Topics
Industry
Events
Podcasts
Research
Recognition
Leadership
Paul's Security WeeklySubscribe
Asset Management, Container security, Cloud, Configuration management, Endpoint Security, Endpoint Security

PSW #664

August 28, 2020
Section 0

Most analysts will tell you that they balance between being thorough and getting the job done quickly. Paul Battista asked the security community to weigh in on this debate. He’ll share what they thought and explain why it’s no longer necessary to choose between the two. This segment is sponsored by Polarity. Visit https://www.polarity.io/sw to learn more about them!

Take the Polarity Challenge! Get your free community edition by visiting: www.polarity.io/sw

Dynamic application security testing (DAST) for web applications has come a long way, establishing a niche market with a variety of offerings. In this segment Ferruh will discuss the big differences in DAST solutions available and help you understand which one is a pure DAST that you could rely on the most in this day and age. This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

SWVHSC Micro Interviews: Polarity & Netsparker

None

Hosts

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Ferruh Mavituna

Ferruh Mavituna – CEO
Paul Battista

Paul Battista – CEO & Founder
http://traffic.libsyn.com/sw-all/PSW_664_-_Netsparker__Polarity-0_converted.mp3
Section 1

Google Researcher Reported 3 Flaws in Apache Web Server Software, Medical Data Leaked on GitHub Due to Developer Errors, Experts hacked 28,000 unsecured printers to raise awareness of printer security issues, Tesla Is Cracking Down On Performance-Enhancing Hacks For The Model 3, Former Uber CSO Charged Over Alleged Breach Cover-Up, and Researchers Sound Alarm Over Malicious AWS Community AMIs! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Hacking Tesla’s Model 3, 28,000 Printers Hijacked, & iOS 14 Privacy Changes

None

Hosts

Doug White

Doug White – Professor
Jeff Man

Jeff Man – Sr. InfoSec Consultant
Joff Thyer

Joff Thyer – Security Analyst
Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research
Lee Neely

Lee Neely – Senior Cyber Analyst
Paul Asadoorian

Paul Asadoorian – Founder & CTO
Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Announcements

  • Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

http://traffic.libsyn.com/sw-all/PSW_664_-_Security_News-0_converted.mp3
Section 2

Sponsored By

sponsor
Visit https://securityweekly.com/vicarius for more information!

The growth in software vulnerability exploitation creates a need for better prediction capabilities. Over time, there have been shifts in the ways of discovering vulnerabilities in binary code. Research and development of new tools enables security pros to adopt innovative techniques to scale the process.

This segment is sponsored by Vicarius.

Visit https://securityweekly.com/vicarius to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Predicting Vulnerabilities In Compiled Code – Roi Cohen & Shani Dodge

None

Hosts

Lee Neely

Lee Neely – Senior Cyber Analyst
Paul Asadoorian

Paul Asadoorian – Founder & CTO
Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Guests

Roi Cohen

Roi Cohen – Co-Founder & VP Sales
Shani Reiner (Dodge)

Shani Reiner (Dodge) – C++ Developer

Announcements

  • Security Weekly is ramping up our webcast/technical training schedule for the rest of 2020! In September you can Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network, Find out Why Traditional Data Security Can’t Be Zero Trust, and Learn how to reduce the blast radius of your cloud infrastructure. Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

http://traffic.libsyn.com/sw-all/PSW_664_-_Roi_Cohen__Shani_Dodge_Vicarius-0_converted.mp3

Related

Remote access
Zyxel patches RCE vulnerability in firewalls following report by Rapid7

Steve ZurierMay 13, 2022

Rapid7 researchers found the vulnerability allowing remote code execution by an attacked in a broad range of Zyxel firewalls.

Malware
Novel ‘Nerbian RAT’ uses OS-agnostic Go programming language to spread across platforms 

Steve ZurierMay 11, 2022

Proofpoint researchers say novel malware uses COVID-19 and World Health Organization themes to spread in Italy, Spain and the United Kingdom.

Remote access
Microsoft patches flaw in Azure Data Factory and Azure Synapse Pipelines

Steve ZurierMay 10, 2022

Security researchers advise teams to patch immediately because the flaw lets attackers execute remote commands across Azure integration runtimes.

prestitial ad
About Us
SC MediaCyberRisk AllianceContact UsCareersPrivacy
Get Involved
SubscribeContribute/SpeakAttend an eventJoin a peer groupPartner With Us
Explore
Product reviewsResearchWhite papersWebcastsPodcasts

Copyright © 2022 CyberRisk Alliance, LLC All Rights Reserved This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.

Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.