From Security Weekly Wiki
Jump to navigationJump to search

Security Weekly News Episode 17 - 2020-03-10

Episode Audio

Security Weekly News Episode 17


  • Is your Open Source code secure? Learn how to verify your code during development, not after the build in our next webcast with Synopsys. Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand. Each webcast will earn you 1 CPE credit that we will submit on your behalf if you provide your ISC2 number.
  • We have officially migrated our mailing list to BACK to our original platform! We have our categories nailed down and you are now able to customize what you receive from us based on your preferences by visiting securityweekly.com/subscribe and clicking the button to join the list! Once you have joined, you will also be able to go back and update your "interests" so that we can grow with you as you progress through your journey in InfoSec!
  • Join us at InfoSecWorld 2020 - June 22nd-24th at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
  • We’re looking forward to attending SecureWorld Boston, July 15th-16th, 2020 at the Hynes Convention Center. The 16th annual conference brings together New England’s InfoSec community for training, collaboration, and networking. This year’s theme is “Animal Defenses of the Animal Kingdom.” Security Weekly listeners save $100 on their registration for a full Conference Pass. Go to www.secureworldexpo.com and register using the discount code SECURITYWEEKLY.
  • We are looking for high-quality guest suggestions for our Enterprise Security Weekly podcast to fill our upcoming recording schedule! We're committed to educating and providing entertainment for the InfoSec community and we would love to hear from you about who you would like us to interview on the show! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!

Fullaudio - None


This week, Microsoft starts disabling authentication, New ransomware called PwndLocker is out and about, and a secret-sharing app called Whisper is "the safest place on the internet. James Adams from Core Security, a Help Systems Company joins us today talking about "How to think and act like a hacker."

Visit https://www.securityweekly.com/swn for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Doug White's Content:

Doug White-0.png

Template:SWN17FullaudioDoug White

News - James Adams and the News


Microsoft dumps legacy protocols, Whisper leaks all your secrets and ranks predators, malware developers unimpressed with Chrome 80, and James Adams from Core Security.

Doug White's Content:

Doug White-0.png

  1. Microsoft disabled their legacy protocols across the company...
  2. RSA talk about shifting security to the left in the DEVOPS process.
  3. The promise of FIDO is back in the news for getting rid of passwords.
  4. FIDO Alliance website.
  5. Smishing is a new backdoor to corporate networks.
  6. PwnedLocker is a new shellcode ransomware.
  7. Ransomware goes after low-end targets.
  8. Whisper leaves the door open to users' secrets.
  9. Estonian crypto exchange, Crex24 covering up thefts?
  10. Google Chrome 80 new crypto fails to impress malware distributers.
  11. Music for handwashing in times of plague by Darkthrone.