Difference between revisions of "Episode615"

From Paul's Security Weekly
Jump to: navigation, search
(Interview: Josh Douglas, Mimecast - 7:30PM-8:30PM)
(2 intermediate revisions by the same user not shown)
Line 43: Line 43:
 
<br> -->
 
<br> -->
  
= Josh Douglas - Mimecast - 7:30PM-8:30PM =
+
= Josh DouglasMimecast - 7:30PM-8:30PM =
 
+
[[File:JoshDouglas.jpg|right|250px|thumb|<center>'''[https://twitter.com/Mimecast Josh Douglas]'''is the at [https://www.mimecast.com/ Mimecast]</center>]] Joshua Douglas, Vice President of Threat Intelligence, joined Mimecast in 2019 after a stint as Chief Information Security Officer for TRC Companies Inc. He has two decades of experience in helping global organizations secure their most prized business/mission assets. Before TRC, Josh spent 12 years at Raytheon serving as the Chief Technology Officer for Forcepoint/Raytheon Cyber Products and Chief Strategy Officer for Raytheon Cyber Services. He is a forward-looking cybersecurity executive who creates advanced services and solutions that help protect enterprise from ever-changing risks and threats.
<!-- <center>{{#ev:youtube|iPHM80z9D9k}}</center>
 
 
 
== Paul's Stories ==
 
{{Template:PSWPaul615}}
 
 
 
== Larry's Stories ==
 
 
 
== Lee's Stories ==
 
#[https://www.techrepublic.com/article/cybersecurity-malware-lingers-in-smbs-for-an-average-of-800-days-before-discovery/ Malware lingers in SMBs for an average of 800 days before discovery] SMBs are often understaffed, or lack staff and infrastructure to detect and respond to Malware.
 
#[https://lifehacker.com/update-to-ios-12-4-right-now-to-block-new-vulnerabiliti-1836856944 Update to iOS 12.4 to Block New Vulnerabilities] 13% of five year old or less iOS devices are not even running iOS 12.
 
#[https://arstechnica.com/information-technology/2019/08/apples-airdrop-and-password-sharing-features-can-leak-iphone-numbers/ AirDrop and Password sharing can reveal passwords] Bug in AirDrop can be used to reveal device information including a cryptographic hash that can be decoded to the device phone number.
 
#[https://www.theregister.co.uk/2019/08/05/cafebreach_breach_23m_user_records/ CafePress changes password policy after 23m pwned accounts] CafePress was storing passwords insecurely, having users change their passwords fixes that. They aren't really acknowledging the breach.
 
#[https://blog.knowbe4.com/scam-of-the-week-equifax-settlement-phishing Equifax Settlement Phishing] Surprise, there are phishing emails for the Equifax settlement. Use the [https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement FTC Site] or go directly to [https://www.equifaxbreachsettlement.com/file-a-claim Equifax Settlement site].
 
#[https://thehackernews.com/2019/08/android-qualcomm-vulnerability.html  New flaws in Qualcomm Chips expose Android Devices to Hacking] Critical vulnerabilities dubbed "QualPwn" could allow devices to be exploited via WLAN firmware weakness. Devices with Qualcomm Snapdragon 835 and 435 chips vulnerable.
 
<br><br> -->
 

Revision as of 16:45, 12 August 2019

Recorded August 8, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.


  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
    • We're currently running our annual Listener Feedback Survey! Please visit securityweekly.com -> click the survey tab & select "2019 Listener Survey" to submit your responses!
    • Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
    • Mark your calendars for our Security Weekly Holiday Extravaganza! On December 19th, Security Weekly will be live-streaming 5 one hour panel discussions with some of the most knowledgable professionals in the industry! To round out the evening, Ed Skoudis will be joining the Security Weekly hosts to give his annual announcement about the CounterHack Holiday Hack Challenge! You can view the live stream on our Youtube channel or by visiting securityweekly.com/live. We hope to see you there!
    • Qualys is introducing a new prescription for security and it’s FREE: Global IT Asset Discovery and Inventory. Activate it today at securityweekly.com/qualys so you can achieve 100% near real-time visibility across your hybrid environments.


    Interview: Gabriel Gumbs, Spirion - 6:00-7:00PM

    Gabriel Gumbsis the VP of Product Management at Spirion
    Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirion’s rapidly-growing security platform. A cybersecurity industry veteran with a 19 year tenure in CyberSecurity, he has spent much of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations. Gabriel is an information security thought leader, privacy advocate and public speaker.




    Software Development: Security Do's & Dont's- 6:30 - 7:30PM

    Josh Douglas, Mimecast - 7:30PM-8:30PM

    Joshua Douglas, Vice President of Threat Intelligence, joined Mimecast in 2019 after a stint as Chief Information Security Officer for TRC Companies Inc. He has two decades of experience in helping global organizations secure their most prized business/mission assets. Before TRC, Josh spent 12 years at Raytheon serving as the Chief Technology Officer for Forcepoint/Raytheon Cyber Products and Chief Strategy Officer for Raytheon Cyber Services. He is a forward-looking cybersecurity executive who creates advanced services and solutions that help protect enterprise from ever-changing risks and threats.