/davidsherry/ • Tara Schaufler on LinkedIn: https://www.linkedin.com/in/tarabrelsfordschaufler/ •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

What can organizations, the U.S. government, and everyday citizens do to stop the surge of ransomware and cyber threats hitting us from overseas? In this episode, we hear from retired Air Force Colonel Cedric Leighton. Leighton is a CNN military analyst who held cyber leadership positions while serving in the Air Force and currently runs the Cedric Leighton International Strategies consultancy. He explains the threats and motives of America's top nation-state cyber enemies. Plus, how we're thinking about the ransomware problem in the wrong way. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner and providing new research for this episode. Resource Links: •  Trend Micro report, "Earth Baku Returns," on the APT's new cyber espionage campaign: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/earth-baku-returns •  Col. Cedric Leighton on LinkedIn: https://www.linkedin.com/in/cedricleighton/ •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Are CISOs getting sued? Yes. Investors filed a lawsuit that specifically names the CISO of SolarWinds as a defendant. Is this the beginning of a trend to sue the Chief Information Security Officer after a cyber incident? #InfoSec twitter reacts, and so do the experts on today's podcast: Rebecca Rakoski is co-founder and Managing Partner of XPAN Law Partners, and Glenn Kapetansky is Interim CISO at the University of Chicago Medical School and CSO at Trexin. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner, and for providing new research for this episode after analysis of millions of Linux security events. Resource Links: • SecureWorld News story, "Suing the CISO: SolarWinds Fires Back": https://www.secureworld.io/industry-news/ciso-lawsuit-solarwinds •  Trend Micro's Linux Threat Report 2021 1H: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Vendors such as Datto, Geo Vision, Synology and others leverage and depend on self-registered services for their products. These devices frequently leak critical data or have insecure design, unintentional or even intentional design decisions and application flaws. Through insecure network design and installation practices, they can be easily mapped, discovered and attacked by cyber criminals via insecure vendor, software and integrator practices. For our new blog series Blast Radius, security professionals, researchers and experts deep dive into different attacks and vulnerabilities, explore how they can impact the entire internet ecosystem, and examine what they mean for organizations of all sizes, across all industries. To talk about the emerging properties of self-registration services bundled with devices provided by major manufacturers and the implications of their insecure design, we are joined by Ken Pyle. Ken Pyle is a partner of CYBIR, specializing in exploit development, penetration testing, reverse engineering, and enterprise risk management. As a highly rated and popular lecturer he's presented groundbreaking research at major industry events such as Defcon, ShmooCon, Secureworld, HTCIA International, and others. He's also discovered and published numerous critical software vulnerabilities in products from a wide range of companies that includes Cisco, Dell, Netgear, Sonicwall, HP, Datto, Kaseya, and ManageEngine, earning him multiple Hall of Fame acknowledgements for his work. Ken has been publishing DNS work and vulnerability research privately for a number of years. He began showing some of his work in the web application, DNS and IPv4 space at different cybersecurity conferences, with a focus on fixing sets of problems that had already been deemed unfixable. For our latest installment of Blast Radius, Ken will share a continuation of his work, and will disclose how the entire PKI, non-repudiation and encryption design of entire vendor ecosystems is flawed, and how you can use popular IoT devices and services to de-anonymize anonymity networks and map internal networks via poorly managed cloud security features. Additionally, he'll reveal how he gained arbitrary control of firewall rules across millions of devices and multiple vendors. The emergent properties of dynamic DNS scraping At Defcon 29, I presented a number of new attacks, reconnaissance types, exploits, and emergent properties of Self-Registration Services that come with devices provided by major manufacturers such as Datto. In the lead up to Defcon, I have been publishing quietly on the subject and attempting to pre-empt and alert companies to the exposures. I have been a really big fan of Securitytrails all the way back to DNS Trails. I find the engine and dataset to be simple to carve, highly accurate, and many emergent properties can be easily identified using the site and tools. In this write-up, we're going to discuss the emergent properties of passive, historical dynamic DNS registrations and how these can be easily exploited. Mass mapping/arbitrary control of firewall rules One of the many awesome features of Securitytrails is the ability to quickly and easily search data in weird ways no one has thought of. For example, a search for RFC 1918 addresses via ST will turn up some pretty interesting results: Searching for RFC 1918 addresses, specifically those which MSPs, IT folks, or even your home routers distribute, will allow you to very quickly start identifying internal networks and their firewall rules. You'll notice I've highlighted a few interesting zones, remotewd.com, wd2go.com, duckdns.org, dattolical.net. We'll get back to those. In order for many of these devices to register or maintain a record on the manufacturer's dynamic DNS regime, they must consistently beacon or "check-in" every few minutes. This allows the manufacturer (and you) to find the device easily, track it over network changes, and allow it to update and license i...

In this true cybercrime episode, we uncover the case of an insider threat scheme at an AT&T Wireless call center. Court documents reveal how rogue employees collected approximately $1 million in bribes. Plus, Dr. Larry Ponemon discusses the Insider Threat risk, and John Grimm discusses Insider Threat best practices. Resource Links: •  Trend Micro report, Risks in Telecommunications IT: https://www.trendmicro.com/en_us/research/21/g/risks-in-telecommunications-IT.html •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

Join Mike as he discusses travel safety tips with Tim Roberts and Brent White from https://wehackpeople.com Tim and Brent are Sr. Security Consultants specializing in Covert Entry. They have developed Red Team, Physical Security Assessment, and Social Engineering testing methodologies and have spoken at internationally recognized security conferences including DEFCON, DerbyCon, InfoSec World, NolaCon, SecureWorld, several B-Sides, ISSA International, AIDE at Marshall Univ, Techno Security & Forensics Con, Government information security panels and more.Book your next vacation with Hilton. The preferred hotel Chain of Profiling Evil: https://hilton.ijrn.net/vn4E3LStart your own podcast with Buzzsprout: https://www.buzzsprout.com/?referrer_id=1171763=======================================Profiling Evil B.O.L.O. Newsletter:https://cutt.ly/bolonewslettersignup Order today!Deceived: An Investigative Memoir into the Zion Society Cult https://cutt.ly/zionsocietybookHi there! New to Profiling Evil? If so, here's what you need to know -- We here at Profiling Evil have spent our lives in all facets of law enforcement, so we use this channel to help educate, analyze, and solve, as we cover various cases that are either currently in the media or cases we have been involved with through out our careers. ========================================SHOP MERCH: https://cutt.ly/pemerchandiseSHOP BOOKS: https://cutt.ly/pebookstoreDONATE: https://cutt.ly/pedonateBITCOIN DONATIONS: bc1qk65vcsa3sra884za3e62hkak0mfzjn7cccwfvk========================================Have a tip or a case you would like us to look at? EVIDENCE ROOM SUBMISSIONS https://cutt.ly/pe-evidenceroom========================================Where else you can find us:         INSTAGRAM: https://cutt.ly/peinstagram @profilingevilTWITTER: https://cutt.ly/petwitter @profilingevilFACEBOOK:https://cutt.ly/pefacebook @profilingevilWEBSITE: https://profilingevil.comDISCORD: https://cutt.ly/pediscord========================================PROFILING EVIL COMMUNITY MAP SURVEY: https://cutt.ly/pemapsurveyPROFILING EVIL MAP: https://cutt.ly/pemap (MIDDLE OF THE PAGE)PROFILING EVIL STORYMAPS: https://cutt.ly/pestorymaps========================================BUSINESS INQUIRIES: profilingevil@gmail.com========================================CREATED BY: Mike King https://profilingevil.comPRODUCED BY: CIRCA3 https://circa3.comORIGINAL MUSIC BY: Clifford W King https://cliffordwking.comSupport the show (https://patreon.com/profilingevil) Support the show (https://patreon.com/profilingevil)

In this true cybercrime episode, we interview Myra Rosario-Fuentes, Senior Threat Researcher at Trend Micro, who just completed an in-depth, two-year research project on Dark Web markets, especially those selling exploits that hackers use to take advantage of security holes in networks and devices. How much is a Zero Day exploit worth on the Dark Web? How did COVID-19 impact cybercriminals on the Dark Web? Also, we discuss access-as-a-service on the Dark Web, the latest on ransomware operators and affiliate programs, and more. Resource Links: •  New Trend Micro Report, "The Rise and Fall of the N-day Exploit Market in Cybercriminal Underground": https://newsroom.trendmicro.com/2021-07-13-Nearly-a-Quarter-of-Exploits-Sold-on-Cybercriminal-Underground-Are-More-Than-Three-Years-Old •  Myra Rosario-Fuentes on LinkedIn: https://www.linkedin.com/in/mayra-rosario-fuentes •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

In this true cybercrime podcast episode, we interview Alexander Urbelis, cyber attorney and threat intelligence expert, who uncovered a cyberattack against the World Health Organization at the start of the coronavirus pandemic. Resource Links: •  Trend Micro phishing and ransomware white paper: https://resources.trendmicro.com/rs/945-CXD-062/images/Reduce-Phishing-Ransomware_Trend-Micro.pdf •  Alexander Urbelis on LinkedIn: https://www.linkedin.com/in/alex-urbelis-25aaab1/ •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

In this true cybercrime episode, we interview Cam, who was arrested for hacking when he was 14 years old. One of his focused cyberattacks was against SeaWorld San Diego. Now, he works as a cybersecurity professional. How did he get into cybercrime and then into a role defending against it? It all started with gaming. Resource Links: •  Trend Micro's Close the Gap program: https://www.trendmicro.com/closethegap •  Trend Micro's Zero Day Initiative: https://www.zerodayinitiative.com •  SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

How can we scale up the development of our collective cybersecurity talent pipeline, and what role can you play in this? How can your organization help develop talent? How can your alma mater or current university play a part in this? Hear about a model for this kind of work underway through partnerships at New York University Tandon School of Engineering. Our expert panelists: 1. Geoff Brown, CISO, City of New York, and Head of NYC Cyber Command 2. Liat Krawczyk, Assistant Vice President of the New York City Economic Development Corporation 3. Nasir Memon, Vice Dean at NYU Tandon, and Founder of NYU's Cybersecurity Program 4. Jim Routh, Former CISO at Mass Mutual, Aetna, and other enterprises 5. Joel Caminer, Sr. Director of Cybersecurity Education, NYU Tandon Resource Links: •  Trend Micro special supported SCORE program: https://www.score.org/technology-resources • NYU Tandon Cybersecurity Program: https://cybersecurity-strategy-masters.nyu.edu/landing-page •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

Listen in as U.S. state cybersecurity leaders discuss key topics: •  coming year priority projects •  the ransomware surge and preparing for security incidents •  their organization's security culture and training to deal with issues •  innovative, special projects they are most excited about moving forward Featured presenters on this podcast panel: •  Vinod Brahmapuram, CISO, State of Washington •  Deborah Blyth, CISO, State of Colorado •  Maria Thompson, former Chief Risk Officer, State of North Carolina •  Moderated by Dan Lohrmann, CSO, Security Mentor, and former CSO, State of Michigan Resource Links: •  Trend Micro CISO resource portal: https://www.trendmicro.com/en_us/business/campaigns/art-of-cybersecurity/ciso.html •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

Nancy Rainosek is the Chief Information Security Officer (CISO) for the State of Texas. She knows all about ransomware incident response. Her team played a key role in remediation after a coordinated ransomware attack hit 22 state agencies in Texas in a single day. 1. What was that ransomware day like for Rainosek and her team? 2. Was there a common vulnerability among the attacked agencies? 3. What did Texas learn during the ransomware attack that can help your organization now? Resource Links: •  Trend Micro special report on ransomware: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/modern-ransomwares-double-extortion-tactics-and-how-to-protect-enterprises-against-them • Nancy Rainosek on LinkedIn: https://www.linkedin.com/in/nancy-rainosek-4144893 •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

Josh Jackson is Founder and Executive Director of the AI Association, which advocates for the furtherance of artificial intelligence and automation in the United States. In this wide-ranging discussion about AI, Jackson unpacks the following: 1. How should we define artificial intelligence? 2. Where is the intersection of cybersecurity and AI? 3. What does the AI arms race look like, and what about AI ethics? 4. What if your organization does not have an AI strategy? Resource Links: •  Trend Micro report on ICS Security:  https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/keeping-cyber-risk-under-control-spotting-and-thwarting-ics-threats •  Josh Jackson on LinkedIn:  https://www.linkedin.com/in/joshjacksonco •  SecureWorld virtual conferences:  https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

Shawn Tuma is a nationally known "breach quarterback" or "incident response coach" who walks victimized companies through the fallout of a ransomware attack. In this episode, he discusses the following: 1. What stages do organizations and security teams experience during a ransomware attack? 2. Would making ransomware payments illegal disrupt this cybercrime business model? 3. Is the Colonial Pipeline cyberattack a watershed moment for security? Tuma is Co-Chair of the Cybersecurity & Data Privacy Practice Group at Spencer Fane LLP. Resource Links: •  Trend Micro special report, "What We Know About the DarkSide Ransomware and the US Pipeline Attack": https://www.trendmicro.com/en_us/research/21/e/what-we-know-about-darkside-ransomware-and-the-us-pipeline-attac.html • Shawn Tuma on LinkedIn: https://www.linkedin.com/in/shawnetuma •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events •  SecureWorld webinars, eSummits, and online training: https://www.secureworldexpo.com/resources?cat=remote-sessions The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

Join a CISO panel for a fast-moving discussion around the following questions: 1. The state of cybersecurity: what can we understand from security's rise and the rise of the CISO? 2. What does the business need more of from security teams? And what about from security leaders? 3. Are InfoSec job postings way out of line with reality? 4. What is something you've learned from a mentor or experience? Featuring these thought leaders: •  Britney Hommertzheim, Director, Cyber Operations, Cardinal Health •  Kevin Hardcastle, Associate CISO, Washington University in St. Louis •  Cindi Carter, CISO, IntSights Resource Links: •  MITRE Engenuity ATT&CK Evaluations by Trend Micro. See the results: https://resources.trendmicro.com/MITRE-Attack-Evaluations.html •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

2020 was a "blender" year, during which data privacy and cybersecurity seemingly took a backseat to the other major, pressing health and social issues. As more and more people are getting vaccinated and we reemerge into a world that looks a lot different (i.e. new laws and regulations, new threats, etc.), we need to consider and refocus on the important data privacy and cybersecurity issues facing organizations. In this episode, join Rebecca Rakoski, co-founder of cyber law firm XPAN Law Partners, and Glenn Kapetansky, Chief Security Officer at Trexin Group, as they discuss: the new threat landscape; new privacy and security laws impacting data collection; and best practices for addressing these evolving issues. Resource Links: •  Trend Micro report mentioned in the podcast, "The Nightmares of Patch Management: The Status Quo and Beyond": https://www.trendmicro.com/vinfo/be/security/news/vulnerabilities-and-exploits/the-nightmares-of-patch-management-the-status-quo-and-beyond •  Connect with Glenn Kapetansky on LinkedIn: https://www.linkedin.com/in/kapetansky/ •  Connect with Rebecca Rakoski on LinkedIn: https://www.linkedin.com/in/rebecca-rakoski-esq-1460b116/ •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

Are you "stuck" somewhere along your cybersecurity career path? Are you planning to pursue your InfoSec career goals "someday" down the road? Belinda Enoma has a cybersecurity and privacy background, and she's a Certified Information Privacy Professional (CIPP) in the U.S. She is also a career advice expert and the Founder of Activate & Implement LLC. In this episode, Belinda shares strategies for overcoming career obstacles. She says: "What did you leave on the back burner? Pick it up and launch. There's no time like now. Utilize the gift of now, of today, do what you've got to do, activate what you need to activate. It is imperative that you don't procrastinate." Resource Links: •  Patching best practices and solutions from Trend Micro: https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/the-nightmares-of-patch-management-the-status-quo-and-beyond  •  Connect with Belinda Enoma on LinkedIn: https://www.linkedin.com/in/belindaenoma •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

In this episode, Michael Meyer, Chief Risk Officer and Chief Innovation Officer at MRS BPO, exposes three crucial myths around IAM in cloud, especially a multi-cloud environment. Are you believing the myths that stand in the way of properly implementing IAM (Identity and Access Management) in your cloud environments? Also, today's Trend Micro Top 3 is built around the Trend Micro Cloud One platform. Resource Links: •  How Trend Micro Cloud One works for organizations: https://www.trendmicro.com/en_us/business/products/hybrid-cloud/cloud-one-workload-security.html  •  Connect with Michael Meyer on LinkedIn: https://www.linkedin.com/in/michaelmeyergrcsecurity •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.

In this episode, social engineering professor, entrepreneur, and author Christopher Hadnagy shares social engineering case studies and explains how these attacks are evolving and how you can protect yourself and your end-users. Hadnagy draws from decades of human behavioral research and his time as "Chief Human Hacker" at Social-Engineer, LLC. Resource Links: •  Christopher Hadnagy's author page: https://www.amazon.com/Christopher-Hadnagy/e/B004D1T9F4 •  Trend Micro on the evolution of social engineering attacks: https://www.trendmicro.com/vinfo/us/security/definition/social-engineering/  •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

When an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin tell their story to the SecureWorld audience during a candid interview. They will take us through what happened to them and share what they learned in the process. Resource Links: •  Trend Micro, "15 Years of the Zero Day Initiative": http://bit.ly/TM_ZDI_15 •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

We are asking questions about the SolarWinds data breach fallout. How did the SolarWinds breach impact everything related to legal and compliance? And how does it change the way you should look at Vendor Risk Management? We get answers from Glenn Kapetansky, CSO and Technology Capability Lead, at Trexin Group; and Rebecca Rakoski, Co-Founder and Managing Partner, at XPAN Law Partners, a cybersecurity law firm. Also, don't miss Trend Micro's Incident Response Playbook, available for free download, below. Resource Links: •  Glenn Kapetansky on LinkedIn: https://www.linkedin.com/in/kapetansky •  Rebecca Rakoski on LinkedIn: https://www.linkedin.com/in/rebecca-rakoski-esq-1460b116 •  Trend Micro Incident Response Playbook: https://www.trendmicro.com/vinfo/us/security/news/managed-detection-and-response/cyberattacks-from-the-frontlines-incident-response-playbook-for-beginners •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

"We were not prepared for a SolarWinds type of supply chain attack," says Cedric Leighton, CNN Analyst and U.S. Air Force Colonel (Ret.). In this podcast episode, Leighton examines how wide the impact of the SolarWinds cyberattack might be, possible collateral damage from the attack, and the most likely nation-state behind it all. Plus, Leighton explains the top nation-state cyber threats during 2021. Resource Links: • Cedric Leighton on LinkedIn: https://www.linkedin.com/in/cedricleighton • Trend Micro report, "Turning the Tide: Security Predictions for 2021": https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2021 •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

Long-term predictions are risky, but Rik Ferguson likes to predict things a decade into the future. Rik is Vice President of Security Research at Trend Micro. Building off his Project 2020, Rik is now working on Project 2030. In our interview, we get a glimpse of the future of AI, the future of malware, the future of wearables, the future of ransomware, and more. Also, we discuss implications of the 2020 SolarWinds data breach. If predictions are your thing, do not miss this episode! Resource Links: • Rik Ferguson on LinkedIn: https://www.linkedin.com/in/rikferguson/ • Trend Micro report fact check-Project 2020 in Review (PDF): https://2020.trendmicro.com/wp-content/uploads/2020/10/REP00_Project_2020_Summary_200928US_Web.pdf •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

What does the 2021 cyber law and privacy law landscape look like? Our first guest is attorney Jordan Fischer of Beckage Law. And how can you ensure total data discovery and then manage that big data with security and compliance in mind? Our second guest is Arun Gandhi, Vice President at 1touch.io, which specializes in this area. Also, we have new research from Trend Micro about 2021 cyber threat trends. Resource Links: •  Jordan Fischer on LinkedIn: https://www.linkedin.com/in/jordan-fischer-cipp-e-cipp-us-cipm-706b4147 • Trend Micro report, "Turning the Tide: Security Predictions for 2021": https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2021 • Arun Ghandi on LinkedIn: https://www.linkedin.com/in/arungandhi/ • 1touch.io and the Inventa platform: https://1touch.io/ •  SecureWorld virtual conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

  Science is what you know Philosophy is what you don’t know  -- Bertand Russell   For the things we have to learn before we can do them, we learn by doing them.  -- Aristotle     On this Very Special Episode of InSecurity, Matt Stephenson moderated a chat between SMU CISO George Finney and BlackBerry Global VP of Engineering Rich Thompson. We covered a range of topics, but narrowed the field to the Big Ideas of Habit, Neuroscience & Artificial Intelligence and Behavior & Technology. The notion was to consider how those things influence our approach to Cybersecurity. Dig it…     About George Finney     George Finney (@WellAwareSecure) is the CSO for SMU in Dallas, Texas and is the author of the new book, Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future as well as several others. He is a Chief Information Security Officer that believes that people are the key to solving our cybersecurity challenges. George has worked in Cybersecurity for nearly 20 years and has helped startups, global telecommunications firms, and nonprofits improve their security posture. As a part of his passion for education, George has taught cybersecurity at Southern Methodist University and is the author of several cybersecurity books including No More Magic Wands: Transformative Cybersecurity Change for Everyone. He has been recognized by Security Magazine as one of their top cybersecurity leaders in 2018 and is a part of the Texas CISO Council, is a member of the Board of Directors for the Palo Alto Networks FUEL User Group, and is an Advisory Board member for SecureWorld. George holds a Juris Doctorate from Southern Methodist University and a Bachelor of Arts from St. John’s College and as well as multiple cybersecurity certifications including the CISSP, CISM, and CIPP.     About Rich Thompson       Rich Thompson (@TheRichThompson) is Vice President of Sales Engineering, North America at BlackBerry. He has 25+ years of experience in security. This includes 21 years leading security efforts at the regional and national level in the retail industry, including stops at Big Lots, Toys Я Us, ESPRIT, J Crew… shoutout to 90s fashion. From there, Rich spent 5 years leading Sales Engineering and Professional Services efforts in the enterprise software industry. He has experience in forensics, incident response, electronic discovery, information risk management and governance. Rich joined Cylance in October 2014 in order to help Cylance in the vision of protecting every endpoint under the sun. He also has surprisingly wide-ranging musical tastes.     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts me in front of crowds, cameras, and microphones all over the world. I am the regular host of the InSecurity podcast and video series at events around the globe.   I have spent the last 10 years in the world of Data Protection and Cybersecurity. Since 2016, I have been with Cylance (now BlackBerry) extolling the virtues of Artificial Intelligence and Machine Learning and how, when applied to network security, can wrong-foot the bad guys. Prior to the COVID shutdown, I was on the road over 100 days a year doing live malware demonstrations for audiences from San Diego to DC to London to Abu Dhabi to Singapore to Sydney. One of the funniest things I've ever been a part of was blowing up a live instance of NotPetya 6 hours after the news broke... in Washington DC... directly across the street from FBI HQ... as soon as we activated it a parade of police cars with sirens blaring roared past the building we were in. I'm pretty they weren't there for us, but you never know...   Every week on the InSecurity Podcast, I get to interview interesting people doing interesting things all over the world of cybersecurity and the extended world of hacking. Sometimes, that means hacking elections or the coffee supply chain... other times that means social manipulation or the sovereign wealth fund of a national economy.   InSecurity is about talking with the people who build, manage or wreck the systems that we have put in place to make the world go round...     Can’t get enough of Insecurity? You can find us at Spotify, Apple Podcasts and ThreatVector as well as GooglePlay, Gaana, Himalaya, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

In this episode, we share part of a SecureWorld presentation by Sandy Silk, Director of Information Security Education and Consulting at Harvard University. In her presentation, titled "Hey, InfoSec: Be Part of the Digital Transformation or Be Left Behind!," Silk discusses how security teams need to evolve to deliver the same digital transformation (Dx) value and benefits as other technology and data initiatives within their organizations. Resource Links: •  Trend Micro's Close the Gap initiative: https://www.trendmicro.com/closethegap •  Trend Micro security blog: https://www.trendmicro.com/vinfo/us/security/news •  Sandy Silk on LinkedIn: https://www.linkedin.com/in/sandysilk •  SecureWorld VIRTUAL conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

What does cybersecurity collaboration look like in the digital realm? What about the future of physical events and conferences for the cybersecurity industry? In this episode, we are speaking with conference creator Brad Graver, Vice President of SecureWorld. Brad and his team have overseen more than 120 cybersecurity conferences across North America over the past 19 years, and have experienced the shift from in-person to online events in the wake of COVID-19. Also, we look at new cloud security resources from Trend Micro, our premiere podcast partner. RESOURCE LINKS: •  Trend Micro's Cloud Security and Misconfiguration Paper: https://www.trendmicro.com/vinfo/us/security/news/virtualization-and-cloud/exploring-common-threats-to-cloud-security •  New SecureWorld VIRTUAL conferences: https://www.secureworldexpo.com/events •  SecureWorld Remote Sessions webcast briefings: https://www.secureworldexpo.com/resources?cat=remote-sessions The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

In this episode, we discuss in depth the cybersecurity risks that come from insiders. What does a malicious insider threat look like? How about the accidental insider threat? How can executives become accidental insider threats? And more. Hear insights from these experts:  •  Dr. Larry Ponemon of the Ponemon Institute •  Sudeep Venkatesh, Chief Product Officer, Egress •  John Grim, Head of Research, Development, and Innovation, Verizon Threat Research Advisory Center •  Dr. Chris Pierson, Founder & CEO, BlackCloak Also, Trend Micro shares mitigation techniques for PowerShell-based malware and attacks. Links from the show: •  Trend Micro paper, "Tracking, Detecting, and Thwarting PowerShell-based Malware and Attacks": https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/tracking-detecting-and-thwarting-powershell-based-malware-and-attacks • SecureWorld web conference, "Are We Taking the Insider Threat Seriously Enough?": https://www.secureworldexpo.com/resources/insider-threat-giving-the-attention-it-deserves • Fireside chat with Dr. Larry Ponemon of the Ponemon Institute (podcast): https://www.secureworldexpo.com/resources/larry-ponemon-interview-podcast •  SecureWorld Remote Sessions webcast briefings: https://www.secureworldexpo.com/resources?cat=remote-sessions •  Deep dive web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.

In this episode I dispense from practical security advice that was given by a local business security director. I also review a recent security webinar around cybersecurity, risk and privacy security laws.For more information on the SecureWorld webinar here is the link to the recorded session:https://www.secureworldexpo.com/resources/remote-work-protecting-cyber-privacy-legal-pitfallsA link to the Kid's Food Basket donation page:https://covid-19-emergency-response.everydayhero.com/us/csa-varonis-kidsfoodbasketchallenge Support the show (https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=BPUXUJ8SWLCR6&source=url)

The SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we talk to Austin Rappeport, head of threat defense and blue team member, and Chris Carlis, red team coordinator, both of Zurich Insurance Group. We look at cybersecurity through a blue team versus red team lens and how the two work together on purple team exercises to find security vulnerabilities. Plus, Trend Micro's 2019 annual security roundup report, "The Sprawling Reach of Complex Threats."  RESOURCE LINKS: Trend Micro 2019 Security Roundup Report : https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/the-sprawling-reach-of-complex-threats Chris Carlis: https://events.secureworldexpo.com/speakers/chris-carlis/ Austin Rappeport: https://www.linkedin.com/in/austin-rappeport-067a8161/ SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events

The SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode: InfoSec professionals are frustrated by the amount of time they spend evaluating third-party risk. David Barton of UHY Advisors says this should actually be someone else's job. He explains steps to overcome this cybersecurity frustration. Plus, in our interview with Matt Clapham, Director of Cybersecurity at GE Healthcare, he talks about finding the rarest of the rare in cybersecurity talent and a few easy steps to uncovering potential security team members. Also, Trend Micro's Zero Day Initiative paid out seven figures in bug bounties in 2019. ZDI has an update on how you can add security research as a side hustle. RESOURCE LINKS: Zero Day Initiative 2020 submission advice for security researchers: https://www.zerodayinitiative.com/blog/2020/2/19/submission-advice-for-security-researchers David Barton, UHY Advisors: https://www.linkedin.com/in/david-barton-203148/ Matt Clapham, GE Healthcare: https://www.linkedin.com/in/mattclapham/ SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events NIST on the cybersecurity talent gap: https://www.secureworldexpo.com/industry-news/nist-on-the-cybersecurity-talent-gap-regional-alliances

The SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we're sharing new revelations about how the Equifax data breach happened. From newly unsealed court documents in the US DOJ case, we look at 10 steps Chinese nation-state hackers are accused of taking in the attack. We also interview Graeme Payne who worked for Equifax and was fired after being blamed for human error that led to the breach. What did he learn that can benefit security teams? Also, new Trend Micro research on the Outlaw Hacking Group and Trend Micro's hands-on workshop, “Threat Defense Challenge,” at SecureWorld Philadelphia 2020. RESOURCE LINKS: SecureWorld Philadelphia "Threat Defense Challenge": https://events.secureworldexpo.com/agenda/philadelphia-pa-2020/ Trend Micro "Outlaw Hacking Group" research: https://blog.trendmicro.com/trendlabs-security-intelligence/outlaw-updates-kit-to-kill-older-miner-versions-targets-more-systems/ Bruce Schneier podcast Interview: https://www.secureworldexpo.com/resources/bruce-schneier-market-insecurity-podcast Graeme Payne, formerly of Equifax: https://www.linkedin.com/in/payneg/ 10 Steps Chinese Hackers Allegedly Took in Equifax Breach: https://www.secureworldexpo.com/industry-news/equifax-hacker-indictment-10-fast-facts SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events

In this episode of The SecureWorld Sessions, we're talking with Cedric Leighton, CNN military analyst and retired U.S. Air Force colonel, about the "Big Four" nation-state bad actors and the cyber attacks they are capable of. Also, we cover the top 10 cyber attack methods used by Iran and its hacking groups. RESOURCE LINKS: •  Iran's Top 10 Cyber Attack Methods, Detection, and Mitigation: https://www.secureworldexpo.com/industry-news/10-top-ways-iran-launches-cyber-attacks-how-to-detect-them •  SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events •  SecureWorld web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences

"The SecureWorld Sessions" is a podcast that gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. In this episode, we're talking with Christopher Frenz, AVP of Information Security at Interfaith Medical Center in Brooklyn. He explains the cyber threat landscape for hospitals, discusses a simulated mass malware outbreak, and details the medical center's Zero Trust journey and how it is improving the cybersecurity posture of the organization. Related Resources: Trend Micro Zero Trust blog: https://blog.trendmicro.com/decrypting-what-zero-trust-is-and-what-it-likely-isnt/ Collaborate with your peers; SecureWorld 2020 conference calendar: https://www.secureworldexpo.com/events SecureWorld web conference on Practical Steps to Zero Trust: https://www.secureworldexpo.com/resources/practical-steps-zero-trust-sila

"The SecureWorld Sessions" is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we're talking with Mark Aiello, president of talent placement firm CyberSN. He discusses cybersecurity certifications, finding out what the market is paying for your role, and finding more cybersecurity help. Also, Bluecore CISO Brent Lassi shares how a CISO Stop List can help your career. Here are things security can—and should—stop doing now! RESOURCE LINKS: How Trend Micro helps people get into and stay in cybersecurity careers: https://www.trendmicro.com/en_us/about/diversity-inclusion.html SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events Upcoming web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences

In this episode, we're talking with Mary Haynes, VP of Network Security for Charter Communications; Aleta Jeffress, Chief Information and Digital Officer for the City of Aurora, Colorado; and Cindi Carter, VP and CSO for MedeAnalytics. They share Aha! moments from their careers, as well as the advice they would give their younger selves. Also, we interview Steven Fox, Sr. Manager of Compliance at Workforce Software, who offers tips on managing global teams. RESOURCE LINKS: Trend Micro Doubles Its Investment in Under-Represented Technologists: https://newsroom.trendmicro.com/press-release/alliances/trend-micro-more-doubles-commitment-underrepresented-persons-cybersecurity Hofstede's Cultural Leadership Insights: https://news.hofstede-insights.com/news/national-culture-and-organisational-culture-how-are-they-different SecureWorld 2020 conference calendar: https://www.secureworldexpo.com/events

Individual U.S. states are creating new cybersecurity and privacy laws all the time. Cyber attorney Jordan Fischer explains how to think about this challenge, how to start tackling it, and the legal exposure for companies who ignore it. Also, Trend Micro's 2020 cyberthreat predictions. "The SecureWorld Sessions" is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. RESOURCE LINKS: Trend Micro Cybersecurity Predictions for 2020: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2020 Jordan Fischer and XPAN Law Group: https://xpanlawgroup.com/our-team/ SecureWorld 2020 conference calendar: https://www.secureworldexpo.com/events

Scott Schober, President/CEO of BVS, Author of Cybersecurity is Everybody's Business.A nationally recognized expert, Scott regularly attends conferences including RSA 2018, FutureCon 2019, SecureWorld and Cyber Investing Summit as a keynote speaker and panel expert. His expertise extends to topics including the future of wireless technology, protection from insider threats, susceptibility to cyber breaches, the impact of drones, and distracted driving technology.Topics:FutureCon Launches Next Generation Cybersecurity Conferences In 24 Cities Across N. AmericaHackers demand $14M in Bitcoin to unlock systems for 110 nursing homes across USNew DeathRansom Ransomware Begins to Make a Name for ItselfID RansomwareIowa asked researchers to break into a courthouse, then it arrested them | EngadgetN.J. school district's payroll still down after ransomware attack – nj.com(3) Cybersecurity is Everybody's Business (Official Music Video) – YouTubeHacker's paradise: Louisiana's ransomware disaster far from over | Ars TechnicaCheap kids smartwatch exposes the location of 5,000+ children | ZDNet1.2 Billion Records Found Exposed Online in a Single Server | WIREDFor full show notes, check out ComputerAmerica.com!

'The SecureWorld Sessions' is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. Brian Krebs criticized our podcast guest for the way he connects with hackers. Vinny Troia is a cybersecurity researcher and author of the book "Hunting Cyber Criminals." Troia uses aliases on the Dark Web to communicate with hackers such as Gnostic Players, The Dark Overlord, and NSFW. He explains what motivates them and how they get caught, and shares about the hacker who claims he's smarter than the NSA and CIA! LINKS: • Trend Micro Dark Web Law: https://blog.trendmicro.com/tackling-the-bec-epidemic-in-a-new-partnership-with-interpol/ • Vinny Troia's book: http://bit.ly/hunting_cyber • SecureWorld 2020 conference calendar: https://www.secureworldexpo.com/events

Dale Drew, CSO at Zayo, was our feature interview from the SecureWorld keynote stage this week. News from: Molson Coors, Ping Identity, Coalfire and a little bit more! Brewed from the waters of Lake Michigan? Alex is away, so Robb will play. And Molson Coors will leave town. Colorado will introduce digital state IDs. And Coalfire is seriously not happy with a sheriff in Iowa. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel What the Molson Coors News Really Means for Colorado Colorado now accepting digital versions of state IDs Coalfire - Coalfire CEO Tom McAndrew statement on Iowa Cybersecurity trespass case Job Openings: Ping Identity - GSI Alliances Manager Western Union - Security Architecture and Data Protection Leader Upcoming Events: This Week and Next: CTA - Cyber Resiliency: Is Your Organization Prepared? - 11/6 2019 APEX Awards - 11/6 Splunk 1st Thursdays @ Top Golf - 11/7 CSA Fall Summit - 11/7 SecureSet - Extended Capture the Flag – Beginner and Professional! - 11/9 SecureSet - Hacking 101: Creating a Virtual Lab - 11/12 ISSA Denver - November Chapter Meetings - 11/12-13 ISSA Denver - Workshop: 12 Ways to Hack MFA - 11/13 ISSA-COS - November Mini Seminar - 11/16 Other Notable Upcoming Events RIMS 2020 - 5/3-6 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

The SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. Our featured interview is with Dr. Larry Ponemon, Founder and Chairman of the Ponemon Institute, which does IT and cybersecurity research around the globe. Topics include: AI in security, cost of a data breach, burnout, insider threat, security awareness, and code breaking! LINKS: • Ponemon Institute: https://www.ponemon.org • Free training - SecureWorld web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences • Trend Micro research on the Risks of Open Banking: http://bit.ly/TM_OpenBanking • SecureWorld conference calendar: https://www.secureworldexpo.com/events

The SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. The featured interview is with Brian Gorenc who runs the Zero Day Initiative (ZDI), which is the largest vendor agnostic bug bounty program in the world. Why do white hats hack? How does a newly discovered security vulnerability become a patch? Has the bug bounty concept peaked? And more. Trend Micro is our exclusive podcast partner. LINKS: Zero Day Initiative: https://www.zerodayinitiative.com/ Brian Gorenc @MaliciousInput: https://twitter.com/maliciousinput SecureWorld conference calendar: https://www.secureworldexpo.com/events SecureWord web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences

The SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas to impact your cybersecurity career and help you secure your organization. The featured interview in this episode is with Shawn Tuma, Co-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane, LLP. During the interview, conducted at a SecureWorld conference, we asked Tuma to explain how courts and counsel are defining “reasonable cybersecurity.” Plus, the #1 factor to incident response success and why a national privacy / security policy is needed. We also feature the “Trend Micro Top 3,” where we unpack three top findings from Trend Micro research into IIoT exploits against smart manufacturing. Links: Trend Micro research: Cybersecurity Threats in the Age of Industry 4.0 SecureWorld conference map & calendar Cybersecurity News: SecureWorldExpo.com

In this episode of HACKED we speak with Randy Raw VP of Information Security at Veterans United Home Loans.  Randy Raw is Director of Information Security, serving as the Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has 25 years of experience in both public entities and private industry, having built three Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community and the Central Missouri InfraGard chapter. He has spoken at SecureWorld on many technical topics and this years turns his focus towards helping others move from the technical trenches to a leadership role.  In this episode you will learn: How to make it in the cyber security field Detective hacks that you can use in everyday life How to protect yourself from Hackers The anatomy of hackers, what they look for and who they target Keys to being a great leader How to lead people instead of manage them And lots more…

The SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that can impact your cybersecurity career and help you secure your organization. The featured interview in this episode is with Dawn-Marie Hutchinson, CISO of Pharmaceuticals and R&D at GlaxoSmithKline (GSK). The interview, conducted at a SecureWorld conference following Dawn-Marie's keynote, covers several security topics. How do you define and explain identity centric security? What does it look like when security enables the business as an organization goes through digital transformation? Where are many organizations failing in data governance? And much more. The episode also features the “Trend Micro Top 3,” where we unpack three top findings from Trend Micro research into IoT exploit monetization based on what hackers are doing in IoT hacker forums on the cybercrime underground.  Links related to the episode: Trend Micro research: Uncovering IoT Threats in the Cybercrime Underground (https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-internet-of-things-in-the-cybercrime-underground) SecureWorld conference map & calendar: https://www.secureworldexpo.com/events Cybersecurity insights from our security news website: https://www.secureworldexpo.com/industry-news

The SecureWorld Sessions is a new cybersecurity podcast. This interview with security thought leader and author Bruce Schneier reveals his strong views on the state of cybersecurity. The interview, conducted at a SecureWorld conference between his book signing and keynote, hits on a number of topics. Government and the encryption debate, the need for greater cybersecurity regulation, what he sees as a failed security paradigm (which is something every organization does!), class breaks, IoT, cybersecurity collaboration and more.

The SecureWorld Sessions is a new cybersecurity podcast. This interview with Aflac SVP and Chief Security Officer Tim Callahan reveals a lot of surprising things, including his bomb busting past!  The interview at a SecureWorld conference is like a mini-course in crucial cybersecurity practices. Tim shares insights on the following topics: threat intelligence, the NIST Cybersecurity Framework, security automation, cybersecurity controls, asset management, and communicating security to the business. Plus, he shares a great example of cybersecurity and business enablement.  Links related to the episode: SecureWorld conference map & calendar: https://www.secureworldexpo.com/events Complimentary cybersecurity learning: https://www.secureworldexpo.com/resources?cat=web-conferences Cybersecurity insights from our news site: https://www.secureworldexpo.com/industry-news

The SecureWorld Sessions is a new podcast. In this episode, show host Bruce Sussman interviews SecureWorld Vice President Brad Graver on why the company created the podcast and how it will benefit professionals working in the InfoSec industry.    Links related to the episode: SecureWorld conference map & calendar: https://www.secureworldexpo.com/events Complimentary cybersecurity learning: https://www.secureworldexpo.com/resources?cat=web-conferences Cybersecurity insights from our news site: https://www.secureworldexpo.com/industry-news

This trailer introduces The SecureWorld Sessions cybersecurity podcast and gives you an idea of what you can expect if you subscribe to and listen to each session.   Subscribe to our podcast!  Learn more about SecureWorld: https://www.secureworldexpo.com/

We need to keep up with our education just like everyone else to keep up with cybersecurity tips and trends.  Donna hit some training at SecureWorld and sat in on a 6-hr online seminar offered by Dark Reading. All of that thinking and learning means we have cybersecurity tips and trends to share in this episode.  This is not just for those who worry about HIPAA. More info at HelpMeWithHIPAA.com/212

Elizebeth Smith Friedman was an amazing cryptography expert and codebreaker who changed the course of World War II. She also used her groundbreaking work to bust international smuggling & drug running throughout the world. In this episode we discuss some of the valuable contributions Ms. Friedman made to cybersecurity that, until only recently, were overlooked and unappreciated. • What are the major successes and accomplishments of Elizebeth Friedman? • In what ways would history would have been changed if Elizebeth Friedman had not made her contributions? • What is something surprising about Elizebeth Friedman's life? Tune in to hear the answers to these questions, in addition to learning a whole lot more. And, since March is Women's History Month, what a great time to learn more about this amazing woman and her impact on history!

Bruce Sussman is the Media-Development Director at SecureWorld. Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119

Bruce Sussman is the Media-Development Director at SecureWorld. Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119

This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119 Visit https://www.securityweekly.com/bsw for all the latest episodes! SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting https://secureworldexpo.com and using the code 'SecurityWeekly'.   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events!   Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119 Visit https://www.securityweekly.com/bsw for all the latest episodes! SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting https://secureworldexpo.com and using the code 'SecurityWeekly'!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly

Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years!   Full Show Notes: https://wiki.securityweekly.com/Episode595 To learn more about our sponsor Black Hills Information Security, visit: https://securityweekly.com/bhis To see the SILENTTRINITY code itself on Github, visit: https://github.com/byt3bl33d3r/SILENTTRINITY Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years!   Full Show Notes: https://wiki.securityweekly.com/Episode595 To learn more about our sponsor Black Hills Information Security, visit: https://securityweekly.com/bhis To see the SILENTTRINITY code itself on Github, visit: https://github.com/byt3bl33d3r/SILENTTRINITY Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Mr. Scott N. Schober is the President and CEO of Berkeley Varitronics Systems (BVS), a 45 year-old New Jersey-based privately held company and leading provider of advanced, world-class wireless test and security solutions. Since the beginning of Mr. Schober’s BVS tenure in 1989, the company’s product line of wireless test and security instruments has increased to over 100 products with a core focus on Wi-Fi, Cellular, WiMAX, LTE, IoT and advanced radio devices. As an experienced software engineer, Schober has developed cellular test instruments used for measuring, optimizing and plotting signal coverage, primarily for the initial cellular build-out throughout the United States. Scott’s recent focus has been development (patent pending) of BVS’ cell phone detection tools, used to enforce a ‘no cell phone policy’ in various markets including government, corporate, military, educational, correctional and law enforcement. Thousands of these security tools have been deployed throughout every state in the U.S. and around the world. Mr. Schober is a highly sought after subject expert on the topic of Cybersecurity and wireless technology for media appearances and commentary. He is often seen on ABC News, Bloomberg TV, Al Jazeera America, CBS This Morning News, CGTN America, CNBC, CNN, Fox Business, Fox News, Good Morning America, Inside Edition, MSNBC and many more. His security advice is heard on dozens of radio stations such as National Public Radio, Sirius XM Radio, Bloomberg Radio, and The Peggy Smedley Show. He regularly presents at conferences around the globe discussing wireless technology and its role in the current Cybersecurity breaches along with his vision for best practices to stay safe in the future. Scott has been interviewed in WSJ, Forbes, Fortune, Success, NY Daily News, Newsweek, USA Today, and The New York Times. Scott educates all business around the world about how to prepare for a future of Cybersecurity and corporate espionage, opening their eyes to this ever deepening black hole of liability. He has spoken at SecureWorld, ShowMeCon, GovSec, Counter Terror expo, ISS Americas, Espionage Research International, Connected World, ConstrucTech, IEEE and GSM World Congress as well as many business events. Mr. Schober was a VIP attendee at two Concordia Summits both held in New York and was selected to appear in an interview discussing national security. He is a regular contributor on Huffington Post, Fortune Magazine, and blogs for IBM, SecureWorld, HP’s Business Value Exchange, and TripWire’s State of Security. Contact Scott: Web: https://www.bvsystems.com/ Web: https://scottschober.com/ Email: scott@bvsystems.com Twitter: @ScottBVS Twitter: @HackedAgainBook Twitter: @BVSystems Get FREE 6 week hands on training on Cybersecurity + job placement: https://hackeducate.com/ Contact Avrohom: Web: https://asktheceo.biz Twitter: @avrohomg Instagram: @avrohomg INTERVIEW HIGHLIGHTS: [00:54] The Japanese cryptocurrency firm Tech Bureau Corp said about $60 million in digital currencies were stolen from its exchange, highlighting the industry’s vulnerability despite recent efforts by authorities to make it more secure. What exactly transpired? [01:52] Why do Cryptocurrency exchanges keep on getting hacked? [02:34] How can we, as consumers, protect our cryptocurrency investments? [05:47] Blocksafe Technologies developed products that can protect your digital wallet. [08:12] How can the Cryptocurrency industry restore consumer trust? [11:05] A recent report came out regarding some guy who drove off with a brand new Tesla Model 3, which he stole from Mall of America, by using only his cellphone! I'm not sure which thing to be more concerned about - that he hacked into a car & stole it, or that it was done using a smartphone! What's going on here? [17:20] We need secure OTA Patching for cars!

We're talking about SecureWorld regional Expos and other topics

We're talking about SecureWorld regional Expos and other topics

Secureworld Atlanta just finished up.  Turns out cyber experts do agree about many of the same issues we discuss here.  Two days of discussions amongst CISOs, ISOs, security techies, etc. about what to worry about and what to do for cyber protections.  Yes, there was a lot of really nerdy discussions but the good news is the central themes do not require geek speak to share with you. Learn more at HelpMeWithHIPAA.com/157

This week, Mary Beth Borgwing of Mach37, joins us for an interview! In our second feature interview, Paul speaks with Cybersecurity Journalist Bruce Sussman of SecureWorld! In the news, we have updates from Quickjack, GitHub, the 2018 Olympics, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode549   Visit https://www.securityweekly.com/psw for all the latest episodes!

This week, Mary Beth Borgwing of Mach37, joins us for an interview! In our second feature interview, Paul speaks with Cybersecurity Journalist Bruce Sussman of SecureWorld! In the news, we have updates from Quickjack, GitHub, the 2018 Olympics, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode549   Visit https://www.securityweekly.com/psw for all the latest episodes!

In this episode: Mike Benjamin, VP of Threat Intel and Research at Level 3, is our feature guest this week. News from: Amazon, the City of Denver, Webroot, LogRhythm, CenturyLink, CableLabs, ProtectWise, Red Canary, Swimlane, SecureWorld, and a lot more! Full show notes here: https://www.colorado-security.com/news/2017/10/21/38-1023-mike-benjamin The Amazon bid is in, but do we even want to win? Did you catch our trivia question? Be the first to reply to info@colorado-security.com with the right answer and get any $25 item from the Colorado = Security store. Colorado has submitted their bid for Amazon HQ2 but does Colorado even want it? Some locals are concerned about rising housing costs and additional congestion. The City of Denver won a Cybersecurity Leadership and Innovation Award based on their collaborative work on the integrity of the 2016 election in conjunction the Colorado Secretary of State and Homeland Security. The CEO of CenturyLink plans to stay in Colorado. We also have announcements about a new threat research site from Protectwise, LogRhythm embracing AI, and RedCanary releasing a testing framework for defenders. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. Feature interview: Mike Benjamin, VP of Threat Intel and Research at Level 3, sat down with Robb this week to share his take on the industry. Mike tells his security career story, talks about the threats he sees on the internet, why he moved to Colorado and a lot more. Mike is one of the good guys in the Colorado security scene.  Local security news: Colorado = Security store! Buy things now “Let another city ‘win'”: Some locals are saying no thanks to an Amazon headquarters in Denver No bribes or cities named “Amazon”: Colorado’s pitch to get the next headquarters touts incentives that could exceed $100M We've got company: Denver's bid for Amazon HQ2 is in a big pile Cybersecurity Leadership and Innovation Awards 2017 – Winners Announced The 9 Best Tech Companies in Colorado Louisiana company’s next CEO to stay in Colorado CableLabs Completes Full Duplex DOCSIS Specification Introducing: Protectwise 401TRG Red Canary Introduces Atomic Red Team, a New Testing Framework for Defenders Swimlane Achieves Integration With McAfee® Enterprise Security Manager Through The McAfee Security Innovation Alliance JT Gaietto now Executive Director, Security Services @ Richey May & Co Job Openings: PwC - Cyber Privacy Manager DoD - Counterintelligence Officer EMS Software - Director of Cloud Operations & Security City of Golden - Information Technology Manager Spectrum - Supervisor, Network Security Operations Blackstone Technology Group - Project Manager, Risk Management/Information Security InteliSecure - Data Protection Analyst AppliedTrust - InfoSec Engineer, Boulder Premier Members Credit Union - Info Sec Analyst Great-West - Security Data Science Director Upcoming Events: This Week and Next: SecureSet - Hacking 101 Workshop: NetSec - 10/25 CTA - Talent Series: Protecting Your Company's Trade Secrets and Other Confidential Information - 10/25 ISSA Denver - Oil & Gas Special Interest Group - 10/26 InfraGard - Business Email Compromise (BEC) Workshop - 10/27 SecureSet - Capture the flag - 10/27 SecureWorld Denver - 11/1-2 NCC - Governor's Cyber Symposium - 11/1-3 Other Notable Upcoming Events: CTA - APEX Awards - 11/8 2017 CSA-CO Fall Summit - 11/9 View our events page for a full list of upcoming events If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Materials Available Here: https://media.defcon.org/DEF CON 23/DEF CON 23 presentations/DEFCON-23-Aaron-Grattafiori-Linux-Containers-Future-or-Fantasy-UPDATED.pdf Linux Containers: Future or Fantasy? Aaron Grattafiori Principal Security Consultant, iSEC Partners/NCC Group Containers, a pinnacle of fast and secure deployment or a panacea of false security? In recent years Linux containers have developed from an insecure and loose collection of Linux kernel namespaces to a production-ready OS virtualization stack. In this talk, the audience will first learn the basics of how containers function, understanding namespaces, capabilities and cgroups in order to see how Linux containers and the supporting kernel features can offer an effective application and system sandboxing solution yet to be widely deployed or adopted. Understanding LXC or Docker use, weaknesses and security for PaaS and application sandboxing is only the beginning. Leveraging container technologies is rapidly becoming popular within the modern PaaS and devops world but little has been publicly discussed in terms of actual security risks or guarantees. Understanding prior container vulnerabilities or escapes, and current risks or pitfalls in major public platforms will be explored in this talk. I'll cover methods to harden containers against future attacks and common mistakes to avoid when using systems such as LXC and Docker. This will also include an analysis and discussion of techniques such as Linux kernel hardening, reduced capabilities, Mandatory Access Controls (MAC), the User kernel namespace and seccomp-bpf (syscall filtering); all of which help actually contain containers. The talk will end on some methods for creating minimal, highly-secure containers and end on where containers are going and why they might show up where you least expect them. Aaron Grattafiori (@dyn___) is a Principal Security Consultant and Research Lead with iSEC Partners/NCC Group. A jack-of-all-security, Aaron leads projects dealing with complex system analysis, mobile and web application security to network, protocol, and design reviews to red teams and other hybrid testing. With over nine years of security experience, Aaron utilizes a wide array of technology skills, historical research and security knowledge to consistently discover critical vulnerabilities. Aaron has spoke on a wide range of topics at security conferences such as Blackhat, DEF CON Kids, Toorcon:Seattle+SanDiego, ToorCamp, Source Seattle, EELive! and SecureWorld in addition to being a guest speaker at Stanford University. Prior to working at iSEC Partners, Aaron worked as a Security Consultant for Security Innovation and is a retired long time member of the Neg9 CTF team. This will be Aaron's 12th DEF CON, w00t! Twitter: @dyn___

We went to SecureWorld 2015 and had some great conversations about security, hacking, data privacy, social engineering, DefCon and more... The audio's a little rough in spots.  Sorry about that.  We were experimenting with some new equipment on site for this, as we were doing a live remote for the first time while things were still going on live back at the studio.  Still a ton of great information in here. [soundcloud url="https://api.soundcloud.com/tracks/224715811" params="color=ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false" width="100%" height="166" iframe="true" /]