Application security, Cybersecurity Asset Management, Cloud security, Compliance, Remote access, Threat intelligence, Vulnerability management

A Manual Transmission With No Clutch – PSW #661

This week, it's the Security Weekly Virtual Hacker Summer Camp edition of Paul's Security Weekly! In our first segment, we welcome Chad Anderson, Senior Security Researcher at DomainTools, to discuss Observing Disinformation Campaigns! In our second segment, it's the Security News! We'll be talking about How hackers could spy on satellite internet traffic with just $300 of home TV equipment, Smart locks opened with nothing more than a MAC address, 17-Year-Old 'Mastermind' and 2 Others Behind the Biggest Twitter Hack Arrested, Flaw in popular NodeJS express-fileupload module allows DoS attacks and code injection, and how Netgear Won't Patch 45 Router Models Vulnerable to a Serious Flaw! In our final segment, we air a pre recorded interview with Sumedh Thakar, President and Chief Product Officer at Qualys, and Mehul Revankar, VP Product Management and Engineering of VMDR at Qualys, discussing Automating Your Vulnerability Management Program!

For your free trial of Qualys VMDR, visit: https://securityweekly.com/qualys

Visit https://securityweekly.com/domaintools to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

View Show Index

Full Audio

Segments

1. SWVHSC: Observing Disinformation Campaigns – Chad Anderson – PSW #661

Chad talks about the DomainTools COVID research (and how they stumbled on the CovidLock Android ransomware), mapping the Reopen Campaigns in more detail. He will then touch on some of the work he is doing that will be released that maps Twitter hunting into a nice, observable dashboard for the lazy.

This segment is sponsored by DomainTools.

Visit https://securityweekly.com/domaintools to learn more about them! This segment is sponsored by DomainTools. Visit http://domaintools.com/ to learn more about them!

Sponsored By

DomainTools

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Guest

Chad Anderson
Chad Anderson
Senior Security Researcher at DomainTools

Chad has a particular interest in automation, network security and their intersection. His primary focus leans heavily on leveraging open source technologies to improve deployments, network security and systems administration at DomainTools.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Matt Alderman
Matt Alderman
VP, Product at Living Security

2. SWVHSC: Netgear Flaws, Satellite Spying, & Stealing UltraLoq Keys – PSW #661

How hackers could spy on satellite internet traffic with just $300 of home TV equipment, Smart locks opened with nothing more than a MAC address, 17-Year-Old 'Mastermind' and 2 Others Behind the Biggest Twitter Hack Arrested, Flaw in popular NodeJS express-fileupload module allows DoS attacks and code injection, and how Netgear Won't Patch 45 Router Models Vulnerable to a Serious Flaw!

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory

3. Automating Your Vulnerability Management Program – Mehul Revankar, Sumedh Thakar – PSW #661

In this segment we discuss the importance of automating the Vulnerability Management Program and discuss Qualys VMDR which takes vulnerability management to the next level bringing detection and response to vulnerability management.

For your free trial of Qualys VMDR, visit: https://securityweekly.com/qualys

Sponsored By

Qualys

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guests

Mehul Revankar
Mehul Revankar
VP Product Management and Engineering, VMDR at Qualys

Mehul is a cybersecurity professional with over 15 years of experience in Vulnerability Management, Policy Compliance and Security Operations. He leads the product management and engineering functions for VMDR (Vulnerability Management, Detection and Response) at Qualys. Before joining Qualys, Mehul led development of vulnerability and patch management products at SaltStack, and prior to that he led multiple research teams at Tenable.

Sumedh Thakar
Sumedh Thakar
CEO at Qualys

As CEO, Sumedh leads the company’s vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. Since 2014, he has served as Chief Product Officer at Qualys, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24×7 follow-the-sun product team.

Sumedh is a long-time proponent of SaaS and cloud computing. He previously worked at Intacct, a cloud-based financial and accounting software provider. He also worked at Northwest Airlines developing complex algorithms for its yield and revenue management reservation system. Sumedh has a bachelor’s degree in computer engineering with distinction from the University of Pune.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
prestitial ad