A tartalmat a Security Weekly Productions biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Security Weekly Productions vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Player FM - Podcast alkalmazás
Lépjen offline állapotba az Player FM alkalmazással!
Lépjen offline állapotba az Player FM alkalmazással!
Podcastok, amelyeket érdemes meghallgatni
SZPONZORÁLT
Hilde Mosse comes from one of the wealthiest families in Berlin and stands to inherit an enormous fortune. But she longs for something more meaningful than the luxurious lifestyle her family provides. So Hilde decides to pursue her dream of becoming a doctor. As the Nazis take power in Germany and the Mosse family is forced to flee, Dr. Hilde Mosse lands in New York having nearly lost everything.. She finds her calling treating the mental health of Black youth – and the symptoms of a racist system. In addition to photographs, school records, and correspondence spanning Hilde Mosse’s entire lifetime, the Mosse Family Collection in the LBI Archives includes the diaries she kept between 1928 and 1934, from the ages of 16-22. Hilde’s papers are just part of the extensive holdings related to the Mosse Family at LBI. Learn more at lbi.org/hilde . Exile is a production of the Leo Baeck Institute, New York and Antica Productions. It’s narrated by Mandy Patinkin. This episode was written by Lauren Armstrong-Carter. Our executive producers are Laura Regehr, Rami Tzabar, Stuart Coxe, and Bernie Blum. Our producer is Emily Morantz. Research and translation by Isabella Kempf. Voice acting by Hannah Gelman. Sound design and audio mix by Philip Wilson. Theme music by Oliver Wickham. Please consider supporting the work of the Leo Baeck Institute with a tax-deductible contribution by visiting lbi.org/exile2025 . The entire team at Antica Productions and Leo Baeck Institute is deeply saddened by the passing of our Executive Producer, Bernie Blum. We would not have been able to tell these stories without Bernie's generous support. Bernie was also President Emeritus of LBI and Exile would not exist without his energetic and visionary leadership. We extend our condolences to his entire family. May his memory be a blessing. This episode of Exile is made possible in part by a grant from the Conference on Jewish Material Claims Against Germany, which is supported by the German Federal Ministry of Finance and the Foundation Remembrance, Responsibility and Future.…
Security Weekly Podcast Network (Audio)
Mind megjelölése nem lejátszottként
Manage series 70666
A tartalmat a Security Weekly Productions biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Security Weekly Productions vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
…
continue reading
3028 epizódok
Mind megjelölése nem lejátszottként
Manage series 70666
A tartalmat a Security Weekly Productions biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Security Weekly Productions vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
…
continue reading
3028 epizódok
All episodes
×S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Evolving the SOC: Automating Manual Work while Maintaining Quality at Scale - Allie Mellen, Tim MalcomVetter - ESW #394 1:55:17
1:55:17
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:55:17![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
We've got a few compelling topics to discuss within SecOps today. First, Tim insists it's possible to automate a large amount of SecOps work, without the use of generative AI . Not only that, but he intends to back it up by tracking the quality of this automated work with an ISO standard unknown to cybersecurity. I've often found useful lessons and wisdom outside security, so I get excited when someone borrows from another, more mature industry to help solve problems in cyber. In this case, we'll be talking about Acceptable Quality Limits (AQL), an ISO standard quality assurance framework that's never been used in cyber. Segment Resources: Introducing AQL for cyber. AQL - How we do it An AQL 'calculator' you can play around with We couldn't decide what to talk to Allie about, so we're going with a bit of everything. Don't worry - it's all related and ties together nicely. First, we'll discuss AI and automation in the SOC - Allie is covering this trend closely, and we want to know if she's seeing any results yet here. Next, we'll discover SecOps data management - the blood that delivers oxygen to the SOC muscles. Finally, we'll discuss MITRE's recent EDR evaluations - there was some contention around some vendors claiming to ace the test and we're going to get the tea on what's really going on here! For each of these three topics, these are the blog posts they correspond with if you want to learn more: Generative AI Will Not Fulfill Your Autonomous SOC Hopes (Or Even Your Demo Dreams) If You’re Not Using Data Pipeline Management For Security And IT, You Need To Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes In this week's enterprise security news, we've got 5 acquisitions Tines gets funding new tools and DFIR reports to check out A legal precedent that could hurt AI companies AI garbage is in your code repos the dark side of security leadership HIPAA fines are broken Salt Typhoon is having a great time Don't use ChatGPT for legal advice!!!!! All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-394…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Bad Romance, Kimsuky, Red Mike, Ivanti, Nvidia, C code, Postgre, Aaran Leyland... - SWN #451 33:15
Tunnel of Love, Kimsuky, Red Mike, Ivanti, Nvidia, C code, Postgre, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-451
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Prompt Injection, CISA, Patch Tuesday - PSW #861 2:05:09
2:05:09
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt2:05:09![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-861…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
This week, we tackle a ton of leadership and communications articles: Why CISOs and Boards Must Speak the Same Language on Cybersecurity, The Hidden Costs of Not Having a Strong Cybersecurity Leader, Why Cybersecurity Is Everyone’s Responsibility, Leadership is an Action, not a Position, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-382…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
PlayStation, KerioControl, SEC SimSWAP, 8base, Copilot, AI, Robert Bird, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-450
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Code Scanning That Works With Your Code - Scott Norberg - ASW #317 1:12:52
1:12:52
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:12:52![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Code scanning is one of the oldest appsec practices. In many cases, simple grep patterns and some fancy regular expressions are enough to find many of the obvious software mistakes. Scott Norberg shares his experience with encountering code scanners that didn't find the .NET vuln classes he needed to find and why that led him to creating a scanner from scratch. We talk about some challenges in testing tools, making smart investments in engineering time, and why working with .NET's compiler made his decisions easier. Segment Resources: - https://github.com/ScottNorberg-NCG/CodeSheriff.NET Identifying and eradicating unforgivable vulns, an unforgivable flaw (and a few others) in DeepSeek's iOS app, academics and industry looking to standardize principles and practices for memory safety, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-317…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 The groundbreaking technology addressing employment scams and deepfakes - John Dwyer, Aaron Painter - ESW #393 1:49:44
1:49:44
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:49:44![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Spoiler: it's probably in your pocket or sitting on the table in front of you, right now! Modern smartphones are conveniently well-suited for identity verification. They have microphones, cameras, depth sensors, and fingerprint readers in some cases. With face scanning quickly becoming the de facto technology used for identity verification, it was a no-brainer for Nametag to build a solution around mobile devices to address employment scams. Segment Resources: Company website Aaron's book, Loyal Listeners of the show are probably aware (possibly painfully aware) that I spend a lot of time analyzing breaches to understand how failures occurred. Every breach story contains lessons organizations can learn from to avoid suffering the same fate. A few details make today's breach story particularly interesting: It was a Chinese APT Maybe the B or C team? They seemed to be having a hard time Their target was a blind spot for both the defender AND the attacker Segment Resources: https://www.binarydefense.com/resources/blog/shining-a-light-in-the-dark-how-binary-defense-uncovered-an-apt-lurking-in-shadows-of-it/ https://www.theregister.com/2024/09/18/chinese spies found on us hq firm_network/ This week, in the enterprise security news, Semgrep raises a lotta money CYE acquires Solvo Sophos completes the Secureworks acquisition SailPoint prepares for IPO Summarizing the 2024 cybersecurity market Lawyers that specialize in keeping breach details secret Scientists torture AI Make sure to offboard your S3 buckets extinguish fires with bass All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-393…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
AI Cheese, CISA, Scaryware, Kimsuky Returns, Backups, Encryption, Jason Wood, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-449
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Deepseek, AMD, and Forgotten Buckets - PSW #860 2:06:54
2:06:54
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt2:06:54![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Deepseek troubles, AI models explained, AMD CPU microcode signature validation, what happens when you leave an AWS S3 bucket laying around, 3D printing tips, and the malware that never was on Ethernet to USB adapters. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-860…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Enforcement of the Digital Operational Resilience Act (DORA) - Madelein van der Hout - BSW #381 1:02:04
1:02:04
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:02:04![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
From online banking to mobile payments, nearly every aspect of our financial lives relies on digital systems. This reliance has brought incredible convenience, but it also means that any disruption — whether due to cyberattacks, system failures, or operational incidents— can have severe consequences. The Digital Operational Resilience Act (DORA) provides the framework to ensure that financial entities have robust measures to withstand and recover from disruptions. By addressing vulnerabilities in this highly digitized ecosystem, DORA not only protects financial institutions but also safeguards the stability and well-being of the European society as a whole. Madelein van der Hout, Senior Analyst at Forrester, joins Business Security Weekly to discuss why DORA is important, how prepared financial institutions are, the consequences of failing to comply, and the impact these regulations will have outside of the EU, including fines up to 2% of global annual turnover or €10 million—whichever is higher. In the leadership and communications segment, Cybersecurity Responsibilities Across the C-Suite: A Breakdown for Every Executive, Humble Leaders Inspire Others to Step Up, Effective Communication in the Workplace, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-381…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 DeepSeek, Nicolas Cage, OpenAI, Hackers, Ransomware, Canada, Joshua Marpet and More - SWN #448 29:33
Today, we've got: DeepSeek, Nicolas Cage, OpenAI, Hackers, Ransomware, Canada, Joshua Marpet and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-448
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Threat Modeling That Helps the Business - Akira Brand, Sandy Carielli - ASW #316 1:11:39
1:11:39
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt1:11:39![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Threat modeling has been in the appsec toolbox for decades. But it hasn't always been used and it hasn't always been useful. Sandy Carielli shares what she's learned from talking to orgs about what's been successful, and what's failed, when they've approached this practice. Akira Brand joins to talk about her direct experience with building threat models with developers. Speculative data flow attacks demonstrated against Apple chips with SLAP and FLOP, the design and implementation choices that led to OCSP's demise, an appsec angle on AI, updating the threat model and recommendations for implementing OAuth 2.0, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-316…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 The Growth of Women in Cybersecurity Has Slowed - Why, and What Can We Do About It? - Lynn Dohm - ESW #392 2:11:49
2:11:49
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt2:11:49![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
Celebrating and Elevating Women in Cyber: Recently, International Women in Cyber Day (September 1) highlighted the ongoing challenges women face in the cybersecurity field, as well as the progress made in recent years. Women bring exceptional skills and knowledge to cybersecurity; however, it is estimated that they make up only 20% to 25% of the cybersecurity workforce—a percentage that has remained stagnant for years. Even more concerning, women often hit a glass ceiling just six to ten years into their cybersecurity careers. Lynn Dohm sheds light on these issues and emphasizes what the industry needs to focus on to continue celebrating and elevating women in cyber. Segment Resources: 2023 State of Inclusion Benchmark in Cybersecurity 2024 Cyber Talent Study by N2K and WiCyS WiCyS Programs This week, we've added an extra news segment just on AI. Not because we wanted to, but because the news cycle has bludgeoned us into it. My mom is asking about Chinese AI, my neighbor wants to know why his stocks tanked, my clients want to know how to prevent their employees from using DeepSeek, it's a mess. First, a DeepSeek primer, so we can make sure all Enterprise Security Weekly listeners know what they need to know. Then we get into some other AI news stories. DeepSeek Primer I think the most interesting aspect of the DeepSeek announcements is the business/market impact, which isn't really security-related, but could have some impact on security teams. By introducing models that are cheaper to train, sell access to, and less demanding to run on systems, DeepSeek has opened up more market opportunities. That means we'll see generative AI used in markets and ways that didn't make sense before, because it was too expensive. Another aspect that's really confusing is what DeepSeek is or does. For the most part, when someone says "DeepSeek", they could be referring to: the company the open source models released by the company the SaaS service ( https://chat.deepseek.com ) the mobile app (which is effectively just a front end for #3) the API (which is what the mobile app and SaaS service are built on top of) From a security perspective, there's little to no operational risk around downloading and using the models, though they're likely to get banned, so companies could get in trouble for using them. As for the app, API, or SaaS service, assume everything you type into them is getting collected by China (so, significantly less safe, probably no US companies should do this). But because these services are crazy cheap right now, I wouldn't be surprised if some suppliers and third parties will start using DeepSeek - if your third party service provider is using DeepSeek behind the scenes with your data, you still have problem #2, so best to ensure they're not doing this through updated contract language and call to confirm that they're not currently doing it (can take a while to get a new contract in place). This week in the enterprise security weekly news, we discuss funding and acquisitions Understanding the Semgrep license drama Ridiculous vulnerabilities everywhere: vulns to take down your entire city’s cell service vulns to mess with your Subarus vulns in Microsoft 365 authentication cybersecurity regulations are worthless Facebook is banning people for mentioning Linux Vigilantes on Github Mastercard DNS error Qubes OS Turning a "No" into a conversation All that and more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-392…
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 .ASS, Deepseek, AI Time Travel, Google, HeartBlocker, TikTok, Aaran Leyland, and More - SWN #447 32:58
.ASS, Deepseek, AI Time Travel, Google, HeartBlocker, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-447
S
Security Weekly Podcast Network (Audio)
![Security Weekly Podcast Network (Audio) podcast artwork](https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/32.png 32w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/64.png 64w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/128.png 128w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/256.png 256w, https://cdn.player.fm/images/438554/series/BUqwazFp5FLTJMpx/512.png 512w)
![Security Weekly Podcast Network (Audio) podcast artwork](/static/images/64pixel.png)
1 Cred Vaults, Cheap AI, and Hacking Devices - Matt Bishop - PSW #859 2:05:52
2:05:52
Lejátszás később
Lejátszás később
Listák
Tetszik
Kedvelt2:05:52![icon](https://imagehost.player.fm/icons/general/red-pin.svg)
This week, we talked to our friends at Bitwarden about password vaults, storing more than just passwords, free software to manage those SSH keys, and vaults for developers. In the news, new/old Palo Alto vulnerabilities explained, taking down the power grid with a FlipperZero, more vulnerable bootloaders, putting garbage in your .ASS file, the US Government wants to look at routers, magic backdoors, weak password hashing, everyone is talking about Deepseek, hardware-level Anti-Virus, VMware ESXi and SSH, and if you pay the ransom you likely will not get your data back! This segment is sponsored by Bitwarden. Visit https://securityweekly.com/bitwarden to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-859…
Üdvözlünk a Player FM-nél!
A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.