show episodes
 
Do you want to experience the most delicious way of living life? To trust in the wisdom of your body by reconnecting or awakening the delights of your power? The Sensuality Empowerment Show is dedicated to empowering humans to move away from their vulnerability shame, ignite self expression, embody self love and own your magic, so you can step into freedom and deeper connection within. I am committed to my personal journey of healing past trauma and connecting to myself on a deep level, thro ...
 
Application Security Weekly decrypts development for the Security Professional - exploring how to inject security into their organization’s Software Development Lifecycle (SDLC) in a fluid and transparent way; Learn the tools, techniques, and processes necessary to move at the speed of DevOps (even if you aren’t a DevOps shop yet). The target audience for Application Security Weekly spans the gamut of Security Engineers and Practitioners that need to level-up their skills in the Application ...
 
Loading …
show series
 
There's a big difference between finding vulns and securing apps. When we hear the phrase "shift left", what are we actually shifting? Maybe there's something more that security can learn when we look at the vulns popularized by the OWASP Top 10 and the major breaches DevOps teams are dealing with in cloud environments. Visit https://www.securitywe…
 
It has been a while since we had an exploit extravaganza but here we are. Several binary-level issues from Bad Neighbor on Windows to BleedingTooth on Linux, and several vulns in Qualcomm SoCs, even a Discord RCE. [00:00:57] Introducing Edge Vulnerability Research [00:06:57] Cache Partitioning in Chrome [00:10:29] Magma: A Ground-Truth Fuzzing Benc…
 
Patch Your Windows - “Ping of Death” bug revealed, 800,000 SonicWall VPNs vulnerable to remote code execution bug, T2 Exploit Team Creates Cable That Hacks Mac, Zoom Rolling Out End-to-End Encryption, and 'BleedingTooth' Bluetooth flaw! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com…
 
Join Taylor McCaslin, Security Product Manager at GitLab to discuss current trends in the application security testing industry. We'll chat about where the industry is at today and discuss advances in the field and what the future might hold. We've seen an explosion of security offerings from traditional security testing vendors to general source c…
 
Recorded Sept. 25, 2020 –Today is Nigel’s last episode as a regular host of BWT. Join us in wishing him a happy transition to his next chapter - as we all know, Nigel won’t ever actually retire. Today’s show is us chatting with Nigel - about his career and his take on the industry as he entered, and now as he moves on to whatever comes next. Every …
 
Its a web-exploit heavy episode impacing Apple, Hasicorp, Azure, Google, and even a DOMPurify Bypass. Then we end-off with a look into benchmarking fuzzers, and a look at the House of Muney heap exploitation technique. [00:00:49] Fuzzing internships for Open Source Software [00:03:15] CET Updates – CET on Xanax [00:09:07] Binary Ninja - Open Source…
 
Redefining Impossible: XSS without arbitrary JavaScript, API flaws in an "unconventional" smart device, Facebook Bug Bounty Announces "Hacker Plus", Anti-Virus Vulnerabilities, and Chrome Introduces Cache Partitioning! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw125…
 
Managing passwords is a critical developer task. Developers tasked with building or augmenting legacy authentication systems have a daunting task when facing modern adversaries. This session will review some of the changes suggested in NIST SP800-63b the "Digital Identity Guideline on Authentication and Lifecycle Management regarding password polic…
 
Donny, Alex, and Kirk discuss the Ryzen 5000 series CPU launch, analyze the numbers, and speculate about the Radeon 6000 teaser. Join us for the discussion! 0:00 - Start 0:37 - Ryzen 5000 info 31:19 - 500 Series chipset motherboards and compatibility 37:48 - Radeon 6000 teaser 49:17 - "Sponsored" by... ♥ Check out https://adoredtv.com for more tech…
 
Every wondering how you might fingerprint and trace exploit devs in the wild? Wondered what a backdoor in a D-Link router looks like? Want to hack Facebook (for Android)? We have all of that and more! [00:00:43] Google: Android Partner Vulnerability Initiative https://bugs.chromium.org/p/apvi/issues/list?q=&can=1 [00:02:55] Project Zero: Announcing…
 
DOMOS 5.8 - OS Command Injection, 4G, 5G networks could be vulnerable to exploit due to ‘mishmash’ of old technologies, Google sets up research grant for finding bugs in browser JavaScript engines, Announcing the launch of the Android Partner Vulnerability Initiative, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! S…
 
Developers are at the center of properly securing applications. A large number of security issues bury developers. We must understand the things every developer must know about security in order to help them. We must practice developer empathy, walking a mile in their shoes. Visit https://www.securityweekly.com/asw for all the latest episodes! Show…
 
Todays guest is the beautiful Chad Charles. I had the pleasure of working with Chad a few months ago. He held a sacred online breath-work session, after I had undertaken a deep journey with 5-MeO-DMT, also referred to as Toad or Buffo. This style of medicine is being touted as a healing modality for people who suffer trauma, depression or PTSD. I r…
 
On today’s show we take several of the larger security myths that are often heard around things like patching vulnerabilities - specifically the notion that more patches indicate less secure software. We also talk about other “common knowledge”-esque bits of advice we’ve all often come across. We could do a whole episode on silver bullets that (spo…
 
Lets go back in time to look at the leaked WinXP source, and a Half-Life 1 exploit. And, while we are at it a couple Instagram vulns and a cheap hardware attack against Android. [00:00:50] Windows XP Source Leak https://twitter.com/vxunderground/status/1309231131313737735 https://twitter.com/dangeredwolf/status/1310067935902343170 [00:12:49] "I'm n…
 
6 Things to Know About the Microsoft 'Zerologon' Flaw, You can bypass TikTok's MFA by logging in via a browser, Instagram RCE: Code Execution Vulnerability in Instagram App for Android and iOS, Shopify discloses security incident caused by two rogue employees, and Microsoft Advances DevOps Agenda! Visit https://www.securityweekly.com/asw for all th…
 
Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale, Bluetooth Spoofing Bug Affects Billions of IoT Devices, Firefox bug lets you hijack nearby mobile browsers via WiFi, Safeguarding Secrets Within the Pipeline, and more! Visit https://www.securityweekly.com/asw for all the latest episodes!…
 
Application logs are critical to DevOps teams for monitoring the performance and health of their apps. Those same logs are just as critical to understanding the security of apps, whether detecting attacks or responding to them. So, it's important that app logs contain the information needed for teams to collect useful signals and make informed deci…
 
Disinformation is front and center right now. As disinformation efforts constantly increase, platforms struggle to contain the problem without giving the appearance of censuring or controlling all information present. A Talos research team recently published some findings on the building blocks of disinformation campaigns (available via link below)…
 
Leading off this week's discussion is the news about the now remote CCC and Offensive Security's plans to retire OSCE. On the exploit side of things, this week we have a few recent bug bounties including a Google Maps XSS, a FreeBSD TOCTOU, and a couple of Linux kernel vulnerabilities. [00:02:30] CCC going remote this year due to pandemic [00:09:44…
 
BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys, Microsoft Patch Tuesday, Sept. 2020 Edition, XSS->Fix->Bypass: 10000$ bounty in Google Maps, Academics find crypto bugs in 306 popular Android apps, none get patched, using CRYLOGGER to detect crypto misuses dynamically, Remote Code Execution as SYSTEM/root via Backblaz…
 
Today I get to introduce one of my sponsors - Passionfruits. I refer Passionfruits as a one stop pleasure shop. From their elegant lingerie to the kink or bondage merchandise, sex toys and various pleasure workshops - you will soon understand why Passionfruits is not just your average sex shop. The sensuality boutique offers a luxurious range of pr…
 
Recorded August 14, 2020 –Let’s talk about FUD - it’s not enough to just say FUD sucks. Let’s talk about exactly how and why producers of FUD are garbage nightmare monster people. We also cover how they are actually damaging themselves, not just the people and organizations that buy their hype. We have rather strong opinions on this, so we invited …
 
A Tale of Escaping a Hardened Docker container, Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform, Upgrading GitHub to Ruby 2.7, Upgrading GitHub to Ruby 2.7, Redefining What CISO Success Looks Like, and Lessons from Uber: Be crystal clear on the law and your bug bounty policies! Visit https://www.securityweekly.com/asw for all the la…
 
Welcome to our regular Overvolted podcast! Matthew and Kirk discuss the likelihood of Ampere being on 7nm among other things. Join us for the discussion! ♥ Check out https://adoredtv.com for more tech! ♥ Subscribe To AdoredTV - http://bit.ly/1J7020P ► Support AdoredTV through Patreon https://www.patreon.com/adoredtv ◄ Buy Games on the Humble Store!…
 
What are challenges for companies moving to the cloud in forms of security? Marc Tremsal, Director of Product Management - Security at Datadog, will discuss these challenges and how he helps security teams overcome them throughout their cloud transformation. This segment is sponsored by Datadog. Visit https://securityweekly.com/datadog to learn mor…
 
How can couples come out of an intimacy rut and bring the sexy back?? A lot of couples are struggling with intimacy during lockdown OR if you are in a long term relationship, you may feel stagnant or disconnected with one another. Today’s guest is with the very sensual Elisa. Elisa is a sacred sexual shamanic and sexual practitioner who is devoted …
 
The Confused Mailman: Sending SPF and DMARC passing mail as any Gmail or G Suite customer, ATM makers Diebold and NCR deploy fixes for 'deposit forgery' attacks, Control Flow Guard for Clang/LLVM and Rust, Fuzzing Services Help Push Technology into DevOps Pipeline, and 7 Things to Make DevSecOps a Reality! Visit https://www.securityweekly.com/asw f…
 
Mid-markets do have AppSec expertise, the current AppSec products are focused on large enterprises and require AppSec expertise. Sken.ai is the new and the only AppSec scan tool, focused on mid-markets where DevOps can get started without any AppSec expertise. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https:/…
 
Kirk, Matthew, and Aurelian take a closer look at some of the weeks biggest tech news. RSS feed - https://anchor.fm/s/18a94b84/podcast/rss Timestamps: 0:00 - Start 0:55 - Intel Architecture Day 2020 6:10 - Tiger Lake Leak, DDR4+5, INTEL_TDDRK_MAX 8:44 - Intel Architecture Day (continued) 29:46 - nVidia Ampere RTX 3080 userbenchmark leak 38:48 - Nuv…
 
Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards, In-band key negotiation issue in AWS S3 Crypto SDK for golang, Re­VoL­TE attack can decrypt 4G (LTE) calls to eavesdrop on conversations, Hardware Security Is Hard: How Hardware Boundaries Define Platform Security, How to make your security team more business savvy, and more! Visit ht…
 
Cesar will demonstrate breach path prediction as well as other features. This segment is sponsored by Accurics. Visit https://securityweekly.com/accurics to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw118
 
Recorded July 31, 2020 –This week in BWT land, we’re discussing hacktivism - from the unintended consequences to the tropes perpetuated by Hollywood. Regardless of the reason or cause, hacktivism often wields DDoS and web defacement as easily deployed tools. We discuss some instances where using code as a weapon without deeper understanding can hav…
 
This is a powerful conversation that will no doubt have you rethink the term ‘toxic masculinity’ or the meaning of a 'real man'. I have been following Tyran's work for a while and he recently grabbed my attention with a few controversial posts that resonated with me SO of course I had to get him on the show. Tyran is many things but to me, he is a …
 
Kirk, Matthew, and Aurelian take a closer look at some of the weeks biggest tech news. https://anchor.fm/adoredtv 1RSS feed - https://anchor.fm/s/18a94b84/podcast/rss Timestamps: 0:00 - Start 0:56 - Exclusive: Intel voltage vulnerability can kill CPUs 15:24 - New Side-Channel attacks, Spectre and Meltdown return 22:10 - Intel exconfidential leak, 2…
 
Using Amazon GuardDuty to Protect Your S3, OkCupid Security Flaw Threatens Intimate Dater Details, Florida teen charged as “mastermind” in Twitter hack hitting Biden, Bezos, and others, Sandboxing and Workload Isolation, and Microsoft to remove all SHA-1 Windows downloads next week! Visit https://www.securityweekly.com/asw for all the latest episod…
 
As you go full DevSecOps, where does that leave security operations? Who makes changes that are required? How do you empower (or deputize) app folks or ops folks (DevOps) to make those operational changes? What kind of tooling is going to meet the need for that requirement? DisruptOps puts the concepts into action, empowering developers and ops fol…
 
Recorded July 17, 2020 –The gang’s all back this week, and we take on what happens when you get pwnd, hacked, or your data is leaked. It happens to all of us eventually, one quick moment connecting to public wifi, clicking on a bad link when you just aren’t paying enough attention, or your account data is leaked through no real fault of your own. S…
 
Matthew, Kirk, and Aurelian take a closer look at some of the weeks biggest tech news. ►Audio only (Spotify etc.) links below◄ https://anchor.fm/adoredtv RSS feed - https://anchor.fm/s/18a94b84/podcast/rss Timestamps: 0:00 - Start 0:37 - Intel 7nm Slips 6 months 21:54 - Murthy Departs Intel 23:54 - Radeon Instinct MI100 33:25 - Purple vs Samsonite …
 
TaskRouter JS SDK Security Incident, Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Read-Only Path Traversal Vulnerability, An EL1/EL3 coldboot vulnerability affecting 7 years of LG Android devices, Towards native security defenses for the web ecosystem, Academics smuggle 234 policy-violating skills on…
 
Today’s guest is with the very sensual, modern day Tantrika and spiritual seeker, Laura Deva. Laura is dedicated to the path of embodiment and believes that through accepting all of yourself you can let go of shame and embrace your full pleasure. One of the biggest pleasures in life is the pleasure of food and how we feed our body and soul. I am re…
 
Loading …

Quick Reference Guide

Copyright 2020 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login