From Paul's Security Weekly
Recorded July 18, 2019 at G-Unit Studios in Rhode Island!
- We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcasts by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
- We need your help in a survey we are running for research purposes for an upcoming webcast. How mature is your process automation for your various security capabilities? Please visit securityweekly.com/fivestagesofautomationmaturity to submit your responses to our 5 Stages of Automation Maturity Survey! We'll share the results in a webcast in November!
Interview: Katie Nickels, MITRE - 6:00-6:30PM
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
Topic Segment: Security Roundtable 6:30 - 7:30PM
In this segment, we're going to talk about various security topics, such as:
- Vulnerability Management - Name three tips for a successful vulnerability management program. How has vulnerability management changed in recent years?
- Patching - How can we motivate IT operations to apply patches more timely and consistently? Do we even need to rely on patches for security today? Can we just patch the critical ones?
- Hunt Teaming - What can organizations do to discover breaches more quickly and consistently? What are the best and most effective ways to hunt?
- Asset Management - How can organizations build and maintain an accurate inventory of software and systems?
- System Hardening - How should organizations develop a standard for “secure” systems and how should the program be structured? How much do we rely on configuration standards and compliance versus developing our own standards?
Security News - 7:30PM-8:30PM
- Adoption rates of basic cloud security tools and practices still far too low - Help Net Security
- Is web crawling legal? - Towards Data Science
- Still not using HTTPS? Firefox is about to shame you
- Malicious Python packages found on PyPI - Help Net Security
- Hacked Bluetooth hair straighteners are too hot to handle
- Identity Theft on the Job Market - Schneier on Security
- 79% of US Consumers Fear Webcams Are Watching
- Over 800,000 Systems Still Vulnerable to BlueKeep Attacks | SecurityWeek.Com
- How Capture the Flag Competitions Strengthen the Cybersecurity Workforce
- Slack resets passwords for 1% of its users because of 2015 hack | ZDNet
- No, You Dont Need a Burner Phone at a Hacking Conference
- 8 Legit Tools and Utilities That Cybercriminals Commonly Misuse
- Open Source Hacking Tool Grows Up
- Best Practices for Branch Office Edge Security
- Alan Turing - the face of the new 50 note
- 18% of Enterprises Holding Back on Windows 10 Upgrade
- Mysterious hackers steal data of over 70% of Bulgarians
- Woman arrested at Apple store after inserting half-dozen stolen iPads inside her vagina
- John Paul Stevens and the U.S. Navy at War Remembering a fellow Cryppie who helped the U.S. turn the tide on the Japanese during World War II
- Slack Resets User Passwords After 2015 Data Breach
- Hacker Breached Sprint Customer Accounts Through Samsung Website
- Why 72% of people still recycle passwords Why 100% of Security Weekly hosts drink
- A.I. has a bias problem and that can be a big challenge in cybersecurity I'll bet some of us agree with this and some disagree. Why? Bias.
- Lenovo Confirms 36TB Data Leak Security Vulnerability "These vulnerabilities, if exploited, could have impacted the integrity, availability, and confidentiality of the systems," - I've got a few problems with this statement...
- Apple Is Sending Out Another Silent Update To Fix RingCentral Webcam Flaw Does Apple have a problem with worms?
- Zoom vulnerability reveals privacy issues for users Wait, don't we use Zoom?
- Why BlueKeep Hasn't Wreaked Havoc Yet
- 800k Systems Still Vulnerable to BlueKeep
- Billy Rios and Jonathan Butts created a Device that can literally kill people
- YAAS - Yet Another App Store - Kali NetHunter