What’s New With PCI v4.0 – Jeff Man – ESW #279

Device Security
Ant-Man, IOT APTs, Open Sea, Microsoft, Jenkins, SFC, & Zuo Rat – Wrap Up – SWN #221
Vulnerability management
Destructive Firmware, Keys to the Kingdom, the Device Level, & 5 CyberSec Myths – PSW #746
Careers
Cult of the Dead Cow & the Best Cybersecurity Journalism – Joseph Menn – PSW #746

Demos & Training

Posts & News

Cybercrime

The insider threat now lives outside the office

Kurtis Minder July 6, 2022

In the hybrid work era, companies are ignoring operational security risks – here’s how to fix it.

Compliance

Compliance in the era of big data

Ross Hosman July 5, 2022

A focus on compliance can save companies big money in potential fines from GDPR or CCPA regulations.

Network security

Three tips for sharpening up DNS integrity

Mark FleggJuly 1, 2022

A company’s DNS offers a gateway to its supply chain. Here are three ways to lock down DNS infrastructure.

Leadership

Why security teams need to prioritize learning from others

Michael SantarcangeloJune 30, 2022

Success in security not only means talking to other teams, but learning from them, says leadership columnist Michael Santarcangelo.

MORE

SW Labs

Vulnerability management

Detectify’s Surface Monitoring Review | Security Weekly Labs

Paul AsadoorianMarch 11, 2022

A look at the company’s attack surface monitoring and web application scanning solution

Device Security

As XDR trend gains steam, new alliance seeks ‘shared schema’ for data exchange

Bradley BarthNovember 19, 2021

CrowdStrike CTO Michael Sentonas addressed the recently announced CrowdXDR Alliance and its goal of providing users with an XDR platform featuring a variety of integrated solutions.

MORE

What’s New With PCI v4.0 – Jeff Man – ESW #279

Ant-Man, IOT APTs, Open Sea, Microsoft, Jenkins, SFC, & Zuo Rat – Wrap Up – SWN #221

Destructive Firmware, Keys to the Kingdom, the Device Level, & 5 CyberSec Myths – PSW #746

Cult of the Dead Cow & the Best Cybersecurity Journalism – Joseph Menn – PSW #746

Do It Yourself: Building a Security Lab At Home

Free and Open-Source Wireless IDS With Nzyme￼

Do These 5 Things to Catch More Bad Guys

KQL Kung Fu: Finding the Needle in the Haystack in Azure Environments

SYSMON: Gaining Visibility Into Your Enterprise￼

Posts & News

The insider threat now lives outside the office

Compliance in the era of big data

Three tips for sharpening up DNS integrity

Why security teams need to prioritize learning from others

SW Labs

Detectify’s Surface Monitoring Review | Security Weekly Labs

As XDR trend gains steam, new alliance seeks ‘shared schema’ for data exchange

SHOWS

Plastic Bags, NSA Playsets, Megs Insecure, PHP Strikes Back, & Gamification – PSW #745

Learning Should Be Fun – Sam Bowne – PSW #745

Big DDOS, Tracking Smartphones, BIOS Doom, NSO Buyer, & Android Children – PSW #744

We Help The Helpers; You Can Too! – Ray Davidson – PSW #744

Prank Calls, Lazarus APT, WordPress Critical Vulns, CISA Adds 41 Flaws, & Zoom Bugs – PSW #742

Attack Surface Management & Experience in the Age of Security – ESW #279

Stopping Phishing Attacks & A Fresh Approach to Reducing Cyber Risk – Chris Cleveland, Mehul Revankar – ESW #278

IBM Acquires Randori, Quantum Devices, Microsoft Defender, & RapidFort – ESW #278

Breaking Through Vendor Barriers: Product Data as a Service – Tim Morris – ESW #278

The Evolving Phishing Threat & Protect Valuable Data as Workforce Volatility Rages – ESW #277

Security Consolidation & Beyond the CyberSec Motions – Malcolm Harkins, Paul McKay – BSW #267

The Board’s Role In Cybersecurity – Brandon Dunlap – BSW #266

Inside the CISO’s Office – John Bruggeman – BSW #266

Defining Cyber Risk & Is the Market Ready for Integrated Cyber Risk Management? – BSW #265

Boards & Cybersecurity, The New CISO Role, & Reskilling – BSW #265

More Fuzzing, a Decade of OT Security, & Top Threats to Cloud Computing – ASW #202

How GraphQL & Template Injection Threats Influence App Architectures – Mike Benjamin – ASW #202

IE11 Goes to Zero — A History of Browser Security and Bug Bounties – ASW #201

Hertzbleed, SynLapse, Java Deserialization, More MFA, Firmware Flaws, & Zombie 0-Day – ASW #201

Protect Entire IT Ecosystem with Cisco Security Cloud and The Culture Blindspot – Jeetu Patel, Sonali Shah – ASW #200

The Security Hippie, Part 2 – Barak Engel – SCW #99

The Security Hippie, Part 1 – Barak Engel – SCW #99

Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 2 – Ben Carr – SCW #98

Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 1 – Ben Carr – SCW #98

Hacker Situational Awareness, Part 2 – John Threat – SCW #97

AI, Kubernetes, Skimming, US Law, OpenSSL, & Alexa – SWN #220

Fancy Bear Nukes, CISA/NSA on PowerShell, & More Crime – Wrap Up – SWN #219

Angry AI, Hertzbleed, Microsoft, QNAP, Black Folders, & Notorious RBG – Wrap Up – SWN #217

End of Explorer, Vytal, SeaFlower, Metasploit, CoinBase, Symbiote, & Floppotron 3.0 – SWN #216

Elon Balks, CISA, Nebuchadnezzar, Lianjia, iPhone, Leaky Sites, & “Brushing” – SWN #213

Evilginx2 Man-in-the-Middle Attacks – Tradecraft Security Weekly #29

Google Event Injection – Tradecraft Security Weekly #20

Dissecting XXE Attacks – Tradecraft Security Weekly #19

Pivoting Tools Through Meterpreter – Tradecraft Security Weekly #16

Black Hat & DEF CON 2017 – Tradecraft Security Weekly #13

Free and Open-Source Wireless IDS With Nzyme

SYSMON: Gaining Visibility Into Your Enterprise