Security Weekly Podcast Network (Video)

Discussing every-day-carry items that are utilized during covert entry assessments. Also discussing the concealment of these tools, and which tools we use for various assessment types. Segment Resources: # Blog website : www.wehackpeople.com # Employer's website : www.darkwolfsolutions.com # Link for EDC - Covert Entry Wallet : https://wehackpeople.wordpress.com/2019/10/10/lock-pick-concealment-edc-wallet/ # Link for other EDC items I use : https://wehackpeople.wordpress.com/2020/09/14/covert-entry-specialist-edc/ Physical Pentest Tools: https://www.sparrowslockpicks.com/product_p/hp.html https://www.redteamtools.com/espkey https://www.redteamtools.com/under-door-level-lock-tool Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw726

In the leadership and communications section, Cybersecurity increasingly on audit committee agendas, CIO involvement in security grows as CEOs target risk reduction, How Poor Security Culture Leads to Insider Risk, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw248

Your information is everywhere. Executive, employee, and corporate data are contained in breach data, social media, and the dark web. How do you protect your organization from impersonation and account takeover attacks? Dan Matthews, Director, Worldwide Sale Engineering from Constella Intelligence, will discuss the challenges with digital risk protection and how to protect your executives, employees, and corporate brand. This segment is sponsored by Constella Intelligence . Visit https://securityweekly.com/constella to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw248

PwnKit LPE in Linux, two different smart contract logic flaws in two different hacks, a $100K bounty for Safari, Python NaN coercion, appsec games Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw182

If you attempt to shift security left without adaptation, it'll feel a lot more like S#!T LEFT to the development teams but most security groups lack the mindset and skills to do it in a way that works well with modern development approaches and tools but directly focuses on gradual methodical practice and culture change. Larry Maccherone led the Dev(Sec)Ops transformation program in the highly diverse environment at Comcast using Agile and Digital Transformation approaches. Teams that onboarded to the program had 1/7th as many vulnerabilities and incidents in production -- a result so compelling that security leadership allowed it to scale to all 600 development teams. Along the way, Larry learned some critical lessons on how to provide a gradual onramp to empowering teams to be worthy of being trusted with the security of the products they were developing. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw182

Why is continuous security here to stay? How is Red Teaming getting automated and moving towards continuous? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw258

This week in the Security News: More QR codes you shouldn't trust, race conditions in Rust, encrypting railways, Pwnkit - the latest Linux exploit, tricking researchers into crashing, cybersecurity is broken?, the best cybersecurity research paper, evil Favicons, escaping Kubernetes, pimping your cubicle and someone who actually recovered their crypto wallet! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw725

This week, in the Enterprise Security News, Hunters raises a series C to continue building XDR, Anitian raises a $55M Series B, Four new startups emerge from stealth with seed funding, BugAlert is a new tool for notifying the public of new vulnerabilities, Turns out, Crypto.com WAS hacked, but it wasn't Matt Damon's fault, Who is at fault if a hacked car kills someone?, Merck wins - it was NOT an act of war, according to one court...Pearson is fined $1M for misleading investors about their 2018 data breach, Secrets of Successful Security Programs, & Why employees don't care about your security policies! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw258

Ubiquiti has become a crown favorite for WiFi (and many other solutions). Learn how to do some basic security, update the software, change passwords and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw725

If 2021 taught us anything, it's that our supply chain–especially our technical supply chain–hangs in the balance of a very fragile system. In this interview, ExtraHop's Jamie Moles examines the impact of the Log4Shell zero day and how enterprises can be assured that they're in the clear with the help of a live demo of the vulnerability in a lab environment. This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw258