Recorded October 3, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
- We're currently running our annual Listener Feedback Survey! Please visit securityweekly.com -> click the survey tab & select "2019 Listener Survey" to submit your responses!
- Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
- Mark your calendars for our Security Weekly Holiday Extravaganza! On December 19th, Security Weekly will be live-streaming 5 one hour panel discussions with some of the most knowledgable professionals in the industry! To round out the evening, Ed Skoudis will be joining the Security Weekly hosts to give his annual announcement about the CounterHack Holiday Hack Challenge! You can view the live stream on our Youtube channel or by visiting securityweekly.com/live. We hope to see you there!
Security News - 6:00-6:30PM
- American Express Insider Breaches Cardholder Information
- Turkey fines Facebook $282,000 over privacy breach
- FBI: Don't pay ransomware demands, stop encouraging cybercriminals
- WhatsApp Flaw Opens Android Devices to Remote Code Execution Attacks
- Measuring the Security of IoT Devices - Schneier on Security
- Good cybersecurity comes from focusing on the right things, but what are they? - Help Net Security
- Skylight Cyber | All Your Cloud Are Belong To Us (CVE-2019-12491)
- MITRE ATT&CK: Clipboard data
- 10 Cybersecurity Myths That Criminals Love
- Top 5 New Open Source Security Vulnerabilities in September 2019
- The Secret to CISO Success? Do This One Thing Extremely Well - Accellion
- Unfixable Jailbreak Exploit released iPhone X and prior vulnerable to exploit, physical access required. Fixed in iPhone 11.
- Doordash third-party breach hits 4.9M users Third party security is critical.
- "Bulletproof" Dark Web data center seized by German Police While the takedown is significant, services will likely move to alternate hosting sites.
- Ex-Yahoo Engineer Hacked accounts seeking Porn Ex-Yahoo Engineer cracked passwords, seeking credentials to access other services, porn, gaming, iTunes, etc.
- Microsoft blocks 38 more attachment types in Email These can be enabled by Exchange Admin. Include Python, PowerShell, Java and Certificate file typical extensions.
- O.MG Lightning Cable hits Prime Time The O.MG cable is hitting the shelves at Hak5 for $49.
- Tax and PII records of 20 Million Russians stored without encryption, leaked online Records from 2009-2016 exposed online via exposed AWS instance. Ukrainian owner of AWS instance determined, unknown if hackers have leveraged the data.
Interview: Stewart Room, PwC - 6:30 - 7:30PM
Room specialises in the field of data protection. information management and cyber security, including programme design and delivery, the commercial exploitation of data, the security of data, regulatory investigations and litigation arising from the misuse of data. He is rated as a leading individual in data protection by legal directory Chambers UK, who says he "is the kind of lawyer who inspires confidence" and "he is an excellent, first-rate, tactical lawyer."
He is one of the founding directors of Cyber Security Challenge UK (which forms part of the UK National Strategy for Cyber Security), the President of the National Association of Data Protection Officers and the editor of the Cyber Security Practitioner journal. Room has written a number of textbooks on information law and is regularly quoted in the press. He is a past winner of the Financial Times Innovative Lawyer of the Year award.
Data Privacy and The Journey to Code
Security Professionals have long understood the need to deliver security outcomes in technology and data, but is the privacy community on the same page? Data Privacy requires outcomes for matters such as data accuracy, data minimisation and fair processing, as well as risks, such as portability and access. These outcomes need tech and data solutions. In this session we will examine The Journey to Code, the next evolutionary step for Data Privacy.
Security & Compliance Introduction - 7:30PM-8:30PM
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly. This show is hosted by: Jeff Man, Josh Marpet, and Scott Lyons