Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Internet Radio Done Right
28 subscribers
Checked 1d ago
Added five years ago
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to Word Notes
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
T
TED Business
1 The trick to powerful public speaking | Lawrence Bernstein 17:27
17:27 
Play Later 
Play Later 
Lists 
Like 
Liked17:27
Play Later
Play Later
Lists
Like
LikedWhy do so many of us get nervous when public speaking? Communication expert Lawrence Bernstein says the key to dealing with the pressure is as simple as having a casual chat. He introduces the "coffee shop test" as a way to help you overcome nerves, connect with your audience and deliver a message that truly resonates. After the talk, Modupe explains a similar approach in academia called the "Grandma test," and how public speaking can be as simple as a conversation with grandma. Want to help shape TED’s shows going forward? Fill out our survey ! Become a TED Member today at ted.com/join Hosted on Acast. See acast.com/privacy for more information.…
dead-box forensics (noun)
Manage episode 458317238 series 2776022
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
A forensic technique where practitioners capture an entire image of a system and analyze the contents offline.
Learn more about your ad choices. Visit megaphone.fm/adchoices
259 episodes
ShareManage episode 458317238 series 2776022
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
A forensic technique where practitioners capture an entire image of a system and analyze the contents offline.
Learn more about your ad choices. Visit megaphone.fm/adchoices
259 episodes
All episodes
×
Please enjoy this encore of Word Notes. An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers. Learn more about your ad choices. Visit megaphone.fm/adchoices
1 OWASP security logging and monitoring failures (noun) 6:04
6:04 Play Later Play Later Lists Like Liked6:04
Play Later Play Later Lists Like LikedPlease enjoy this encore of Word Notes. The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system. Learn more about your ad choices. Visit megaphone.fm/adchoices
1 OWASP identification and authentication failures (noun) 5:58
5:58 Play Later Play Later Lists Like Liked5:58
Play Later Play Later Lists Like LikedPlease enjoy this encore of Word Notes. Ineffectual confirmation of a user's identity or authentication in session management. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure Audio reference link: “ Mr. Robot Hack - Password Cracking - Episode 1 .” YouTube Video. YouTube, September 21, 2016. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information. CyberWire Glossary link: https://thecyberwire.com/glossary/log4j Audio reference link: “ CISA Director: The LOG4J Security Flaw Is the ‘Most Serious’ She’s Seen in Her Career ,” by Eamon Javers (CNBC) and Jen Easterly (Cybersecurity and Infrastructure Security Director) YouTube, 20 December 20 2021. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. Software users are allowed access to data or functionality contrary to the defined zero trust policy by bypassing or manipulating the installed security controls. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore of Word Notes. The state of a web application when it's vulnerable to attack due to an insecure configuration. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-security-misconfiguration Audio reference link: “What Is the Elvish Word for Friend?” Quora, 2021. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore episode of Word Notes. A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-insecure-design Audio reference link: “ Oceans Eleven Problem Constraints Assumptions .” by Steve Jones, YouTube, 4 November 2015. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. A broad class of attack vectors, where an attacker supplies input to an applications command interpreter that results in unanticipated functionality. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-injection Audio reference link: “ APPSEC Cali 2018 - Taking on the King: Killing Injection Vulnerabilities ” YouTube Video. YouTube, March 19, 2018. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. Code that fails to protect sensitive information. CyberWire Glossary link: https://thecyberwire.com/glossary/owasp-cryptographic-failure Audio reference link: Vandana Verma. “ OWASP Spotlight - Project 10 - Top10 .” YouTube Video. YouTube, January 4, 2021. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Enjoy this encore of Word Notes. The prevention of the first part of an intrusion kill chain model exploitation technique, where the hacker steals valid logging credentials from a targeted victim. CyberWire Glossary link: https://thecyberwire.com/glossary/account-takeover-prevention Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. The process of proactively searching through networks to detect and isolate security threats, rather than relying on security solutions or services to detect those threats. CyberWire Glossary link: https://thecyberwire.com/glossary/threat-hunting Audio reference link: “ My ‘Aha!" Moment - Methods, Tips, & Lessons Learned in Threat Hunting - sans Thir Summit 2019. ” YouTube , YouTube, 25 Feb. 2020. Learn more about your ad choices. Visit megaphone.fm/adchoices…
The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this. CyberWire Glossary link: https://thecyberwire.com/glossary/vulnerability-management Audio reference link: “ Vulnerability Scanning - Comptia Security+ sy0-501 - 1.5 .” YouTube , YouTube, 11 Nov. 2017, Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. A formal record containing the details and supply chain relationships of various components used in building software. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore of Word Notes. A security philosophy that assumes adversaries have already penetrated the digital environment and tries to reduce the potential impact by limiting access by people, devices, and software to only the resources essential to perform their function and nothing more. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. Hardware and software designed to detect and prevent cyber adversary campaigns that target industrial operations. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore episode of Word Notes. The difference between organizational employee job requirements and the available skillsets in the potential employee pool. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore episode of Word Notes. The use of technology to radically improve the performance or reach of the business. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore episode of Word Notes. Cloud services intended for cyber criminals and other bad actors designed to obstruct law enforcement and other kinds of government investigations, and to provide some protection against competitors. Learn more about your ad choices. Visit megaphone.fm/adchoices…
The practice of securing a device that connects to a network in order to facilitate communication with other devices on the same or different networks. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
1 Executive Order on Improving the Nation's Cybersecurity (noun) 8:14
8:14 Play Later Play Later Lists Like Liked8:14
Play Later Play Later Lists Like LikedPresident Biden's May, 2021 formal compliance mandate for federal civilian executive branch agencies, or FCEBs, to include specific shortterm and longterm deadlines designed to enhance the federal government's digital defense posture. Learn more about your ad choices. Visit megaphone.fm/adchoices
Phase of a typical cyber adversary group's attack sequence, after the initial compromise and usually after the group has established a command and control channel, where the group moves through the victims network by compromising as many systems as it can, by looking for the data, it has come to steal or to destroy. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 common vulnerabilities and exposures (CVE) (noun) 7:13
7:13 Play Later Play Later Lists Like Liked7:13
Play Later Play Later Lists Like LikedA public list sponsored by the US government and designed to uniquely identify, without the need to manually cross- reference, all the known software vulnerabilities in the world. Learn more about your ad choices. Visit megaphone.fm/adchoices
A forensic technique where practitioners capture an entire image of a system and analyze the contents offline. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
1 cybersecurity maturity model certification (CMMC) (noun) 6:57
6:57 Play Later Play Later Lists Like Liked6:57
Play Later Play Later Lists Like LikedPlease enjoy this encore episode of Word Notes. A supply chain cybersecurity accreditation standard designed for the protection of controlled unclassified information that the U.S. Department of Defense, or DoD, will require for all contract bids by October, 2025. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore episode of Word Notes. A collection of people, process, and technology that provides an organization the ability to detect and respond to cyber attacks. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore episode of Word Notes. Cybercriminals who lack the expertise to write their own programs use existing scripts, code, or tools authored by other more skilled hackers. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore episode of Word Notes. An isolated and controlled set of resources that mimics real world environments and used to safely execute suspicious code without infecting or causing damage to the host machine, operating system, or network. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 security orchestration, automation, and response (SOAR) (noun) 6:26
6:26 Play Later Play Later Lists Like Liked6:26
Play Later Play Later Lists Like LikedPlease enjoy this encore episode of Word Notes. A stack of security software solutions and tools that allow organizations to orchestrate disparate internal and external tools which feed pre-built automation playbooks that respond to events or alert analysts if an event meets a certain threshold. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 personally identifiable information (PII) (noun) 7:26
7:26 Play Later Play Later Lists Like Liked7:26
Play Later Play Later Lists Like LikedA term of legal art that defines the types of data and circumstances that permits a third party to directly or indirectly identify an individual with collected data. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
Enjoy this encore episode. A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, an SD-WAN abstraction layer, and network peering with one or more of the big content providers and their associated fiber networks. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Enjoy this encore episode. The practice of emulating known adversary behavior against an organization's actual defensive posture. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore episode of Word Notes. A layer seven security orchestration platform deployed at the boundary between internal workloads slash data storage and untrusted sources that blocks incoming and outgoing network traffic with rules that tie applications to the authenticated user and provides most of the traditional security stack functions in one device or software application. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Please enjoy this encore of Word Notes. A network designed to obfuscate the location of a cyber adversary's command and control server by manipulating the domain name system, or DNS, in a way that rotates the associated IP address among large numbers of compromised hosts in a botnet. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Enjoy this Word Notes encore. The process of converting plain text into an unrecognizable form or secret code to hide its true meaning. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore episode of Word Notes. Software or hardware that records the computer keys pressed by a user. Learn more about your ad choices. Visit megaphone.fm/adchoices
Enjoy this encore of Word Notes. Digital assets that are cryptographically protected on a blockchain and contain unique identification codes and metadata that makes them one of a kind. Learn more about your ad choices. Visit megaphone.fm/adchoices
Enjoy this special encore episode. The use of two or more verification methods to gain access to an account. Learn more about your ad choices. Visit megaphone.fm/adchoices
Enjoy this special encore episode. A programming technique where the developer doesn't specify each step of the algorithm in code, but instead teaches the algorithm to learn from the experience. Learn more about your ad choices. Visit megaphone.fm/adchoices
Enjoy this special encore episode. The process of turning raw information into intelligence products that leaders use to make decisions with. Learn more about your ad choices. Visit megaphone.fm/adchoices
Enjoy this special edition of Word Notes: A cloud-based software distribution method where app infrastructure, performance, and security are maintained by a service provider and accessible to users, typically via subscription, from any device connected to the internet. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Enjoy this special encore episode. A cryptographic hack that relies on guessing all possible letter combinations of a targeted password until the correct codeword is discovered. Learn more about your ad choices. Visit megaphone.fm/adchoices
Enjoy this special encore of Word Notes. A process of converting encrypted data into something that a human or computer can understand. Learn more about your ad choices. Visit megaphone.fm/adchoices
Enjoy this encore episode: A cyber attack designed to impair or eliminate access to online services or data. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this special encore episode of Word Notes. A type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer’s Random Access Memory or RAM during the reboot process in order to steal sensitive data. Learn more about your ad choices. Visit megaphone.fm/adchoices…
On-demand pay-as-you-go Internet delivered compute, storage, infrastructure, and security services that are partially managed by the cloud provider and partially managed by the customer. Learn more about your ad choices. Visit megaphone.fm/adchoices
An acronym for Advanced Persistent Threat to describe hacker groups or campaigns normally, but not always, associated with nation state cyber espionage and continuous low-level cyber conflict operations. Learn more about your ad choices. Visit megaphone.fm/adchoices
An undocumented or publicly unknown method to access a computer system undetected or to break a cypher used to encode messages. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim. Learn more about your ad choices. Visit megaphone.fm/adchoices
Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena. Learn more about your ad choices. Visit megaphone.fm/adchoices
A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
Also known as a third-party attack or a value-chain attack, advisory groups gain access to a targeted victims network by first infiltrating a business partner's network that has access to the victim's systems or data. Learn more about your ad choices. Visit megaphone.fm/adchoices
The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways. Learn more about your ad choices. Visit megaphone.fm/adchoices
The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine. Learn more about your ad choices. Visit megaphone.fm/adchoices
A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work. Learn more about your ad choices. Visit megaphone.fm/adchoices
A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
1 Encore: unified extensible firmware interface (UEFI) (noun) 5:56
5:56 Play Later Play Later Lists Like Liked5:56
Play Later Play Later Lists Like LikedAn extension of the traditional Basic Input/Output System or BIOS that, during the boot process, facilitates the communication between the computer’s firmware and the computer’s operating system. Learn more about your ad choices. Visit megaphone.fm/adchoices
An operating system program running in the background designed to perform a specific task when certain conditions or events occur. Learn more about your ad choices. Visit megaphone.fm/adchoices
Also known as spyware and adware, it is a software category where developers design the application neither to cause explicit harm nor to accomplish some conventional legitimate purpose, but when run, usually annoys the user and often performs actions that the developer did not disclose, and that the user regards as undesirable. Learn more about your ad choices. Visit megaphone.fm/adchoices…
An automatic software bug and vulnerability discovery technique that inputs invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it. Learn more about your ad choices. Visit megaphone.fm/adchoices
A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point. Learn more about your ad choices. Visit megaphone.fm/adchoices
A clandestine set of applications designed to give hackers access and control over a target device. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
1 Encore: tactics, techniques and procedures (TTPs) (noun) [Word Notes] 6:43
6:43 Play Later Play Later Lists Like Liked6:43
Play Later Play Later Lists Like LikedA set of behaviors that precisely describes a cyber adversary attack campaign. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
1 Encore: cyber threat intelligence (CTI) (noun) 6:02
6:02 Play Later Play Later Lists Like Liked6:02
Play Later Play Later Lists Like LikedInformation used by leadership to make decisions regarding the cybersecurity posture of their organization. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
A probability simulation technique used to understand the impact of risk and uncertainty in complex problems. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
A software, hardware or hybrid encryption layer between two devices on the network that makes the traffic between the sites opaque to the other devices on the same network. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
From the intrusion kill-chain model, the delivery of a “lure” via a text message to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. Smishing is a portmanteau word made of two other words, the acronym “SMS” and the cyber coinage “Phishing“. It’s a text-message-centric variation of the email-based phishing scams that have been around since the 1990s. The term “Smishing” arose in the late 2000s. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A network switch configuration setting that forwards a copy of each incoming and outgoing packet to a third switch port. Also known as SPAN or Switched Port Analyzer, RAP or Roving Analysis Port, and TAP or Test Access Point. When network managers and security investigators want to capture packets for analysis, they need some sort of generic TAP or Test Access Point. You can buy specialized equipment for this operation but most modern switches have this capability built in. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 Encore: Network Time Protocol (NTP) attack (noun) 6:37
6:37 Play Later Play Later Lists Like Liked6:37
Play Later Play Later Lists Like LikedA reflection or amplification distributed denial-of-service attack in which hackers query Internet network time protocol servers, NTP servers for short, for the correct time, but spoof the destination address of their target victims. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
From the intrusion kill-chain model, the delivery of a “lure” via a text message to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. Smishing is a portmanteau word made of two other words, the acronym “SMS” and the cyber coinage “Phishing“. It’s a text-message-centric variation of the email-based phishing scams that have been around since the 1990s. The term “Smishing” arose in the late 2000s. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A network switch configuration setting that forwards a copy of each incoming and outgoing packet to a third switch port. Also known as SPAN or Switched Port Analyzer, RAP or Roving Analysis Port, and TAP or Test Access Point. When network managers and security investigators want to capture packets for analysis, they need some sort of generic TAP or Test Access Point. You can buy specialized equipment for this operation but most modern switches have this capability built in. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 Encore: Network Detection and Response (NDR) (noun) 6:19
6:19 Play Later Play Later Lists Like Liked6:19
Play Later Play Later Lists Like LikedNDR tools provide anomaly detection and potential attack prevention by collecting telemetry across the entire intrusion kill chain on transactions across the network, between servers, hosts, and cloud-workloads, and running machine learning algorithms against this compiled and very large data set. NDR is an extension of the EDR, or endpoint detection and response idea that emerged in 2013. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Technology, software and hardware deployed without explicit organizational approval. In the early days of the computer era from the 1980s through the 2000s security and information system practitioners considered shadow IT as completely negative. Those unauthorized systems were nothing more than a hindrance that created more technical debt in organizations that were already swimming in it with the known and authorized systems. Learn more about your ad choices. Visit megaphone.fm/adchoices…
The resilience discipline of controlled stress test experimentation in continuous integration/continuous delivery environments, CI/CD environments, to uncover systemic weaknesses. CyberWire Glossary link: https://thecyberwire.com/glossary/chaos-engineering Audio reference link: Farnam Street, 2009. Richard Feynman Teaches you the Scientific Method [Website]. Farnam Street. URL https://fs.blog/mental-model-scientific-method/ Learn more about your ad choices. Visit megaphone.fm/adchoices…
A type of phishing attack that uses QR codes as the lure. CyberWire Glossary link: https://thecyberwire.com/glossary/qr-code-phishing Audio reference link: KNR, 2018. Batman The Dark Knight Joker bomb blast by phone calls scene [Video]. YouTube. URL https://www.youtube.com/watch?v=qB_fXfzB4z0 . Learn more about your ad choices. Visit megaphone.fm/adchoices…
Definition one: The recognition of a set of repeatable attack patterns across the intrusion kill chain. Definition two: Determining the responsibility for offensive cyber operations. CyberWire Glossary link: https://thecyberwire.com/glossary/attribution Audio reference link: Nunnikhoven, M., 2018. Cybersecurity Basics #9 - Attack Attribution [Video]. YouTube. URL www.youtube.com/watch?v=rlyMz5jN_Vs Learn more about your ad choices. Visit megaphone.fm/adchoices…
A type of cyber attack where an attacker sends a targeted and personalized email or other form of communication to a specific individual or a small group of individuals with the intention of tricking them into divulging sensitive information, such as a password, or convincing them to click a malicious link that will enable the attacker to take control of the victim's machine. CyberWire Glossary link: https://thecyberwire.com/glossary/spearphishing Audio reference link: Richardson, T., 2014. What is the difference between phishing and spear-phishing? [Video]. YouTube. URL www.youtube.com/watch?v=Wpx5IMduWX4 . Learn more about your ad choices. Visit megaphone.fm/adchoices…
The ability to continuously deliver the intended outcome despite adverse cyber events. CyberWire Glossary link: https://thecyberwire.com/glossary/resiliency Audio reference link: Cameron, J., 1984. The Terminator [Movie]. IMDb. URL www.imdb.com/title/tt0088247/ . Clip Nation, 2012. The Arnold Schwarzenegger “I’ll Be Back” Supercut [Video]. YouTube. URL www.youtube.com/watch?v=-YEG9DgRHhA . Coops, C., 2013. Terminator 2 Theme [Video]. YouTube. URL www.youtube.com/watch?v=pVZ2NShfCE8 . Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
A centralized facility or team responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents within an organization. CyberWire Glossary link: https://thecyberwire.com/glossary/security-operations-center Audio reference link: AT&T Tech Channel, 2012. A tour of AT&T’s Network Operations Center (1979) [Video]. YouTube. URL www.youtube.com/watch?v=cigc3hvMyWw. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Defensive cyber operations carried out by U.S. Cyber Command's Cyber National Mission Force, CNMF at the request of allied nations. CyberWire Glossary link: https://thecyberwire.com/glossary/hunt-forward-operation Audio reference link: Paul Nakasone, G., 2022. Vanderbilt Summit Keynote [Video]. YouTube. URL www.youtube.com/watch?v=Axg4s9l9wi0 . Learn more about your ad choices. Visit megaphone.fm/adchoices…
The invisible force that governs the movement of data across networks. Audio reference link: “Things to Come 1936 - HG Wells.” YouTube , YouTube, 28 Sept. 2011, https://www.youtube.com/watch?v=atwfWEKz00U . Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
The ability of computers to execute tasks typically associated with human intelligence, including natural language processing, problem solving, and pattern recognition. CyberWire Glossary link: https://thecyberwire.com/glossary/ai Audio reference link: Staff, 2016. Alan Turing - The Imitation Game - Can Machines Think? [YouTube Video]. Learn Understand Create. URL www.youtube.com/watch?v=Vs7Lo5MKIws. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A credential demonstrating an individual's knowledge in the field of cybersecurity, usually obtained by passing an exam or series of exams. CyberWire Glossary link: https://thecyberwire.com/glossary/certification Audio reference link: Bombal, D., 2022. Are certifications important in Cybersecurity? [Video]. YouTube. URL www.youtube.com/watch?v=Zdgf_Wr82rs . Learn more about your ad choices. Visit megaphone.fm/adchoices…
A technique used to create virtual networks within a shared physical network infrastructure. CyberWire Glossary link: https://thecyberwire.com/glossary/network-slicing Audio reference link: Whitehead, D.N., 2021. 5G Smart Networks Part 1: Network Slicing [Video]. YouTube. URL www.youtube.com/watch?v=dCt3rYODZ7g . Learn more about your ad choices. Visit megaphone.fm/adchoices…
The process of verifying that a device is known, secure, and uncompromised before allowing it to connect to a network or access resources. CyberWire Glossary link: https://thecyberwire.com/glossary/device-trust Audio reference link: “Favorite Scene of Alan Rickman from Die Hard.” YouTube , YouTube, 14 Jan. 2016, https://www.youtube.com/watch?v=mklnXM3LIXo. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A technology set design to support the cybersecurity first principle strategy of zero trust, that limits device people and software component access to only designated authorized resources and nothing more. CyberWire Glossary link: https://thecyberwire.com/glossary/zero-trust-network-access Audio reference link: “Zero Trust Explained by John Kindervag.” YouTube , YouTube, 2 Oct. 2022, https://www.youtube.com/watch?v=-LZe4Vn-eEo . Learn more about your ad choices. Visit megaphone.fm/adchoices…
A data privacy legal framework that applies to all countries in the European Union, regulating the transmission, storage, and use of personal data associated with residents of the EU. CyberWire Glossary link: https://thecyberwire.com/glossary/general-data-protection-regulation Audio reference link: “Mr. Robot Predicts JPM Coin!” YouTube , YouTube, 14 Feb. 2019, https://www.youtube.com/watch?v=1ee-cHbCI0s. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A conversational language model developed by the company OpenAI. CyberWire Glossary link: https://thecyberwire.com/glossary/chatgpt Audio reference link: jeongphill. “Movie - Her, First Meet OS1 (Operation System One, Os One, OS1).” YouTube , YouTube, 29 June 2014, https://www.youtube.com/watch?v=GV01B5kVsC0 . Learn more about your ad choices. Visit megaphone.fm/adchoices…
A cyber attack technique where adversaries intercept communications between two parties in order to collect useful information or to sabotage or corrupt the communication in some manner. CyberWire Glossary link: https://thecyberwire.com/glossary/man-in-the-middle-attack Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
From the intrusion kill chain model, a program that provides command and control services for an attack campaign. While the first ever deployed RAT is unknown, one early example is Back Orifice made famous by the notorious hacktivist group called “The Cult of the Dead Cow,” or cDc, Back Orifice was written by the hacker, Sir Dystic AKA Josh Bookbinder and released to the public at DEFCON in 1998. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A mathematical method by which one party (the prover) can prove to another party (the verifier) that something is true, without revealing any information apart from the fact that this specific statement is true. CyberWire Glossary link: https://thecyberwire.com/glossary/zero-knowledge-proof Audio reference link: Staff, 2022. Zero Knowledge Proofs [Video]. YouTube. URL https://www.youtube.com/watch?v=5qzNe1hk0oY Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 Encore: business email compromise or BEC (noun) 3:47
3:47 Play Later Play Later Lists Like Liked3:47
Play Later Play Later Lists Like LikedA social engineering scam where fraudsters spoof an email message from a trusted company officer that directs a staff member to transfer funds to an account controlled by the criminal. Learn more about your ad choices. Visit megaphone.fm/adchoices
A U.S. law designed to improve the portability and accountability of health insurance coverage. CyberWire Glossary link: https://thecyberwire.com/glossary/hipaa Audio reference link: Dr. Dana Brems, 2021. Doctor reacts to “HIPAA violations” [Video]. YouTube. URL https://www.youtube.com/shorts/Ksk00s8a_IU Learn more about your ad choices. Visit megaphone.fm/adchoices…
A physical security access control device consisting of an enclosed hallway with interlocking doors on each end where both doors can’t be open at the same time. A person presents credentials to the entry doorway. If authorized, the entry door opens and the person walks into the mantrap. The man trap exit door will not open until the entry door closes. The person presents credentials to the exit door. If authorized, the exit door will open. If not, the person is captured in the man trap until security arrives to handle the situation. Physical security leadership installs man traps to separate unrestricted areas from restricted areas, to prevent tailgating by uncleared personnel, and to impede access by unauthorized persons. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 Common Vulnerability Scoring System (CVSS) (noun) 7:36
7:36 Play Later Play Later Lists Like Liked7:36
Play Later Play Later Lists Like LikedA qualitative public framework for rating the severity of security vulnerabilities in software. CyberWire Glossary link: https://thecyberwire.com/glossary/common-vulnerability-scoring-system Audio reference link: Peter Silva, 2020. What is Common Vulnerability Scoring System (CVSS) [Video]. YouTube. URL https://www.youtube.com/watch?v=rR63F_lfKf0 Learn more about your ad choices. Visit megaphone.fm/adchoices…
A word, phrase, or sentence formed from another by rearranging its letters. For example, cracking a columnar transposition cipher by hand involves looking for anagrams. Learn more about your ad choices. Visit megaphone.fm/adchoices
A class of software-security-weakness-issues where independent researchers discover a software flaw before the owners of the code discover it. Zero-day, or 0-day in hacker slang, refers to the moment the race starts, on day zero, between network defenders who are trying to fix the flaw before hackers leverage it to cause damage. It is a race because on day zero, there is no known fix to the issue. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
A unified security incident detection and response platform that connects to multiple tools in the security stack via APIs, collects telemetry from each, and attempts to correlate that telemetry into a coherent threat picture. CyberWire Glossary link: https://thecyberwire.com/glossary/extended-detection-and-response Audio reference link: Film Major. 2022. Enemy of the State (1998) Faraday Cage HD Tony Scott; Will Smith, Gene Hackman Jon Voight [Video]. YouTube. URL https://www.youtube.com/watch?v=n3gy4otg-24 Learn more about your ad choices. Visit megaphone.fm/adchoices…
The art of convincing a person or persons to take an action that may or may not be in their best interests. Social engineering in some form or the other has been around since the beginning of time. The biblical story of Esau and Jacob might be considered one of the earliest written social engineering stories. As applied to cybersecurity, it usually involves hackers obtaining information illegitimately by deceiving or manipulating people who have legitimate access to that information. Common tactics involve phishing attacks and watering hole attacks. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 joint cyber defense collaborative (JCDC) (noun) 7:25
7:25 Play Later Play Later Lists Like Liked7:25
Play Later Play Later Lists Like LikedA cyber information-sharing U.S. Government organization designed to foster the public-private partnership. CyberWire Glossary link: https://thecyberwire.com/glossary/joint-cyber-defense-collaborative Audio reference link: Jen Easterly. 2021. CISA Director Addresses the National Technology Security Coalition [Video]. YouTube. URL https://www.youtube.com/watch?v=ucb1FQXqsao Learn more about your ad choices. Visit megaphone.fm/adchoices…
The process of evaluating the security of a system or network by simulating an attack on it. Sometimes called "ethical hacking" or white hat hacking. The phrase started to appear in U.S. military circles in the mid 1960s as time sharing computers became more necessary for daily operations. Computer security experts from Rand Corporation began describing computer compromises as “penetrations.” By the early 1970s, government leaders formed tiger teams of penetration testers to probe for weaknesses in various government systems. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 Cloud Security Posture Management (CSPM) (noun) 7:18
7:18 Play Later Play Later Lists Like Liked7:18
Play Later Play Later Lists Like LikedTools that automate the identification and remediation of cloud misconfigurations. CyberWire Glossary link: https://thecyberwire.com/glossary/cloud-security-posture-management Audio reference link: Josh Whedon. 2005. Serenity [Movie]. IMDb. URL https://www.imdb.com/title/tt0379786/ Learn more about your ad choices. Visit megaphone.fm/adchoices…
An electro-mechanical device used to break Enigma-enciphered messages about enemy military operations during the Second World War. The first bombe–named Victory and designed by Alan Turning and Gordon Welchman– started code-breaking at Bletchley Park on 14 March 1940, a year after WWII began. By the end of the war, five years later, almost 2000, mostly women, sailors and airmen operated 211 bombe machines in the effort. The allies essentially knew what the German forces were going to do before the German commanders in the field knew. Historians speculate that the effort at Bletchley Park shortened the war by years and estimate the number of lives saved to be between 14 and 21 million. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A session and user authentication Zero Trust tactic that allows a user to access multiple applications with one set of login credentials. CyberWire Glossary link: https://thecyberwire.com/glossary/single-sign-on Audio reference link: English, J., 2020. What is Single Sign-On (SSO)? SSO Benefits and Risks [Video]. YouTube. URL https://www.youtube.com/watch?v=YvHmP2WyBVY Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
From the intrusion kill chain model, a malicious code delivery technique that allows hackers to send code of their choosing to their victim’s browser. XSS takes advantage of the fact that roughly 90% of web developers use the JavaScript scripting language to create dynamic content on their websites. Through various methods, hackers store their own malicious javascript code on unprotected websites. When the victim browses the site, the web server delivers that malicious code to the victim’s computer and the victim’s browser runs the code. Learn more about your ad choices. Visit megaphone.fm/adchoices…
From the intrusion kill chain model, the first part of an exploitation technique where the hacker tricks their victims into revealing their login credentials. In the second part of the technique, hackers legitimately log into the targeted system and gain access to the underlying network with the same permissions as the victim. Hackers use this method 80% of the time compared to other ways to gain access to a system like developing zero day exploits for known software packages. The most common way hackers steal credentials is with some version of a phishing attack. Learn more about your ad choices. Visit megaphone.fm/adchoices…
An authentication process that requires two different factors before granting access. CyberWire Glossary link: https://thecyberwire.com/glossary/two-factor-authentication Learn more about your ad choices. Visit megaphone.fm/adchoices
From the intrusion kill chain model, the delivery of a “lure” to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. According to Knowbe4, the word “phishing” first appeared in a Usenet newsgroup called AOHell in 1996 and some of the very first phishing attacks used AOL Instant Messenger to deliver fake messages purportedly from AOL employees in the early 2000s. The word is part of l33tspeak that started in the early days of the internet (1980s) as a shorthand to let readers know the author was part of the hacker community. In this case, the letters “ph” replace the letter “f” in the word fishing, as in “I fish, with an ‘f,’ for bass in the lake.” In hacking, “I Phish, with a ‘ph,’ for login credentials from key employees at my target’s organization. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A cloud based sensitive information management system that allows users access across multiple devices. CyberWire Glossary link: https://thecyberwire.com/glossary/icloud-keychain Audio reference link: Ellen’s Tips For iOS, 2022. How To Master iCloud Keychain to Keep Your Passwords Safe and Secure [Video]. YouTube. https://www.youtube.com/watch?v=Tl3E29iUvgE Learn more about your ad choices. Visit megaphone.fm/adchoices…
A subset of the internet where communications between two parties or client-server transactions are obscured from search engines and surveillance systems by layers of encryption. The U.S. Navy designed the original Darknet by developing The Onion Router network, or TOR, back in the 1990s. Roger Dingledine and Nick Mathewson deployed the first alpha implementation in 2002 with some initial funding by the Electronic Frontier Foundation (EFF.) The TOR Project became a non-profit in 2006 and is funded by the U.S, Sweden, different NGOs, and individual sponsors. Learn more about your ad choices. Visit megaphone.fm/adchoices…
1. A wireless access point installed by employees in an office or data center environment as a convenience to connectivity without the consent or the knowledge of the network manager. 2. A wireless access point, sometimes called an Evil Twin, installed by a cyber adversary in or near an office or data center environment designed to bypass security controls, gain access, and/or surveil the network traffic of the victim’s network. Both kinds, the employee installed and the adversary installed rogue access points, increase the attack surface of the organization. The employee installed device, because of its electronic footprint range, might make it easier for hackers and mischief makers outside of the organization’s network to bypass the corporate security controls and gain access without permission. The adversary installed device is designed specifically to bypass the security controls of the target network. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A network mapping tool that pings IP addresses looking for a response and can discover host names, open communications ports, operating system names and versions. Written and maintained by Gordon Lyon, a.k.a. Fyodor, it is a free and open source software application used by both system admins and hackers alike and has been a staple in the security community for well over two decades. CyberWire Glossary link: https://thecyberwire.com/glossary/nmap Learn more about your ad choices. Visit megaphone.fm/adchoices…
A cyber threat intelligence analysis model that defines relationship pairs between four core components in the shape of a diamond of adversary playbook activity across the intrusion kill chain: the adversary, their capability, the infrastructure used or attacked, and the victim. CyberWire Glossary link: https://thecyberwire.com/glossary/diamond-model Audio reference link: “ Diamond Presentation v2 0: Diamond Model for Intrusion Analysis – Applied to Star Wars’ Battles ,” Andy Pendergrast and Wade Baker, ThreatConnect, YouTube, 4 February 2020. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Unsolicited, unwanted, and sometimes malicious electronic messages indiscriminately transmitted to a large number of people. CyberWire Glossary link: https://thecyberwire.com/glossary/spam Audio reference link: zumpzump, 2007. Monty Python - Spam [Video]. YouTube. URL https://www.youtube.com/watch?v=anwy2MPT5RE . Learn more about your ad choices. Visit megaphone.fm/adchoices…
A US Department of Homeland Security agency tasked with supporting cyber and physical security for US critical infrastructure. CyberWire Glossary link: https://thecyberwire.com/glossary/cybersecurity-and-infrastructure-security-agency Audio reference link: CISA, 2021. CISA Director Jen Easterly’s Keynote at Black Hat USA 2021 [Video]. YouTube. URL https://www.youtube.com/watch?v=q7bu-L-m4K4 . Learn more about your ad choices. Visit megaphone.fm/adchoices…
The act of searching through an organization's trash for discarded sensitive material. CyberWire Glossary link: https://thecyberwire.com/glossary/dumpster-diving Audio reference link: “ Better Call Saul jimmy digs in the Sandpiper trash scene ,” uploaded by Robert Bowersock, 18 September 2022. Learn more about your ad choices. Visit megaphone.fm/adchoices…
The manipulation of search engine optimization, SEO, to promote malicious sites in search engine results. CyberWire Glossary link: https://thecyberwire.com/glossary/search-engine-optimization-poisoning Audio reference link: Brown, B.E., 2021. The Ending Of The Waldo Moment Explained [Video]. YouTube. URL https://www.youtube.com/watch?v=HsWja44-EMg . Learn more about your ad choices. Visit megaphone.fm/adchoices…
The practice of crafting a fake online persona for malicious purposes. CyberWire Glossary link: https://thecyberwire.com/glossary/catfish Audio reference link: netbunny, 2013. Catfish - The Movie - Ending Scene [Movie Scene]. YouTube. URL https://www.youtube.com/watch?v=qR_NIN6zy0U Learn more about your ad choices. Visit megaphone.fm/adchoices…
A passwordless authentication protocol based on the FIDO2 standard. CyberWire Glossary link: https://thecyberwire.com/glossary/passkey Audio reference link: Summers, J., 2023. Google Passkeys Have Arrived (here’s how to use them) [All Things Secured Channel]. YouTube. URL https://www.youtube.com/watch?v=oFO7JgUx-bU . Learn more about your ad choices. Visit megaphone.fm/adchoices…
A branch of the US Department of Commerce whose stated mission is to “promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.” CyberWire Glossary link: https://thecyberwire.com/glossary/national-institute-of-standards-and-technology Audio reference link: Center, M.I., 2022. 2022 Meridian Summit: Cultivating Trust in Technology with NIST Director Laurie Locascio [WWW Document]. YouTube. URL https://www.youtube.com/watch?v=o43Y9Tk8ZVA (accessed 1.26.23). Learn more about your ad choices. Visit megaphone.fm/adchoices…
A team responsible for responding to and managing cybersecurity incidents involving computer systems and networks in order to minimize the damage and to restore normal operations as quickly as possible. CyberWire Glossary link: https://thecyberwire.com/glossary/cirt Audio reference link: Avery, B., 2017. 24 TV May 05 Season4 [WWW Document]. YouTube. URL https://www.youtube.com/watch?v=Gq_2xPuqI-E&list=PLGHedLavrFoGsea1ZCHBm9-nK5FdM3_Kd&index=10. Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
1 Encore: Agile Software Development Method (noun) 7:45
7:45 Play Later Play Later Lists Like Liked7:45
Play Later Play Later Lists Like LikedA software development philosophy that emphasizes incremental delivery, team collaboration, continual planning, and continual learning CyberWire Glossary link: https://thecyberwire.com/glossary/agile-software-development Audio reference link: " Velocity 09: John Allspaw and Paul Hammond, "10+ Deploys Pe, " John Allspaw and Paul Hammond, 2009 Velocity Conference, YouTube, 25 June 2009. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A software program installed unintentionally by a user that typically performs tasks not asked for by the installer. CyberWire Glossary link: https://thecyberwire.com/glossary/potentially-unwanted-program Audio reference link: Butler, S., 2022. Potentially Unwanted Programs (PUPS) EXPLAINED [Video]. YouTube. URL https://www.youtube.com/watch?v=5L429Iahbww (accessed 1.6.23). Learn more about your ad choices. Visit megaphone.fm/adchoices…
The flagship product of the controversial Israeli spyware vendor, the NSO Group, use for remotely hacking mobile devices, most notably iPhones, via zero-click exploits. CyberWire Glossary link: https://thecyberwire.com/glossary/pegasus Audio reference link: “Cybersecurity beyond the Headlines: A Conversation with Journalist Nicole Perlroth ,” Kristen Eichensehr, and Nicole Perlroth, University of Virginia School of Law, YouTube, 14 February 2022 Learn more about your ad choices. Visit megaphone.fm/adchoices…
A knowledge base of adversary tactics, techniques, and procedures established and maintained by the MITRE Corporation. CyberWire Glossary link: https://thecyberwire.com/glossary/mitre-attck Audio reference link: “Attack Frameworks - SY0-601 CompTIA Security+ : 4.2,” Professor Messer, YouTube, 29 April 2021. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Malware that disables a system in exchange for a ransom, usually by encrypting the system's data until the user pays for the decryption key. CyberWire Glossary link: https://thecyberwire.com/glossary/ransomware Audio reference link: https://watch.amazon.com/detail?gti=amzn1.dv.gti.d6a9f744-47b0-ac70-aa56-b31fd0f58482&territory=US&ref_=share_ios_season&r=web Learn more about your ad choices. Visit megaphone.fm/adchoices…
W
Word Notes
The name of a wireless access point. CyberWire Glossary link . Audio reference link: SSID Management - CompTIA Security+ SY0-401: 1.5 , Professor Messer, uploaded August 3rd, 2014. Learn more about your ad choices. Visit megaphone.fm/adchoices
W
Word Notes
A U.S. Government specification for data encryption using an asymmetric key algorithm. CyberWire Glossary link: https://thecyberwire.com/glossary/advanced-encryption-standard Audio reference link: papadoc73. “Claude Debussy: Clair De Lune.” YouTube , YouTube, 6 Oct. 2008. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A set of tools designed to safeguard data while in use in motion and at rest. CyberWire Glossary link: https://thecyberwire.com/glossary/data-loss-prevention Audio reference link: HistoryHeard. “ Data Loss Prevention - CompTIA Security+ SY0-501 - 2.1 ,” Professor Messer, uploaded 20 November 2017 Learn more about your ad choices. Visit megaphone.fm/adchoices…
A system that translates text-based URLs to their underlying numerical IP addresses. CyberWire Glossary link: https://thecyberwire.com/glossary/domain-name-system-dns Audio reference link: HistoryHeard. “ History Heard: Paul Mockapetris. ” YouTube , YouTube, 5 Apr. 2009. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A social engineering technique in which a threat actor poses as a trusted person or entity in order to trick the victim into disclosing information or performing an action that benefits the attacker. CyberWire Glossary link: https://thecyberwire.com/glossary/pretexting Audio reference link: “ Batch Pin Hurt Charlize Theron Skin | the Italian Job (2003) Movie Scene. ” YouTube , YouTube, 22 Nov. 2016. Learn more about your ad choices. Visit megaphone.fm/adchoices…
A layer seven firewall designed to block threats at the application layer of the open system interconnection model, the OSI model. CyberWire Glossary link: https://thecyberwire.com/glossary/web-application-firewall Audio reference link: “VCF East 9.1 - Ches' Computer Security Adventures - Bill Cheswick.” YouTube , 29 Dec. 2015, https://youtu.be/trR1cuBtcPs . Learn more about your ad choices. Visit megaphone.fm/adchoices…
An IT governance framework developed by ISACA. CyberWire Glossary link: https://thecyberwire.com/glossary/cobit Audio reference link: isacappc. “How Do You Explain Cobit to Your Dad – or Your CEO?” YouTube , YouTube, 24 Aug. 2016, https://www.youtube.com/watch?v=EYATVkddIyw . Learn more about your ad choices. Visit megaphone.fm/adchoices…
A security architecture that incorporates the cloud shared responsibility model, a vendor provided security stack, and network peering with one or more of the big content providers and their associated fiber networks. CyberWire Glossary link: https://thecyberwire.com/glossary/security-service-edge Audio reference link: Netskope (2022). What is Security Service Edge (SSE). YouTube. Available at: https://www.youtube.com/watch?v=Z9H84nvgBqw [Accessed 21 Oct. 2022]. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Similar to Word Notes
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
