Each week Cheryl Wilkerson speaks with community leaders, inspiring people and the most interesting movers and shakers from Hampton Roads and beyond.
…
continue reading
News and Notes from the Best College Basketball Conference in the Country
…
continue reading
Bridging the gap between Jewish leaders and those who follow them.Michelle W. Malkin interviews leaders in the North American Jewish community about working in Jewish organizations and congregations, philanthropy, the changing landscape of the community, recent research, philanthropy, youth, education, social action, and more!
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
1
On The Line with Cheryl Wilkerson - April 14, 2024 - Special Guest: Eli Harold
30:00
30:00
Play later
Play later
Lists
Like
Liked
30:00
On The Line with Cheryl Wilkerson - April 14, 2024 - Special Guest: Eli HaroldBy Cheryl Wilkerson
…
continue reading
1
Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387
32:00
32:00
Play later
Play later
Lists
Like
Liked
32:00
Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & more on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-387
…
continue reading
1
Post-RSAC, Our Heads Are Spinning, and Big News Keeps on Coming! Plus On-Site Interviews from RSAC - ESW #362
2:27:32
2:27:32
Play later
Play later
Lists
Like
Liked
2:27:32
Suddenly SIEMs are all over the news! In a keynote presentation, Crowdstrike CEO George Kurtz talked about the company's "next-gen" SIEM. Meanwhile, Palo Alto, who was taken to task by some for not having an active presence on the RSAC expo floor, hits the headlines for acquiring IBM's SIEM product, just to shut it down! Meanwhile, LogRhythm and Ex…
…
continue reading
1
The Impacts Of Cryptocurrency - Nicholas Weaver - PSW #829
3:12:50
3:12:50
Play later
Play later
Lists
Like
Liked
3:12:50
Has cryptocurrency done more harm than good? Our guest for this segment has some interesting views on its impacts! Vulnrichment (I just like saying that word), Trustworthy Computing Memo V2, SSID confusion, the Flipper Zero accessory for Dads, the state of exploitation, Hackbat, Raspberry PI Connect, leaking VPNs, exploiting faster?, a new Outlook …
…
continue reading
1
3000 Years Ago, Dell, Robocalls, PyPI, Cinterion, Cacti, Chat-GPT, Josh Marpet... - SWN #386
36:58
36:58
Play later
Play later
Lists
Like
Liked
36:58
3000 Years Ago, Dell, Robocalls, PyPI, Cinterion, Cacti, Chat-GPT, Windows, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-386
…
continue reading
1
Inside the OWASP Top 10 for LLM Applications - Sandy Dunn, Mike Fey, Josh Lemos - ASW #285
1:06:40
1:06:40
Play later
Play later
Lists
Like
Liked
1:06:40
Everyone is interested in generative AIs and LLMs, and everyone is looking for use cases and apps to apply them to. Just as the early days of the web inspired the original OWASP Top 10 over 20 years ago, the experimentation and adoption of LLMs has inspired a Top 10 list of their own. Sandy Dunn talks about why the list looks so familiar in many wa…
…
continue reading
1
Identity Resilience: The Next Frontier in Security - Hed Kovetz, Ray Zadjmool, Jeff Margolies - BSW #350
1:01:22
1:01:22
Play later
Play later
Lists
Like
Liked
1:01:22
In today's enterprises, the Identity Access Management (IAM) System is the key to a business' critical operations. But that IAM environment is more vulnerable than most security executives realize. Segment Resources: https://www.mightyid.com/articles/the-r-in-itdr-the-missing-piece-in-identity-threat-detection-and-response https://www.mightyid.com/…
…
continue reading
1
Easy Passwords, BIG-IP, Ascension, Lockbit, Google, Poland, ZScaler, Aaran Leyland... - SWN #385
36:57
36:57
Play later
Play later
Lists
Like
Liked
36:57
Easy Passwords, BIG-IP, Ascension, Lockbit, Google, Poland, ZScaler, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-385
…
continue reading
1
Executive Interviews from RSAC! - ESW #361
2:09:12
2:09:12
Play later
Play later
Lists
Like
Liked
2:09:12
Tune in to hear 9 executive interviews from RSA Conference 2024, featuring speakers from Zscaler, Open Systems, Aryaka, OpenText, Hive Pro, Critical Start, Anomali, Cyware, and Pentera! Find individual descriptions for each interview on the show notes. Show Notes: https://securityweekly.com/esw-361
…
continue reading
1
Corporate Ransomware Deep Dive - Jeremiah Grossman, Mikko Hypponen - PSW #828
1:56:15
1:56:15
Play later
Play later
Lists
Like
Liked
1:56:15
In this RSAC 2024 South Stage Keynote, Mikko Hyppönen will look back at the past decade of ransomware evolution and explore how newer innovations, like AI, are shaping its future. Illuminating the Cybersecurity Path: A Conversation with Jeremiah Grossman Join us for a compelling episode featuring Jeremiah Grossman, a prominent figure in the cyberse…
…
continue reading
1
On The Line with Cheryl Wilkerson - May 5, 2024
28:20
28:20
Play later
Play later
Lists
Like
Liked
28:20
On The Line with Cheryl Wilkerson - May 5, 2024By Cheryl Wilkerson
…
continue reading
1
Tetris, APT42, Kimsuky, Android, ChatRTX, MITRE, Computer Dating, Josh Marpet, More - SWN #384
37:44
37:44
Play later
Play later
Lists
Like
Liked
37:44
Tetris, APT42, Kimsuky, Android, ChatRTX, MITRE, Computer Dating, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-384
…
continue reading
1
AI & Hype & Security (Oh My!) & Hacking AI Bias - Caleb Sima, Keith Hoodlet - ASW #284
1:04:57
1:04:57
Play later
Play later
Lists
Like
Liked
1:04:57
A lot of AI security has nothing to do with AI -- things like data privacy, access controls, and identity are concerns for any new software and in many cases AI concerns look more like old-school API concerns. But...there are still important aspects to AI safety and security, from prompt injection to jailbreaking to authenticity. Caleb Sima explain…
…
continue reading
1
Say Easy, Do Hard - Train How You Fight, Part 1 - Malcolm Harkins - BSW #349
1:00:29
1:00:29
Play later
Play later
Lists
Like
Liked
1:00:29
Inspired by my co-host Jason Albuquerque, this quarter's Say Easy, Do Hard segment is Train How You Fight. In part 1, we discuss the importance of training for a cyber incident. However, lots of organizations do not take it seriously, causing mistakes during an actual cyber incident. How will the lack of preparation impact your organization during …
…
continue reading
1
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland... - SWN #383
35:15
35:15
Play later
Play later
Lists
Like
Liked
35:15
Weird Al, Docker, OT, Gitlab, Credit Monitoring, Dropbox, Cisco, AI, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-383
…
continue reading
1
Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360
1:57:07
1:57:07
Play later
Play later
Lists
Like
Liked
1:57:07
It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the different tasks you need to complete long before an incident occurs. Resources 5 Best Practices for Build…
…
continue reading
The Security Weekly crew discusses some of the latest articles and research in cryptography and some background relevant subtopics including the race against quantum computing, key management, creating your own crypto, selecting the right crypto and more! https://www.globalsecuritymag.com/keysight-introduces-testing-capabilities-to-strengthen-post-…
…
continue reading
1
AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more. - SWN #382
37:17
37:17
Play later
Play later
Lists
Like
Liked
37:17
AI, Okta, Chrome, Quantum, Kaiser Permanente, FTC, FCC, NCSC, Josh Marpet, and more, are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-382
…
continue reading
1
Why Companies Continue to Struggle with Supply Chain Security - Melinda Marks - ASW #283
1:19:42
1:19:42
Play later
Play later
Lists
Like
Liked
1:19:42
Companies deploy tools (usually lots of tools) to address different threats to supply chain security. Melinda Marks shares some of the chaos those companies still face when trying to prioritize investments, measure risk, and scale their solutions to keep pace with their development. Not only are companies still figuring out supply chain, but now th…
…
continue reading
1
On The Line with Cheryl Wilkerson - April 21, 2024 - Special Guest: Michelle Ellis Young
28:56
28:56
Play later
Play later
Lists
Like
Liked
28:56
On The Line with Cheryl Wilkerson - April 21, 2024 - Special Guest: Michelle Ellis YoungBy Cheryl Wilkerson
…
continue reading
1
Meet Silver SAML: Golden SAML in the Cloud - Eric Woodruff - BSW #348
59:35
59:35
Play later
Play later
Lists
Like
Liked
59:35
A hybrid workforce requires hybrid identity protection. But what are the threats facing a hybrid workforce? As identity becomes the new perimeter, we need to understand the attacks that can allow attackers access to our applications. Eric Woodruff, Product Technical Specialist at Semperis, joins Business Security Weekly to discuss those attacks, in…
…
continue reading
1
Stepping Up To Support Democracy with Eli Greenstein Jacober, Senior Director of Growth Strategy at Repair the World
48:35
48:35
Play later
Play later
Lists
Like
Liked
48:35
Eli and I discuss some of the ways volunteers step-up the support the democratic process during voting season. Learn how Repair The World is partnering with A More Perfect Union to promote and encourage volunteerism around the election. Repair The World This episode is part of a collaboration with A More Perfect Union, The Jewish Partnership for De…
…
continue reading
1
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381
38:11
38:11
Play later
Play later
Lists
Like
Liked
38:11
TikTok, Flowmon, Arcane Door, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-381
…
continue reading
1
Advising The President On Cyber-Physical Resilience - Philip Venables - PSW #826
2:50:30
2:50:30
Play later
Play later
Lists
Like
Liked
2:50:30
On February 27, 2024, PCAST (President’s Council of Advisors on Science and Technology) sent a report to the President with recommendations to bolster the resilience and adaptability of the nation’s cyber-physical infrastructure resources. Phil was part of the team that worked on the report and comes on the show to talk about what was recommended a…
…
continue reading
1
Autonomous - I don't think that word means what you think it means - Adam Shostack, Ely Kahn - ESW #359
1:57:31
1:57:31
Play later
Play later
Lists
Like
Liked
1:57:31
A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when I see it…
…
continue reading
1
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380
37:02
37:02
Play later
Play later
Lists
Like
Liked
37:02
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-380
…
continue reading
1
Sustainable Funding of Open Source Tools - Mark Curphey, Simon Bennetts - ASW #282
1:17:57
1:17:57
Play later
Play later
Lists
Like
Liked
1:17:57
How can open source projects find a funding model that works for them? What are the implications with different sources of funding? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from OWASP to OpenSSF to an Open Source Fellowship with Crash Override. Mark Curphy adds how his experience with OWASP and the appsec commu…
…
continue reading
1
What does DoD’s CMMC Requirement Mean for American Businesses - Edward Tuorinsky, Mike Lyborg - BSW #347
1:04:41
1:04:41
Play later
Play later
Lists
Like
Liked
1:04:41
Since 2016, we been hearing about the impending impact of CMMC. But so far, it's only been words. That looks to be changing. Edward Tourinsky, Founder & Managing Principal at DTS, joins Business Security Weekly to discuss the coming impact of CMMC v3. Edward will cover: The background of CMMC Standardization of CMMC CMMC v3 changes and implementati…
…
continue reading
1
Win 95, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland... - SWN #379
34:41
34:41
Play later
Play later
Lists
Like
Liked
34:41
Win 95, Cheat Lab, LastPass, Kubernetes, Sandworm, Bloomtech, Frontier, 911, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-379
…
continue reading
1
Best of Human Emotions with Paul Golin, Executive Director of the Society for Humanistic Judaism
1:05:24
1:05:24
Play later
Play later
Lists
Like
Liked
1:05:24
Paul and I delve into another aspect of Judaism, one that enriches an individual's connection to our historical tradition while supporting their desire to adapt the content to suit modern life. The Society for Humanistic Judaism This episode is part of a collaboration with A More Perfect Union, The Jewish Partnership for Democracy: www.jewishdemocr…
…
continue reading
1
From Hackers to Streakers - How Counterintelligence Teams are Protecting the NFL - Joe McMann - ESW #358
1:47:19
1:47:19
Play later
Play later
Lists
Like
Liked
1:47:19
Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann a…
…
continue reading
1
PCI 4.0 - Winn Schwartau - PSW #825
2:07:44
2:07:44
Play later
Play later
Lists
Like
Liked
2:07:44
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for a…
…
continue reading
1
Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, & Josh Marpet - SWN #378
33:35
33:35
Play later
Play later
Lists
Like
Liked
33:35
Duo, Steganography, Roku, Palo Alto, Putty, Cerebral, IPOs, SanDisk, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-378
…
continue reading
1
Demystifying Security Engineering Career Tracks - Karan Dwivedi - ASW #281
1:03:23
1:03:23
Play later
Play later
Lists
Like
Liked
1:03:23
There are as many paths into infosec as there are disciplines within infosec to specialize in. Karan Dwivedi talks about the recent book he and co-author Raaghav Srinivasan wrote about security engineering. There's an appealing future to security taking on engineering roles and creating solutions to problems that orgs face. We talk about the breadt…
…
continue reading
1
From Idea to Success: How to Operationalize a Startup from Zero to Exit - Seth Spergel - BSW #346
55:40
55:40
Play later
Play later
Lists
Like
Liked
55:40
Startup founders dream of success, but it's much harder than it looks. As a former founder, I know the challenges of cultivating an idea, establishing product market fit, growing revenue, and finding the right exit. Trust me, it doesn't always end well. In this interview, we welcome Seth Spergel, Managing Partner at Merlin Ventures, to discuss how …
…
continue reading
1
Combadges, SISENSE, Microsoft, CISA, Lastpass, Palo Alto, Broadband, Aaran and More - SWN #377
30:44
30:44
Play later
Play later
Lists
Like
Liked
30:44
Combadges, SISENSE, Microsoft, Malware Next-Gen, Lastpass, Palo Alto, Broadband, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-377
…
continue reading
1
On The Line with Cheryl Wilkerson - April 7, 2024 - Special Guest: James Overton
29:50
29:50
Play later
Play later
Lists
Like
Liked
29:50
On The Line with Cheryl Wilkerson - April 7, 2024 - Special Guest: James OvertonBy Cheryl Wilkerson
…
continue reading
1
Understanding KillNet and Recent Waves of DDoS Attacks - Michael Smith - ESW #357
1:42:25
1:42:25
Play later
Play later
Lists
Like
Liked
1:42:25
In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more …
…
continue reading
1
Digging Into Supply Chain Security - James McMurry - PSW #824
3:00:28
3:00:28
Play later
Play later
Lists
Like
Liked
3:00:28
Jim joins the Security Weekly crew to discuss all things supply chain! Given the recent events with XZ we still have many topics to explore, especially when it comes to practical advice surrounding supply chain threats. Ahoi new VM attacks ahead! HTTP/2 floods, USB Hid and run, forwarded email tricks, attackers be scanning, a bunch of nerds write s…
…
continue reading
1
Dronepocalypse, Microsoft, DLINK, Home Depot, Phishing, NIST, VenomRat, Josh Marpet - SWN #376
35:45
35:45
Play later
Play later
Lists
Like
Liked
35:45
Dronepocalypse, Privacy, Microsoft, DLINK, Home Depot, Phishing, NIST, VenomRat, Josh Marpet, and more, are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-376
…
continue reading
1
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
1:00:18
1:00:18
Play later
Play later
Lists
Like
Liked
1:00:18
We look into the supply chain saga of the XZ Utils backdoor. It's a wild story of a carefully planned long con to add malicious code to a commonly used package that many SSH connections rely on. It hits themes from social engineering and abuse of trust to obscuring the changes and suppressing warnings. It also has a few lessons about software devel…
…
continue reading
1
Understanding the Cybersecurity Ecosystem - Ross Haleliuk - BSW #345
1:00:53
1:00:53
Play later
Play later
Lists
Like
Liked
1:00:53
In this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a black belt in kung fu (there might be holes in these examples, but you ho…
…
continue reading
1
SEXi, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More - SWN #375
33:04
33:04
Play later
Play later
Lists
Like
Liked
33:04
SEXi, AI Dreams, Powerhost, Acuity, Layerslider, JSOutProx, Byakugan, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-375
…
continue reading
1
XZ - Backdoors and The Fragile Supply Chain - PSW #823
2:52:20
2:52:20
Play later
Play later
Lists
Like
Liked
2:52:20
As most of you have probably heard there was a scary supply chain attack against the open source compression software called "xz". The security weekly hosts will break down all the details and provide valuable insights. https://blog.qualys.com/vulnerabilities-threat-research/2024/03/29/xz-utils-sshd-backdoor https://gynvael.coldwind.pl/?id=782 http…
…
continue reading
1
Getting Vulnerability Management Back on the Rails - Patrick Garrity - ESW #356
1:57:23
1:57:23
Play later
Play later
Lists
Like
Liked
1:57:23
NVD checked out, then they came back? Maybe? Should the xz backdoor be treated as a vulnerability? Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats? What were some of the takeaways from the first-ever VulnCon? EPSS is featured in over 100 security products, but is it properly supported by those that ben…
…
continue reading
1
Raising Up The Next Generation with Dr. Dean P. Bell, President & CEO of Spertus Institute
48:31
48:31
Play later
Play later
Lists
Like
Liked
48:31
Dr. Dean Bell and I explore an important Jewish educational institution and how it is changing and adapting to fit the needs of Jewish professionals today. www.spertus.edu This episode is part of a collaboration with A More Perfect Union, The Jewish Partnership for Democracy: www.jewishdemocracy.org Listen to all IWYK episodes on our website: www.i…
…
continue reading
1
Lena, XZ, WallEscape, AT&T, OWASP, Google, Microsoft, AI, Josh Marpet, and More - SWN #374
32:57
32:57
Play later
Play later
Lists
Like
Liked
32:57
Lena, XZ, WallEscape, AT&T, OWASP, Google, Microsoft, AI, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-374
…
continue reading
1
Infosec Myths, Mistakes, and Misconceptions - Adrian Sanabria - ASW #279
1:00:57
1:00:57
Play later
Play later
Lists
Like
Liked
1:00:57
Sometimes infosec problems can be summarized succinctly, like "patching is hard". Sometimes a succinct summary sounds convincing, but is based on old data, irrelevant data, or made up data. Adrian Sanabria walks through some of the archeological work he's done to dig up the source of some myths. We talk about some of our favorite (as in most dislik…
…
continue reading
1
CISO Soul Searching: Navigating the Evolving Role of the CISO - Harold Rivas - BSW #344
56:52
56:52
Play later
Play later
Lists
Like
Liked
56:52
Harold Rivas has held multiple CISO roles. In his current CISO role, he's championing Trellix's overall mission to address the issues CISOs face every day, encouraging information sharing and collaborative discussions among the CISO community to help address challenges and solve real problems together - part of this is through Trellix's Mind of the…
…
continue reading
1
Finding The Space Between with Rabbi Josh Feigelson, President and CEO of the Institute for Jewish Spirituality
1:02:06
1:02:06
Play later
Play later
Lists
Like
Liked
1:02:06
Rabbi Feigelson and I delve into his leadership journey both as a Rabbi and a PhD holder, exploring how he has nurtured the growth of the organization. We discuss the impact of his work on individuals at various levels, including himself, and examine the intersection between mindfulness and the ideals of democracy. www.jewishspirituality.org This e…
…
continue reading