Changes

From Security Weekly Wiki
Jump to navigationJump to search
762 bytes added ,  19:24, 12 July 2018
no edit summary
= Paul's Security Weekly #543 =
''Recorded January 11, 2018 at G-Unit Studios in Rhode Island!''
<!-- == Episode Audio ==<div align="center">
{{#widget:SoundCloud
|id=366788456383377001
|width=75%
|height=100
|visual=false
}}
</div> -->
=== Hosts ===
{{Template:Paul}}
= Interview: Diana Kelley & Ed Moyle - Security Curve - 6:00PM-6:45PM =
[[File:Diana_Kelley.jpg|right|220px|thumb|<center>'''[https://twitter.com/dianakelley14 Diana Kelley]'''<br> is the Chief Security Advisor, Co-Founder of [https://securitycurve.com/ Security Curve]. </center>]]Diana Kelley is the Cybersecurity Field CTO at Microsoft and a cybersecurity thought leader, practitioner, executive advisor, speaker, author and co-founder of SecurityCurve. She was the Global Executive Security Advisor at IBM Security and built and managed the IBM Security Research Community Newsroom. She leverage my leverages 25+ years of cyber risk and security experience to provide advice and guidance to CSOs, CIOs , and CISOs at some of the world’s largest companies. At IBM, she was a regular contributor to X-Force Research, lead author of IBM’s “5 Indisputable Facts about IoT Security” and co-author of the “Securing the C-Suite” and “Cybersecurity in the Cognitive Era” studies.[[File:EdMoyle.jpg|right|220px|thumb|<center>'''[https://twitter.com/securitycurve Ed Moyle]'''<br> is currently Director of Thought Leadership and Research for [https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=562 ISACA]. </center>]]Ed Moyle is currently Director of Thought Leadership and Research for ISACA. Prior to joining ISACA, Ed was Senior Security Strategist with Savvis and a founding partner of the analyst firm Security Curve. In his 15+ years in information security, Ed has held numerous positions including: Senior Manager with CTG’s global security practice, Vice President and Information Security Officer for Merrill Lynch Investment Managers, and Senior Security Analyst with Trintech. Ed is co-author of Cryptographic Libraries for Developers and a frequent contributor to the Information Security industry as author, public speaker, and analyst.
[[File:EdMoyle.jpg|right|220px|thumb|<center>'''[https://twitter.com/securitycurve Ed Moyle]'''<!br> is currently Director of Thought Leadership and Research for [https://www.isaca.org/Knowledge-Center/Blog/Lists/Posts/Post.aspx?ID=562 ISACA]. </center>]] Ed Moyle is currently Director of Thought Leadership and Research for ISACA. Prior to joining ISACA, Ed was Senior Security Strategist with Savvis and a founding partner of the analyst firm Security Curve. In his 15+ years in information security, Ed has held numerous positions including Senior Manager with CTG’s global security practice, Vice President and Information Security Officer for Merrill Lynch Investment Managers, and Senior Security Analyst with Trintech. Ed is a co- author of Cryptographic Libraries for Developers and a frequent contributor to the Information Security industry as an author, public speaker, and analyst.<center>{{#ev:youtube|PF69klX4LQUNx3nok8ZLws}}</center> --> # How did you get your start in information security?# With all of the protections available today, why is ransomware a threat to the enterprise? Or is it?# What are the weaknesses ransomware preys upon?# What is a tabletop exercise?# Why are they so useful for ransomware?# For practitioners listening, why should they love tabletop exercises and step away from the keyboard?# How do you execute on the lessons learned in tabletop exercises?
= Tech Segment: Jake Williams, SANS - 6:45-7:45PM =
[[File:Jake Williams.jpg|right|220px|thumb|<center>'''[https://twitter.com/MalwareJake Jake Willilams]'''<br> is the Principal Consultant at [https://www.renditioninfosec.com/ Rendition InfoSec]. </center>]]Jake Williams is the founder of Rendition Infosec and is a Senior Instructor at the SANS Institute. He currently performs smatterings of incident response, computer forensics, exploit development, and penetration testing. In a previous life, Jake worked for various three letter agencies doing all sorts of offensive and defensive cyber stuff (way before cyber was cool).<center>{{#ev:youtube|oS3khJKd3GQ}}</center>
* https://www.endgame.com/blog/technical-blog/detecting-spectre-and-meltdown-using-hardware-performance-counters
= Security News - 7:45PM-8:30PM =
 <!-- <center>{{#ev:youtube|PF69klX4LQUMuAhlCIz4e4}}</center> -->
== Paul's Stories ==
{{Template:PSWPaul543}}
 
==Larry's Stories==
== Jeff's Stories ==
Correction of last weeks story:
[https://danielmiessler.com/blog/simple-explanation-difference-meltdown-spectre/ According to Daniel Miessler’s blog post, it looks like I mismatched the Intel vulnerabilities for the architectures they effect]
 
[https://www.bleepingcomputer.com/news/microsoft/microsoft-pauses-rollout-of-windows-meltdown-and-spectre-patches-for-amd-devices/ Microsoft Pauses Rollout of Windows Meltdown and Spectre Patches for AMD Devices]
[https://www.macrumors.com/2018/01/10/macos-high-sierra-app-store-password-bug/ macOS High Sierra's App Store System Preferences Can Be Unlocked With Any Password]
[https://twitterwww.techspot.com/cnntechnews/status/951205508895199232 CES 2018: Blackout at tech's biggest show72612-western-digital-cloud-drives-have-built-backdoor.html Western Digital My Cloud drives have a built-in backdoor]
[httpshttp://wwwmoney.techspotcnn.com/news2018/7261201/10/technology/ces-western2018-digital-cloud-drives-have-built-backdoorblackout/index.html Western Digital My Cloud drives have a built-in backdoorCES 2018: Blackout at tech's biggest show]
{{SocialMedia}}
1,067

edits

Navigation menu