– PSW #715
Full Audio
View Show IndexSegments
1. Evolution & Maturity of the Cybersecurity Industry – Maxime Lamothe-Brassard – PSW #715
The business of Security is gaining in maturity, from being an obscure corner of IT to becoming a core part of the C-Suite. How is this transformation happening and what can we learn from the similar trend that occurred in IT for the last decade?
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
As part of the Canadian Intelligence apparatus, Maxime worked in positions ranging from development of cyber defence technologies through Counter Computer Network Exploitation and Counter Intelligence. Maxime led the creation of an advanced cyber security program for the Canadian government and received several Director’s awards for his service.
After leaving the government, Maxime provided direct help to private and public organizations in matters of cyber defence and spent some time working with CrowdStrike. For the past few years Maxime has also been providing analysis and guidance to major Canadian media organizations. Maxime left Google X – where he was a founding member of Chronicle Security – in 2018 to found LimaCharlie.
Hosts
2. Scanning For Default Credentials With Python – PSW #715
We've been working on this Python project that will use the Nmap Python library to scan the local network, enumerate select systems and devices, try to login with default or known credentials, and send a Slack message if it finds anything.
The initial release is here: https://github.com/SecurityWeekly/netslackbot
Announcements
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
Hosts
3. Wild Hippos, Chrome FTP, L0phtCrack Is Open-Source, Win 11 Pentium, & Legacy Systems – PSW #715
This week in the Security News: More security advice for non-profits, faster 0-day exploits, ban all the things, you are still phishable, how to treat security researchers, what the heck is cyber hygiene?, Gummy browsers, the Internet is safe now, a particular kind of crack is open-source, sysmon: Now for Linux, Windows 11 and lies, and cocaine Hippos!
Announcements
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
In case you missed it: Paul's Security Weekly's new streaming time is Wednesday nights from 6pm-9pm ET & Enterprise Security Weekly's new streaming time is Thursday afternoons from 3pm-4:30pm ET. You can view our live stream schedule at any time at https://securityweekly.com/live!
Hosts
- 1. VPN Provider’s Misconfiguration Exposes One Million UsersAt least one million users of a Chinese-run VPN service have had their personally identifiable information (PII) exposed due to a misconfigured Elasticsearch
- 2. 83% of ransomware victims paid ransom: SurveyA new survey of 300 US-based IT decision-makers found that 64% have been victims of a ransomware attack in the last 12 months, and 83% of those attack victims paid the ransom demand.
- 3. Zerodium wants zero-day exploits for Windows VPN clientsIn a short tweet today, exploit broker Zerodium said that it is looking to acquire zero-day exploits for vulnerabilities in three popular virtual private network (VPN) providers NordVPN, ExpressVPN, and SurfShark VPN.