HNN #238 – October 22, 2019

October 22, 2019

This week, researchers turn Alexa and Google Home into credential thieves, Microsoft aims to block firmware attacks with new secured-core PCs, the popular VPN service NordVPN confirms data center breach, a 4-year-old critical Linux Wi-Fi bug allows system compromise, and US nuclear weapons command finally ditches 8-inch floppies! In the expert commentary, we welcome Jason Wood, to discuss the Evolution of False Flag Operations!

Visit https://www.securityweekly.com/hnn for all the latest episodes!

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. October 22, 2019 – HNN #238

Samsung Blames Galaxy S10, Note 10 Fingerprint Unlock Bug on Covers, Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise, Popular VPN service NordVPN confirms data center breach, Researchers Turn Alexa and Google Home Into Credential Thieves, Microsoft Aims to Block Firmware Attacks with New Secured-Core PCs , US nuclear weapons command finally ditches 8-inch floppies, and much more! Jason Wood gives expert commentary on The Evolution False Flag Operations.

Hosts

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Jason Wood

Senior Researcher at CrowdStrike

Cloud security

Security Product Metrics, ML 101, PEACH for Cloud, Log4Shell Lookback, Appsec Tools – ASW #224

January 2, 2023

Metrics for building a security product, hands-on image classification attacks, a proposed PEACH framework for cloud isolation, looking back at Log4Shell, building an appsec toolbox

Threat intelligence

Security Top of Mind: Key Learnings from 2022 and Thoughts on 2023 – Ryan Kazanciyan – CSP #101

December 20, 2022

Join Ryan Kazanciyan, CISO at Wiz (previously Meta, Tanium, Mandiant), and Raaz Herzberg from Wiz for a discussion on core security challenges we saw in 2022 and what should be top of mind for companies and security teams as they head into 2023. This segment is sponsored by Wiz. Visit https://securityweekly.com/wiz to learn more about them!

Security awareness

Simplifying Cloud Security – Terry Barber, Parag Bajaria – ESW #300

December 15, 2022

Security teams struggle with managing cyber risk across cloud workloads, services, resources, users, and applications. Parag will discuss the issues this presents and how Qualys’ new TotalCloud solution allows organizations to see all their cloud resources, relationships between resources, the external attack surface, and attack path mapping all de...