Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Code Security Podcasts
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
Deception, influence, and social engineering in the world of cyber crime.
…
continue reading
Automation, Generative AI, Shift Left - the world of application security is evolving fast! Security Journey introduces the newest go-to AppSec resource, The Security Champions Podcast, hosted by Director of Application Security Michael Burch.Gain exclusive insight from software development leaders and security experts – from recounting their security champion journey to diving into the latest headlines in the AppSec world. Learn how to build, maintain and scale a successful software securit ...
…
continue reading
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot ...
…
continue reading
Error Code is a biweekly narrative podcast that provides you both context and conversation with some of the best minds working today toward code resilience and dependability. Work that can lead to autonomous vehicles and smart cities. It’s your window in the research solving tomorrow’s code problems today.
…
continue reading
discussions on topics connected with software development; privacy, security, management, tools, techniques, skills, training, business, soft skills, health
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
…
continue reading
Technology and Security (TS) explores the intersections of emerging technologies and security. It is hosted by Dr Miah Hammond-Errey. Each month, experts in technology and security join Miah to discuss pressing issues, policy debates, international developments, and share leadership and career advice. https://miahhe.com/about-ts | https://stratfutures.com
…
continue reading
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.
…
continue reading
Code to Cloud is the podcast for builders—founders, engineers, and tech leaders—shipping the future of cloud, faster. From MVP to hyperscale, we dive into what really matters: cloud-native infrastructure, DevSecOps, AI integration, adaptive strategies, and modern app development. Hosted by Kevin Evans, a 25-year tech veteran, Senior Technologist at Microsoft, and fractional CTO at Code to Cloud, each episode delivers tactical conversations with engineering leaders, startup operators, and clo ...
…
continue reading
Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
…
continue reading
The mnemonic security podcast is a place where IT Security professionals can go to obtain insight into what their peers are working with and thinking about.
…
continue reading
The OWASP Podcast Series is a recorded series of discussions with thought leaders and practitioners who are working on securing the future for coming generations.
…
continue reading
Podcast Channel ที่ว่าด้วยเรื่องของ Security
…
continue reading
A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
…
continue reading
Main AI by CodeRabbit is a podcast that brings you deep conversations with legendary developers who've shaped the tools we use every day. We explore how artificial intelligence is transforming software development while celebrating the creators and tools that built our foundation. Each episode features intimate discussions about building developer tools, maintaining open source projects, and navigating the evolution of technology.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
A podcast focusing on the intersection between cybersecurity, national security, and geopolitics
…
continue reading
Software's best weekly news brief, deep technical interviews & talk show.
…
continue reading
The world of application development moves quickly. New tools, new processes, and new threats are always popping up. Through enlightening interviews with industry leaders, From Code to the Cloud helps you stay on top of new developments in Low Code and Salesforce DevOps.
…
continue reading
Unsupervised Learning is about ideas and trends in Cybersecurity, National Security, AI, Technology, and Culture—and how best to upgrade ourselves to be ready for what's coming.
…
continue reading
In the security industry, it's easy to get overwhelmed by the constant barrage of information and buzzy trends. On Security Noise, we help you sort through the noise and identify the information that truly matters. Listen to hear from practitioners in the field who are using the latest tools and methodologies to stay ahead. Whether you're a seasoned security pro or an industry newcomer, our podcast has something for anyone in the business of making the world secure. Presented by TrustedSec, ...
…
continue reading
Join us on Distilled Security as we delve into the fascinating world of cybersecurity. Each episode, we break down intriguing topics, analyze the latest news, and engage in in-depth conversations with our hosts and invited guests. Whether you're a seasoned professional or just curious about cybersecurity, our podcast offers valuable insights and thought-provoking discussions to keep you informed and entertained. Tune in and stay ahead of the curve in the ever-evolving landscape of cybersecurity.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Welcome to For a Cloudy Day, the podcast where we talk about the cloud technology industry with insights from experts. Hosted by Co-native, the home of cloud specialists.
…
continue reading
Cyber Security News, Analysis and Opinion
…
continue reading
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
…
continue reading
The Lawfare Podcast features discussions with experts, policymakers, and opinion leaders at the nexus of national security, law, and policy. On issues from foreign policy, homeland security, intelligence, and cybersecurity to governance and law, we have doubled down on seriousness at a time when others are running away from it. Visit us at www.lawfareblog.com. Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
DevOps was always meant to include security, but in reality, the cultures didn’t align—leaving many organizations without a mature DevSecOps strategy. So how do you complete the DevSecOps journey? Join Techstrong and Checkmarx for DevSecOps: Cracking the Code, a new webinar series packed with expert insights and actionable advice to help you successfully evolve from DevOps to DevSecOps.
…
continue reading
Tech Disruptors by Bloomberg Intelligence features conversations with thought leaders and management teams on disruptive trends. Topics covered in this series include cloud, e-commerce, cybersecurity, AI, 5G, streaming, advertising, EVs, automation, crypto, fintech, AR/VR, metaverse and Web 3.0. This podcast is intended for professional investors only. It is being prepared solely for informational purposes only and does not constitute an offer or investment advice.
…
continue reading
Every day, a team of AIs deliver simple, straightforward updates from the world of artificial intelligence.
…
continue reading
Felix explores Internet of Things (IoT) and Operational Technology cyber security. Perfect for project managers, developers, and those learning about penetration testing in this niche area. Email Felix using [email protected] Get more information at the website: yougottahackthat.com Find You Gotta Hack That on LinkedIn and X @gotta_hack
…
continue reading
Larry and Kerry talk about parenting issues during Covid-19 isolation period
…
continue reading
1
Cybersecurity, Privacy, Risk Management, Cryptocurrencies, Fintech, Information Technology
Shahid Sharif
6
38
Career guidance & consulting services in Information Technology, Cybersecurity, Privacy, Risk Management, Cryptocurrencies, & Fintech #self improvement # productivity #cybersecurity #security #privacy #risk #fintech #blockchain #cryptocurrencies
…
continue reading
Breaking the Internet is a podcast about tech for tech - but we’re not like other girls. Serena (@shenetworks) and Ali (@endingwithali) take to the mic to talk about the industry, trends, history and more.
…
continue reading
15 minutes news, tips, and tricks on the Go programming language.
…
continue reading
Phillip Wylie interviews cybersecurity industry experts on offensive security and techniques around penetration testing and red teaming.
…
continue reading
The law affects our lives and our society in many unique and profound ways. Reasonably Speaking, produced by The American Law Institute, features interviews with legal experts on some of the most important legal topics of our time. Each episode takes you through the law in action, beyond courtrooms and casebooks. Whether you are a legal scholar or a concerned citizen, this examination of the relationship between our laws and our society will leave you with a better understanding of how we go ...
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Security Boulevard is the destination for the security community to stay up on the latest news, discussion and analysis. Home of the Security Bloggers Network, Security Boulevard has more security related content than anywhere else on the web.
…
continue reading
Struggling to keep pace with the ever-changing world of technology? For experienced tech professionals, making sense of this complexity to find real strategic advantages is key. This series offers a clear path, featuring insightful, casual conversations with leading global experts, innovators, and key voices from Red Hat, all cutting through the hype. Drawing from Red Hat's deep expertise in open source and enterprise innovation, each discussion delves into new and emerging technologies-- fr ...
…
continue reading
Discussions with regulators, top lawyers and entrepreneurs about the legal framework for blockchain technology. We look at international regulations, trends, and jurisprudence impacting crypto and its related parts.
…
continue reading
1
Software Engineering Institute (SEI) Podcast Series
Members of Technical Staff at the Software Engineering Institute
51412
The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.
…
continue reading
Podcast by Skyscanner
…
continue reading
1
EP 66: Secure only the OT code that actually runs
23:11
23:11
Play later
Play later
Lists
Like
Liked
23:11
Many organizations spend valuable security resources fixing vulnerabilities in code that never actually runs—an inefficient and often unnecessary effort. Jeff Williams, CTO and founder at Contrast Security, says that 62% of open source libraries included in software are never even loaded into memory, let alone executed. This means only 38% of libra…
…
continue reading
1
Episode 14: AI Risks, Threat Modeling, and The Future of Vibe Coding
1:22:30
1:22:30
Play later
Play later
Lists
Like
Liked
1:22:30
Episode 14 of the Distilled Security Podcast is here! This week, the team welcomes guest John Zeolla, a cybersecurity expert and AI enthusiast, for a deep dive into the risks, realities, and potential of artificial intelligence. Topics include: Shadow AI in the Enterprise: Why business leaders are adopting AI faster than CISOs can assess the risks—…
…
continue reading
1
Snyk CEO Talks About Security for Coding Tools
42:09
42:09
Play later
Play later
Lists
Like
Liked
42:09
The current phase of software development is probably the most insecure era ever — there’s so much more application and code that’s vulnerable, according to Snyk CEO Peter McKay. “It was a struggle for security teams to keep up with the pace of software development prior to generative AI, and now with generative and copilot and Windsurf and all the…
…
continue reading
1
7.19 - Hacker Culture: The Self Modifying Code
46:32
46:32
Play later
Play later
Lists
Like
Liked
46:32
Hack the planet! In this episode of Security Noise, Geoff and Skyler chat with TrustedSec CSO & VP of Consulting Martin Bos and Principal Security Consultant Mike Felch about the evolution of hacker culture. They talk about their early experiences with hacking, cyber tech, and movies as well as cultural shifts over the years and how it has impacted…
…
continue reading
1
Cracking The Offensive Security Career Code with Michael Kim
38:26
38:26
Play later
Play later
Lists
Like
Liked
38:26
In the inaugural episode of the Simply Offensive podcast, host Phillip Wylie interviews Michael Kim, a cybersecurity professional with a diverse background. Michael shares his journey from music to cybersecurity, emphasizing the importance of networking, certifications, and continuous learning. He discusses the challenges of breaking into pen testi…
…
continue reading
1
Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337
38:26
38:26
Play later
Play later
Lists
Like
Liked
38:26
Manual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful code review process. It's a process that starts with understanding code, which can even benefit from a…
…
continue reading
1
Vibe Coding vs Low-Code/No-Code: Security Risks and CI/CD Pipeline Impacts for Citizen Developers
9:42
9:42
Play later
Play later
Lists
Like
Liked
9:42
Explore the evolution from traditional coding to vibe coding and its relationship with low-code/no-code (LCNC) platforms. This comprehensive analysis examines how AI-assisted development and visual programming tools are creating a new generation of citizen developers, transforming enterprise software development. We dive deep into the security impl…
…
continue reading
1
EP2152: Chill Chill Security - Play Claude Plugin of Visual Studio Code
11:13
11:13
Play later
Play later
Lists
Like
Liked
11:13
Sponsor by SEC Playground
…
continue reading
British and Romanian authorities make arrests in a major tax fraud scheme. The Interlock ransomware gang has a new RAT. A new vulnerability in Google Gemini for Workspace allows attackers to hide malicious instructions inside emails. Suspected Chinese hackers breach a major DC law firm. Multiple firmware vulnerabilities affect products from Taiwane…
…
continue reading
Researchers in Japan achieve a world record in data transmission speeds, Robin Sloan explains how an app can be a home-cooked meal, Windsurf founders Varun Mohan & Douglas Chen are headed to Google, new Intel CEO Lip-Bu Tan says it’s too late for the incumbent, Anton Zaides says stop forcing AI tools on your engineers, and Adrien Friggeri visualize…
…
continue reading
1
Australia’s AI future—trust, opportunity, and human rights with Prof Ed Santow
42:30
42:30
Play later
Play later
Lists
Like
Liked
42:30
In this episode of the Technology & Security podcast, Dr. Miah Hammond-Errey is joined by Professor Edward Santow, former Australian Human Rights Commissioner and co-director of the Human Technology Institute at UTS. The conversation is a candid exploration of Australia’s evolving AI landscape, diving into why Australians remain sceptical of AI des…
…
continue reading
1
Monzy Merza, How Much AI is Too Much, and the Weekly News - Monzy Merza - ESW #415
1:43:41
1:43:41
Play later
Play later
Lists
Like
Liked
1:43:41
Segment 1: Interview with Monzy Merza - There is a Right and Wrong Way to use AI in the SOC In the rush to score AI funding dollars, a lot of startups build a basic wrapper around existing generative AI services like those offered by OpenAI and Anthropic. As a result, these services are expensive, and don't satisfy many security operations teams' p…
…
continue reading
Why do people list to this podcast? Sure, they're looking for technical explorations of new libraries and ideas. But often it's to hear the story behind them. If that speaks to you, then I have the perfect episode lined up. I have Barry Warsaw, Paul Everitt, Carol Willing, and Brett Cannon all back on the show to share stories from the history of P…
…
continue reading
1
Lawfare Daily: The Trials of the Trump Administration, July 11
1:47:14
1:47:14
Play later
Play later
Lists
Like
Liked
1:47:14
In a live conversation on July 11, Lawfare Editor in Chief Benjamin Wittes sat down with Lawfare Senior Editors Scott Anderson, Anna Bower and Roger Parloff to discuss the Supreme Court’s ruling in Trump v. AFGE, which allows for the mass terminations of federal employees, what happened in the multiple hearings in the criminal and civil cases invol…
…
continue reading
1
SANS Stormcast Monday, July 14th, 2025: Suspect Domain Feed; Wing FTP Exploited; FortiWeb Exploited; NVIDIA GPU Rowhammer
6:53
6:53
Play later
Play later
Lists
Like
Liked
6:53
Experimental Suspicious Domain Feed Our new experimental suspicious domain feed uses various criteria to identify domains that may be used for phishing or other malicious purposes. https://isc.sans.edu/diary/Experimental%20Suspicious%20Domain%20Feed/32102 Wing FTP Server RCE Vulnerability Exploited CVE-2025-47812 Huntress saw active exploitation of…
…
continue reading
1
Lawfare Archive: Julian Mortenson on 'The Executive Power'
50:40
50:40
Play later
Play later
Lists
Like
Liked
50:40
From April 12, 2019: Julian Mortenson, Professor of Law at the University of Michigan, is the author of a remarkable new article entitled "Article II Vests Executive Power, Not the Royal Prerogative," forthcoming in the Columbia Law Review and available on SSRN. Recently, Benjamin Wittes spoke with the professor about the article, which Mortenson h…
…
continue reading
1
Lawfare Archive: Juliette Kayyem on the Baltimore Bridge Collapse and Crisis Management
41:56
41:56
Play later
Play later
Lists
Like
Liked
41:56
From April 9, 2024: In the early morning on March 26, a Singapore-flagged cargo ship crashed into Baltimore’s Francis Scott Key Bridge. The bridge collapsed, resulting in the death of six of the eight individuals conducting maintenance on the bridge. The incident has disrupted commuter traffic and the transport of hazardous materials, and it has ha…
…
continue reading
1
MK Palmore: Lead from where you stand. [CISO] [Career Notes]
9:10
9:10
Play later
Play later
Lists
Like
Liked
9:10
Please enjoy this encore of Career Notes. Director of Google Cloud's Office of the CISO, MK Palmore, dedicated much of his life to public service and now brings his experience working for the greater good to the private sector. A graduate of the US Naval Academy, including the Naval Academy Prep School that he calls the most impactful educational e…
…
continue reading
Today we are joined by Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, as she discusses their work on "Amatera Stealer - Rebranded ACR Stealer With Improved Evasion, Sophistication." Proofpoint researchers have identified Amatera Stealer, a rebranded and actively developed malware-as-a-service (Maa…
…
continue reading
1
Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet... - SWN #493
33:42
33:42
Play later
Play later
Lists
Like
Liked
33:42
Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-493
…
continue reading
Fortinet patches a critical flaw in its FortiWeb web application firewall. Hackers are exploiting a critical vulnerability in Wing FTP Server. U.S. Cyber Command’s fiscal 2026 budget includes a new AI project. Czechia’s cybersecurity agency has issued a formal warning about Chinese AI company DeepSeek. The DoNot APT group targets Italy’s Ministry o…
…
continue reading
1
Measuring the actual impact of AI coding (Friends)
1:03:39
1:03:39
Play later
Play later
Lists
Like
Liked
1:03:39
Abi Noda from DX is back to share some cold, hard data on just how productive AI coding tools are actually making developers. Teaser: the productivity increase isn’t as high as we expected. We also discuss Jevons paradox, AI agents as extensions of humans, which tools are winning in the enterprise, how development budgets are changing, and more. Jo…
…
continue reading
1
Lawfare Daily: Bribery and the Second Trump Administration with John Keller
58:43
58:43
Play later
Play later
Lists
Like
Liked
58:43
John Keller, now a partner at Walden, Macht, Haran, & Williams, channeled his experience as the former chief of the Public Integrity Section at the Department of Justice to talk about bribery with James Pearce, Lawfare Legal Fellow. After explaining the basics of bribery law and whether a current or former president could face a bribery prosecution…
…
continue reading
1
SANS Stormcast Friday, July 11th, 2025: SSH Tunnel; FortiWeb SQL Injection; Ruckus Unpatched Vuln; Missing Motherboard Patches;
5:48
5:48
Play later
Play later
Lists
Like
Liked
5:48
SSH Tunneling in Action: direct-tcp requests Attackers are compromising ssh servers to abuse them as relays. The attacker will configure port forwarding direct-tcp connections to forward traffic to a victim. In this particular case, the Yandex mail server was the primary victim of these attacks. https://isc.sans.edu/diary/SSH%20Tunneling%20in%20Act…
…
continue reading
1
Citrixbleed 2, Hardware Hacking, and Failed Bans - PSW #882
2:06:05
2:06:05
Play later
Play later
Lists
Like
Liked
2:06:05
This week in the security news: Citrixbleed 2 and so many failures Ruckus leads the way on how not to handle vulnerabilities When you have no egress Applocker bypass So you bought earbuds from TikTok More gadgets and the crazy radio Cheap drones and android apps Best Mario Kart controller ever VSCode: You're forked Bluetooth earbuds and vulnerabili…
…
continue reading
1
UL NO. 488: STANDARD EDITION | Google Granting Confusing Access to Gemini, A New Favorite Creator, Russia's new Autonomous Drones, Claude Code Madness and Neovim Config, and more...
30:11
30:11
Play later
Play later
Lists
Like
Liked
30:11
UL NO. 488: STANDARD EDITION | Google Granting Confusing Access to Gemini, A New Favorite Creator, Russia's new Autonomous Drones, Claude Code Madness and Neovim Config, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefit…
…
continue reading
UK police make multiple arrests in the retail cyberattack case. French authorities arrest a Russian basketball player at the request of the U.S. A German court declares open season on Meta’s tracking pixels. The European Union unveils new rules to regulate artificial intelligence. London’s Iran International news confirms cyberattacks from Banished…
…
continue reading
1
Lawfare Daily, Bonus Edition: Unpacking the July 7 Hearing for Kilmar Abrego Garcia
39:02
39:02
Play later
Play later
Lists
Like
Liked
39:02
On July 8, Lawfare Editor-in-Chief Benjamin Wittes sat down for a bonus edition of Lawfare Live with Lawfare Senior Editors Anna Bower and Roger Parloff to discuss Kilmar Abrego Garcia's July 7 hearing in federal court in Greenbelt, Maryland. To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also s…
…
continue reading
1
Lightspeed search built for devs (Interview)
1:38:30
1:38:30
Play later
Play later
Lists
Like
Liked
1:38:30
We talk with Don MacKinnon, Co-founder and CTO of Searchcraft—a lightspeed search engine built in Rust. We dig into the future of search, how it blends vector embeddings with classic ranking, and what it takes to build developer-friendly, production-grade search from the ground up. Join the discussion Changelog++ members save 6 minutes on this epis…
…
continue reading
1
Scaling Laws: Ethan Mollick: Navigating the Uncertainty of AI Development
1:06:21
1:06:21
Play later
Play later
Lists
Like
Liked
1:06:21
Ethan Mollick, Professor of Management and author of the “One Useful Thing” Substack, joins Kevin Frazier, the AI Innovation and Law Fellow at the University of Texas School of Law and a Senior Editor at Lawfare, and Alan Rozenshtein, Associate Professor at Minnesota Law and a Senior Editor at Lawfare, to analyze the latest research in AI adoption,…
…
continue reading
This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a ton of follow-up—from a sextortio…
…
continue reading
1
SANS Stormcast Thursday, July 10th, 2025: Internal CA with ACME; TapJacking on Android; Adobe Patches;
5:18
5:18
Play later
Play later
Lists
Like
Liked
5:18
Setting up Your Own Certificate Authority for Development: Why and How. Some tips on setting up your own internal certificate authority using the smallstep CA. https://isc.sans.edu/diary/Setting%20up%20Your%20Own%20Certificate%20Authority%20for%20Development%3A%20Why%20and%20How./32092 Animation-Driven Tapjacking on Android Attackers can use a clic…
…
continue reading
1
When AI Looks First: How Agentic Systems Are Reshaping Cybersecurity Operations | A Musing On the Future of Cybersecurity and Humanity with Sean Martin and TAPE3 | Read by TAPE3
4:32
4:32
Play later
Play later
Lists
Like
Liked
4:32
Before a power crew rolls out to check a transformer, sensors on the grid have often already flagged the problem. Before your smart dishwasher starts its cycle, it might wait for off-peak energy rates. And in the world of autonomous vehicles, lightweight systems constantly scan road conditions before a decision ever reaches the car’s central proces…
…
continue reading
Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and Canada. Hackers abuse a legitimate commercial evasion framework to pack…
…
continue reading
1
#178 Ted Neward, The Interview Industrial Complex, Part 2
36:16
36:16
Play later
Play later
Lists
Like
Liked
36:16
Summary Ted Neward tells me about his job search that started in 2022. Part 2 of a 2 parter. Details Cover letters. The interviews, "elite code" - nothing to do with real programming jobs. Selling elite tests and tutorials, memorizing code. Showing that you can code, live coding. Ageism; cost of developers. Emotional aspects of the job search; much…
…
continue reading
1
Rational Security: The “Game Changers” Edition
1:15:30
1:15:30
Play later
Play later
Lists
Like
Liked
1:15:30
This week, Scott sat down with fellow Senior Editors Molly Reynolds and Alan Rozenshtein to talk through the week’s big national security news, including: “One Bill to rule them all, One Bill to find them, One Bill to bring them all and in the darkness bind them.” Republicans in Congress narrowly enacted President Trump’s “One Big Beautiful Bill” l…
…
continue reading
1
Jacob Salassi - Developer Empathy: A Thoughtful Approach to Product Security
1:03:24
1:03:24
Play later
Play later
Lists
Like
Liked
1:03:24
Jacob Salassi, former Director of Product Security at Snowflake, joined this episode of The Security Champions Podcast to share insights from his experience leading security transformation at scale. This episode explores the role of empathy in driving security engagement and how security teams can better align with engineering workflows. Jacob disc…
…
continue reading
1
SolarWinds Settlement, Upgrade Your Leadership Instincts to Build Your Legacy - BSW #403
51:58
51:58
Play later
Play later
Lists
Like
Liked
51:58
SEC settles with SolarWinds. We react! In the leadership and communications section, The Skills and Habits Aspiring CEOs Need to Build, Why People Really Quit — And How Great Managers Make Them Want to Stay, The Small Actions That Become Your Legacy, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https:/…
…
continue reading
1
Lawfare Daily: The Double Black Box: Ashley Deeks on National Security AI
55:44
55:44
Play later
Play later
Lists
Like
Liked
55:44
Lawfare Senior Editor Alan Rozenshtein sits down with Ashley Deeks, the Class of 1948 Professor of Scholarly Research in Law at the University of Virginia School of Law, to discuss her new book, “The Double Black Box: National Security, Artificial Intelligence, and the Struggle for Democratic Accountability.” They talk about the core metaphor of th…
…
continue reading
51
SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack;
7:44
7:44
Play later
Play later
Lists
Like
Liked
7:44
Microsoft Patch Tuesday, July 2025 Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was disclosed before being patched, and none of the vulnerabilities have so far been e…
…
continue reading
1
Spying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland... - SWN #492
33:26
33:26
Play later
Play later
Lists
Like
Liked
33:26
Spying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-492
…
continue reading
Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. Beware of a new ransomware group called Bert. Call of Duty goes offlin…
…
continue reading
Sean Varga, current regional sales manager with noted ASPM company Cycode joins Ken (@cktricky) and Seth (@sethlaw) to discuss the dawning realization organizations are having that they need AppSec experience and tech help to accompany their swelling numbers of developers. Sean's introduces "the OWASP Top 10 for AppSec Sales" to the community Befor…
…
continue reading
1
AI in Red Teaming & Communicating with Leadership with Amélie Koran
40:41
40:41
Play later
Play later
Lists
Like
Liked
40:41
In this episode of Simply Offensive, Phillip Wylie interviews Amélie Koran, a seasoned expert in offensive security and AI red teaming. They discuss the evolution of red teaming, the challenges and opportunities presented by AI in security, and the importance of human expertise in navigating the complexities of cybersecurity. The conversation also …
…
continue reading
1
Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338
1:07:15
1:07:15
Play later
Play later
Lists
Like
Liked
1:07:15
Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is e…
…
continue reading
51
Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338
1:07:15
1:07:15
Play later
Play later
Lists
Like
Liked
1:07:15
Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is e…
…
continue reading
1
Checking in on the State of Appsec in 2025 - Sandy Carielli, Janet Worthington - ASW #338
1:07:15
1:07:15
Play later
Play later
Lists
Like
Liked
1:07:15
Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is e…
…
continue reading
1
Lawfare Daily: Michael Feinberg on Leaving the FBI
53:22
53:22
Play later
Play later
Lists
Like
Liked
53:22
Until late May, Michael Feinberg was a senior FBI counterintelligence agent focused on China. All that changed one weekend, when the Deputy FBI Director found out that he was still friends with a former FBI official who had been fired years ago. In his first interview following his essay, “Goodbye to All That,” in Lawfare last week. Feinberg sat do…
…
continue reading
