From Security Weekly Wiki
Jump to navigationJump to search

Paul's Security Weekly #548

Recorded February 15, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Announcements

    • Check out our friends at ItProTV for an awesome library of OnDemand training head on over to ITPro.TV/securityweekly!
    • InfoSecWorld is March 19-21st of 2018. It is at Lake Buena Vista, Florida. Security Weekly subscribers can save 15% off the InfoSec World 2018 Main Conference or World Pass with the code OS18-SW!
    • HackWest 1.0 “The Wild Bunch” will be held in Salt Lake City March 21st through 23rd. Go to hackwest.org to register, and get a 25% discount with the code, “SWHW2018”.
    • Check out ServiceNow's hotseat on Symphonies & Robots! Register at securityweekly.com/servicenow.
    • SOURCE Boston is coming up on May 9-10! Go to sourceboston.com to use the $100 discount code - SW89AEE2.

    Interview: Steve Tcherchian, XYPRO Technology - 6:00PM-6:45PM

    Steve Tcherchian
    is the Chief Information Security Officer and the Director of Product Management for XYPRO Technology.

    Steve Tcherchian, CISSP, PCI-ISA, PCIP is the Chief Information Security Officer and the Director of Product Management for XYPRO Technology. Steve is on the ISSA CISO Advisory Board, the NonStop Under 40 executive board and part of the ANSI X9 Security Standards Committee. A dynamic tech visionary with over 15 years in the cybersecurity field, Steve is responsible for strategy and innovation of XYPRO’s security product line as well as overseeing XYPRO’s risk, compliance and security to ensure the best experience to customers in the Mission-Critical computing marketplace.


    1. How did you get your start in information security?
    2. With all of the protections available today, why is ransomware a threat to the enterprise? Or is it?
    3. What are the weaknesses ransomware preys upon?
    4. What is a tabletop exercise?
    5. Why are they so useful for ransomware?
    6. For practitioners listening, why should they love tabletop exercises and step away from the keyboard?
    7. How do you execute on the lessons learned in tabletop exercises?

    Tech Seg: Michael Bazzell, OSINT & Privacy Consultant - 6:45-7:45PM

    Michael Bazzell
    is an Author, OSINT and Privacy Consultant.

    Michael Bazzell spent 18 years as a government computer crime investigator. During the majority of that time, he was assigned to the FBI's Cyber Crimes Task Force where he focused on open source intelligence, hacking cases, and personal data removal methods. As an active investigator for multiple organizations, he has been involved in numerous high-tech criminal investigations including online child solicitation, child abduction, kidnapping, cold-case homicide, terrorist threats, and high level computer intrusions. He has trained thousands of individuals in the use of his investigative techniques and privacy control strategies.

    Security News - 7:45PM-8:30PM

    Paul's Stories

    1. Five Security Books You Should Read if You Havent
    2. From tomorrow, Google Chrome will block crud ads. Here's how it'll work
    3. DoubleDoor IoT Botnet Abuses Two Vulnerabilities to Circumvent Firewalls, Modems
    4. Bitcoin mining to zap more energy than households in Iceland this year
    5. The GDPR Clock Is Running Out. Now What?
    6. Cyber-Attackers Continue to Be Financially Motivated, Report Finds
    7. Did the NSA really use Twitter to send coded messages to a Russian?
    8. Two Nasty Outlook Bugs Fixed in Microsofts Feb. Patch Tuesday Update
    9. Idiots Think They Can Steal Source Code and It Won't Leak Further
    10. Six and Hidden Pixels
    11. Internet Security Threats at the Olympics
    12. Jumping Air Gaps
    13. You dopes! US state's pot dealer database pwned after security goes up in smoke

    Larry's Stories

    Jack's Stories

    Joff's Stories

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+