Podcasts about Security

Today on TruNews, Homeland Security Secretary Alejandro Mayorkas tested positive for Coronavirus this morning. Homeland Security spokeswoman Marsha Espinosa said the cabinet secretary is isolated and working at home. Southwest Airlines backs off on COVID mandates for the company. Rick Wiles issues a passionate plea for pitchforks in response to vaccine tyranny in America. Rick Wiles, Doc Burkhart, Kerry Kinsey. Airdate 10/19/21

PSST! Want to know a secret? You can now securely share 1Password items with anyone! Tune in to learn more about our new secure sharing tool and how it will transform your digital life. We also go behind-the-scenes with Beyer and Nick to discover how they created the browser experience for iOS15 and what the future holds for 1Password in the browser.Plus, it's us vs the memorable password generator for our last ever Three Word Password, and Matt randomly, but memorably, shows off his royal mug collection. Don't say we don't spoil you. ☕️

IT Best Practices: In this second video of the Path to Cloud series Phil Vokins, Cloud Services Director, Intel Americas, is joined by Shachaf Levi, Intel IT Cloud Security Architect and Sridhar Mahankali, Intel IT Principal Engineer, Network Security where they shed light on the biggest concern for companies moving to the cloud – security. […]

Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations. 

As some continue to speculate that COVID came from a lab, we're looking at the scientific research being done on dangerous diseases, whether this work is safe and how it's regulated. Plus in the news: are Covid vaccines messing with menstruation; how subsea cables are affecting crabs; and scientists add plant cells to brains to supply them with oxygen. Like this podcast? Please help us by supporting the Naked Scientists

It's a record there is no medal for - 94 new cases of Covid Delta in the community. Eighty-seven of those are in Auckland and seven in Waikato. It is the highest daily case count the country has recorded since Covid landed in New Zealand. The previous record was 89 in April last year. Another number that this concerning health officials is 183 - that's the number of unlinked cases in the past 14 days. More than 45 percent of people infected during that fortnight are Māori. And confirmation today Covid has spread to Waiheke - the first ever case there. Here's our political editor, Jane Patterson

Photo:  Illustration of a light-water small modular nuclear reactor (SMR)  Small Modular Reactors for Tomorrow. Mike Hewitt CEO IP3 Security https://www.ft.com/content/e504b98e-51f2-4c68-9660-c368499b0473?accessToken=zwAAAXyT333wkdPlBLmOUfJMaNOWYMNoSZsEcw.MEYCIQCw9Kz1CXFqi8dUzSxOhdxomnDcHKCx6GVBvMDDq7itVwIhAN-x8hOYRHNRJTJ4dzulGGVxHn-i3dt4FqV-gr0NnJFT&sharetype=gift?token=423e007d-3500-4ac2-97a3-fb0105e18269

Photo:  Haddam Neck Nuclear Power Plant, Primary Auxiliary Building, 362 Injun Hollow Road, Haddam, Middlesex County, CT Nuclear power is green, ready now, and doesn't need sunshine or windy skies.  Mike Hewitt CEO IP3 Security https://on.ft.com/3mZPSb1 https://www.rolls-royce.com/~/media/Files/R/Rolls-Royce/documents/customers/nuclear/smr-brochure-july-2017.pdf

Malcious PowerShell Script Using Client Certificate Authentication https://isc.sans.edu/forums/diary/Malicious+PowerShell+Using+Client+Certificate+Authentication/27944/ PowerShell Updates https://github.com/PowerShell/Announcements/issues/27 Juniper JunOS Patches https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES TianFu Cup https://tianfucup.com/en/#canjia

Nigel is back from vacation. However, he had quite the experience at the airport. See omnystudio.com/listener for privacy information.

What more do we need to do to help protect our politicians following David Amess' death?

Managing Partner of Delve Risk Anthony Johnson joins co-host Andy Bonillo to discuss the current state of cyber security sales. Anthony dives deep into both sides of the table to help the CISO understand the world of the salesperson and to enable the salesperson to successfully engage with security executives. Anthony also shared his perspective on the CISO role, the difference between a big C and a little C in the CISO title. We finished up the show with Anthony sharing how he decided to leave his enterprise cyber security executive role to become an entrepreneur and his advice for those looking to start a business. All this and much much more on Episode #196 of Task Force 7 Radio.

Active Scanning for Apache Vulnerabilities CVE-2021-41773 and 42013 https://isc.sans.edu/forums/diary/Apache+is+Actively+Scan+for+CVE202141773+CVE202142013/27940/ Warranty Repairs and Non Removable Storage Risks https://isc.sans.edu/forums/diary/Warranty+Repairs+and+NonRemovable+Storage+Risks/27938/ Crypto Wallet Compromised on OpenSea NFT Marketplace https://blog.checkpoint.com/2021/10/13/check-point-software-prevents-theft-of-crypto-wallets-on-opensea-the-worlds-largest-nft-marketplace/ $5.2 Billion worth of Bitcoin Transactions Linked to Ransomware https://www.fincen.gov/sites/default/files/shared/Financial%20Trend%20Analysis_Ransomeware%20508%20FINAL.pdf

This week on the Blue Security Podcast, Adam and Andy talk about the Facebook outage and what security defenders can learn from reading their after actions report. They also dive into Windows 11 and the security features that make it the most secure version of Windows yet. ------------------------------------------- Youtube Video Link: https://youtu.be/DdGeRMkZVOM ------------------------------------------- Documentation: https://www.microsoft.com/security/blog/?p=93810 https://www.microsoft.com/security/blog/2019/10/21/microsoft-and-partners-design-new-device-security-requirements-to-protect-against-targeted-firmware-attacks/ https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs/ https://www.youtube.com/watch?v=tg9QUrnVFho ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com --- Send in a voice message: https://anchor.fm/blue-security-podcast/message

The Rev. Mary Lessmann teaches us about God's Security.

By Jon Frerichs David Strachan joins our program to discuss the history of mine warfare, the continued development of the seabed, and the evolution of undersea and seabed warfare. Download Sea Control 285 – Naval Mining and Undersea Warfare with David Strachan Links 1. “MEDUSA is U.S. Navy’s Secret Mine-Laying Submarine,” by David Hambling, Forbes, June … Continue reading Sea Control 285 – Naval Mining and Undersea Warfare with David Strachan →

Today we visit r/ProRevenge where people get back at those who have done them wrong!For business enquiries please contact karmacommentchameleon@gmail.com

The United States and Greece signed an extension of the Mutual Defense Cooperation Agreement (MDCA) on Thursday, renewing their agreement for five years with an understanding that from then onward, it would remain in place indefinitely. The MDCA will boost defense cooperation between the two countries, including further investment in bases operated by the US military in Greece. Greek Foreign Minister Nikos Dendias and US Secretary of State, who signed the agreement, were meeting in Washington for the third round of strategic dialogue between the two NATO allies. Lena Argiri joins The Greek Current with the latest analysis from Washington, DC.Lena Argiri is the DC Correspondent for ERT - the Greek Public Broadcasting Company.You can read the articles we discuss on our podcast here: Deal with strong US guaranteesAlliances are just part of strategyGreece, US expand defense pact in face of Turkey tensionsTurkey plans military action against Syrian Kurdish YPG if diplomacy failsErdogan threatens fresh military campaign in Syria

In October of 1966, the Black Panther Party was founded in Oakland, California. Since then, the Panthers have been a driving radical force for Black liberation, self-defense, and community organization and self-determination. In this special episode of Rattling the Bars commemorating the 55th anniversary of the founding of the BPP, TRNN Executive Producer and former Lieutenant of Security for the Baltimore chapter of the Black Panther Party Eddie Conway speaks with Black Panther Party archivist Bill Jennings about the legacy of the Panthers and how people are carrying on that legacy today.

Andrew Orr joins host Kelly Guimont to discuss Security Friday news, including This Week In Data Breaches and willful misunderstanding of “hacking.”

Joe Vest started his journey as an aspiring herbalist, then his focus turned to IT working as a sysadmin.Joe's knack for technology as a sysadmin led him to cybersecurity and then red teaming when the discipline was not very known or practiced._______________________GuestJoe VestOn Linkedin | https://www.linkedin.com/in/joe-vest/On Twitter | https://twitter.com/joevest______________________HostPhillip WylieOn ITSPmagazine  

Welcome to a very special edition of Security Stories, as we go head to head with the Beers with Talos podcast team. Using a live game show format based on the British show 'Would I lie to you?' we present "facts" about significant moments in our security careers—but can the teams work out who is telling the truth, and who is bluffing?This episode features Mitch Neff, Joel Esler and Matt Olney on the BWT team. Joining Hazel on the Security Stories team are Dennis Fisher of Decipher, and Pam Lindemoen, CISO Advisor for Cisco Secure.To learn if we can sort fact from fiction, don't miss this special edition: "Would I lie to you? Security Stories versus Beers with Talos."To learn more about Talos careers, head to https://talosintelligence.com/careers

Medicare Advantage star ratings released; Security firm raises FIN12 ransomware attack concerns. Plus: Withings receivesan FDA clearance for Scan Watch's ECG and SpO2 monitoring features .Links to the stories:See the rankings: More than 70 health plans earned 5 stars in Medicare Advantage star ratingsCyber experts warn of 'aggressive' threat actor targeting healthcareWithings scores FDA clearance for smartwatch ECG and SpO2 monitoring

Security In Five is now a Top Mentor on the new Widsom App. This episode talks about the new venture and how it will be providing different content than the podcast. Wisdom App - https://www.joinwisdomapp.com/ Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

While the broader discussion of cyber-related incidents, events, and trends are contributed to by many different types of organizations and individuals, journalists play an important role in furthering our collective understanding of this space. Journalist Kim Zetter joins host Luke McNamara on Eye on Security to share her perspective in covering cybersecurity as a journalist. Kim discusses how the cybersecurity beat has evolved over the years, where she gathers information to write stories, and some of the themes she sees in the current conversation about cybersecurity issues. 

The future of work is hybrid, but many workplaces aren't ready for it. In order to make the transition successfully, leadership, HR teams, and IT teams need to create a secure work environment that allows successful (and safe) communication online just as much as in-person. This only happens when networking, security, and collaboration tools come together to enhance health and well-being, safety, and efficiencies.  The key is to strike a balance—not just tools that get the job done, but tools that enable safe collaboration. That way, your team can confidently work (and innovate) whether they're across the table or miles apart. 

October 15, 2021: Charles Boicey, CTO for Clearsense talks call centers, development, data science and information blocking with Bill. We need call centers to support so many parts of our conversation with the patient but they are not optimal. What is possible? What are the best practices? Where do development projects go off the rails? How do you manage outsource development partners? And where do we start with app development? How are we going to manage the information blocking rule? Is there any way to ensure our patients that the PHAs that connect to our EHR and request data on their behalf are safe?Key Points:NLP - Natural Language Processing and NLU - Natural Language Understanding [00:06:15] It's really important that you future-proof your assets [00:11:15] Development projects go off the rails initially when whatever we've conceived isn't in alignment with the board [00:18:38] What does low-code no-code look like? [00:23:16] Too much black boxing is going to hurt healthcare [00:34:25] Clearsense

Port Forwarding with Windows for the Win https://isc.sans.edu/forums/diary/PortForwarding+with+Windows+for+the+Win/27934/ Please Fix Your E-Mail Brute Forcing Tool https://isc.sans.edu/forums/diary/Please+fix+your+EMail+Brute+forcing+tool/27930/ Ad Blocker Injects Ads https://www.imperva.com/blog/the-ad-blocker-that-injects-ads/ Romance Scams Go After Crypto Currency https://nakedsecurity.sophos.com/2021/10/13/romance-scams-with-a-cryptocurrency-twist-new-research-from-sophoslabs/ Sysmon For Linux https://github.com/Sysinternals/SysmonForLinux Foxit Updates https://www.foxit.com/support/security-bulletins.html VMWare Updates https://www.vmware.com/security/advisories/VMSA-2021-0023.html

Ww2 resistance cells and how they were put together back in the day. Security, cutouts, and more.

Show Information:Host: Jay FranzeCo-Host: Keith SensingCo-Host: Mindy Jo RigelGuest: Michael AlleruzzoAired: October 13, 2021Additional Show InformationMichaelAlleruzzo.comFranze and FriendsFranzeandFriends.comFacebookFacebook GroupInstagramYouTubeJay FranzeJayFranze.comFacebookInstagramLinkedInTwitterYouTubeKeith SensingLinkedInMindy Jo RigelLinkedInWorry About You TodayWorryAboutYouToday.comFacebookInstagramPinterestTikTokTwitterYouTubeThe Shoe String BlingTheShoeStringBling.comSupport the show (https://www.paypal.com/biz/fund?id=ZAC362K9HWK74)

The IRS is amid a huge technological modernization push, and leading its Office of Online Services is Executive Director Karen Howard. She brings a customer-centric approach to her leadership of various initiatives that are impacting the overall taxpayer experience. This includes the business transformation around technologies like digital chat, easy access to data and, of course, security of that data.

In this deep dive on resilience, Professor Daniel Aldrich gives a fascinating overview of different ways of thinking about resilience—focussing in particular on the kind of resilience that allows communities to recover from disasters in a way that brings together resources -- and allows the communities to rebuild themselves so they're not as vulnerable as they were before the shock—so they can collaborate, communicate, and work together in a more effective way. Daniel discusses his research which has identified the critical importance of social bonds as a key factor determining how communities deal with disasters—too often neglected due to an overemphasis on infrastructural resilience. A fascinating interview, packed with rich insights and research findings-providing a multidimensional perspective on resilience. Daniel Aldrich is professor of political science and Director of the Security and Resilience Studies Program at Northeastern University. A main body of his research focussed on recovery after natural disasters. His most recent book, Building Resilience: Social Capital in Post-Disaster Recovery, highlights how relationships among people in a disaster zone are a critical engine for recovery after a disaster. Daniel has held posts as a Fulbright Research Fellow and an Abe Fellow at Tokyo University and as an AAAS Science and Technology Fellow with USAID.  He is a contributor to the New York Times, CNN, The Conversation, and the Asahi Shinbun, among other media.    

In this episode, Managing Partner of XPAN Law Partners, Rebecca Rakoski, and Senior Account Manager at Contango IT, Schellie Percudani, talk about cybersecurity, especially for small businesses. Today, Rebecca and Schellie talk about business privacy and security practices, cost-effective steps that you can take to protect your business, and the importance of cybersecurity insurance. Why do small businesses have to worry about cybersecurity? Hear about ransomware attacks and how to react to them, data privacy laws and how they impact your business, and the value of hiring lawyers, all on today's episode of The Healthy, Wealthy & Smart Podcast.   Key Takeaways “What we all have in common between the small businesses and the large businesses is we're all human.” “You're only as good as your last backup.” “You can't have privacy without security.” “You definitely don't want to be fudging any kind of information. You definitely want transparency.” There are four basic things that you can do as a business owner: enable multi-factor authentication, provide security awareness training, monitor and patch your systems, and enable software and hardware encryption. “Encryption is your Get Out Of Jail Free card in most jurisdictions.” “60% of small businesses will go out of business within 6 months of a data breach without liability insurance.” “The first thing that businesses need to do is take a proactive posture.” “If you look at data breaches, if it's not caused by an employee in the company, it's caused by an employee at one of their vendors.” “Make sure you put yourself in a legally defensible position.”   More About Schellie Percudani Schellie is a Senior Account Manager at Contango IT located in Midtown, Manhattan. With 75 people, Contango IT services their clients through 4 key areas of technology. IT Service/Support - We offer unlimited onsite and remote support for all covered users and devices with up to 60-90 second response time. In that same fixed monthly price, we also include asset management, budgeting breakdowns, disaster recovery planning, compliance requirement review and planning, technology road mapping, and a lot more. IT Infrastructure / Cabling - Moving offices? Contango IT handles the technology side of the move through Cabling and IT setup. Cybersecurity - 45 people strictly in Cybersecurity keeps Contango IT on top of the biggest buzz In technology. Risk? Compliance? Reach out, looking to help in any way possible. Even if it is just second opinion or advice. Custom Programming - Front-end or Back-end development, Android, iOS, Web-based and much more. Winners of the Microsoft Best Use of Technology Award and the NYU Stern New Venture Competition Any technology questions, reach out! With hundreds of clients over 4 services, Contango IT has seen it before.   More About Rebecca Rakoski Rebecca L. Rakoski is the managing partner at XPAN Law Partners. Rebecca counsels and defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. As an experienced litigator, Rebecca has handled hundreds of matters in state and federal courts. Rebecca skilfully manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to aggressively mitigate her client's litigation risks. Rebecca is on the Board of Governors for Temple University Health Systems, and an adjunct professor at Drexel University's Thomas R. Kline School of Law and Rowan University.   Suggested Keywords Healthy, Wealthy, Smart, Cybersecurity, Small Business, Privacy, Security, IT, Insurance, Legal, Hacking, Ransomware, Malware, Data, Technology, Data Breaches, Encryption   To learn more, follow Schellie and Rebecca at: Website:          https://www.contangoit.com                         https://xpanlawpartners.com Twitter:            @XPANLawPartners                         @RRakoskiesq Instagram:       @schellie00 LinkedIn:         Schellie Percudani                         Rebecca Rakoski, Esq.   Subscribe to Healthy, Wealthy & Smart: Website:                      https://podcast.healthywealthysmart.com Apple Podcasts:          https://podcasts.apple.com/us/podcast/healthy-wealthy-smart/id532717264 Spotify:                        https://open.spotify.com/show/6ELmKwE4mSZXBB8TiQvp73 SoundCloud:               https://soundcloud.com/healthywealthysmart Stitcher:                       https://www.stitcher.com/show/healthy-wealthy-smart iHeart Radio:               https://www.iheart.com/podcast/263-healthy-wealthy-smart-27628927   Read the Full Transcript Here:  00:02 Hello, Rebecca and Shelly, welcome to the podcast. I'm very excited to have you on to talk all about cybersecurity. So welcome, welcome.   00:13 Thank you for having us.   00:14 Yes, thank you. And   00:16 so this cybersecurity this for me as a small business owner, is brand new to me. Although it probably shouldn't be, but it is, but that's why we're talking about it today. But before we get into it, can you guys give a little bit more detail about yourself and what you do so if the listeners understand why I'm talking to you guys today?   00:41 So I, Rebecca McCroskey, I'm a co founder and managing partner of x Pam law partners, we're a boutique cybersecurity and domestic and international data privacy law firm, which is a really fancy way of saying we help organizations with their cybersecurity, and data privacy needs, right? I have been a practicing attorney for almost four years. I hate to admit that sometimes I'm like, I'm dating myself. But what's great is we really help businesses, small startups, all the way that big multinational corporations because right now businesses are it's, it's really a brave new world that we're facing today. And businesses are getting attacked literally from all different sides. And so we started x pant to really help businesses understand what their legal obligations are, and what their legal liabilities are. And I tell my clients, my job is to avoid those problems for you, or do my best or put you in the best position to address them if and when it becomes an issue. So that's   01:48 what I do in a nutshell. Great, thanks, Shelly. How about you?   01:53 Yes, my name is Shelly perky. Donnie, I am an account manager with contango it and we help businesses and our end organizations if I could speak, we help them manage their day to day it to help build a strong security posture. We also help them with cybersecurity, we have 45 people strictly in cybersecurity, we have 25 penetration testers, eight ethical hackers. So we have a strong, you know, posture to help businesses build a posture so that they at the end, I wouldn't say that they're not going to be attacked, but they are prepared for anything that could happen. And so we help them with that. Got it.   02:43 Well, thank you both for being here to talk about this, because we are seeing more and more things in the news lately about ransomware and cyber attacks. And so oftentimes, we think of that as only happening to the big businesses, right? So why should small businesses, which a lot of listeners that listen to this podcast, are entrepreneurs or small business owners? Why should we have to worry about this?   03:10 So, you know, from a legal perspective, obviously, anybody who's ever come into contact with the legal system knows, it's not just for large businesses. So from a legal perspective, you're going to be subjected to liability from your people who whose information you're collecting, call them data subjects, you can, you're going to have contractual obligations with your vendors and third parties that you use and share data with. So put that and then just put that aside for a moment, then you also have small businesses have a reputation. And in the small business community, I am myself a small business, I'm a small law firm, Chief law firm. And you know, your reputation is everything. And so part of your reputation nowadays is how you're handling security and privacy. What are you doing the data. And so it's really important for small businesses to realize it's not just the big guys, we hear about them in the news, the colonial pipelines and the JPS foods and the Equifax is of the world. What you don't know is that every single day law firms like mine are getting a call from small businesses going help. We just clicked on a bad link, we just got ransomware, what do we do? And that happens all the time. It really you hear about the big guys, but it's the little guys that are really, you know, bearing the brunt of it, I think.   04:32 Now, I would agree. And what we all have in common between the small businesses and the large businesses is we're all human. And like Rebecca said, it's human error. Somebody clicked on an email, and they didn't know you know, they weren't trained. Hey, this is a spoofing and phishing email. This is what they look like, this is what you need to look for. And so that's where we come in, and it's we're all human and we all make mistakes. It's just no Like, you know, you this is what to look out for.   05:04 Got it. And so what are some of the issues facing businesses today, when it comes to cybersecurity?   05:12 What ransomware is obviously one of the biggest issues, right. And for your listeners who don't know what ransomware is, it is, what happens is somebody clicks on a bad link, download the bad, you know, attachment to a file, and the ransomware is downloaded to the system. Depending on how sophisticated the hackers are, they can either deploy it immediately, which means your system starts to, they start to encrypt your files, or it can be that they sit in there and wait for Oh, I don't know, the most inopportune moment that your business has. And then they deploy the ransomware. I've had clients where they deploy ransomware, or they first delete backups before they deploy the ransomware to really add insult to injury there. So but so that's one of the big things and then the your entire system gets encrypted and you can't unencrypted it without the encryption key which you then have to pay for the ransom part of it. And, you know, we hear about the big ransoms, again, the 4.4 million from colonial the 11 million from JBS. But you know, I was speaking with a colleague the other day, and a law firm got ransomware for $50,000. Now, that's a lot to a small business, it's a lot to any business, but they try to make it it's almost like it's commercials with what they think that they can afford and pay and so that they'll pay because they want you to pay the ransom. So that's I think, I think that's probably the   06:35 number one I would say so too. And then you now you're on their list, because you've paid your   06:41 SIR now. Wow, they paid   06:44 from now you're on a list of this hacker of like, Well, you know, was easy to get in before. Yeah. So let's see how we can get in again.   06:55 Right? Oh, my goodness. Hang in and you know Rebecca's right.   06:59 And that's where you know, also patching and monitoring your systems having a good strong it. posture is important. Because they see that stuff, they see little inklings of, Oh, well, something's going on here. somebody's trying to get in, you know, so they can see that. And you know, you're only as good as your last backup, and where is your backup being stored? And you know, is that in a secure location? Because if not, guess what? It doesn't matter. Because your information is gone.   07:33 Oh, my gosh, yeah, that makes so much more sense. Now, even just explaining what ransomware is. I didn't realize so they hold the encryption key ransom. And that's what you're paying for.   07:46 Correct you in order to get your data back, you have to pay to get the encryption key. And people think Well, okay, so I'll pay the ransom. And I'll get the encryption. I'll get the encryption key. And it's like, like magic? Yeah. You do, to some extent, although there used to be honor amongst thieves. It's not always the case anymore. No. But the other thing is to keep in mind encryption is not perfect. So you're not going to get it back exactly the way it was before. And a lot of laws have been changed now. So the fact that you were ransomware, it is in and of itself, a reportable event for a data breach. So that's another aspect to it. I mean, we're talking more about the technical aspects with the ransomware. But this is the other part where you know, I always say like, ransomware is like three explosions. The first one, oh, my God, my computer has exploded, but yeah, my computer's, what do I do? And then the second one, which is how are we going to, you know, get back up and running. And then the third is really the legal liability that flows from it and holding it together.   08:55 Also to I mean, Rebecca, are you finding that now, too, they're not only holding it, they're selling the data? Yeah. So they're still older data copied it, they're giving you back access to it, but now they're gonna sell it?   09:12 Yes. So what it comes down to is yes,   09:15 there's a lot to do. At that point to now you've got to tell your clients, hey, I've been   09:23 hacked. And that's where that whole reputation part comes in, you know, where you're, you know, these are people who are interesting information to you data. You know, I mean, as a law firm, we obviously hold our clients data. But you know, if you're a business, you could be holding personal information of your clients and business partners. You could be holding sensitive data on your employees or social security, financial information, information about their beneficiaries, which could be kids and things like that. So it really is a problem that just expands exponentially. It's a rabbit Well, I guess you're falling down that rabbit hole for a while.   10:04 You're like Alice in Wonderland.   10:07 Right? Oh, my gosh. Well, now you mentioned Rebecca about laws? And does that? Could you talk a little bit more about like certain data privacy laws and how that works? And if you're a small business, what does that mean?   10:24 Sure, so different. So there are two sets of laws that you need to really be businesses need to be concerned about, right. So one of them are your your data breach notification laws, which won't really be triggered unless and until there is a data breach, there are 50 states, there are 50 different laws, it's super fun for businesses who have to deal with us, then you have data privacy laws, and because nobody can seem to get their act together to come up with a federal law, we are stuck with, again, a patchwork of laws. So different states have passed different laws. And that is in and around a data subjects rights, about the data that's being collected about from them. So for example, California has a law, Virginia passed the law, Colorado passed a law recently, I know there's a proposed one in New Jersey in New York, Pennsylvania, Texas. So you name the state, and it's probably considering Washington State has tried to have made several passes into data privacy law. And what's interesting about this privacy laws is it they're usually, there's usually a threshold, sometimes small businesses will meet that threshold, but you need to understand that and it's all about the data that you're collecting. So the data you're collecting is going to trigger or not trigger requirements under some of these laws. That same data is the attractive nuisance, if you will, to the hacker they want to, they want to so you know, I always say you can't have privacy without security. So they really do go hand in glove.   12:00 What would be like an app if you know this at the top of your head, but an example of data privacy law from one of those states that has them on the books like what would be an example.   12:13 So California has the California consumer Privacy Act, the ccpa, which was amended in November, when the good citizens of California had a ballot initiative to pass the California Privacy Rights Act or the cpra. And those types of so in and around that you have different rights, the right to deletion, the right to correction, or right to a ratio of three, you know, the right to be forgotten is what's commonly known as, or just some of the rights that you're entitled to. And so businesses that fall under the within the purview of the ccpa, which is in effect right now, the cpra, which will go into effect in 2023. And so if you are a data subject, and the business is is under those laws, you can, you know, say to the pay, I want to know what you're doing with my data, hey, I need you to correct or delete my data. And the business has a set statutory period of time to respond to that data subject Access Request. It's about transparency. So anybody who saw all those updated privacy policies online, that's all driven by privacy laws, there's one in Europe called the GDPR, the general data protection regulation. And it really is in and around transparency, and data collection, storage and sharing practices. So that's, I could go much deeper, but I don't want to put anyone to sleep as I talk about loss.   13:42 I think I think that's really helpful just so that people get an idea of like, well, I don't even know what that is, you know, and if you're a small business owner, you've got a million other things on your plate, because you probably don't have a dedicated IT department, you don't have a dedicated cybersecurity department, oftentimes, you're a solopreneur. Or maybe you have less than 10 employees, you know, so all of a sudden, all of this stuff has to come on to somebody. So I think just getting an awareness out there that it exists, is really important so that you can maybe look it up in your own individual state.   14:20 Yeah, and one thing I would say and I know that this is a problem amongst entrepreneurs and startup is within the startup community is that they think well, we can do this ourselves. We can like cut and paste the privacy policy online and somebody Shelley's laughing at me over here. But you know, the purpose of these laws is to provide information about what that business is doing with data. So if you're borrowing it from somebody else, you could be in trouble twice because you're now you're not accurately reflecting what your laws are, what you're doing with the data. And you've basically taken this information and maybe obligating yourself under other laws of regular So for people who are listening, I know nobody likes talking to lawyers. I swear we're not that bad. But hiring a dedicated privacy or security attorney who understands this is really important because you told what to, you know, have an Ono moment on top of it. Oh, no moment when you're you know,   15:19 exactly. You definitely were Rebecca Sade is absolutely correct. There are people that do that they try to manipulate it and do it themselves. What they don't realize is once you're hacked, it's not just, Oh, no, they've got my information. Now I have to pay this ransomware. But guess what, oh, if you weren't following those privacy acts, you're also gonna get fined on that data, too. So you definitely don't want to be fudging any kind of information. You definitely want transparency.   15:47 Yeah. So hire lawyer. I'm a big fan of lawyers. I hire lawyers for for everything, because I don't I'm not a lawyer. I don't know how to do any of it. And I want to make sure that I am protected. So I 100% get it. Now, what? So we're talking about the pitfalls of what could happen if you have a breach, or issues facing businesses. So what can businesses do to help with cyber security? What are some things we can have in place to give us some protection and peace of mind?   16:20 Well, I would like to answer that this is Shelley, I'm someone who's there for simple and very effective basics that you could do as a business owner. And they're very cost effective. In fact, you know, you already have some of them in hand, as far as like Microsoft Office 365, all you have to do is enable your multiple factor authentication, that's a huge one, it's like leaving your light on in your house, if you're going out to dinner, they're gonna move on to the next house, because you have that layer of protection. And then, you know, security awareness training, educating your employees, educating yourself a lot of spoofing and phishing email looks like, that's huge that you know, it, it makes them aware. And that also, you know, it shows your employees that you're protecting them, you're protecting your clients, you know, it shows stability. And then also, you know, monitoring and patching your systems, you know, making sure that someone has an eye on what's going on. I'm looking for those little ticks that someone may be trying to get into your system, because a lot of people that you can have websites, you can tell by is your website going slower, that's usually a sign that someone might be trying to hack into your system. You know, so it's little things like that. And then also, you know, software and hardware encryption, that's a huge one. A lot of people, I know we have all our devices, it's our fingerprint or face that opens it. But if your hardware is not encrypted, they could just steal your laptop, pull out the hard drive, plug it in somewhere else, and guess what the data is theirs. And it's just the simple things that can help a business.   18:10 Yeah, so So to recap, the multiple factor identification that I get, and I do security awareness training, what what are these emails look like? What not to click on? monitoring and patching systems? So when you say patching systems, what exactly does that mean?   18:27 Well, that's where someone is patching in and they're, you know, they're making sure that your system is secure. And it's going somewhere in that secure like firewall, everything like that. So that is exactly   18:39 the basic there. There are systems like so for example, the Equifax data breach was a vulnerability in an Apache struts operating system. And when they found this vulnerability, it was it was a problem. People write code, people make mistakes, you need to fix it. Once they discovered the problem. They went, they were like, Oh, you need to apply this patch. It basically fixes the code. Well, if you don't apply the patch, if you don't have somebody who can help you do that you're not you're leaving your back door   19:11 open or even Yeah, or even like software, like it needs to be updated. So they're patching and updating, they're constantly monitoring, updating any software so like have you ever had where your phone doesn't work and because you haven't upgraded your system? Well that's kind of like it is for monitoring and patching. They make sure that everything is up to date everything is to code   19:34 right because if you're not patching and updating like Shelly said, you can actually leave a hole Yeah, and you're not the it's a lot easier for them to get in because you would not that system isn't being supported anymore by the Microsoft's or the Googles because they've moved on. You got to move on with them. Otherwise, you're you're gonna have a problem.   19:52 Got it. Got it. Okay, that makes a lot more sense.   19:55 They could do that themselves. Like oh, I can do this. I can do this. But as they're growing Their business, they don't have time to focus on that. And that's how little cracks happen.   20:04 Got it? Okay, that makes a lot of sense. And number four was making sure that your software and your hardware was encrypted. Right? And does that. I mean, this might be a stupid question. But does it come that way?   20:19 No, that's not a stupid question. I mean, a lot of us think that because, you know, I mean, we're on a computer right now that if I shut it and locked it, I opened it again, I could put my finger on it, it would open it, I wouldn't have to type my password in. But if my hard drive wasn't encrypted, didn't have that same protection on it, where someone could steal it, and then just pull out the hard drive, because these people are very talented, plug in the hard drive. So you need to make sure that your hard drive has that same protection with your fingerprint of code that, you know that if they would have to, they wouldn't plug it in somewhere else, they're gonna have to know that code, because it's not going to work.   21:06 Keep in mind, too, that encryption, like we're always talking about is, in most jurisdictions, if you have an encrypted hard drive, if even if they get it, they can't access it. It's not a data breach. So I like to say encryption is your get out of jail free card in most jurisdictions, okay. There are 50 of them. There's a lot, but in most of them, that's your get out of jail free card. So it's one of the biggest, that multifactor I guess, are probably two of the biggest bang for your buck. There they are. And how do you   21:37 know if your software and hardware is in is encrypted? Again, perhaps another silly question, but I just don't know.   21:43 So first of all, I don't encrypt my own hard drive. I know a lot about technology. But I, you know, I don't go to my dentist for brain surgery. professionals, who are IT professionals, like Shelley's company, and I say, here, encrypt my hard drive, and they take care of it for you. So having it's really important   22:06 night. Yeah, I can. And does that literally mean you hand your computer over to someone and say, encrypt my hard drive? Not necessarily No, no, okay.   22:16 No, no, no, a lot of times what you know, like our text can do, they can come in, they can work in remotely in and you know, just like when they have when we monitor and patch, they do it remotely. You know, if you don't even know what's going on. It's just and it shouldn't, it shouldn't interrupt your day, it should then to wreck your workflow. It should be seamless. And usually, you know, it's something that, you know, our techs are very, you know, highly educated, I love text, I always think, Oh, my gosh, what they do is so cool, because they can just, they can fix everything, and they just go in and they're they're magicians.   22:56 Got it? Got it. Okay, how it should be you.   22:59 I mean, a lot of times, and this is true, too. I think Rebecca, a lot of rules now are making sure that you actually have a credible IT team. Because if you don't, you can now get fined. Or   23:14 Yeah, there are different laws where you can if you're not doing the things you're supposed to be doing, if you're not monitoring if you don't have your asset, you know, management, those kinds of things. I mean, one of the classic examples of that is is HIPAA. Now they don't say you have to have it on teaching but they do say you have to encrypt your heart you know, encryption, or they say you show it or they say you have to monitor monitor your devices and let's face facts, do you want to be I don't want to be monitoring my devices, I want my IT guys or gals to be monitoring my devices, I want to be practicing law. So that's the beauty of it is that it's it's Charlie says it's running seamlessly in the background, and you're doing what you should be doing much with running   23:55 your business. Got it? All right. Now let's move on to so let's say you have all of this in place. You've done your basics for cybersecurity. Do you have to have cyber security insurance? Or can you just say, Well, I did all this. So what do I need the insurance for? No,   24:15 that's like driving around without your seatbelt on. Like, you know, I, I frequently wanted to ram the car in front of me, but I don't I don't do that. So cyber insurance. When I will tell you this as when I started my own law firm. The first thing I bought was malpractice insurance. The second thing I bought was cyber liability, a separate standalone cyber liability policy. They are getting more expensive, but for a small business depending on the data you're collecting, they can be very reasonable. But I sleep at night because I know that if something goes horribly wrong, it's there. All of the things you're doing. me that all The good cyber practices that Shelly and I have been talking about that just means they're going to cover you when the when the stuff hits the fan. Because if you're not doing all of that, you've probably told they've sent you a questionnaire with your cyber liability policy and you filled it out and you're like, Oh, do I have multi factor authentication? Oh sure. I encrypt my hard drive. If you lie to them, they don't cover you. But if you're doing all these good cyber practices, and you have insurance, it's you know that every single one of my clients first thing I ask, Where is your data? What is it doing? Where is your cyber liability policy? Those are the   25:35 those are the big three Yeah. Okay. To help you too, because how are you going to get that money out? Right, how do you get that money back? How do you recoup your business? I mean $50,000 is a lot Oh yeah. And you know, you're a small business and yeah, you you could take a hit you can take a loan but wouldn't it be better if somebody covered it for you it's kind of like you You get a car accident you know, it was like that rental car where your car is getting fixed. You would like to get a new car that new car smell   26:11 Yeah, cyber liability insurance is absolutely critical for small business every this statistic might be a little bit old, but I will pull it out anyway for just as an example 60% of small businesses will go out of business within six months of a data breach without live liability insurance. So that's an I know that statistic has gone up it's a it's a little stale, but I think that's about a year old and every year they put out new stats I just haven't brushed up on my statistics today. But   26:41 well that is true because as many business owners as I talked to in everything, you would not believe how many of them I've had friends that had successful businesses and everything was going great. They got hacked, and they just couldn't recoup the money that they need it breaks my heart because they never thought it would happen to them because they weren't trading money they weren't doing anything like that. It was just common goods like e commerce that they were just like, yeah, and then something happened.   27:09 I mean, I get a call at least once a week from a crime business person literally tears I don't know what am I going to do? I have a little bit of a policy or something. It's like a rider on my my general liability policy, but now it's going out because it runs out like that and so quick, and they're like now what do I do? I don't I don't have an answer for them. They're gonna have to you know, they have to pay for it out of pocket. A lot of them can't It is really heartbreaking.   27:37 Yeah. Oh my goodness. Well, so you know, we talked about some issues facing businesses today. basics for cybersecurity, the need for cybersecurity liability, which I am in the process of getting after speaking with Celli a couple of weeks ago, so I'm there I'm doing it I'm in. You don't have to I You don't have to tell me twice when it comes to important insurances, I will get it. So is there anything else that you guys wanted to let the listeners know when it comes to cybersecurity for their businesses?   28:14 Um, I think the first thing that businesses need to do is take a proactive posture. So doing the technical things that Shelley's talking about, shoring up some of their legal obligations, like I'm talking about with, you know, appropriate privacy policies, contract language and things like that. The other thing is, they have to also be aware of their vendors, which I think is another big issue facing organizations if you look at data breaches, it's not caused by an employee in the company it's caused by an employee at one of their vendors. And so you know, it's a big issue and so I would say that for all small businesses, all of the technical aspects and then make sure your your legal, you put yourself in a legally defensible position because unfortunately, these things are going to happen. And you want to make sure that you not just survive but thrive after after an event like this.   29:09 Yeah, and I agree with Rebecca, those are the key things that you need to do as a business owner, but it's also helping yourself to educate been growing your business and I know at times it can be scary because like, Oh my goodness, I got to talk to a lawyer. That's more money. Oh, I gotta have someone you know, outsource it person. When I've had my cousin, he knows computers, he knows everything. You know, everything's going but if you're looking to move your business to that next level, and you're looking to flourish, you really just like anything else, you need to make sure you understand and you are doing what is required of you to do to help your business flourish.   29:53 Got it. Well, this was great. I mean, hopefully people listening to this, it will set a match under them. To get them to really take a look at this in their business because like you said when you're a small business owner you've got a million things going on. But this is super important and I think something that people really need to focus on so I thank you for bringing this topic to me Shelly and for bringing Rebecca on because I think this is really great and I do hope that all the listeners out there will now start to take a better look at their businesses and are they protected Do they have the right things in place so thank you thank you now where can people find you? if they have questions? If God forbid they have a breach and they need a lawyer or they need someone to help do an IT assessment of their business so where can people find you? So   30:47 I obviously have a website expand law partners com Also you can follow us on Twitter and on LinkedIn please connect you can connect connect with me personally and my business we put out for small businesses out there who have a lot of questions we are constantly pushing out different topics raising issues bringing attention to different ones so please act x Pam law partners connect with us and hopefully will will provide you with some of that information that Shelley was talking about   31:23 excellent Shelly Go ahead.   31:24 You can reach me at contango it calm is our website I can also link in with me you know I love to meet new people and I always like to offer any kind of advice or second opinions I can help with if I if there's anyone I can point you into the direction to you know help your business I would love to do that.   31:46 Excellent. Shelley is a great super connector for sure. So definitely reach out to them now ladies one last question and I asked everyone this is knowing where you are now in your life in your career. What advice would you give to your younger self?   32:01 see somebody asked me this I'm gonna have to steal from my prior answer was start my law firm earlier. I wish I had done it earlier. I cherish the time I spent at a large law firm but I love what I do now. I love helping businesses so this I would do it earlier. So amazing. I would become an ethical hacker. Love that. I want to change my answer. That's a great answer. I love it.   32:35 I love it. Well, ladies, thank you so much for coming on the podcast sharing all this vitally important information. I do appreciate it. Thank you so much for having us. Pleasure and everyone. Thank you for listening. Reach out to these ladies if you are a small business because you may need some cyber help. Thank you for listening, have a great couple of days and stay healthy, wealthy and smart.

Every person has security needs and growth needs. Security needs are the needs that keep us safe and protected. As Maslow taught, growth needs are the needs we have to become more than we are on the path to self-actualization.  These needs stand at opposite ends of a continuum, but are both equally important for well-being. Last week's podcast focused on helping you understand security needs, and this week I'll make the case for growth needs.   This discussion will help you:  Understand what growth needs are  Identify healthy ways to tolerate risk in your daily life  Set goals designed to help you fulfill potential Show notes available at:  https://drmelissasmith.com/128-growthneeds/

On this episode I sit down with Michael Cano founder and CEO of Gateway Vip Services which helps eliminate airport and travel stress by taking care of everything for you from checkin to checkout. They can make your life easier every step of the way from getting to the airport, checking you in, getting you through security and customs more quickly and more. Michael also touches on some of his most memorable and annoying celebrity clients and if he thinks the vaccine may one day be required to fly.

The recent scandal in the NFL and past emails should be a reminder that the Internet is forever. This episode talks about how security awareness programs, companies and parents need to make that message more clear. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

It was going to be V for Virus, but we have probably had enough of the word right now, and vulnerabilities perhaps better describes what we are really talking about here - WordPress security. This is where we are different and roles are reversed. Nathan listens to podcasts on IT security and sees the worst that can happen. David remains relatively clueless and feel invincible! He's fixed about 7 hacked sites. None due to his management and the issues have not returned. It made him feel like he was king of the world! We're not experts in this by any means, but we do like to think about it and talk about it... So check out the podcast today and let us know what you think...

Gabe Morency questions why College Football coaches seem to have more security than other sport coaches.

By Jon Frerichs Rear Admiral Tom Williams, Dr. Tim Francis, and Dr. Shawn Woodford join the program to discuss the career of Admiral Richmond Kelly Turner and his role in planning the war in the Pacific during World War II. Download Sea Control 284 – Planning the Pacific War and Admiral Richmond Kelly Turner Links … Continue reading Sea Control 284 – Planning the Pacific War and Admiral Richmond Kelly Turner →

October 2021 opened with big shifts in areas high on Mexico's agenda: security and energy. Both issues are, arguably, the most crucial to the country's future course. In conversations with AS/COA's Carin Zissis, UC San Diego's Cecilia Farfán-Méndez covers what's new—and not so new—in an updated U.S.-Mexico security accord while Montserrat Ramiro, former commissioner of Mexico's energy regulatory agency, gets into why a new electricity reform is sparking discord.

It is Cybersecurity Awareness Month, but security awareness is a lot tougher than just dedicating a month to awareness activities. Security awareness is a journey, requiring motivation along the way. Brian Reed, Cybersecurity Evangelist from Proofpoint, joins Business Security Weekly to discuss the security awareness journey and how the human elements can help motivate us. Brian will discuss how personalized content and gamification can help achieve better outcomes for organizations and the individual. In the Leadership and Communications section for this week: How to strive and thrive [in a meeting], 5 steps toward real zero trust security, Seven strategies for building a great security team, & more!   Show Notes: https://securityweekly.com/bsw235 Visit https://securityweekly.com/proofpoint to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Toxic environments on the Enterprise; FB & IG, down again; Instagram wants teens to "take a break" but not sure how; Nick Clegg's vacant words; Magic Leap is back & raking in the cash; Twitch leak reveals full source code, financial data; you oughta get in twitching; celebrity crypto shilling; GM wants you to subscribe to their cars; Apple Developer Academy; tech startups lie; Foundation renewed Storytime with Seth Rogan; Dave Chappelle; the Expanse; Apple TV 4k; iPhone vs Android privacy; Twitter recommends you not go on Twitter; do you or don't you need a VPN?Show notes at https://gog.show/526This episode of Grumpy Old Geeks is brought to you by Hover!Hover is the place to get the best domains. With over 300 top-level domains to choose from. Go to Hover.com/gog and get 10% off your first purchase.FOLLOW UPBlue Origin delays William Shatner's spaceflight to October 13thThe renowned programmer who created PHP "hates programming" and said he's "not a real programmer."IN THE NEWSFacebook and Instagram are down for the second time this weekInstagram will encourage teens to 'take a break'Facebook's Oversight Board will meet with the Facebook whistleblowerSeven years after raising $542M at a $2B valuation, Magic Leap raises $500M at a $2B valuationMy First Year at Magic Leap and the Opportunity AheadTwitch's source code and streamer payment figures have been leaked following hackTwitch Data Leak Confirms The 100 Highest-Paid StreamersCelebrity Crypto Shilling Is a Moral DisasterGM aims to build Netflix-sized subscription business by 2030Apple opens Developer Academy in Detroit, creating new opportunities for careers in the iOS app economyLifestyles of the Rich and Gullible: Theranos and Ozy EditionMEDIA CANDY‘Foundation' Renewed for Season 2 at AppleStorytime with Seth RogenDave Chappelle The CloserNetflix's Ted Sarandos Defends Dave Chappelle Special in Staff Memo: ‘Artistic Freedom' Is Different for Stand-Up (EXCLUSIVE)Watch the first trailer for The Expanse season 6, arriving December 10thBaking Impossible: The great nerdish bake-off for the engineering setAPPS & DOODADSiPhone apps no better for privacy than Android, Oxford study findsApple now requires all apps to make it easy for users to delete their accountsTwitter will now warn you before you participate in a conversation that could get heatedGasoline-powered lawn mowers, leaf blowers to be banned under new California lawBLACK+DECKER 40V MAX Cordless Sweeper (LSW40C)PGYTECH OneMo Camera Backpack 25L with Shoulder Bag for Gopro 10, DJI Air 2S, DJI FPV, Sony, Canon, Nikon, Drone, DJI Mavic Mini 2/Air 2, OSMO Action/Pocket, DSLR/SLR Mirrorless, Camera TripodSECURITY HAH!The CyberWireDave BittnerHacking HumansCaveatRecorded FutureYou Probably Don't Need a VPNCLOSING SHOUT-OUTSThe Lindenbaum Prize for short gamebook fictionSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Zero trust security has become a topic at the forefront of IT and security-related conversations. Zero trust puts an end to compromised identities. In today's hybrid work environment, CIOs and security leaders must understand zero trust strategies and architecture to ensure the safety of networks, devices, applications, and users.To learn about zero-trust, CIOs must understand how traditional networks operate, the challenges involved in becoming a zero-trust network, and techniques that work with the zero trust model.In this conversation, Anand Oswal from Palo Alto Networks, explains how zero-trust security transforms the way applications and users are protected from internal and external threats.The conversation includes these topics:What is zero trust security?-- Enterprise security challenges and zero-trust-- How can CIOs create a zero-trust environment?-- Advice to Chief Information Officers on zero-trust strategyBe sure to read the complete transcript:https://www.cxotalk.com/video/what-zero-trust-securityAnand Oswal serves as Senior Vice President and General Manager at cyber security leader Palo Alto Networks where he leads the company's Firewall as a Platform efforts. Prior to this, he was Senior Vice President of Engineering for Cisco's Intent-Based Networking Group and he holds more than 60 U.S. patents.

Microsoft Patch Tuesday https://isc.sans.edu/forums/diary/Microsoft+October+2021+Patch+Tuesday/27928/ Adobe Patches https://helpx.adobe.com/security/security-bulletin.html PyPi Remove mitmproxy2 Module https://twitter.com/maximilianhils/status/1447525552370458625 https://web.archive.org/web/20211012105244/https://gist.github.com/mhils/7ff29d50b25a1c99e06834cf95684333

Picture of the week. Windows 11 Watch: "AllowUpgradesWithUnsupportedTPMOrCPU" AMD processors running some apps up to 15% slower. The Windows 10 taskbar on Windows 11. Microsoft is disagreeing... with themselves. We have an update on the Windows Explorer RAM leak I mentioned previously... VirtualBox and Windows HyperVisors don't get along. Dropped UDP packets with network optimization. Patch Tuesday. The Joy of the (new!) Default: Excel 4.0 macros to be disabled. Google warns Gmail users of phishing attempts. Google takes first step toward universal 2SV. The US Senate approves some hacking and ransomware legislation. Amazon's "Twitch" service was hacked bigtime! A major Apache webserver update introduced a new critical 0-day error. Last Week's Mass Exodus from WhatsApp. Closing the Loop. Apple's new "Invasion" series. SpinRite. 0-Day Angst. We invite you to read our show notes at https://www.grc.com/sn/SN-840-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow wwt.com/twit canary.tools/twit - use code: TWIT

Picture of the week. Windows 11 Watch: "AllowUpgradesWithUnsupportedTPMOrCPU" AMD processors running some apps up to 15% slower. The Windows 10 taskbar on Windows 11. Microsoft is disagreeing... with themselves. We have an update on the Windows Explorer RAM leak I mentioned previously... VirtualBox and Windows HyperVisors don't get along. Dropped UDP packets with network optimization. Patch Tuesday. The Joy of the (new!) Default: Excel 4.0 macros to be disabled. Google warns Gmail users of phishing attempts. Google takes first step toward universal 2SV. The US Senate approves some hacking and ransomware legislation. Amazon's "Twitch" service was hacked bigtime! A major Apache webserver update introduced a new critical 0-day error. Last Week's Mass Exodus from WhatsApp. Closing the Loop. Apple's new "Invasion" series. SpinRite. 0-Day Angst. We invite you to read our show notes at https://www.grc.com/sn/SN-840-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow wwt.com/twit canary.tools/twit - use code: TWIT

Michael Saylor joins me to discuss anthropology, energy, and technology from first principles as we build the intellectual foundation necessary to truly grasp the historic significance of Bitcoin.Be sure to check out NYDIG, one of the most important companies in Bitcoin: https://nydig.com/GUESTMichael's twitter: https://twitter.com/michael_saylorMichael's company: https://www.microstrategy.com/enMichael's website: https://www.hope.com/CHANNELPodcast Website: https://whatismoneypodcast.com/Apple Podcast: https://podcasts.apple.com/us/podcast...Spotify: https://open.spotify.com/show/25LPvm8...RSS Feed: https://feeds.simplecast.com/MLdpYXYITranscript:OUTLINE00:00:00 “What is Money?” Intro00:00:05 NYDIG00:01:25 The Fourth Layer: Financial00:04:16 Bitcoin Mining's Capital Intensity Recruits Large Investors00:08:04 The Fifth Layer: The Mining Network00:10:01 Bitcoin Miners as an Early Warning System00:11:35 Bitcoin Miners as “Motors of Sovereignty”00:12:55 The First Five Layers: Inertia, Antifragility, and Capital Attraction00:15:00 “Bitcoin is a Swarm Creature”00:16:43 Proof of Work as a Thermodynamic Bridge Between Worlds00:18:54 The Sixth Layer: Spatial00:20:38 Proof of Work as a Self-Distributing Security Model00:21:28 Proof of Work Self-Decentralizes Away from Attack Vectors00:23:26 The Seventh Layer: Temporal00:24:59 Bitcoin's Spacetime Parameters: “You Only Get to Play God Once”00:26:29 What Happens if you Change Gravity?00:29:29 “Bitcoin is Like the Granite Underlying Manhattan”00:31:06 The Universal Consequences of Spacetime Constants00:33:17 “A Shockwave is When You Attack the Air Faster than it Moves”00:35:05 “Foolish to Risk the Immortality of Bitcoin for Bigger Blocks”00:36:40 Proof of Stake: A Closed, Controlled, Non-Darwinian System00:39:50 There Are No Successful Proof of Stake Networks00:42:11 Central Banks as Proof of Stake Networks00:44:52 Bitcoin is Both Digital Money and Digital Property00:45:42 Robert's OutroSOCIALBreedlove Twitter: https://twitter.com/Breedlove22WiM? Twitter: https://twitter.com/WhatisMoneyShowLinkedIn: https://www.linkedin.com/in/breedlove22/Instagram: https://www.instagram.com/breedlove_22/TikTok: https://www.tiktok.com/@breedlove22?l...All My Current Work: https://linktr.ee/breedlove22​WRITTEN WORKMedium: https://breedlove22.medium.com/Substack: https://breedlove22.substack.com/WAYS TO CONTRIBUTEBitcoin: 3D1gfxKZKMtfWaD1bkwiR6JsDzu6e9bZQ7Sats via Strike: https://strike.me/breedlove22Sats via Tippin.me: https://tippin.me/@Breedlove22Dollars via Paypal: https://www.paypal.com/paypalme/RBree...Dollars via Venmo: https://venmo.com/code?user_id=178435...The "What is Money?" Show Patreon Page: https://www.patreon.com/user?u=328431...RECOMMENDED BUSINESSESWorldclass Bitcoin Financial Services: https://nydig.com/Join Me At Bitcoin 2022 (10% off if paying with fiat, or discount code BREEDLOVE for Bitcoin): https://www.tixr.com/groups/bitcoinco...Put your Bitcoin to work. Earn up to 12% interest back on Bitcoin with Tantra: https://bit.ly/3h3lL0jIBAC assists central banks and sovereign wealth funds succeed in their digital asset investments: https://www.ibac.io/Automatic Recurring Bitcoin Buying: https://www.swanbitcoin.com/breedlove/

Non HTTP Requests Hitting Web Server https://isc.sans.edu/forums/diary/Things+that+go+Bump+in+the+Night+Non+HTTP+Requests+Hitting+Web+Servers/27924/ Apple Updates iOS/iPadOS to 15.0.2 https://saaramar.github.io/IOMFB_integer_overflow_poc/ https://support.apple.com/en-us/HT212846 Weak SSH Keys Used with GitKraken https://github.blog/2021-10-11-github-security-update-revoking-weakly-generated-ssh-keys/ Let's Encrypt Outage https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/6164b5af714e1f053880ba0c

Two weeks ago, the Department of Justice's Office of Inspector General released a report on the FBI's mishandling of Foreign Intelligence Surveillance Act applications. It's the latest in a string of Inspector General reports and other documents to talk about the process. To go through the latest report, why the process is so important and what it all means, Jacob Schulz sat down on Lawfare Live with Lawfare editor-in-chief Benjamin Wittes, and Adam Klein, the former chairman of the Privacy and Civil Liberties Oversight Board, who is now at the University of Texas at Austin's Strauss Center as director of the program on Technology, Security, and Global Affairs. They discussed what's in the latest report, what to make of it and how to think about reforms to the process in general.Support this show http://supporter.acast.com/lawfare. See acast.com/privacy for privacy and opt-out information.