'Box 39' is the long-running and unique magazine radio show, originally broadcast on Colne Radio in North East Essex, UK. Fresh, innovative and unexpected, and blending gorgeous music, features, chat and banter, its a show based in the heart of our local, national and international community. What will come out of Box 39 next?
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Catch up on the local headlines of the day with the "KUOW Newsroom" podcast. One podcast feed, all the great local reporting you expect from KUOW and NPR. Headline summaries posted every weekday around 5 p.m. Special features and interviews posted throughout the day. We're trying out some new formats on this feed. Let us know what you think at newsroom@kuow.org.
…
continue reading
Marxist and Materialist analysis of the happenings in Lexington, KY with the occasional urban geography perspective
…
continue reading
![Artwork](/static/images/128pixel.png)
1
MS Patch Tuesday: Which Vulnerabilities Really Need Prioritizing - Douglas McKee - PSW #836
1:05:12
1:05:12
Play later
Play later
Lists
Like
Liked
1:05:12
Doug and the Security Weekly crew talk about vulnerabilities, are we patching the right things? This is the burning question. We will try to answer it. Segment Resources: https://blog.sonicwall.com/en-us/2024/04/patch-tuesday-which-vulnerabilities-really-need-prioritizing/ Show Notes: https://securityweekly.com/psw-836…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
MS Patch Tuesday: Which Vulnerabilities Really Need Prioritizing. - Douglas McKee - PSW #836
3:04:36
3:04:36
Play later
Play later
Lists
Like
Liked
3:04:36
Doug and the Security Weekly crew talk about vulnerabilities, are we patching the right things? This is the burning question. We will try to answer it. Segment Resources: https://blog.sonicwall.com/en-us/2024/04/patch-tuesday-which-vulnerabilities-really-need-prioritizing/ Segment description coming soon!The Crowdstrike incident: what happened and …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
episode 165 - SELF-HELP BOOKS with ADRIAN COEN
1:00:00
1:00:00
Play later
Play later
Lists
Like
Liked
1:00:00
Either: This is an odyssey of Adrian’s personal development, through his newly discovered and intimate self-help library. Or: Adrian lifts the covers on the spurious world of monetised fakery, which exploits weakness and need, as we all seek answers. It’s one or the other. With Adrian Coen
…
continue reading
![Artwork](/static/images/128pixel.png)
1
SAPwned, Squarespace Domain Hijacks, AIs Fixing Code, Infosec Investments - ASW #292
28:57
28:57
Play later
Play later
Lists
Like
Liked
28:57
SAPwned demonstrates tenets of tenant isolation, a weak login flow puts Squarespace domains at risk, how AIs might (or might not) be useful for fixing code, getting buy-in for infosec investments, and more! Show Notes: https://securityweekly.com/asw-292
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Risk Management Insights: What CEOs and Boards Really Need - Jeff Recor - BSW #357
32:39
32:39
Play later
Play later
Lists
Like
Liked
32:39
Security is a risk management discipline. No one understand that more than Jeff Recor. Jeff has built risk management practices for Deloitte, Grant Thornton, and Accenture and has recently formed his own risk consulting practice. In this unscripted interview, Jeff will share his insights on the evolution of security as a risk management discipline,…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Killer Robots, Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet and More - SWN #400
34:11
34:11
Play later
Play later
Lists
Like
Liked
34:11
Elon's Killer Robots, Crowdstrike and More Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-400
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Where Generative AI Can Actually Help Security (And Where It Doesn't) - Farshad Abasi, Allie Mellen - ASW #292
1:05:00
1:05:00
Play later
Play later
Lists
Like
Liked
1:05:00
Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-ful…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Where Generative AI Can Actually Help Security (And Where It Doesn't) - Allie Mellen, Farshad Abasi - ASW #292
36:04
36:04
Play later
Play later
Lists
Like
Liked
36:04
Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-ful…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Killer Robots, Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet and More - SWN #400
34:16
34:16
Play later
Play later
Lists
Like
Liked
34:16
Elon's Killer Robots, Crowdstrike and More Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet, and more, on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-400
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Closing CISO-CEO Communication Gap Requires a Common Business Language - Sumedh Thakar, Jeff Recor - BSW #357
1:11:22
1:11:22
Play later
Play later
Lists
Like
Liked
1:11:22
Back in April, we covered a story on episode #348 titled "CISO-CEO communication gaps continue to undermine cybersecurity". In that article, Sumedh Thakar, the CEO at Qualys, stated "CISOs must translate technical risks into business impact for CEOs." But he didn't say how. So, we invited him on the show to explain. In this episode, Sumedh walks us…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Closing CISO-CEO Communication Gap Requires a Common Business Language - Sumedh Thakar - BSW #357
39:09
39:09
Play later
Play later
Lists
Like
Liked
39:09
Back in April, we covered a story on episode #348 titled "CISO-CEO communication gaps continue to undermine cybersecurity". In that article, Sumedh Thakar, the CEO at Qualys, stated "CISOs must translate technical risks into business impact for CEOs." But he didn't say how. So, we invited him on the show to explain. In this episode, Sumedh walks us…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Analyzing the CrowdStrike Incident and Its Ripple Effects - SWN #399
42:23
42:23
Play later
Play later
Lists
Like
Liked
42:23
In this episode of Security Weekly News, Dr. Doug White and Josh Marpet delve into the widespread impact of the recent CrowdStrike and Microsoft technical issue, which disrupted various industries, including airlines, DMVs, and hospitals. They discuss the interconnectedness of modern systems, the reliance on automatic updates, and the critical need…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Analyzing the CrowdStrike Incident and Its Ripple Effects - SWN #399
42:17
42:17
Play later
Play later
Lists
Like
Liked
42:17
In this episode of Security Weekly News, Dr. Doug White and Josh Marpet delve into the widespread impact of the recent CrowdStrike and Microsoft technical issue, which disrupted various industries, including airlines, DMVs, and hospitals. They discuss the interconnectedness of modern systems, the reliance on automatic updates, and the critical need…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Omelet with a side of Bach: Kenji López-Alt’s experimental cooking performance
3:41
3:41
Play later
Play later
Lists
Like
Liked
3:41
By Ruby de Luna
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Rumored Wiz Deal Would be HISTORIC (if it happens), redefining shared responsibility - ESW #368
54:43
54:43
Play later
Play later
Lists
Like
Liked
54:43
In this week's enterprise security news, Google is rumored to be considering acquiring Wiz for $23 BILLION ThreatConnect acquires Polarity XBOW and Sola Security are interesting new companies we’ll discuss What does “shared responsibility” actually mean? Palo Alto probably isn’t going to buy your startup Snowflake-related breaches continue getting …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Jump-starting SOC Analyst Careers, Addressing Cybersecurity Industry Challenges, and Historic Rumors in Enterprise Security - ESW #368
2:06:23
2:06:23
Play later
Play later
Lists
Like
Liked
2:06:23
In this episode of Enterprise Security Weekly, we revisit the insightful book "Jump-start Your SOC Analyst Career" with authors Jarrett Rodrick and Tyler Wall, exploring updates on career paths, opportunities, and the industry's reality. We delve into the myths versus the truths about cybersecurity careers, discussing the viability of high salaries…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
What's wrong with the cybersecurity industry and what we can do about it - Richard Hollis - ESW #368
36:47
36:47
Play later
Play later
Lists
Like
Liked
36:47
On this segment, we're going to zoom all the way out to discuss one of my favorite topics: what's fundamentally wrong with this industry? I believe we're at an inflection point: security teams have budget, staff, and more sway at the board level than ever. The cybersecurity market is doing great - growing at an astonishing rate with cyber startups …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Book Discussion: Jump-start Your SOC Analyst Career - Jarrett Rodrick, Tyler Wall - ESW #368
34:39
34:39
Play later
Play later
Lists
Like
Liked
34:39
Three years after we last discussed this book on episode #221, Jarrett Rodrick returns, joined by co-author Tyler Wall to discuss an update of the book. We talk opportunities and layoffs. Career paths and experience. Degrees, certifications, and home labs. We talk about who cybersecurity is the right field for, and the pros and cons of the industry…
…
continue reading
Find new flaws in UEFI using STASE, combining vulnerabilities to exploit Sonicwall Devices, remote BMC exploits, Netgear patches, and not a lot of information, 22 minutes before exploited, if the secrets were lost, we'd all be in screwed, Exim has not been replaced by something better and its vulnerable, CISA's red team reports, and attackers use d…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
3D Printing For Hackers - David Johnson - PSW #835
1:03:50
1:03:50
Play later
Play later
Lists
Like
Liked
1:03:50
Thinking about getting a 3D printer or have one and need a good primer? Check out this segment, we live 3D print a Captain Crunch whistle and talk all about 3D printing for hackers! Segment Resources: Slides used in this segment: https://files.scmagazine.com/wp-content/uploads/2024/07/3D-Printing-for-Hackers.pdf Major 3D Printer Websites: https://v…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
3D Printing For Hackers - David Johnson - PSW #835
3:01:58
3:01:58
Play later
Play later
Lists
Like
Liked
3:01:58
Thinking about getting a 3D printer or have one and need a good primer? Check out this segment, we live 3D print a Captain Crunch whistle and talk all about 3D printing for hackers! Segment Resources: Slides used in this segment: https://files.scmagazine.com/wp-content/uploads/2024/07/3D-Printing-for-Hackers.pdf Major 3D Printer Websites: https://v…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
A 2024 Appsec Report, Preparing for the AIxCC, Secure Design and Post-Quantum Crypto - ASW #291
35:58
35:58
Play later
Play later
Lists
Like
Liked
35:58
Cloudflare's 2024 appsec report, reasoning about the Cyber Reasoning Systems for the upcoming AIxCC semifinals at DEF CON, lessons in secure design from post-quantum cryptography, and more! Show Notes: https://securityweekly.com/asw-291
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet and more... - SWN #398
29:20
29:20
Play later
Play later
Lists
Like
Liked
29:20
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet, and more are on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-398
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet and more... - SWN #398
29:20
29:20
Play later
Play later
Lists
Like
Liked
29:20
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet, and more are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-398
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291
1:09:02
1:09:02
Play later
Play later
Lists
Like
Liked
1:09:02
How can LLMs be valuable to developers as an assistant in finding and fixing insecure code? There are a lot of implications in trusting AI or LLMs to not only find vulns, but in producing code that fixes an underlying problem without changing an app's intended behavior. Stuart McClure explains how combining LLMs with agents and RAGs helps make AI-i…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291
33:06
33:06
Play later
Play later
Lists
Like
Liked
33:06
How can LLMs be valuable to developers as an assistant in finding and fixing insecure code? There are a lot of implications in trusting AI or LLMs to not only find vulns, but in producing code that fixes an underlying problem without changing an app's intended behavior. Stuart McClure explains how combining LLMs with agents and RAGs helps make AI-i…
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Board and CEO Understanding of CyberSecurity as CISOs Grapple with the C-Suite - BSW #356
30:55
30:55
Play later
Play later
Lists
Like
Liked
30:55
In the leadership and communications section, The Board’s understanding of cybersecurity, What does your CEO need to know about cybersecurity?, As CISOs grapple with the C-suite, job satisfaction takes a hit, and more! Show Notes: https://securityweekly.com/bsw-356
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Solving the Complexities of Cyber Insurance for SMBs - Brian Fritton - BSW #356
35:29
35:29
Play later
Play later
Lists
Like
Liked
35:29
Cyber insurance underwriting is all over the map. With such a variation in application requirements, how should small and medium businesses prepare to receive the best policy for the price? Brian Fritton joins Business Security Weekly to discuss a systematic approach to preparing for cyber insurance. By working with the underwriters, this approach …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Solving the Complexities of Cyber Insurance for SMBs - Brian Fritton - BSW #356
1:06:15
1:06:15
Play later
Play later
Lists
Like
Liked
1:06:15
Cyber insurance underwriting is all over the map. With such a variation in application requirements, how should small and medium businesses prepare to receive the best policy for the price? Brian Fritton joins Business Security Weekly to discuss a systematic approach to preparing for cyber insurance. By working with the underwriters, this approach …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Autobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More... - SWN #397
34:19
34:19
Play later
Play later
Lists
Like
Liked
34:19
Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-397
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Autobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More... - SWN #397
34:19
34:19
Play later
Play later
Lists
Like
Liked
34:19
Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-397
…
continue reading
![Artwork](/static/images/128pixel.png)
1
Joiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? - Henrique Teixeira - ESW #367
1:31:28
1:31:28
Play later
Play later
Lists
Like
Liked
1:31:28
I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and …
…
continue reading
![Artwork](/static/images/128pixel.png)
1
More Vulnerability Shenanigans - PSW #834
2:21:14
2:21:14
Play later
Play later
Lists
Like
Liked
2:21:14
Bats in your headset, Windows Wifi driver vulnerabilities, Logitech's dongles, lighthttpd is heavy with vulnerabilities, node-ip's not vulnerability, New Intel CPU non-attacks, Blast Radius, Flipper Zero alternatives, will OpenSSH be exploited, emergency Juniper patches, and the D-Link botnet grows. Show Notes: https://securityweekly.com/psw-834…
…
continue reading