Security Weekly
Paul's Security WeeklySubscribe

Special Treats – PSW #620

Full Audio

View Show Index

Segments

1. Anything Red/Purple Teaming – Jason Lang – PSW #620

Jason Lang is the Sr. Security Consultant of TrustedSec. Modern day red teaming against some of the largest company's in the US. Current passion is Ansible for red teamers (i.e. fast infrastructure buildout).

To learn more about TrustedSec, visit: https://securityweekly.com/trustedsec Full Show Notes: https://wiki.securityweekly.com/Episode620

Guest

Jason Lang
Sr Security Consultant at TrustedSec

worked on TrustedSec’s Adversary Emulation and Threat Research team. His job is red teaming, purple teaming, pentesting. Jason has been in Infosec for 10+ years, with over 5 years in offensive security / pentesting. He has a background in enterprise. He enjoys coding in C#, Powershell, python – DerbyCon speaker/trainer – “Amish Hacker”. He lives in the middle of nowhere. Jason enjoys woodworking, fly fishing, and beekeeping.

Hosts

Principal Security Evangelist at Eclypsium
Security Analyst at Black Hills Information Security
Product Security Research and Analysis Director at Finite State
Senior Cyber Advisor at Lawrence Livermore National Laboratory

2. Audio Security – PSW #620

Wes Widner is the Cloud Engineering Manager at CrowdStrike. Wes will be talking about personal voice assistants are the wave of the future. So naturally we should wonder about the unique attack vectors they pose. I'd like to discuss my research into this field and share a few tips on how you can keep yourself safe around voice assistants.

Full Show Notes: https://wiki.securityweekly.com/Episode620

Guest

Wes Widner
Cloud Engineering Manager at CrowdStrike

engineers clouds with Crowdstrike. Large-scale distributed threat intelligence systems that span a range of threat vectors are his bread and butter. His work history includes data engineering with McAfee Labs’s Global Threat Intelligence department and malware pipelining with Norse Corporation. In his ample spare time, Wes also enjoys teaching children how to hack, ethically of course.

Hosts

Principal Security Evangelist at Eclypsium
Security Analyst at Black Hills Information Security
Product Security Research and Analysis Director at Finite State
Senior Cyber Advisor at Lawrence Livermore National Laboratory

3. iOS, Equifax Is Back, & phpMyAdmin CSRF Zero-Day – PSW #620

In the Security News, how an iOS 13 flaw could provide access to contacts with passcode, Equifax demands more information before making payouts, confidential data of 24.3 million patients were discovered online, and a SIM Flaw that lets hackers hijack any phone by sending SMS!

Full Show Notes: https://wiki.securityweekly.com/Episode620

Hosts

Principal Security Evangelist at Eclypsium
Security Analyst at Black Hills Information Security
Product Security Research and Analysis Director at Finite State
Senior Cyber Advisor at Lawrence Livermore National Laboratory

Related

Hacker Heroes – Winn Schwartau – PSW #825

Pioneering the Cyber Battlefield: A Deep Dive with Winn Schwartau, Cybersecurity Luminary Get ready for an extraordinary episode as we sit down with Winn Schwartau, a true pioneer and luminary in the world of cybersecurity. Winn's impact on the field is nothing short of legendary, and in this podcast interview, we uncover the profound insights an...
PCI 4.0 – PSW #825

Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for a...